CCIE Pursuit Blog

January 1, 2008

Internetwork Expert Volume III: Lab 3 – Section 4 Part 1

4 Interior Gateway Routing

4.1 RIPv2

Very simple task.  Luckily they didn’t ask for a minimal configuration:

My answer:
router rip
 version 2
 passive-interface default
 no passive-interface FastEthernet0/0
 no passive-interface FastEthernet0/1
 no passive-interface Serial0/1
 network 10.0.0.0
 network 190.1.0.0
 network 204.12.1.0
 no auto-summary

IE’s answer:
router rip
 version 2
 passive-interface Serial0/0 <-much simpler  🙂
 network 10.0.0.0
 network 190.1.0.0
 network 204.12.1.0
 no auto-summary

4.2 RIPv3

“Allow r4 and r5 to send/receive RIP updates between each other across the Serial connection by disabling the validation of RIP updates.”

Remember that the r4 and r5 s1/0 are in different IP subnets.  The wording of the task gives you a huge clue.

validate-update-source

r4(config)#router rip
r4(config-router)#no validate-update-source

Now you’ll see r4’s RIP advertised networks on r5:

r5#clear ip route *
r5#sh ip route rip
R    204.12.1.0/24 [120/1] via 10.4.4.4, 00:00:03
     190.1.0.0/24 is subnetted, 5 subnets
R       190.1.34.0 [120/1] via 10.4.4.4, 00:00:03
R       190.1.4.0 [120/1] via 10.4.4.4, 00:00:03

4.3 RIPv2 Metric Manipulation

“Configure an inbound offset-list on r4so the RIP routes learned from BB3 appear in r5’s routering table with a hop count of 15.”  

This task illustrates one of the differences between the Volume II and Volume III labs: you are more likely to see tasks in the Volume III labs that explicitly tell what feature to use in order to accomplish a task.

offset-list (RIP)

I decided to just offset ALL of the RIP routes coming in fa0/0 rather than configure an explicit ACL.  You can do this by using ACL 0 in your offset-list: 

r4(config-router)#offset-list 0 in 14 fa0/0

This tells the router to add 14 to the hop count of all  RIP routes inbound on interface fa0/0 (to BB3):

r4#sh ip route rip
     31.0.0.0/16 is subnetted, 4 subnets
R       31.3.0.0 [120/15] via 204.12.1.254, 00:00:01, FastEthernet0/0
R       31.2.0.0 [120/15] via 204.12.1.254, 00:00:01, FastEthernet0/0
R       31.1.0.0 [120/15] via 204.12.1.254, 00:00:01, FastEthernet0/0
R       31.0.0.0 [120/15] via 204.12.1.254, 00:00:01, FastEthernet0/0
     30.0.0.0/16 is subnetted, 4 subnets
R       30.2.0.0 [120/15] via 204.12.1.254, 00:00:01, FastEthernet0/0
R       30.3.0.0 [120/15] via 204.12.1.254, 00:00:01, FastEthernet0/0
R       30.0.0.0 [120/15] via 204.12.1.254, 00:00:01, FastEthernet0/0
R       30.1.0.0 [120/15] via 204.12.1.254, 00:00:01, FastEthernet0/0

I was confused when I saw the IE answer:

offset-list 0 in 13 fa0/0

I have no idea why they used 13?

SHIT!!!! YES I DO.  A quick reread the question shows how I lost some easy points by not reading the question carefully:

“Configure an inbound offset-list on r4 so the RIP routes learned from BB3 appear in r5’s router table with a hop count of 15.”

My “solution” not only lost me some easy points, but it also effectively filtered all of the BB3 routes from r5 because they now have a hop-count of 16 on r5 so they are not installed:

r5#sh ip route rip
R    204.12.1.0/24 [120/1] via 10.4.4.4, 00:00:22
     190.1.0.0/24 is subnetted, 5 subnets
R       190.1.34.0 [120/1] via 10.4.4.4, 00:00:22
R       190.1.4.0 [120/1] via 10.4.4.4, 00:00:22

After a quick change:

r4(config)#router rip
r4(config-router)#offset-list 0 in 13 fa0/0  

r5#sh ip route rip
—output truncated—
R       31.3.0.0 [120/15] via 10.4.4.4, 00:00:09
R       31.2.0.0 [120/15] via 10.4.4.4, 00:00:09
R       31.1.0.0 [120/15] via 10.4.4.4, 00:00:09
R       31.0.0.0 [120/15] via 10.4.4.4, 00:00:09
     30.0.0.0/16 is subnetted, 4 subnets
R       30.2.0.0 [120/15] via 10.4.4.4, 00:00:09
R       30.3.0.0 [120/15] via 10.4.4.4, 00:00:09
R       30.0.0.0 [120/15] via 10.4.4.4, 00:00:09
R       30.1.0.0 [120/15] via 10.4.4.4, 00:00:09

4.4 OSPF

Easy OSPF task.  You need to peer r1, r3, and r5 across Frame Relay.  r5 must be the DR and you are not allowed to change the OSPF network type.  You’ll need your old friend, the ‘neighbor’ command to change your OSPF traffic to unicast to get around the default NON_BROADCAST network type.

neighbor (OSPF)

NOTE: Looking at the protocol topology, I don’t see an OSPF area 0. ????

4.5 OSPF

Here’s where that missing area 0 comes back to bite me in the ass.  You are asked to configure two more non-zero areas and then:

“Without regard to network redundancy, use the minimal number of virtual links needed to support this OSPF domain.”

I’m lost.  I thought that you needed to have an area 0.  I have 3 areas: 17, 34, and 135.

I guess that the minimum number of links is one.  We just need to connect r1 (area 17) to r3 (area 35) through area 135.  I am missing a fundamental understanding of OSPF concerning virtual-links and area 0.  I’ll need to hit the books. [It turns out that my understanding was correct, but my lab strategy was flawed…see next task.]

I also changed the OSPF network type on r3 and r4’s Frame Relay interfaces to broadcast to establish an adjacency.  IE used the neighbor command.  Both methods work.

4.6 OSPF Loopback Advertisement

LESSON LEARNED!!!  READ THE ENTIRE LAB.

Well, now I know where to find area 0.  I am tasked with advertising a loopback into area 0 in this task. This makes 4.5 make sense and it makes the virtual link come up.

4.7 OSPF Loopback Advertisement

Advertise another loopback in to OSPF and advertise it with a /24 mask.  Then:

“This subnet should not be associated with any particular area.”

There are two ways to accomplish this, but I only remember one.  🙂

Redistributing Loopback 0 into OSPF will accomplish this task.  I need to keep this in mind when it comes time to do IGP redistribution.

r4(config)#route-map LOOP->OSPF permit
r4(config-route-map)#match int lo0
r4(config-route-map)#router os 100
r4(config-router)#redist conn sub route-map LOOP->OSPF tag 41

r3#sh ip route os | i E
O E2    150.1.4.0/24 [110/20] via 190.1.34.4, 00:01:17, Serial0/1:0

4.8 OSPF Loopback Advertisement

This task switches up the previous task.  This time you need to advertise a loopback with a /24 but it needs to be associated with an area (area not specified) and you cannot use “ip ospf network point-to-point” for this task.

This can be accomplished with the “area range” command.

area range

r3(config-router)#area 3 range 150.1.3.0 255.255.255.0 advertise

r5#sh ip route os | i 150.1.3.0
O IA    150.1.3.0 [110/65] via 190.1.135.3, 00:00:51, Serial0/0.1

r5#sh ip route 150.1.3.3
Routing entry for 150.1.3.0/24
  Known via “ospf 100”, distance 110, metric 65, type inter area
  Last update from 190.1.135.3 on Serial0/0.1, 00:00:54 ago
  Routing Descriptor Blocks:
  * 190.1.135.3, from 150.1.3.3, 00:00:54 ago, via Serial0/0.1
      Route metric is 65, traffic share count is 1

4.9 OSPF Loopback Advertisement

Another variation on a theme: Advertise a loopback into OSPF.  It should appear in all other OSPF routers with a /24 mask.  It should not be associated with any area.  Don’t use ‘redistribute connected’ to do this.

I’m out of ideas.  Maybe a summary route?  Tried it – didn’t work.

The answer is pretty ingenious:

1) Advertise lo0 into RIP
2) Match lo0 in a route-map
2) Redistribute only the lo0 RIP network into OSPF using the route-map

r3#sh ip route 150.1.5.5
Routing entry for 150.1.5.0/24
  Known via “ospf 100“, distance 110, metric 20, type extern 2, forward metric 65
  Last update from 190.1.135.5 on Serial0/0:0.1, 00:00:09 ago
  Routing Descriptor Blocks:
  * 190.1.135.5, from 150.1.5.5, 00:00:09 ago, via Serial0/0:0.1
      Route metric is 20, traffic share count is 1

On the actual lab, I would have simply matched the loopback in a route-map and redistributed connected (with route-map) into OSPF.  I would have lost the points for this task, but OSPF would still have the route with a /24 mask and not associated with any area.

4.10 EIGRP

Easy EIGRP task.  IE solution guide is missing the sw3 configuration.

4.11 EIGRP

Easy EIGRP authentication task.  You need to establish a neighbor relationship with BB1.  The only thing missing is whether you need to use md5 or not (you do).  I honestly don’t think that non-md5 EIGRP authentication is an option anymore, but I will need to research that.

4.12 EIGRP Summarization

Advertise some routers’ loopbacks into EIGRP but have them appear to other routers with a /23 mask rather than a /24 mask.

You need to do route summarization.  Remember that in EIGRP that this is done under the interface that the route will go out:

r2(config-if)#ip summary-address ?
  eigrp  Enhanced Interior Gateway Routing Protocol (EIGRP)
  rip    Routing Information Protocol (RIP)

ip summary-address eigrp

/23 = 255.255.254.0

Need to be careful with sw3 (150.1.9.9)

00001001 with /23 mask will be 150.1.8.0/23

Should I leak the actual loopback IP?  Will this fuck up my router-id?

Interesting:  IOS will change your summary-address statement for you:

sw3(config)#int vlan 2569
sw3(config-if)#ip summary-address eigrp 10 150.1.9.0 255.255.254.0
sw3(config-if)#do sh run int vlan 2569
interface Vlan2569
 ip address 190.1.0.9 255.255.255.0
 ip summary-address eigrp 10 150.1.8.0 255.255.254.0 5

 r5#sh ip route 150.1.2.2 | i Routing entry|Known
Routing entry for 150.1.2.0/23
  Known via “eigrp 10”, distance 90, metric 156160, type internal

r5#sh ip route 150.1.6.6 | i Routing entry|Known
Routing entry for 150.1.6.0/23
  Known via “eigrp 10”, distance 90, metric 156160, type internal

r5#sh ip route 150.1.9.9 | i Routing entry|Known
Routing entry for 150.1.8.0/23  <-note the third octet
  Known via “eigrp 10”, distance 90, metric 156160, type internal

IE solution guide shows 150.1.8.0 255.255.255.

Advertisements

Leave a Comment »

No comments yet.

RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Blog at WordPress.com.

%d bloggers like this: