Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
exit
int f0/1
zone-member security INOUT
ip http server
PC Multicast
============
1. ip multicast-r and ip pi aut li
all the devices the below command need to be apply
1. ip multicast-r
Page 3
Final TS5 ticket solution
ip pi aut li
under the connected interface
need to be configure ip pi sparse-m
sh run | s msdp|rp|boundary|mroute
sh ip pi nei
sh ip pi rp map
SW2
===
1. autorp and pim sparse-mode is missing
R5
===
1. pim rp-discovery and rp-announce interface is mismatch
2. msdp peer configuration is mismatch
3. mroute been configured
4. autorp listener command is missing
R13
===
1. boundary with access list configured
2. ip auto li and ip pi sparse-m not there
R23
===
1. RP discovery and Rp announce is mismatch
2. msdp peering mismatch
3. dr priotiy should be ther in the serial interface towards FR switch
R24
===
1. ip pim nbma mode must be there under the serial interface
R28
===
1. ip multicast-r and ip pi aut li, ip pi sparse-m
IGP
===
R2 and R3
==========
1. R1 neighbor shutdown command need to be removed and it should be activate
2. aggregate address summary for 10networks need to removed and add without summary
3. redistr os with metric
4. default information originate always should be ther under os domain
R13
===
Page 4
Final TS5 ticket solution
1. lo4 and lo10 should be shut
R4
===
1. static route need to manupulated AD value into 255
2. sh ip os int b ---it will show the cost --if cost value increased
put under the interface "no band and no ip os cost"
R5
===
1. static route need to manupulated AD value into 255
2. sh ip os int b ---it will show the cost --if cost value increased
put under the interface "no band and no ip os cost"
3. route-map need to be deleted to map to null 0
SW1
===
1.under the ospf process
1.1 max-lsa --made it as warning-only
1.2 need to be remove passive interface
1.3 access-list configured for default network
2.IP address/subneet of vl 11 mismatch
3.ip os network and authentication of both interface facing on R4 and R5
4.if question ask to load sharing the packet
1. int vl 11
ip route-cache cef
in fa0/1---facing on R4
ip route-cache
ip load-sharing per-packet
in fa1/1---facing on R5
ip route-cache
ip load-sharing per-packet
R17
R19
1) under router bgp 65001
neighbor 100.4.4.4 password cisco
2) and in address-family ipv4
neighbor 100.4.4.4 next-hop-self
3)ip as-path access-list 100 permit ^$ becoz of this only advertised
ip as-path access-list 100 permit .*
R4
R5
1) router bgp 65001
address-family ipv4
no sync
2) router bgp 65001
address-family ipv4
neighbor 100.12.12.12
3) policy-map ABC
class R125
no drop
4) router bgp 65001
address-family ipv4
neighbor 100.4.4.4 activate
R12
1) router bgp 65001
address-family ipv4
no neighbor 100.4.4.4 activate
2) route-map ASPATH permit 10
match as-path 100
no set community no-advertise
3) router bgp 65001
address-family ipv4
neighbor 100.5.5.5 next-hop-self
R20
1) router eigrp 333
no auto-summary
2) route-map permit 20 required
SW4
1) router eigrp 333
no auto-summary
ticket3
IPV6
R18
2) ipv6 access-list DENY
deny ipv6 any any ****permit ipv6 any any****
3) ipv6 router ospf 1
no passive-interface Ethernet0/0
4) int e0/0
no ipv6 nd suppress-ra
5) int e0/1
ipv6 ospf 1 area 1
R11
interface Tunnel1
ip address 113.0.0.1 255.255.255.252
ipv6 address 2001:CC1E:ABCD:113::11/64
ipv6 ospf 1 area 0
1)tunnel source loopback 0 ****add this***
2)tunnel destination 100.13.13.13 ****add this***
3)tunnel mode ipv6ip ****add this***
4)NO tunnel mode mpls traffic-eng ****remove this and this will also remove "no
routing dynamic"***
no routing dynamic
R5
1)access-list 113 permit 41 any any ***PERMIT
2)access-list 113 permit gre any any ****PERMIT
access-list 113 permit ip any any
R13
interface Tunnel1
ip address 113.0.0.2 255.255.255.252
ipv6 address 2001:CC1E:ABCD:113::13/64
tunnel source loopbak0 ****add this***
tunnel destination 100.11.11.11
tunnel mode ipv6ip ****add this***
NO tunnel mode mpls traffic-eng ****remove this and this will also remove "no
routing dynamic"***
no routing dynamic
ipv6 ospf 1 area 0 ****add this***
R23
NO ipv6 route 2001:CC1E:ABCD:300::/64 Null0 ****remove this
int s1/0
frame-relay map ipv6 FE80::24 234
R24
map-class frame-relay frts
frame-relay end-to-end keepalive mode request //****change it to passive-reply/
R28
interface Ethernet0/0
ipv6 address 2001:CC1E:ABCD:300:10:10:2:28/64
no ipv6 autoconfig default ***remove this***
ipv6 ospf 1 area 0 ***add this***
DNS
R20
ip domain lookup
R21
class-map type inspect match-all INOUT ****match-any*****
R22
policy-map DNS
class BLOCK
drop ****no drop****
/////interface Serial0/1
no ip address
encapsulation ppp
serial restart-delay 0
ppp multilink
ppp multilink group 100 *****change group to 1
!
interface Serial0/2
no ip address
encapsulation ppp
serial restart-delay 0
ppp multilink
ppp multilink group 1
!/////////
1) int s0/1
R25(config-if)#no ppp multilink group 100
R25(config-if)#ppp multilink group 1
R26
///interface Multilink1
ip unnumbered Loopback0
ip mtu 1400 *****rmove this****
ip nat outside
no ip virtual-reassembly
ipv6 address 2001:CC1E:ABCD:200:10:10:2:26/64
ipv6 ospf 1 area 0
ppp authentication chap
ppp chap hostname ccleR25 *****change it to ccleR26
ppp chap password 0 cisc0 *****change it to cisco
ppp multilink
ppp multilink fragment
ppp multilink links minimum 1
ppp multilink group 1////
/////interface Serial1/0
no ip address
encapsulation ppp
serial restart-delay 0
no fair-queue
ppp multilink//////
//////interface Serial1/1
no ip address
encapsulation ppp
serial restart-delay 0
ppp multilink
ppp multilink group 1//////
!
interface Serial1/0
ip address 172.16.14.25 255.255.255.248
ip hello-interval eigrp 200 5
ip hold-time eigrp 200 15
ip authentication mode eigrp 200 md5
ip authentication key-chain eigrp 200 ccie
encapsulation frame-relay
serial restart-delay 0
clock rate 64000
frame-relay map ip 172.16.14.26 345 broadcast
R25
interface Serial0/0
ip address 172.16.14.26 255.255.255.248
ip hello-interval eigrp 200 5
ip hold-time eigrp 200 15
ip authentication mode eigrp 200 md5 ****ADD THIS
ip authentication key-chain eigrp 200 ccie ****ADD THIS
encapsulation frame-relay
ip policy route-map PPP
serial restart-delay 0
clock rate 64000
frame-relay map ip 172.16.14.25 354 broadcast
username R29 password 0 c1sco ****remove this & change the username & password to
R25 & cisco
interface Serial1/0
no ip address *****add ip address
ip address 1.1.100.1 255.255.255.252
encapsulation ppp
serial restart-delay 0
clock rate 64000
ppp authentication pap *****change it to chap
ppp chap hostname R29 *****change it to R25
ppp chap password 0 cisco
!
access-list 124 permit ip any 192.0.0.0 0.255.255.255
!
route-map PPP permit 10
match ip address 124
set interface Null0 *****remove this
!
router rip *****add the whole rip process
version 2
network 1.0.0.0
no auto-summary
redistribute eigrp 200 metric 5
R29
username R25 password 0 c1sco ****remove this & change the username & password to
R25 & cisco
interface Serial2/0
ip address 1.1.100.2 255.255.255.252
encapsulation ppp
serial restart-delay 0
clock rate 64000
ppp authentication chap
ppp chap hostname R25 *****change it to R29
ppp chap password 0 cisco
router rip
version 1 *****change it to version 2
network 1.0.0.0
network 192.168.20.0
no auto-summary
!
enable password cisco *****required for telnet from r25
TICKET 6
Problem's and Solution:
R25
Problem:
class-map match-any MISSIONCRITICAL
match ip precedence 6 7
match access-group 25
class-map match-all voice
match ip precedence 5
match ip precedence 4
!
!
policy-map POLICY
class voice
priority percent 12
class MISSIONCRITICAL
bandwidth percent 30
interface Serial0/0
ip address 10.10.10.11 255.255.255.248
encapsulation frame-relay
frame-relay class frts
exit
map-class frame-relay frts
frame-relay end-to-end keepalive mode bidirectional
frame-relay cir 1000
frame-relay bc 8000
Solution:
R25#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R25(config)#class-map match-all MISSIONCRITICAL // Since output says match-all
R25(config-cmap)#exit
R25(config)#class-map match-any voice // Since output says match-any
R25(config-cmap)#no match ip precedence 4 // Only to match second output, Avoid it
if you are
asked to match first output
R25(config-cmap)#exit
R25(config)#policy-map POLICY
R25(config-pmap)# class voice
R25(config-pmap-c)# priority percent 25 // Since output says Bandwidth:25%
R25(config-pmap-c)# exit
R25(config-pmap)# class MISSIONCRITICAL
R25(config-pmap-c)# priority percent 30 // Since output says Bandwidth:30%
R25(config-pmap-c)# exit
R25(config)#interface Serial0/0
R25(config-if)#frame-relay traffic-shaping // Make sure this is applied
R25(config-if)# frame-relay class frts // Make sure this is applied
R25(config-if)# exit
R25#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R25(config)#map-class frame-relay frts
R25(config-map-class)# frame-relay end-to-end keepalive mode passive-reply //
Change to passive-reply
R25(config-map-class)# frame-relay cir 100000 or 96000 // Change as per the output
R25(config-map-class # frame-relay bc 8000 // Change as per the output
R25(config-map-class)#service-policy output POLICY //You woon't get the output on
R25 if this is not applied
CCIERNSLABS.COM ---> TS V5.6<---- 25th-February-14
New Fault's as on 10th November 2013
On R25
Problem:
1) Match the output
Solution:
class-map match-any MISSIONCRITICAL ( Manipulate match-any or match-all as per the
Output )
match ip precedence 6 7
match access-group 25
class-map match-any voice ( Manipulate match-any or match-all as per the Output )
match ip precedence 5
match ip precedence 4 ( Manipulate as per the Output )
match access-group 125 ( Manipulate as per the Output and create ACL entries )
match ip dscp ef ( Manipulate as per the Output ) OR
match ip precendence ef ( Manipulate as per the Output )
access-list 125 permit ip any any dscp ef // Remove This
access-list 125 permit ip any any dscp cs5 // Add This
-----------------------------------------------------------------------------------
----
CCIERNSLABS.COM ---> TS V5.6<---- 25th-February-14
On R25
Problem:
2) If ping ask's from R27 to R28 ,then make sure that OSPF neighborship between R25
and R24 is up
interface Serial0/0
ip address 10.10.10.11 255.255.255.248
frame-relay map ip 10.10.10.9 253 broadcast
frame-relay map ip 10.10.10.10 254 broadcast // This command could be Missing or
broadcast might
be missing
Solution:
interface Serial0/0
ip address 10.10.10.11 255.255.255.248
frame-relay map ip 10.10.10.9 253 broadcast
frame-relay map ip 10.10.10.10 254 broadcast
CCIERNSLABS.COM ---> TS V5.6<---- 25th-February-14
New Fault's as on 25th February 2014
On R25
Problem:
class-map match-any voice
match ip precedence 5
match ip precedence 4
match access-group 125
access-list 125 permit ip any any dscp ef
Solution:
access-list 125 permit ip any any dscp cs5 // Add this.