1.

SW1,SW2

conf t

vtp domain CCIE

vtp vesion 2
vtp mode transparent
vtp password CCIErock?

SW3

conf t

vtp domain CCIE

vtp vesion 2
vtp mode server
vtp password CCIErock?
mac-address-table aging-time 10800

SW4

conf t

vtp domain CCIE

vtp vesion 2
vtp mode client
vtp password CCIErock?
mac-address-table aging-time 10800

-------------------------------------------------------------------------

1.2

SW1,SW2

conf t

vlan 14,15,23,24,35,46,57,67,999

SW1,SW2

conf t

interface range ethernet0/0-3 , ethernet1/0-3

switchport mode access
no shutdown
!
interface range ethernet3/0-3
switchport mode access
switchport access vlan 999
shutdown

SW1

conf t

interface ethernet0/0
switchport access vlan 15
!
interface ethernet0/1
switchport access vlan 23
!
interface ethernet0/2
switchport access vlan 23
!
interface ethernet0/3
switchport access vlan 24
!
interface ethernet1/0
switchport access vlan 14
!
interface ethernet1/1
switchport access vlan 15
!
interface ethernet1/2
switchport access vlan 67
!
interface ethernet1/3
switchport access vlan 67

SW2

conf t

interface ethernet0/0
switchport access vlan 14
!
interface ethernet0/1
switchport access vlan 24
!
interface ethernet0/2
switchport access vlan 35
!
interface ethernet0/3
switchport access vlan 46
!
interface ethernet1/0
switchport access vlan 35
!
interface ethernet1/1
switchport access vlan 57
!
interface ethernet1/2
switchport access vlan 46
!
interface ethernet1/3
switchport access vlan 57

SW3

conf t

vlan 34,38,49,89,111,310,411,999

SW3,SW4
conf t

interface range ethernet0/0-3

switchport mode access
no shutdown
!
interface range ethernet1/0-3 , ethernet3/0-3
switchport mode access
switchport access vlan 999
shutdown

SW3

conf t

interface ethernet0/0
switchport access vlan 89
!
interface ethernet0/1
switchport access vlan 49
!
interface ethernet0/2
switchport access vlan 111
!
interface ethernet0/3
switchport access vlan 411

SW4

conf t

interface ethernet0/0
switchport access vlan 38
!
interface ethernet0/1
switchport access vlan 89
!
interface ethernet0/2
switchport access vlan 310
!
interface ethernet0/3
switchport access vlan 111

SW1-SW4

conf t

interface range ethernet2/0-3

switchport trunk encapsulation dot1q
switchport mode trunk
no shutdown

-------------------------------------------------------------------------

1.3

SW1,SW2

conf t
sapnning-tree mode mst
spanning-tree mst configuration
revision 1
instance 1 vlan 1,15,23,35,57,67,999
intsnace 2 vlan 14,24,46
spanning-tree portfast bpduguard default
spanning-tree portfast default

SW3,SW4

conf t

sapnning-tree mode mst

spanning-tree mst configuration
revision 1
instance 1 vlan 1,49,89,111,411,999
intsnace 2 vlan 34,38,310
spanning-tree portfast bpduguard default
spanning-tree portfast default

SW1,SW3

conf t

spanning-tree mst 1 priority 0

spanning-tree mst 2 priority 4096

SW2,SW4

conf t

spanning-tree mst 2 priority 0

spanning-tree mst 1 priority 4096

-------------------------------------------------------------------------

1.4

R18

conf t

interface serial4/0
encapsulation ppp
ppp chap hostname ACME-R18
ppp chap password CCIE
no shutdown

R19

conf t

interface serial4/0
encapsulation ppp
ppp chap hostname ACME-R19
ppp chap password CCIE
no shutdown
-------------------------------------------------------------------------

2.1

R1

conf t

router ospf 12345

router-id 123.1.1.1
network 123.0.0.0 0.255.255.255 area 0
max/metric router-lsa
R2

conf t

router ospf 12345

router-id 123.2.2.2
network 123.0.0.0 0.255.255.255 area 0

R3

conf t

router ospf 12345

router-id 123.3.3.3
network 123.0.0.0 0.255.255.255 area 0

R4

conf t

router ospf 12345

router-id 123.4.4.4
network 123.0.0.0 0.255.255.255 area 0

R5

conf t

router ospf 12345

router-id 123.5.5.5
network 123.0.0.0 0.255.255.255 area 0

R6

conf t

router ospf 12345

router-id 123.6.6.6
network 123.0.0.0 0.255.255.255 area 0

R7

conf t

router ospf 12345

router-id 123.7.7.7
network 123.0.0.0 0.255.255.255 area 0
-------------------------------------------------------------------------

2.2

R8-R11/SW3/SW4

conf t

router eigrp 34567

network 123.0.0.0 0.255.255.255

SW3,SW4

conf t

interface vlan34
delay 100

-------------------------------------------------------------------------

2.3

SW5

conf t

vlan 5
vlan 55
!
interface vlan 5
no shutdown
!
interface vlan 55
no shutdown

SW6

conf t

vlan 6
vlan 66
!
interface vlan 6
no shutdown
!
interface vlan 66
no shutdown

R15-R17/SW3,SW4

conf t

router eigrp CCIE

address-family ipv4 unicast autonomous-system 45678
network 123.0.0.0 0.255.225.255

R15-R17
conf t

key chain CCIE

key 1
key-string cisco
!
router eigrp CCIE
address-family ipv4 unicast autonomous-system 45678
!
af-interface ethernet0/1
authentication mode hmac-sha-256 cisco
authentication key-chain CCIE
exit-af-interface
!
af-interface ethernet0/2
authentication mode hmac-sha-256 cisco
authentication key-chain CCIE
exit-af-interface

SW5

conf t

key chain CCIE

key 1
key-string cisco
!
router eigrp CCIE
address-family ipv4 unicast autonomous-system 45678
!
af-interface vlan55
authentication mode hmac-sha-256 cisco
authentication key-chain CCIE
exit-af-interface

SW6

conf t

key chain CCIE

key 1
key-string cisco
!
router eigrp CCIE
address-family ipv4 unicast autonomous-system 45678
!
af-interface vlan66
authentication mode hmac-sha-256 cisco
authentication key-chain CCIE
exit-af-interface

-------------------------------------------------------------------------

2.4

R16

conf t
ip vrf LOCALSP
rd 16:16
!
interface ethernet0/0
ip vrf forwarding LOCALSP
ip address 203.3.16.2 255.255.255.252
!
router bgp 45678
bgp router-id 123.16.16.16
no bgp default-ipv4
!
address-fmily ipv4 vrf LOCALSP
neighbor 203.3.16.1 remote-as 20003
neighbor 203.3.16.1 update-source loopback0
neighbor 203.3.16.1 activate

R17

conf t

ip vrf LOCALSP
rd 17:17
!
interface ethernet0/0
ip vrf forwarding LOCALSP
ip address 203.3.17.2 255.255.255.252
!
router bgp 45678
bgp router-id 123.17.17.17
no bgp default-ipv4
!
address-fmily ipv4 vrf LOCALSP
neighbor 203.3.17.1 remote-as 20003
neighbor 203.3.17.1 update-source loopback0
neighbor 203.3.17.1 activate
!
router eigrp CCIE
address-family ipv4 unicast autonomous-system 45678
network 10.18.19.1 0.0.0.0
!
af-interface tunnel0
no split-horizon

R18

conf t

ip vrf LOCALSP
rd 18:18
!
interface serial4/0
ip vrf forwarding LOCALSP
ip address 203.3.18.2 255.255.255.252
!
router bgp 65222
bgp router-id 123.18.18.18
no bgp default-ipv4
!
address-fmily ipv4 vrf LOCALSP
neighbor 203.3.18.1 remote-as 20003
neighbor 203.3.18.1 update-source loopback0
neighbor 203.3.18.1 activate

R19

conf t

ip vrf LOCALSP
rd 19:19
!
interface serial4/0
ip vrf forwarding LOCALSP
ip address 203.3.19.2 255.255.255.252
!
router bgp 65222
bgp router-id 123.19.19.19
no bgp default-ipv4
!
address-fmily ipv4 vrf LOCALSP
neighbor 203.3.19.1 remote-as 20003
neighbor 203.3.19.1 update-source loopback0
neighbor 203.3.19.1 activate

R18

conf t

router eigrp 45678

network 10.2.18.0 0.0.0.255
network 10.18.19.18 0.0.0.0
network 123.18.18.18 0.0.0.0
eigrp stub

R19

conf t

router eigrp 45678

network 10.2.19.0 0.0.0.255
network 10.18.19.19 0.0.0.0
network 123.19.19.19 0.0.0.0
eigrp stub

-------------------------------------------------------------------------

2.5

R1

conf t

router bgp 12345

bgp router-id 123.1.1.1
no bgp default ipv4-unicast
neighbro IBGP peer-group
neighbor IBGP remote-as 12345
neighbor IBGP update-source loopback0
neighbor 123.2.2.2 peer-group IBGP
neighbor 123.3.3.3 peer-group IBGP
neighbor 123.6.6.6 peer-group IBGP
neighbor 123.7.7.7 peer-group IBGP
!
address-famili ipv4
neighbor IBGP route-reflector-client
neighbor 123.2.2.2 activate
neighbor 123.3.3.3 activate
neighbor 123.6.6.6 activate
neighbor 123.7.7.7 activate
exit-address-family

R2

conf t

router bgp 12345

bgp router-id 123.2.2.2
no bgp default ipv4-unicast
neighbor 123.1.1.1 remote-as 12345
neighbor 123.1.1.1 update-source loopback0
!
address-famili ipv4
neighbor 123.1.1.1 activate
exit-address-family

R3

conf t

router bgp 12345

bgp router-id 123.3.3.3
no bgp default ipv4-unicast
neighbor 123.1.1.1 remote-as 12345
neighbor 123.1.1.1 update-source loopback0
!
address-famili ipv4
neighbor 123.1.1.1 activate
exit-address-family

R6

conf t

router bgp 12345

bgp router-id 123.6.6.6
no bgp default ipv4-unicast
neighbor 123.1.1.1 remote-as 12345
neighbor 123.1.1.1 update-source loopback0
!
address-famili ipv4
neighbor 123.1.1.1 activate
exit-address-family

R7

conf t
router bgp 12345
bgp router-id 123.7.7.7
no bgp default ipv4-unicast
neighbor 123.1.1.1 remote-as 12345
neighbor 123.1.1.1 update-source loopback0
!
address-famili ipv4
neighbor 123.1.1.1 activate
exit-address-family

R20

conf t

router bgp 65112

bgp router-id 123.20.20.20

neighbor 10.120.0.12.1 remote-as 12345

neighbor 10.120.0.12.5 remote-as 12345
neighbor 10.120.0.13.1 remote-as 12345
neighbor 10.120.0.13.5 remote-as 12345
neighbor 10.120.0.14.1 remote-as 12345
neighbor 10.120.0.14.5 remote-as 12345
neighbor 10.120.0.15.1 remote-as 12345
neighbor 10.120.0.15.5 remote-as 12345
neighbor 10.120.0.99.1 remote-as 12345
neighbor 10.120.0.99.5 remote-as 12345
!
address-family ipv4
neighbor 10.120.0.12.1 activate
neighbor 10.120.0.12.1 default-originate
neighbor 10.120.0.12.5 activate
neighbor 10.120.0.12.5 default-originate
neighbor 10.120.0.13.1 activate
neighbor 10.120.0.13.1 default-originate
neighbor 10.120.0.13.5 activate
neighbor 10.120.0.13.5 default-originate
neighbor 10.120.0.14.1 activate
neighbor 10.120.0.14.1 default-originate
neighbor 10.120.0.14.5 activate
neighbor 10.120.0.14.5 default-originate
neighbor 10.120.0.15.1 activate
neighbor 10.120.0.15.1 default-originate
neighbor 10.120.0.15.5 activate
neighbor 10.120.0.15.5 default-originate
neighbor 10.120.0.99.1 activate
neighbor 10.120.0.99.5 activate
network 123.20.20.20 mask 255.255.255.255
aggregate-address 10.0.0.0 255.0.0.0 summary-only
aggregate-address 123.0.0.0 255.0.0.0 summary-only
!
interface eth0/0
ip address 10.1.20.125 255.255.255.128
!
interface eth1/0
ip address 10.1.20.129 255.255.255.128

R2
conf t

router bgp 12345

!
address-family ipv4 vrf BLUE
neighbor 10.120.13.2 remote-as 65112
neighbor 10.120.13.2 activate
neighbor 101.1.123.1 remote-as 10001
neighbor 101.1.123.1 activate
exit-address-family
!
address-family ipv4 vrf GREEN
neighbor 10.120.12.2 remote-as 65112
neighbor 10.120.12.2 activate
neighbor 101.1.123.1 remote-as 10001
neighbor 101.1.123.1 activate
exit-address-family
!
address-family ipv4 vrf INET
neighbor 10.120.99.2 remote-as 65112
neighbor 10.120.99.2 activate
neighbor 101.1.123.1 remote-as 10001
neighbor 101.1.123.1 activate
exit-address-family
!
address-family ipv4 vrf RED
neighbor 10.120.14.2 remote-as 65112
neighbor 10.120.14.2 activate
neighbor 101.1.123.1 remote-as 10001
neighbor 101.1.123.1 activate
exit-address-family
!
address-family ipv4 vrf YELLOW
neighbor 10.120.15.2 remote-as 65112
neighbor 10.120.15.2 activate
neighbor 101.1.123.1 remote-as 10001
neighbor 101.1.123.1 activate
exit-address-family

R3

conf t

router bgp 12345

!
address-family ipv4 vrf BLUE
neighbor 10.120.13.6 remote-as 65112
neighbor 10.120.13.6 activate
neighbor 102.2.123.1 remote-as 10002
neighbor 102.2.123.1 activate
exit-address-family
!
address-family ipv4 vrf GREEN
neighbor 10.120.12.6 remote-as 65112
neighbor 10.120.12.6 activate
neighbor 102.2.123.1 remote-as 10002
neighbor 102.2.123.1 activate
exit-address-family
!
address-family ipv4 vrf INET
neighbor 10.120.99.6 remote-as 65112
neighbor 10.120.99.6 activate
neighbor 102.2.123.1 remote-as 10002
neighbor 102.2.123.1 activate
exit-address-family
!
address-family ipv4 vrf RED
neighbor 10.120.14.6 remote-as 65112
neighbor 10.120.14.6 activate
neighbor 102.2.123.1 remote-as 10002
neighbor 102.2.123.1 activate
exit-address-family
!
address-family ipv4 vrf YELLOW
neighbor 10.120.15.6 remote-as 65112
neighbor 10.120.15.6 activate
neighbor 102.2.123.1 remote-as 10002
neighbor 102.2.123.1 activate
exit-address-family

R6

conf t

router bgp 12345

!
address-family ipv4 vrf BLUE
neighbor 201.1.123.1 remote-as 20001
neighbor 201.1.123.1 activate
exit-address-family
!
address-family ipv4 vrf GREEN
neighbor 201.1.123.1 remote-as 20001
neighbor 201.1.123.1 activate
exit-address-family
!
address-family ipv4 vrf INET
neighbor 201.1.123.1 remote-as 20001
neighbor 201.1.123.1 activate
exit-address-family

R7

conf t

router bgp 12345

!
address-family ipv4 vrf BLUE
neighbor 202.2.123.1 remote-as 20002
neighbor 202.2.123.1 activate
exit-address-family
!
address-family ipv4 vrf INET
neighbor 202.2.123.1 remote-as 20002
neighbor 202.2.123.1 activate
exit-address-family
!
address-family ipv4 vrf RED
neighbor 202.2.123.1 remote-as 20002
neighbor 202.2.123.1 activate
exit-address-family

R12

conf t

router bgp 65111

bgp router-id 123.12.12.12
no bgp default ipv4-unicast
neighbor 201.1.12.1 remote-as 20001
!
address-family ipv4
neighbor 201.1.12.1 activate

R13

conf t

router bgp 65111

bgp router-id 123.13.13.13
no bgp default ipv4-unicast
neighbor 201.1.13.1 remote-as 20001
neighbor 202.2.13.1 remote-as 20002
!
address-family ipv4
neighbor 201.1.13.1 activate
neighbor 202.2.13.1 activate

R14

conf t

router bgp 65111

bgp router-id 123.14.14.14
no bgp default ipv4-unicast
neighbor 202.2.14.1 remote-as 20002
!
address-family ipv4
neighbor 202.2.14.1 activate

-------------------------------------------------------------------------

2.6

R8

conf t

router bgp 34567

bgp router-id 123.8.8.8
no bgp default ipv4-unicast
neighbor 123.9.9.9 remote-as 34567
neighbor 123.9.9.9 update-source loopback0
neighbor 123.10.10.10 remote-as 34567
neighbor 123.10.10.10 update-source loopback0
neighbor 123.11.11.11 remote-as 34567
neighbor 123.11.11.11 update-source loopback0
!
address-family ipv4
neighbor 123.9.9.9 activate
neighbor 123.9.9.9 next-hop-self
neighbor 123.10.10.10 activate
neighbor 123.10.10.10 next-hop-self
neighbor 123.11.11.11 activate
neighbor 123.11.11.11 next-hop-self

R9

conf t

router bgp 34567

bgp router-id 123.9.9.9
no bgp default ipv4-unicast
bgp default local-preference 200
neighbor 123.8.8.8 remote-as 34567
neighbor 123.8.8.8 update-source loopback0
neighbor 123.10.10.10 remote-as 34567
neighbor 123.10.10.10 update-source loopback0
neighbor 123.11.11.11 remote-as 34567
neighbor 123.11.11.11 update-source loopback0
!
address-family ipv4
neighbor 123.8.8.8 activate
neighbor 123.8.8.8 next-hop-self
neighbor 123.10.10.10 activate
neighbor 123.10.10.10 next-hop-self
neighbor 123.11.11.11 activate
neighbor 123.11.11.11 next-hop-self

R10

conf t

router bgp 34567

bgp router-id 123.10.10.10
no bgp default ipv4-unicast
neighbor 123.8.8.8 remote-as 34567
neighbor 123.8.8.8 update-source loopback0
neighbor 123.9.9.9 remote-as 34567
neighbor 123.9.9.9 update-source loopback0
neighbor 123.11.11.11 remote-as 34567
neighbor 123.11.11.11 update-source loopback0
!
address-family ipv4
neighbor 123.8.8.8 activate
neighbor 123.8.8.8 next-hop-self
neighbor 123.9.9.9 activate
neighbor 123.9.9.9 next-hop-self
neighbor 123.11.11.11 activate
neighbor 123.11.11.11 next-hop-self

R11

conf t
router bgp 34567
bgp router-id 123.11.11.11
no bgp default ipv4-unicast
bgp default local-preference 150
neighbor 123.8.8.8 remote-as 34567
neighbor 123.8.8.8 update-source loopback0
neighbor 123.9.9.9 remote-as 34567
neighbor 123.9.9.9 update-source loopback0
neighbor 123.10.10.10 remote-as 34567
neighbor 123.10.10.10 update-source loopback0
!
address-family ipv4
neighbor 123.8.8.8 activate
neighbor 123.8.8.8 next-hop-self
neighbor 123.9.9.9 activate
neighbor 123.9.9.9 next-hop-self
neighbor 123.10.10.10 activate
neighbor 123.10.10.10 next-hop-self

R8

conf t

router bgp 34567

neighbor 101.1.34.1 remote-as 10001
!
address-family ipv4
neighbor 101.1.34.1 activate
redistribute eigrp 34567

R9

conf t

router bgp 34567

neighbor 102.2.34.1 remote-as 10002
neighbor 33.34.4.1 remote-as 30000
!
address-family ipv4
neighbor 102.2.34.1 activate
neighbor 33.34.4.1 activate
redistribute eigrp 34567

R10

conf t

router bgp 34567

neighbor 201.1.34.1 remote-as 20001
!
address-family ipv4
neighbor 201.1.34.1 activate
redistribute eigrp 34567

R11

conf t

router bgp 34567

neighbor 202.2.34.1 remote-as 20002
neighbor 33.34.3.1 remote-as 30000
!
address-family ipv4
neighbor 202.2.34.1 activate
neighbor 33.34.3.1 activate
redistribute eigrp 34567

R9,R11

ip prefix-list DEFAULT-ROUTE seq 5 permit 0.0.0.0/0

!
route-map DEFAULT-ROUTE permit 10
match ip address prefix-list DEFAULT-ROUTE
!
router eigrp 34567
redistribute bgp 34567 metric 10000 100 255 1 1500 route-map DEFAULT-ROUTE

-------------------------------------------------------------------------

2.7

R15

conf t

router bgp 45678

bgp router-id 123.15.15.15
no bgp default ipv4-unicast
neighbor 103.2.45.1 remote-as 10003
address-family ipv4
neighbor 103.2.43.1 activate
aggregate-address 123.20.1.0 0.255.255.255 summary-only
redistribute eigrp 45678
!
router eigrp CCIE
address-family ipv4 unicast autonomus-syste 45678
topology base
redistribute bgp 34567 metric 10000 100 255 1 1500

R16-R19

ip prefix-list DENY permit 0.0.0.0/0

R16

conf t

router bgp 45678

address-family ipv4 vrf LOCALSP
neighbor 203.3.16.1 prefix-list DENY in

R17

conf t

router bgp 45678

address-family ipv4 vrf LOCALSP
neighbor 203.3.17.1 prefix-list DENY in
R18

conf t

router bgp 65222

address-family ipv4 vrf LOCALSP
neighbor 203.3.18.1 prefix-list DENY in

R19

conf t

router bgp 65222

address-family ipv4 vrf LOCALSP
neighbor 203.3.19.1 prefix-list DENY in

-------------------------------------------------------------------------

2.8

R2

conf t

ip prefix-list PERMIT123 seq 5 permit 123.0.0.0/8 le 32

!
router bgp 12345
address-family ipv4 vrf INET
neighbor 101.1.123.1 prefix-list PERMIT123 out

R3

conf t

ip prefix-list PERMIT123 seq 5 permit 123.0.0.0/8 le 32

!
router bgp 12345
address-family ipv4 vrf INET
neighbor 102.2.123.1 prefix-list PERMIT123 out

R6

conf t

ip prefix-list PERMIT123 seq 5 permit 123.0.0.0/8 le 32

!
router bgp 12345
address-family ipv4 vrf INET
neighbor 201.1.123.1 prefix-list PERMIT123 out

R7

conf t

ip prefix-list PERMIT123 seq 5 permit 123.0.0.0/8 le 32

!
router bgp 12345
address-family ipv4 vrf INET
neighbor 202.2.123.1 prefix-list PERMIT123 out

R8

conf t

ip prefix-list PERMIT123 seq 5 permit 123.0.0.0/8 le 32

!
router bgp 34567
address-family ipv4
neighbor 101.1.34.1 prefix-list PERMIT123 out

R9

conf t

ip prefix-list PERMIT123 seq 5 permit 123.0.0.0/8 le 32

!
router bgp 34567
address-family ipv4
neighbor 102.2.34.1 prefix-list PERMIT123 out
neighbor 33.34.4.1 prefix-list PERMIT123 out

R10

conf t

ip prefix-list PERMIT123 seq 5 permit 123.0.0.0/8 le 32

!
router bgp 34567
address-family ipv4
neighbor 201.1.34.1 prefix-list PERMIT123 out

R11

conf t

ip prefix-list PERMIT123 seq 5 permit 123.0.0.0/8 le 32

!
router bgp 34567
address-family ipv4
neighbor 202.2.34.1 prefix-list PERMIT123 out
neighbor 33.34.3.1 prefix-list PERMIT123 out

R12

conf t

router bgp 65111

address-family ipv4
network 123.12.12.12 mask 255.255.255.255

R13

conf t

router bgp 65111

address-family ipv4
neighbor 201.1.13.1 weigth 40000
network 123.13.13.13 mask 255.255.255.255

R14

conf t

router bgp 65111

address-family ipv4
network 123.14.14.14 mask 255.255.255.255

-------------------------------------------------------------------------

2.9

SW3

conf t

ipv6 unicast-routing
!
router ospfv3 1
address-family ipv6 unicast
router-id 123.203.3.3
!
interface loopback0
ospfv3 1 ipv6 area 0
!
interface vlan34
ospfv3 1 ipv6 area 0
ospfv3 1 ipv6 prority 254
!
interface vlan310
ospfv3 1 ipv6 area 10

SW4

conf t

ipv6 unicast-routing
!
router ospfv3 1
address-family ipv6 unicast
router-id 123.204.4.4
!
interface loopback0
ospfv3 1 ipv6 area 0
!
interface vlan34
ospfv3 1 ipv6 area 0
ospfv3 1 ipv6 prority 255
!
interface vlan411
ospfv3 1 ipv6 area 11

R10

conf t

ipv6 unicast-routing
!
router ospfv3 1
address-family ipv6 unicast
router-id 123.10.10.10
!
interface loopback0
ospfv3 1 ipv6 area 10
!
interface ethernet0/2
ospfv3 1 ipv6 area 10

R11

conf t

ipv6 unicast-routing
!
router ospfv3 1
address-family ipv6 unicast
router-id 123.11.11.11
!
interface loopback0
ospfv3 1 ipv6 area 11
!
interface ethernet0/1
ospfv3 1 ipv6 area 11

-------------------------------------------------------------------------

2.10

R10

conf t

router bgp 34567

neighbor 2001:CC1E:BEF:10:201:1:34:1 remote-as 20001
!
address-family ipv6
neighbor 2001:CC1E:BEF:10:201:1:34:1 activate
redistribute ospf 1 match internal external include-connected
!
router ospfv3 1
address-family ipv6 unicast
redsitribute bgp 34567

R11

conf t

router bgp 34567

neighbor 2001:CC1E:BEF:11:202:2:34:1 remote-as 20002
!
address-family ipv6
neighbor 2001:CC1E:BEF:11:202:2:34:1 activate
redistribute ospf 1 match internal external include-connected
!
router ospfv3 1
address-family ipv6 unicast
redsitribute bgp 34567

R12

conf t

ipv6 unicast-routing
router bgp 65111
neighbor 2001:CC1E:BEF:12:201:1:12:1 remote-as 20001
!
address-family ipv6
neighbor 2001:CC1E:BEF:12:201:1:12:1 activate
network 2001:CC1E:BEF:1212:12:12:12:12/128
network 2001:CC1E:BEF:12::/64

R14

conf t

ipv6 unicast-routing
router bgp 65111
neighbor 2001:CC1E:BEF:14:202:2:14:1 remote-as 20002
!
address-family ipv6
neighbor 2001:CC1E:BEF:14:202:2:14:1 activate
network 2001:CC1E:BEF:1414:14:14:14:14/128
network 2001:CC1E:BEF:14::/64

-------------------------------------------------------------------------

2.11

SW5

conf t

ip multicast-routing
!
interface vlan 5
ip pim sparse-mode
!
interface vlan 55
ip pim sparse-mode

SW6

conf t

ip multicast-routing
!
interface vlan 6
ip pim sparse-mode
!
interface vlan 66
ip pim sparse-mode

R15

conf t
ip multicast-routing
!
interface loopback0
ip pim sparse-mode
!
interface ethernet0/1
ip pim sparse-mode
!
interface ethernet0/2
ip pim sparse-mode
!
ip pim bsr-candidate loopback0
ip pim rp-candidate loopback0

R16

conf t

ip multicast-routing
!
interface ethernet0/1
ip pim sparse-mode
!
interface ethernet0/2
ip pim sparse-mode

R17

conf t

ip multicast-routing
!
interface tunnel0
ip pim sparse-mode
!
interface ethernet0/1
ip pim sparse-mode
!
interface ethernet0/2
ip pim sparse-mode

R18,R19

conf t

ip multicast-routing
!
interface tunnel0
ip pim sparse-mode
!
interface ethernet0/0
ip pim sparse-mode
ip igmp joing-group 232.1.1.1

SW5

conf t
interface range ethernet0/2-3
switchport mode access
switchport access vlan 5
!
interface range ethernet1/0-3
switchport mode access
switchport access vlan 5
!
interface range ethernet2/0-3
switchport mode access
switchport access vlan 5
!
interface range ethernet3/0-3
switchport mode access
switchport access vlan 5

-------------------------------------------------------------------------

3.1

R1,R2,R3,R6,R7

conf t

ip cef
mpls ip
mpls label protocl ldp
mpls ldp roouter-id loopback0
!
interface ethernet0/1
mpls ip
!
interface ethernet0/2
mpls ip

R4,R5

conf t

ip cef
mpls ip
mpls label protocl ldp
mpls ldp roouter-id loopback0
!
interface ethernet0/0
mpls ip
!
interface ethernet0/1
mpls ip
!
interface ethernet0/2
mpls ip

R2,R3,R6,R7

no mpls ip propagate-ttl

-------------------------------------------------------------------------
3.2

R2,R3,R6,R7

conf t

router bgp 12345

address-family vpnv4
neighbor 123.1.1.1 activate

R1

conf t

address-family ipv4
neighbor IBGP route-reflector-client
neighbor 123.2.2.2 activate
neighbor 123.3.3.3 activate
neighbor 123.6.6.6 activate
neighbor 123.7.7.7 activate
exit-address-family

R12

conf t

router bgp 65111

address-family ipv4
network 10.1.12.0 mask 255.255.255.0

R13

conf t

router bgp 65111

address-family ipv4
network 10.1.13.0 mask 255.255.255.0

R14

conf t

router bgp 65111

address-family ipv4
network 10.1.14.0 mask 255.255.255.0

R18

conf t

router eigrp 45678

network 10.2.18.0 0.0.0.255

R19

conf t

router eigrp 45678

network 10.2.19.0 0.0.0.255
R20

conf t

router bgp 65112

address-family ipv4
neighbor 10.120.15.1 weight 1000
neighbor 10.120.99.5 weight 1000

-------------------------------------------------------------------------

3.3

R17

conf t

interface tunnel0
bandwidth 1000
ip address 10.18.19.1 255.255.255.0
no ip redirects
ip mtu 1400
ip pim sparse-mode
ip nhrp authentication 45678key
ip nhrp map multicast dynamic
ip nhrp network-id 45678
ip nhrp holdtime 300
ip nhrp redirect
ip tcp adjust-mss 1360
delay 1000
tunnel source ethernet0/0
tunnel mode gre multipoint
tunnel vrf LOCALSP
no split-horizon eigrp 45678

R18

conf t

interface tunnel0
bandwidth 1000
ip address 10.18.19.18 255.255.255.0
no ip redirects
ip mtu 1400
ip pim sparse-mode
ip nhrp authentication 45678key
ip nhrp map 10.18.19.1 203.3.17.2
ip nhrp map multicast 203.3.17.2
ip nhrp network-id 45678
ip nhrp holdtime 300
ip nhrp nhs 10.18.19.1
ip nhrp shortcut
ip tcp adjust-mss 1360
delay 1000
tunnel source serial4/0
tunnel mode gre multipoint
tunnel vrf LOCALSP
R19

conf t

interface tunnel0
bandwidth 1000
ip address 10.18.19.19 255.255.255.0
no ip redirects
ip mtu 1400
ip pim sparse-mode
ip nhrp authentication 45678key
ip nhrp map 10.18.19.1 203.3.17.2
ip nhrp map multicast 203.3.17.2
ip nhrp network-id 45678
ip nhrp holdtime 300
ip nhrp nhs 10.18.19.1
ip nhrp shortcut
ip tcp adjust-mss 1360
delay 1000
tunnel source serial4/0
tunnel mode gre multipoint
tunnel vrf LOCALSP

-------------------------------------------------------------------------

3.4

R17-R19

conf t

crypto isakmp enable

crypto isakmp policy 10
authentication pre-share
encr aes
group 2
exit

crypto keyring DMVPNPROFILE vrf LOCALSP

pre-shared-key address 0.0.0.0 0.0.0.0 key CCIE
!
crypto ipsec transform-set CCIEXFORM esp-aes esp-sha-hmac
mode transport
!
crypto isakmp profile DMVPNPROFILE
vrf LOCALSP
keyring DMVPNPROFILE
match identity address 0.0.0.0 LOCALSP
!
crypto ipsec profile DMVPNPROFILE
set transform-set CCIEXFORM
set isakmp-profile DMVPNPROFILE
!
interface tunnel0
tunnel protection ipsec profile DMVPNPROFILE

-------------------------------------------------------------------------

4.1
R20

conf t

banner login #
Caution! No unauthorizes access!

R20

conf t

banner login #Caution! No unauthorizes access!#

-------------------------------------------------------------------------

4.2

SW3

conf t

interface range ethernet0/0-3

switchport port-security
switchport port-security mac-address sticky
switchport port-security maximum 1
switchport port-security violation shutdown

-------------------------------------------------------------------------

5.1

R20

R20

conf t

service linenumber
!
username test password test
!
ip domain-name acme.org
crypto key generate rsa modulus 768
!
ip ssh maxstartups 5
login on-failure
login on-success
ip ssh logging events
ip ssh version 2
!
access-list 1 permit 123.10.2.0 0.0.0.255 log
access-list 1 deny any log
!
line vty 0 4
login local
access-class 1 in
transport input ssh

-------------------------------------------------------------------------

5.2

R20

conf t

access-list 2 permit 10.1.0.0 0.0.255.255

access-list 2 permit 10.2.0.0 0.0.255.255
!
ip nat inside source list 2 interface loopback0 overload
!
interface ethernet2/0.99
ip nat outside
!
interface ethernet3/0.99
ip nat outside
!
interface ethernet2/0.12
ip nat inside
!
interface ethernet2/0.13
ip nat inside
!
interface ethernet2/0.14
ip nat inside
!
interface ethernet2/0.15
ip nat inside
!
interface ethernet3/0.12
ip nat inside
!
interface ethernet3/0.13
ip nat inside
!
interface ethernet3/0.14
ip nat inside
!
interface ethernet3/0.15
ip nat inside
!
interface ethernet0/0
ip nat inside
!
interface ethernet1/0
ip nat inside

-------------------------------------------------------------------------

5.3

R17

terminal shell
conf t
shell processing full

-------------------------------------------------------------------------

5.4

SW3

conf t

ntp master
ntp source loopback0
ntp authenticate
ntp authentication-key 1 md5 CCIE
ntp trusted-key 1

R10,R12

ntp server 2001:CC1E:BEF:2:123:203:3:3

ntp source loopback0
ntp authenticate
ntp authentication-key 1 md5 CCIE
ntp trusted-key 1

SW3

conf t

ntp source loopback0

ntp authenticate
ntp authentication-key 1 md5 CCIE
ntp trusted-key 1

R10,R12

ntp server 2001:CC1E:BEF:2:123:203:3:3 key 1

ntp authenticate
ntp authentication-key 1 md5 CCIE
ntp trusted-key 1