Posts tagged CCIE

OSPF Authentication

Jun 1st

Posted by Colby in Tutorials

3 comments

This post is about the different OSPF authentication methods. It will be part of a series outlining OSPF commands/technologies.

We can configure OSPF to use authentication for an entire area, or just for a single interface. Today we’ll go over both. Here’s the topology:

First we’ll setup authentication for all of area 0:

R1(config)#interface FastEthernet0/0
R1(config-if)#ip ospf message-digest-key 1 md5 cisco
R1(config-if)#ip ospf 100 area 0
R1(config-if)#
R1(config-if)#router ospf 100
R1(config-router)#area 0 authentication message-digest
 
R2(config)#interface FastEthernet0/0
R2(config-if)#ip ospf message-digest-key 1 md5 cisco
R2(config-if)#ip ospf 100 area 0
R2(config-if)#
R2(config-if)#router ospf 100
R2(config-router)#area 0 authentication message-digest
 
R3(config)#interface FastEthernet0/0
R3(config-if)#ip ospf message-digest-key 1 md5 cisco
R3(config-if)#ip ospf 100 area 0
R3(config-if)#
R3(config-if)#router ospf 100
R3(config-router)#area 0 authentication message-digest

Nothing crazy here, we configure OSPF and an MD5 key under our area 0 interfaces, then we specify that all of area 0 should use MD5 authentication. Note that the commands differ slightly if we want to use clear-text, it would be “ip ospf authentication-key [key]” and “area 0 authentication” under the OSPF 100 process.

Let’s verify:

R1#sh ip ospf neigh
Neighbor ID     Pri   State           Dead Time   Address         Interface
2.2.2.2           1   FULL/DR         00:00:32    10.1.123.2      FastEthernet0/0
3.3.3.3           1   FULL/DROTHER    00:00:35    10.1.123.3      FastEthernet0/0
 
R1#sh ip ospf int fa0/0
...
  Message digest authentication enabled
    Youngest key id is 1

Everything is working, our neighbors are up and we see that authentication is enabled with the key we specifcied. Note, if we leave off a key, the neigbhors will still form and MD5 will still be enabled, but it will say key 0:

Read more...

, , , , , , ,

OSPF Lab #2 Tasks

May 19th

Posted by Colby in Labs

1 comment

This is the second OSPF post I’ll be doing for CCIE lab preparation. Today I’m posting the tasks, then tomorrow or the day after (or possibly after the weekend, depending how busy I am) I’ll post the walkthrough. If any of you work on this before the walkthrough, leave a comment.

Here’s the topology:

(Click image for fullsize)

Click here for the initial configs

Here are the tasks:
1. Configure R1, R2 and R3′s S0/0 interfaces in Area 0. Ensure that DR and BDR are elected. Advertise all loopback0s on all routers into OSPF.

2. Configure R1 as the default gateway for all OSPF routers. Do not use the “default-information” command.

3. Configure R6 to use the path through R4 to get to area 0 Do not use any interface level commands to accomplish this.

4. Configure R4 to filter any type 3, 4, 5 and 7 LSAs from entering area 45.

Read more...

, , , , , ,

OSPF Lab #1 Walkthrough

May 13th

Posted by Colby in Labs

No comments

This is the walkthrough for OSPF Lab #1.

Here’s the topology:

Click here for the initial configs

Here is task one:
1. Configure R1′s s0/0.102 interface and R2′s s0/0.201 interface in area 12, this area should not receive any Type 5 LSAs. Configure R1′s s0/0.103 interface and R3′s s0/0.301 interface in area 13, R1 should only receive a default route from R3, no other OSPF routes should be in R1′s RIB (from R3). Do not use network statements to accomplish this task.

Config:

R1(config)#interface Serial0/0.102 point-to-point
R1(config-subif)#ip ospf 100 area 12
R1(config-subif)#
R1(config-subif)#interface Serial0/0.103 point-to-point
R1(config-subif)#ip ospf 100 area 13
R1(config-subif)#
R1(config-subif)#router ospf 100
R1(config-router)#area 12 stub
R1(config-router)#area 13 stub
 
R2(config)#interface Serial0/0.201 point-to-point
R2(config-subif)#ip ospf 100 area 12
R2(config-subif)#
R2(config-subif)#router ospf 100
R2(config-router)#area 12 stub
 
R3(config)#interface Serial0/0.301 point-to-point
R3(config-subif)#ip ospf 100 area 13
R3(config-subif)#
R3(config-subif)#router ospf 100
R3(config-router)#area 13 stub no-summary

Here we configure OSPF 100 under the routers’ interfaces (avoiding network statements). Then we configure R1 and R2′s link/area as a stub. Last we configure R1 and R3′s link/area as a totally stubby area, preventing R3 from sending anything buy a default route to R1.

Read more...

, , , , , , , , ,

Quick BGP Challenge #1

May 12th

Posted by Colby in Quick Challenge

18 comments

This is the first little challenge I’m posting on here. If you frequent the forums, you likely saw the one I had for OSPF. I thought of another challenge while talking to a buddy. Here’s the topology:

Make R1 prefer the path through R3 for the 192.168.1.0/24 network. The configuration must be on R1. Do not use Weight or Local Preference to accomplish this. Assume that all previous configuration is correct.

This one is a little different than the OSPF challenge in that there are many ways to accomplish it. I’ve thought of a few, I want to see what everyone else comes up with.

Go!

, , , , , ,

OSPF Lab #1 Tasks

May 12th

Posted by Colby in Labs

8 comments

This is the first OSPF post I’ll be doing for CCIE lab preparation. Sorry guys, I’ve been slacking with updates. Today I’m posting the tasks, then tomorrow or the day after I’ll post the walkthrough. If any of you work on this before the walkthrough, leave a comment.

Here’s the topology:

Click here for the initial configs

Here are the tasks:
1. Configure R1′s s0/0.102 interface and R2′s s0/0.201 interface in area 12, this area should not receive any Type 5 LSAs. Configure R1′s s0/0.103 interface and R3′s s0/0.301 interface in area 13, R1 should only receive a default route from R3, no other OSPF routes should be in R1′s RIB (from R3). Do not use network statements to accomplish this task.

Read more...

, , , , , , ,
«12345»10...Last »