Posts tagged CCNP

HSRP Tutorial

Aug 21st

Posted by Colby in Tutorials

9 comments

Today’s topic is HSRP (Hot Standby Routing Protocol). HSRP is a Cisco proprietary “First Hop Redundancy Protocol”. It is typically used for redundancy at the first hop from a client segment. It is used with two or more routers in a group who share a virtual IP address. One router is active at a given time and will reply to ARP requests. In this example, we have R1 and R2 in standby group 100 with a virtual IP of 192.168.100.1. This IP will be the default gateway for all hosts in VLAN 100. Here is the topology:

This is a basic topology, both R1 and R2 have connections to the internet. They are running HSRP on their FastEthernet 0/0 interfaces. Here’s the basic HSRP config:

R1(config)#interface fa0/0
R1(config-if)#ip address 192.168.100.2 255.255.255.0
R1(config-if)#standby 100 ip 192.168.100.1
 
R2(config)#interface fa0/0
R2(config-if)#ip address 192.168.100.3 255.255.255.0
R2(config-if)#standby 100 ip 192.168.100.1

Very simple so far. We use the “standby [0-255] ip [virtual ip address]” command.

Let’s verify the config:

Read more...

, , , ,

OSPF Area Types: NSSA

Jun 15th

Posted by Colby in Tutorials

3 comments

Today we’ll go over Not So Stubby Areas (NSSA). We will be using a slightly different topology here, we will make R4 an ASBR with a connection to the internet.

Quick refresher, OSPF NSSAs have inter and intra-area routes (Type 2 and Type 3 LSAs) and also external routes in the form of Type 7 LSAs, which are converted to Type 5 LSAs by the ABR.
(For more detailed information on LSAs and Area Types, check out this post.)

Here’s the topology:

I’m not going through the basic OSPF config, so assume everything is configured as the diagram suggests. I’ve also redistributed loopbacks on each router (“redistribute connected subnets” under the OSPF process) to give us some external routes, and I added 34.34.34.34/32 to Area 34 so we have an intra-area route to look at. I’ve also added a static default route on R4 which I’m injecting into OSPF with the “default-information originate” command. Let’s look at some show commands BEFORE we make area 34 an NSSA:

Read more...

, , , , , ,

OSPF Area Types: Totally Stubby

Jun 6th

Posted by Colby in Tutorials

4 comments

This is the first post in a series about OSPF Area Types. Today we’ll go over Totally Stubby areas. We’ll be using the same topology as the Stub post. I’m also reposting the first portion of that here since it will be the same.

Quick refresher, OSPF Totally Stubby Areas allow only intra-area routes and a default route generated by the ABR (Type 2 LSAs – the default route comes through as a Type 3 LSA, but no other Type 3s are allowed). Inter-area and External routes (Type 5 LSAs) are not allowed in totally stubby areas.
(For more detailed information on LSAs and Area Types, check out this post.)

Here’s the topology:

Read more...

, , , , , ,

OSPF Area Types: Stub

Jun 4th

Posted by Colby in Tutorials

5 comments

This is the first post in a series about OSPF Area Types. Today we’ll go over Stub areas. This one will be somewhat short on config, but should have a good amount of show commands.

Quick refresher, OSPF Stub Areas allow inter- and intra-area routes (Type 2 and Type 3 LSAs). External routes (Type 5 LSAs) are not allowed in stub areas.
(For more detailed information on LSAs and Area Types, check out this post.)

We’ll be using the same topology we used for OSPF Authentication:

I’m not going through the basic OSPF config, so assume everything is configured as the diagram suggests. I’ve also redistributed loopbacks on each router to give us some external routes, and I added 34.34.34.34/32 to Area 34 so we have an intra-area route to look at. Let’s look at some show commands BEFORE we make area 34 a stub:

Read more...

, , , , , ,

OSPF Authentication

Jun 1st

Posted by Colby in Tutorials

3 comments

This post is about the different OSPF authentication methods. It will be part of a series outlining OSPF commands/technologies.

We can configure OSPF to use authentication for an entire area, or just for a single interface. Today we’ll go over both. Here’s the topology:

First we’ll setup authentication for all of area 0:

R1(config)#interface FastEthernet0/0
R1(config-if)#ip ospf message-digest-key 1 md5 cisco
R1(config-if)#ip ospf 100 area 0
R1(config-if)#
R1(config-if)#router ospf 100
R1(config-router)#area 0 authentication message-digest
 
R2(config)#interface FastEthernet0/0
R2(config-if)#ip ospf message-digest-key 1 md5 cisco
R2(config-if)#ip ospf 100 area 0
R2(config-if)#
R2(config-if)#router ospf 100
R2(config-router)#area 0 authentication message-digest
 
R3(config)#interface FastEthernet0/0
R3(config-if)#ip ospf message-digest-key 1 md5 cisco
R3(config-if)#ip ospf 100 area 0
R3(config-if)#
R3(config-if)#router ospf 100
R3(config-router)#area 0 authentication message-digest

Nothing crazy here, we configure OSPF and an MD5 key under our area 0 interfaces, then we specify that all of area 0 should use MD5 authentication. Note that the commands differ slightly if we want to use clear-text, it would be “ip ospf authentication-key [key]” and “area 0 authentication” under the OSPF 100 process.

Let’s verify:

R1#sh ip ospf neigh
Neighbor ID     Pri   State           Dead Time   Address         Interface
2.2.2.2           1   FULL/DR         00:00:32    10.1.123.2      FastEthernet0/0
3.3.3.3           1   FULL/DROTHER    00:00:35    10.1.123.3      FastEthernet0/0
 
R1#sh ip ospf int fa0/0
...
  Message digest authentication enabled
    Youngest key id is 1

Everything is working, our neighbors are up and we see that authentication is enabled with the key we specifcied. Note, if we leave off a key, the neigbhors will still form and MD5 will still be enabled, but it will say key 0:

Read more...

, , , , , , ,

OSPF Lab #1 Walkthrough

May 13th

Posted by Colby in Labs

No comments

This is the walkthrough for OSPF Lab #1.

Here’s the topology:

Click here for the initial configs

Here is task one:
1. Configure R1′s s0/0.102 interface and R2′s s0/0.201 interface in area 12, this area should not receive any Type 5 LSAs. Configure R1′s s0/0.103 interface and R3′s s0/0.301 interface in area 13, R1 should only receive a default route from R3, no other OSPF routes should be in R1′s RIB (from R3). Do not use network statements to accomplish this task.

Config:

R1(config)#interface Serial0/0.102 point-to-point
R1(config-subif)#ip ospf 100 area 12
R1(config-subif)#
R1(config-subif)#interface Serial0/0.103 point-to-point
R1(config-subif)#ip ospf 100 area 13
R1(config-subif)#
R1(config-subif)#router ospf 100
R1(config-router)#area 12 stub
R1(config-router)#area 13 stub
 
R2(config)#interface Serial0/0.201 point-to-point
R2(config-subif)#ip ospf 100 area 12
R2(config-subif)#
R2(config-subif)#router ospf 100
R2(config-router)#area 12 stub
 
R3(config)#interface Serial0/0.301 point-to-point
R3(config-subif)#ip ospf 100 area 13
R3(config-subif)#
R3(config-subif)#router ospf 100
R3(config-router)#area 13 stub no-summary

Here we configure OSPF 100 under the routers’ interfaces (avoiding network statements). Then we configure R1 and R2′s link/area as a stub. Last we configure R1 and R3′s link/area as a totally stubby area, preventing R3 from sending anything buy a default route to R1.

Read more...

, , , , , , , , ,
12345»...Last »