Posts tagged Dynamips

Guest Post On NF Blog

Apr 29th

Posted by Colby in Labs

No comments

I wrote a BGP Lab post on the Networking-Forum Blog. Here’s a preview:

Topology:

Tasks:
1. Configure the Oustside Border Router in AS 6500. Peer with ISP-1 and ISP-2. Ensure that the DMZ subnet is advertised to the internet.
2. Prevent AS 6500 from being used as a transit between ASes 1111 and 2222.
3. The link through ISP-1 is much faster than the link through ISP-2. Configure outgoing traffic to use ISP-1 as the primary, only use the link through ISP-2 if the primary link is down.
4. Configure incoming traffic to use the link through ISP-1 as the primary.
5. Ensure that NAT is setup to use both ISPs.

Check it out if you’re interested!

, , , , , , ,

RIP Lab #1

Apr 27th

Posted by Colby in Labs

5 comments

This is the first in a series of lab posts I’ll be doing to prepare for the CCIE.

Today’s lab is from Narbik’s Volume One workbook. It’s a RIPv2 lab with some tricks thrown in. Here’s the topology:


(Click image for fullsize)

Click here for the initial configs

Here is task one:

1. Configure RIPv2 on all routers and advertise their directly connected interfaces. Ensure that these routers have full NLRI to all the loopback interfaces advertised into RIP. Ensure that all routers can ping all loopbacks.

Let’s go through the config:

R1:
R1(config)#router rip
R1(config-router)#ver 2
R1(config-router)#no auto
R1(config-router)#network 10.0.0.0
R1(config-router)#network 1.0.0.0
 
R2:
R2(config)#router rip
R2(config-router)#ver 2
R2(config-router)#no auto
R2(config-router)#network 10.0.0.0
R2(config-router)#network 2.0.0.0
 
R3:
R3(config)#router rip
R3(config-router)#ver 2
R3(config-router)#no auto
R3(config-router)#network 10.0.0.0
R3(config-router)#network 3.0.0.0

Looks pretty simple, but I’m sure you guys see that this won’t work correctly. Let’s look at R2 and R3′s routing tables:

R2#sh ip route
...
R    1.0.0.0/8 [120/1] via 10.1.1.1, 00:00:15, Serial0/0
C    2.0.0.0/8 is directly connected, Loopback0
     10.0.0.0/24 is subnetted, 1 subnets
C       10.1.1.0 is directly connected, Serial0/0
 
R3#sh ip route
...
R    1.0.0.0/8 [120/1] via 10.1.1.1, 00:00:06, Serial0/0
C    3.0.0.0/8 is directly connected, Loopback0
     10.0.0.0/24 is subnetted, 1 subnets
C       10.1.1.0 is directly connected, Serial0/0
Read more...

, , , , , , , ,

Simple IPv6 Tutorial

Apr 20th

Posted by Colby in Tutorials

9 comments

Today we’ll configure a basic IPv6 network. I’m not a big fan of IPv6. I’ve never used it in the real world, so it’s hard for me to keep it in my head, but I’ve been studying the hell out of it for the Written, so here goes.

We have a simple topology, only three routers. We will be running OSFPv3 on our serial links and loopbacks. Here’s our topology:


(Click image for fullsize)

First we’ll configure our IPv6 addresses:

R1:
R1(config)#ipv6 unicast-routing
R1(config)#int s0/0
R1(config-if)#ip add 10.1.12.1 255.255.255.0
R1(config-if)#ipv6 add 10:1:1:12::1/64
R1(config-if)#no shut
 
R2:
R2(config)#ipv6 unicast-routing
R2(config)# int s0/0
R2(config-if)#ip add 10.1.12.2 255.255.255.0
R2(config-if)#ipv6 add 10:1:1:12::2/64
R2(config-if)#no shut
R2(config-if)#exit
R2(config)#int s0/1
R2(config-if)#ip add 10.1.23.2 255.255.255.0
R2(config-if)#ipv6 add 10:1:1:23::2/64
R2(config-if)#no shut
 
R3:
R3(config)#ipv6 unicast-routing
R3(config-if)#int s0/1
R3(config-if)#ip add 10.1.23.3 255.255.255.0
R3(config-if)#ipv6 add 10:1:1:23::3/64

The first thing we do on each router is enable IPv6 routing. Then we give the interface an IPv4 address and finally an IPv6 address.

Let’s verify connectivity from R2:

Serial0/0 is up, line protocol is up
  IPv6 is enabled, link-local address is FE80::C001:71FF:FE12:0
  Global unicast address(es):
    10:1:1:12::2, subnet is 10:1:1:12::/64
  Joined group address(es):
    FF02::1
    FF02::2
    FF02::1:FF00:2
    FF02::1:FF12:0
  MTU is 1500 bytes
  ICMP error messages limited to one every 100 milliseconds
  ICMP redirects are enabled
  ND DAD is enabled, number of DAD attempts: 1
  ND reachable time is 30000 milliseconds
  Hosts use stateless autoconfig for addresses.
Serial0/1 is administratively down, line protocol is down
  IPv6 is enabled, link-local address is FE80::C001:71FF:FE12:0 [TEN]
  Global unicast address(es):
    10:1:1:23::2, subnet is 10:1:1:23::/64 [TEN]
  Joined group address(es):
    FF02::1
    FF02::2
    FF02::1:FF00:2
    FF02::1:FF12:0
  MTU is 1500 bytes
  ICMP error messages limited to one every 100 milliseconds
  ICMP redirects are enabled
  ND DAD is enabled, number of DAD attempts: 1
  ND reachable time is 30000 milliseconds
  Hosts use stateless autoconfig for addresses.
 
R2#sh ipv int b
Serial0/0                  [up/up]
    FE80::C001:71FF:FE12:0
    10:1:1:12::2
Serial0/1                  [up/up]
    FE80::C001:71FF:FE12:0
    10:1:1:23::2
 
R2#ping  10:1:1:12::1
Sending 5, 100-byte ICMP Echos to 10:1:1:12::1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 0/2/4 ms
 
R2#ping  10:1:1:23::3
Sending 5, 100-byte ICMP Echos to 10:1:1:23::3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 0/3/12 ms

We have connectivity between interfaces on the same subnet.

Now we’ll configure our loopbacks and OSPFv3:

R1:
R1(config-if)#int lo0
R1(config-if)#ipv6 add 1:1:1::1/64
R1(config-if)#ipv6 ospf 20 area 0
R1(config-if)#int s0/0
R1(config-if)#ipv6 ospf 20 area 0
 
R2:
R2(config)#int lo0
R2(config-if)#ipv6 add 2:2:2::2/64
R2(config-if)#ipv6 ospf 20 area 0
R2(config-if)#int s0/0
R2(config-if)#ipv6 ospf 20 area 0
R2(config-if)#int s0/1
R2(config-if)#ipv6 ospf 20 area 0
 
R3:
R3(config)#int lo0
R3(config-if)#ipv6 add 3:3:3::3/64
R3(config-if)#ipv6 ospf 20 area 0
R3(config-if)#int s0/1
R3(config-if)#ipv6 ospf 20 area 0

With v6 we enable OSPF directly under the interface on which it runs.

Read more...

, , , , , , , , , ,

New Troubleshooting Lab Topology

Apr 3rd

Posted by Colby in Troubleshooting Labs

6 comments

The old topology I’ve been using for the weekly labs is pretty limited. I created a new one today which should keep us going for awhile. It’s relatively complex, it consists of two customer MPLS VPNs and lots of routing. The two customer VPNs also have internet access through one of their sites. We are simulating the internet with Peer1 and Peer2. Here’s the diagram:

(click image for fullsize)

I should have the first lab up early next week after I work out some issues I’m having. So tell me what you guys think.

Here’s the .net file:
New Troubleshooting .net file

, , , , , , , , , ,

Troubleshooting Lab #5

Mar 25th

Posted by Colby in Troubleshooting Labs

7 comments

This one might be easy, but I’m having trouble gauging it after last week. Same topology, users are having trouble communicating from one VLAN to the other. Soon I’ll make a new (bigger) topology with more diverse technologies, I haven’t had the time lately.

You can run the .net on your own Dynamips server or you can use mine. Run the topology and login with username “tshoot” and password “tshoot”. This user only has privilege level 1, so show commands will be available, but show run will not be. You can also login with username: “shrun” and password: “shrun”, this will print the running config and boot you out. I would like to grant full privilege 15 access, but I’m worried about people messing with the configs, this is after all a public post. Obviously you could get around this pretty easily, but that would defeat the purpose. ;)

Read more...

, , , , , , , , ,
«12345»...Last »