CCIE Enterprise Infrastructure Foundation
CCIE Enterprise Infrastructure Foundation
Infrastructure Foundation
Narbik Kocharians
Cisco Press
All rights reserved. This publication is protected by copyright, and permission must be obtained from the
publisher prior to any prohibited reproduction, storage in a retrieval system, or transmission in any form
or by any means, electronic, mechanical, photocopying, recording, or likewise. For information regarding
permissions, request forms, and the appropriate contacts within the Pearson Education Global Rights &
Permissions Department, please visit www.pearson.com/permissions.
No patent liability is assumed with respect to the use of the information contained herein. Although
every precaution has been taken in the preparation of this book, the publisher and author assume no
responsibility for errors or omissions. Nor is any liability assumed for damages resulting from the use of
the information contained herein.
ScoutAutomatedPrintCode
Library of Congress Control Number: 2022902108
ISBN-13: 978-0-13-737424-3
ISBN-10: 0-13-737424-0
The information is provided on an “as is” basis. The authors, Cisco Press, and Cisco Systems, Inc. shall
have neither liability nor responsibility to any person or entity with respect to any loss or damages
arising from the information contained in this book or from the use of the discs or programs that may
accompany it.
The opinions expressed in this book belong to the author and are not necessarily those of
Cisco Systems, Inc.
Trademark Acknowledgments
All terms mentioned in this book that are known to be trademarks or service marks have been appro-
priately capitalized. Cisco Press or Cisco Systems, Inc., cannot attest to the accuracy of this informa-
tion. Use of a term in this book should not be regarded as affecting the validity of any trademark or
service mark.
Special Sales
For information about buying this title in bulk quantities, or for special sales opportunities (which
may include electronic versions; custom cover designs; and content particular to your business, training
goals, marketing focus, or branding interests), please contact our corporate sales department at
[email protected] or (800) 382-3419.
For questions about sales outside the U.S., please contact [email protected].
Feedback Information
At Cisco Press, our goal is to create in-depth technical books of the highest quality and value. Each book
is crafted with care and precision, undergoing rigorous development that involves the unique expertise of
members from the professional technical community.
Readers’ feedback is a natural continuation of this process. If you have any comments regarding how we
could improve the quality of this book, or otherwise alter it to better suit your needs, you can contact us
through email at [email protected]. Please make sure to include the book title and ISBN in your
message.
Alliances Manager, Cisco Press: Arezou Gol Editorial Assistant: Cindy Teeters
Credits
Unnumbered figures on pages 860-861 PuTTY
Education is a powerful force for equity and change in our world. It has the potential to
deliver opportunities that improve lives and enable economic mobility. As we work with
authors to create content for every product and service, we acknowledge our responsibil-
ity to demonstrate inclusivity and incorporate diverse scholarship so that everyone can
achieve their potential through learning. As the world’s leading learning company, we have
a duty to help drive change and live up to our purpose to help more people create a bet-
ter life for themselves and to create a better world.
■ Our educational products and services are inclusive and represent the rich diversity
of learners
■ Our educational content accurately reflects the histories and experiences of the
learners we serve
■ Our educational content prompts deeper discussions with learners and motivates
them to expand their own learning (and worldview)
While we work hard to present unbiased content, we want to hear from you about any
concerns or needs with this Pearson product so that we can investigate and address them.
Dedications
I would like to dedicate this book to my beautiful wife, Janet, my children and their
spouses, Chris and Nona (aka Siroon Achik), Patrick and Diana (aka Bestelik Jan),
Alexandra (aka Achiko) and Sevak, and Daniel (aka Chompolik), as well as our first
grandson, Matthew (aka Jigar), whom I LOVE so much, he brightens my day every
morning!
I would like to acknowledge with gratitude the support, sacrifice, and love of my
family for making this book possible. I thank God for the health and wisdom that He has
instilled in me, my lovely family, my first grandson Mathew, and my father, who was
my best friend.
Acknowledgments
A very special thanks to James and Eleanor. I remember brainstorming with James for
hours about this book, and eventually he came up with the ultimate solution. I would
like to thank Eleanor for having a tremendous amount of patience and professionalism.
I would also like to thank my tech editors, Sarah Anand and Dante McNeil, two gifted
network engineers with a tremendous amount of knowledge. God willing, I will be work-
ing with these two champions for a long time to come. They are not CCIEs yet, but their
knowledge is on par with the best CCIEs out there.
Contents at a Glance
Introduction xxxiii
Chapter 1 Switching 1
Chapter 3 RIPv2 39
Chapter 4 EIGRP 51
Chapter 5 OSPF 65
Chapter 6 BGP 95
Index 881
Contents
Introduction xxxiii
Chapter 1 Switching 1
Lab 1: Configuring Trunks 1
Task 1 2
Task 2 2
Task 3 2
Task 4 2
Task 5 3
Task 6 3
Task 7 3
Task 8 3
Task 9 3
Task 10 3
Task 11 4
Task 12 4
Task 13 4
Task 14 4
Task 15 5
Task 16 5
Task 17 5
Task 18 5
Task 19 5
VTP Pruning 5
Task 20 12
Task 21 12
Task 22 12
Task 23 12
Task 24 12
Task 25 12
Task 26 12
Task 27 12
Task 28 12
Task 4 26
Task 5 26
Task 6 26
Task 7 26
Task 8 27
Task 9 27
Task 10 27
802.1s Multiple Spanning Tree Protocol 28
Task 1 28
Task 2 29
Task 3 29
Task 4 30
Let’s Explore 802.1s 30
Task 1 32
Task 2 32
Task 3 33
Task 4 33
Chapter 3 RIPv2 39
Lab 1: Configuring RIPv2 39
Task 1 40
Task 2 40
Task 3 40
Task 4 41
Task 5 41
Task 6 44
Task 7 44
Task 8 44
Task 9 45
Task 10 45
Task 11 45
Task 12 45
Task 13 45
Task 14 45
Task 15 45
Task 16 45
Task 17 46
Task 18 46
Task 19 46
Task 20 46
Lab 2: Helper Map 46
Task 1 47
Task 2 47
Task 3 47
Task 4 47
Lab 3: RIPv2 Challenge Lab 48
Ticket 1 48
Ticket 2 48
Ticket 3 49
Ticket 4 49
Ticket 5 49
Ticket 6 49
Ticket 7 49
Ticket 8 49
Ticket 9 49
Chapter 4 EIGRP 51
Lab 1: EIGRP Named Mode 51
Task 1 52
Task 2 52
Task 3 52
Task 4 53
Task 5 53
Task 6 53
Task 7 53
Task 8 53
Task 9 53
Task 10 53
Task 11 53
Task 12 54
Lab 2: EIGRP and Bidirectional Forwarding Detection (BFD) 54
Task 1 54
Task 2 54
Task 3 54
Task 4 54
Lab 3: EIGRP Stub 55
Task 1 55
Task 2 55
Task 3 55
Task 4 56
Task 5 56
Task 6 56
Task 7 56
Task 8 56
Task 9 56
Task 10 57
Task 11 57
Lab 4: EIGRP Filtering 57
Task 1 58
Task 2 58
Task 3 58
Task 4 58
Task 5 58
Task 6 58
Task 7 58
Chapter 5 OSPF 65
Lab 1: Running OSPF on the Interfaces 65
Task 1 66
Task 2 66
Task 3 66
Task 4 66
Task 5 66
Task 6 66
Task 7 67
Task 8 67
Task 5 78
Task 6 78
Task 7 78
Task 8 78
Task 9 78
Task 10 79
Task 11 79
Task 12 79
Task 13 79
Task 14 79
Task 15 79
Task 16 79
Task 17 80
Task 18 80
Task 19 80
Task 20 80
Lab 8: OSPF Summarization 80
Task 1 81
Task 2 81
Task 3 81
Task 4 82
Task 5 82
Task 6 82
Task 7 82
Task 8 82
Lab 9: Virtual Links and GRE Tunnels 83
Task 1 84
Task 2 84
Task 3 84
Task 4 85
Lab 10: Default Route Injection 85
Task 1 85
Task 2 85
Task 3 85
Task 4 85
Task 5 85
Task 6 86
Task 7 86
Task 8 86
Task 9 86
Lab 11: OSPF Authentication 87
Task 1 87
Task 2 87
Task 3 87
Task 4 88
Task 5 88
Task 6 88
Task 7 88
Task 8 88
Task 9 88
Task 10 89
Task 11 89
Task 12 89
Lab 12: OSPF Best-Path Determination 90
Task 1 91
Task 2 91
Task 3 91
Lab 13: OSPF Challenge Lab 92
Ticket 1 92
Ticket 2 92
Ticket 3 93
Ticket 4 93
Ticket 5 93
Ticket 6 93
Ticket 7 93
Ticket 8 93
Chapter 6 BGP 95
Lab 1: Establishing a BGP Session Using the Correct TTL Value 95
BGP Peering Session Overview 95
Task 1 97
Task 2 97
Task 3 97
Task 4 97
Task 5 97
Task 6 97
Task 7 98
Task 8 98
Task 9 98
Lab 2: Establishing Neighbor Adjacency Using Different Methods 98
Task 1 99
Task 2 99
Task 3 99
Task 4 99
Task 5 100
Task 6 100
Task 7 101
Task 8 101
Lab 3: Route Reflectors 101
Task 1 102
Task 2 102
Task 3 102
Task 4 103
Task 5 103
Task 6 103
Lab 4: BGP Confederation 104
Task 1 105
Task 2 105
Task 3 105
Task 4 105
Lab 5: BGP Backdoor and Conditional Advertisement 106
Task 1 106
Task 2 106
Task 3 107
Task 4 107
Task 5 107
Task 6 107
Task 7 107
Task 8 108
Task 9 109
Task 10 109
Task 11 109
Lab 6: BGP Aggregation 109
Task 1 110
Task 2 110
Task 3 110
Task 4 110
Task 5 110
Task 6 110
Task 7 110
Lab 7: BGP Filtering 111
Task 1 112
Task 2 112
Task 3 112
Task 4 112
Task 5 112
Task 6 113
Task 7 113
Task 8 113
Task 9 113
Task 10 113
Task 11 113
Task 12 113
Task 13 113
Task 14 113
Task 15 113
Task 16 114
Task 17 114
Lab 8: BGP Load Balancing 114
Task 1 115
Task 2 115
Task 3 115
Task 4 115
Task 5 115
Task 3 566
Task 4 572
Lab 6: DMVPN and DHCP 573
Task 1 574
Task 2 578
Task 3 584
Task 4 592
Task 5 592
Task 6 592
Task 7 593
Lab 4: EIGRP Site-of-Origin 593
Task 1 593
Task 2 594
Task 3 594
Task 4 594
Task 5 594
Lab 5: OSPF Routing in a VPN 595
Task 1 595
Task 2 596
Task 3 596
Task 4 596
Task 5 596
Task 6 597
Lab 6: Backdoor Links and OSPF 597
Task 1 598
Task 2 598
Task 3 598
Task 4 598
Task 5 598
Task 6 598
Task 7 598
Task 8 599
Task 9 599
Lab 7: BGP Routing in a VPN 599
Task 1 600
Task 2 600
Task 3 600
Task 4 600
Task 5 600
Task 6 600
Lab 8: MPLS and NAT 601
Task 1 601
Task 2 601
Task 3 602
Task 4 602
Task 5 602
Task 6 602
Lab 9: Route Targets, Import Maps, and Export Maps 603
Task 1 603
Task 2 604
Task 3 604
Task 4 604
Task 5 604
Task 6 605
Task 7 605
Task 8 605
Task 9 605
Task 10 605
Task 11 605
Task 12 605
Lab 10: Internet Access Methods: Partial Internet Routes 606
Task 1 606
Task 2 607
Task 3 607
Task 4 607
Task 4 613
Task 5 613
Task 6 613
Lab 3: Configuring OSPFv3 614
Task 1 614
Task 2 614
Task 3 615
Lab 4: Summarization of Internal and External Networks 615
Task 1 615
Task 2 615
Task 3 616
Task 4 616
Task 5 616
Task 6 616
Task 7 616
Lab 5: OSPFv3 Broadcast Networks 617
Task 1 617
Task 2 617
Task 3 617
Task 4 618
Lab 6: OSPFv3 Non-Broadcast Networks 618
Task 1 619
Task 2 619
Lab 7: OSPFv3 Point-to-Point Networks 620
Task 1 620
Task 2 620
Lab 8: OSPFv3 Point-to-Multipoint Networks 621
Task 1 621
Task 2 622
Task 3 622
Lab 9: OSPFv3 Cost and Auto-Cost 622
Task 1 623
Task 2 623
Task 3 623
Lab 10: LSAs in OSPFv3 624
Task 1 624
Task 2 625
Task 3 625
Task 4 625
Task 5 625
Lab 11: OSPFv3 Area Types 626
Task 1 627
Task 2 627
Task 3 627
Task 4 627
Task 5 627
Task 6 627
Task 7 627
Task 8 628
Task 9 628
Task 10 628
Task 11 628
Task 12 628
Task 13 629
Task 14 629
Lab 12: OSPFv3 Authentication 629
Task 1 630
Task 2 630
Task 3 630
Task 4 630
Task 5 630
Task 6 631
Task 7 631
Lab 13: EIGRPv6 632
Task 1 632
Task 2 633
Task 3 633
Task 4 633
Task 5 633
Task 6 633
Task 7 633
Task 8 633
Task 9 633
Task 10 634
Task 11 634
Task 12 634
Task 13 634
Task 14 634
Lab 14: BGP Configuration 634
Task 1 634
Task 2 635
Task 3 635
Task 4 635
Index 881
■ Boldface indicates commands and keywords that are entered literally as shown. In
actual configuration examples and output (not general command syntax), boldface
indicates commands that are manually input by the user (such as a show command).
■ Braces within brackets ([{ }]) indicate a required choice within an optional element.
Introduction
Enterprise networking has undergone many small changes over the years, building from
simple shared bus LANs to intricate routing and switching architectures and wireless
communications. Behind all of this is a need to ensure high reliability, agility, and speed.
Through the decades, many different networking technologies, from physical connec-
tions to software protocols, have been created to assist enterprise networks in reaching
those goals. For seasoned networking veterans, working with the various protocols and
architectures is second nature. However, those who are just starting to build their careers
and trying to study more advanced areas of network engineering may be overwhelmed
by the multitude of routing protocols, Layer 2 features, and new buzzwords like “soft-
ware-defined.”
This book is written as a foundation guide for the most common enterprise network-
ing concepts that are required for a network engineer looking to move forward to more
advanced aspects of networking. It combines aspects of theory instruction with practical
application. Topics such as LAN switching, IP routing, and overlay networking technolo-
gies such as DMVPN are explained as foundational topics, including examples. Each
chapter also functions as a lab manual with a task-oriented structure. Lab scenarios are
presented as either configuration objectives, troubleshooting scenarios, or design scenar-
ios. Each lab scenario includes full solutions and explanations. For beginner to intermedi-
ate readers, the solutions can be read while solving the tasks. Advanced readers can chal-
lenge their knowledge and skills by solving tasks first and then comparing their solutions
to the ones provided in this book.
This book is not meant to be an exhaustive study of all the included technologies. It is
meant to provide enough information on all topics to allow you to speak intelligently
about each technology and even implement some of the configurations, if necessary, in
your own environment. It takes topics from Cisco’s CCIE Enterprise Infrastructure cer-
tification blueprint but includes some legacy topics, where necessary, to facilitate under-
standing.
This book breaks down complicated topics and provides examples to maximize under-
standing. It does, however, assume some basic networking knowledge. The following
types of readers will get the most out of this book:
■ Those who have completed CCNA certification and are part of the way through
their preparation for CCNP Enterprise certification
■ Those who have completed CCNP Enterprise certification and are pursuing CCIE
Enterprise Infrastructure certification
■ Those who are migrating from another vendor to a Cisco environment and need to
understand Cisco configurations for common networking protocols
Chapter 1: Switching
Chapter 1 introduces Layer 2 concepts such as preventing loops with Spanning Tree
Protocol, segmenting with VLANs, extending VLANs between switches through trunk-
ing, and bonding multiple Ethernet links together to increase bandwidth between net-
work nodes. It covers topics such as Spanning Tree Protocol, RSTP, MSTP, VTP and
VTP pruning, 802.1Q and ISL trunking, and LACP and PAgP.
Chapter 3: RIPv2
Chapter 3 introduces Routing Information Protocol (RIP). RIP may not be included on
the exam, but it is a perfect example of a simple distance vector routing protocol that
follows all the standard distance vector designs. It focuses on the simplicity of RIP con-
figuration, advanced RIP filtering scenarios, and RIP configuration challenges.
Chapter 4: EIGRP
Chapter 4 focuses on Cisco’s improvement on its own version of Interior Gateway
Routing Protocol (IGRP), Enhanced Interior Gateway Routing Protocol (EIGRP). It intro-
duces EIGRP as a distance vector protocol that forms neighbor relationships and keeps
a topology table like some other protocols. EIGRP is considered an advanced distance
vector protocol that uses more than simple hop counts to learn loop-free paths through
a network. This chapter covers EIGRP configuration topics such as EIGRP classic and
address family configuration, EIGRP stub routing, and EIGRP with BFD.
Chapter 5: OSPF
Chapter 5 introduces the Open Shortest Path First (OSPF) routing protocol. It begins
with an analysis of how OSPF builds its link-state database (LSDB) with various link-
state advertisements (LSA) and uses that information to calculate loop-free routed paths
through a network. This chapter also details multiarea OSPF design, filtering, and virtual
links. It includes a detailed walkthrough on OSPF’s best-path determination to help you
understand OSPF’s path selection process.
Chapter 6: BGP
Chapter 6 introduces Border Gateway Protocol (BGP), the protocol that routes the
Internet. It explains BGP operation between autonomous systems (external BGP, or
eBGP) and within a single autonomous system (internal BGP, or iBGP). Topics covered
include BGP session establishment, route reflectors and confederations, aggregation, and
filtering. This chapter includes a detailed walkthrough of the BGP best-path determina-
tion process.
Chapter 7: DMVPN
Chapter 7 focuses on Cisco’s original SD-WAN technology, known as Dynamic
Multipoint VPN (DMVPN). It explains DMVPN from the ground up, introducing con-
cepts such as overlay and underlay networking, the link between DMVPN and NHRP,
DMVPN routing using common routing protocols, and different DMVPN designs.
It covers DMVPN Phase 1 through Phase 3 configurations, NHRP shortcut switching
enhancements, hub-and-spoke networking designs, and (m)GRE tunnels.
Chapter 9: IPv6
Chapter 9 introduces Internet Protocol Version 6 (IPv6), which is the successor to IPv4
due to its massive address space. It also details IPv6 address types, assignment, and con-
figuration. Topics covered include IPv6 NDP, IPv6 SLAAC, DMVPN for IPv6, OSPF for
IPv6 (OSPFv3), EIGRP for IPv6, and BGP for IPv6.
1. Go to www.ciscopress.com/register.
If you have any issues accessing the companion website, you can contact our support
team by going to http://pearsonitp.echelp.org.
EIGRP
R6 R7
G0/9 G0/9
Lo2
1.1.2.1/24 10.1.1.0/24
Lo3 Lo0
1.1.3.1/24 2.2.2.2/8
Lo1 G0/9 G0/9
1.1.1.1/24
.1 .2
G0/2 G0/1 G0/3
12.1.1.0/24
R1 R2
G0/3
1.1.0.1/24 G0/0
Lo0
13.1.1.0/24 Lo0 23.1.1.0/24
145.1.1.0/24 3.3.3.3/8
G0/0 G0/0
.4 .5 .3
G0/1
R4 R5 R3 G0/2
4.4.4.4/8 5.5.5.5/8
Lo0 Lo0
To copy and paste the initial configurations, go to the Initial-config folder → EIGRP
folder → Lab-1.
Task 1
Configure EIGRP on R1, R2, and R3 based on the following policy:
G0/0 100
G0/2 100
G0/3 100
Loopback0–Loopback3 100
R2 G0/9 200
G0/1 100
G0/3 100
Loopback0 100
R3 G0/1 100
G0/2 100
Loopback0 100
■ R1, R2, and R3 should use an EIGRP named mode configuration to accomplish this
task.
Task 2
Configure R4 and R5 in EIGRP AS 100. You must use named mode to accomplish this
task.
Task 3
Configure R1, R4, and R5 to use unicast to establish their EIGRP neighbor adjacency.
Task 4
Configure R6 in EIGRP AS 200. This router should run EIGRP AS 200 on its G0/9 and
Loopback0 interfaces. You should use an EIGRP named mode configuration to accom-
plish this task.
Task 5
Configure OSPF Area 0 on R6’s G0/9 and R7’s G0/9 and Loopback0 interfaces. The
router ID of these routers should be configured as 0.0.0.x, where x is the router number.
Task 6
Configure R6 to redistribute OSPF into EIGRP such that R1 and R2 go directly to R7 to
reach the 7.0.0.0/8 network.
Task 7
Configure the hello interval of all routers in AS 200 to be twice the default hello interval.
Task 8
Configure R4 such that in the worst-case scenario, it uses 10% of the bandwidth for its
EIGRP updates. This policy should apply to the existing and future interfaces.
Task 9
Configure R1 to summarize its loopback interfaces and advertise a single summary in the
EIGRP AS 100 routing domain.
Task 10
Configure R1 to limit the number of received prefixes from R5 to 10. R1 should be con-
figured to receive a warning message once 50% of this threshold is reached and a warning
message for every additional route that exceeds the threshold. You should configure Lo1–
Lo10 on R5 by copying and pasting the initial configuration, called EIGRP-Lab-1-Task10.
Task 11
Configure R1 to limit the number of prefixes received from R4 to five. R1 should be con-
figured to tear down the adjacency if R4 exceeds the specified threshold. Copy and paste
the EIGRP-Lab-1-Task11 initial configuration on R4.
Task 12
Erase the startup configuration and reload the routers before proceeding to the next lab.
Lo0 Lo0
5.5.5.5/8 6.6.6.6/8
Task 1
Configure the routers based on the previous diagram. Do not configure any routing
protocol.
Task 2
Configure EIGRP AS 100 on all directly connected interfaces of these two routers and
ensure reachability. R5 should be configured using EIGRP classical mode, and R6 should
use the EIGRP named mode configuration style.
Task 3
Configure and test BFD on these two routers.
Task 4
Erase the startup configuration of these two routers and reload the devices before pro-
ceeding to the next lab.
Lab Setup:
If you are using EVE-NG, and you have imported the EVE-NG topology from the
EVE-NG-Topology folder, ignore the following tasks and use Lab 3-EIGRP Stub in the
EIGRP folder in EVE-NG.
To copy and paste the initial configurations, go to the Initial-config folder → EIGRP
folder → Lab-3.
Task 1
Configure EIGRP AS 100 on the G0/2 and G0/1 interfaces of R1 and R2, respectively, as
well as on all loopback interfaces of these two routers. On R1 configure EIGRP using the
classic mode, and on R2 configure EIGRP in named mode to accomplish this task. Do
not run EIGRP on the G0/1 interface of R1 or the G0/2 interface of R2.
Task 2
Configure R1 and R2 to summarize their loopback interfaces in EIGRP.
Task 3
Configure the following static routes on R1 and R2 and redistribute them into EIGRP:
Task 4
Advertise the G0/1 interface of R1 and the G0/2 interface of R2 into RIPv2 and disable
auto-summarization. You should redistribute RIPv2 into EIGRP and use any metric for
the redistributed routes.
Task 5
Configure EIGRP stub routing on R1 by using the command eigrp stub connected. Test
this option and verify the routes in the routing tables of both routers.
Task 6
Remove the eigrp stub connected option configured in the previous task and reconfigure
EIGRP stub routing on R1 by using the eigrp stub summary command. Test this option
and verify the routes in the routing tables of both routers.
Task 7
Remove the eigrp stub summary option configured in the previous task and reconfigure
EIGRP stub routing on R1 by using the command eigrp stub static. Test this option and
verify the routes in the routing tables of both routers.
Task 8
Remove the eigrp stub static option configured in the previous task and reconfigure
EIGRP stub routing on R1 by using the command eigrp stub redistributed. Test this
option and verify the routes in the routing tables of both routers.
Task 9
Remove the eigrp stub redistributed option configured in the previous task and recon-
figure EIGRP stub routing on R1 by using the command eigrp stub receive-only. Test
this option and verify the routes in the routing tables of both routers.
Task 10
Remove the eigrp stub receive-only option configured in the previous task and recon-
figure EIGRP stub routing on R1 by using the command eigrp stub. Test this option and
verify the routes in the routing tables of both routers.
Task 11
Erase the startup configuration and reload the routers before proceeding to the next lab.
R1
111.1.1.1/8 G0/2
Lo2
12.1.1.0/24
R3 R2
200.2.2.2/24 G0/0 G0/0 200.2.2.2/24
Lo2 Lo2
10.1.1.0/24
G0/0
.4
R4
Lab Setup:
If you are using EVE-NG, and you have imported the EVE-NG topology from the
EVE-NG-Topology folder, ignore the following tasks and use Lab 4-EIGRP Filtering in
the EIGRP folder in EVE-NG.
To copy and paste the initial configurations, go to the Initial-config folder → EIGRP
folder → Lab-4.
Task 1
Configure EIGRP 100 on all routers and advertise their directly connected links into
EIGRP.
Task 2
Configure R4 such that it filters existing (1.0.0.0/8, 11.0.0.0/8, and 111.0.0.0/8) and future
networks behind R1. Do not use distribute-list, access-list, prefix-list, or route-map to
accomplish this task.
Task 3
Configure R4 such that it uses R2 as its only connection to network 200.1.1.0 /24. You
should use an access list to accomplish this task.
Task 4
Configure R4 such that it takes R3 to reach network 200.2.2.0 /24. R4 should only use
R2 as the next hop to reach network 200.2.2.0/24 when R3 is down. You should use a
standard access list to accomplish this task.
Task 5
Filter network 2.0.0.0/8 on R4. Do not use distribute-list or route-map to accomplish this
task.
Task 6
Configure R4 to filter network 3.0.0.0/8.
Task 7
Erase the startup configuration and reload the routers before proceeding to the next task.
.1
R1
G0/0
123.1.1.0/24
Lo0 – 3.3.3.3/32
G0/0 G0/0 Lo100 – 100.1.0.1/24
Lo101 – 100.1.1.1/24
.2 .3 Lo102 – 100.1.2.1/24
Lo0 – 2.2.2.2/32 Lo103 – 100.1.3.1/24
R2 R3 Lo104 – 100.1.4.1/24
G0/4 G0/6 Lo105 – 100.1.5.1/24
Lo106 – 100.1.6.1/24
G0/5 Lo107 – 100.1.7.1/24
Lo0 – 7.7.7.7/32
67.1.1.0/24
G0/3 G0/3 G0/3
.4 .5 .6 G0/7
R4 R5 R6
G0/8
Lo0 – 5.5.5.5/32
100.1.1.0/24
G0/5
.8
R8
Lo0 – 8.8.8.8/32
Lab Setup:
If you are using EVE-NG, and you have imported the EVE-NG topology from the
EVE-NG-Topology folder, ignore the following tasks and use Lab 5-Advanced EIGRP
Lab in the EIGRP folder in EVE-NG.
To copy and paste the initial configurations, go to the Initial-config folder → EIGRP
folder → Lab-5.
Task 1
Configure the G0/0 interfaces of R1, R2, and R3 in EIGRP AS 100. These routers should
be configured to advertise their Lo0 interfaces in this AS, using the following policy:
Task 2
Configure R3’s G0/4, G0/5, and G0/6 in AS 300. Configure R4’s, R5’s, and R6’s G0/3 and
loopback 0 interfaces in this AS.
The summary route should be advertised to R4, R5, and R6 based on the following
policy:
Task 3
Configure EIGRP 300 on R4’s Lo134 and Lo135 and advertise a single summary in AS
300.
Task 4
Configure the G0/7 and Lo0 interfaces of R6 and the G0/6 and loopback 0 interfaces
on R7 for EIGRP in AS 67.
R7 should be configured to advertise its Lo130, such that the command show ip route
eigrp 67 on R6 produces the following output:
R7 should use redistribute static to accomplish this task. Do not configure a static route
to accomplish this task.
Task 5
Configure the routers in AS 67 such that they log neighbor warning messages and repeat
the warning messages every 10 minutes. You should disable logging of neighbor changes
for this AS.
Task 6
Configure the routers in AS 67 such that a dead neighbor is detected within 3 seconds.
Task 7
Routers in AS 100 should be configured to use Bandwidth and not Bandwidth + DLY
when calculating their composite metric.
Task 8
Configure R2 such that EIGRP never uses more than 25% of its G0/0 link’s bandwidth.
Task 9
Configure the G0/8 interface of R5 and the G0/5 and the Lo0 interfaces of R8 in AS 500.
Task 10
Configure R5 to inject a default route in AS 500 based on the following policy:
■ R5 should be configured to inject a default route plus networks 4.0.0.0/8 and 6.0.0.0/8
from AS 300.
Task 11
Erase the startup configuration and reload the routers before proceeding to the next task.
123.1.1.0/24
Lab Setup:
If you are using EVE-NG, and you have imported the EVE-NG topology from
the EVE-NG-Topology folder, ignore the following tasks and use Lab 6-EIGRP
Authentication in the EIGRP folder in EVE-NG.
To copy and paste the initial configurations, go to the Initial-config folder → EIGRP
folder → Lab-6.
Task 1
Configure EIGRP based on the previous diagram. If this configuration is successful, these
routers should be able to see and have reachability to all routes. You should use named
mode configuration style when configuring R2 and R3 and classic EIGRP configuration
style when configuring R1 to accomplish this task.
Task 2
Configure R2 to authenticate all existing and future directly connected interfaces using
the strongest authentication method available. Use the minimum number of commands
and CCIE as the password to accomplish this task.
■ In the future, R3 may have other neighbors that won’t need authentication.
Task 3
Erase the startup configuration and reload the routers before proceeding to the next lab.
7.47.45.0/24 7.47.45.0/24
7.47.35.0/24
R4 G0/5 G0/4 R5 G0/3 G0/5 R3
G0/6 G0/1
G0/7
Tu
nn
7.47.45.0/24
7.47.13.0/24
el
Lo0
1
7.47.100.1/32
DMVPN
7.47.46.0/24 7.47.45.0/24
7.47.36.0/24 19.48.213.0/24
7.47.45.0/24 G0/3
Lo0
7.47.100.6/32
R1
Tu
n
ne
l1
G0/3
Lo101 Lo100
57.73.21.21/24 7.47.1.1/24
7.47.1.1/24
R6 G0/3
G0/7
19.48.216.0/24
7.47.45.0/24
G0/6 R7
Lab Setup:
If you are using EVE-NG, and you have imported the EVE-NG topology from the
EVE-NG-Topology folder, ignore the following tasks and use Lab 7-EIGRP Challenge
Lab in the EIGRP folder in EVE-NG.
To copy and paste the initial configurations, go to the Initial-config folder → EIGRP
folder → Lab-7.
NOTE Do not access R7 at all. You should only fix the problem identified in the ticket.
Ticket 1
R1 can’t reach R3’s Lo0. You must configure R1 to fix the problem.
Ticket 2
R6 does not have a stable EIGRP adjacency with R4. Do not use an EIGRP command to
fix this ticket.
Ticket 3
When R3’s G0/1, G0/7, and G0/6 are down, R3 can’t reach R4’s Lo0. Do not remove any
commands to fix this ticket.
Ticket 4
R1’s Lo0 should always have reachability to R4’s Lo0 and G0/5 interfaces, but it does not.
You should fix this problem without configuring R1 or R4. You should not remove any
commands to resolve this ticket.
Ticket 5
R3 is configured to use multiple paths to R4’s Lo0. However, it’s using only one of the
paths.
Ticket 6
R6 can’t reach R7’s Lo101.
Ticket 7
R3 should establish a EIGRP adjacency with R8 over its G0/8 interface. You should make
configuration changes on R3 only.
Ticket 8
Erase the startup configuration and reload the devices before proceeding to the next lab.
show ip ospf neighbor detail, 337 416–417, 455, 457, 466, 467–468,
show ip protocols, 238 475, 481–482, 483, 487, 490,
499, 503, 507–509–510, 529,
show ip route, 272, 277–278, 352,
534–535, 544–545, 550–552,
460–461, 469
557, 558
show ip route bgp, 356, 381
tunnel destination, 274, 298, 300
show ip route eigrp, 293, 295, 310,
tunnel mode gre multipoint, 298, 331
315, 318, 320, 496–497, 554,
564–565–566–567, 568–570, confederation, 104–105, 148,
571, 698–700 223–225
show ip route eigrp 100, 377, 468, AS_PATH attribute and, 181–183,
490, 534, 543, 548–549, 582–583 188–190
show ip route next-hop-override, 329 advertising paths within, 183–188
show ip route nhrp, 325, 394, 398 convergence, 22–23, 435–436
show ip route nhrp nhs redundancy, cost, 622–623
572
show ip route ospf, 339, 343–344,
374, 413–414, 416, 420–421,
D
423, 452–453, 454, 677–678, debug ip bgp update command, 159
688–690, 692–693, 701–703
debug ip nhrp packet command, 300
show ip route vpn 100, 674–675
debug nhrp detail command, 287–288
show ip route vrf 100, 669–671,
debug nhrp packet command,
673–674, 676–677
287–288
show ip routes omp, 681–682
default route injection, 85–86
show omp routes, 664–667,
default-originate command, 500
683–686, 690–692
DHCP (Dynamic Host Configuration
show run interface tunnel1, 295
Protocol)
show running-config system, 808
creating a server, 805–816
show sdwan control local properties,
DMVPN and, 572–573
649–650
relay agent, 580
show sdwan omp peers, 650
distance command, 465
show sdwan omp routes, 668–669
distance vector protocols, 135
show sdwan running-config,
643–644, 678–679 DMVPN (Dynamic Multipoint VPN),
269, 283. See also dual hub, single
switchport trunk pruning vlan, 10, 11
cloud design; single hub, dual cloud
traceroute, 152, 273, 316, 318–319, design; single hub, single cloud
320–321, 323–324, 334–335, design
351, 371, 374–375, 377–379,
adding a spoke, 290–291
382, 386–387, 393, 397–398,
DHCP and, 572–573
dual hub, dual cloud design, 537–538 EIGRP, 279, 285, 291, 632–634
DMVPN Phase 3 advanced lab, 59–61
implement eBGP, 552–558 authentication, 62
implement EIGRP, 541–545 BFD (Bidirectional Forwarding
implement iBGP, 546–552 Detection) and, 54
tunnel configuration, 539–541 challenge lab, 63–64
dual hub, single cloud design, DMVPN Phase 1 configuration,
511–513 347–351, 424–428
DMVPN Phase 3 DMVPN Phase 2 configuration,
375–379, 461–470
implement eBGP, 529–536
DMVPN Phase 3 configuration,
implement EIGRP, 518–523
390–394, 495–500, 518–523,
implement iBGP, 524–529 541–545
tunnel configuration, 513–518 filtering, 57–58
named mode, 51–54
E routing in a VPN, 591–593
site-of-origin, 593–594
eBGP, 220–223
stub, C05.127–57
DMVPN Phase 1 configuration,
EtherChannel, configuring, 13–14
359–367
export maps, 603–605
spokes in different autonomous
systems, 359–361, 436–441 external networks, summarization,
615–616
spokes in the same autonomous
system, 362–367
DMVPN Phase 2 configuration, F
382–387
spokes in different autonomous feature template, 703–729–753–782
systems, 477–485 filtering
spokes in the same autonomous BGP, 111–114
system, 485–488 EIGRP, 57–58
DMVPN Phase 3 configuration OSPF, 77–80
spokes in different autonomous full-mesh topology, 297
systems, 402–405, 507–510,
532–536, 555–558
spokes in the same autonomous G-H-I
system, 399–402, 504–507,
530–531, 552–554 GRE (Generic Routing Encapsulation)
tunnels, 270–272–273
edge ports, 23
virtual links and, 83–85
149, 160, 355, 357–359, 360, 365, show ip route bgp command, 356,
380–381, 383–384, 396–397, 381
401–402, 431–432, 438–439, show ip route command, 272,
440–441, 445, 471–472, 277–278, 352, 460–461, 469
479–480, 483–484, 486,
show ip route eigrp 100 command,
502–503, 526, 531, 554, 556
377, 468, 490, 534, 543, 548–549,
show ip bgp neighbors command, 582–583
155–156
show ip route eigrp command, 293,
show ip bgp summary command, 355, 295, 310, 315, 318, 320, 496–497,
363, 482 554, 564–565–566–567, 568–
show ip bp command, 444 569–570, 571, 698–700
show ip cef command, 340 show ip route next-hop-override
show ip cef internal command, 311, command, 329
321–322 show ip route nhrp command, 325,
show ip dhcp pool TST command, 394, 398
581 show ip route nhrp nhs redundancy
show ip eigrp 100 neighbor command, 572
command, 348, 391–392, show ip route ospf command, 339,
463–465 343–344, 346, 374, 413–414,
show ip eigrp neighbors command, 416, 420–421, 423, 452–453,
292–293, 303–304, 305–306, 454, 677–678, 688–690,
376–377 692–693, 701–703
show ip nhrp command, 277, 288, show ip route vpn 100 command,
307, 389, 561, 576–577 674–675
show ip nhrp multicast command, show ip route vrf 100 command, 668,
280, 291–292, 302–303, 370 669–671, 673–674, 676–677
show ip ospf command, 345 show ip routes omp command,
681–682
show ip ospf database network
command, 457–459 show omp routes command, 664–667,
683–686, 690–692
show ip ospf database router
command, 459 show run interface tunnel1 command,
295
show ip ospf int brief command,
672–673 show running-config system
command, 808
show ip ospf interface brief
command, 414–415, 453–454 show sdwan control local properties
command, 649–650
show ip ospf neighbor command,
343, 373–374, 413, 452 show sdwan omp peers command,
650
show ip ospf neighbor detail
command, 337 show sdwan omp routes command,
668–669
show ip protocols command, 238