CAPITULO II. APLICACIÓN ACTUAL DEL SISTEMA ADMINISTRADOR DE PRODUCCIÓN
2.3 INTRODUCCIÓN DEL SAP A LA INDUSTRIA AÉREA
Lab 10 Setup
This lab is intended to be used with online rack access. Connect to the terminal server for the online rack, and complete the configuration tasks as detailed below.
NOTE
Load the initial configuration files before starting to work on the tasks.
Version 5.2C 156 | P a g e
Configuration Tasks :: Detailed Solutions
1. R1, R2, and R3 are in a hub and spoke topology where R1 is the hub and R2 and R3 are the spokes. DMVPN is the underlying used technology. Configure RIP version 2 in this DMVPN network.
The DMVPN network phase 2 is already pre-configured. Let’s configure RIP version 2 over this DMVPN network. RIPv2 is carrying a subnet mask field, but the classless behavior will only take place once the no auto-summary is configured.
On R1, R2, and R3, configure the following:
RX(config)#router rip RX(config-router)#version 2
RX(config-router)#network 11.0.0.0 RX(config-router)#no auto-summary
2. The RIP updates have to be sent as unicast packets on the DMVPN tunnels.
The neighbor command turns on unicast for RIP updates. However, a router will still send multicast packets on group 224.0.0.9. In order to turn off multicast RIP updates completely, the passive-interface command is required.
On R1, configure the following:
R1(config)#router rip
R1(config-router)#neighbor 11.1.1.2 R1(config-router)#neighbor 11.1.1.3
R1(config-router)#passive-interface Tunnel23
On R2, configure the following:
R2(config)#router rip
R2(config-router)#neighbor 11.1.1.1 R2(config-router)#neighbor 11.1.1.3
R2(config-router)#passive-interface Tunnel23
157 | P a g e Version 5.2C On R3, configure the following:
R3(config)#router rip
R3(config-router)#neighbor 11.1.1.1 R3(config-router)#neighbor 11.1.1.2
R3(config-router)#passive-interface Tunnel23
3. Advertise the loopbacks 0 of R1, R2, and R3 in the RIP process.
On R1, configure the following:
R1(config)#router rip
R1(config-router)#network 10.0.0.0 R1(config-router)#passive-interface e0/1
On R2 and R3, configure the following:
RX(config)#router rip
RX(config-router)#network 10.0.0.0 RX(config-router)#passive-interface e0/0
We are configuring passive-interface on the ethernet interfaces between R1, R2, and R3 because we would like RIP to run over the tunnel interfaces only.
At this point in the lab, I can ping from the loopback0 from R3 to the loopback0 of R1, but I cannot ping from the loopback0 from R3 to the loopback0 of R2.
R3#ping 10.1.1.1 source 10.1.3.3 Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.1.1, timeout is 2 seconds:
Packet sent with a source address of 10.1.3.3
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms R3#ping 10.1.2.2 source 10.1.3.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.2.2, timeout is 2 seconds:
Packet sent with a source address of 10.1.3.3
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
Version 5.2C 158 | P a g e 4. Ensure full reachability in this hub and spoke technology. On R2, check that you can ping the
loopback of R3 sourcing from the loopback of R2.
We already have full reachability in this hub and spoke topology.
R2#ping 10.1.3.3 source 10.1.2.2 Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.3.3, timeout is 2 seconds:
Packet sent with a source address of 10.1.2.2
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
The command no ip split-horizon is not necessary on the DMVPN tunnels, because the RIP updates are unicast packets, so they are going directly from spoke to spoke, because we are in DMVPN phase 2.
5. Configure RIP version 2 between R1 and R4. Advertise the loopback of R4 into the RIP process.
On R4, configure the following:
R4(config)#router rip R4(config-router)#version 2
R4(config-router)#network 10.0.0.0 R4(config-router)#no auto-summary
I can ping from R4 to R2, which means RIP has taken care of the establishment of the IP connectivity.
R4#ping 10.1.2.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.2.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
6. R1 should advertise a default route to all its RIP neighbors with the exception of R4.
On R1, configure the following:
159 | P a g e Version 5.2C
R1(config)#route-map TU23 permit 10 R1(config-route-map)#set interface tu23 R1(config-route-map)#router rip
R1(config-router)#default-information originate route-map TU23
We can see that a default route has been advertised by RIP to R2.
R2#sh ip route
Gateway of last resort is 11.1.1.1 to network 0.0.0.0
R* 0.0.0.0/0 [120/13] via 11.1.1.1, 00:00:03, Tunnel23 10.0.0.0/8 is variably subnetted, 11 subnets, 2 masks
Version 5.2C 160 | P a g e 7. If the E0/0 interface is going down, R1 will stop advertising this default route.
On R1, configure the following:
R1(config-router)#ip access-list standard E_0_0 R1(config-std-nacl)#permit 10.1.14.0 0.0.0.255 R1(config-std-nacl)#route-map TU23 permit 10 R1(config-route-map)#match ip address E_0_0
Let’s check that this conditional advertisement is working and shut down the e0/0 of R1. We should see the default route disappear from R2. We can also perform a debug on R1 and should see the following:
RIP: build flash update entries
0.0.0.0/0 via 0.0.0.0, metric 16, tag 0
8. Configure RIP version 2 on the LAN connecting R2, R3, and R6. Advertise the loopback of R6 into the RIP process.
On R6, configure the following:
R6(config)#router rip R6(config-router)#version 2
R6(config-router)#network 10.0.0.0 R6(config-router)#no auto-summary
I can ping from R6 to R4, which means RIP has taken care of the establishment of the IP connectivity.
R6#ping 10.1.4.4
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.4.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
161 | P a g e Version 5.2C 9. The RIP updates should be broadcasted on the LAN 10.1.236.0/24.
On R2 and R3, configure the following:
R3(config)#interface Ethernet0/1 R3(config-if)#ip rip v2-broadcast
On R6, configure the following:
R6(config)#interface Ethernet0/0 R6(config-if)#ip rip v2-broadcast
10. Configure RIP version 2 on the serial connection between R3 and R5. Advertise the loopback 0 of R5 into the RIP process.
On R3, configure the following:
R3(config)#router rip
R3(config-router)#network 172.16.0.0
On R5, configure the following:
R5(config)#router rip R5(config-router)#version 2
R5(config-router)#network 172.16.0.0 R5(config-router)#network 10.0.0.0 R5(config-router)#no auto-summary
I can ping from R4 to R5, which means RIP has taken care of the establishment of the IP connectivity.
R4#ping 10.1.5.5
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.5.5, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/8/9 ms
11. The RIP updates between R3 and R5 should stay silent. Updates should be sent only when there is a change in the topology.
Version 5.2C 162 | P a g e
Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Sending updates every 30 seconds, next due in 20 seconds Invalid after 180 seconds, hold down 180, flushed after 240 Redistributing: rip
Default version control: send version 2, receive version 2 Interface Send Recv Triggered RIP Key-chain Ethernet0/0 2 2
Serial4/0 2 2 Yes Serial5/0 2 2
Loopback0 2 2
Automatic network summarization is not in effect Maximum path: 4
163 | P a g e Version 5.2C On R3, as shown in the output below, the networks advertised from R5 have not been refreshed since 9 minutes and 18 seconds, but are still in the routing table. By default, an entry is refreshed every 30 seconds and is invalid after 3 minutes.
Version 5.2C 164 | P a g e
L 11.1.1.2/32 is directly connected, Tunnel23
172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks C 172.16.35.0/24 is directly connected, Serial4/0 L 172.16.35.3/32 is directly connected, Serial4/0
12. Configure RIP version 2 on the serial connection between R6 and R9. Advertise the loopback of R9 into the RIP process.
On R9, configure the following:
R9(config)#router rip R9(config-router)#version 2
R9(config-router)#network 10.0.0.0 R9(config-router)#no auto-summary
I can ping from R1 to R9, which means RIP has taken care of the establishment of the IP connectivity.
R1#ping 10.1.9.9
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.9.9, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/9/10 ms
13. Configure PPP encapsulation on the serial connection between R6 and R9. Use IPCP for address allocation with PPP. R6 is the server side (IP address 10.1.69.6/24) and R9 is client side (IP address 10.1.69.9/32 assigned by server). Ensure that R6 is getting the RIP updates from R9 and that you can ping the loopback of R9 sourcing from the loopback of R6.
Let’s configure the PPP encapsulation.
On R6 and R9, configure the following:
R9(config)#int s3/0
R9(config-if)#encapsulation ppp
Let’s configure IPCP.
On R6, the server side, configure the following:
165 | P a g e Version 5.2C
R6(config)#ip local pool R9 10.1.69.9 R6(config)#interface Serial3/0
R6(config-if)#peer default ip address pool R9
On R9, on the server side, configure the following:
R9(config)#interface Serial3/0 R9(config-if)#ip address negotiated
In the routing table of R9, two host routes for the host 10.1.69.9 and 10.1.69.6 will appear in the routing table but not the network 10.1.69.0/24. RIP updates will be ignored because the two ends of the connection don’t appear to be on the same network. This can be fixed by disabling the validate-update-source check.
On R9, configure the following:
R9(config)#router rip
R9(config-router)#no validate-update-source
14. R5 should advertise a default-route to R3. This default-route should only be advertised if the network 10.1.2.2/32 is present in the routing table.
We are going to track the network 10.1.2.0/24 using IP SLA.
R5(config)#ip sla 1
R5(config-ip-sla)#icmp-echo 10.1.2.2
R5(config-ip-sla-echo)#ip sla schedule 1 life forever start-time now
In order to create a bond between the route tracked in the routing table and the route-map used for conditional advertisement of the default route, we have to create a fake route that is tracked by the IP SLA and that will be used in the route-map.
R5(config)#track 10 ip sla 1
R5(config-track)#ip route 2.2.2.2 255.255.255.255 Null0 track 10 R5(config)#ip access-list standard FAKE
R5(config-std-nacl)#permit 2.2.2.2
R5(config-std-nacl)#route-map DEFAULT_ROUTE permit 10 R5(config-route-map)#match ip address FAKE
R5(config-route-map)#set interface Serial4/0 R5(config-route-map)#router rip
R5(config-router)#default-information originate route-map DEFAULT_ROUTE
Version 5.2C 166 | P a g e
Helpful Verification Commands
Show ip protocols
Show ip route rip
Show ip rip database
Technical Verification and Support
To verify your configurations please ensure that you have downloaded the latest “final configurations” from within the iPexpert Member’s Area.
For instructor and developer support, please be sure to submit questions through our interactive support community that’s accessible from the Member’s Area.
This concludes Lab 10 of iPexpert’s CCIE Routing & Switching DSG, Volume 1, Section 2 Copyright© iPexpert. All Rights Reserved.
167 | P a g e Version 5.2C
Lab 11: Configure and Troubleshoot EIGRP (Part 1) :: Detailed Solutions
Technologies Covered
EIGRP Classic mode
EIGRP named mode
Stub
Summarization
Authentication
Key chain rotation
Prefix number limiting
Detailed Solution Guide
This portion of the material is designed to provide our students with the exact commands to use, when to use them, and also the various show commands that will allow you to understand what you're looking for. In addition, the instructor has provided some detail as to why the various solutions have been used versus another potential command set that would have accomplished the same outcome.
Version 5.2C 168 | P a g e
iPexpert’s Recommended Reading Material
Introduction to EIGRP:
http://www.cisco.com/c/en/us/support/docs/ip/enhanced-interior-gateway-routing-protocol-eigrp/13669-1.html
EIGRP:
http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_eigrp/configuration/15-mt/ire-15-mt-book/ire-enhanced-igrp.html
EIGRP Prefix Limit Support:
http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_eigrp/configuration/15-mt/ire-15-mt-book/ire-pre-ls.html
EIGRP Stub Routing:
http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_eigrp/configuration/15-mt/ire-15-mt-book/ire-eigrp-stub-rtg.html
EIGRP Wide Metrics:
http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_eigrp/configuration/15-mt/ire-15-mt-book/ire-wid-met.html
EIGRP Commands:
http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_eigrp/command/ire-cr-book.html
iPexpert’s Recommended Video Training
iPexpert’s Video on Demand training library contains a wealth of videos pertaining to the CCIE Routing & Switching lab exam. We recommend watching the following learning videos, which cover the topics seen in this lab scenario.
Video Title: EIGRP
Video Title: EIGRP Neighbor Formation and Maintenance
Video Title: EIGRP Named Operation
Video Title: EIGRP Named Operation Authentication, Part 1 and Part 2
Video Title: Classic EIGRP Authentication
Video Title: Classic EIGRP Key Chain Operations
169 | P a g e Version 5.2C
Video Title: EIGRP Summarization (Classic)
Video Title: EIGRP Stub Routing
Video Title: EIGRP Stub Routing with Leak Maps
Topology Details
Logically connect and configure your network as displayed in the drawing below. You may also refer to the diagram located within your configuration files for topology information.
The topology used in the lab will be the following: