1.1.2 Lab – Troubleshoot IPv4 and IPv6 Addressing Issues Answers

Lab – Troubleshoot IPv4 and IPv6 Addressing Issues (Answers Version)

Answers Note: Red font color or gray highlights indicate text that appears in the instructor copy only.

Topology

This topology uses 2 routers, 1 switch, and 2 PCs. PC1 is connected to D1 G1/0/23. PC2 is connected to D1 G1/0/24. D1 G1/0/11 is connected to R1 G0/0/1. R1 G0/0/0 is connected to R2 G0/0/0.

Addressing Table

Device

Interface

IPv4 Address/Mask

IPv6 Address/Prefix

IPv6 Link Local

R1

G0/0/0

10.10.20.1/24

2001:db8:a:b::1/64

fe80::1:1

R1

G0/0/1

10.10.10.1/24

2001:db8:a:a::1/64

fe80::1:2

R1

Lo0

209.165.200.225/29

2001:db8:a:c::1/64

fe80::1:3

R2

G0/0/0

10.10.20.254/24

2001:db8:a:b::1/64

fe80::2:1

D1

VLAN 10

10.10.10.2/24

2001:db8:a:a::2/64

fe80::d1:1

PC1

NIC

DHCP

SLAAC

EUI-64

PC2

NIC

DHCP

SLAAC

EUI-64

Objectives

Troubleshoot network issues related to IPv4 and IPv6 Addressing.

Background / Scenario

In this topology, router R1 provides connectivity to a simulated internet for VLAN 10. R2 serves as a DHCP server. Switch D1 provides connectivity for VLAN 10. You will be loading configurations with intentional errors onto the network. Your tasks are to FIND the error(s), document your findings and the command(s) or method(s) used to fix them. FIX the issue(s) presented here and then test the network to ensure both of the following conditions are met:

1)the complaint received in the ticket is resolved

2)full reachability is restored

Note: The routers used with CCNP hands-on labs are Cisco 4221 with Cisco IOS XE Release 16.9.4 (universalk9 image). The switches used in the labs are Cisco Catalyst 3650 with Cisco IOS XE Release 16.9.4 (universalk9 image). Other routers, switches, and Cisco IOS versions can be used. Depending on the model and Cisco IOS version, the commands available and the output produced might vary from what is shown in the labs. Refer to the Router Interface Summary Table at the end of the lab for the correct interface identifiers.

Note: Make sure that the switches have been erased and have no startup configurations. If you are unsure, contact your instructor.

Answers Note: Refer to the Answers Lab Manual for the procedures to initialize and reload devices.

Required Resources

  • 2 Routers (Cisco 4221 with Cisco IOS XE Release 16.9.4 universal image or comparable)
  • 1 Switch (Cisco 3560 with Cisco IOS XE Release 16.9.4 universal image or comparable)
  • 2 PCs (Choice of operating system with terminal emulation program installed)
  • Console cables to configure the Cisco IOS devices via the console ports
  • Ethernet cables as shown in the topology

Instructions

Part 1:Trouble Ticket 1.1.2.1

Scenario:

PC1 is unable to access resources on web server 209.165.200.225.

Use the commands listed below to load the configuration files for this trouble ticket:

Answers Note: Commands for uploading the configuration are provided at the end of this document.

Device

Command

R1

copy flash:/enarsi/1.1.2.1-r1-config.txt run

R2

copy flash:/enarsi/1.1.2.1-r2-config.txt run

D1

copy flash:/enarsi/1.1.2.1-d1-config.txt run

  • PC1 and PC2 should be configured for and receive an address from an IPv4 DHCP server.
  • Passwords on all devices are cisco12345. If a username is required, use admin.
  • When you have fixed the ticket, change the MOTD on EACH DEVICE using the following command:

banner motd # This is $(hostname) FIXED from ticket <ticket number> #

  • Then save the configuration by issuing the wri command (on each device).
  • Inform your instructor that you are ready for the next ticket.
  • After the instructor approves your solution for this ticket, issue the reset.now privileged EXEC command. This script will clear your configurations and reload the devices.

Answers Notes:

This trouble ticket contains 1 intentional error. The default-router command on the DHCP server is assigning the wrong default-gateway address.

The commands used to fix these errors should be:

R2(config)# ip dhcp pool LAN4_10

R2(config-router)# no default-router 10.10.20.254

R2(config-router)# default-router 10.10.10.1

R2(config-router)# end

Part 2:Trouble Ticket 1.1.2.2

Scenario:

PC1 and PC2 are unable to lease IPv4 addresses from the DHCP server.

Use the commands listed below to load the configuration files for this trouble ticket:

Answers Note: Commands for creating these files are at the end of this document.

Device

Command

R1

copy flash:/enarsi/1.1.2.2-r1-config.txt run

R2

copy flash:/enarsi/1.1.2.2-r2-config.txt run

D1

copy flash:/enarsi/1.1.2.2-d1-config.txt run

  • PC1 and PC2 should be configured for and receive an address from an IPv4 DHCP server.
  • Passwords on all devices are cisco12345. If a username is required, use admin.
  • When you have fixed the ticket, change the MOTD on EACH DEVICE using the following command:

banner motd # This is $(hostname) FIXED from ticket <ticket number> #

  • Then save the configuration by issuing the wri command (on each device).
  • Inform your instructor that you are ready for the next ticket.
  • After the instructor approves your solution for this ticket, issue the reset.now privileged EXEC command. This script will clear your configurations and reload the devices.

Answers Notes:

This trouble ticket contains 1 intentional error. The ip helper-address command has been configured on the wrong interface on R1.

The commands used to fix these errors should be:

R1(config)# interface g0/0/0

R1(config-if)# no ip helper-address 10.10.20.254

R1(config-if)# exit

R1(config)# interface g0/0/1

R1(config-if)# ip helper-address 10.10.20.254

R1(config-if)# end

Part 3:Trouble Ticket 1.1.2.3

Scenario:

PC1 and PC2 are unable to resolve IPv6 addresses to hostnames. Upon investigation, it appears that they are not receiving DNS server information from the DHCPv6 server.

Use the commands listed below to load the configuration files for this trouble ticket:

Answers Note: Commands for creating these files are at the end of this document.

Device

Command

R1

copy flash:/enarsi/1.1.2.3-r1-config.txt run

R2

copy flash:/enarsi/1.1.2.3-r2-config.txt run

D1

copy flash:/enarsi/1.1.2.3-d1-config.txt run

  • PC1 and PC2 should be configured to assign an address via SLAAC.
  • Passwords on all devices are cisco12345. If a username is required, use admin.
  • When you have fixed the ticket, change the MOTD on EACH DEVICE using the following command:

banner motd # This is $(hostname) FIXED from ticket <ticket number> #

  • Then save the configuration by issuing the wri command (on each device).
  • Inform your instructor that you are ready for the next ticket.
  • After the instructor approves your solution for this ticket, issue the reset.now privileged EXEC command. This script will clear your configurations and reload the devices.

Answers Notes:

This trouble ticket contains 1 intentional error. The ipv6 nd other-config-flag command is not present in the R1 configuration.

R1(config)# interface g0/0/1

R1(config-if)# ipv6 nd other-config-flag

R1(config-if)# end

Router Interface Summary Table

Router Model

Ethernet Interface #1

Ethernet Interface #2

Serial Interface #1

Serial Interface #2

1800

Fast Ethernet 0/0 (F0/0)

Fast Ethernet 0/1 (F0/1)

Serial 0/0/0 (S0/0/0)

Serial 0/0/1 (S0/0/1)

1900

Gigabit Ethernet 0/0 (G0/0)

Gigabit Ethernet 0/1 (G0/1)

Serial 0/0/0 (S0/0/0)

Serial 0/0/1 (S0/0/1)

2801

Fast Ethernet 0/0 (F0/0)

Fast Ethernet 0/1 (F0/1)

Serial 0/1/0 (S0/1/0)

Serial 0/1/1 (S0/1/1)

2811

Fast Ethernet 0/0 (F0/0)

Fast Ethernet 0/1 (F0/1)

Serial 0/0/0 (S0/0/0)

Serial 0/0/1 (S0/0/1)

2900

Gigabit Ethernet 0/0 (G0/0)

Gigabit Ethernet 0/1 (G0/1)

Serial 0/0/0 (S0/0/0)

Serial 0/0/1 (S0/0/1)

4221

Gigabit Ethernet 0/0/0 (G0/0/0)

Gigabit Ethernet 0/0/1 (G0/0/1)

Serial 0/1/0 (S0/1/0)

Serial 0/1/1 (S0/1/1)

4300

Gigabit Ethernet 0/0/0 (G0/0/0)

Gigabit Ethernet 0/0/1 (G0/0/1)

Serial 0/1/0 (S0/1/0)

Serial 0/1/1 (S0/1/1)

Note: To find out how the router is configured, look at the interfaces to identify the type of router and how many interfaces the router has. There is no way to effectively list all the combinations of configurations for each router class. This table includes identifiers for the possible combinations of Ethernet and Serial interfaces in the device. The table does not include any other type of interface, even though a specific router may contain one. An example of this might be an ISDN BRI interface. The string in parenthesis is the legal abbreviation that can be used in Cisco IOS commands to represent the interface.

End of document

Uploading Configuration Files

Use the commands below to create the configuration files on the lab devices for each trouble ticket in this lab. The TCL script commands help create and copy the configurations. However, the configuration commands could also be copied and pasted directly into global config mode on each device. Simply remove the TCL script commands, enter the enable and configure t commands on the device, and copy and paste the configuration commands.

Important: The device requires a folder in flash named enarsi. Use the dir command to verify. If the folder is missing, then create it using the mkdir flash:/enarsi privileged EXEC command. For all switches, make sure the vlan.dat file is set to the default. Use the delete vlan.dat privileged EXEC command, if necessary.

Reset scripts

These TCL scripts will completely clear and reload the device in preparation for the next ticket. Copy and paste the appropriate script to the appropriate device.

Router Reset Script

tclsh

puts [ open “flash:/enarsi/reset.tcl” w+ ] {

typeahead “\n”

copy running-config startup-config

typeahead “\n”

erase startup-config

puts “Reloading the router”

typeahead “\n”

reload

}

tclquit

D1/D2 (Cisco 3650) Reset Script – The default 3650 SDM template supports IPv6, so it is not set by this script.

tclsh

puts [ open “flash:/enarsi/reset.tcl” w+ ] {

typeahead “\n”

copy running-config startup-config

typeahead “\n”

erase startup-config

delete /force vlan.dat

puts “Reloading the switch”

typeahead “\n”

reload

}

tclquit

A1 (Cisco 2960 Script) – The default 2960 SDM template does not support IPv6, so this script includes that setting.

tclsh

puts [ open “flash:/enarsi/reset.tcl” w+ ] {

typeahead “\n”

copy running-config startup-config

typeahead “\n”

erase startup-config

delete /force vlan.dat

delete /force multiple-fs

ios_configsdm prefer lanbase-routing”

typeahead “\n”

puts “Reloading the switch”

typeahead “\n”

reload

}

tclquit

R1 Configuration File Scripts

!R1 – Trouble Ticket # 1

tclsh

puts [ open “flash:/enarsi/1.1.2.1-r1-config.txt” w+ ] {

hostname R1

banner motd # This is R1, Trouble Ticket 1.1.2.1 #

enable secret cisco12345

username admin privilege 15 algorithm-type scrypt secret cisco12345

ipv6 unicast-routing

interface g0/0/0

ip address 10.10.20.1 255.255.255.0

ipv6 address fe80::1:1 link-local

ipv6 address 2001:db8:a:b::1/64

no shutdown

exit

interface g0/0/1

ip address 10.10.10.1 255.255.255.0

ipv6 address fe80::1:2 link-local

ipv6 address 2001:db8:a:a::1/64

ipv6 nd other-config-flag

ip helper-address 10.10.20.254

ipv6 dhcp relay destination 2001:db8:a:b::2

no shutdown

exit

interface loopback0

ip address 209.165.200.225 255.255.255.248

ipv6 address fe80::1:3 link-local

ipv6 address 2001:db8:a:c::1/64

no shutdown

exit

ip route 0.0.0.0 0.0.0.0 loopback0

ipv6 route ::/0 loopback0

line con 0

exec-timeout 0 0

logging synchronous

exit

line vty 0 4

login local

transport input telnet

exit

alias exec reset.now tclsh flash:/enarsi/reset.tcl

end

}

tclquit

!R1 – Trouble Ticket # 2

tclsh

puts [ open “flash:/enarsi/1.1.2.2-r1-config.txt” w+ ] {

hostname R1

banner motd # This is R1, Trouble Ticket 1.1.2.2 #

enable secret cisco12345

username admin privilege 15 algorithm-type scrypt secret cisco12345

ipv6 unicast-routing

interface g0/0/0

ip address 10.10.20.1 255.255.255.0

ipv6 address fe80::1:1 link-local

ipv6 address 2001:db8:a:b::1/64

ip helper-address 10.10.20.254

no shutdown

exit

interface g0/0/1

ip address 10.10.10.1 255.255.255.0

ipv6 address fe80::1:2 link-local

ipv6 address 2001:db8:a:a::1/64

ipv6 nd other-config-flag

ipv6 dhcp relay destination 2001:db8:a:b::2

no shutdown

exit

interface loopback0

ip address 209.165.200.225 255.255.255.248

ipv6 address fe80::1:3 link-local

ipv6 address 2001:db8:a:c::1/64

no shutdown

exit

ip route 0.0.0.0 0.0.0.0 loopback0

ipv6 route ::/0 loopback0

line con 0

exec-timeout 0 0

logging synchronous

exit

line vty 0 4

login local

transport input telnet

exit

alias exec reset.now tclsh flash:/enarsi/reset.tcl

end

}

tclquit

!R1 – Trouble Ticket # 3

tclsh

puts [ open “flash:/enarsi/1.1.2.3-r1-config.txt” w+ ] {

hostname R1

banner motd # This is R1, Trouble Ticket 1.1.2.3 #

enable secret cisco12345

username admin privilege 15 algorithm-type scrypt secret cisco12345

ipv6 unicast-routing

interface g0/0/0

ip address 10.10.20.1 255.255.255.0

ipv6 address fe80::1:1 link-local

ipv6 address 2001:db8:a:b::1/64

no shutdown

exit

interface g0/0/1

ip address 10.10.10.1 255.255.255.0

ip helper-address 10.10.20.254

ipv6 address fe80::1:2 link-local

ipv6 address 2001:db8:a:a::1/64

ipv6 dhcp relay destination 2001:db8:a:b::2

no shutdown

exit

interface loopback0

ip address 209.165.200.225 255.255.255.248

ipv6 address fe80::1:3 link-local

ipv6 address 2001:db8:a:c::1/64

no shutdown

exit

ip route 0.0.0.0 0.0.0.0 loopback0

ipv6 route ::/0 loopback0

line con 0

exec-timeout 0 0

logging synchronous

exit

line vty 0 4

login local

transport input telnet

exit

alias exec reset.now tclsh flash:/enarsi/reset.tcl

end

}

tclquit

R2 Configuration File Scripts

!R2 – Trouble Ticket # 1

tclsh

puts [ open “flash:/enarsi/1.1.2.1-r2-config.txt” w+ ] {

hostname R2

banner motd # This is R2, Trouble Ticket 1.1.2.1 #

enable secret cisco12345

username admin privilege 15 algorithm-type scrypt secret cisco12345

ipv6 unicastrouting

ip dhcp excluded-address 10.10.10.1 10.10.10.100

ip dhcp pool LAN4_10

network 10.10.10.0 255.255.255.0

default-router 10.10.10.254

domain-name ccnp4lab.com

dns-server 10.10.20.254

exit

ipv6 dhcp pool LAN6_A

dns-server 2001:db8:a:b::1

domain-name ccnp6lab.om

exit

interface g0/0/0

ip address 10.10.20.254 255.255.255.0

ipv6 address fe80::2:1 link-local

ipv6 address 2001:db8:a:b::2/64

ipv6 dhcp server LAN6_A

no shutdown

exit

ip route 0.0.0.0 0.0.0.0 10.10.20.1

ipv6 route ::/0 2001:db8:a:b::1

line con 0

exec-timeout 0 0

logging synchronous

exit

line vty 0 4

login local

transport input telnet

exit

alias exec reset.now tclsh flash:/enarsi/reset.tcl

end

}

tclquit

!R2 – Trouble Ticket # 2

tclsh

puts [ open “flash:/enarsi/1.1.2.2-r2-config.txt” w+ ] {

hostname R2

banner motd # This is R2, Trouble Ticket 1.1.2.2 #

enable secret cisco12345

username admin privilege 15 algorithm-type scrypt secret cisco12345

ipv6 unicastrouting

ip dhcp excluded-address 10.10.10.1 10.10.10.100

ip dhcp pool LAN4_10

network 10.10.10.0 255.255.255.0

default-router 10.10.10.1

domain-name ccnp4lab.com

dns-server 10.10.20.1

exit

ipv6 dhcp pool LAN6_A

dns-server 2001:db8:a:b::1

domain-name ccnp6lab.om

exit

interface g0/0/0

ip address 10.10.20.254 255.255.255.0

ipv6 address fe80::2:1 link-local

ipv6 address 2001:db8:a:b::2/64

ipv6 dhcp server LAN6_A

no shutdown

exit

ip route 0.0.0.0 0.0.0.0 10.10.20.1

ipv6 route ::/0 2001:db8:a:b::1

line con 0

exec-timeout 0 0

logging synchronous

exit

line vty 0 4

login local

transport input telnet

exit

alias exec reset.now tclsh flash:/enarsi/reset.tcl

end

}

tclquit

!R2 – Trouble Ticket # 3

tclsh

puts [ open “flash:/enarsi/1.1.2.3-r2-config.txt” w+ ] {

hostname R2

banner motd # This is R2, Trouble Ticket 1.1.2.3 #

enable secret cisco12345

username admin privilege 15 algorithm-type scrypt secret cisco12345

ipv6 unicastrouting

ip dhcp excluded-address 10.10.10.1 10.10.10.100

ip dhcp pool LAN4_10

network 10.10.10.0 255.255.255.0

default-router 10.10.10.1

domain-name ccnp4lab.com

dns-server 10.10.20.1

exit

ipv6 dhcp pool LAN6_A

dns-server 2001:db8:a:b::1

domain-name ccnp6lab.om

exit

interface g0/0/0

ip address 10.10.20.254 255.255.255.0

ipv6 address fe80::2:1 link-local

ipv6 address 2001:db8:a:b::2/64

ipv6 dhcp server LAN6_A

no shutdown

exit

ip route 0.0.0.0 0.0.0.0 10.10.20.1

ipv6 route ::/0 2001:db8:a:b::1

line con 0

exec-timeout 0 0

logging synchronous

exit

line vty 0 4

login local

transport input telnet

exit

alias exec reset.now tclsh flash:/enarsi/reset.tcl

end

}

tclquit

R3 Configuration File Scripts – Not Used in This Lab

D1 Configuration File Scripts

!D1 – Trouble Ticket # 1

tclsh

puts [ open “flash:/enarsi/1.1.2.1-d1-config.txt” w+ ] {

hostname D1

banner motd # This is D1, Trouble Ticket 1.1.2.1 #

enable secret cisco12345

username admin privilege 15 algorithm-type scrypt secret cisco12345

interface range g1/0/1 – 24

switchport mode access

shutdown

exit

interface g1/0/11

switchport mode access

switchport access vlan 10

no shutdown

exit

interface range g1/0/23-24

switchport mode access

switchport access vlan 10

no shutdown

exit

interface vlan 10

ip address 10.10.10.2 255.255.255.0

no shutdown

exit

ip default-gateway 10.10.10.1

line con 0

exec-timeout 0 0

logging synchronous

exit

alias exec reset.now tclsh flash:/enarsi/reset.tcl

end

}

tclquit

!D1 – Trouble Ticket # 2

tclsh

puts [ open “flash:/enarsi/1.1.2.2-d1-config.txt” w+ ] {

hostname D1

banner motd # This is D1, Trouble Ticket 1.1.2.2 #

enable secret cisco12345

username admin privilege 15 algorithm-type scrypt secret cisco12345

interface range g1/0/1 – 24

switchport mode access

shutdown

exit

interface g1/0/11

switchport mode access

switchport access vlan 10

no shutdown

exit

interface range g1/0/23-24

switchport mode access

switchport access vlan 10

no shutdown

exit

interface vlan 10

ip address 10.10.10.2 255.255.255.0

no shutdown

exit

ip default-gateway 10.10.10.1

line con 0

exec-timeout 0 0

logging synchronous

exit

alias exec reset.now tclsh flash:/enarsi/reset.tcl

end

}

tclquit

!D1 – Trouble Ticket # 3

tclsh

puts [ open “flash:/enarsi/1.1.2.3-d1-config.txt” w+ ] {

hostname D1

banner motd # This is D1, Trouble Ticket 1.1.2.3 #

enable secret cisco12345

username admin privilege 15 algorithm-type scrypt secret cisco12345

interface range g1/0/1 – 24

switchport mode access

shutdown

exit

interface g1/0/11

switchport mode access

switchport access vlan 10

no shutdown

exit

interface range g1/0/23-24

switchport mode access

switchport access vlan 10

no shutdown

exit

interface vlan 10

ip address 10.10.10.2 255.255.255.0

no shutdown

exit

ip default-gateway 10.10.10.1

line con 0

exec-timeout 0 0

logging synchronous

exit

alias exec reset.now tclsh flash:/enarsi/reset.tcl

end

}

tclquit

D2 Configuration File Scripts – Not Used in This Lab

A1 Confgiuration Fiel Scripts – Not Used in This Lab