21.1.4 Lab – Troubleshoot Prefix Lists Answers
Lab – Troubleshoot Prefix Lists (Answers Version)
Answers Note: Red font color or gray highlights indicate text that appears in the instructor copy only.
Topology
Addressing Table
|
Device |
Interface |
IPv4 Address/Prefix Length |
IPv6 Address/Prefix Length |
Link-Local Address |
|
R1 |
G0/0/1 |
192.0.0.1/24 |
2001:db8:acad:192::1/64 |
fe80::1:1 |
|
R1 |
S0/1/0 |
209.165.240.1/28 |
2001:db8:acad:2000::1/64 |
fe80::1:2 |
|
R1 |
S0/1/1 |
209.165.241.1/28 |
2001:db8:acad:2001::1/64 |
fe80::1:3 |
|
R1 |
Loopback 0 |
209.165.200.226/32 |
2001:db8:acad:226::1/64 |
fe80::1:4 |
|
R3 |
G0/0/1 |
10.0.0.1/24 |
2001:db8:acad:10::1/64 |
fe80::3:1 |
|
R3 |
S0/1/0 |
209.165.240.2/28 |
2001:db8:acad:2000::2/64 |
fe80::3:2 |
|
R3 |
S0/1/1 |
209.165.241.2/28 |
2001:db8:acad:2001::/2/64 |
fe80::3:3 |
|
R3 |
Loopback 0 |
209.165.200.227/32 |
2001:db8:acad:227::1/65 |
fe80::3:4 |
|
R3 |
Loopback 1 |
209.165.227.1/32 |
N/A |
N/A |
|
D1 |
G1/0/11 |
192.0.0.2/24 |
2001:db8:acad:192::2/64 |
fe80::d1:1 |
|
D1 |
VLAN 11 |
192.0.11.1/24 |
2001:db8:acad:224::1/64 |
fe80::d1:2 |
|
D1 |
VLAN 12 |
192.0.12.1/24 |
2001:db8:acad:225::1/64 |
fe80::d1:3 |
|
D2 |
G1/0/11 |
10.0.0.2/24 |
2001:db8:acad:10::2/64 |
fe80::d2:1 |
|
D2 |
VLAN 16 |
10.0.16.1/24 |
2001:db8:acad:16::1/64 |
fe80::d2:2 |
|
D2 |
VLAN 27 |
10.0.27.1/24 |
2001:db8:acad:27::1/64 |
fe80::d2:3 |
Objectives
Troubleshoot network issues related to the configuration and operation of prefix lists.
Background / Scenario
In this topology, R1 and R3 are multi-hop MP-BGP neighbors, with an established adjacency using both IPv4 and IPv6. R1 and D1 have an OSPFv3 adjacency, and D1 is providing interVLAN routing. R3 and D2 have a Named-EIGPR adjacency, and D1 is providing InterVLAN routing. R3 is performing NAT for all networks in BGP AS 41, overloading onto the IPv4 address of Loopback 0. You will be loading configurations with intentional errors onto the network. Your tasks are to FIND the error(s), document your findings and the command(s) or method(s) used to fix them, FIX the issue(s) presented here, and then test the network to ensure both of the following conditions are met:
1)the complaint received in the ticket is resolved
2)full reachability is restored
Note: The routers used with CCNP hands-on labs are Cisco 4221 with Cisco IOS XE Release 16.9.4 (universalk9 image). The switches used in the labs are Cisco Catalyst 3650 with Cisco IOS XE Release 16.9.4 (universalk9 image). Other routers, switches, and Cisco IOS versions can be used. Depending on the model and Cisco IOS version, the commands available and the output produced might vary from what is shown in the labs. Refer to the Router Interface Summary Table at the end of the lab for the correct interface identifiers.
Note: Make sure that the devices have been erased and have no startup configurations. If you are unsure, contact your instructor.
Answers Note: Refer to the Answers Lab Manual for the procedures to initialize and reload devices.
Required Resources
- 2 Routers (Cisco 4221 with Cisco IOS XE Release 16.9.4 universal image or comparable)
- 2 Switches (Cisco 3560 with Cisco IOS XE Release 16.9.4 universal image or comparable)
- 4 PCs (With terminal emulation program, such as Tera Term)
- Console cables to configure the Cisco IOS devices via the console ports
- Ethernet and serial cables as shown in the topology
Part 1:Trouble Ticket 21.1.4.1
Scenario:
You are the senior network engineer for BGP AS 41. Budget cuts have taken a toll on your network. Therefore, Switch D2 is not the most robust system available, even though it performs a critical function in the network. You tasked the night shift to reduce the amount of information switch D2 has to deal with. You have come in to work to find that, although the D2 routing table is now very small, your network is unable to communicate with networks in BGP AS 15. You have to get this fixed!
Use the commands listed below to load the configuration files for this trouble ticket:
Answers Note: Commands for uploading the configuration are provided at the end of this document.
|
Device |
Command |
|
R1 |
copy flash:/enarsi/21.1.4.1-r1-config.txt run |
|
R3 |
copy flash:/enarsi/21.1.4.1-r3-config.txt run |
|
D1 |
copy flash:/enarsi/21.1.4.1-d1-config.txt run |
|
D2 |
copy flash:/enarsi/21.1.4.1-d2-config.txt run |
- PCs 1, 2, 3, and 4 should be configured to receive dynamically assigned addresses (both IPv4 and IPv6).
- Passwords on all devices are cisco12345. If a username is required, use admin.
- After you have fixed the ticket, change the MOTD on EACH DEVICE using the following command:
banner motd # This is $(hostname) FIXED from ticket <ticket number> #
- Then save the configuration by issuing the wri command (on each device).
- Inform your instructor that you are ready for the next ticket.
- After the instructor approves your solution for this ticket, issue the privileged EXEC command reset.now. This script will clear your configurations and reload the devices.
Answers Notes:
This trouble ticket contains one intentional error, repeated in two places. The prefix lists that the night shift developed only allow for the next hop address into BGP AS 15 to appear in the EIGRP 1 routing tables. The prefix lists should have allowed just the default route.
The commands used to fix these errors should be:
R3(config)# no ip prefix-list ROUTE-CONTROL4 permit 209.165.200.226/32
R3(config)# no ipv6 prefix-list ROUTE-CONTROL6 permit 2001:db8:acad:226::/64
R3(config)# ip prefix-list ROUTE-CONTROL4 permit 0.0.0.0/0
R3(config)# ipv6 prefix-list ROUTE-CONTROL6 permit ::/0
R3(config)# end
Part 2:Trouble Ticket 21.1.4.2
Scenario:
You are the senior network engineer for BGP AS 41. After careful review of bandwidth utilization on the two links between AS 15 and AS 41, you have suggested to management that some adjustments be put in place to equalize the utilization of the two circuits. Specifically, you want to cause IPv6 traffic to use the S0/1/1 link. Management was so pleased with the suggestion that you were told to forgo the normal change control procedures and get this implemented as soon as possible. Just as you were starting to plan the changes, you were called away to an urgent budget meeting. You left your second-in-charge with the task to develop and implement the solution. When you returned, you found that things were not working in the way you had stipulated.
Use the commands listed below to load the configuration files for this trouble ticket:
Answers Note: Commands for uploading the configuration are provided at the end of this document.
|
Device |
Command |
|
R1 |
copy flash:/enarsi/21.1.4.2-r1-config.txt run |
|
R3 |
copy flash:/enarsi/21.1.4.2-r3-config.txt run |
|
D1 |
copy flash:/enarsi/21.1.4.2-d1-config.txt run |
|
D2 |
copy flash:/enarsi/21.1.4.2-d2-config.txt run |
- PCs 1, 2, 3, and 4 should be configured to receive dynamically assigned addresses (both IPv4 and IPv6.)
- Passwords on all devices are cisco12345. If a username is required, use admin.
- After you have fixed the ticket, change the MOTD on EACH DEVICE using the following command:
banner motd # This is $(hostname) FIXED from ticket <ticket number> #
- Then save the configuration by issuing the wri command (on each device).
- Inform your instructor that you are ready for the next ticket.
- After the instructor approves your solution for this ticket, issue the privileged EXEC command reset.now. This script will clear your configurations and reload the devices.
Answers Notes:
This trouble ticket contains one intentional error. The prefix list used in the route maps to apply local preference are incorrectly written, causing no traffic to match the prefix list, and therefore no policy to be applied.
The commands used to fix these errors should be:
R3(config)# no ipv6 prefix-list EVEN-NETWORK-6 permit 2001:db8:acad:224::/63
R3(config)# ipv6 prefix-list EVEN-NETWORK-6 sequence 5 permit 2001:db8:acad:224::/64
R3(config)# ipv6 prefix-list EVEN-NETWORK-6 sequence 10 permit 2001:db8:acad:225::/64
R3(config)# end
Router Interface Summary Table
|
Router Model |
Ethernet Interface #1 |
Ethernet Interface #2 |
Serial Interface #1 |
Serial Interface #2 |
|
1800 |
Fast Ethernet 0/0 (F0/0) |
Fast Ethernet 0/1 (F0/1) |
Serial 0/0/0 (S0/0/0) |
Serial 0/0/1 (S0/0/1) |
|
1900 |
Gigabit Ethernet 0/0 (G0/0) |
Gigabit Ethernet 0/1 (G0/1) |
Serial 0/0/0 (S0/0/0) |
Serial 0/0/1 (S0/0/1) |
|
2801 |
Fast Ethernet 0/0 (F0/0) |
Fast Ethernet 0/1 (F0/1) |
Serial 0/1/0 (S0/1/0) |
Serial 0/1/1 (S0/1/1) |
|
2811 |
Fast Ethernet 0/0 (F0/0) |
Fast Ethernet 0/1 (F0/1) |
Serial 0/0/0 (S0/0/0) |
Serial 0/0/1 (S0/0/1) |
|
2900 |
Gigabit Ethernet 0/0 (G0/0) |
Gigabit Ethernet 0/1 (G0/1) |
Serial 0/0/0 (S0/0/0) |
Serial 0/0/1 (S0/0/1) |
|
4221 |
Gigabit Ethernet 0/0/0 (G0/0/0) |
Gigabit Ethernet 0/0/1 (G0/0/1) |
Serial 0/1/0 (S0/1/0) |
Serial 0/1/1 (S0/1/1) |
|
4300 |
Gigabit Ethernet 0/0/0 (G0/0/0) |
Gigabit Ethernet 0/0/1 (G0/0/1) |
Serial 0/1/0 (S0/1/0) |
Serial 0/1/1 (S0/1/1) |
Note: To find out how the router is configured, look at the interfaces to identify the type of router and how many interfaces the router has. There is no way to effectively list all the combinations of configurations for each router class. This table includes identifiers for the possible combinations of Ethernet and Serial interfaces in the device. The table does not include any other type of interface, even though a specific router may contain one. An example of this might be an ISDN BRI interface. The string in parenthesis is the legal abbreviation that can be used in Cisco IOS commands to represent the interface.
End of document
Uploading Configuration Files
Use the commands below to create the configuration files for each trouble ticket in this lab on the lab devices. The TCL script commands help create and copy the configurations. However, the configuration commands could also be copied and pasted directly into global config mode on each device. Simply remove the TCL script commands, enter the enable and configure t commands on the device, and copy and paste the configuration commands.
Important: The device requires a folder in flash named enarsi. Use the dir command to verify. If the folder is missing, then create it using the mkdir flash:/enarsi privileged EXEC command. For all switches, make sure the vlan.dat file is set to the default. Use the delete vlan.dat privileged EXEC command, if necessary.
Reset scripts
These TCL scripts will completely clear and reload the device in preparation for the next ticket. Copy and paste the appropriate script to the appropriate device.
Router Reset Script
tclsh
puts [ open “flash:/enarsi/reset.tcl” w+ ] {
typeahead “\n”
copy running-config startup-config
typeahead “\n”
erase startup-config
puts “Reloading the router”
typeahead “\n”
reload
}
tclquit
D1/D2 (Cisco 3650) Reset Script – The default 3650 SDM template supports IPv6 by default, so it is not set by this script.
tclsh
puts [ open “flash:/enarsi/reset.tcl” w+ ] {
typeahead “\n”
copy running-config startup-config
typeahead “\n”
erase startup-config
delete /force vlan.dat
puts “Reloading the switch”
typeahead “\n”
reload
}
tclquit
A1 (Cisco 2960 Script) – The default 2960 SDM template does not support IPv6, so this script includes that setting.
tclsh
puts [ open “flash:reset.tcl” w+ ] {
typeahead “\n”
copy running-config startup-config
typeahead “\n”
erase startup-config
delete /force vlan.dat
delete /force multiple-fs
ios_config “sdm prefer lanbase-routing”
typeahead “\n”
puts “Reloading the switch in 1 minute, type reload cancel to halt”
typeahead “\n”
reload
}
tclquit
R1 Configuration File Scripts
! R1 – Trouble Ticket # 1
tclsh
puts [ open “flash:/enarsi/21.1.4.1-r1-config.txt” w+ ] {
hostname R1
no ip domain lookup
ipv6 unicast-routing
banner motd # This is R1, Trouble Ticket 21.1.4.1 #
enable secret cisco12345
username admin privilege 15 algorithm-type scrypt secret cisco12345
interface g0/0/1
ip address 192.0.0.1 255.255.255.0
ipv6 address fe80::1:1 link-local
ipv6 address 2001:db8:acad:192::1/64
no shutdown
exit
interface s0/1/0
ip address 209.165.240.1 255.255.255.240
ipv6 address fe80::1:2 link-local
ipv6 address 2001:db8:acad:2000::1/64
no shutdown
exit
interface s0/1/1
ip address 209.165.241.1 255.255.255.240
ipv6 address fe80::1:3 link-local
ipv6 address 2001:db8:acad:2001::1/64
no shutdown
exit
interface loopback 0
ip address 209.165.200.226 255.255.255.255
ipv6 address fe80::1:4 link-local
ipv6 address 2001:db8:acad:226::1/64
no shutdown
exit
ip route 209.165.200.227 255.255.255.255 209.165.240.2
ip route 209.165.200.227 255.255.255.255 209.165.241.2
ipv6 route 2001:db8:acad:227::1/64 s0/1/0 2001:db8:acad:2000::2
ipv6 route 2001:db8:acad:227::1/64 s0/1/1 2001:db8:acad:2001::2
router ospfv3 1
router-id 1.1.1.1
address-family ipv4 unicast
default-information originate always
exit
address-family ipv6 unicast
default-information originate always
exit
exit
router bgp 15
bgp router-id 1.1.1.1
neighbor 2001:db8:acad:2000::2 remote-as 41
neighbor 2001:db8:acad:2001::2 remote-as 41
neighbor 209.165.200.227 remote-as 41
neighbor 209.165.200.227 update-source loopback 0
neighbor 209.165.200.227 ebgp-multihop 3
address-family ipv4 unicast
neighbor 209.165.200.227 activate
no neighbor 2001:db8:acad:2000::2 activate
no neighbor 2001:db8:acad:2001::2 activate
network 192.0.0.0 mask 255.255.255.0
network 192.0.11.0 mask 255.255.255.0
network 192.0.12.0 mask 255.255.255.0
exit
address-family ipv6 unicast
no neighbor 209.165.200.227 activate
neighbor 2001:db8:acad:2000::2 activate
neighbor 2001:db8:acad:2001::2 activate
network 2001:db8:acad:224::/64
network 2001:db8:acad:225::/64
network 2001:db8:acad:192::/64
exit
exit
interface g0/0/1
ospfv3 1 ipv6 area 0
ospfv3 1 ipv4 area 0
exit
line con 0
logging synchronous
exec-timeout 0 0
exit
line vty 0 4
login local
transport input telnet
exec-timeout 5 0
exit
alias exec reset.now tclsh flash:/enarsi/reset.tcl
end
}
tclquit
! R1 – Trouble Ticket # 2
tclsh
puts [ open “flash:/enarsi/21.1.4.2-r1-config.txt” w+ ] {
hostname R1
no ip domain lookup
ipv6 unicast-routing
banner motd # This is R1, Trouble Ticket 21.1.4.2 #
enable secret cisco12345
username admin privilege 15 algorithm-type scrypt secret cisco12345
interface g0/0/1
ip address 192.0.0.1 255.255.255.0
ipv6 address fe80::1:1 link-local
ipv6 address 2001:db8:acad:192::1/64
no shutdown
exit
interface s0/1/0
ip address 209.165.240.1 255.255.255.240
ipv6 address fe80::1:2 link-local
ipv6 address 2001:db8:acad:2000::1/64
no shutdown
exit
interface s0/1/1
ip address 209.165.241.1 255.255.255.240
ipv6 address fe80::1:3 link-local
ipv6 address 2001:db8:acad:2001::1/64
no shutdown
exit
interface loopback 0
ip address 209.165.200.226 255.255.255.255
ipv6 address fe80::1:4 link-local
ipv6 address 2001:db8:acad:226::1/64
no shutdown
exit
ip route 209.165.200.227 255.255.255.255 209.165.240.2
ip route 209.165.200.227 255.255.255.255 209.165.241.2
ipv6 route 2001:db8:acad:227::1/64 s0/1/0 2001:db8:acad:2000::2
ipv6 route 2001:db8:acad:227::1/64 s0/1/1 2001:db8:acad:2001::2
router ospfv3 1
router-id 1.1.1.1
address-family ipv4 unicast
default-information originate always
exit
address-family ipv6 unicast
default-information originate always
exit
exit
router bgp 15
bgp router-id 1.1.1.1
neighbor 2001:db8:acad:2000::2 remote-as 41
neighbor 2001:db8:acad:2001::2 remote-as 41
neighbor 209.165.200.227 remote-as 41
neighbor 209.165.200.227 update-source loopback 0
neighbor 209.165.200.227 ebgp-multihop 3
address-family ipv4 unicast
neighbor 209.165.200.227 activate
no neighbor 2001:db8:acad:2000::2 activate
no neighbor 2001:db8:acad:2001::2 activate
network 192.0.0.0 mask 255.255.255.0
network 192.0.11.0 mask 255.255.255.0
network 192.0.12.0 mask 255.255.255.0
exit
address-family ipv6 unicast
no neighbor 209.165.200.227 activate
neighbor 2001:db8:acad:2000::2 activate
neighbor 2001:db8:acad:2001::2 activate
network 2001:db8:acad:224::/64
network 2001:db8:acad:225::/64
network 2001:db8:acad:192::/64
exit
exit
interface g0/0/1
ospfv3 1 ipv6 area 0
ospfv3 1 ipv4 area 0
exit
line con 0
logging synchronous
exec-timeout 0 0
exit
line vty 0 4
login local
transport input telnet
exec-timeout 5 0
exit
alias exec reset.now tclsh flash:/enarsi/reset.tcl
end
}
tclquit
R2 Configuration File Scripts – Not Used In This Lab
R3 Configuration File Scripts
! R3 – Trouble Ticket # 1
tclsh
puts [ open “flash:/enarsi/21.1.4.1-r3-config.txt” w+ ] {
hostname R3
no ip domain lookup
ipv6 unicast-routing
banner motd # This is R3, Trouble Ticket 21.1.4.1 #
enable secret cisco12345
username admin privilege 15 algorithm-type scrypt secret cisco12345
interface g0/0/1
no ipv6 address
no shutdown
exit
interface g0/0/1
ip address 10.0.0.1 255.255.255.0
ipv6 address fe80::3:1 link-local
ipv6 address 2001:db8:acad:10::1/64
no shutdown
exit
interface s0/1/0
ip address 209.165.240.2 255.255.255.240
ipv6 address fe80::3:3 link-local
ipv6 address 2001:db8:acad:2000::2/64
no shutdown
exit
interface s0/1/1
ip address 209.165.241.2 255.255.255.240
ipv6 address fe80::3:4 link-local
ipv6 address 2001:db8:acad:2001::2/64
no shutdown
exit
interface loopback 0
ip address 209.165.200.227 255.255.255.255
ipv6 address fe80::3:5 link-local
ipv6 address 2001:db8:acad:227::1/64
no shutdown
exit
interface loopback 1
ip address 209.165.227.1 255.255.255.255
no shutdown
exit
ip route 209.165.200.226 255.255.255.255 209.165.240.1
ip route 209.165.200.226 255.255.255.255 209.165.241.1
ip route 0.0.0.0 0.0.0.0 209.165.200.226
ipv6 route 2001:db8:acad:226::1/64 s0/1/0 2001:db8:acad:2000::1
ipv6 route 2001:db8:acad:226::1/64 s0/1/1 2001:db8:acad:2001::1
ipv6 route ::/0 2001:db8:acad:226::1
ip prefix-list ROUTE-CONTROL4 permit 209.165.200.226/32
ipv6 prefix-list ROUTE-CONTROL6 permit 2001:db8:acad:226::/64
router eigrp LAB2114
address-family ipv4 unicast autonomous-system 1
eigrp router-id 0.0.0.3
network 10.0.0.0 0.0.0.255
topology base
redistribute static
distribute-list prefix ROUTE-CONTROL4 out g0/0/1
exit
address-family ipv6 unicast autonomous-system 1
eigrp router-id 0.0.0.3
af-interface default
shutdown
exit
af-interface g0/0/1
no shutdown
no passive-interface
exit
topology base
redistribute static
distribute-list prefix ROUTE-CONTROL6 out g0/0/1
exit
ip access-list standard NAT-ELIGIBLE
permit 10.0.0.0 0.0.255.255
exit
ip nat inside source list NAT-ELIGIBLE interface loop 1 overload
interface g0/0/1
ip nat inside
exit
interface s0/1/0
ip nat outside
exit
interface s0/1/1
ip nat outside
exit
router bgp 41
bgp router-id 3.3.3.3
neighbor 2001:db8:acad:2000::1 remote-as 15
neighbor 2001:db8:acad:2001::1 remote-as 15
neighbor 209.165.200.226 remote-as 15
neighbor 209.165.200.226 update-source loopback 0
neighbor 209.165.200.226 ebgp-multihop 3
address-family ipv4 unicast
neighbor 209.165.200.226 activate
no neighbor 2001:db8:acad:2000::1 activate
no neighbor 2001:db8:acad:2001::1 activate
network 209.165.227.1 mask 255.255.255.255
exit
address-family ipv6 unicast
no neighbor 209.165.200.226 activate
neighbor 2001:db8:acad:2000::1 activate
neighbor 2001:db8:acad:2001::1 activate
network 2001:db8:acad:16::/64
network 2001:db8:acad:27::/64
exit
exit
line con 0
logging synchronous
exec-timeout 0 0
exit
line vty 0 4
login local
transport input telnet
exec-timeout 5 0
exit
alias exec reset.now tclsh flash:/enarsi/reset.tcl
end
}
tclquit
! R3 – Trouble Ticket # 2
tclsh
puts [ open “flash:/enarsi/21.1.4.2-r3-config.txt” w+ ] {
hostname R3
no ip domain lookup
ipv6 unicast-routing
banner motd # This is R3, Trouble Ticket 21.1.4.2 #
enable secret cisco12345
username admin privilege 15 algorithm-type scrypt secret cisco12345
interface g0/0/1
no ipv6 address
no shutdown
exit
interface g0/0/1
ip address 10.0.0.1 255.255.255.0
ipv6 address fe80::3:1 link-local
ipv6 address 2001:db8:acad:10::1/64
no shutdown
exit
interface s0/1/0
ip address 209.165.240.2 255.255.255.240
ipv6 address fe80::3:3 link-local
ipv6 address 2001:db8:acad:2000::2/64
no shutdown
exit
interface s0/1/1
ip address 209.165.241.2 255.255.255.240
ipv6 address fe80::3:4 link-local
ipv6 address 2001:db8:acad:2001::2/64
no shutdown
exit
interface loopback 0
ip address 209.165.200.227 255.255.255.255
ipv6 address fe80::3:5 link-local
ipv6 address 2001:db8:acad:227::1/64
no shutdown
exit
interface loopback 1
ip address 209.165.227.1 255.255.255.255
no shutdown
exit
ip route 209.165.200.226 255.255.255.255 209.165.240.1
ip route 209.165.200.226 255.255.255.255 209.165.241.1
ip route 0.0.0.0 0.0.0.0 209.165.200.226
ipv6 route 2001:db8:acad:226::1/64 s0/1/0 2001:db8:acad:2000::1
ipv6 route 2001:db8:acad:226::1/64 s0/1/1 2001:db8:acad:2001::1
ipv6 route ::/0 2001:db8:acad:226::1
ip prefix-list ROUTE-CONTROL4 permit 0.0.0.0/0
ipv6 prefix-list ROUTE-CONTROL6 permit ::/0
router eigrp LAB2114
address-family ipv4 unicast autonomous-system 1
eigrp router-id 0.0.0.3
network 10.0.0.0 0.0.0.255
topology base
redistribute static
distribute-list prefix ROUTE-CONTROL4 out g0/0/1
exit
address-family ipv6 unicast autonomous-system 1
eigrp router-id 0.0.0.3
af-interface default
shutdown
exit
af-interface g0/0/1
no shutdown
no passive-interface
exit
topology base
redistribute static
distribute-list prefix ROUTE-CONTROL6 out g0/0/1
exit
ip access-list standard NAT-ELIGIBLE
permit 10.0.0.0 0.0.255.255
exit
ip nat inside source list NAT-ELIGIBLE interface loop 1 overload
interface g0/0/1
ip nat inside
exit
interface s0/1/0
ip nat outside
exit
interface s0/1/1
ip nat outside
exit
ipv6 prefix-list EVEN-NETWORK-6 permit 2001:db8:acad:224::/63
route-map ROUTE-BALANCE6 permit 10
match ipv6 address prefix-list EVEN-NETWORK-6
set local-preference 200
exit
router bgp 41
bgp router-id 3.3.3.3
neighbor 2001:db8:acad:2000::1 remote-as 15
neighbor 2001:db8:acad:2001::1 remote-as 15
neighbor 209.165.200.226 remote-as 15
neighbor 209.165.200.226 update-source loopback 0
neighbor 209.165.200.226 ebgp-multihop 3
address-family ipv4 unicast
neighbor 209.165.200.226 activate
no neighbor 2001:db8:acad:2000::1 activate
no neighbor 2001:db8:acad:2001::1 activate
network 209.165.227.1 mask 255.255.255.255
exit
address-family ipv6 unicast
no neighbor 209.165.200.226 activate
neighbor 2001:db8:acad:2000::1 activate
neighbor 2001:db8:acad:2001::1 activate
neighbor 2001:db8:acad:2001::1 route-map ROUTE-BALANCE6 in
network 2001:db8:acad:16::/64
network 2001:db8:acad:27::/64
exit
exit
line con 0
logging synchronous
exec-timeout 0 0
exit
line vty 0 4
login local
transport input telnet
exec-timeout 5 0
exit
alias exec reset.now tclsh flash:/enarsi/reset.tcl
end
}
tclquit
D1 Configuration File Scripts
! D1 – Trouble Ticket # 1
tclsh
puts [ open “flash:/enarsi/21.1.4.1-d1-config.txt” w+ ] {
hostname D1
no ip domain lookup
ip routing
ipv6 unicast-routing
banner motd # This is D1, Trouble Ticket 21.1.4.1#
enable secret cisco12345
username admin privilege 15 algorithm-type scrypt secret cisco12345
interface range g1/0/1-24
switchport mode access
shutdown
exit
interface g1/0/11
no switchport
ip address 192.0.0.2 255.255.255.0
ipv6 address fe80::d1:1 link-local
ipv6 address 2001:db8:acad:192::2/64
no shutdown
exit
interface vlan 11
ip address 192.0.11.1 255.255.255.0
ipv6 address fe80::d1:2 link-local
ipv6 address 2001:db8:acad:224::1/64
no shutdown
exit
interface vlan 12
ip address 192.0.12.1 255.255.255.0
ipv6 address fe80::d1:3 link-local
ipv6 address 2001:db8:acad:225::1/64
no shutdown
exit
interface g1/0/23
switchport mode access
switchport access vlan 11
spanning-tree portfast
no shutdown
exit
interface g1/0/24
switchport mode access
switchport access vlan 12
spanning-tree portfast
no shutdown
exit
router ospfv3 1
router-id 0.0.13.1
address-family ipv4 unicast
passive-interface vlan 11
passive-interface vlan 12
address-family ipv6 unicast
passive-interface vlan 11
passive-interface vlan 12
exit
exit
interface g1/0/11
ospfv3 1 ipv6 area 0
ospfv3 1 ipv4 area 0
exit
interface vlan 11
ospfv3 1 ipv6 area 0
ospfv3 1 ipv4 area 0
exit
interface vlan 12
ospfv3 1 ipv6 area 0
ospfv3 1 ipv4 area 0
exit
ip dhcp excluded-address 192.0.11.1 192.0.11.5
ip dhcp excluded-address 192.0.12.1 192.0.12.5
ip dhcp pool VLAN11DHCP
network 192.0.11.0 255.255.255.0
default-router 192.0.11.1
exit
ip dhcp pool VLAN12DHCP
network 192.0.12.0 255.255.255.0
default-router 192.0.12.1
exit
ipv6 dhcp pool VLAN11DHCP6
address prefix 2001:db8:acad:224::/64
exit
ipv6 dhcp pool VLAN12DHCP6
address prefix 2001:db8:acad:225::/64
exit
interface vlan 11
ipv6 nd prefix 2001:db8:acad:224::/64 no-autoconfig
ipv6 nd managed-config-flag
ipv6 dhcp server VLAN11DHCP6
exit
interface vlan 12
ipv6 nd prefix 2001:db8:acad:225::/64 no-autoconfig
ipv6 nd managed-config-flag
ipv6 dhcp server VLAN12DHCP6
exit
line con 0
logging synchronous
exec-timeout 0 0
exit
line vty 0 4
login local
transport input telnet
exec-timeout 5 0
exit
alias exec reset.now tclsh flash:/enarsi/reset.tcl
end
}
tclquit
! D1– Trouble Ticket # 2
tclsh
puts [ open “flash:/enarsi/21.1.4.2-d1-config.txt” w+ ] {
hostname D1
no ip domain lookup
ip routing
ipv6 unicast-routing
banner motd # This is D1, Trouble Ticket 21.1.4.2#
enable secret cisco12345
username admin privilege 15 algorithm-type scrypt secret cisco12345
interface range g1/0/1-24
switchport mode access
shutdown
exit
interface g1/0/11
no switchport
ip address 192.0.0.2 255.255.255.0
ipv6 address fe80::d1:1 link-local
ipv6 address 2001:db8:acad:192::2/64
no shutdown
exit
interface vlan 11
ip address 192.0.11.1 255.255.255.0
ipv6 address fe80::d1:2 link-local
ipv6 address 2001:db8:acad:224::1/64
no shutdown
exit
interface vlan 12
ip address 192.0.12.1 255.255.255.0
ipv6 address fe80::d1:3 link-local
ipv6 address 2001:db8:acad:225::1/64
no shutdown
exit
interface g1/0/23
switchport mode access
switchport access vlan 11
spanning-tree portfast
no shutdown
exit
interface g1/0/24
switchport mode access
switchport access vlan 12
spanning-tree portfast
no shutdown
exit
router ospfv3 1
router-id 0.0.13.1
address-family ipv4 unicast
passive-interface vlan 11
passive-interface vlan 12
address-family ipv6 unicast
passive-interface vlan 11
passive-interface vlan 12
exit
exit
interface g1/0/11
ospfv3 1 ipv6 area 0
ospfv3 1 ipv4 area 0
exit
interface vlan 11
ospfv3 1 ipv6 area 0
ospfv3 1 ipv4 area 0
exit
interface vlan 12
ospfv3 1 ipv6 area 0
ospfv3 1 ipv4 area 0
exit
ip dhcp excluded-address 192.0.11.1 192.0.11.5
ip dhcp excluded-address 192.0.12.1 192.0.12.5
ip dhcp pool VLAN11DHCP
network 192.0.11.0 255.255.255.0
default-router 192.0.11.1
exit
ip dhcp pool VLAN12DHCP
network 192.0.12.0 255.255.255.0
default-router 192.0.12.1
exit
ipv6 dhcp pool VLAN11DHCP6
address prefix 2001:db8:acad:224::/64
exit
ipv6 dhcp pool VLAN12DHCP6
address prefix 2001:db8:acad:225::/64
exit
interface vlan 11
ipv6 nd prefix 2001:db8:acad:224::/64 no-autoconfig
ipv6 nd managed-config-flag
ipv6 dhcp server VLAN11DHCP6
exit
interface vlan 12
ipv6 nd prefix 2001:db8:acad:225::/64 no-autoconfig
ipv6 nd managed-config-flag
ipv6 dhcp server VLAN12DHCP6
exit
line con 0
logging synchronous
exec-timeout 0 0
exit
line vty 0 4
login local
transport input telnet
exec-timeout 5 0
exit
alias exec reset.now tclsh flash:/enarsi/reset.tcl
end
}
tclquit
D2 Configuration File Scripts
! D2– Trouble Ticket # 1
tclsh
puts [ open “flash:/enarsi/21.1.4.1-d2-config.txt” w+ ] {
hostname D2
no ip domain lookup
ip routing
ipv6 unicast-routing
banner motd # This is D2, Trouble Ticket 21.1.4.1#
enable secret cisco12345
username admin privilege 15 algorithm-type scrypt secret cisco12345
interface range g1/0/1-24
switchport mode access
shutdown
exit
interface g1/0/11
no switchport
ip address 10.0.0.2 255.255.255.0
ipv6 address fe80::d2:1 link-local
ipv6 address 2001:db8:acad:10::2/64
no shutdown
exit
interface g1/0/23
switchport mode access
switchport access vlan 16
spanning-tree portfast
no shutdown
exit
interface g1/0/24
switchport mode access
switchport access vlan 27
spanning-tree portfast
no shutdown
exit
interface vlan 16
ip address 10.0.16.1 255.255.255.0
ipv6 address fe80::d2:2 link-local
ipv6 address 2001:db8:acad:16::1/64
ipv6 nd prefix 2001:db8:acad:16::/64 no-autoconfig
no shutdown
exit
interface vlan 27
ip address 10.0.27.1 255.255.255.0
ipv6 address fe80::d2:3 link-local
ipv6 address 2001:db8:acad:27::1/64
ipv6 nd prefix 2001:db8:acad:27::/64 no-autoconfig
no shutdown
exit
ipv6 dhcp pool VLAN16DHCP6
address prefix 2001:db8:acad:16::/64
exit
ipv6 dhcp pool VLAN27DHCP6
address prefix 2001:db8:acad:27::/64
exit
interface vlan 16
ipv6 nd managed-config-flag
ipv6 dhcp server VLAN16DHCP6
exit
interface vlan 27
ipv6 nd managed-config-flag
ipv6 dhcp server VLAN27DHCP6
exit
ip dhcp excluded-address 10.0.16.1 10.0.16.5
ip dhcp excluded-address 10.0.27.1 10.0.27.5
ip dhcp pool VLAN16DHCP4
network 10.0.16.0 255.255.255.0
default-router 10.0.16.1
exit
ip dhcp pool VLAN27DHCP4
network 10.0.27.0 255.255.255.0
default-router 10.0.27.1
exit
router eigrp LAB2114
address-family ipv4 unicast autonomous-system 1
eigrp router-id 0.0.0.132
network 10.0.0.0 0.0.255.255
exit
address-family ipv6 unicast autonomous-system 1
eigrp router-id 0.0.0.132
af-interface default
passive-interface
exit
af-interface g1/0/11
no passive-interface
exit
line con 0
logging synchronous
exec-timeout 0 0
exit
line vty 0 4
login local
transport input telnet
exec-timeout 5 0
exit
alias exec reset.now tclsh flash:/enarsi/reset.tcl
end
}
tclquit
! D2– Trouble Ticket # 2
tclsh
puts [ open “flash:/enarsi/21.1.4.2-d2-config.txt” w+ ] {
hostname D2
no ip domain lookup
ip routing
ipv6 unicast-routing
banner motd # This is D2, Trouble Ticket 21.1.4.2#
enable secret cisco12345
username admin privilege 15 algorithm-type scrypt secret cisco12345
interface range g1/0/1-24
switchport mode access
shutdown
exit
interface g1/0/11
no switchport
ip address 10.0.0.2 255.255.255.0
ipv6 address fe80::d2:1 link-local
ipv6 address 2001:db8:acad:10::2/64
no shutdown
exit
interface g1/0/23
switchport mode access
switchport access vlan 16
spanning-tree portfast
no shutdown
exit
interface g1/0/24
switchport mode access
switchport access vlan 27
spanning-tree portfast
no shutdown
exit
interface vlan 16
ip address 10.0.16.1 255.255.255.0
ipv6 address fe80::d2:2 link-local
ipv6 address 2001:db8:acad:16::1/64
ipv6 nd prefix 2001:db8:acad:16::/64 no-autoconfig
no shutdown
exit
interface vlan 27
ip address 10.0.27.1 255.255.255.0
ipv6 address fe80::d2:3 link-local
ipv6 address 2001:db8:acad:27::1/64
ipv6 nd prefix 2001:db8:acad:27::/64 no-autoconfig
no shutdown
exit
ipv6 dhcp pool VLAN16DHCP6
address prefix 2001:db8:acad:16::/64
exit
ipv6 dhcp pool VLAN27DHCP6
address prefix 2001:db8:acad:27::/64
exit
interface vlan 16
ipv6 nd managed-config-flag
ipv6 dhcp server VLAN16DHCP6
exit
interface vlan 27
ipv6 nd managed-config-flag
ipv6 dhcp server VLAN27DHCP6
exit
ip dhcp excluded-address 10.0.16.1 10.0.16.5
ip dhcp excluded-address 10.0.27.1 10.0.27.5
ip dhcp pool VLAN16DHCP4
network 10.0.16.0 255.255.255.0
default-router 10.0.16.1
exit
ip dhcp pool VLAN27DHCP4
network 10.0.27.0 255.255.255.0
default-router 10.0.27.1
exit
router eigrp LAB2114
address-family ipv4 unicast autonomous-system 1
eigrp router-id 0.0.0.132
network 10.0.0.0 0.0.255.255
exit
address-family ipv6 unicast autonomous-system 1
eigrp router-id 0.0.0.132
af-interface default
passive-interface
exit
af-interface g1/0/11
no passive-interface
exit
line con 0
logging synchronous
exec-timeout 0 0
exit
line vty 0 4
login local
transport input telnet
exec-timeout 5 0
exit
alias exec reset.now tclsh flash:/enarsi/reset.tcl
end
}
tclquit
A1 Configuration File Scripts – Not Used In This Lab