Documente online.
Zona de administrare documente. Fisierele tale
Am uitat parola x Creaza cont nou
 HomeExploreaza
upload
Upload




Michigan Channels SE Practice

technical


Michigan Channels

SE Practice

CCIE Lab





Network Schematic


Routing Topology


Cisco Lab

Guidelines

At no time should the hardware/software configuration of frame switch (router 7) or ISP (router 8) be modified in any way

At no time are Static or Default routes to be used

Do not configure loopback interfaces unless requested

Create the Network Diagram

Review all of the steps in this document before you begin. Some steps must take into account information found later in this document. Create a network diagram on a separate piece of paper. Include all network numbers, subnet masks, and host addresses.

Catalyst Configuration

Create 2 VLAN's on the Catalyst 5000. Port 3/1 in VLANA and port 3/2 in VLANB

Configure R2s's e0/0 as 129.45.80.1/30 which in connected to VLANB

Configure R3's e0/0 as 129.45.80.49/30 which is connected to VLANA

Topology and Basic IP Setup

Configure R5's s1 as 129.45.80.74 with a 2 host subnet

Configure IP addresses on the rest of the network with the address 129.45.80/24

Allow at least 6 hosts per subnet on ethernet and token ring interfaces

Allow at least 2 hosts per subnet on each WAN link

Configure IP across the Frame-Relay nework

Configure R3 using two sub-interfaces

Use a sub-interface for the connection to R5 and use one sub-interface for the connection to R2 and R4. Do not configure sub-interfaces for R2, R4, or R5

Ensure that you can ping from any router to any interface including your own

Configure the ISDN link. Verify pings from R3 - R5

Configure X.25 for the connection from R1 to R2

Configure async routing between the auxillary ports on R1 and R4

Configure Routing Protocols per the Routing Topology Diagram

Configure OSPF as shown in the diagram

Setup Area 3 as a Stubby Area and configure OSPF MD5 authentication throughout area 1

Configure IGRP as shown in the diagram. Redistribute these routes with other routing protocols to allow full network connectivity

Configure EIGRP as shown in the diagram. Redistribute these routes with other routing protocols to allow full network connectivity

Configure R5 and R2 to be IBGP neighbors

Configure R2 and R4 to be IBGP neighbors

Do not configure peering statements between R5 and R4

Configure BGP on R5, R4 and R2 with an AS of 5

Configure R5 such that it will pass routes to an EBGP neighbor (ISP) 129.45.80.73/30 AS 254

Make sure that the only external BGP route that is accepted by R5 is that of the network 192.78.5.0

Configure BGP supernetting using ip address 129.45.0.0. This is to be advertised to AS 254 only. Make sure that there are no update problems with this route being advertised back into your IGP and IBGP. Verify that all BGP speakers can see the proper BGP routes

Ensure that routing advertisements for all protocols are only being sent out on the interfaces noted in the diagram. Ensure that the best path is taken as the limits of your routing protocols allow. Remember NO static or default routing of any kind

At this point you should be able to ping from any interface to nearly any other interface throughout the ENTIRE network

Verify network connectivity

Configure Fault Tolerance

Configure ISDN using these numbers:

Port1 SPID1 0835866101 DN 835-8661 (Router 3)

Port1 SPID2 0835866301 DN 835-8663

Port2 SPID1 0835866201 DN 835-8662 (Router 5)

Port2 SPID2 0835866401 DN 835-8664

Switch type is NI1

R5 should be set up as the dialer when its serial link goes down

Use ISDN as a backup link, when the frame-relay connection to R3 is lost

Use CHAP authentication

Configure fault tolerance between R2 and R4's Ethernet. Make sure that no packets from the Ethernet network are lost when the frame-relay links on either of the routers goes down

IP Firewall

Allow the partner subnet 192.64.5.0 access to R5's s1 network via R4 only

Make sure all other subnets access R5's s1 via R2

Configure an outbound access list on R5's Serial1 Interface

Permit FTP originating from R1's Token Ring network

Deny TFTP anywhere

Allow smtp, www, and ping from anywhere

Network Address Translation

Configure NAT on R5's ethernet interface

Host addresses are 1.1.1.1 to 1.1.1.30

Use the valid network on R5's ethernet interface as the outside addresses

Network Time Protocol

Configure authenticated NTP on all routers

Make R2 the authoritative NTP server

Only allow R3 to synchronize with the time on R2 the master timeserver

Configure R2s clock to represent the correct time

Desktop Protocols

Enable IPX RIP on all LAN segments

Enable IPX EIGRP on the frame-relay, ISDN and x.25 network connections

Configure 2 static SAPs on R4's Token Ring

Filter SAP on R4's E0 such that it will only advertise 1 SAP

Verify that these 2 SAPs appear in R2's SAP table

Configure IPX route filtering such that R3 will not see IPX routes from R5

Configure LAT between R3 and R5

Verify that you can establish LAT sessions between R3 and R5

Ensure that the connections made are always LAT and never telnet

Enable AppleTalk RTMP on all LAN segments

AppleTalk EIGRP on all possible WAN segments besides ISDN.

Configure tunnels in the Frame Relay Network

Make sure that the tunnel for the connection between R3 and R5 uses no AppleTalk cable ranges, while the other connections do.

Filter AppleTalk zones on R4 such that users on the token ring will only sees its own zone.

DLSW+

Configure DLSW+ on R4's token ring and R1's and R3s ethernet interfaces

Configure R4 as a DLSW+ Border Peer to both R2 and R3

Use TCP for the connection between R3 and R4

Use FST for the connection between R2 and R4

Allow only SNA from R3 to R1 and R4

Allow only Netbios between R1 and R4

Setup filters such that the Token Ring announces only the Mac address of the FEP. Mac for the FEP on R4 is 4444.4444.4444

Adjust DLSW+ Timers.

Verify that your configuration is correct by checking the peer capabilities

Additional Questions

Configure IP multicast such that a multicast server on R3s e0 can send multicast packets to receivers on R1's and R4's token interfaces.

Add IPX to the ISDN configuration

Verify that all updates and routing is available in the event the frame goes down

Configure IPX on the ISDN such that RIP and SAP updates are kept to a minimum.

Frame Relay Switch Configuration

version 12.0

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

hostname switch

ip subnet-zero

no ip domain-lookup

ip audit notify log

ip audit po max-events 100

frame-relay switching

cns event-service server

interface FastEthernet0/0

no ip address

no ip directed-broadcast

shutdown

duplex auto

speed auto

interface Serial1/0

no ip address

no ip directed-broadcast

encapsulation frame-relay

no ip mroute-cache

no fair-queue

clockrate 64000

frame-relay lmi-type ansi

frame-relay intf-type dce

frame-relay route 40 interface Serial1/2 140

interface Serial1/1

no ip address

no ip directed-broadcast

encapsulation frame-relay

clockrate 64000

frame-relay lmi-type ansi

frame-relay intf-type dce

frame-relay route 20 interface Serial1/2 120

interface Serial1/2

no ip address

no ip directed-broadcast

encapsulation frame-relay

clockrate 64000

frame-relay lmi-type ansi

frame-relay intf-type dce

frame-relay route 120 interface Serial1/1 20

frame-relay route 140 interface Serial1/0 40

frame-relay route 150 interface Serial1/3 50

interface Serial1/3

no ip address

no ip directed-broadcast

encapsulation frame-relay

clockrate 64000

frame-relay lmi-type ansi

frame-relay intf-type dce

frame-relay route 50 interface Serial1/2 150

ip classless

no ip http server

line con 0

exec-timeout 0 0

transport input none

line aux 0

line vty 0 4

password cisco

login

end


Document Info


Accesari: 1300
Apreciat: hand-up

Comenteaza documentul:

Nu esti inregistrat
Trebuie sa fii utilizator inregistrat pentru a putea comenta


Creaza cont nou

A fost util?

Daca documentul a fost util si crezi ca merita
sa adaugi un link catre el la tine in site


in pagina web a site-ului tau.




eCoduri.com - coduri postale, contabile, CAEN sau bancare

Politica de confidentialitate | Termenii si conditii de utilizare




Copyright © Contact (SCRIGROUP Int. 2024 )