ISP – Lab 5.2.1 Configuration
service timestamps debug datetime msec localtime
service timestamps log datetime localtime
no service password-encryption
!
hostname ISP
!
enable password cisco
!
clock timezone PST -7
ip subnet-zero
!
ip cef
cns event-service server
!
interface Loopback0
ip address 10.2.1.2 255.255.255.252
!
interface Loopback1
ip address 192.168.1.1 255.255.255.0
!
interface Loopback2
ip address 192.168.2.1 255.255.255.0
!
interface Loopback3
ip address 192.168.3.1 255.255.255.0
!
interface Loopback4
ip address 192.168.4.1 255.255.255.0
!
interface Loopback5
ip address 192.168.5.1 255.255.255.0
!
interface Loopback6
ip address 192.168.6.1 255.255.255.0
!
interface Loopback10
description RedCross
ip address 213.173.185.10 255.255.255.0
interface Loopback11
description Cisco
ip address 198.133.219.25 255.255.255.0
!
interface Loopback12
description Google
ip address 216.239.33.101 255.255.255.0
!
interface FastEthernet0/0
description Link to Elmhurst
ip address 172.17.22.1 255.255.255.252
no shutdown
!
interface Serial0/0
no ip address
shutdown
!
interface Serial0/1
no ip address
shutdown
!
router bgp 222
synchronization
bgp log-neighbor-changes
network 10.2.1.0 mask 255.255.255.252
network 192.168.1.0
network 192.168.2.0
network 192.168.3.0
network 192.168.4.0
network 192.168.5.0
network 192.168.6.0
network 198.133.219.0
network 213.173.185.0
network 216.239.33.0
neighbor 172.17.22.2 remote-as 77
no auto-summary
!
ip classless
ip http server
!
!
banner motd ^C
ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ
ISP
-- Module 5 --
-- Lab 5.2.1 --
ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ
^C
!
line con 0
exec-timeout 20 0
password cisco
login
transport input none
stopbits 1
flowcontrol hardware
line aux 0
no exec
line vty 0 4
exec-timeout 20 0
password cisco
logging synchronous
login
line vty 5 15
exec-timeout 20 0
password cisco
logging synchronous
login
!
ntp clock-period 17208456
ntp master 2
!
! no issues
!
end
Orlando – Lab 5.2.1 Configuration
version 12.2
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Orlando
!
enable password cisco
!
ip host Montreal 172.26.169.1 172.26.168.130 172.28.128.2 172.27.227.2
ip host Toronto 172.26.168.1 172.26.168.129 172.26.167.2 172.26.167.130
ip host Kingston 172.26.165.1 172.26.161.1 172.26.167.1 172.26.167.129
ip host Kingston_SW 172.26.161.2
ip host Orlando 172.28.128.8 172.17.22.2 172.28.170.1
ip host Elmhurst 172.28.170.2
ip host CCNP4_Server 172.28.128.9
!
ip host RedCross 213.173.185.10
ip host Cisco 198.133.219.25
ip host Google 216.239.33.101
ip host ISP 10.2.1.2
!
ip subnet-zero
!
clock timezone PST -7
!
call rsvp-sync
!
interface Loopback0
ip address 10.177.178.8 255.255.255.192
!
interface FastEthernet0/0
no ip address
speed auto
full-duplex
no shutdown
!
interface FastEthernet0/0.10
encapsulation dot1Q 10
ip address 172.17.22.2 255.255.255.252
!
interface FastEthernet0/0.28
encapsulation dot1Q 28
ip address 172.28.128.8 255.255.255.240
!
interface FastEthernet0/0.99
encapsulation dot1Q 99
ip address 172.28.170.1 255.255.255.192
!
interface Serial0/0
no ip address
shutdown
no fair-queue
!
interface Serial0/1
no ip address
shutdown
!
router bgp 77
bgp log-neighbor-changes
network 172.28.128.0 mask 255.255.255.240
network 172.28.170.0 mask 255.255.255.192
neighbor 172.17.22.1 remote-as 222
neighbor 172.28.128.6 remote-as 61
!
ip classless
ip route 0.0.0.0 0.0.0.0 172.17.22.1
ip http server
!
logging source-interface Loopback0
logging 172.28.128.9
!
access-list 77 remark Allow all workgroups Telnet and SNMP access
access-list 77 permit 172.26.0.0 0.0.255.255
access-list 77 remark Allow Elmhurst Telnet and SNMP access
access-list 77 permit 172.28.128.0 0.0.0.255
!
!
dial-peer cor custom
!
banner motd ^C
ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ
Orlando
-- Module 5 --
-- Lab 5.2.1 --
ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ
^C
!
line con 0
exec-timeout 20 0
password cisco
login
stopbits 1
flowcontrol hardware
line aux 0
line vty 0 4
access-class 77 in
exec-timeout 20 0
password cisco
logging synchronous
login
line vty 5 15
access-class 77 in
exec-timeout 20 0
password cisco
logging synchronous
login
!
ntp server 172.17.22.1
!
!
! no issues
!
end
Elmhurst – Lab 5.2.1 Configuration
no service pad
service timestamps debug datetime msec localtime
service timestamps log datetime localtime
no service password-encryption
!
hostname Elmhurst
!
logging buffered 65536 debugging
enable password cisco
!
ip host Montreal 172.26.169.1 172.26.168.130 172.28.128.2 172.27.227.2
ip host Toronto 172.26.168.1 172.26.168.129 172.26.167.2 172.26.167.130
ip host Kingston 172.26.165.1 172.26.161.1 172.26.167.1 172.26.167.129
ip host Kingston_SW 172.26.161.2
ip host Orlando 172.28.128.8 172.17.22.2 172.28.170.1
ip host Elmhurst 172.28.170.2
ip host CCNP4_Server 172.28.128.9
!
ip host RedCross 213.173.185.10
ip host Cisco 198.133.219.25
ip host Google 216.239.33.101
ip host ISP 10.2.1.2
!
ip subnet-zero
!
clock timezone PST –7
no ip domain-lookup
vtp domain CIT
vtp mode transparent
!
vlan 10
name ISP
!
vlan 28
name Core_28
!
vlan 99
name Management_VLAN
!
!
spanning-tree portfast default
spanning-tree extend system-id
spanning-tree backbonefast
spanning-tree vlan 28 priority 8192
!
!
interface Port-channel6
switchport mode trunk
no ip address
!
interface FastEthernet0/1
description Link to ISP
switchport access vlan 10
no ip address
!
interface FastEthernet0/2
description Link to Orlando
switchport mode trunk
no ip address
!
interface FastEthernet0/3
description Link to Montreal
no ip address
channel-group 6 mode desirable
!
interface FastEthernet0/4
description Link to Montreal
no ip address
channel-group 6 mode desirable
!
interface FastEthernet0/5
description Link to Server
switchport access vlan 28
no ip address
!
interface range FastEthernet0/6 - 24
no ip address
shutdown
!
interface GigabitEthernet0/1
no ip address
shutdown
!
interface GigabitEthernet0/2
no ip address
shutdown
!
interface Vlan1
no ip address
no ip route-cache
shutdown
!
interface Vlan99
description Management VLAN
ip address 172.28.170.2 255.255.255.192
no ip route-cache
no shutdown
!
ip default-gateway 172.28.170.1
!
ip http server
!
logging 172.28.128.9
!
banner motd ^C
ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ
Elmhurst
Core Switch
-- Module 5 --
-- Lab 5.2.1 --
ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ
^C
!
line con 0
exec-timeout 0 0
password cisco
logging synchronous
login
flowcontrol hardware
line vty 0 4
exec-timeout 0 0
password cisco
logging synchronous
login
line vty 5 15
exec-timeout 0 0
password cisco
logging synchronous
login
!
ntp server 172.17.22.1
!
!
! no issues
!
end
Montreal – Lab 5.2.1 Configuration
version 12.1
no service single-slot-reload-enable
no service pad
service timestamps debug datetime msec localtime
service timestamps log datetime localtime
no service password-encryption
!
hostname Montreal
!
logging buffered 65536 debugging
ip host Montreal 172.26.169.1 172.26.168.130 172.28.128.2 172.27.227.2
ip host Toronto 172.26.168.1 172.26.168.129 172.26.167.2 172.26.167.130
ip host Kingston 172.26.165.1 172.26.161.1 172.26.167.1 172.26.167.129
ip host Kingston_SW 172.26.161.2
ip host Orlando 172.28.128.8 172.17.22.2 172.28.170.1
ip host Elmhurst 172.28.170.2
ip host CCNP4_Server 172.28.128.9
!
ip host RedCross 213.173.185.10
ip host Cisco 198.133.219.25
ip host Google 216.239.33.101
ip host ISP 10.2.1.2
!
clock timezone PST -7
!
vlan 28
name Core_28
ip subnet-zero
ip routing
no ip domain-lookup
!
vtp domain CIT
vtp mode transparent
!
!
spanning-tree extend system-id
spanning-tree backbonefast
!
!
!
interface Loopback0
ip address 172.26.169.1 255.255.255.192
ip ospf network point-to-point
!
interface Port-channel62
description EtherChannel bundle to Elmhurst
switchport trunk encapsulation dot1q
switchport mode trunk
no ip address
spanning-tree vlan 28 port-priority 32
!
interface range FastEthernet0/1 – 2
no ip address
shutdown
!
interface FastEthernet0/3
description Link to Elmhurst
switchport trunk encapsulation dot1q
switchport mode trunk
no ip address
channel-group 62 mode desirable
!
interface FastEthernet0/4
description Link to Elmhurst
switchport trunk encapsulation dot1q
switchport mode trunk
no ip address
channel-group 62 mode desirable
!
interface FastEthernet0/5
description Link to Toronto
no switchport
ip address 172.26.168.130 255.255.255.192
duplex full
speed 100
!
interface range FastEthernet0/6 – 24
no ip address
shutdown
!
interface GigabitEthernet0/1
no ip address
shutdown
!
interface GigabitEthernet0/2
no ip address
shutdown
!
interface Vlan1
no ip address
no ip mroute-cache
!
interface Vlan28
description Path to Elmhurst
ip address 172.28.128.6 255.255.255.240
!
router eigrp 606
redistribute static
redistribute bgp 61 metric 10000 100 255 1 1500
network 172.26.168.128 0.0.0.127
network 172.26.169.0 0.0.0.127
auto-summary
eigrp log-neighbor-changes
!
router rip
version 2
passive-interface FastEthernet0/5
network 172.26.0.0
network 172.28.0.0
!
router bgp 61
bgp log-neighbor-changes
network 172.26.161.0 mask 255.255.255.192
network 172.26.162.0 mask 255.255.255.192
network 172.26.163.0 mask 255.255.255.192
network 172.26.164.0 mask 255.255.255.192
network 172.26.165.0 mask 255.255.255.192
network 172.26.165.128 mask 255.255.255.192
network 172.26.166.0 mask 255.255.255.192
network 172.26.166.128 mask 255.255.255.192
network 172.26.168.0 mask 255.255.255.192
network 172.26.168.128 mask 255.255.255.192
network 172.26.169.0 mask 255.255.255.192
aggregate-address 172.26.0.0 255.255.0.0 summary-only
neighbor 172.28.128.8 remote-as 77
neighbor 172.28.128.8 distribute-list CIT in
!
ip classless
ip route 0.0.0.0 0.0.0.0 172.28.128.8
ip http server
!
ip access-list standard CIT
remark Include the other pods as /16 networks
remark Also include the Cisco web site
permit 198.133.219.0 0.0.0.255
!
access-list 61 remark Allow workgroup Telnet and SNMP access
access-list 61 permit 172.26.0.0 0.0.255.255
access-list 61 remark Allow Elmhurst Telnet and SNMP access
access-list 61 permit 172.28.128.8 0.0.0.0
!
logging source-interface Loopback0
logging 172.28.128.9
snmp-server engineID local 800000090300000A8A466781
snmp-server community Acme RO 61
snmp-server chassis-id Montreal
snmp-server enable traps snmp authentication warmstart coldstart
snmp-server enable traps config
snmp-server enable traps entity
snmp-server enable traps rtr
snmp-server enable traps vlan-membership
snmp-server enable traps vtp
snmp-server enable traps MAC-Notification
snmp-server enable traps hsrp
snmp-server enable traps cluster
snmp-server enable traps bgp
!
banner motd ^C
ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ
Montreal
Distribution Router / Switch
-- Module 5 --
-- Lab 5.2.1 --
ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ
^C
!
line con 0
exec-timeout 20 0
password cisco
login
flowcontrol hardware
line vty 0 4
access-class 61 in
exec-timeout 20 0
password cisco
logging synchronous
login
line vty 5 15
access-class 61 in
exec-timeout 20 0
password cisco
logging synchronous
login
!
ntp server 172.17.22.1
!
! broken configs here - start
!
interface Vlan28
ip address 172.27.227.6 255.255.255.224
!
!
interface FastEthernet0/5
no description Link to Toronto
switchport
shut
!
interface FastEthernet0/6
description Link to Toronto
no switch
ip address 172.26.168.130 255.255.255.128
speed 100
duplex full
no shut
!
router bgp 61
no neighbor 172.28.128.8 remote-as 77
neighbor 172.28.128.8 remote-as 71
neighbor 172.28.128.8 distribute-list CIT in
!
no logging console
!
! broken configs here - end
!
end
Toronto – Lab 5.2.1 Configuration
service timestamps debug datetime msec localtime
service timestamps log datetime localtime
no service password-encryption
!
hostname Toronto
!
logging buffered 65536 debugging
ip host Montreal 172.26.169.1 172.26.168.130 172.28.128.2 172.27.227.2
ip host Toronto 172.26.168.1 172.26.168.129 172.26.167.2 172.26.167.130
ip host Kingston 172.26.165.1 172.26.161.1 172.26.167.1 172.26.167.129
ip host Kingston_SW 172.26.161.2
ip host Orlando 172.28.128.8 172.17.22.2 172.28.170.1
ip host Elmhurst 172.28.170.2
ip host CCNP4_Server 172.28.128.9
!
ip host RedCross 213.173.185.10
ip host Cisco 198.133.219.25
ip host Google 216.239.33.101
ip host ISP 10.2.1.2
!
memory-size iomem 10
clock timezone PST -7
ip subnet-zero
!
!
no ip domain-lookup
!
ip cef
!
call rsvp-sync
!
!
interface Loopback0
ip address 172.26.168.1 255.255.255.192
!
interface FastEthernet0/0
description Link to Montreal
ip address 172.26.168.129 255.255.255.192
ip policy route-map USE_FAST
speed 100
full-duplex
no shutdown
!
interface Serial0/0
description Fast Link to Kingston
bandwidth 1544
ip address 172.26.166.2 255.255.255.192
no shutdown
!
interface Serial0/1
bandwidth 64
encapsulation frame-relay
no shutdown
!
interface Serial0/1.1 multipoint
description Slow Frame Relay Link to Kingston
ip address 172.26.166.130 255.255.255.192
frame-relay map ip 172.26.166.129 201 broadcast
!
router eigrp 606
passive-interface default
no passive-interface FastEthernet0/0
no passive-interface Serial0/0
no passive-interface Serial0/1.1
network 172.26.166.0 0.0.0.63
network 172.26.166.128 0.0.0.63
network 172.26.168.0 0.0.0.63
network 172.26.168.128 0.0.0.63
auto-summary
!
ip classless
no ip http server
ip pim bidir-enable
!
!
ip access-list extended Admin
permit ip any 172.26.161.0 0.0.0.255
permit ip any 172.26.165.0 0.0.0.255
!
ip access-list extended END_USERS
remark Allow PC End Users
permit ip any 172.26.164.0 0.0.0.255
permit ip any 172.26.162.0 0.0.1.255
!
access-list 61 remark Allow this workgroup to Telnet in
access-list 61 permit 172.26.0.0 0.0.255.255
access-list 61 remark Allow Elmhurst to Telnet in
access-list 61 permit 172.28.128.8 0.0.0.0
!
route-map USE_FAST deny 10
match ip address END_USERS
!
route-map USE_FAST permit 20
match ip address Admin
set ip next-hop 172.26.166.129
!
logging source-interface Loopback0
logging 172.28.128.9
snmp-server community Acme RO 61
snmp-server chassis-id Toronto
snmp-server enable traps snmp authentication coldstart warmstart
snmp-server enable traps tty
snmp-server enable traps config
snmp-server enable traps entity
snmp-server enable traps frame-relay
snmp-server enable traps frame-relay subif
snmp-server enable traps syslog
snmp-server enable traps rtr
snmp-server enable traps ipmulticast
!
banner motd ^C
ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ
Toronto
Distribution Router
-- Module 5 --
-- Lab 5.2.1 --
ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ
^C
!
line con 0
exec-timeout 20 0
password cisco
login
stopbits 1
flowcontrol hardware
line aux 0
no exec
line vty 0 4
access-class 61 in
exec-timeout 20 0
password cisco
logging synchronous
login
!
ntp clock-period 17208260
ntp server 172.17.22.1
!
! broken configs here - start
!
interface Serial0/1.1 multipoint
description Slow Frame Relay Link to Kingston
ip address 172.26.166.130 255.255.255.192
no frame-relay map ip 172.26.166.129 201 broadcast
frame-relay map ip 172.26.166.129 203
!
! broken configs here - end
!
end
Kingston – Lab 5.2.1 Configuration
service timestamps debug datetime msec localtime
service timestamps log datetime localtime
no service password-encryption
!
hostname Kingston
!
logging buffered 65536 debugging
ip host Montreal 172.26.169.1 172.26.168.130 172.28.128.2 172.27.227.2
ip host Toronto 172.26.168.1 172.26.168.129 172.26.167.2 172.26.167.130
ip host Kingston 172.26.165.1 172.26.161.1 172.26.167.1 172.26.167.129
ip host Kingston_SW 172.26.161.2
ip host Orlando 172.28.128.8 172.17.22.2 172.28.170.1
ip host Elmhurst 172.28.170.2
ip host CCNP4_Server 172.28.128.9
!
ip host RedCross 213.173.185.10
ip host Cisco 198.133.219.25
ip host Google 216.239.33.101
ip host ISP 10.2.1.2
!
memory-size iomem 10
clock timezone PST -7
ip subnet-zero
!
!
no ip domain-lookup
no ip dhcp conflict logging
ip dhcp excluded-address 172.26.162.1
ip dhcp excluded-address 172.26.163.1
ip dhcp excluded-address 172.26.164.1
!
ip dhcp pool PC2
network 172.26.162.0 255.255.255.252
default-router 172.26.162.1
dns-server 172.27.227.9
domain-name Acme
lease 0 0 10
!
ip dhcp pool PC3
network 172.26.163.0 255.255.255.252
default-router 172.26.163.1
dns-server 172.27.227.9
domain-name Acme
lease 0 0 10
!
ip dhcp pool PC4
network 172.26.164.0 255.255.255.252
default-router 172.26.164.1
dns-server 172.27.227.9
domain-name Acme
lease 0 0 10
!
ip cef
!
call rsvp-sync
!
!
interface Loopback0
ip address 172.26.165.1 255.255.255.192
!
interface FastEthernet0/0
description Link to Kingston_SW
no ip address
speed 100
full-duplex
no shutdown
!
interface FastEthernet0/0.1
encapsulation dot1Q 901 native
ip address 172.26.161.1 255.255.255.192