Worpad Book 50 CCNP Route Labs

50
CCNP
ROUTE
Labs
with
solutions
BY Redouane MEDDANE
Lab 1: ABRs election and Forward Address in NSSA with
OSPFv3
Lab 2: loop prevention mechanism of inter-area ospf
Lab 3: Forward Address and path selection in OSPFv2
Lab 4: OSPFv3 and the Forwarding Address
Lab 5: OSPF path selection for external route
Lab 6: OSPFv2 and OSPFv3 comparison
Lab 7: OSPF Lab Case Study
Lab 8: OSPF over Frame-Relay and redistribution between two
OSPF Processes-ID
Lab 9: Redistribution between two OSPF Processes-ID
Lab 10: OSPFv3 external path selection and Forward Address
Lab 11: Forwarding Address selection
Lab 12: Forward Address selection among two LSAs Type 7 for
the same destination
Lab 13: NSSA with OSPFv3
Lab 14: Virtual-Link OSPF
Lab 15: Effects of ABR Loop Prevention with OSPFv3
Lab 16: Forwarding Address
Lab 17: OSPFv3 and the use of forwarding address
Lab 18: The Forwarding Address and path selection
Lab 19: Routing Problem with OSPF Forwarding Address with
all possible solutions
Lab 20: How an ABR sets the Forward Address in the LSA Type
7
Lab 21: Routing Problem with OSPFv3 when advertising
external routes in NSSA:
Lab 22: OSPFv3 LSAs : Types 2001 and 2002, Types 0008 and
2009 (Router and
Network, Link and Intra-AreaPrefix)
Lab 23: Redistribution between two EIGRP autonomous
systems
Lab 24: Redistribution between two AS EIGRP
Lab 25: EIGRP over Frame-Relay
Lab 26: Troubleshooting EIGRP
Lab 27: EIGRP redisstribution between two AS and the nexthop field
Lab 28: Next-Hop Field with EIGRP over IPv4

Lab 30: Next-Hop Field in OSPFv2 and OSPFv3
Lab 31: BGP LOCAL_PREF attribute Lab
Lab 32: BGP infuencing the path using MED and Prepend
Lab 33: Lab BGP path control
Lab 34: BGP Lab Case Study
Lab 35: Redistribution Connected Routes
Lab 36: Two routing protocols with the same AD
Lab 37: OSPF EIGRP RIP Suboptimal Path
Lab 38: RIP EIGRP OSPF Suboptimal Path
Lab 39: Redistributing a Subset of Routes Using a Route Map
Lab 40: Caveats when redistributing between BGP and OSPF
Lab 41: OSPF Multi-area Virtual-link EIGRP and summarization
Lab 42: EIGRP and Lab OSPF Case Study
Lab 43: Redistribution between OSPF and BGP
Lab 44: Redistribution between EIGRP and BGP
Lab 45: LAB Challenge:EIGRP RIP OSPF FRAME-RELAY
REDISTRIBUTION VIRTUAL-LINK
Lab 46: OSPFv3 and EIGRP over ISATAP Tunnel
Lab 47: IGP over ISATAP tunnel
Lab 48: IPV6 challenge lab
Lab 49: Policy-Based Routing with default parameters
Lab 50: IP SLA Tracking and Path Control
Lab 1: ABRs election and Forward Address in NSSA with

OSPFv3
We have two ABRs R2(router-id 2.2.2.2 and R3(router-id 3.3.3.3) and the
area 1 is configured as an NSSA ,the two output shown that R3 will do the
translation of the LSA Type 7 to the LSA Type 5 because the highest routerid 3.3.3.3 comparing with the router-id of R2 2.2.2.2:
R1#show ipv6 ospf database | begin Type-5
Type-5 AS External Link States
ADV Router Age Seq# Prefix
3.3.3.3 17 0x80000001 4::/64
R3#show ipv6 ospf | begin Area 1

Area 1
Number of interfaces in this area is 2
It is a NSSA area
Perform type-7/type-5 LSA translation
SPF algorithm executed 10 times
Number of LSA 18. Checksum Sum 0x09CA9F
Number of DCbitless LSA 0
Number of indication LSA 0
Number of DoNotAge LSA 0
Flood list length 0
How to ensure that R2 will do the translation of the LSA Type 7 to Type 5
without changing or increasing the router-id of R2 to be higher than
3.3.3.3(the router-id of R3) with only one command?
Let's dissect ,some shows and behaviors and before showing the solution of
the question asked above:
The routing table and the traceroute shown that the best path to reach the
external prefix 4::/64 is via R3 :
R1#show ipv6 route 4::/64
Routing entry for 4::/64
Known via "ospf 1", distance 110, metric 20, type extern 2
Route count is 1/1, share count 0
Routing paths:
FE80::C803:EFF:FE2C:8, FastEthernet0/0
Last updated 00:00:26 ago
R1#traceroute 4::4
Type escape sequence to abort.
Tracing the route to 4::4
1 13::3 60 msec 52 msec 56 msec

2 34::4 84 msec 88 msec 88 msec
Why ? because the Forward Address received by R1 in the LSA Type 5 from
the translator R3 is 34::3, the highest ip address among the physical
interfaces running OSPFv3 as shown by the show ipv6 ospf database
external | include...command,R1 looks at the best path in the inter-area
route to reach this FA which is via R3 as shown by show ipv6 route 34::/64
command (notice the outgoing interface fa0/0 and the link-local address as
the next hop which is the link-local address of R3):
R1#show ipv6 ospf database external | include Advertising Router|Forward Address
Advertising Router: 3.3.3.3
Forward Address: 34::4

Known via "ospf 1", distance 110, metric 2, type inter area
Routing paths:
The command which allow us to have R2 the translator of the LSA Type 7 to
the LSA Type 5 is :area 1 nssa translate type7 always*
Let's go:
R2(config)#ipv6 router ospf 1
R2(config-rtr)#area 1 nssa translate type7 always
Now the advertising router is R2 because R2 is now the ABR which do the
translation of the LSA Type 7 to Type 5 and the FA is 34::4:
R1#$spf database external | include Advertising Router|Forward Address
So R2 now is the ABR doing the translation but the forward address is set
to 34::4 which is the address of R4's fa0/0.This means that traffic does not
need
to pass through R2 to reach the external prefix 4::/64. The router will
lookup the 34::/64 prefix (the best inter-area route to reach 34::/64 as
described above) and use the routing information to reach the 4::/64, the
following commands confirm the result:
Routing paths:
R1#traceroute 4::4
1 13::3 92 msec 104 msec 36 msec
2 34::4 76 msec 116 msec 88 msec
Now what happen if the Forwarding address is choosen among the loopback
interfaces running OSPFv3:
let's configure another loopback on R4 and activate OSPFv3 in area 1:
R4(config)#int lo1
R4(config-if)#ipv6 address 40::4/64
R4(config-if)#ipv6 ospf 1 area 1
The translator is still R2 but the FA is now 40::4 the ip address of R4's
loopback 1:
R1#$spf database external | include Advertising Router|Forward Address
Now we have load balancing to reach 4::/64 (via R2 and R3) the external
prefix as shown by show ipv6 route 4::/64 command because R1 has a load
balancing to reach the forward address 40::4 (via R2 and R3)as shown by
R1#show ipv6 route | begin 40:: command:
Routing paths:
FE80::C801:14FF:FE78:6, FastEthernet0/1
R1#show ipv6 route ospf | begin 40::

OI 40::4/128 [110/2]
via FE80::C803:EFF:FE2C:8, FastEthernet0/0
via FE80::C801:14FF:FE78:6, FastEthernet0/1
R1#traceroute 4::4
1 12::2 76 msec
13::3 100 msec
12::2 60 msec
2 34::4 112 msec
24::4 84 msec
34::4 92 msec
Lab 2 : loop prevention mechanism of inter-area ospf
Even if R3 receives the LSA Type 3 for the network 192.168.1.0 it does not
install this route in its routing table because the loop prevention
mechanism of inter-area ospf which tells that an LSA Type 3 is not
advertised into nonbackbone area and then advertised back into the
backbone area so ABRs ignore LSA Type 3 created by other ABRs when
learned from a nonbackbone area:
R3#show ip route ospf
10.0.0.0/24 is subnetted, 3 subnets
O
10.1.12.0 [110/128] via 10.1.23.2, 00:09:41, Serial0/0
R3#show ip ospf database summary | include Link State ID

Link State ID: 10.1.12.0 (summary Network Number)
So R4 will never learn the LSA Type 3 for the network 192.168.1.0 as shown
by the following output because R3 ignore or reject this LSA when it receive
it from the ABR R1,thus R4 does not install the route toward 192.168.1.0 :
R4#show ip ospf database summary | include Link State ID

O IA
10.1.12.0 [110/138] via 10.1.34.3, 00:13:17, FastEthernet0/0
O IA
another question following the logic of the loop prevention in OSPF for the
inter-area ,why R1(ABR) unlike R3(ABR) installs then the route for the
subnet 10.1.34.0 which is configured in backbone and advertised into nonbackbone area and back into backbone?
O
10.1.23.0 [110/128] via 10.1.12.2, 00:21:14, Serial0/0
O IA
10.1.34.0 [110/138] via 10.1.12.2, 00:09:01, Serial0/0
let's add another router connected to R1 and running ospf in area 0:

R5 is connected to R1 with fa0/0 interfaces respectively:
R1 fa0/0: 172.16.15.1 area 0
R5 fa0/0 172.16.15.5 area 0
let's see the routing table of R1 :

we can see that the route for the subnet 10.1.34.0 diseappears because
now the loop prevention is applied over R1 like what we have saying about
R3! even if R1 receives the LSA Type 3 for the 10.1.34.0 with advertising
router 3.3.3.3(R3) (the other ABR) as shown by the second command:
O
10.1.23.0 [110/128] via 10.1.12.2, 00:32:00, Serial0/0
R1#show ip ospf database summary | include 10.1.34.0|3.3.3.3

as excpected R5 does not have the route in its routing table because the
loop prevention ,R1 now ignore the LSA Type 3 from non-backone area 1
just like the first case shown above on R4 where 192.168.1.0 is not installed
because R3 ignore the LSA Type 3 from non-backone area 1 for 192.168.1.0:
R5#show ip route 10.1.34.0

% Subnet not in table
so what is the conclusion? when R1 does not have adjacency with another
router (R5 is removed) R1 does not apply the loop prevention mechanism
for the inter-area,but if there is another router running adjacencies
(example shown with R5) R1 applies the rule .
let's shutdown the link between R1 and R5:
R1:
int fa0/0
shutdown

O
O IA
10.1.23.0 [110/128] via 10.1.12.2, 00:45:37, Serial0/0

10.1.34.0 [110/138] via 10.1.12.2, 00:00:10, Serial0/0
the subnet appears now because there is no router with ospf adjacencies
connected to R1:
we return now at the first case where we don't have a route in R4 to reach
192.168.1.0
% Network not in table
my question is: how to see the network 192.168.1.0 in the routing table of
R4 and override the loop prevention without changing the design of the
topology?
First solution:configure virtual link between R1 and R3:
R1(config-router)# area 1 virtual-link 3.3.3.3
R3(config-router)# area 1 virtual-link 1.1.1.1
Now we can see the route in both R3 and R4 's routing tables
R4#show ip route | include 192.168.1.0

O
192.168.1.0/24 [110/139] via 10.1.34.3, 00:07:04, FastEthernet0/0
R3(config-router)#do show ip route | include 192.168.1.0

O
192.168.1.0/24 [110/129] via 10.1.23.2, 00:07:40, Serial0/0
let's remove the virtual link

R1(config-router)#no area 1 virtual-link 3.3.3.3
R3(config-router)#no area 1 virtual-link 1.1.1.1
if we create a virtual tunnel between R1 and R2 and configure this link in

area 0 so i will include R2 in area 0 ,the purpose is to allow the
configuration of virtual-link in area 1 between R2 and R3 only by extending
the area 0 to include R2 :
R1:
interface Tunnel0
ip address 192.168.12.1 255.255.255.0
ip ospf 1 area 0
tunnel source Serial0/0
tunnel destination 10.1.12.2
R2:
interface Tunnel0
ip address 192.168.12.2 255.255.255.0
ip ospf 1 area 0
after configuring the tunnel:

we will configure now the virtual link between R2 and R3:
R2(config-router)#area 1 virtual-link 3.3.3.3
we have a good result:

O
R3(config-router)#do show ip route | include 192.168.1.0

O
192.168.1.0/24 [110/129] via 10.1.23.2, 00:00:35, Serial0/0
R4#ping 192.168.1.1
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
!!!!!
Lab 3: Forward Address and path selection in OSPFv2
both R1 and R2 will do the redistribution of the static routes as shown in

the topology:
In the internal router R3 we have load balancing for the subnet 172.16.1.0
even if the link between R1 and R4 is faster than the serial link between R2
and R5, because R3 compares only the cost to reach both ASBRs which is
10 thus equal as shown by the show ip ospf border-routers command and
the forward metric 10 shown by show ip route 172.16.1.0 command:

Routing entry for 172.16.1.0/24
Known via "ospf 1", distance 110, metric 20, type extern 2, forward metric 10
Last update from 10.1.13.1 on FastEthernet0/0, 00:00:28 ago
Routing Descriptor Blocks:
* 10.1.23.2, from 2.2.2.2, 00:00:28 ago, via FastEthernet0/1
Route metric is 20, traffic share count is 1
10.1.13.1, from 1.1.1.1, 00:00:28 ago, via FastEthernet0/0

R3#show ip ospf border-routers

i 1.1.1.1 [10] via 10.1.13.1, FastEthernet0/0, ASBR, Area 0, SPF 4
In this case the FA for both the LSA Type 5 advertised by R1 and R2 is set to
0.0.0.0:
R3#show ip ospf database external | include Forward Address|Advertising Router
Forward Address: 0.0.0.0
Now let's running ospf in fa0/0 of R1 and s0/0 of R2:

R2(config-if)#ip ospf 1 area 0
We can see that the preferred route in R3 is through R2(10.1.23.2) even if

the link between R1 and R4 is faster than the serial link between R2 and
R5:
so in this case R3 prefers the LSA Type 5 advertised by R2 instead of the
LSA Type 5 advertised by R1 why?

Let's look the LSA Type 5 advertised by both ASBRs (R1 and R2)
interesting output ,R1 advertises the LSA Type 5 with FA=192.168.1.4 and
R3 advertises its LSA Type 5 with FA=0.0.0.0
so R3 what will do ?in this case R3 compares the cost to reach the two
Forward Address
let's examine the costs for both FA:
1-The LSA Type 5 advertised by R2 with FA 0.0.0.0 ,R3 looks the metric to
reach FA 0.0.0.0 which means the metric to reach the ASBR R2 which is
10 ,we can verify by the following output:
R3#show ip ospf border-routers | include 10.1.23.2
2- The LSA Type 5 advertised by R1 with FA 192.168.1.4,R3 looks the metric

to reach the FA 192.168.1.4 which is 20 =10(cost of Fa0/0 's R3)+10(cost of
fa0/0's R1) ,in other word R3 will find the metric to reach 192.168.1.4 by
looking the intra-area for the network 192.168.1.0 ,the following output
allows us to see the metric for the intra-area route 192.168.1.0:
R3#show ip route 192.168.1.0 | include metric
Known via "ospf 1", distance 110, metric 20, type intra area
The traceroute shown that the packet from R3 is going through the less
faster link through the serial link R2:
R3#traceroute 172.16.1.4
1 10.1.23.2 28 msec 28 msec 32 msec
2 192.168.2.5 32 msec 24 msec 48 msec
3 172.16.1.4 60 msec * 64 msec
how to solve this suboptimal route?

According to the conditions required to have a non-zero FA :
1-case :
R1(config)#int fa0/0
R1(config-if)#ip ospf network point-to-point


In this case we return at the first case where we have load balancing
because the forward metric =10 to reach both ASBRs is the same
2-case:
R1(config-if)#no ip ospf network point-to-point
R2(config-if)#int s0/0
R2(config-if)#ip ospf network broadcast

1 10.1.13.1 32 msec 32 msec 32 msec
2 192.168.1.4 76 msec 64 msec 68 msec
3 172.16.1.5 52 msec * 64 msec
now we have the good result ,the show ip route shown that the route is
installed with the next hop R1 (10.1.13.1) with the forward metric 20 and
the traceroute shown that the packet is going through R1.
why because if we look the FA received by R3:

we can see that now R3 received two FA for each LSA Type 5 advertised by
R1 and R2:
-R3 looks the metric to reach the FA 192.168.1.4 advertised by R1 which is
20(the forward metric shown above):
R3# show ip route 192.168.1.0 | include metric

-R3 looks the metric to reach the FA 192.168.2.5 advertised by R2 which is

74(the forward metric to reach this FA):
R3#show ip route 192.168.2.0 | include metric

to see the forward metric 74 to reach FA 192.168.2.5 ,we disable the fa0/0
of R1
we can see now that the packet is going through R2 with the forward metric
of 74 as explained above:

so The metric 20 toward FA 192.168.1.4 is better than the metric 74 toward

the FA 192.168.2.5 thus R3 installs the route through R1
conclusion ,with ospf network point-to-point interface the FA is set to 0 and
with broadcast network interface the FA is set to non-zero.
Lab 4: OSPFv3 and the Forwarding Address
Forward Address in OSPFv3:

2001:45::/64 is advertised as external
We can see that R1 installs a load balancing to reach external prefix
2001:45::/64,because the cost to reach both ASBRs(R4 and R5) is the same:
R1#show ipv6 route 2001:45::/64
Routing entry for 2001:45::/64
Routing paths:
FE80::C801:5FF:FEC4:8, FastEthernet0/0
FE80::C802:21FF:FE7C:6, FastEthernet0/1
we can verify this cost by looking the LSA Type 4 created by the ABRs R2
and R3 which tells R1 how to reach the two ASBRs with the following
command:
2.2.2.2 R2 and 3.3.3.3 R3 are the ABRs which create the LSA Type 4 and
Destination Router ID is the ASBR ,the metric is the same =1:
R1#show ipv6 ospf data inter-area router | include Destination Router ID|Advertising
Router|Metric
Metric: 1
Destination Router ID: 4.4.4.4
Metric: 1
now what happen if we configure area 1 as nssa:

let's go:
after configuring area 1 nssa we have still load balancing:

R1#show ipv6 route 2001:45::/64
Routing entry for 2001:45::/64
Routing paths:
why ? to understand , as with OSPFv2, we can see that R1 receives two

LSAs Type 5 from R2(2.2.2.2) and R3(3.3.3.3) with two Forward Addresses,
24::4 from R2 and 35::5 from R3,this two Forward Addresses represent the
ip addresses of R4's fa0/1 and R5'sfa0/0 respectively:
R1#show ipv ospf database external | include Advertising Router|Forward Address|
Metric
Metric Type: 2 (Larger than any link state path)
Metric: 20
Metric: 20
R1 looks the inter-area or the intra-area to reach those two Forward

Addresses ,in this case the inter-area:
the following command shown that the cost to reach both prefixes 24:: and
35:: is the same and equal to 1 so we have load balancing:
R1#show ipv6 ospf data inter-area prefix | include Advertising Router|Prefix Address|
Metric
Metric: 1
Prefix Address: 24::
Metric: 1
An important point to notice also is the next-hop of the route toward the
external prefix 2001:45::/64 in R2 and R3 :
before configuring the area 1 as nssa:
Notice the next-hop in both R2 and R3 ,it's the link-local addresses or R4
and R5 respectively (FE80::C803:21FF:FE7C:6 and FE80::C804:20FF:FE20:8)
R2(config-rtr)#do show ipv route | s 2001:45::/64

OE2 2001:45::/64 [110/20]
via FE80::C803:21FF:FE7C:6, FastEthernet0/1

OE2 2001:45::/64 [110/20]
after configuring the area 1 as nssa:

Notice now the next-hop is not the link-local addresses ,instead it is the
unicast ipv6 addresses 24::4 and 35::5 configured statically ,the ipv6
addresses of R4's fa0/1 and R5's fa0/0:
ON2 2001:45::/64 [110/20]
via 24::4, FastEthernet0/1

ON2 2001:45::/64 [110/20]
If we increases the cost of R2's fa0/1

R2(config-rtr)#int fa0/1
R2(config-if)#ipv6 ospf cost 2
We can see that R1 installs one route to reach the external prefix ,the path
is via R3 as confirmed by the outgoing interface fa0/1 connected to R3
R1#show ipv6 route | s 2001:45::/64
OE2 2001:45::/64 [110/20]
the reason is that even if R1 receives two LSA Type 5 with from R2 and
R3 ,R1 will choose the path via R3 as shown:
R1#show ipv6 spf database external | include Advertising Router|Forward Address
why?
because the cost now to reach the FA 35::5 advertised by R3 (1)is less than
the cost to reach the FA 24::4 advertised by R2 (2) as shown by the
following output:
R1#show ipv ospf data inter-area prefix | include Advertising Router|Prefix Address|
Metric
Metric: 2
Metric: 1
Lab 5: OSPF path selection for external route
R4 and R5 redistribute between EIGRP and OSPF:

The metric via both R2 and R3 is 20 (default metric for Type 2 E2) and the
forward metric is =2 the cost to the ASBRs (R4 and R5)
R4(config)#router ospf 1
R4(config-router)#redistribute eigrp 1 subnets metric-type 1
The metric now is set to 22 (20+2) Cost 2 to ASBR and Cost 20 advertised
by the ASBR,the route installed now on R1 is via R2 because E1 advertised

by R4 is preferred over the route E2 advertised by R5.even if we will
change the metric for E1 route on R4 to be higher than E2 route advertised
by R5 , we have always the route E1 via R2 installed on R1 s'routing table.
R4(config-router)#redistribute eigrp 1 subnets metric-type 1 metric 100

The total cost of the route via R4 is 100+forward metric 2=102 and via R5 is
20+forward metric 2=22

R5(config-router)#redistribute eigrp 1 subnets metric-type 1
R1 chooses always the path via R5(R3)


R1(config)#interface Fa0/0
R1(config-subif)#ip ospf cost 100

The cost via R2 is calculated as follow: cost to R2 100+ cost the link of R4
1+99(redistributed metric)=200
The cost via R3 is calculated as follow:cost to R3 1+ cost the link of R5
1+198(redistributed metric)=200
We have load balancing on R1:

The path via R4 is installed because 99 is less than 198 (redistributed

metric)
R1# show ip route 10.1.6.0

Why R1 prefer the path via R3--R5?

R1 does have LSA Type 4 to reach the ASBRs R4 and R5 as shown by the
following command:
R1#show ip ospf database asbr-summary 4.4.4.4

OSPF Router with ID (1.1.1.1) (Process ID 1)
Summary ASB Link States (Area 0)
Routing Bit Set on this LSA
LS age: 1525
Options: (No TOS-capability, DC, Upward)
LS Type: Summary Links(AS Boundary Router)

Link State ID: 4.4.4.4 (AS Boundary Router address)
LS Seq Number: 80000003
Checksum: 0x8C94
Length: 28
Network Mask: /0
TOS: 0 Metric: 1
R1#show ip ospf database asbr-summary 5.5.5.5

LS age: 1484
Checksum: 0x40D8
Length: 28
Network Mask: /0
TOS: 0 Metric: 1
R1 looks the LSA Type 1 and finds that the cost to R2:2.2.2.2 (DR) is 100
and the cost to R3 :3.3.3.3 (DR) is 1 as shown by the show ip ospf database
router 1.1.1.1 command
the total cost to reach 10.1.6.0 via R2 is: cost to R2:100 + cost the link R4:1
+ the redistributed metric:1=102
The total cost via R3 is :cost to R3:1 + cost the link R5:1 + the redistributed
metric:1=3
R1#show ip ospf database router 1.1.1.1

Router Link States (Area 0)
LS age: 492
Options: (No TOS-capability, DC)
LS Type: Router Links
Link State ID: 1.1.1.1
Checksum: 0xFD4C
Length: 48
Number of Links: 2
Link connected to: a Transit Network

(Link ID) Designated Router address: 10.1.13.3
(Link Data) Router Interface address: 10.1.13.1
Number of TOS metrics: 0
TOS 0 Metrics: 1

TOS 0 Metrics: 100
R1 chooses the shorter path to the ASBR, which is through R1-R3-R5
Lab 6: OSPFv2 and OSPFv3 comparison
LSA Type 1 in OSPFv2 and the new LSAs Type 8/Type 9 in OSPFv3:
The Type 1 LSA for OSPFv3 does not include any ipv6 addresses unlike with
OSPFv2 as shown by the two following output about router LSA in both
scenario with OSPFv3 and OSPFv2:
In OSPFv3:there is only reference to the router-id of the neighbor
R11#show ipv6 ospf database router
OSPFv3 Router with ID (1.1.1.1) (Process ID 1)
LS age: 3
Options: (V6-Bit E-Bit R-bit DC-Bit)
Link State ID: 0
Checksum: 0x805D
Length: 40
Number of Links: 1

Link Metric: 10
Local Interface ID: 4
Neighbor (DR) Interface ID: 4
Neighbor (DR) Router ID: 2.2.2.2

LS age: 10
Link State ID: 0
Checksum: 0x6374
Length: 40
Area Border Router
Number of Links: 1

Link Metric: 10
In OSPFv2:the LSA Type 1 lists interface IP addresses in area 0:

R1#show ip ospf database router
LS age: 4

Checksum: 0xC10E
Length: 48
Number of Links: 2
Link connected to: a Stub Network

(Link ID) Network/subnet number: 10.1.1.0
(Link Data) Network Mask: 255.255.255.0
TOS 0 Metrics: 1

TOS 0 Metrics: 10

LS age: 15
Checksum: 0xF0F0
Length: 36
Area Border Router
Number of Links: 1

TOS 0 Metrics: 10
this point is resolved in OSPFv3 by adding the new LSAs Type 8 and Type 9
in ospf:
Here there are two Type LSA 8 ,one originated by R11 and another from
R22,this LSA is used to advertise the link local addresses ,in this
example ,R11 advertises its own link local address
(FE80::C206:DFF:FE94:0),R22 advertises its own link local address which
is:FE80::C207:7FF:FED8:0,both LSA advertises the same prefixes
2001:1122:: which is the subnet shared between R11 and R22,the purpose
of this Type LSA 8 is that in OSPFv3 the link local address is used as nexthop in the routing table so the routers running OSPFv3 need to know the
link addresses of the directly connected routers:
R11#show ipv6 ospf database link

Link (Type-8) Link States (Area 0)
LS age: 1295
LS Type: Link-LSA (Interface: FastEthernet0/0)
Link State ID: 4 (Interface ID)
Checksum: 0x374B
Length: 56
Router Priority: 1
Link Local Address: FE80::C206:DFF:FE94:0
Number of Prefixes: 1
Prefix Address: 2001:1122::
Prefix Length: 64, Options: None
LS age: 619
Checksum: 0x1827
Length: 56
Router Priority: 1
Link Local Address: FE80::C207:7FF:FED8:0
But what about the intra-area subnet of 2001:11::/64 (lo0's R11),if we will
enter the following command below to see the Type LSA 9 in R11 , R11
create one Type LSA 9 including the prefix 2001:11::(Lo0's R11) and the
second Type LSA 9 advertised by R22 with the prefix address
2001:1122::/64 so this is the purpose of Type 9 LSA called Intra-area Prefix
LSA,it allow the routers to know the intra-area prefix:
R11#show ipv6 ospf database prefix
Intra Area Prefix Link States (Area 0)
LS age: 35
LS Type: Intra-Area-Prefix-LSA
Link State ID: 0
Checksum: 0xEB9A
Length: 44
Referenced LSA Type: 2001
Referenced Link State ID: 0
Referenced Advertising Router: 1.1.1.1
Prefix Length: 64, Options: None, Metric: 1

LS age: 339
Link State ID: 4096
Checksum: 0x51FA
Length: 44
notice unlike the router R33, R11 advertise only one prefix address
2001:11::/64 in its own LSA Type 9 (prefix for loopback,looks Number of
Prefixes: 1 in the output above) but not for 2001:1122::/64 (the subnet
shared betw R11 and R22),but R33 advertises two prefixes one for
2001:33::/64 and another for 2001:2233::/64(the subnet shared betw R33
and R22 (looks Number of Prefixes: 2 in the output below),also R33 includes
the metric for both the two prefixes, Metric= 1 for 2001:33::/64, Metric=
64(s0/0 of R33) for 2001:2233::/64 ,also in the LSA Type 9 of R11, R22
advertises the prefix 2001:1122::/64 in the LSA 9 with the metric 0 (the
output above) unlike with the LSA Type 9 in R33 where R22 advertises the
prefix 2001:2233:: with metric 64 (s0/0 of R22) as shown below :

LS age: 315
Link State ID: 0
Checksum: 0x34C9
Length: 44

LS age: 326
Link State ID: 0
Checksum: 0xA6AA
Length: 56
Now how to ensure that the two prefixes (2001:11::/64 and 2001:1122::/64)
appear in the LSA Type 9 of R11 like in R33 and in this LSA we should see
the Advertising Router R22 sets the metric to non-zero for the prefix
2001:1122::/64 (so 10 the cost 's fa0/0 of R22) like in the LSA Type 9 of R33
where R22 advertises the prefix 2001:2233:: with the metric 64(cost of s0/0
's R22)?
R11(config-if)#ipv6 ospf network point-to-point
R22(config-if)#ipv6 ospf network point-to-point
the desired result is displayed ,in the LSA Type 9 generated by R11 , there
are two prefixes (look Number of Prefixes: 2),one for the Lo0's R11 with the
metric =1 and another for 2001:1122::/64 with the metric 10(the cost of the
int fa0/0),R22 also advertises the prefix 2001:1122::/64 with the metric 10
as displayed by the following output:
LS age: 35
Link State ID: 0
Checksum: 0xB920
Length: 56

LS age: 16
Link State ID: 0
Checksum: 0x8ACD
Length: 44
Lab 7: OSPF Lab Case Study
Requirements:
1. Use the addressing scheme shown in the diagram.
2. Configure OSPF with the networks shown in the diagram.

3. Configure the OSPF backbone area to be on Loopback0 on HQ.
4. Configure the Frame Relay subnets as point-to-point subinterfaces, with
the link between HQ and East in area 100, and the link between HQ and
West in area 300.
5. Configure area 300 as an NSSA.
6. Configure the router East loopback interfaces to be in area 200.
Summarize this area with the most efficient summary.
7. Redistribute the loopback network on router West into OSPF.
8. Create virtual links as necessary for full connectivity.
9. Make sure that all loopback interfaces are advertised with the correct
subnet mask.
Router R1 Hostname HQ
hostname HQ
interface Loopback0
ip address 10.1.1.9 255.255.255.252
ip ospf network point-to-point
!
interface Serial0/1
encapsulation frame-relay ietf
no shutdown
!
interface Serial0/1.102 point-to-point
ip address 10.1.1.1 255.255.255.252
bandwidth 64
frame-relay interface-dlci 102
!
ip address 10.1.1.5 255.255.255.252
bandwidth 64

!
router ospf 1
log-adjacency-changes
area 100 virtual-link 10.1.1.113
area 300 nssa
network 10.1.1.0 0.0.0.3 area 100
network 10.1.1.4 0.0.0.3 area 300
network 10.1.1.8 0.0.0.3 area 0
Router R2 Hostname East

hostname East
!
interface Loopback101
ip address 10.1.1.101 255.255.255.252
!
ip address 10.1.1.105 255.255.255.252
!
ip address 10.1.1.109 255.255.255.252
!
ip address 10.1.1.113 255.255.255.252
!
interface Serial0/1
clock rate 64000
no shutdown
!
ip address 10.1.1.2 255.255.255.252
bandwidth 64
!
router ospf 1
area 200 range 10.1.1.96 255.255.255.224
network 10.1.1.0 0.0.0.3 area 100
network 10.1.1.100 0.0.0.3 area 200
network 10.1.1.104 0.0.0.3 area 200
network 10.1.1.108 0.0.0.3 area 200
network 10.1.1.112 0.0.0.3 area 200
Router R4 Hostname West

hostname West
!
interface Loopback0
ip address 10.1.1.13 255.255.255.252
!
interface Serial0/0
no shutdown
!
ip address 10.1.1.6 255.255.255.252
bandwidth 64
!
router ospf 1
area 300 nssa
redistribute connected subnets
network 10.1.1.4 0.0.0.3 area 300
end
Router R3 Hostname FRS

hostname FRS
!
frame-relay switching
!
interface Serial0/0
clock rate 64000
bandwidth 64
frame-relay intf-type dce
frame-relay route 102 interface Serial0/0/1 201
no shutdown
!
interface Serial0/1
clockrate 64000
bandwidth 64
frame-relay intf-type dce
no shutdown
!
interface Serial0/2
bandwidth 64
frame-relay intf-type dte
no shutdown
Lab 8: OSPF over Frame-Relay and redistribution between two

OSPF Processes-ID
R1 is the hub ,R2 and R4 are the spoke routers in Frame-Relay ,the three
routers are running OSPF process ID 1.
The link between R2 and R4 is configured as a point-to-multipoint network
type and the two routers are running OSPF process ID 2.
To ensure that all routers on Frame-relay can ping each others'serial
interfaces we enter the following command in each routers:
R1(config)#interface serial 0/1
R1(config-if)#frame-relay map ip 10.0.0.2 102 broadcast


Configure OSPF 1 between R1 R2 and R4,The adjacencies is not extablished

because the default ospf network type of ospf in frame-relay is NBMA ,so
we need to specify neighbors manually using neighbor command to
establish the adjacencies:
R1(config-router)#router-id 1.1.1.1
R1(config-router)#neighbor 10.0.0.2
4(config)#router ospf 1
ensure that R1 is always elected DR:

R2(config-if)#ip ospf priority 0

R4(config-if)#ip ospf priority 0
R1(config-router)#do show ip ospf nei

Neighbor ID
Pri State
Dead Time Address
Interface
2.2.2.2
0 FULL/DROTHER
00:01:56
10.0.0.2
Serial0/1
4.4.4.4
0 FULL/DROTHER
00:01:58
10.0.0.4
Serial0/1
We will configure the link between R2 and R4 with OSPF 2 and network
point-to-multipoint to prevent the election of DR and BDR:
R2(config)#interface fastethernet 0/0
R2(config-if)#ip ospf network point-to-multipoint
R4(config-if)#ip ospf network point-to-multipoint
R2 and R4 redistribute between OSPF 1 and OSPF 2 ,to ensure that the
routes from OSPF 1 are not re-advertised back to OSPF 2 and vice versa we
configure the route-tag:
R2:
route-map OSPF1-INTO-OSPF2 deny 10
match tag 4
!
route-map OSPF1-INTO-OSPF2 permit 20
set tag 2
!
match tag 4
!
set tag 2
!
router ospf 1
redistribute ospf 2 subnets route-map OSPF2-INTO-OSPF1
!
router ospf 2
R4:
match tag 2
!
set tag 4
!
match tag 2
!
set tag 4
!
router ospf 1
!
router ospf 2
Let's dissect the configuration of route-tag:

When OSPF1 on R2 redistributes routes from OSPF 2, it denies all routes
with a tag of 4 because the deny action in the route-map OSPF2-INTOOSPF1 sequence 10 . This tag is specified (with the route-map OSPF1-INTOOSPF2 on R4) when OSPF 2 on R4 redistributes OSPF 1 routes. This
prevents R2 from re-advertising these same routes back in the Frame Relay.
After denying these routes, OSPF 1 on R2 permit all other routes with
route-map OSPF1-INTO-OSPF2 sequence 20 and sets tag of 2 for those
routes.
When those routes are received by R4 via the Frame Relay, they are denied
by OSPF 2 on R4, in order to prevent the same routes from being readvertised in the LAN link between R2 and R4.
Follow the same logic in the other direction.
R1(config-if)#do show ip route ospf
150.5.0.0/16 is variably subnetted, 3 subnets, 2 masks
O E2
150.5.5.4/32 [110/10] via 10.0.0.2, 00:00:34, Serial0/1
O E2
150.5.5.2/32 [110/10] via 10.0.0.4, 00:00:22, Serial0/1
O E2
150.5.5.0/24 [110/10] via 10.0.0.4, 00:00:22, Serial0/1

[110/10] via 10.0.0.2, 00:00:22, Serial0/1
Notice the routing table has host routes,150.5.5.4/32 on R2 and

150.5.5.2/32. This is the default behavior of point-to-multipoint netwoprk
type.
R2(config-router)#do show ip route ospf
O IA
150.1.1.0 [110/74] via 10.0.0.1, 00:16:23, Serial0/1

O

O IA
150.1.1.0 [110/74] via 10.0.0.1, 00:16:51, Serial0/0

O
- R1 should prefer the path via R2 to reach the 150.5.5.0/24 subnet.

- If R2 is down, the path via R4 should be used.
- R4 should prefer the path via R2 to reach the 150.1.1.0/24 subnet.
- If R2 is down, it should use the Frame Relay link to R1.
To ensure that R1 install only the path via R4 to reach 150.5.5.0 we should
either increase the cost on fa0/0 of R2 or decrease the cost on R4 's fa0/0
,or redistribute the routes on R4 with the metric less than 10 (10 is the
metric shown in the routing table of R1 for the routes toward 150.5.5.0
learned from both R2 and R4,load balancing ):
O E2
150.5.5.4/32 [110/10] via 10.0.0.2, 00:00:34, Serial0/1
O E2
150.5.5.2/32 [110/10] via 10.0.0.4, 00:00:22, Serial0/1
O E2
150.5.5.0/24 [110/10] via 10.0.0.4, 00:00:22, Serial0/1

[110/10] via 10.0.0.2, 00:00:22, Serial0/1
R4(config-router)#redis ospf 2 subnet route-ma OSPF2-INTO-OSPF1 metric 4
We must clear the redistribution :

R4#clear ip ospf ?
<1-65535>
Process ID number
counters
OSPF counters
process
Reset OSPF process
redistribution Clear OSPF route redistribution

traffic
Traffic related statistics
R4#clear ip ospf redi

R4#clear ip ospf redistribution
Now the preferred route for R1 is via R4 with the metric 4:

R1(config)#do show ip route 150.5.5.0
Known via "ospf 1", distance 110, metric 4
Tag 4, type extern 2, forward metric 64
Last update from 10.0.0.4 on Serial0/1, 00:00:28 ago
* 10.0.0.4, from 4.4.4.4, 00:00:28 ago, via Serial0/1
Route tag 4
To ensure that R4 prefers the path via R2 to reach 150.1.1.0 we must

decrease administrative distance on R4 under ospf 2 to be less than 110 so
when R4 receives two routes ,an internal route from R1 in OSPF 1 and an
external route from R2 to reach 150.1.1.0 ,R4 prefers the lowet AD and
install it in its routing table:
R4(config-router)#distance ospf external 105
Now the best path to reach 150.1.1.0 is the external route learned from
R2 ,notice nthe next-hop is R2's ip address (150.5.5.2):
R4(config-router)#do show ip route 150.1.1.0
Known via "ospf 2", distance 105, metric 74
Tag 2, type extern 2, forward metric 10
Redistributing via ospf 1

Route tag 2

O E2

O
Lab 9: Redistribution between two OSPF Processes-ID
R2 redistributes Lo1:10.22.22.22/24 as external Type 2 in OSPF 2 domain

R1 redistributes between OSPF 1 and OSPF 2 processes,the requirement is :
-Only OSPF E2 routes in the OSPF 2 domain will be considered for
redistribution into OSPF 1 domain and those routes should be redistributed
as Type 1 into OSPF 1 domain:
R1
router ospf 1
redistribute ospf 2 subnets match external 2 route-map inter-ospf
!
access-list 1 permit 10.0.0.0 0.255.255.255
!
route-map inter-ospf permit 10

match ip address 1
set metric-type type-1
R1 allow redistribution only for external routes Type 2 which match the ACL
1 and learned from ospf 2. in this case the only subnet which is permitted
by the ACL 1 and originating from ospf 2 as E2 is 10.22.22.0/24.So R1
redistribute this subnet as type 1 into ospf 1 because the route-map
configured with the set metric-type type 1 Thus R3 installs the E1 route in
its routing table.
R3#show ip route
C
O E1
C
10.1.13.0 is directly connected, Serial0/0

10.22.22.0 [110/84] via 10.1.13.1, 00:00:01, Serial0/0
10.3.3.0 is directly connected, Loopback0
Lab 10: OSPFv3 external path selection and Forward Address
let's look the topology, loopback 0 (2001::4/64) is redistributed by R4 as an

external route ,R2--R4 is configured in area 2 ,R3--R4 is configured in area 3
without NSSA, we have Load Balancing on R1 to reach 2001::/64 through R2
and R3 :
Routing paths:
FE80::C801:13FF:FEF8:8, FastEthernet0/0
R1 receives one LSA Type 5 for the external prefix 2001::/64 from R4 (the
ASBR )as shown by the show ipv6 ospf database external ,first R1 looks
that the cost to reach the ASBR R4 is equal through R2 and R3:
R1#show ipv6 ospf database external
LS age: 492
LS Type: AS External Link
Link State ID: 0
Checksum: 0xF496
Length: 36
Metric: 20
to calculate this cost, R1 uses the LSAs Type 4 received from the ABRs R2
and R3 as show by the show ipv6 ospf database inter-area router
command , we can see that there is two LSAs Type 4 with two Advertising
Routers (2.2.2.2 which is R2 and 3.3.3.3 which is R3) and with the same
Destination Router ID 4.4.4.4 which is R4,(notice in OSPFv2 the LSA Type 4
uses the link state identifier LSID and in OSPFv3 the LSA 4 uses Destination
Router ID),these LSAs includes the costs to reach the ASBR from the two
ABRs (R2 and R3) which is equal to 1 in this case,then R1 calculates the
cost to reach the ASBR via each ABR by adding the R1's intra-area cost to
reach the ABRs to the cost listed in the corresponding Type 4 LSAs,so here
when R1 calculates two possible routes to reach 2001::/64 ,it find routes
both have a metric of 20 so R1 looks at the cost to reach the ASBR over
each route by adding its intra-area cost to reach the ABRs to the ABR's cost
to reach the ASBR listed in the LSA Type 4,in this case R1 finds that the
cumulative cost is the same via R2 and via R3,thus R1 installs a loadbalancing:
R1#show ipv6 ospf database inter-area router
Inter Area Router Link States (Area 0)
LS age: 865
Options: (V6-Bit, E-Bit, R-bit, DC-Bit)
LS Type: Inter Area Router Links
Link State ID: 67372036
Checksum: 0xB22B
Length: 32
Metric: 1

LS age: 873
LS Type: Inter Area Router Links
Link State ID: 67372036
Checksum: 0x9445
Length: 32
Metric: 1
To see the cost to reach the ASBR from R1 we will use the show ipv6 ospf
border-routers command, notice we have two intra-area routes as denoted
by the letter I to reach the ASBR 4.4.4.4 with the same cost 4,one route is
via FE80::C801:19FF:FE40:8(the link-local address of R2) and another route
via FE80::C803:1AFF:FE74:6 (the link-local address of R3):
R1#show ipv6 ospf border-routers
Codes: i - Intra-area route, I - Inter-area route
I 4.4.4.4 [2] via FE80::C801:19FF:FE40:8, FastEthernet0/0, ASBR, Area 0, SPF 4
I 4.4.4.4 [2] via FE80::C803:1AFF:FE74:6, FastEthernet0/1, ASBR, Area 0, SPF 4
i 2.2.2.2 [1] via FE80::C801:19FF:FE40:8, FastEthernet0/0, ABR, Area 0, SPF 4
i 3.3.3.3 [1] via FE80::C803:1AFF:FE74:6, FastEthernet0/1, ABR, Area 0, SPF 4
another way to calculate the cost to reach the ASBR: is to see the LSAs
Type 1 advertised by both R2 and R3 and received by R1 which is the cost
to reach the ABRs from R1,in this case we can see that it is equal to 1, then
R1 adds its intra-area cost to reach the ABRs to the cost listed in the
corresponding Type 4 LSAs which is equal to 1 as shown by above with the
show ipv6 ospf database inter-area router command, so 1+1=2:
R1#show ipv6 ospf database router adv-router 2.2.2.2 | include Metric
Link Metric: 1
R1#show ipv6 ospf database router adv-router 3.3.3.3 | include Metric
Link Metric: 1
Let's configure AREA 2 as nssa:

R2(config-rtr)#area 2 nssa
Let's look the routing table in R1 for the prefix 2001::/64:

We have only one path with the next-hop FE80::C802:5FF:FEC4:6 which is
the link-local address of R3 s'fa0/1 as shown by show ipv6 int br command
on R3:

Routing paths:
R3#show ipv6 int br

FastEthernet0/0
[up/up]
FE80::C802:5FF:FEC4:8
34::3
FastEthernet0/1
[up/up]
FE80::C802:5FF:FEC4:6
13::3
The traceroute shown that the best-path to reach the external prefix is via
R3 :
R1#traceroute 2001::4
1 13::3 120 msec 120 msec 4 msec
2 34::4 184 msec 132 msec 184 msec
how to explain this choice:

let's dissect what happen,after configuring the area 2 as nssa, R2 receives
one LSA Type 7 and one LSA Type 5 from R4 for the same external prefix as
shown by the following command:
R2#show ipv ospf database | begin Type-7
Type-7 AS External Link States (Area 2)
ADV Router
4.4.4.4
Age
23
Seq#
Prefix
0x80000004 2001::/64

ADV Router
Age
2.2.2.2
1343
4.4.4.4
23
Seq#
Link ID
0x80000006 3
0x80000006 3
Interface
Fa0/1
Fa0/1

ADV Router
4.4.4.4
Age
Seq#
1343
Link ID
Ref-lstype Ref-LSID
0x80000006 3072
0x2002

ADV Router
4.4.4.4
Age
249
Seq#
Prefix
0x80000001 2001::/64
Notice there is no LSA Type 5 originated by R2 (remember R2 will do the

translation of the LSA Type 7 to the LSA 5 in NSSA area 2) as show by the
show ipv6 ospf database external self-originate so Even if R2 is the
translator in nssa area 2 ,it does not generate the LSA Type 5,R2 prefers
the LSA Type 5 advertised by R4 over the LSA Type 7 advertised by R4:
R2#show ipv6 ospf database external self-originate
below we can see that R1 receives the LSA Type 5 advertised by the ASBR
R4 :
LS age: 1219
Link State ID: 0
Checksum: 0xF098
Length: 36

Metric: 20
Now what happen with area 3 configured also as nssa:

We have a load balancing on R1,why?how to explain this behavior:

Routing paths:
FE80::C803:1AFF:FE74:6, FastEthernet0/1
let's look the LSA Type 5 received by R1 for the external prefix:
LS age: 129
Link State ID: 0
Checksum: 0xB2A6
Length: 52
Metric: 20

LS age: 107
Link State ID: 0
Checksum: 0xD56F
Length: 52
Metric: 20
We can see that R1 receives two LSAs Type 5 from R2 and R3 ,notice the
Forward Addresses in both LSAs,from R2 the FA=24::4 and from R3 the FA
=34::4,to find the best route to reach the external prefix ,R1 looks the best
intra-area or inter-area route to reach the Forward Address, in this case the
inter-area routes:
R1#show ipv6 route ospf
OI 24::/64 [110/2]
OI 34::/64 [110/2]
via FE80::C803:1AFF:FE74:6, FastEthernet0/1

OE2 2001::/64 [110/20]
Notice the cost to reach 24::/64 and 34::/64 is the same and equal to 2 thus
R1 installs the load balancing.
now if we increase the cost of R1 's fa0/0:
R1(config-if)#ipv6 ospf cost 50
Now the best path to reach the external prefix is via R3,why?
Routing paths:
R1 still receives two LSA Type 5 with two FA:

R1#show ipv ospf database external | include Advertising Router|Forward Address
As explained jus above ,R1 looks the cost to reach the two FA and it find
that the cost to reach 34::4 is 2 less than the cost to reach the FA 24::4
which is 51,thus R1 installs the route via R3:
OI 24::/64 [110/51]
OI 34::/64 [110/2]
OE2 2001::/64 [110/20]
Now let's remove the nssa in area 2 and leaves area 3 as nssa and we
should see that the best route to reach the external prefix is via R2 :
as expected R1 installs the route via R2 to reach the external prefix even if
the cost on R1's fa0/0(connected to R2) is left increased:
R1#show ipv route 2001::/64
Routing paths:
1 12::2 168 msec 44 msec 16 msec
2 24::4 56 msec 52 msec 40 msec
After removing nssa in area 2 and leaving area 3 as nssa ,R3 receives one
LSA Type 7 from R4 and one LSA Type 5 from R4 for the same external
prefix as shown by the following command:
R3(config-rtr)#do show ipv ospf database | begin Type-7
ADV Router
Age
Seq#
Prefix
4.4.4.4
290
0x80000002 2001::/64

ADV Router
Age
Seq#
Link ID
Interface
3.3.3.3
928
0x80000007 2
Fa0/0
4.4.4.4
922
0x80000008 2
Fa0/0

ADV Router
4.4.4.4
Age
917
Seq#
Link ID
0x80000005 2048
Ref-lstype Ref-LSID
0x2002

ADV Router
4.4.4.4
Age
292
Seq#
Prefix
0x80000001 2001::/64
Even if R3 is the translator in nssa area 3 ,it does not generate the LSA
Type 5 as shown by the show ipv6 ospf database external self-originate
command:
R3(config-rtr)#do show ipv6 ospf database external self-originate
R2 prefers the LSA Type 5 advertised by R4 over the LSA Type 7 advertised
by R4:
Now let's remove the cost configured above on R2 and leave it in its
default:
R1(config-if)#no ipv6 ospf cost 50
let's reconfigure area 2 as nssa:

as shown above when i configured both area 2 and 3 as nssa, R1 receives
two LSA Type 5 and installs load balancing to reach the external prefix:

Routing paths:
To ensure that R1 prefers the path via R2, we will suppress the FA in the
LSA Type 7:
R2(config-rtr)#area 2 nssa translate type7 suppress-fa
Now R1 installs the route via R2 and the traceroute shown that the packet
takes the path through R2:
Routing paths:
1 12::2 88 msec 56 msec 28 msec
2 24::4 68 msec 108 msec 52 msec
Notice now the LSAs type 5 received from R2 and R3? R3 includes the FA in
its LSA 5 but not R2 ,so R1 to reach the external prefix it prefers the LSA
Type 5 without FA over the LSA Type 5 with FA:
Lab 11: Forwarding Address selection
Area 3 is configured as an nssa and R4 redistributes its loopback0

interface as follow:
router ospf 1
redistribute connected subnets route-map R4-Lo0
!
route-map R4-Lo0 permit 10
match interface Loopback0
R3 with a higher RID (33.33.33.33) than R1 (11.11.11.11) will perform the

translation Type 7 to Type 5:
R1#show ip ospf database external
LS age: 570

Link State ID: 4.4.4.0 (External Network Number )
LS Seq Number: 8000000F
Checksum: 0xBB16
Length: 36
Network Mask: /24
TOS: 0
Metric: 20
External Route Tag: 0
R2 receive Type 5 LSA with the Forward Address 10.0.34.4(The highest IP

address s'loopback in R4 on which OSPF is activated) and R2 looks the
inter-area route to reach the forward address,in this case both R1 and R3
are sending Type 3 LSA for 10.0.34.0:
R2#sh ip ospf database summary 10.0.34.0 | include Metric|Advertising Router
TOS: 0 Metric: 2
TOS: 0 Metric: 1
LSA Type 3 from R3 have a metric 1

LSA Type 3 from R1 have a metric 2
so R2 installs the route via R3 to reach the external network 4.4.4.0

R2#show ip route ospf 1 | include E2
O E2
Now we will add the following loopback interface and activate ospf:
interface loopback 4
R4(config-if)#ip address 40.40.40.4 255.255.255.255
R4(config-router)#network 40.40.40.4 0.0.0.0 area 3
Now we can see that the Forward Address is changed to be 40.40.40.4:

And finally we have load balancing on R2 to reach 4.4.4.0 as shown by the

show ip route 4.4.4.0 command because now R2 looks the inter-area route
to reach the forward address 40.40.40.4 and find two routes ,one via R1
and antoher route via R3 with the same metric thus R2 installs a lod
balancing to reach the external subnet :
Lab 12: Forwarding Address selection among two LSAs Type 7

for the same destination
Let's dissect some shows command and also some behavior when making
the changes on R3:
-Case 1:no Loopback interfaces on R3
So R3 will choose the FA among the highest ip address among the physical
address running OSPF in each area nssa
R2 receives two LSA Type 7 with two FA ,which ara the R3's fa0/0 for area
23 and R3'fa0/1 for area 32,we will focus on the subnet 4.4.4.0 for brevity:
R2#show ip ospf data nssa-external 4.4.4.0 | include Advertising Router|Forward
Address|Area
We will see which FA is chosen by R2 in order to inject it in the LSA Type 5

and advertise it into the area0:
the following output shown that R2 choosen the highest FA (32.32.32.3):
R2#show ip ospf data external 4.4.4.0 | include Advertising Router|Forward Address

-Case 2:Now we will configure two loopbacks on R3 ,Lo0 in area 23 and Lo1
in area 32:
R3:
interface Loopback0
ip address 30.30.3.3 255.255.255.0
ip ospf 1 area 23
!
interface Loopback1
ip address 30.30.30.30 255.255.255.0
ip ospf 1 area 32
Now R3 chooses the two Loopback as FA for each area,30.30.3.3 for area 23
and 30.30.30.30 for area 32:
R2#show ip ospf data nssa-external 4.4.4.0 | include Advertising Router|Forward
Address|Area
R2 chooses the FA 30.30.30.30 for its own LSA Type 5 and R1 receives the
same FA:

-Case 3:Let's invert the area between the Loopback interfaces ,Lo0 in area
32 and Lo1 in area 23:

interface Loopback0
ip address 30.30.3.3 255.255.255.0
ip ospf 1 area 32
!
interface Loopback1
ip address 30.30.30.30 255.255.255.0
ip ospf 1 area 23
Now we can see that the FA is now 30.30.3.3 which is configured in area 32:
R2#$f data external 4.4.4.0 | include Advertising Router|Forward Address
R1#$f data external 4.4.4.0 | include Advertising Router|Forward Address

So we can deduce that when the forwarding addresses are chosen among
the loopback interfaces ,the choice of the FA in the LSA Type 5,is based
over the highest physical ip address regardless which loopback is higher or
lower .In this case 32.32.32.3 wins over 23.23.23.3
-Case 4:Let's confirm the result by configuring the area 23 with an ip

subnet 192.168.23.0/24 higher than 32.32.32.0/24 the ip subnet of area 32:
R3(config-if)#int fa0/0
Logically we should have the FA 30.30.30.30 in the LSA Type 5 of

R2,remember just above ,the Loopback 1 (30.30.30.30 is configured in area
23):
as expected we have the desired result, because the 192.168.23.3 is higher
than 32.32.32.3 ,the FA is now the loopback configured in the same area 23
as the fa0/0 's R3 (192.168.23.3):
R2#show ip ospf database external 4.4.4.0 | include Advertising Router|Forward
Address
R1#show ip ospf database external 4.4.4.0 | include Advertising Router|Forward

Address
-Case 5:Let's invert the area between the Loopback interfaces ,Lo0 in area
23 and Lo1 in area 32:
On R3:
interface Loopback0
ip address 30.30.3.3 255.255.255.0
ip ospf 1 area 23
!
interface Loopback1
ip address 30.30.30.30 255.255.255.0
ip ospf 1 area 32
The assumption is confirmed ,we can see that the FA chosen for the LSA
Type 5 is now 30.30.3.3 which is configured in the area 23 and remember
that 192.168.23.3 in area 23 is higher than 32.32.32.3 in area 32:
R2#$pf database external 4.4.4.0 | include Advertising Router|Forward Address
R1#$f database external 4.4.4.0 | include Advertising Router|Forward Address

-Case 6:Now let's shutdown both loopback interfaces:

interface Loopback0
shutdown
!
interface Loopback1
shutdown
R2 receives two LSA Type 7 with two FA chosen among the physical
interfaces,fa0/0's R3 (192.168.23.3) in area 23 and fa0/1's R3 (32.32.32.3)
in area 32:
R2#$a-external 4.4.4.0 | include Advertising Router|Forward Address|Area
Looks now the FA chosen by R2 for its own LSA Type 5 ,it is the ip address
192.168.23.3 because it is higher than 32.32.32.3,we confirm the case 1 at
the first of the post:

Conclusion:
In the case where an ABR receives two LSAs Type 7 with two Forward
Addresses from an ASBR for the same destination:
-When the FA is chosen among the physical interfaces addresses, the
highest FA wins at the ABR.
-When the FA is chosen among the loopback interfaces addresses ,there no
effect in the choice, the ABR chooses the highest physical address regarless
of the choice loopback addresses,higher or not.
Lab 13: NSSA with OSPFv3
CASE 1:
area 1 is configured as nssa, R2 receives the LSA Type 7 (for the external
prefix 30::/64) from the ASBR R3 with the FA =3::3 which is the Lo0 of R3 as
shown by the following show ipv ospf data nssa-ext command ,but the nexthop on R2 to reach the external prefix 30::/64 is the link-local address of R3
(FE80::C802:17FF:FECC:6) as shown by show ipv6 route 30::/64 command :
R2(config-rtr)#do show ipv ospf data nssa-ext
LS age: 114
Link State ID: 1

Checksum: 0xACD0
Length: 52
Prefix Length: 64, Options: P
Metric: 20

Known via "ospf 1", distance 110, metric 20, type NSSA extern 2
Routing paths:
FE80::C802:17FF:FECC:6, FastEthernet0/1
R2#ping 30::3
Sending 5, 100-byte ICMP Echos to 30::3, timeout is 2 seconds:
!!!!!
CASE2:
If we disable the Loopback 0 of R3 and ensure that R3 chooses the FA from
the highest ip address among the physical interface addresses ,the LSA
Type 7 advertised by R3 has now the FA =2003::3/64 which is the ip address
of Fa0/1's R3 as shown by show ipv ospf data nssa-ext command and the
next-hop to reach the external prefix 30::/64 now is the 2003::3 which is the
FA set in the LSA Type 7 described above as shown by show ipv6 route
30::/64 command:
R2#show ipv ospf data nssa-ext

LS age: 170
Link State ID: 1
Checksum: 0xD4F
Length: 52
Metric: 20

Routing paths:
2003::3, FastEthernet0/1
R2#ping 30::3
!!!!!
CASE3:
Now what happen if we configure the interfaces of both R2 and R3 are in
different subnet:
R2(config-if)#no ipv6 address 2003::2/64
we will enable the Loopback 0 interface on R3:

R3(config-if)#int lo0
R3(config-if)#no shutdown
The FA is now 3::3 as expected and the next-hop to reach 30::/64 is the linklocal address of R3 as shown by the show ipv6 route 30::/64 command on
R2
R2#show ipv6 ospf database nssa-external
LS age: 7
Link State ID: 1
Checksum: 0xA4D4
Length: 52
Metric: 20

Routing paths:
R2#ping 30::3
!!!!!
CASE4:
what happen If we disable the Loopback 0 of R3 and ensure that R3
chooses the FA from the highest ip address among the physical interface
addresses in this case where the interfaces of the link R2--R3 are in
different subnet:
R3(config-if)#int lo0
R3(config-if)#shutdown
The FA is 2003::3 as expected:

R2#show ipv6 ospf database nssa-external
LS age: 36
Link State ID: 1

Checksum: 0x951
Length: 52
Metric: 20
But there is no next-hop to reach the external prefix 30::3,instead R2

shown the route directly connected and the ping toward th external prefix
30::3 fails even if R2 can ping successfully the FA 2003::3:
R2#show ipv6 route 30::
Routing paths:
directly connected via FastEthernet0/1
R2#ping 30::3
.....
Success rate is 0 percent (0/5)
R2#ping 2003::3
!!!!!
The case 4 is the only case where the ping from R2 toward the external
prefix 30::/64 fails.
Lab 14: Virtual-Link OSPF
11.1.1.0 is advertised as an external route by R1 and 1.1.1.0 is advertised

by R5 as an external route.
To have a full connectivity we must configure a virtual link over the area 2
between R2 and R3:
router ospf 1
!
router ospf 1
The adjacencies appear between the two routers R2 and R3 and they are
displayed in the show ip ospf nei but without dead time:
R2#show ip ospf neighbor
Neighbor ID
Pri State
Dead Time Address
3.3.3.3
0 FULL/ -
3.3.3.3
1 FULL/BDR
00:00:33
11.11.11.11
R2#
1 FULL/BDR
13.13.13.3
OSPF_VL0
13.13.13.3
00:00:36
Interface
12.12.12.1
FastEthernet0/1
FastEthernet0/0

O IA

O E2

O IA

O IA

O E2

O E2

O IA

O IA
We have end to end connectivity as shown by the ping:

R1#ping 1.1.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 120/128/144 ms
R4#ping 11.1.1.1

!!!!!
R4#
Let's looks how the LSA Type 4 is generated when configuring virtual-link:
By definition the LSA Type 4 is generated by an ABR and it is used to tell
how to reach the ASBR ,in the LSA 4 ,the ABR list the router-id of the ASBR
in the LSID field and its router-id in the Advertising Router field.
let's dissect the topology now to see how ,where and for what the LSA 4 is
created:
the router-id are configured as follow:
R1 11.11.11.11
R2 2.2.2.2
R3 3.3.3.3
R4 4.4.4.4
R5 5.5.5.5
as we said previously 11.1.1.0 is advertised as an external route by R1 and

1.1.1.0 is advertised by R5 as an external route.
R2 is considered as an ABR because there is a link to Area 0 (the virtual
link).
-R2 generates an LSA Type 4 to reach the ASBR R1 with LSID 11.11.11.11
and Advertising Router 2.2.2.2 and inject it into area 2.
-R2 generates an LSA Type 4 to reach the ASBR R5 with LSID 5.5.5.5 and
Advertising Router 2.2.2.2 and inject it into area 3.
The show ip ospf database asbr-summary self-originate command displays
the LSA Type 4 generated by R2:
R2#show ip ospf database asbr-summary self-originate
LS age: 1854

Checksum: 0xA756
Length: 28
Network Mask: /0
TOS: 0 Metric: 10
LS age: 1854
Checksum: 0xA756
Length: 28
Network Mask: /0
TOS: 0 Metric: 10
LS age: 122

Checksum: 0x837D
Length: 28
Network Mask: /0
TOS: 0 Metric: 30
R3# show ip ospf database asbr-summary self-originate
LS age: 55
Checksum: 0x106
Length: 28
Network Mask: /0
TOS: 0 Metric: 20
R4#show ip ospf database asbr-summary self-originate

LS age: 144
Checksum: 0x7E8E
Length: 28
Network Mask: /0
TOS: 0 Metric: 10
LS age: 144
Checksum: 0x32AE
Length: 28
Network Mask: /0
TOS: 0 Metric: 30
Now Let's remove the virtual link between R2 and R3:

Because the B bit is not set in the LSA Type 1 generated by R2 ,there is no
mention of Area Border Router in the show ip ospf data router selforiginate command:
R2#show ip ospf database router self-originate

LS age: 145
Checksum: 0x130
Length: 24
Number of Links: 0
LS age: 145
Checksum: 0x358C
Length: 36
Number of Links: 1

TOS 0 Metrics: 10
LS age: 146
Checksum: 0xE6E3
Length: 36
Number of Links: 1

TOS 0 Metrics: 10
Now let's configure the virtual link between R2 and R3:

Now the B bit is set to indicate that R2 is an ABR as shown by the LSA Type
1 ,looks the line highlighted line with the red color in the output of show ip
ospf database router self-originate command indicating Area Border
Router,notice also the line highlighted with blue color indicating that the
area 2 is configured as virtual-link:
R2#show ip ospf database router self-originate
LS age: 236
Checksum: 0x6776
Length: 36
Area Border Router
Number of Links: 1
Link connected to: a Virtual Link

(Link ID) Neighboring Router ID: 3.3.3.3
TOS 0 Metrics: 10
LS age: 236
Checksum: 0x407A
Length: 36
Area Border Router
Virtual Link Endpoint
Number of Links: 1

TOS 0 Metrics: 10
LS age: 244
Checksum: 0xE7E0
Length: 36
Area Border Router
Number of Links: 1

TOS 0 Metrics: 10
Information whether a router is an ABR is carried in LSA Type 1(Router LSA)

as a B bit. If this bit is set to 1, router is an ABR.
So an ABR is the router that has interfaces in area 0 and one or more other
areas.
The LSA Type 1 (Router LSA) is used by a Router to indicate whether it is an
ASBR ,ABR or end point of virtual link.
Lab 15: Effects of ABR Loop Prevention with OSPFv3
In this scenario we have three ABRs(R1,R2 and R3),R3 receives two LSA
Type 3 for the network 1:1:1:1::/64 ,one from R1 and another from R2 as
shown by the show ipv6 ospf database inter-area prefix 1:1:1:1::/64
command:
R3#show ipv6 ospf database inter-area prefix 1:1:1:1::/64
Inter Area Prefix Link States (Area 0)
LS age: 939
LS Type: Inter Area Prefix Links
Link State ID: 0
Checksum: 0x9D50
Length: 36
Metric: 1
Prefix Address: 1:1:1:1::

LS age: 893
Link State ID: 2
Checksum: 0xA736
Length: 36
Metric: 11
LS age: 935
Link State ID: 2
Checksum: 0xCED4
Length: 36
Metric: 65
Even if R3 receives the LSA Type 3(inter-area prefix in OSPFv3) for the
network 1:1:1:1::/64 from R2, it does not install this route in its routing
table because the loop prevention mechanism of inter-area ospf in other
word Split Horizon per Area which tells that an LSA Type 3 is not advertised
into nonbackbone area and then advertised back into the backbone area so
ABRs ignore LSA Type 3 created by other ABRs when learned from a
nonbackbone area,in this case because the link between R2 and R3 resides
in a non-backbone area ,The LSA Type 3 advertised by R2 is ignored by
R3,instead R3 chooses the LSA Type 3 advertised by R1 and installs the

path via R1 to reach the prefix 1:1:1:1::/64 as shown by the show ipv6 route
1:1:1:1::/64 command , notice that the next-hop FE80::C201:29FF:FE3C:0 is
the link-local address of R1:
R3#show ipv6 route 1:1:1:1::/64
OI 1:1:1:1::/64 [110/65]
via FE80::C201:29FF:FE3C:0, Serial0/0
R3#traceroute 1:1:1:1::1
Tracing the route to 1:1:1:1::1
1 1:1:1:1::1 12 msec 4 msec 0 msec
Now let's look what happen on R5:

we can see that R5 receives two LSAs Type 3 (inter-area prefix), one from
R2 and another from R3:
R5#show ipv6 ospf database inter-area prefix 1:1:1:1::/64
LS age: 1270
Link State ID: 2
Checksum: 0xA736
Length: 36
Metric: 11
LS age: 1312
Link State ID: 2
Checksum: 0xCED4
Length: 36
Metric: 65
Let's look the routing table of R5,notice that the cost to reach the prefix
1:1:1:1::/64 is 31 as shown by the show ipv6 route 1:1:1:1::/64 command:
R5#show ipv6 route 1:1:1:1::/64
IPv6 Routing Table - 9 entries
Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP
U - Per-user Static route
I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary
O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
OI 1:1:1:1::/64 [110/31]
on the other hand ,we see that the cost of R5 to reach 1:1:1:1 :: / 64 is 31, if
this cost is dehulled,we obtain : 31 = 10 +10 +10 +1 (cost of the link R5R3+cost of the link R3-R2+cost of the link R2-R1+cost of Lo0 's R1), but the
traceroute below indicates that the path is via R5-R3-R1 because R3 uses
the path via R1 directly to reach 1:1:1:1::/64, which does not correspond
the cost displayed on the routing table...
1 35:35:35:35::3 28 msec 16 msec 20 msec

2 1:1:1:1::1 40 msec 40 msec 40 msec
Let's return to the LSAs Type 3 received by R5; the LSA advertised by R2
(2.2.2.2) lists the cost of 11(cost of the inter-area route to reach the prefix
1:1:1:1::/64 from R2) ,the LSA advertised by R3 lists the cost of 65(cost of
the inter-area route to reach the prefix 1:1:1:1::/64 from R3) ,R5 adds the
costs to reach the two ABRs R2 and R3 to the costs listed in both LSAs Type
3 respectively in order to calculate the cumulative cost to reach 1:1:1:1::/64
to define the best path:
to see the costs to reach the two ABRs R2 and R3 ,we will use the show ipv6
ospf border-routers:
R5#show ipv6 ospf border-routers
OSPFv3 Process 1 internal Routing Table
i 2.2.2.2 [20] via FE80::C203:29FF:FE3C:0, FastEthernet0/0, ABR, Area 1, SPF 3
i 3.3.3.3 [10] via FE80::C203:29FF:FE3C:0, FastEthernet0/0, ABR, Area 1, SPF 3
From R5:
the cost to reach R2 is 20
the cost to reach R3 is 10
the cumulative cost to reach 1:1:1:1::/64 :
first path through R3--R1 ,the cost =65+10=75
second path through R3--R2--R1 ,the cost=11+20=31
the best path to reach the prefix 1:1:1:1::/64 is through R3--R2--R1 ,31 is
better than 75.
But because the loop prevention inter area ,the packet goes through the
path
R3--R1 ,we have a suboptimal route ,so this loop-prevention rule can result
in suboptimal routes.
To override this rule and avoid the suboptimal route , we create a virtual
tunnel between R2 and R3 :
R3(config-if)#ipv router ospf 1
R3(config-rtr)#area 1 virtual-link 2.2.2.2
R2(config-if)#ipv router ospf 1

R2(config-rtr)#area 1 virtual-link 3.3.3.3
Now R5 pick the lower-cost route(the optimal route) to reach the prefix
1:1:1:1::/64 through the path R2--R1 as show by the traceroute :
1 35:35:35:35::3 28 msec 20 msec 20 msec
2 23:23:23:23::2 44 msec 44 msec 40 msec
3 1:1:1:1::1 60 msec 60 msec 60 msec
Also R3 pick the lower-cost route(the optimal route) to reach the prefix
1:1:1:1::/64 through R2 as show by the traceroute :
1 23:23:23:23::2 32 msec 148 msec 72 msec
2 1:1:1:1::1 100 msec 104 msec 112 msec
We can see that R3 installs now the path through R2 in its routing table
with the cost of 21 not through R1 with the cost 65 as shown before
configuring the virtual-link :
R3#show ipv6 route | s 1:1:1:1::/64
OI 1:1:1:1::/64 [110/21]
Notice that the link between R2 and R3 is configured in a nonbackbone area
1.If this link is configured in area 0, R3 pick the best route to reach
1:1:1:1::/64 R3R2R1, choosing the lower cost route.
Lab 16: Forwarding Address
R4 redistributes between rip and ospf.

area 1 is configured as nssa.
with default configuration we have load balancing in R1 to reach 5.5.5.5
(external route)

now we force R1 to choose the path via R2 by increasing the cost in fa0/1 of
R3:
R3(config)# interface Fa0/1
R3(config-if)#ip ospf cost 100
the result is:

Now R1 prefers the route via R2 as shown by the traceroute:

Tracing the route to 5.5.5.5
1 192.168.0.2 24 msec 36 msec 20 msec
2 192.168.1.4 40 msec 40 msec 20 msec
3 10.0.0.5 72 msec * 80 msec
Now if we look the Forward Address in R1:

R1#show ip ospf database external
LS age: 11
Checksum: 0x9DD5
Length: 36
Network Mask: /24

TOS: 0
Metric: 20

LS age: 11
Checksum: 0xCFA8
Length: 36
Network Mask: /24
TOS: 0
Metric: 20
the advertising router for the external network 5.5.5.0 is R3(3.3.3.3)

because the highest router-ID comparing with R2 (second ABR) so the
router R3 perform the translation of Type 7 tp Type 5 and the forward
address is the router R4 (4.4.4.4),even if the advertising router of the LSA
Type 5 is R3 ,the path to reach 5.5.5.5 is via R2,not via R3 because the cost
to reach 4.4.4.4 (the ASBR R4 ) via R2 is less than through R3.
If we want to force traffic through R3 without modifying the cost .We
suppress the forward address 4.4.4.4 and replace it with 0.0.0.0 :
R3(config-router)#area 1 nssa translate type7 suppress-fa
Now the FA is set to 0.0.0.0:

R1#show ip ospf database external 5.5.5.0
LS age: 24
Checksum: 0xCEB1
Length: 36
Network Mask: /24
TOS: 0
Metric: 20
The traceroute shown that the traffic goes through R3:

1 192.168.0.3 52 msec 48 msec 16 msec
2 192.168.1.4 28 msec 44 msec 32 msec
3 10.0.0.5 72 msec * 80 msec
So R3 tells to R1 to use the advertising router which is itself as the forward

address to reach 5.5.5.5.
Lab 17: OSPFv3 and the use of forwarding address
R4 redistributes its loopback interface .

area 1 is configured as nssa.
R2 and R3 are the ABRs.
R1 receives one LSA Type 5 for the external prefix 4::/64 from R3 because
the ABRs with the Highest router(id will do the translation of the LSA Type
7 to the LSA 5,in this case the router-id of R3(3.3.3.3) is higher than the
router(id of R2 as shown by the show ipv6 ospf database external
command, look the Forward Address set in this LSA is 234::4 the ip address
of R4:
IPv6 Routing Table - default - 6 entries
Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
B - BGP, R - RIP, H - NHRP, I1 - ISIS L1
I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary, D - EIGRP
EX - EIGRP external, ND - ND Default, NDp - ND Prefix, DCE - Destination
NDr - Redirect, O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1
OE2 - OSPF ext 2, ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2, l - LISP
OE2 4::/64 [110/20]
via FE80::C805:17FF:FEB4:1C, FastEthernet0/0

O 23::/64 [110/2]
OI 234::/64 [110/2]

LS age: 29
Link State ID: 2
Checksum: 0xAAB3
Length: 52
Prefix Address: 4::
Metric: 20
Notice the traceroute shown that the packet goes through R2--R4:
R1#traceroute 4::4
1 12::2 48 msec 36 msec 36 msec
2 234::4 68 msec 64 msec 44 msec
Now we will see the behavior if the forwarding address is filtered,we will
use the area range command on the ABRs R2 and R3 with the key-word notadvertise:
R3(config-rtr)#area 1 range 234::/64 not-advertise
R3(config-rtr)#area 1 range 234::/64 not-advertise
The external prefix 4::/64 is not installed in the routing table of R1 because
R1 does not have a route to reach the Forwardinf Address 234::4 because
the prefix 234::/64 is filtered :
R1# show ipv6 route 4::/64
% Route not found

O 23::/64 [110/2]
To ensure the reachability and in order to see the external prefix in the
routing table of R1, we tell to R3 to suppress the FA in the LSA as follow:
R3(config-rtr)#area 1 nssa translate type7 suppress-fa
Now the route toward 4::/64 appears :

Routing paths:
FE80::C805:17FF:FEB4:1C, FastEthernet0/0
the Forward Address does not appear and it is suppressed in the LSA Type 5
advertised by R3 as show by the show ipv6 ospf database external:

LS age: 36
Link State ID: 2
Checksum: 0xBFE9
Length: 36
Prefix Address: 4::
Metric: 20
My remark is:with OSPFv2 ,the traffic must pass through R3 since the FA is
not set(if we do the lab using IPv4 and OSPFv2 we will see the FA set to
0.0.0.0 after configuring area 1 nssa translate type7 suppress-fa command
on R3 and the traffic goes through the R3 (R2--R3--R4), because 0.0.0.0
means use the advertising router R3 in order to reach the external subnet).
But With OSPFv3 after configuring area 1 nssa translate type7 suppress-fa
command on R3 to suppress the FA ,the traceroute shown that the packet
goes through R2-R3,not through R3:
Why?
R1#traceroute 4::4
1 12::2 56 msec 52 msec 36 msec
2 234::4 72 msec * 48 msec
Let's looks the routing table of R2, we can see that the route installed is
the O N2 advertised by R4 and the next-hop to reach the external prefix is
now 234::4 the ip address of R4(or the FA set in the LSA Type 7) so in nssa
R2 changes the next-hop for its external route by replacing the link-address
local(used by default as next-hop in OSPFv3) by the FA set in the LSA Type
7 as shown by the show ip route commands:
Routing paths:
R2#show ipv6 route | s 4::/64

ON2 4::/64 [110/20]
C 234::/64 [0/0]
via FastEthernet0/0, directly connected
So once the packet arrives at the router R2 the packets are sent directly to
R4.
Lab 18: The Forwarding Address and path selection
R1 and R2 redistribute a static routes toward the subnets 172.16.10.0 and

172.16.11.0:
With R4:
R4#show ip route | s 172.16.10.0|172.16.11.0
O E2
O E2
-R4 prefer the path towards 172.16.10.0 and 172.16.11.0 via R4--R2--R6(the
serial link) because the cost(=10)to reach the ASBR2(R2) is less than the
cost(=30)to reach the ASBR1(R1):
With R7:
R7#show ip route | s 172.16.10.0|172.16.11.0
O E2
O E2
-R7 prefer the path towards 172.16.10.0 and 172.16.11.0 via R1-R5,because the cost(=10)to reach the ASBR1(R1) is less than the
cost(=30)to reach the ASBR2(R2):
the interesting case is R3 ,let's looks the traceroute toward 172.16.10.5

and 172.16.10.6 (ip add of R5 and R6 respectiveley ) ,the traceroute toward
172.16.11.5 and 172.16.11.6 (ip add of R5 and R6 respectively) and the
routing table:
1 10.0.34.4 48 msec 28 msec 44 msec
2 10.0.24.2 72 msec 40 msec 40 msec

3 192.168.2.6 56 msec 52 msec 40 msec
4 172.16.10.5 84 msec * 80 msec
1 10.0.34.4 60 msec 28 msec 24 msec
2 10.0.24.2 48 msec 44 msec 44 msec
3 192.168.2.6 60 msec * 44 msec
1 10.0.34.4 64 msec 60 msec 28 msec
2 10.0.24.2 44 msec 44 msec 40 msec
3 192.168.2.6 60 msec 44 msec 40 msec
4 172.16.11.5 92 msec * 56 msec
1 10.0.34.4 52 msec 36 msec 16 msec
2 10.0.24.2 60 msec 44 msec 40 msec
3 192.168.2.6 60 msec * 76 msec
R3#show ip route | s 172.16.10.0|172.16.11.0

O E2
O E2
-R3 prefers the path towards 172.16.10.0 and 172.16.11.0 via R4--R2-R6(the serial link which is the slower link comparing with fastethernet link)
even if the costs to reach both ASBR1 and ASBR2 are equal:
R3# show ip ospf border-routers
Let's look the LSAs Type 5 received by R3 from R1 and R2:

R3#show ip ospf database external | include Advertising Router|Metric|Forward
Address
Metric: 20
Metric: 20
Metric: 20
Metric: 20
the reason why R3 prefers the path through R4--R2--R6 is that R3 prefers
the LSA Type 5 with FA=0.0.0.0 (advertised by R2) over the Type LSA 5 with
FA=192.168.1.5 advertised by R1 and the cost to reach the FA 0.0.0.0 or
the ASBR2 which generate the LSA Type 5 is 20 and the cost to reach The
FA 192.168.1.5 (advertised by ASBR1) is 30=10(cost link betw R3 and R7 +
10(cost link betw R7 and R1)+10(cost link betw R1 and R5),so 20 wins over
30 and R3 installs the path via R4--R2--R6:
to display these costs,let's use the show ip ospf border-routers command to
see the cost to reach the ASBR2 (the FA 0.0.0.0) which is 20:
Notice the line with the router-id 2.2.2.2(which is the ASBR2 ) which lists
the cost of 20:

OSPF Process 1 internal Routing Table
now we will show how to see the cost to reach the FA 192.168.1.5
advertised by the ASBR1:
when R3 receives the LSAs Type 5 from R1 (ASBR1) it looks the best intraarea route or the best inter-area route to reach this FA:
in this case it an intra-area and the metric is 30 as calculated above:
And because the cost 20 is better than 30 ,R3 prefers the cost through R2.
The important key-point which causes the suboptimal path(serial link over
the fastethernet link)is that :the FA advertised by R2 is set to 0.0.0.0
because the point-to-point network type in the serial interface of R2,unlike
with R1 where we have broadcast network type in its fastethernet interface
fa0/0:
let's reverse the network type by configuring fa0/0 of R1 as point-to-point
and s0/0 of R2 as a broadcast:
on R1:
int fa0/0
On R2:
int s0/0
ip ospf network broadcast
In this case we reverse the FA so R2 advertises 192.168.2.6 as FA and R1
advertises 0.0.0.0 as the FA as show by the following output which displays
the LSAs Type 5 received by R3 from R1 and R2:
Notice the FA advertised by R1 is now 0.0.0.0 and the FA advertised by R2 is
192.168.2.6 (the ip address of R6):
Address
Metric: 20
Metric: 20
Metric: 20
Metric: 20
the cost to reach 0.0.0.0 (the ASBR) is less than the cost to reach the FA
192.168.2.6:
we can verify these costs:

The cost toward 0.0.0.0(which means the ASBR1) with the show ip ospf
border-routers command:
Notice the line with the router-id 1.1.1.1(which is the ASBR1 ) which lists
the cost of 20:

The cost to reach the FA 192.168.2.6,R3 looks the best intra-area route to
reach this FA which is 84(link R3-R4:10+link R4-R2:10+cost R2's
s0/0:64=84) as shown by the following output:
The traceroute confirms the result ,the packet toward 172.16.10.0 and
172.16.11.0 goes through R7--R1--R5,the faster link(fast-ethernet):
1 10.0.37.7 32 msec 24 msec 12 msec
2 10.0.17.1 28 msec 20 msec 20 msec
3 192.168.1.5 40 msec * 40 msec
1 10.0.37.7 44 msec 16 msec 8 msec
2 10.0.17.1 32 msec 28 msec 20 msec
3 192.168.1.5 40 msec 32 msec 28 msec
4 172.16.10.6 56 msec * 76 msec
1 10.0.37.7 32 msec 16 msec 8 msec
2 10.0.17.1 44 msec 28 msec 20 msec
3 192.168.1.5 40 msec * 52 msec
1 10.0.37.7 40 msec 12 msec 8 msec
2 10.0.17.1 40 msec 32 msec 20 msec
3 192.168.1.5 28 msec 32 msec 28 msec
4 172.16.11.6 52 msec * 64 msec
now the next-hop to reach the two externals subnets is R7:

R3#show ip route | s 172.16.10.0|172.16.11.0
O E2
O E2
to summarize,in point-to-point, the FA non-zero is not necessary because

theres only one router on the other side so one next hop and thus setting
the FA to 0.0.0.0 is enough to tell to the others routers that to reach the
external subnets ,you need just reach the ASBR (FA 0.0.0.0), in a broadcast
type we can have more than 2 routers therefore we must specify what is
the next hop that will be used to reach the external network and FA.
Another solution to make sure that the packet goes through the faster link
(through R1) is to configure the static routes on R1 and R2 by specifying an
outgoing interfaces instead of the next-hop address,thus the ASBRs R1 and
R2 advertise their LSAs Type 5 with the FA equal to 0.0.0.0 for all external
subnets:
let's remove before the network type configured earlier:

R1(config-if)#no ip ospf network point-to-point
R2(config)#int s0/0
R2(config-if)#no ip ospf network broadcast
Also let's remove the static routes configured previously with the next-hop:
R1(config)#no ip route 172.16.10.0 255.255.255.0 192.168.1.5

Instead we will configure a static routes with an outgoing interface:

R1(config)#ip route 172.16.10.0 255.255.255.0 fa0/0
R2(config)#ip route 172.16.10.0 255.255.255.0 s0/0

R2(config)#ip route 172.16.11.0 255.255.255.0 s0/0
let's the show ip route on R3:

Now we have a load balancing:
R3#show ip route | s 172.16.10.0|172.16.11.0

O E2

[110/20] via 10.0.34.4, 00:00:53, FastEthernet0/1
O E2

[110/20] via 10.0.34.4, 00:00:48, FastEthernet0/1
Why?
let's look the LSAs Type 5 advertised by R1 and R2 for the two external
routes 172.16.10.0 and 172.16.11.0:
Now as excpected the FA is 0.0.0.0 for all LSAs Type 5 advertised by R1 and
R2 even if OSPF is enabled on the ASBRs next hop interface AND
According to Cisco documentation,as show by the following output:
Address
Metric: 20
Metric: 20
Metric: 20
Metric: 20
Because the FA is 0.0.0.0 ,R3 looks the cost to reach the two ASBRs R1 and
R2 and find that the cost is the same which is 20 as shown by the following
output:
to ensure that the packet goes through the faster link ,we just increase the
cost toward the R2 or decrease the cost toward R1:
R3(config-if)#ip ospf cost 5
R3#show ip route | s 172.16.10.0|172.16.11.0

O E2
O E2
Lab 20: Routing Problem with OSPF Forwarding Address with

all possible solutions
Only R1 has a static route toward 192.168.1.0 and redistribute it into

ospf,R1 is running OSPF only with R2 and R3.
as expected R2 learns this route as external E2:

O E2 192.168.1.0/24 [110/20] via 10.1.23.3, 00:03:50, FastEthernet0/1
R2#show ip ospf database external | include Forward Address|192.168.1.0

The same result is deduced for R3:

the FA address here is 0.0.0.0 which means :to reach the external network
192.168.1.0 ,routes the packet to the ASBR (R1 in this case).
the traceroute from R2 toward 192.168.1.4 shows and confirms that the
packets go through R3--R1(ASBR):
1 10.1.23.3 20 msec 28 msec 32 msec

2 10.1.13.1 64 msec 60 msec 64 msec
3 172.16.1.4 100 msec * 92 msec
let's run ospf in fa0/0 of R1:

Now the FA is 172.16.1.4 the ip address of R4 ,so after running fa0/0 R1
includes the FA in its LSA Type 5:

R3 has still the route toward 192.168.1.0:

But below R2 does not have the route to 192.168.1.0:

% Network not in table
the ping is successfully from R3 but it fails from R2:

R3#ping 192.168.1.4
!!!!!
R2#ping 192.168.1.4
.....
Now,why R2 DOES NOT HAVE AN EXTERNAL ROUTE to 192.168.1.0 while R3

HAS AN EXTERNAL ROUTE to 192.168.1.0?
even if both R2 and R3 receive the LSA Type 5 from R1?
The key point here is the FA set to non zero after enabling ospf in fa0/0 of
R1:

By definition when a router receives an external route with a FA set to non
zero in the LSA Type 5 ,it looks if there is an intra-area route or inter-area
route to reach the FA:
Case with R3:

R3# show ip route 172.16.1.0
Well R3 has an intra-area to reach the FA with a metric 20 thus R3 installs

the external route toward 192.168.1.0:

Case with R2:

R2 does not have an external route toward the external subnet because
simply R2 does not have an intra-area or inter-area to reach the FA
172.16.1.4,instead it has a directly connected route which is not an OSPF
route ,and at the same time it receives an LSA Type 1 listing the subnet
172.16.1.0 with the advertising router 1.1.1.1 (R1) as shown by the show ip
ospf database router 1.1.1.1 command But R2 prefers the connected route
over the ospf route(intra-area) for the subnet 172.16.1.0 because the
lowest AD ,0 for the connected route,110 for the OSPF route.This is the
reason why R2 does not install the external route 192.168.1.0 as shown by
the show ip route 172.16.1.0 command:
R2(config-if)#do show ip route 172.16.1.0
Known via "connected", distance 0, metric 0 (connected, via interface)
* directly connected, via FastEthernet0/0
R2#show ip ospf database router 1.1.1.1

LS age: 60
Checksum: 0x1AF6
Length: 48
AS Boundary Router
Number of Links: 2

TOS 0 Metrics: 10

TOS 0 Metrics: 10
Remember that:
route to reach the FA(so the route toward the FA must be an OSPF route )in
this case R2 prefers the connected route over the intra-area ,this is the
reason why R2 loses the external route,In this lab,R2 ,when it looks its
routing table ,it does not find an intra-area route 172.16.1.0 (even if it
receives an LSA Type 1 from R1 for the subnet 172.16.1.0) instead it find
the connected route 172.16.1.0 because the AD of a connected route is 0
and the AD of a route ospf is 110,so R2 will choose the lowest AD and R2
will never install the external route,keep in the mind that R2 learns two
routes toward 172.16.1.0 ,one connected route and an another intra-area
route ospf from R1,so The AD will make the difference,the lowest AD wins,
in this case R2 prefers the connected route over the intra-area route,and
because the FA must be reachable either via an intra-area route or interarea route only ,thus R2 will never install the external route.
My purpose is to ensure R2 prefers the intra-area route over the connected
route 172.16.1.0 (in other word it must have the reachability to the FA via
the intra-area route 172.16.1.0 advertised by R1) in order to see the
external route in the routing table of R2,by manipulating the length prefix:
Remember :A router evaluates routes in the following order:
*Prefix Length - The longest-matching route is preferred first. Prefix length
trumps all other route attributes.
*Administrative Distance - In the event there are multiple routes to a
destination with the same prefix length, the route learned by the protocol
with the lowest administrative distance is preferred.
* Metric - In the event there are multiple routes learned by the same
protocol with same prefix length, the route with the lowest metric is
preferred.
let's go:
I will configure a secondary ip address in fa0/0 of R1 with a length prefix
greater than 24(172.16.1.1/24 is configured on fa0/0 of R1):
R1(config-if)#ip address 172.16.1.11 255.255.255.128 secondary
Notice now that R2 installs the intra-area route to reach 172.16.1.0
received from R1 because The longest-matching route /25 wins comparing
with the directly connected route with /24 :
Because R2 now has an intra-area to reach the Forward Address

172.16.1.4 ,it installs the external route 192.168.1.0:
R2#ping 192.168.1.4

!!!!!
Another Solution is to suppress the FA to be 0.0.0.0 via two methods:

First Method:
Let turn the ospf network type on R1's fa0/0 to point-to-point:
R1(config-if)#ip ospf network point-to-point

Now the FA is 0.0.0.0 which means:to reach the external network
192.168.1.0 ,routes the packet to the ASBR :R1 in this case:

the pings are successfull from R2 and R3:

R2#ping 192.168.1.4
!!!!!
R3#ping 192.168.1.4
!!!!!
Second Method:
The second solution is to configure the static route on R1 with an outgoing interface
instead of the ip address of R4(172.16.1.4):
Now the route appears in the routing table of R2:


the FA address here is 0.0.0.0 which means :to reach the external network
192.168.1.0 ,routes the packet to the ASBR (R1 in this case).Even if fa0/0 of
R1 is running OSPF.
And the pings are successful on both R2 and R3 :
R2#ping 192.168.1.4
!!!!!
R2#
R3#ping 192.168.1.4

!!!!!
R3#
Another interesting solution: without configuring ospf network point-topoint in fa0/0 of R1 .Without manipulating the length prefix. And without
changing the next-hop of the static route by an outgoing interface, as
shown above.
Let's go:
The FA is 192.16.1.4 ,the prefix is advertised as an intra-area route carried
in the LSA Type 1(Router) ,remember that the LSA Type 1 lists the
interface's router subnet number with themask and its metric and it is
refered to these subnets as stub networks,for the subnet 172.16.1.0 we can
use the show ip ospf data data router self-originate on R1 which display the
LSA Type 1 created or originated by R1 that list the subnet 172.16.1.0 as a
stub network, the stub network is valid in the interface where no DR has
been elected,in th case where a DR is elected ,for each segment where the
DR is defined,the router lists the IP address of the DR and a notation that
the link attaches to a transit network instead of a stub network which
meand that an LSA Type 2 is created by the DR for this network:
R1(config-router)#do show ip ospf data router sel
LS age: 1
Checksum: 0x68BA
Length: 48
AS Boundary Router
Number of Links: 2

Number of MTID metrics: 0
TOS 0 Metrics: 1

TOS 0 Metrics: 1
R3 here receives this LSA Type 1 listing the subnet 172.16.1.0 as a stub
network:
R3(config)#do show ip ospf data router adv 1.1.1.1
LS age: 48
Checksum: 0x68BA
Length: 48
AS Boundary Router
Number of Links: 2

TOS 0 Metrics: 1

TOS 0 Metrics: 1
R2 also receives this LSA Type 1 listing the subnet 172.16.1.0 as a stub
network:
Routing Bit Set on this LSA in topology Base with MTID 0
LS age: 78
Checksum: 0x68BA
Length: 48
AS Boundary Router
Number of Links: 2


TOS 0 Metrics: 1

TOS 0 Metrics: 1
The show ip route on R3 displays an intra-area route toward 172.16.1.0

while R2 displays a connected route toward 172.16.1.0:
R3(config)#do show ip route
O 172.16.1.0 [110/11] via 10.1.13.1, 00:01:31, FastEthernet0/0
C 10.1.13.0 is directly connected, FastEthernet0/0
Now to ensure that R2 has an external route in its routing table, one
obvious solution is to set the FA int the LSA Type 5 to be 0.0.0.0 ,by
configuring ospf network point-to-point in fa0/0 of R1,i have configured the
prefix-suppression on R1 and when displaying the show LSA Type 5 in R2,
the FA is set to 0.0.0.0 and R2 installs successfully the external route in its
routing table:
R1(config)#router osp 1
R1(config-router)#prefix-suppression
Let's look the LSA Type 1 in R1 (and R2 ,R3,) notice that the prefix
172.16.1.0 the stub network diseappers ,the LSA lists only a transit
network where a DR has been elected,because the prefix is suppressend,R1
does not include the FA in its LSA Type 5 ,instead it set the FA to 0.0.0.0
because now the prefix is suppressed and cannot be reached via an intraarea route,so R3 does not have an intra-area route toward 172.16.1.0 but it
has an external route 192.168.1.0 and can reach it successfully because the
FA is now 0.0.0.0 meaning that to reach the external route it needs to reach
the ASBR,the case studied in this lab is the router R2 now it installs
successfully the external route for the same reason for R3 as shown by the
different shows displayed below:
R1(config-router)#do show ip ospf data router sel

LS age: 9
Checksum: 0xB13F
Length: 36
AS Boundary Router
Number of Links: 1

TOS 0 Metrics: 1

Routing Bit Set on this LSA in topology Base with MTID 0
LS age: 45

Checksum: 0xB13F
Length: 36
AS Boundary Router
Number of Links: 1

TOS 0 Metrics: 1

LS age: 47
Checksum: 0xB13F
Length: 36
AS Boundary Router
Number of Links: 1

TOS 0 Metrics: 1
R3(config)#$ospf database external | include Forward Address|192.168.1.0

R2(config)#$ospf database external | include Forward Address|192.168.1.0


R2(config)#do ping 192.168.1.4

!!!!!
R2(config)#
Another point that i noticed:
If the FA is set to 0.0.0.0 which means that the router must know how to
reach the ASBR ,so the LSA Type 4 is needed to tell how to reach the
ASBR,but in this case there is no LSA Type 4 because there is no ABR to
generate the LSA 4 ,as shown by the following outputs on R2 and R3 which
displays the absence of the LSA 4(asbr-summary):
R2#show ip ospf database asbr-summary
R3#show ip ospf database asbr-summary

Lab 21: How an ABR sets the Forward Address in the LSA Type
7
ABR and the Forwarding Address in OSPFv3:

R2 and R3 are the ABRs,area 1 is configured as NSSA ,R2 will do the
translation because the highest router-id 22.22.22.22:
R2#show ipv ospf | begin Area 1
Area 1
Number of interfaces in this area is 2
It is a NSSA area
Perform type-7/type-5 LSA translation
SPF algorithm executed 3 times
Number of LSA 18. Checksum Sum 0x0ADFAE
Number of DCbitless LSA 0
Number of indication LSA 0

Number of DoNotAge LSA 0
Flood list length 0
R1 receives one LSA Type 5 with the FA 34::4 :

R1#show ip ospf database external adv-router 22.22.22.22 | include Forward Address
R1(config-rtr)#do show ipv route osp

OE2 4::/64 [110/20]
via FE80::C802:22FF:FEA8:8, FastEthernet0/0
OI 23::/64 [110/2]
OI 24::/64 [110/2]
OI 34::/64 [110/2]
34::4 is choosen over 24::4 for the LSA Type 7 because it is the highest ip
address:
R4#show ipv ospf data nssa-external | include Forward Address
Even if the translator is R2 , the packet goes through R3 to reach 4::4 the
external subnet:
R1#traceroute 4::4
1 13::3 120 msec 36 msec 8 msec
2 34::4 204 msec 124 msec 88 msec
The reason:Because the best inter-area to reach the FA 34::4 is via R3 as

shown by the following output:
R1#show ipv route 34::4
Routing paths:
FE80::C802:22FF:FEA8:8, FastEthernet0/0
If we disable the link R4--R3

the FA will be 24::4 and the route has a next-hop the router R2:
R4#show ipv ospf data nssa-external | include Forward Address
Now what happen if we redistribute in the other side ,on R1:
R1 redistributes its loopback interface into OSPF domain but it is not
installed in the routing table of R4,because the LSA Type 5 (created by R1)
is not allowed in nssa(area 1):
% Route not found
R4#
R1#ping 4::4
!!!!!
R1#ping 4::4 source 1::1
Packet sent with a source address of 1::1

.....
R1#
to ensure the end to end connectivity between the two loopback
interfaces , we will inject an LSA Type 7 for a ON2 default route ::/0 into the
NSSA on the ABRs:
R2(config)#ipv router ospf 1

R2(config-rtr)#area 1 nssa default-information-originate
R3(config-rtr)#area 1 nssa default-information-originate
Notice after configuring the command area 1 nssa default-information
originate, the ABRs R2 and R3 create each one an LSA Type 7 for a default
route, as with the ASBR R4,R2 set also the FA to 23::2 and R3 set the FA to
23::3 , notice that these ip addresses represent the link fa1/0's R2--fa1/0's
R3:
R2#show ipv ospf data nssa-external self-originate | include Prefix Address|Forward
Address
Prefix Address: ::
Address
Prefix Address: ::
R4 receives the two FA 23::2 and 23::3:

R4#$pf database nssa-external | include Advertising Router|Forward Address
And R4 installs a load-balancing for the 0N2 default route:

R4#show ipv route ::/0
Routing entry for ::/0
Routing paths:
The reason:R4 installs a load balancing for the 0N2 default route
because ,R4 looks that the cost via R2 and R3 is the same to reach the two
FA via the inter-area routes as shown by the following output:
Routing paths:

Routing paths:
Thus R4 installs a load balancing for the 0N2 default route
Now what happen if we increase the cost of R3's fa1/0:
R3(config-if)#ipv ospf cost 100
Notice now R4 installs one path only for the ON2 default route via R2(notice
the outgoing interface fa0/0):
R4#show ipv route ospf
ON2 ::/0 [110/1]
OI 12::/64 [110/2]
OI 13::/64 [110/2]
O 23::/64 [110/2]
We can confirm the result by looking the traceroute which shows that the
packet goes through R2 :
R4#traceroute 1::1
1 24::2 144 msec 72 msec 4 msec
2 12::1 252 msec 136 msec 72 msec
This is happened because after increasing the cost fa1/0 of R3, R4 finds
that the best cost or the best inter-area route to reach the two FA is via by
R2 where the cost is 2 through R2 ,less than the cost through R3 which is
101:
Routing paths:

Routing paths:
Now we will see which FA is set for the LSA Type 7 ON2 default routeby the
ABRs R2 and R3 after disabling OSPF in the link R2--R3:
R3(config-if)#no ipv ospf 1 area 1
R2(config-if)#no ipv ospf 1 area 1
Let's look the FA set by both R2 and R3 for its own LSA Type 7 ON2 default
route:
Notice now the FA choosen by R2 and R3 are 24::2 (fa0/0 of R2) and 34::3
(fa0/1 of R3) respectively:
Address
Prefix Address: ::
R3#$sa-external self-originate | include Prefix Address|Forward Address

Prefix Address: ::
R4 installs a load balancing ,Notice now the next-hop of the routes are the
Forward Addresses ,not the link-local addresses which is used byt default
as the next-hop in OSPFv3:
Routing paths:
Now if we want to prefer the path through R3 ,we will try to advertise the
LSA Type 7 for ON2 default route with a metric higher than the LSA Type 7
from R3 which is 1:
R2(config-rtr)#area 1 nssa default-information-originate metric 5
R4#show ipv ospf data nss | include Forward Address|Metric
Metric: 1
Metric: 20
Metric: 5
Notice the Metric listed in the LSA Type 7 in R2 with the FA 24::2 is equal to
5 and the Metric listed in the LSA Type 7 in R3 with the FA 34::3 is equal to
1,thus R4 prefers the path through R3 as a better route because the lowest
metric.
Routing paths:
Lab 22: Routing Problem with OSPFv3 when advertising

external routes in NSSA:
Only R1 has a static route ipv6 route 4::/64 124::4 and redistribute it into
ospf,R1 is running OSPFv3 only with R2 and R3.
R1 and R3 are configured in area 1 NSSA
R2 and R3 are configured in area 0
R2 receives an LSA Type 5 from R3 the ABR with the Forward Address set to
13::1 which is the ip address of R1's fa0/1:
R2#show ipv ospf data external | include Advertising Router|Forward Address

R2 than looks and find that it has an inter-area to reach the FA 13::1:
Routing paths:
Thus R2 installs successfully the external route 4::/64 in its routing table:
Routing paths:
R2#ping 4::4
!!!!!
Now what happen if I enables ospf in fa0/0 of R1:
R1(config-if)#ipv6 ospf 1 area 1
R2 receives an LSA Type 5 from R3 the ABR with the Forward Address set
now to 124::4 which is the ip address of R4's fa0/0 and also the next-hop of
the static route:

R2 now does not install the external route
% Route not found
R2#
The reason is valid as with OSPFv2 explained in the following link:
http://meddane.e-monsite.com/labs/ospf-protocol-routing/routing-problem-with-ospfforwarding-address.html
In other word :By definition when a router receives an external route with a
FA set to non zero in the LSA Type 5 ,it looks if there is an intra-area route
or inter-area route to reach the FA:
In this case:R2 does not have an external route toward the external subnet
because simply R2 does not have an intra-area or inter-area to reach the FA
124::4/64,instead it has a directly connected route which is not an OSPF
route ,and at the same time it receives an LSA Type 3 (called inter-area
prefix in OSPFv3) listing the subnet 124::/64 with the advertising router
1.1.1.1 (R1) as shown by the show ipv ospf database inter-area prefix advrouter 3.3.3.3 command But R2 prefers the connected route over the ospf
route(inter-area) for the prefix 124::/64 because the lowest AD ,0 for the
connected route,110 for the OSPF route.This is the reason why R2 does not
install the external route 4::/64 as shown by the show ipv route 124::/64
command:

Known via "connected", distance 0, metric 0, type connected
Backup from "ospf 1 [110]"
Routing paths:
directly connected via FastEthernet0/0
R2#show ipv ospf database inter-area prefix adv-router 3.3.3.3

Inter Area Prefix Link States (Area 0)
LS age: 1937
Link State ID: 0
Checksum: 0xACC
Length: 36
Metric: 1

LS age: 563
Link State ID: 2
Checksum: 0xD3ED
Length: 36
Metric: 2
It is always useful to remember what we said previously in the lab did with
OSPFv2:
route to reach the FA(so the route toward the FA must be an OSPF route )in
this case R2 prefers the connected route over the inter-area ,this is the
reason why R2 loses the external route,In this lab,R2 ,when it looks its
routing table ,it does not find an inter-area route 124::/64 (even if it
receives an LSA Type 3 from R1 for the prefix 124::/64) instead it find and
prefers the connected route 172.16.1.0 because the AD of a connected
route is 0 and the AD of a route ospf is 110,so R2 will choose the lowest AD
and R2 will never install the external route,because the FA must be
reachable either via an intra-area route or inter-area route only ,thus R2
will never install the external route.
Let's turn the int fa0/0 as a point-to-point network type to remove the FA:
R1(config-if)#ipv ospf network point-to-point
the result is not expected,it is interesting to notice that we have still the FA
set to a non-zero but in this case R1 remove the FA 124::4 and replace it
with its fa0/0'ip address even if fa0/0 is in point-to-point network as shown
by the following output:
So the problem still exist for the same reason as explained above with the
FA 124::4 ,because R2 does not have an inter-area route to reach the FA
124::1 ,it will never install the external route 4::/64:
% Route not found
Let's remove ospf network point-to-point and we will try the second
solution which is changing the next-hop of the static route to be the
outgoing interface where FE80::C803:21FF:FECC:8 is the link-local address
og R4 's fa0/0:
R1(config-if)#no ipv6 ospf network point-to-point
R1(config-if)# no ipv6 route 4::/64 124::4
R1(config)#ipv route 4::/64 fa0/0 FE80::C803:21FF:FECC:8
The FA is still 124::1 so R2 still loses its external route 4::/64:
R2#
To solve this problem,we will try to ensure R2 prefers the inter-area route
over the connected route 124::/64 (in other word it must have the
reachability to the FA via the inter-area route 124::/64 advertised by R3) in
order to see the external route in the routing table of R2,by manipulating
the length prefix:
Let's go:
R1(config)#interface FastEthernet0/0
R1(config-if)#no ipv address 124::1/64
R1(config-if)#ipv address 124::1/86
R1(config-if)#ipv ospf 1 area 1
The FA is still 124::1 as expected:
Now R2 installs successfully the external route 4::/64 :
R2#show ipv route 4::
Routing paths:
Now R2 prefers the inter-area route to reach 124::1 because The longestmatching route /86 wins comparing with the directly connected route with /
64 as shown by the show ipv route 124:: and the traceroute toward 124::1
which display that the packet goes through R3--R1,so R2 is using the interarea route to reach the FA 124::1:
R2#show ipv route 124::
Routing paths:
1 23::3 60 msec 36 msec 36 msec
2 13::1 68 msec 64 msec 60 msec
R2 installs successfully the external route 4::/64:

Routing paths:
R2#ping 4::4
!!!!!
Another solution:Unlike with OSPFv2 where we have used the secondary ip
address to influence the route preference using longest-matching route,the
secondary commad is not necessary when adding a second ipv6 address,we
have simply to add another ip address on the desired interface, fa0/0 of R1:
Let's remove 124::1/86 and configure two ipv6 addresses, the origin ipv6
124::1/64 and another ipv6 address 123::1/64 ,the second ipv address must
be lower:
R1(config-if)#no ipv address 124::1/86
R1(config-if)#ipv address 124::1/64
notice now the FA is set to 123::1:

R2 now installs and ping successfully the external route:

Routing paths:
R2#ping 4::4
!!!!!
R2#
The reason is that now R2 has an inter-area to reach the FA 123::1 as
shown by the following output:
Routing paths:
Lab 23: OSPFv3 LSAs : Types 2001 and 2002, Types 0008 and
2009 (Router and Network, Link and Intra-Area-Prefix):
The purpose of the LAB is to detail the LSA Type 1 ,Type 8 and Type 9 in
OSPFv3.
The Link R1--R2 is in broadcast ospf network and R2 is the DR.
The Link R2--R3 is in point-to-point ospf network .
R3 redistributes an external prefix into the OSPF Domain as follow:
R3(config)#route-map CONNECTED
R3(config-route-map)#match interface lo0
R3(config-route-map)#exi
R3(config-rtr)#redistribute connected route-map CONNECTED
OSPFv3 defines an Inter-Area Router LSA which is the equivalent of the LSA
Type 4 called ASBR-Summary in OSPFv2, it is originated by the ABR,to tell
to the other routers how to reach the ASBR.In this scenario, there is no ABR
,so the Inter-Area Router LSA is not created as shown by the show ipv6 ospf
database inter-area router command in different routers ,this command is
the equivalent of the show ip ospf data asbr-summary command in OSPFv2:
here the LSA Type 1 (Router LSA) comes to indicate if the router is an ASBR
or an ABR or if it is an end-point of a virtual link by setting the E bit of the B
bit or the V bit respectively.
In this case R3 is the ASBR so it creates an LSA Type 1 and set the E bit to
permit to R2 and R1 to know that R3 is the ASBR,to display this LSA we will
use the show ipv ospf data router self-originate command:
R3#show ipv ospf data router self-originate
LS age: 15
Link State ID: 0
Checksum: 0x2DA
Length: 40
AS Boundary Router
Number of Links: 1

Link Metric: 1
Notice the line AS Boundary Router which shows that R3 is the ASBR (E bit
set).Let's confirm that R1 receives this LSA Type 1 from R3 by using show
ipv6 ospf database router adv-router 3.3.3.3 command:
R1#show ipv ospf database router adv-router 3.3.3.3
LS age: 203
Link State ID: 0

LS Seq Number: 8000000B
Checksum: 0xAE2C
Length: 40
AS Boundary Router
Number of Links: 1
Link connected to: another Router (point-to-point)

Link Metric: 1
Neighbor Interface ID: 3
Neighbor Router ID: 2.2.2.2

Routing paths:
R1#ping 3::3
!!!!!
Untill now it's OK with the External prefix and ASBR.
Now let's looks another field of the LSA Type 1:
Notice that the prefixes are not carried in the LSA Type 1 in OSPFv3 unlike
with OSPFv2,so how the prefixes are propagated?,here the LSA Type 9
called Intra-Area prefix LSA and LSA Type 8 called Link LSA come,the LSA
Type 9 is used to advertise the prefixes that are associated with the router
itself and attached stub network (carried in the LSA Type 1 of OSPFv2) and
attached transit network (carried in the LSA Type 2 of OSPFv2) and the LSA
Type 8 is used to advertise the link-local address of the router's interface
to the routers attached to the link in order to use these link-local addresses
for the next-hop,also it informs the routers attached to the link the list of
prefixes associated with the link.
An important point to notice ,in OSPFv3 the LSA Type 1 carries a reference
to link,as shown by the show ipv6 ospf database router command on
R3,Notice the Local Interface ID and the Neighbor(DR) Interface ID which
means the local interface identifier and remote interface identifier
respectively:
R3#show ipv ospf database router adv-router 2.2.2.2
LS age: 131
Link State ID: 0
Checksum: 0x2798
Length: 56
Number of Links: 2

Link Metric: 1
Link Metric: 1
R3#show ipv ospf database router self-originate

LS age: 28
Link State ID: 0
LS Seq Number: 8000000B
Checksum: 0xAE2C
Length: 40
AS Boundary Router
Number of Links: 1

Link Metric: 1
Now let's see the LSA Type 8 (Link LSA):

Each Router in the link R2--R3 creates and advertises its own LSA Type 8
listing the Link-local Address for the purpose of the next-hop ,this LSA is
exchanged only between the routers sharing the same link,the show ipv
ospf database link command entered on R3 shown two LSAs Type 8 ,one
originated by R3 itself and another by R2, also notice the prefix 13::
associated with the interface of the router in the link listed on both LSAs
Type 8.
An important point to notice is the Link State ID listed in the LSAs Type 8 ,
let's looks above the LSA Type 1 on R3 and notice the advertising router
2.2.2.2 with the local interface identifier ( Local Interface ID ) of R2 and the
remote interface identifier (Neighbor (DR) Interface ID) of R3, which are 3
and 2 respectively,now let's look the LSAs Type 8 below displayed by the
show ipv ospf database link on R3 and notice the Link State ID for the LSA
Type 8 advertised by R2 which is 3 and the Link State ID which is 2
advertised by R3.
To summarize:
In the LSA Type 1 advertised by R2 to R3:
R2:The Local Interface ID=3
R3:Neighbor (DR) Interface ID=2
In the LSAs Type 8 on R3:
R2:Link State ID= 3
R3:Link State ID= 2
The Link State ID listed on the LSA Type 8 are the exact same values used
in the LSA Type 1 as a link references,these values permit to the router R3
to combine the LSA Type 1 and the LSA Type 8:
R3#show ipv ospf database link
LS age: 765
Checksum: 0x30FA
Length: 56
Router Priority: 1
Link Local Address: FE80::C801:16FF:FE18:6
LS age: 412
Checksum: 0x993C
Length: 56
Router Priority: 1
Link Local Address: FE80::C802:11FF:FE6C:8
So the LSA Type 8 helps the router to know only the directly prefix with the
directly neighbor.
In the case where two routers are not directly connected but they are in the
same area, R1 and R3 in this case,the LSA Type 9 ( Intra-Area-Prefix ) comes
to solve the problem,the show ipv6 ospf database prefix command shown
that the prefix 12:: which belongs to the link R1--R2 is learned in the
database of R3:
Let's look the LSA Type 9 in R3,we have three LSAs Type 9,two LSAs 9 has
the same Referenced LSA Type: 2001 and one LSA 9 has Referenced LSA
Type: 2002,2001 refers to the LSA Type 1 and 2002 refers to the LSA Type 2.
So when two routers are not directly connected but belong to the same
area,the LSA Type 9 comes to include the prefix ,in this case the concerned
prefix is 12:: which is now known by R3 via the LSA Type 9 advertised by
2.2.2.2 (R2) :
LS age: 851
Link State ID: 0
Checksum: 0x9909
Length: 44

LS age: 858
Link State ID: 2048
Checksum: 0x2F67
Length: 44

LS age: 832
Link State ID: 0
Checksum: 0xADEC
Length: 44
So in OSPFv3 the LSA Type 1 does not include the prefixes then it interacts
with the LSA Type 8 and the LSA Type 9 in order to know all intra-area
information including the prefixes between the routers directly connected
or not and belonging to the same area.
Now we will focus over Referenced LSA Type: 2002 which is the LSA Type
2(network LSA) with the advertising router R2.
The LSA Type 2 is created by the DR , R2 is the DR in the segment R1--R2:
Let's look the LSA Type 2 advertised by R2:
the prefix is not carried in the LSA Type 2 like what we have seen with the
LSA Type 1, as shown by the show ipv ospf database network command on
R3 below:
Notice the Link State ID: 2 which will be explained later.
R3#show ipv ospf database network
Net Link States (Area 0)
LS age: 475
LS Type: Network Links
Link State ID: 2 (Interface ID of Designated Router)

Checksum: 0x17DB
Length: 32
Attached Router: 2.2.2.2
Attached Router: 1.1.1.1
the missing prefix in the LSA Type 2 is carried in the LSA Type 2009 (IntraArea-Prefix),the concerned prefix is 12::/64 which is the link R1--R2 as
shown by the show ipv6 ospf database prefix adv-router 2.2.2.2 command:
R3#show ipv6 ospf database prefix adv-router 2.2.2.2
LS age: 1873
Link State ID: 0
Checksum: 0x970A
Length: 44

LS age: 913
Link State ID: 2048
Checksum: 0x3564
Length: 44
The output above displays the LSA Type 9 originated by R2 that references
LSA Type 2002 (LSA Type 2) created and advertised by R2 with the
Referenced Link State ID: 2 (the same value with the Link State ID listed in
the LSA Type 2 of R2) and the prefix 12::/64 is associated with this LSA,this
value permit to the router R3 to combine the LSA Type 2 and Type 9 in order
to build its database.
So such as what we have seen with the LSA Type 1 that interacts with the
LSA Type 8 and the LSA Type 9 ,the LSA Type 2 interacts with the LSA Type
9 in order to permit the routers to learn the prefixes missed in the LSA Type
2.
We know that SPF calculations are caused by the LSA Type 1 and the LSA
Type 2 when a change occurs. So adding or removing the subnets in the
OSPF does not trigger SPF calculation like what we have learned about
OSPFv2,so the purpose of separating the prefix information from the LSA
Type 1 and Type 2 and adding two LSAs Type 8 and Type 9 to carry these
prefixes is to optimize the convergence of OSPFv3.
Supplement Lab
Adjacencies in OSPFv3
Even if R1 and R2 does not share the same subnet ,the adjacencies is up
and the connectivity is full
R1#show ipv6 ospf neighbor
Neighbor ID Pri State Dead Time Interface ID Interface
2.2.2.2 1 FULL/BDR 00:00:31 2 FastEthernet0/0
R2#show ipv6 ospf neighbor

1.1.1.1 1 FULL/DR 00:00:37 2 FastEthernet0/0
The pings are successfull:

!!!!!

!!!!!
That's because link-local addresses are used to communicate between
directly connected routers and neighboring routers (when on-link) specify
these addresses as targets of redirect messages, hence the default
behavior will be successful communication.
Lab 24: Redistribution between two EIGRP autonomous

systems
Redistribution between two EIGRP autonomous systems:

-R4 is a EIGRP stub router:
-R4 should never advertise any routes:
R4(config)#router eigrp 1
R4(config-router)#network 150.1.1.0 0.0.0.255
R4(config-router)#eigrp stub receive-only
-R4 should receive a default route from R1 :

R1(config)#ip prefix-list DEFAULT seq 5 permit 0.0.0.0/0
R1(config-router)#distribute-list prefix DEFAULT out fastethernet 0/0
R1(config-router)#exit
R1(config-if)#ip summary-address eigrp 1 0.0.0.0 0.0.0.0
R1(config-if)#exit
We can see that the neighbor which is R4 shown in R1 with the show ip
eigrp neighbors detail command is configured as stub,with the keyword
receive-only R4 receives routes but does not send any routes to R1 as
shown by the last word No routes:
R1(config-router)#do show ip eigrp neighbors detail
IP-EIGRP neighbors for process 1
H Address
Interface
Hold Uptime SRTT RTO Q Seq
(sec)
0 150.1.1.4
Fa0/0
(ms)
Cnt Num
11 00:00:13 74 444 0 3
Version 12.4/1.2, Retrans: 1, Retries: 0

Receive-Only Peer Advertising ( No ) Routes
Suppressing queries
We can verify that R4 receives successfully one default route from R1:
R4(config-if)#do show ip route eigrp
D* 0.0.0.0/0 [90/307200] via 150.1.1.1, 00:11:12, FastEthernet0/0
-R4 must reach all other routers in the network.

-only 150.1.1.0/24 subnet is allowed to be installed in the topology table of
EIGRP 2 Domain:
The first sequence 10 of the route-map EIGRP1toEIGRP2 with the permit
action allows only the route matched the prefix-list NETWORK-150.1.1.0/24
and the second sequence 20 deny all other routes with the deny action:
R1(config)#redistribute eigrp 2
R1(config)#ip prefix-list NETWORK-150.1.1.0 seq 5 permit 150.1.1.0/24
R1(config)#route-map EIGRP1toEIGRP2 permit 10
R1(config-route-map)#match ip address prefix-list NETWORK-150.1.1.0
R1(config-route-map)#exit
R1(config)#route-map EIGRP1toEIGRP2 deny 20
R1(config-router)#redistribute eigrp 1 route-map EIGRP1toEIGRP2
R1(config-router)#do show ip route eigrp

D
10.0.0.8 [90/2681856] via 10.0.0.6, 00:00:05, Serial0/1

[90/2681856] via 10.0.0.2, 00:00:05, Serial0/0
150.2.2.0 [90/2297856] via 10.0.0.2, 00:00:05, Serial0/0

150.3.3.0 [90/2297856] via 10.0.0.6, 00:00:05, Serial0/1
D* 0.0.0.0/0 is a summary, 00:34:18, Null0

D
10.0.0.4 [90/2681856] via 10.0.0.10, 00:20:06, Serial0/1

[90/2681856] via 10.0.0.1, 00:20:06, Serial0/0
D EX
150.1.1.0 [170/2195456] via 10.0.0.1, 00:00:14, Serial0/0

D
150.3.3.0 [90/2297856] via 10.0.0.10, 00:19:57, Serial0/1

D
10.0.0.0 [90/2681856] via 10.0.0.9, 00:20:16, Serial0/0

[90/2681856] via 10.0.0.5, 00:20:16, Serial0/2
D EX
150.1.1.0 [170/2195456] via 10.0.0.5, 00:00:34, Serial0/2

D
150.2.2.0 [90/2297856] via 10.0.0.9, 00:20:16, Serial0/0

D* 0.0.0.0/0 [90/307200] via 150.1.1.1, 00:01:01, FastEthernet0/0
-The link between R1 and R3 should only be used when the link between R1
and R2 fails. Configure EIGRP so that neither routers R1 nor R3 use this link
unless the link between R1 and R2 is down.
Configure an offset-list on R3:
The inbound and the outbound offset-list on R3 ensure that the metrics of
a routes received or sent via the link between R1 and R3 are increased by
adding the value 1000000000 so the metrics via the link R1--R2 is better:
R3(config-router)#offset-list 0 in 1000000000 serial 0/2
R3(config-router)#offset-list 0 out 1000000000 serial 0/2
offset-list 0 with access-list 0 is the equivalent of permit any and it is

applied to all routes .
On R3 now the next-hop for all routes eigrp is 10.0.0.9 which is the ip
address of R2:
D
10.0.0.0 [90/2681856] via 10.0.0.9, 00:00:04, Serial0/0

D EX
150.1.1.0 [170/2707456] via 10.0.0.9, 00:00:04, Serial0/0

D
150.2.2.0 [90/2297856] via 10.0.0.9, 00:00:04, Serial0/0
And on R1 the next-hop for all routes eigrp is 10.0.0.2 which is the ip
address of R2:
R1(config)#do show ip route eigrp
D
10.0.0.8 [90/2681856] via 10.0.0.2, 00:00:02, Serial0/0

150.2.2.0 [90/2297856] via 10.0.0.2, 00:00:02, Serial0/0

D
150.3.3.0 [90/2809856] via 10.0.0.2, 00:00:02, Serial0/0
D* 0.0.0.0/0 is a summary, 00:35:02, Null0
Let's shutdown the link between R2 and R3 in order to fail the link R1 and
R2 and verify if the link between R3 and R1 is used
R3(config)#int s0/0
R3(config-if)#shu
R3(config-if)#do sho
*Mar 1 01:29:03.323: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 2: Neighbor 10.0.0.9
(Serial0/0) is down: interface down
*Mar 1 01:29:06.219: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0,
changed state to down
Now the next-hop on R3 is 10.0.0.5 which is the ip address of R1 ,the link

between R1 and R3 is used:
D
10.0.0.8 [90/1003193856] via 10.0.0.5, 00:00:05, Serial0/2
10.0.0.0 [90/1002681856] via 10.0.0.5, 00:00:05, Serial0/2

D EX
150.1.1.0 [170/1002195456] via 10.0.0.5, 00:00:05, Serial0/2

D
150.2.2.0 [90/1002809856] via 10.0.0.5, 00:00:05, Serial0/2
Finally notice the effect of the offset-list:

Let's take an example of the network 150.1.1.0/24,before configuring the
offset-list the best metric is via R1 10.1.1.5 and it is equal to 2195456 as
shown above at the first of the comments,now after configuring the offsetlist the Metric via R1(10.1.1.5) between the parenthesis for the network
150.1.1.0/24 which is equal to 1002195456 is derived by adding the value
configured in the offset-list 1000000000+2165456=1002195456 ,this metric
1002195456 is shown by the show ip eigrp topo all command which display
all routes eigrp successor or no successor ,Feasible successor or not

Feasible successor:
R3(config-if)#do show ip eigrp topo all
IP-EIGRP Topology Table for AS(2)/ID(150.3.3.3)
Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,

r - reply Status, s - sia Status
P 10.0.0.8/30, 1 successors, FD is 2169856, serno 30

via Connected, Serial0/0
via 10.0.0.5 (1003193856/1002681856), Serial0/2
via 10.0.0.9 (2681856/2169856), Serial0/0
via 10.0.0.5 (1002681856/1002169856), Serial0/2
via Connected, Serial0/2
via 10.0.0.9 (2707456/2195456), Serial0/0
via 10.0.0.5 (1002195456/1000281600), Serial0/2
via 10.0.0.9 (2297856/128256), Serial0/0
via 10.0.0.5 (1002809856/1002297856), Serial0/2
via Connected, Loopback0
via 10.0.0.5 (1003321856/1002809856), Serial0/2
Lab 25: Redistribution between two AS EIGRP
R1 and R4 redistribute between the two EIGRP Autonomous Systems:

R1(config-router)#redistribute eigrp 200

show ip eigrp topology 150.3.3.0 255.255.255.0 command displays three

routes, via R2 ,via R3 and via R4:
R1(config-router)#do show ip eigrp topology 150.3.3.0 255.255.255.0
IP-EIGRP (AS 100): Topology entry for 150.3.3.0/24
State is Passive, Query origin flag is 1, 1 Successor(s), FD is 2195456
10.0.0.6, from Redistributed, Send flag is 0x0
Composite metric is (2195456/0), Route is External
Vector metric:
Minimum bandwidth is 1544 Kbit
Total delay is 21000 microseconds
Reliability is 255/255
Load is 1/255
Minimum MTU is 1500
Hop count is 1
External data:
Originating router is 150.1.1.1 (this system)
AS number of route is 200
External protocol is EIGRP, external metric is 2195456
Administrator tag is 0 (0x00000000)
150.1.1.4 (FastEthernet0/0), from 150.1.1.4, Send flag is 0x0
Vector metric:
Load is 1/255
Minimum MTU is 1500
Hop count is 2
External data:
Originating router is 150.1.1.4
10.0.0.6 (Serial0/1), from 10.0.0.6, Send flag is 0x0
Composite metric is (2195456/281600), Route is Internal
Vector metric:
Load is 1/255
Minimum MTU is 1500

Hop count is 1
Vector metric:
Load is 1/255
Minimum MTU is 1500
Hop count is 2
And the best route installed in the routing table is through R3 which is the
internal
route learned from EIGRP 200 with the next-hop 10.1.1.6:
R1#show ip route 150.3.3.0 255.255.255.0
Known via "eigrp 200", distance 90, metric 2195456, type internal
Redistributing via eigrp 100, eigrp 200
Advertised by eigrp 100
Total delay is 21000 microseconds, minimum bandwidth is 1544 Kbit
Reliability 255/255, minimum MTU 1500 bytes
Loading 1/255, Hops 1
The challenge is:

1.
R1 should first prefer the path via R4 to reach the 150.3.3.0/24
2.
If the path via R4 is down, R1 should prefer the path via R2
3.
R3
If the path via R4 and via R2 is down, R1 should use the direct path to
To ensure that R1 prefers the path through R4 ,we will adjust the
Administrative Distance by increasing the AD of internal and external
routes learned from EIGRP 200 to be higher than the AD of external routes
learned from EIGRP 100:
R1(config-router)#distance eigrp 180 200
Now we can see that the next-hop is R4 and the route has an AD of 170 and
it's an external redistributed via eigrp 200:
R1(config-router)#do show ip route 150.3.3.0 255.255.255.0
Known via "eigrp 100", distance 170, metric 2221056, type external
Redistributing via eigrp 100, eigrp 200
Advertised by eigrp 200
If the path via R4 is down, R1 should prefer the path via R2 so if the path
via R4 fails , R1 goes through R2 instead of R3,thus we will increase the
metric for routes learned from R3, we can see at the begining in the do
show ip eigrp topology 150.3.3.0 255.255.255.0 command that:
-the metric to reach 150.3.3.0 through R3 is 2195456
The path via R3 is better:
to ensure R2 will become the preferred route if R4 fails we will increase the
metric for the routes learned from R3 by using offset-list:

R1(config-router)#offset-list 0 in 1000000000 serial 0/1
Notice now:
-the metric to reach 150.3.3.0 through R3 is
1002195456(1000000000+2195456)
the path through R2 is better:
R1#show ip eigrp topology 150.3.3.0 255.255.255.0 | include metric|10.0.0.2|
10.0.0.6
Vector metric:
Vector metric:
Vector metric:
1.
R3 should prefer the path via R4 to reach the 150.1.1.0/24
2.
If the path via R4 is down, R3 should prefer the path via R2
3.
If the paths via R4 R2 are down, R3 should use the direct path to R1
We have load balancing on R3 to reach 150.1.1.0, one path through R4 and

another path through R1:
R3(config-router)# do show ip route 150.1.1.0 255.255.255.0
Redistributing via eigrp 200

10.0.0.5, from 10.0.0.5, 00:12:46 ago, via Serial0/0
To ensure that the best path is through R4 and if R4 fails ,R3 prefers the
path through R2 ,we will just increase the metric of R1 to be higher than
the metric of R2 , we have already the route via R4 installed in the routing
table (load balancing with the path R1):
before making any changes notice the metric through R1 10.0.0.5 is
2195456
and the metric through R2 10.0.0.9 is 2707456
R1 is better:
R3#show ip eigrp 200 topology 150.1.1.0 255.255.255.0 | include
10.0.0.9|10.0.0.14
Vector metric:
Vector metric:
Vector metric:
metric|10.0.0.5|
we will increase the metric of the routes learned from R1 by configuring an

offset-list as follow:
R3(config-router)# offset-list 0 in 604544 s0/0
offset-list 0 with access-list 0 is the equivalent of permit any and it is

applied to all routes .
Now the metric through R1 is 2800000=604544+2195456
The metric through R2 is 2707456
R2 is better than R1:
10.0.0.9|10.0.0.14
Vector metric:
Vector metric:
Vector metric:
R3#show ip route eigrp

D
10.0.0.0 [90/2681856] via 10.0.0.9, 00:02:54, Serial0/1

metric|10.0.0.5|
D EX
150.1.1.0 [170/2195456] via 10.0.0.14, 00:02:54, Serial0/2
so R3 prefers the path through R4 (10.0.0.14) to reach 150.1.1.0 with the

best metric 2195456, if R4 fails, R3 will use the path via R2 with the metric
2707456 and if R2 fails R3 will use the path via R1 with the metric 2800000.
the challenge now is to configure R3 so that it will install unequal load
balancing for the three path show in the show ip eigrp 200 topology
150.1.1.0 255.255.255.0 command by using variance command:
R3(config-router)#variance 2
D
10.0.0.0 [90/2681856] via 10.0.0.9, 00:02:31, Serial0/1

D EX
150.1.1.0 [170/2195456] via 10.0.0.14, 00:00:06, Serial0/2

[170/2800000] via 10.0.0.5, 00:00:06, Serial0/0
Ok the result is not expected because we have only two path to perform
unequal load balancing via R4 and via R1,the challenge tells us to install all
the three path, why this behavior ? first by definition ,when configuring
variance command ,any FS routes whose calculated metric is less than or
equal to the product of variance times FD are added to the IP routing
table ,Routes that are neither successor nor feasible successor can never
be added to the IProuting table, regardless of the variance setting.
In this case before configuring the variance command on R3, the only
feasible successor is R1 because the Reported Distance of R1 is 886144
less than the Feasible Distance of R4 which is 2195456,the path via R2 is
not included because the Reported Distance of R2 is 2195456 and it is
equal to the Feasible Distance of R4 which is 2195456 so the feasibility
condition is not respected,R2 is not a FS:
To ensure that R2 meets the the feasibility condition in order to install this
path for unequal load balancing we will try to configure an offset-list on
R4 :
with an offset-list configured with a value of 4 ,R4 will add it to the FD and
RD and advertises out to its neighbor R3 ,(2195456/281600) becomes
(2195460/281604)
in other word after configuring the offset-list , R4 calculates the new
Feasible Distance FD and the Reported Distance RD as follow:
the new FD =2195456+4=2195460
the new RD =281600+4=281604
R4(config-router)#router eigrp 200

R4(config-router)#offset-list 0 out 4
Notice now R2 now meets the feasibility condition, the Reported Distance
of R2 2195456 is less than the FD of R4 2195460:
10.0.0.9|10.0.0.14
metric|10.0.0.5|

Vector metric:
Vector metric:
Vector metric:
We should have three path in the routing table of R3 to perform unequal

load balancing:
D
10.0.0.0 [90/2681856] via 10.0.0.9, 00:09:45, Serial0/1

D EX
150.1.1.0 [170/2195460] via 10.0.0.14, 00:05:11, Serial0/2

[170/2707456] via 10.0.0.9, 00:05:11, Serial0/1
[170/2800000] via 10.0.0.5, 00:05:11, Serial0/0
R3#show ip route 150.1.1.1 255.255.255.0

Good result ,R3 installs the three paths (via R4 ,via R2 and via R1) to reach
150.1.1.0 with unequal load balancing.Notice the traffic share count
keyword in the show ip route 150.1.1.1 255.255.255.0 command for all
three paths , it is equal to a non-zero :
240 packets routed to R4
After configuring unequal load balancing ,the challenge now is :we should
install ONLY a single path - the path via R4 - this path will be used to
forward packets destined to 150.1.1.0. The rest of two paths should not be
used when the path through R4 is up. The path with the route with the best
metric which is through R2 should then be used when the path via R4 fails:
R3(config-router)#traffic-share min across-interfaces
*Mar 1 02:07:28.367: %FIB-4-UNEQUAL: Range of unequal path weightings too large
for prefix 150.1.1.0/24. Some available paths may not be used.

D
10.0.0.0 [90/2681856] via 10.0.0.9, 00:00:39, Serial0/1

D EX
150.1.1.0 [170/2195460] via 10.0.0.14, 00:00:39, Serial0/2

[170/2707456] via 10.0.0.9, 00:00:39, Serial0/1
[170/2800000] via 10.0.0.5, 00:00:39, Serial0/0
Notice now the traffic share count is equal to 0 for R2(10.0.0.9) and
R1(10.0.0.5):
R3#show ip route 150.1.1.1 255.255.255.0

Lab 26: EIGRP over Frame-Relay
R1 is the hub, R2 and R4 are the spoke routers on Frame-Relay:

D
150.2.2.0 [90/2195456] via 10.0.0.2, 00:02:54, Serial0/1

150.4.4.0 [90/2195456] via 10.0.0.4, 00:02:09, Serial0/1
Notice on R2 the subnet lan of R4 150.4.4.0 is missing:

150.1.1.0 [90/2195456] via 10.0.0.1, 00:03:10, Serial0/1
Also on R4 ,the subnat lan of R2 150.2.2.0 is missing:

D
150.1.1.0 [90/2195456] via 10.0.0.1, 00:02:43, Serial0/0
By default, EIGRP will not advertise routes out the same interface via which
they were learned due to split horizon:
to override this caveat we must disable split horizon on R1 the hub:
R1(config-if)#no ip split-horizon eigrp 1
Now both the lan subnets appears on each router spocke:

D
150.1.1.0 [90/2195456] via 10.0.0.1, 00:05:57, Serial0/1

150.4.4.0 [90/2707456] via 10.0.0.1, 00:00:09, Serial0/1

D
150.1.1.0 [90/2195456] via 10.0.0.1, 00:05:26, Serial0/0

150.2.2.0 [90/2707456] via 10.0.0.1, 00:00:23, Serial0/0
Notice the next-hop in R2 and R4 , R1 is always the next-hop to reach all

subnats LAN,EIGRP does not set the NEXT HOP field in EIGRP packets by
default,on a multi-access network, such as an NBMA or Ethernet network, a
router receiving routes from an EIGRP router assumes that the next hop of
these routes is the router sending the updates ,in this case R1:
To change the next-hop ,we configure no ip next-hop-self eigrp 1 command:

R1(config-if)#no ip next-hop-self eigrp 1
R1 will set the NEXT HOP field in outgoing routing updates only if the IP
next hop in its EIGRP topology table belongs to the IP subnet of the
outgoing interface.
Notice the next-hop to reach 150.4.4.0 is now R4:
D
150.1.1.0 [90/2195456] via 10.0.0.1, 00:00:00, Serial0/1

150.4.4.0 [90/2707456] via 10.0.0.4, 00:00:00, Serial0/1
On R4 the next-hop to reach 150.2.2.0 is R2:

D
150.1.1.0 [90/2195456] via 10.0.0.1, 00:00:04, Serial0/0

150.2.2.0 [90/2707456] via 10.0.0.2, 00:00:03, Serial0/0
But notice R2 and R4 are unable to ping between the LANs because there is
no direct Frame Relay PVC between the two spoke routers:
R2(config)#do ping 150.4.4.4 source 150.2.2.2
Packet sent with a source address of 150.2.2.2
.....
R2(config)#
R4(config)#do ping 150.2.2.2 source 150.4.4.4

.....
To allow the ping we must create manually a pvc between R2 and R4:

Now the pings are successfully:

R2(config-if)#do ping 150.4.4.4 source 150.2.2.2
!!!!!
R4(config-if)#do ping 150.2.2.2 source 150.4.4.4

!!!!!
Lab 26: Troubleshooting EIGRP
We have two routers both are running EIGRP protocols,the subnet used for
the link between R1 and R2 is 10.1.1.0/30
R1's fa0/0 10.1.1.1/32
R2's fa0/0 10.1.1.2/32
R2 is configured already and we have no access, we can only manage the
router R1
Below the configuration of R1:
interface FastEthernet0/0
ip address 10.1.1.1 255.255.255.252
duplex auto
speed auto
!
router eigrp 1
network 10.1.1.0 0.0.0.3
no auto-summary
Case 1 AS number mismatch:

the ping from R1 toward R2 is successfully:
R1#ping 10.1.1.2

!!!!!
But there is no eigrp adjacencies between them as shown by the show ip

eigrp nei on R1:
R1#show ip eig nei
How to troubleshoot this scenario if we can manage R1 only?

let's go :
I create an ACL and use it under debug to check packet eigrp coming from
a source ip address 10.1.1.2 (router R2) with a destination address
224.0.0.10 which is the EIGRP Multicast Address.
R1(config)#access-list 100 permit eigrp host 10.1.1.2 host 224.0.0.10
R1#debug ip packet 100 detail dump
IP packet debugging is on (detailed) (dump) for access list 100
R1#
*Mar 1 00:35:17.455: IP: s=10.1.1.2 (FastEthernet0/0), d=224.0.0.10, len 60, rcvd 2,
proto=88
07A00700:
0100 5E00000A
..^...
07A00710: C0010E68 00000800 45C0003C 00000000 @..h....E@.<....

07A00720: 0158CD9D 0A010102 E000000A 0205EEB8 .XM.....`.....n8
07A00730: 00000000 00000000 00000000 00000014 ................
07A00740: 0001000C 01000100 0000000F 00040008 ................
07A00750: 0C040102
....
....
Notice :E000000A is the equivalent in decimal of 224.0.0.10
E0=224, 00=0, 00=0, A=10
Looks now at Hexa number 00000014 and notice the last two numbers in
hexa which are 14 and convert this back to decimal ,we find 00001 00100 in
binary which is equal to 20 in decimal(16+4=20).
So the correct AS configured on the remote neighbor R2 is 20, so there is a

mismatch of AS number which prevent adjacencies.
Let's verify:
R1(config)#no router eigrp 1
R1(config-router)#no auto-summary
*Mar 1 01:03:01.367: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 20: Neighbor 10.1.1.2
(FastEthernet0/0) is up: new adjacency
Now we have adjacencies as shown by the following output:

R1(config-router)#do show ip eigrp nei
H Address
Interface
(sec)
0 10.1.1.2
Fa0/0
(ms)
Cnt Num
11 00:00:41 72 432 0 4
Case 2 k values mismatch:

By default, k1=k3=1 and k2=k4=k5=0 where K1 = Bandwidth K2 = Load K3
= Delay K4 = Reliability K5 = MTU (eigrp by default use two parameters to
calculate the metric , the bandwith K1 and the delay K3).
Now let's looks the adjacencies on R1, we have still no access to R2,we lose
the adjacencies as show by the following output.

We will do the same debug:

R1#debug ip packet 100 detail dump
IP packet debugging is on (detailed) (dump) for access list 100
R1#
*Mar 1 01:21:33.851: IP: s=10.1.1.2 (FastEthernet0/0), d=224.0.0.10, len 60, rcvd 2,
proto=88
07DCADA0:
0100 5E00000A
..^...
07DCADB0: C0010E68 00000800 45C0003C 00000000 @..h....E@.<....

07DCADC0: 0158CD9D 0A010102 E000000A 0205EEB7 .XM.....`.....n7
07DCADD0: 00000000 00000000 00000000 00000014 ................
07DCADE0: 0001000C 00000101 0100000F 00040008 ................
07DCADF0: 0C040102
...
Looks now at the whole hexa character 00000101 and the two first numbers
of the hexa character 0100000F,two" digits in hexa represents one K value
let's convert each two digits to decimal:
00 -> 0 -> K1
00 -> 0 -> K2
01 -> 1 -> K3
01 -> 1 -> K4
01 -> 1 -> K5
let's configure these values :K1=0,K2=0,K3=1,K4=1,K5=1 on R1:

R1(config-router)#metric weights 0 0 0 1 1 1
Now we have adjacencies between R1 and R2 because now both routers use
the same K-Values:
H Address
Interface
(sec)
0 10.1.1.2
Fa0/0

(ms)
Cnt Num
13 00:00:38 58 348 0 7
Lab 27: EIGRP redisstribution between two AS and the nexthop field
For EIGRP we will use Unicast packets instead of Multicast packets to

establish the adjacencies:
R1(config)#router eirgp 1024
R1(config-router)#neighbor 150.1.1.3 fastethernet 0/0




Configure and advertise the following subnets via EIGRP with the
requirements below:
1. R2: Loopback192 - 192.1.1.1/32: Redistribution Metric 100000 1000 255
1 1500
2. R2: Loopback193 - 193.1.1.1/32: Redistribution Metric 10000 500 255 1
1500
R2(config)#route-map LOOPBACK permit 10
R2(config-route-map)#match interface loopback 192
R2(config-route-map)#set metric 100000 1000 255 1 1500
R2(config-router)#redistribute connected route-map LOOPBACK
1. R3: Loopback12 - 12.1.1.1/32: Redistribution Metric 30000 300 255 1

1500
2. R3: Loopback13 - 13.1.1./32: Redistribution Metric 40000 400 255 1
1500
R3(config-router)#redistribute connected route-map LOOPBACK
1.
R4: Loopback12 - 12.1.1.1/32: Redistribution Metric - Default
2.
R4: Loopback13 - 13.1.1.1/32: Redistribution Metric - Default
R4(config-if)#exit
R4(config-router)#redistribute connected
R1 Redistributes between EIGRP 1024 and EIGRP 2048:

Let's look the routing table of each router :

R2(config-route-map)#do show ip route eigrp
D EX

D EX

D EX

D EX

D EX
D EX
We can deduce that the next-hop for each subnet in each router is always
R1 (150.1.1.1), because EIGRP set the next-hop field to 0.0.0.0 so R1 when
redistributing between the TWO eigrp as it leaves the next-hop field to
0.0.0.0 which tell to the other routers: use the router sendig the update as
the next-hop,remember the FA in OSPF when it is set to 0.0.0.0 by an ASBR
meaning use the ASBR as the next-hop.
To override the this extra-hop and route the packet more efiiciently, we
must change the next-hop field by configuring the ip next-hop-self
command on R1:
Let' verify the routing table:

Now on R2 the next-hop to reach the loopback interfaces of R3 is the router
R3 (150.1.1.3)
R2(config-route-map)#do show ip route eigrp
D EX

D EX
Here the next-hop to reach the loopback interfaces of R2 on both R3 and R4

is the router R2(150.1.1.2):
D EX

D EX

D EX

D EX
Now we will configure on R4 so that the router installs only routes with a
metric located between 500 000 and 600 000.
The routing table of R4 show the prefix 193.1.1.1/32 with the metric 435200
and the prefix 192.1.1.1/32 with the metric 563200.
to do this requirement so that only routes with a metric between 500,000
and 600,000 are installed on R4 we configure a route-map and we specify
the metric range with the match metric command,we will use the command
match metric 550 000 +- 50000 under the route-map which tells the router
to match the routes with a metric that is 50000 less than 550 000 (500 000)
or 50000 more than 550 000 (600 000) :
R4(config)#route-map EIGRP-FILTER permit 10
R4(config-route-map)#match metric 550000 +- 50000
R4(config)#route-map EIGRP-FILTER deny 20
R4(config-router)#distribute-list route-map EIGRP-FILTER in
Now notice the subnet 193.1.1.1/32 is filtered and not installed in the
routing table of R4 because this metric (435200) is outside the permitted
range of 500,000 to 600,000:
D EX
I tried to see the next-hop field in eigrp which is by default 0.0.0.0 with
wireshark without success but there is another way to see it but not
directly
D EX 192.168.1.0/24 [170/2560025856] via 10.1.1.2, 00:00:40, FastEthernet0/0
the show ip eigrp topology 192.168.1.0 shown that the eigrp packet is
received from R2 (10.1.1.2) and the section: 10.1.1.2 (FastEthernet0/0)
means the next-hop to reach 192.168.1.0 ,it is the same ,the sender of the
update is considered the next-hop ,since it the same we can deduce that R2
set the next-hop field in its update to 0.0.0.0 the section in the show ip
eigrp topology:
R1#show ip eigrp topology 192.168.1.0
Vector metric:
Load is 1/255
Minimum MTU is 1
Hop count is 1
External data:
External protocol is RIP, external metric is 1
To modify the next-hop in R1 in order to reach 192.168.1.0 directly via R3

the following command is the solution:
R2(config-router)#int fa0/0

D EX 192.168.1.0/24 [170/2560025856] via 10.1.1.3, 00:00:59, FastEthernet0/0
below we can see that the packet eigrp for the routing update is received
from 10.1.1.2 and the next-hop is 10.1.1.3 thus we can deduce that the
next-hop field is set to 10.1.1.3:
R1#show ip eigrp topology 192.168.1.0
Vector metric:
Load is 1/255
Minimum MTU is 1
Hop count is 1
External data:
The lab posted previously (next-hop field EIGRP over IPv4) shows how the
next-hop field EIGRP influences the path selection in ethernet segment over
IPv4 ,i am curious to see if the behavior is the same with IPV6,thus i did
some labs to understand in depth ,let's go:
R2 redistributes between RIPng and EIGRP,the show ipv6 route eigrp
command shown that the next-hop to reach 3:3:3:3::/64 is the link-local
address of R2 ,the show ipv int br confirms the result ,so we have the same
behavior with eigrp over IPv4:
R1#show ipv6 route EIGRP
EX 3:3:3:3::/64 [170/2560025856]
via FE80::C00A:DFF:FE54:0, FastEthernet0/0
R2(config-rtr)#do show ipv int br

FastEthernet0/0
[up/up]
FE80::C00A:DFF:FE54:0
1 10::2 96 msec 168 msec 124 msec
2 3:3:3:3::3 260 msec 292 msec 188 msec
Here we can see that the next-hop and the sender of the update EIGRP are
the same link-local address shown earlier meaning that the next-hop field is
set zero ,notice 0.0.0.0 is for IPv4 so for IPv6 the next-hop field is set to
(::):
R1#show ipv6 eigrp topology 3:3:3:3::/64

IPv6-EIGRP (AS 1): Topology entry for 3:3:3:3::/64
FE80::C00A:DFF:FE54:0 (FastEthernet0/0), from FE80::C00A:DFF:FE54:0, Send flag is
0x0
Vector metric:
Load is 1/255
Minimum MTU is 1
Hop count is 1
External data:
now we will configure no ipv6 next-hop-self eigrp 1 command in R2:

R2(config-if)#no ipv6 next-hop-self eigrp 1
the next-hop to reach 3:3:3:3::/64 is FE80::C00B:8FF:FEAC:0 which is the

link-local address of R3's Fa0/0 as shown below with show ipv int br
command on R3,so also EIGRP over IPv6 has the same behavior than EIGRP
over Ipv4 when changing the next-hop field to avoid the extra-hop routing:
R1#show ipv6 route EIGRP
EX 3:3:3:3::/64 [170/2560025856]
via FE80::C00B:8FF:FEAC:0, FastEthernet0/0
R3(config-if)#do show ipv int br

FastEthernet0/0
[up/up]
FE80::C00B:8FF:FEAC:0
10::3
FastEthernet0/1
Loopback0
[administratively down/down]
[up/up]
FE80::C00B:8FF:FEAC:0
3:3:3:3::3
R3(config-if)#
the path is going through R3 directly

1 3:3:3:3::3 204 msec 140 msec 100 msec
Let's look the following output ,like with eigrp over IPv4 ,here we have two
Link-local address ,one for the next-hop which is R3
FE80::C00B:8FF:FEAC:0,and another represents the router which send the
update R2 FE80::C00A:DFF:FE54:0:
R1#show ipv6 eigrp topology 3:3:3:3::/64
IPv6-EIGRP (AS 1): Topology entry for 3:3:3:3::/64
FE80::C00B:8FF:FEAC:0 (FastEthernet0/0), from FE80::C00A:DFF:FE54:0, Send flag is
0x0
Vector metric:
Load is 1/255
Minimum MTU is 1
Hop count is 1
External data:
Lab 30: Next-Hop Field in OSPFv2 and OSPFv3
Case with OSPFv2:

Only R1 and R2 are running OSPFv2
R2 redistributes a static route toward 192.168.1.0 into ospf:
router ospf 1
redistribute static subnet
!
ip route 192.168.1.0 255.255.255.0 10.1.1.3
let's look the routing table on R1:

The next-hop listed in the route is 10.1.1.3 ,the ip address of R3

Why?
because if we check the LSA Type 5 for the subnet 192.168.1.0 advertised
by R2 the ASBR,we can see that the FA set in this LSA is 10.1.1.3:
R1#show ip ospf database external | include Forward Address
so OSPFv2 uses the Forward Address field set in the Type-5 LSA external in
order to forward the packet efficiently thus avoiding the extra hop
let's confirm the behavior:
1 10.1.1.3 100 msec * 52 msec
we can see that the packet from R1 and toward 192.168.1.3 is sent directly
to R3 without passing via R2.
Case with OSPFv3

Now what happen with OSPFv3
let's look the scenario where R4 and R5 are running OSPFv3:
we configure a static route in R5 toward 6:6:6:6::/64 loopback s'inter of R6:
R5(config)#ipv6 route 6:6:6:6::/64 10:10:10:10::6
R5(config-rtr)#redistribute static
let's look the routing table of R4:

OE2 6:6:6:6::/64 [110/20]
via FE80::C20A:13FF:FE94:0, FastEthernet0/0
the next-hop is FE80::C20A:13FF:FE94:0,(with OSPFv3 the next-hop address

is the link-local address of the next router).
so we can verify if the next-hop toward 6:6:6:6::/64 is the link-local address
of R5
R5#show ipv6 inter br
FastEthernet0/0
[up/up]
FE80::C20A:13FF:FE94:0
10:10:10:10::5
FastEthernet0/1
[administratively down/down]
yes it's the link-local address of R5 for the interface fa0/0

to reach the external route 6:6:6:6::/64 ,the packet from R4 is going
through R5 the ASBR 10:10:10:10::5:
1 10:10:10:10::5 36 msec 32 msec 28 msec
2 6:6:6:6::6 60 msec 36 msec 56 msec
so because in OSPFv3 the next-hop used is the link-local address of the

next router which has sense only locally thus the FA in OSPFv3 is
useless,there is no need to set the FA in the LSA Type 5 ,we can verify the
absence of the Forwarding Address with the following command:
LS age: 524
Link State ID: 0

Checksum: 0xD2BD
Length: 36
Metric: 20
Lab 31: BGP LOCAL_PREF attribute Lab
Requirements:
-Configure EIGRP AS 4567 on R4, R5, R6 and R7 and advertise
10.100.1.0/29 and loopback 0 subnets:
R4:
router eigrp 4567
network 4.4.4.4 0.0.0.0
network 10.100.1.0 0.0.0.7
R5:
router eigrp 4567
network 5.5.5.5 0.0.0.0
network 10.100.1.0 0.0.0.7
R6:
router eigrp 4567
network 6.6.6.6 0.0.0.0
network 10.100.1.0 0.0.0.7
R7:
router eigrp 4567
network 7.7.7.7 0.0.0.0
network 10.100.1.0 0.0.0.7
-Configure iBGP in AS 4567, use loopback 0 interface for peering and use
peer group configuration and Configure eBGP between AS 4567 and AS 2
and AS 3,Configure eBGP between AS 2 and AS 1,Configure eBGP between
AS 3 and AS 1,Advertise 1.0.0.0/8 and 2.0.0.0/8 subnets in BGP:
R4:
router bgp 4567
network 10.100.1.0 mask 255.255.255.248
neighbor INTERNAL peer-group
neighbor INTERNAL remote-as 4567
neighbor INTERNAL update-source Loopback0
neighbor INTERNAL next-hop-self
neighbor 5.5.5.5 peer-group INTERNAL
neighbor 24.0.0.2 remote-as 2
R5:
router bgp 4567
network 10.100.1.0 mask 255.255.255.248

neighbor INTERNAL next-hop-self
R6:
router bgp 4567
R7:
router bgp 4567
R1:
router bgp 1
network 1.0.0.0
network 2.0.0.0
R2:
router bgp 2
R3:
router bgp 3
Let's verify the peer-group and see the current members,notice the line
where the router-id of R5 ,R6 and R7 are displayed which are the members
of the peer-group:
R4#sh ip bgp peer-group INTERNAL
BGP peer-group is INTERNAL, remote AS 4567
BGP version 4
Default minimum time between advertisement runs is 0 seconds
For address family: IPv4 Unicast

BGP neighbor is INTERNAL, peer-group internal, members:
5.5.5.5 6.6.6.6 7.7.7.7
Index 0, Offset 0, Mask 0x0
NEXT_HOP is always this router
Update messages formatted 0, replicated 0
Number of NLRIs in the update sent: max 0, min 0
peer groups is used for less processing power

Let's verify the adjacencies:
R1(config-router)#do show ip bgp sum
BGP router identifier 2.0.0.1, local AS number 1
BGP table version is 6, main routing table version 6
3 network entries using 351 bytes of memory
4 path entries using 208 bytes of memory
4/2 BGP path/bestpath attribute entries using 496 bytes of memory
2 BGP AS-PATH entries using 48 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1103 total bytes of memory
BGP activity 3/0 prefixes, 4/0 paths, scan interval 60 secs
Neighbor
AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
12.0.0.2
0 00:01:33
13.0.0.3
0 00:00:34
R1(config-router)#

Neighbor
5.5.5.5
4 4567
11
11
0 00:06:58
6.6.6.6
4 4567
10
12
0 00:07:05
7.7.7.7
4 4567
10
12
0 00:06:27
24.0.0.2
0 00:01:55

Neighbor
4.4.4.4
4 4567
12
10
0 00:06:47
5.5.5.5
4 4567
12
10
0 00:07:08
6.6.6.6
4 4567
0 00:06:56
-Ensure AS 4567 will use the link between R3-R5 towards network
2.0.0.0/8. Use LOCAL_PREF only.
Before configuring the Local-Pref ,let's use a traceroute on R6 and R7
toward 2.0.0.1:
We can see that the packet goes through R4--R2:
1 10.100.1.4 72 msec 24 msec 24 msec
2 24.0.0.2 60 msec 28 msec 80 msec
3 12.0.0.1 96 msec * 96 msec
R6#
R7(config-router)#do traceroute 2.0.0.1

1 10.100.1.4 56 msec 56 msec 12 msec
2 24.0.0.2 52 msec 48 msec 32 msec
3 12.0.0.1 84 msec * 108 msec
R7(config-router)
Let's look now the RIB of R6 and R7:

Notice that the best route to reach 2.0.0.0/24 is via R4 (4.4.4.4) denoted by
" *>i " on both R6 and R7:
R6#show ip bgp
BGP table version is 5, local router ID is 6.6.6.6
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network
* i1.0.0.0
*>i
* i2.0.0.0
*>i
Next Hop
Metric LocPrf Weight Path
5.5.5.5
4.4.4.4
0
0
5.5.5.5
4.4.4.4
100
0
100
100
100
031i
021i
031i
021i
r i10.100.1.0/29
r>i
5.5.5.5
4.4.4.4
0
0
100
100
0i
0i
R7(config-router)#do show ip bgp

Network
* i1.0.0.0
*>i
* i2.0.0.0
*>i
Next Hop
5.5.5.5
4.4.4.4
0
0
5.5.5.5
4.4.4.4
r i10.100.1.0/29
r>i
100
0
5.5.5.5
4.4.4.4
100
021i
100
100
0
031i
031i
021i
100
100
0i
0i
To ensure that the traffic goes through R5--R3 we will tell to R5 to advertise
into BGP AS 4567 the prefix 2.0.0.0/24 with a better(higher) localpreference than R4 as follow by default the Local-Pref is equal to 100:
router bgp 4567
neighbor 35.0.0.3 route-map RM_LOC_PREF in
!
ip prefix-list NET-2 seq 5 permit 2.0.0.0/8
!
route-map RM_LOC_PREF permit 10
match ip address prefix-list NET-2
set local-preference 200
!
Let's look the RIB of R6 and R7:

Notice the best route now toward 2.0.0.0/24 on both R6 and R7 is via
R5(5.5.5.5) because the better(higher) Local-Preference 200 :
R6#show ip bgp
Network
* i1.0.0.0
*>i
Next Hop
5.5.5.5
4.4.4.4
*>i2.0.0.0
0
0
5.5.5.5
r i10.100.1.0/29
r>i

100
100
0
5.5.5.5
4.4.4.4
031i
200
0
021i
031i
100
100
0i
0i
R7(config)#do show ip bgp

Network
* i1.0.0.0
*>i
Next Hop
5.5.5.5
4.4.4.4
*>i2.0.0.0
0
0
5.5.5.5
r i10.100.1.0/29
r>i
100
0
5.5.5.5
4.4.4.4
100
021i
200
0
031i
100
031i
100
0i
0i
The traceroute shown that the packet goes through R5--R3 to reach
2.0.0.0/24:
1 10.100.1.5 76 msec 108 msec 20 msec
2 35.0.0.3 100 msec 120 msec 32 msec
3 13.0.0.1 148 msec * 176 msec
R6#
R7(config)#do traceroute 2.0.0.1

1 10.100.1.5 68 msec 136 msec 28 msec
2 35.0.0.3 112 msec 76 msec 36 msec
3 13.0.0.1 180 msec * 204 msec
-Ensure AS 4567 will use the link between R2-R4 towards network
1.0.0.0/8. Use LOCAL_PREF only.
we will do the same method on R4:
we will tell to R4 to advertise into BGP AS 4567 the prefix 1.0.0.0/24 with a
better(higher) local-preference than R4 as follow,by default the Local-Pref
is equal to 100:
router bgp 4567
neighbor 24.0.0.2 route-map RM_LOC_PREF in
no auto-summary
!
ip prefix-list NET-1 seq 5 permit 1.0.0.0/8
!
match ip address prefix-list NET-1

!
Notice the best path to reach 1.0.0.0/24 is via R4 on both R6 and R7

because the better(higher) Local-Preference 200 :
R6#show ip bgp
Network
Next Hop
*>i1.0.0.0
4.4.4.4
200
021i
*>i2.0.0.0
5.5.5.5
200
031i
r>i10.100.1.0/29
ri
4.4.4.4
5.5.5.5
100
100
0i
0i

Network
Next Hop
*>i1.0.0.0
4.4.4.4
200
021i
*>i2.0.0.0
5.5.5.5
200
031i
r>i10.100.1.0/29
ri
4.4.4.4
5.5.5.5
100
100
0i
0i
Notice:you must enter the clear ip bgp * command to reset the bgp
neighbors relationship when configuring the Local-Preference to take
effect.
Lab 32: BGP infuencing the path using MED and Prepend
We will Use the Loopback 0 addresses for peering. and static routes only
instead of IGP as shown in the topology.
The attached LAN subnets addresses in each router should be advertised
via BGP and appear with an ORIGIN code of INCOMPLETE in the BGP RIBs
We will redistribute the LAN subnet into BGP ,same sequence of commands
must be entered in each router:
R1(config)#route-map CONNECTED permit 10
R1(config-route-map)#match interface fastethernet 0/0
R1(config)#route-map CONNECTED deny 20
R1(config)#router bgp 1
R1(config-router)#redistribute connected route-map CONNECTED
we can verify with the show ip bgp command and notice the question mark
at the end of each line which means that the origin is incomplete

Network
Next Hop
* 150.1.1.0/24
*>
4.4.4.4
0.0.0.0
*> 150.2.2.0/24
* 150.3.3.0/24
*>

0
0
2.2.2.2
04?
32768 ?
02?
4.4.4.4
043?
2.2.2.2
023?
R2(config-if)#do show ip bgp

Network
Next Hop
* 150.1.1.0/24
*>
3.3.3.3
1.1.1.1
034?
0
01?
*> 150.2.2.0/24
0.0.0.0
*> 150.3.3.0/24
3.3.3.3
32768 ?
03?

Network
Next Hop
*> 150.1.1.0/24
*
4.4.4.4
2.2.2.2
* 150.2.2.0/24
*>
021?
4.4.4.4
2.2.2.2
*> 150.3.3.0/24
04?
0412?
0
0.0.0.0
02?
0
32768 ?

Network
Next Hop
*> 150.1.1.0/24
*
*>
0
0
3.3.3.3
01?
012?
1.1.1.1
3.3.3.3
32768 ?
032?
1.1.1.1
* 150.3.3.0/24
*>
0.0.0.0
1.1.1.1
* 150.2.2.0/24
0123?
0
03?
we Configure BGP, so that R4 prefers the path via R3 to reach any subnet
In the output of the show ip bgp command on R4 we can see that the
preferred route to reach 150.3.3.0 is via R3, however the preferred route
to reach 150.2.2.0 is via R1(the lowest router-id) ,also, to ensure that the
subnet 150.1.1.0 will be reached via R3 , we will configure BGP on R1 to
advertise all prefixes with a longer AS-PATH to influence the path selection
as follow:
R1(config)#route-map PREP permit 10
R1(config-route-map)#set as-path prepend 1 1 1 1
R1(config-router)#neighbor 4.4.4.4 route-map PREP out

Notice now the preferred path to reach both prefixes 150.3.3.0 and
150.2.2.0 is via R3 with the next-hop 3.3.3.3 because the shortest AS-PATH
length:
Network
Next Hop
* 150.1.1.0/24
*>
1.1.1.1
0.0.0.0
* 150.2.2.0/24
*>

0
0
32768 ?
1.1.1.1
0111112?
3.3.3.3
*> 150.3.3.0/24
011111?
3.3.3.3
032?
0
03?
-Ensure that R3 prefers all routes from R2 using MED:

before configuring the MED let's verify the BGP RIBs on R3:
the preferred path to reach the prefix 150.1.1.0 is via R4, we should see all
routes with the next-hop R2:
Network
* 150.1.1.0/24
Next Hop
2.2.2.2

021?
*>
4.4.4.4
04?
*> 150.2.2.0/24
2.2.2.2
*> 150.3.3.0/24
0.0.0.0
02?
32768 ?
Let's configure MED on R3:

R4(config)#route-map MED permit 10
R4(config-route-map)#set metric 4
R4(config-router)#neighbor 3.3.3.3 route-map MED out
R2(config)#route-map MED permit 10

R2(config-route-map)#set metric 2
R2(config-router)#neighbor 3.3.3.3 route-map MED out
Let's verify the BGP RIBs of R3:

we have still the best path to reach 150.1.1.0 via R4 as shown by the show
ip bgp command on R3 below, so the problem is not resilved even if R2
advertises the lowest MED comparing with R4.
the reason is : we met two issues in this case :
-the first issue is:by default, the MED is only compared for path received
from the same AS ,in this case R3 receives two values of MED from two
routers (R2 and R4) configured in different AS.
-The second issue :the MED is compared after the AS-PATH in the BGP
decision process. In this case R3 will select the path via R4 as the best path
to the 150.1.1.0/24 prefix because of the shorter AS-PATH length.

Network
Next Hop
*> 150.1.1.0/24
*
4.4.4.4
2.2.2.2
4
2
04?
021?
*> 150.2.2.0/24
2.2.2.2
*> 150.3.3.0/24
0.0.0.0
02?
32768 ?
R3(config)#
To override the two issues we will configure bgp always-compare-med

command to aviod the first issue so always compare the MED even if MED is
received from Different AS. and bgp bestpath as-path ignore command to
avoid the second issue so that R3 override the BGP decision process by
ignoring the step of the AS-PATH in the BGP Decision Process:
Let's configure these two commands:
R3(config-router)#bgp bestpath as-path ignore
R3(config-router)#bgp always-compare-med
We can see for the prefix 150.1.1.0 that the path with the longer AS-PATH
length is preferred because the lowest MED even if the AS-PATH takes
precedence over the MED in the order of the path selection in BGP:
R3(config)#do show ip bgp 150.1.1.0 255.255.255.0
BGP routing table entry for 150.1.1.0/24, version 2
Paths: (2 available, best #2, table Default-IP-Routing-Table)
Flag: 0x820
Advertised to update-groups:
1
4
4.4.4.4 from 4.4.4.4 (4.4.4.4)
Origin incomplete, metric 4, localpref 100, valid, external

21
2.2.2.2 from 2.2.2.2 (195.1.1.1)
Origin incomplete, metric 2, localpref 100, valid, external, best
Another way to verify all BGP RIBs with do show ip bgp, R3 prefers all
routes from R2 because the lowest MED:
Network
Next Hop
* 150.1.1.0/24
*>
*>
4.4.4.4
2.2.2.2
* 150.2.2.0/24

4
2
4.4.4.4
2.2.2.2
*> 150.3.3.0/24
0.0.0.0
04?
021?
4
2
04111112?
02?
R3(config-router)#
Lab 33: Lab BGP path control
32768 ?
AS 65504, AS 65503 and AS 65502 are configured with AS 5 confederation

as shown in the topology.
The best path to reach 150.1.1.0 from R2 is via R3 through the AS 5
confederation as shown by the followong output in the section confedexternal, best:
R2#show ip bgp 150.1.1.0 255.255.255.0
2
(65503 65504)
10.0.0.10 from 10.0.0.10 (3.3.3.3)
Origin IGP, metric 0, localpref 100, valid, confed-external, best
254
10.0.0.1 from 10.0.0.1 (1.1.1.1)
Origin IGP, metric 0, localpref 100, valid, external
The best path to reach 150.1.1.0 from R3 is via R4 as shown by the

followong output in the section confed-external, best:
R3#show ip bgp 150.1.1.0 255.255.255.0
12
(65504)
10.0.0.14 from 10.0.0.14 (4.4.4.4)
Origin IGP, metric 0, localpref 100, valid, confed-external, best
254
10.0.0.5 from 10.0.0.5 (1.1.1.1)
Origin IGP, metric 0, localpref 100, valid, external
To ensure that that R2 and R3 prefer the path via R1 to reach the
150.1.1.0/24 prefix:
we will increase the weight for the prefix 150.1.1.0/24 learned from R1 on
both R2 and R3 as follow:
R2(config-router)#neighbor 10.0.0.1 route-map weight-R1 in
R2(config-router)#ip prefix-list NET-R1 seq 5 permit 150.1.1.0/24
R2(config)#route-map weight-R1 permit 10
R2(config-route-map)# match ip address prefix-list NET-R1
R2(config-route-map)# set weight 1000
R2(config-route-map)#route-map weight-R1 permit 20

R3(config-router)#neighbor 10.0.0.5 route-map weight-R1 in
R3(config-router)#ip prefix-list NET-R1 seq 5 permit 150.1.1.0/24
R3(config)#route-map weight-R1 permit 10
R3(config-route-map)# set weight 1000
R3(config-route-map)#
R3(config-route-map)#route-map weight-R1 permit 20
let's verify the result after clearing the bgp neighbors:

R2(config-route-map)#do clear ip bgp *
R3(config-route-map)#do clear ip bgp *
Both R2 and R3 prefer the path through R1(10.0.0.1):

R2(config-route-map)#do show ip bgp 150.1.1.0 255.255.255.0
Flag: 0x820
1
(65503) 254
10.0.0.10 from 10.0.0.10 (3.3.3.3)
Origin IGP, metric 0, localpref 100, valid, confed-external
254
10.0.0.1 from 10.0.0.1 (1.1.1.1)
Origin IGP, metric 0, localpref 100, weight 1000, valid, external, best
R3(config-route-map)#do show ip bgp 150.1.1.0 255.255.255.0

Flag: 0x820
1
(65502) 254
10.0.0.9 from 10.0.0.9 (2.2.2.2)
(65504)
10.0.0.14 from 10.0.0.14 (4.4.4.4)
254
10.0.0.5 from 10.0.0.5 (1.1.1.1)
Origin IGP, metric 0, localpref 100, weight 1000, valid, external, best
let's look the path from R1 to reach 150.3.3.0/24 ,there are three valid
routes but the path through R3(10.0.0.6) is the best, we can influence the
path selection by manipulating the ORIGIN, IGP is preferred over EGP and
EGP is preferred than incomplete,notice in the following output the origin
of the tree path is IGP:
R1#show ip bgp 150.3.3.0 255.255.255.0

1
5
150.1.1.4 from 150.1.1.4 (4.4.4.4)
Origin IGP, localpref 100, valid, external
5
10.0.0.2 from 10.0.0.2 (2.2.2.2)
Origin IGP, localpref 100, valid, external
5
10.0.0.6 from 10.0.0.6 (3.3.3.3)
Origin IGP, metric 0, localpref 100, valid, external, best
the challenge is :we want that R1 prefers the path through R2(10.0.0.2)
R3 will set the origin of 150.3.3.0 as incomplete and R4 advertises the
prefix 150.3.3.0 as EGP ,R1 when it receive three routes toward 150.3.3.0
,from R2 R3 and R4, R2 advertises this routes with the origin IGP which is
preferred over incomplete and EGP:
R3(config)#ip prefix-list NET-R3 seq 5 permit 150.3.3.0/24
R3(config)#route-map ORIGIN permit 10
R3(config-route-map)# set origin incomplete
R3(config-route-map)#
R3(config-route-map)#route-map ORIGIN permit 20
R3(config-route-map)#router bgp 65503
R3(config-router)#neighbor 10.0.0.5 route-map ORIGIN out
R4(config)#ip prefix-list NET-R4 seq 5 permit 150.3.3.0/24

R4(config)#route-map ORIGIN permit 10

R4(config-route-map)# set origin egp 1
R4(config-route-map)#router bgp 65504
R4(config-router)#neighbor 150.1.1.1 route-map ORIGIN out
R4(config-router)#
we can confirm the result by the following output which shown that the
preferred route is via R2(10.0.0.2) ,notice the origin is displayed for the
prefix 150.3.3.0/24,R2 as IGP ,R4 as EGP and R3 as incomplete:
R1#show ip bgp 150.3.3.0 255.255.255.0
Flag: 0x820
1
5
150.1.1.4 from 150.1.1.4 (4.4.4.4)
Origin EGP, localpref 100, valid, external
5
10.0.0.2 from 10.0.0.2 (2.2.2.2)
Origin IGP, localpref 100, valid, external, best
5
10.0.0.6 from 10.0.0.6 (3.3.3.3)
Origin incomplete, metric 0, localpref 100, valid, external
Lab 34: BGP Lab Case Study
Requirements:
1. Use the addressing scheme shown in the diagram.
2. Configure the ITA network to be in EIGRP AS 65001.
R1:
router eigrp 65001
network 10.0.0.0
network 192.168.14.0
no auto-summary
R2:
router eigrp 65001
network 10.0.0.0
no auto-summary
R3:
router eigrp 65001
network 10.0.0.0
network 192.168.34.0
no auto-summary
3. Configure the TDP network to be in EIGRP AS 65002.

R5:
router eigrp 65002

network 172.16.0.0
network 192.168.14.0
network 192.168.34.0
no auto-summary
4. Disable automatic summarization in both EIGRP domains.

done above with no auto-summary
5. Configure the ITA network to be in BGP AS 65001, and the TDP network
to be in BGP AS 65002.
R1:
router bgp 65001
R2:
router bgp 65001
R3:
router bgp 65001
R5
router bgp 65002
6. Advertise the 192.168.14.0/30 and 192.168.34.0/30 networks in both

EIGRP autonomous systems.
Done above.
7. Configure the interfaces on the border routers between the two EIGRP
autonomous systems, so they do not send EIGRP packets.
R5:
router eigrp 65002
passive-interface FastEthernet0/0
passive-interface Serial0/0
R3:
router eigrp 65001
passive-interface Serial0/2
8. All routers will be participating in BGP. Configure all routers for a full
mesh of IBGP peers in each system.
R1:
router bgp 65001
no synchronization
neighbor 10.2.2.2 update-source Loopback1
no auto-summary
R2:
router bgp 65001
no synchronization
neighbor 10.1.1.1 update-source Loopback2
no auto-summary
R3:
router bgp 65001
no synchronization

no auto-summary
R5
router bgp 65002
no synchronization
no auto-summary
9. Peer R1 and R2 using loopback addresses, not their directly connected

interfaces.
10. Advertise all loopback interfaces into the BGP process, except on R2,
where the only loopback advertised should be loopback 2.
R1:
router bgp 65001
no synchronization
network 10.1.1.0 mask 255.255.255.0
R2:
router bgp 65001
no synchronization
network 10.2.2.0 mask 255.255.255.0
R3:
router bgp 65001
no synchronization
network 10.3.3.0 mask 255.255.255.0
R5:
router bgp 65002
no synchronization
network 172.16.0.0 mask 255.255.252.0
network 172.16.4.0 mask 255.255.252.0
network 172.16.8.0 mask 255.255.252.0
network 172.16.12.0 mask 255.255.252.0
11. On R2, create a static summary route for the rest of its loopback
interfaces and advertise this static route in BGP.
R2:
router bgp 65001
network 10.20.0.0 mask 255.255.252.0
!
ip route 10.20.0.0 255.255.252.0 Null0
12. R5 should send a summary route to ITA representing all the R5 loopback
interfaces.
R5:
router bgp 65002
aggregate-address 172.16.0.0 255.255.240.0 summary-only

Network Next Hop Metric LocPrf Weight Path

* 10.1.1.0/24 192.168.34.1 0 65001 i
*> 192.168.14.1 0 0 65001 i

* 10.2.2.0/24 192.168.14.1 0 65001 i
*> 192.168.34.1 0 65001 i
* 10.3.3.0/24 192.168.14.1 0 65001 i
*> 192.168.34.1 0 0 65001 i
* 10.20.0.0/22 192.168.14.1 0 65001 i
*> 192.168.34.1 0 65001 i
s> 172.16.0.0/22 0.0.0.0 0 32768 i
*> 172.16.0.0/20 0.0.0.0 32768 i
s> 172.16.4.0/22 0.0.0.0 0 32768 i
s> 172.16.8.0/22 0.0.0.0 0 32768 i
s> 172.16.12.0/22 0.0.0.0 0 32768 i
Notice in the show ip bgp command on R4 the letter "S" for the four
loopback interfaces of R5,the reason is :when adding the summary-only
keyword in the aggregate-address command ,the summary-only keyword
tells to suppress the advertisement of the subset routes (the four loopback
interfaces) ,those routes are noted by the code "S" instead R5 advertises
the summary 172.16.0.0/20 which is noted by the code * meaning that this
route is valid and finally R2 in ITA networks receives only one route,the
summary 172.16.0.0/20 as shown by the followng output on R2:
R2#show ip bgp
Network Next Hop Metric LocPrf Weight Path

r>i10.1.1.0/24 10.1.1.1 0 100 0 i
*> 10.2.2.0/24 0.0.0.0 0 32768 i
r>i10.3.3.0/24 10.1.203.3 0 100 0 i
*> 10.20.0.0/22 0.0.0.0 0 32768 i
* i172.16.0.0/20 192.168.34.2 0 100 0 65002 i
*>i 192.168.14.2 0 100 0 65002 i
13. R5 should prefer the path to ITA networks via the Ethernet link between
R1 and R5. Accomplish this by modifying the MED advertised to TDP.
R1:
router bgp 65001
neighbor 192.168.14.2 route-map MED out
!
route-map MED permit 10
set metric 10
R3:
router bgp 65001
neighbor 192.168.34.2 route-map MED out
!
route-map MED permit 10
set metric 20
14. Routers in the ITA AS should prefer the path to TDP networks via the
Ethernet link between R1 and R5. Accomplish this by modifying the local
preference of routes being advertised in from TDP.
R1:
router bgp 65001
neighbor 192.168.14.2 route-map LOC-PREF in
!
route-map LOC-PREF permit 10
R3:
router bgp 65001
neighbor 192.168.34.2 route-map LOC-PREF in
!
route-map LOC-PREF permit 10
Now let's verify the path in both direction:

From TDP to ITA:
R4#traceroute 10.2.2.2 source 172.16.0.1
1 192.168.14.1 60 msec 36 msec 20 msec
2 10.1.102.2 40 msec * 36 msec
From ITA to TDP:

R2#traceroute 172.16.0.1 source 10.2.2.2
1 10.1.102.1 8 msec 8 msec 24 msec
2 192.168.14.2 92 msec * 44 msec
R3#trac 172.16.0.1 source 10.3.3.3

1 10.1.103.1 36 msec 40 msec 4 msec
2 192.168.14.2 52 msec * 64 msec
Lab 35: Redistribution Connected Routes
R2 redistributes between EIGRP and OSPF:

R2(config-router)#redistribute ospf 1 metric 1 1 1 1 1
R2(config-router)#router ospf 1
R2(config-router)# redistribute eigrp 1 su
R2(config-router)# redistribute eigrp 1 subnets
R3 redistributes between OSPF and RIP:

R3(config-router)# redistribute rip subnets
R3(config-router)#router rip
R3(config-router)# redistribute ospf 1 metric 5
Let's looks the routing table of R2 R1 and R3:

R2(config-router)#do show ip route eigr
R2(config-router)#
O E2
10.1.34.0 [110/20] via 10.1.23.3, 00:00:57, Serial0/0
R2(config-router)#
R1(config-router)#do show ip route eigr

D EX
10.1.23.0 [170/2560512256] via 10.1.12.2, 00:01:39, Serial0/1
D EX
10.1.34.0 [170/2560512256] via 10.1.12.2, 00:00:03, Serial0/1
R3(config-if)#do show ip route rip
R3(config-if)#
O E2
10.1.12.0 [110/20] via 10.1.23.2, 00:02:54, Serial0/0
R4(config-if)#do show ip route rip

R
10.1.12.0 [120/5] via 10.1.34.3, 00:00:14, Serial0/1
10.1.23.0 [120/1] via 10.1.34.3, 00:00:14, Serial0/1
R1 redistributes its connected loopback interface:

R1(config-router)# redistribute connected metric 1 1 1 1 1

Known via "rip", distance 120, metric 5
Redistributing via rip
R2 redistributes its connected loopback interface using route-map as

follow:
R2(config-router)#route-map CONNECTED permit 10
R2(config-route-map)#router eigrp 1
R2(config-router)#redistribute connected metric 1 1 1 1 1 route-map CONNECTED
R2(config-router)#redistribute connected subnets route-map CONNECTED
Notice that on R1 the subnet 10.1.23.0/24 disappears:

D EX
2.2.2.0 [170/2560512256] via 10.1.12.2, 00:02:18, Serial0/1

D EX
10.1.34.0 [170/2560512256] via 10.1.12.2, 00:07:47, Serial0/1
Also notice that the subnet 10.1.12.0/24 disappears on R4:

R4(config)#do show ip route rip
R
1.1.1.0 [120/5] via 10.1.34.3, 00:00:26, Serial0/1

2.2.2.0 [120/5] via 10.1.34.3, 00:00:26, Serial0/1

10.1.23.0 [120/1] via 10.1.34.3, 00:00:27, Serial0/1
The reason is that the route-map included in the redistribution on both R2

and R3 has the implicit deny clause sequence at the end that filters the
connected routes
(10.1.12.0 on R2 and 10.1.23.0 on R3).So the redistribution matches only
the loopback interface and deny all other routes.
Let's allow the connected serial subnet to be redistributed into EIGRP and
OSPF domains on R2 (S0/0 into EIGRP and S0/1 into OSPF):
R2(config-router)#route-map CONNECTED-EIGRP permit 10
R2(config-route-map)# match interface loopback 0
R2(config-route-map)#route-map CONNECTED-EIGRP permit 20
R2(config-route-map)# match interface Serial0/0

R2(config-route-map)#route-map CONNECTED-OSPF permit 10
R2(config-route-map)# match interface loopback 0
R2(config-route-map)# match interface Serial0/1
R2(config-route-map)#router eigrp 1
R2(config-router)#redistribute connected metric 1 1 1 1 1 route-map CONNECTEDEIGRP
R2(config-router)# redistribute connected subnets route-map CONNECTED-OSPF
Now the subnet 10.1.23.0/24 appears on R1:

R1(config)#do show ip route eigr
D EX
2.2.2.0 [170/2560512256] via 10.1.12.2, 00:22:13, Serial0/1

D EX
10.1.23.0 [170/2560512256] via 10.1.12.2, 00:01:01, Serial0/1
D EX
10.1.34.0 [170/2560512256] via 10.1.12.2, 00:27:41, Serial0/1
Also notice that the the subnet 10.1.12.0/24 appears on R4

R
1.1.1.0 [120/5] via 10.1.34.3, 00:00:00, Serial0/1

2.2.2.0 [120/5] via 10.1.34.3, 00:00:00, Serial0/1

10.1.12.0 [120/5] via 10.1.34.3, 00:00:00, Serial0/1
10.1.23.0 [120/1] via 10.1.34.3, 00:00:00, Serial0/1
R4(config)#
We will do the same thing on R3 but instead of using the matching interface
to include the serial connected route ,we will use the matching of an
access-list to
include the serial connected route on R3 to be redisributed into OSPF and
EIGRP(S0/0 into RIP and s0/1 into OSPF):
R3(config-if)#ip access-list standard Lo0
R3(config-std-nacl)# permit 3.3.3.0 0.0.0.255
R3(config-std-nacl)#!
R3(config-std-nacl)#ip access-list standard S0/1
R3(config-std-nacl)#ip access-list standard S0/0
R3(config-std-nacl)#route-map CONNECTED-OSPF permit 10
R3(config-route-map)# match ip address Lo0
R3(config-route-map)#!
R3(config-route-map)# match ip address S0/1
R3(config-route-map)#route-map CONNECTED-RIP permit 10
R3(config-route-map)# match ip address Lo0
R3(config-route-map)#route-map CONNECTED-RIP permit 20
R3(config-route-map)# match ip address S0/0
R3(config-route-map)#router ospf 1
R3(config-router)# redistribute connected subnets route-map CONNECTED-OSPF
R3(config-router)#!
R3(config-router)#router rip
R3(config-router)# redistribute connected metric 5 route-map CONNECTED-RIP
R3(config-router)#
Let's verify the routing table of R1:

D EX
2.2.2.0 [170/2560512256] via 10.1.12.2, 00:34:22, Serial0/1

D EX
3.3.3.0 [170/2560512256] via 10.1.12.2, 00:00:36, Serial0/1

D EX
10.1.23.0 [170/2560512256] via 10.1.12.2, 00:13:10, Serial0/1
D EX
10.1.34.0 [170/2560512256] via 10.1.12.2, 00:39:51, Serial0/1
R1(config)#

R
1.1.1.0 [120/5] via 10.1.34.3, 00:00:12, Serial0/1

2.2.2.0 [120/5] via 10.1.34.3, 00:00:12, Serial0/1

3.3.3.0 [120/5] via 10.1.34.3, 00:00:12, Serial0/1

10.1.12.0 [120/5] via 10.1.34.3, 00:00:12, Serial0/1
10.1.23.0 [120/1] via 10.1.34.3, 00:00:12, Serial0/1
It remain to redistribute only the loopback interface of R4 (4.4.4.4/24) to

complete the lab:
R1(config)#ip prefix-list CONNECTED-Lo0 seq 5 permit 4.4.4.0/24
R1(config-route-map)#match ip add
R1(config-route-map)#match ip address pre
R1(config-route-map)#match ip address prefix-list CONNECTED-Lo0

R1(config-route-map)#router rip
R1(config-router)#redistribute conn
R1(config-router)#redistribute connected me
R1(config-router)#redistribute connected metric 5 rou
R1(config-router)#redistribute connected metric 5 route-map CONNECTED

D EX
2.2.2.0 [170/2560512256] via 10.1.12.2, 00:42:22, Serial0/1

D EX
3.3.3.0 [170/2560512256] via 10.1.12.2, 00:08:36, Serial0/1

D EX
4.4.4.0 [170/2560512256] via 10.1.12.2, 00:00:17, Serial0/1

D EX
10.1.23.0 [170/2560512256] via 10.1.12.2, 00:21:10, Serial0/1
D EX
10.1.34.0 [170/2560512256] via 10.1.12.2, 00:47:51, Serial0/1
R1(config)#
We can verify the end to end connectivity:

R1(config)#do ping 4.4.4.4 so 1.1.1.1
!!!!!
R4(config-router)#do ping 1.1.1.1 so 4.4.4.4


!!!!!
R4(config-router)#
Lab 36: Two routing protocols with the same AD
Two routing protocols with the same AD:

R1 receives two routes for the same destination and originated from two
routing protocols (OSPF and EIGRP),it prefers the route learned from EIGRP
because the lower AD, 90 less than 110:
Now what happen if R1 received the two routes with the same AD?
R1(config-router)#distance ospf inter-area 100 intra-area 100
R1(config-router)#distance eigrp 100 170
The preferred route is still the route learned from EIGRP even if the AD are
equal:
let's shutdown fa0/0 of R1 and turn off eigrp:

R1(config-if)#shu
After disabling fa0/0 ,R1 loses its eigrp route and the ospf route with AD
100 is installed in the routing table:
Now what happen between OSPF and RIP:

let's remove eigrp and configure RIP:
R1(config)#router rip
R1(config-router)#version 2
R1(config-router)#network 192.168.1.0
R1(config-router)# no auto-summary
R2(config)#router rip
R2(config-router)#version 2
R2(config-router)# network 192.168.1.0
let's configure the AD of the rip routes to be equal with OSPF 100:
R2(config-router)#distance 100
R2(config-router)#distance 100
The preferred route is the route learned from OSPF even if the AD is equal:
Let's turn off ospf:

after disabling Fa0/1 on R1,R1 loses its ospf route and installs the rip route
with the same AD 100:
Known via "rip", distance 100, metric 1
Redistributing via rip
Now what happen between eigrp and RIP:

let's remove ospf and reconfigure eigrp:
R1(config-if)#router eigrp 1
R2(config-router)# network 172.16.1.0 0.0.0.255
The preferred route is the route learned from EIGRP even if the AD are
equal:
So Two routing protocols with the same AD ,the protocol with the origin
lower default AD will be used.
Lab 37: OSPF EIGRP RIP Suboptimal Path
Suboptimal routes :
O E2
5.5.5.0 [110/20] via 10.1.13.3, 00:04:50, Serial0/1

R
2.2.2.0 [120/10] via 192.168.46.6, 00:00:23, Serial0/0
Between OSPF and EIGRP using route-tag:

On R1:The redistribute command uses the route map that tags routes
coming from EIGRP into OSPF with tag 11.R1 will receive the route
redistributed by R3 from EIGRP into OSPF with TAG 33 and distribute-list
looks those routes ,with deny action of the route map (STOP-TAG-33) those
routes tagged 33 are filtered.
the same behavior in R3 ,R3 will receive the routes redistributed by R1
from EIGRP into OSPF with tag 11 and R3 looks with distribute-list that the
tag of those routes is 11 thus R3 will filter them because the deny in the
clause 10 of route map(STOP-TAG-11) ,as result, we can avoid the
suboptimal Routes
R1:
router eigrp 1
redistribute ospf 1 metric 1 1 1 1 1
!
router ospf 1
redistribute eigrp 1 subnets route-map EIGRPtoOSPF
distribute-list route-map STOP-TAG-33 in
!
route-map STOP-TAG-33 deny 10
match tag 33
!
route-map STOP-TAG-33 permit 20
!
route-map EIGRPtoOSPF permit 10
set tag 11
R3:
router eigrp 1
!
router ospf 1
redistribute eigrp 1 subnets route-map EIGRP-to-OSPF
distribute-list route-map STOP-TAG-11 in
!
route-map STOP-TAG-11 deny 10
match tag 11
!
route-map STOP-TAG-11 permit 20
!
route-map EIGRP-to-OSPF permit 10
set tag 33

D EX
5.5.5.0 [170/2560512256] via 172.16.1.6, 00:00:26, Serial0/2

D EX
5.5.5.0 [170/2560512256] via 172.16.2.4, 00:01:28, Serial0/2
Between EIGRP and RIP using the distance command to manipulate

administrative distance:
because after finding that the distribute-list does not support route map
under router rip i configure the distance command,so by decreasing the AD

of external EIGRP 170 to 100 , the AD of those routes is less than the AD of
rip 120 ,we can avoid the Suboptimal Routes:
R4:
router eigrp 1
redistribute rip metric 1 1 1 1 1
distance eigrp 90 100
R6:
router eigrp 1
redistribute rip metric 1 1 1 1 1
distance eigrp 90 100

D EX
2.2.2.0 [100/2560512256] via 172.16.2.3, 00:02:05, Serial0/2

D EX
2.2.2.0 [100/2560512256] via 172.16.1.1, 00:02:27, Serial0/2
Lab 38: RIP EIGRP OSPF Suboptimal Path
R2 and R3 do the redistribution between eigrp and OSPF ,R4 does the
redistribution between rip and ospf.notice that i configured the AD in R4
under rip with 105 , with this way ,i can prevent R4 to install the route to
172.16.1.0 learned via ospf because 120 is greater than 110 so i changes
the AD of rip in R4 to ensure that R4 will always prefer the route rip to
reach 172.16.1.0,I am doing it in order to avoid a suprising result:
Advertised by eigrp 100 metric 1544 2000 255 1 1500

Advertised by eigrp 100 metric 10000 100 255 1 1500
1 192.168.1.2 24 msec 8 msec 0 msec
2 192.168.3.4 24 msec 20 msec 20 msec
3 10.1.1.5 40 msec * 48 msec
R1#
The purpose is to force the packet coming from R1 to take the path R2--R3-R4 over the fast ethernet link
On R4 i will do the redistribution with tag 999 as follow so R4 advertises

the route learned from rip with tag 999:
router ospf 1
redistribute rip subnets tag 999
On R2 I configure the route-map called MATCH-ROUTE-RIP which matches all

routes and then
tags them all with tag 999, distribute-list command under ospf matches the
route-map MATCH-ROUTE-RIP,the distribute-list looks at the routes learned
in OSPF that were tagged earlier by R4 with 999.the deny clause in the
sequence 10 of the route-map matches all routes tagged with 999,so R2
filters those routes:
route-map MATCH-ROUTE-RIP deny 10
match tag 999
!
route-map MATCH-ROUTE-RIP permit 20
!
router ospf 1
distribute-list route-map MATCH-ROUTE-RIP in
now R2 installs the external route eigrp with the tag 999(the output below
shown at the end the tag 999) learned from R3(192.168.2.3) even if the AD
of this route 170 is greater than 110 the AD of external ospf:
Known via "eigrp 100", distance 170, metric 307200
Tag 999, type external
Redistributing via eigrp 100, ospf 1
Advertised by ospf 1 subnets

Route tag 999
The traceroute now shows that the packet from R1 toward 172.16.1.1 takes
the path R2--R3--R4 over the fastethernet link:
1 192.168.1.2 16 msec 12 msec 0 msec
2 192.168.2.3 28 msec 20 msec 20 msec
3 192.168.4.4 48 msec 40 msec 40 msec
4 10.1.1.5 72 msec * 76 msec
Lab 39: Redistributing a Subset of Routes Using a Route Map
Redistributing a Subset of Routes Using a Route Map

Requirements:
*Redistribution from OSPF into EIGRP:
1-Routes with next-hop address 15.1.1.5 (R5) should be redistributed, with
route tag 5.
ip access-list standard FROM-R5

permit 15.1.1.5
!
route-map ospf-into-eigrp permit 10
match ip next-hop FROM-R5
set tag 5
2-E1 routes sourced by R6 (RID 6.6.6.6) should be redistributed, and

assigned a route tag of 6.
ip access-list standard FROM-R6
permit 6.6.6.6
!
route-map ospf-into-eigrp permit 20
match ip route-source FROM-R6
match route-type external type-1
set tag 6
*Redistribution from EIGRP into OSPF:

3-Routes beginning with 14.2, and with masks /23 and /24, should be
redistributed, with metric set to 300.Other routes beginning with 14.2
should not be redistributed.
ip prefix-list PREF-14-2 seq 5 permit 14.2.0.0/16 ge 23 le 24
!
route-map eigrp-into-ospf permit 10
match ip address prefix-list PREF-14-2
set metric 300
4-Routes beginning with 14.3 should be redistributed, with route tag 99.No
other routes should be redistributed.
ip access-list standard ACL-14-3
permit 14.3.0.0 0.0.255.255
route-map eigrp-into-ospf permit 20

match ip address ACL-14-3
set tag 99
router eigrp 1
redistribute ospf 1 route-map ospf-into-eigrp metric 1 1 1 1 1
!
router ospf 1
redistribute eigrp 1 subnets route-map eigrp-into-ospf
on R1, all routes are installed in the routing table:

Routing entry for 15.0.0.0/24, 6 known subnets
Attached (2 connections)
O E1
15.6.11.0 [110/84] via 15.1.6.6, 00:00:04, Serial0/2
O E2
15.6.12.0 [110/20] via 15.1.6.6, 00:00:04, Serial0/2
15.6.1.0 [110/65] via 15.1.6.6, 00:00:04, Serial0/2
O IA
C
15.1.2.0 [110/65] via 15.1.1.5, 00:00:04, Serial0/1

R4 installs only two routes external eigrp for 15.6.11.0 which matches the
route-map ospf-into-eigrp permit 20 ,this route-map as shown earlier
matches the E1 for this subnet sourced from R6 with tag 6, the second
route is for the subnet 10.1.2.0 which matches the route-map ospf-intoeigrp permit 10 ,this route-map matches the routes which have the nexthop 10.1.1.5 (R5), the other subnets 15.0.0.0 are denied by the deny clause
at the last of the route map:
D EX
15.6.11.0 [170/2560512256] via 14.1.2.1, 00:01:53, Serial0/0
D EX
15.1.2.0 [170/2560512256] via 14.1.2.1, 00:00:35, Serial0/0
The two subnets 14.2.22.4/30 and 14.2.22.8/30 are not installed because
the deny clause at the end of the route-map ospf-into-eigrp ,also the routes
beginning with 14.1 are filtered and does not appear int the routing table
of R5 so only the routes beginning with 14.2 and 14.3 are installed as
shown below:
Variably subnetted with 2 masks
O E2
14.3.9.0/24 [110/20] via 15.1.1.1, 00:01:10, Serial0/0
O E2
14.3.8.0/24 [110/20] via 15.1.1.1, 00:01:10, Serial0/0
O E2
14.2.20.0/24 [110/300] via 15.1.1.1, 00:01:10, Serial0/0
O E2
14.2.21.0/24 [110/300] via 15.1.1.1, 00:01:10, Serial0/0
O E2
14.2.16.0/23 [110/300] via 15.1.1.1, 00:01:10, Serial0/0
O E2
14.2.18.0/23 [110/300] via 15.1.1.1, 00:01:10, Serial0/0
Lab 40: Caveats when redistributing between BGP and OSPF
Caveats when redistributing between OSPF and BGP:

Redistribute the 150.1.1.0/24, 150.2.2.0/24 and 150.3.3.0/24 subnets on R1,
R2 and R3 respectively using route-map into BGP as follow:
R1(config)#access-list 100 permit ip host 150.1.1.0 host 255.255.255.0

R1(config-route-map)#match ip address 100
R2(config)#ip access-list extended CONNECTED

R2(config-ext-nacl)#permit ip host 150.2.2.0 host 255.255.255.0
R2(config-route-map)#match ip address CONNECTED
R3(config)#access-list 2000 permit ip host 150.3.3.0 host 255.255.255.0

R3(config-route-map)#match ip address 2000
The issue here is the rule for the internal BGP :Do not advertise iBGPlearned routes to iBGP peers.In this case R2 will not advertise the subnet
of R1 to R3 and the subnet of R3 to R1 because they are received from iBGP
peers.
On R1 the subnet s'R1 150.3.3.0 is missing:
Network
Next Hop
*> 150.1.1.0/24
0.0.0.0
*>i150.2.2.0/24
10.0.0.2
32768 ?
100
0?
On R3 the subnet s'R1 150.1.1.0 is missing:

Network
Next Hop
*>i150.2.2.0/24
10.0.0.9
*> 150.3.3.0/24
0.0.0.0
100
0?
32768 ?
we must configure route-reflector-client feature to allow R2 to advertises

the routes learned from R1 to R3 and vice-versa:
R2(config-router)#neighbor 10.0.0.1 route-reflector-client
R2(config-router)#neighbor 10.0.0.10 route-reflector-client

Network
Next Hop
*> 150.1.1.0/24
0.0.0.0
*>i150.2.2.0/24
10.0.0.2
*>i150.3.3.0/24
10.0.0.10
32768 ?
100
100
0?
0?

Network
Next Hop
*>i150.1.1.0/24
10.0.0.1
100
0?
*>i150.2.2.0/24
10.0.0.9
100
0?
*> 150.3.3.0/24
0.0.0.0
32768 ?
On R1 above , the subnet 150.3.3.0 appears in the BGP RIBs and on R3 the
subnet 150.1.1.0 appears in the BGP RIBs, notice the question mark set to
the origin for both prefixes the origin set to incomplete because they are
redistributed as a connected route.
-Now we will configure OSPF between R3 and R4 ,R4 redistributes the

subnet connected toFa0/0 interface as a metric-type 1 (E1)
R3(config-router)#network 10.0.0.13 0.0.0.0 area 0

R4(config-router)#redistribute connected subnet metric-type 1
Redistribute between BGP and OSPF on R3:

R3(config-router)#redistribute ospf 3
R3(config-router)#redistribute bgp 254 subnets
We can see below that R4 does not receive any route from BGP Domain and
R1 does not receive any route from OSPF Domain:
R4(config-router)#do show ip route
Gateway of last resort is not set
C

150.4.4.0 is directly connected, FastEthernet0/0

Network
Next Hop
*> 150.1.1.0/24
0.0.0.0
*>i150.2.2.0/24
10.0.0.2
32768 ?
100
0?
*>i150.3.3.0/24
10.0.0.10
100
0?
We have four issues here when redistributing between BGP and OSPF:
-the First issue:when BGP routes are redistributed into an IGP, only EBGP
routes are redistributed .So we need bgp redistribute-internal command
under router BGP on R3 to allow the redistribution of the subnets learned
from the IBGP peers(R1 and R2), in this case, the subnet concerned are
150.1.1.0 and 150.2.2.0.
-The second issue:when OSPF routes are redistributed into BGP, only
internal routes are redistributed.So we need redistribute ospf 3 match
external 1 external 2 command under router BGP on R3, the subnet
concerned is 150.4.4.0 which is advertised by R4 to R3 as an external, if we
advertised this subnet as internal from R4 to R3 , there is no need to add
match external 1 external 2 ,by default only internal routes are
redistributed,so the subnet 150.4.4.0 is redistributed into BGP
automatically.
-The third issue:an iBGP peer does not change the NEXT_HOP for an
external route when advertising it to another iBGP peer.So we need enter
neighbor 10.0.0.9 next-hop-self command under router BGP on R3.Without
this command the ping 150.1.1.1 source 150.4.4.4 and the ping 150.2.2.2
source 150.4.4.4 fail.Because R1 and R2 receives the route toward
150.4.4.0 with the next-hop 10.0.0.14 which is the subnet of R4 ,there is no
reachability ,so we need change the next-hop-self when R3 advertised this
route to its IBGP peer.
-The fourth issue:the 150.3.3.0/24 subnet is advertised by BGP , it is
redistributed into BGP using route-map CONNECTED on R3 (looks at the
first of the comment. So it will not be redistributed into OSPF when BGP is
redistributed into OSPF.so route map must be used to redistribute this
subnet into OSPF on R3 with redistribute connected subnets route-map
CONNECTED command under router OSPF ,notice the route-map called
CONNECTED is the same as the route-map configured earlier for BGP.
Following these rules i configured the folowing sequence commands:
R3(config-router)#redistribute ospf 3 match external 1 external 2
R3(config-router)#bgp redistribute-internal
R3(config-router)#neighbor 10.0.0.9 next-hop-self
R3(config-router)#redistribute connected subnets route-map CONNECTED
R3(config-router)#redistribute bgp 254 subnets
On R4 ,Notice the three subnets 150.1.1.0 ,150.2.2.0 an 150.3.3.0 appear in

the routing table:
R4(config)#do show ip route ospf
O E2
150.1.1.0 [110/1] via 10.0.0.13, 00:05:51, Serial0/0

O E2
150.2.2.0 [110/1] via 10.0.0.13, 00:05:51, Serial0/0

O E2
150.3.3.0 [110/20] via 10.0.0.13, 00:00:14, Serial0/0
On R1 the subnet 150.4.4.0(attached subnet of R4) appears in its routing

table
R1(config-route-map)#do show ip route
Gateway of last resort is not set
D
10.0.0.8 [90/2681856] via 10.0.0.2, 00:10:24, Serial0/0


150.2.2.0 [200/0] via 10.0.0.2, 00:10:33

150.3.3.0 [200/0] via 10.0.0.10, 00:10:06

150.4.4.0 [200/84] via 10.0.0.10, 00:09:13
Verify the connectivity:

R4(config-router)#do ping 150.1.1.1 source 150.4.4.4

!!!!!

!!!!!

!!!!!
R4(config-router)#
Lab 41: OSPF Multi-area Virtual-link EIGRP and summarization
Lab OSPF Multi-area Virtual-link EIGRP and summarization:

1-Redistribution between OSPF and EIGRP:
R3(config-router)#redistribute eigrp 1 subnets
R4(config-router)#redistribute eigrp 1 subnets
2-AREA 23 must be configured as virtual-link:

3-Summarization of loopback addresses on R2 R3 and R4:

R2(config-router)#area 20 range 17 2.10.20.0 255.255.255.0
R3(config-router)#area 31 range 172.10.31.0 255.255.255.0
R4(config)#interface Serial0/0
R4(config-if)#ip summary-address eigrp 1 172.10.41.0 255.255.255.0
Final configuration:
R1:
interface Loopback0
ip address 172.10.11.1 255.255.255.240
!
ip address 172.10.10.1 255.255.255.0
!
interface Serial0/0
bandwidth 64
ip address 172.10.12.1 255.255.255.0
clock rate 2000000
!
router ospf 1
network 172.10.10.0 0.0.0.255 area 10
network 172.10.11.0 0.0.0.255 area 0
network 172.10.12.0 0.0.0.255 area 0
R2:
interface Loopback0
ip address 172.10.21.1 255.255.255.0
!
ip address 172.10.20.1 255.255.255.240
!
ip address 172.10.20.17 255.255.255.240

!
ip address 172.10.20.33 255.255.255.240
!
interface Serial0/0
bandwidth 64
ip address 172.10.12.2 255.255.255.0
clock rate 2000000
!
interface Serial0/1
bandwidth 64
ip address 172.10.23.2 255.255.255.0
clock rate 2000000
!
router ospf 1
area 20 range 172.10.20.0 255.255.255.0
network 172.10.12.0 0.0.0.255 area 0
network 172.10.20.0 0.0.0.63 area 20
network 172.10.21.0 0.0.0.255 area 0
network 172.10.23.0 0.0.0.255 area 23
R3:
interface Loopback0
ip address 172.10.0.1 255.255.255.0
!
ip address 172.10.31.1 255.255.255.240
!
ip address 172.10.31.17 255.255.255.240
!
ip address 172.10.31.33 255.255.255.240
!
interface Serial0/0
bandwidth 64
ip address 172.10.34.3 255.255.255.0
clock rate 2000000
!
interface Serial0/1
bandwidth 64
ip address 172.10.23.3 255.255.255.0
clock rate 2000000
!
router eigrp 1
network 172.10.34.0 0.0.0.255
no auto-summary
!
router ospf 1
area 31 range 172.10.31.0 255.255.255.0
redistribute eigrp 1 subnets
network 172.10.0.0 0.0.0.255 area 0

network 172.10.23.0 0.0.0.255 area 23
network 172.10.31.0 0.0.0.63 area 31
R4:
interface Loopback0
ip address 172.10.41.1 255.255.255.240
!
interface Loopback1
ip address 172.10.41.17 255.255.255.240
!
interface Loopback2
ip address 172.10.41.33 255.255.255.240
!
ip address 172.10.40.1 255.255.255.0
!
interface Serial0/0
bandwidth 64
ip address 172.10.34.4 255.255.255.0
ip summary-address eigrp 1 172.10.41.0 255.255.255.0 5
clock rate 2000000
!
router eigrp 1
network 172.10.34.0 0.0.0.255
network 172.10.41.0 0.0.0.63
no auto-summary
!
router ospf 1
redistribute eigrp 1 subnets
network 172.10.40.0 0.0.0.255 area 40
Lab 42: EIGRP and Lab OSPF Case Study
Requirements:
1. Summarize the loopback interfaces on R2 with the best summary route
to the other EIGRP routers:
R2(config)#interface FastEthernet0/0
R2(config-if)#ip summary-address eigrp 1 192.168.1.96 255.255.255.224 5
R2(config)#interface Serial0/0
R2(config-if)#ip summary-address eigrp 1 192.168.1.96 255.255.255.224 5
2. Loopback 192 on R3 represents a connection to the Internet. Originate a

default route into EIGRP from R3:
R3(config)#ip default-network 192.168.100.0
3.R4, needs to communicate with the EIGRP domain via OSPF area 0.
4. Redistribute OSPF into EIGRP:
5. Originate a default route into the OSPF process from R3:

R3(config-router)#default-information originate always
Final configuration:
hostname R2
!
ip address 192.168.1.101 255.255.255.252
!
ip address 192.168.1.105 255.255.255.252
!
ip address 192.168.1.109 255.255.255.252
!
ip address 192.168.1.113 255.255.255.252
!
ip address 192.168.1.161 255.255.255.224
duplex auto
speed auto
!
interface Serial0/0
ip address 192.168.1.130 255.255.255.252
clock rate 2000000
no shutdown
!
!
router eigrp 1
network 192.168.1.100 0.0.0.3
network 192.168.1.104 0.0.0.3
network 192.168.1.108 0.0.0.3
network 192.168.1.112 0.0.0.3
network 192.168.1.128 0.0.0.3
network 192.168.1.160 0.0.0.3
network 192.168.1.160 0.0.0.31
auto-summary
hostname R1
!
interface Loopback1
ip address 192.168.1.1 255.255.255.252
!
!
interface Serial0/0
ip address 192.168.1.129 255.255.255.252
clock rate 2000000
no shutdown
!
interface Serial0/1
ip address 192.168.1.133 255.255.255.252
clock rate 2000000
no shutdown
!
router eigrp 1
network 192.168.1.0 0.0.0.3
network 192.168.1.128 0.0.0.3
network 192.168.1.132 0.0.0.3
hostname R3
!
interface Loopback5
ip address 192.168.1.5 255.255.255.252
!
ip address 192.168.100.1 255.255.255.0
!
ip address 192.168.1.162 255.255.255.252
duplex auto
speed auto
no shutdown
!
interface Serial0/0
ip address 192.168.1.134 255.255.255.252
clock rate 2000000
no shutdown
!
interface Serial0/1
ip address 10.1.1.3 255.255.255.248
clock rate 2000000
no shutdown
!
!
router eigrp 1
network 192.168.1.4 0.0.0.3
network 192.168.1.132 0.0.0.3
network 192.168.1.160 0.0.0.31
network 192.168.100.0
auto-summary
!
router ospf 1
network 10.1.1.0 0.0.0.7 area 0
default-information originate always
!
ip default-network 192.168.100.0
!
end
hostname R4
!
!
interface Loopback4
ip address 10.4.4.4 255.255.255.0
!
interface Serial0/0
ip address 10.1.1.4 255.255.255.248
clock rate 2000000
no shutdown
!
router ospf 1
network 10.1.1.0 0.0.0.7 area 0
network 10.4.4.0 0.0.0.255 area 0
Lab 43: Redistribution between OSPF and BGP
R2 and R3 redistribute between OSPF and BGP:

R2
router ospf 1
redistribute bgp 64513 subnets
!
router bgp 64513
redistribute ospf 1 match external internal
R3
router ospf 1
redistribute bgp 64513 subnets
!
router bgp 64513
redistribute ospf 1 match internal external
R4(config-router)# do show ip bgp

Network
Next Hop
*> 130.130.1.0/24 192.168.2.1

*> 172.16.1.0/24
192.168.2.1
1
0
0 64513 ?
0 64513 ?
*> 192.168.1.0
192.168.2.1
0 64513 ?
r> 192.168.2.0
192.168.2.1
0 64513 i
The AS 64512 is missing for the network 130.130.1.0/24 ,only 64513

appears in the section path and the origin is incomplete "?"
Route-tag is used to store the AS before doing the redistribution into OSPF
by R2 and R3 when it receive the route via OSPF, R3 restore the AS after
finding the tag of the route to 130.130.1.0/24 and R3 redistribute this
route into BGP by setting the AS earlier stored in R2.also we set the origin
of this route to IGP instead of incomplete "?"
R2
router bgp 64513
table-map TAG-BGP
redistribute ospf 1 match internal external
!
route-map TAG-BGP permit 10
set automatic-tag
R3
router bgp 64513
redistribute ospf 1 match internal external route-map TAG-BGP
!
route-map TAG-BGP permit 10
set origin igp
set as-path tag
R4(config-router)# do show ip bgp

Network
Next Hop
*> 130.130.1.0/24 192.168.2.1

*> 172.16.1.0/24
192.168.2.1
1
0
0 64513 64512 i
0 64513 i
*> 192.168.1.0
192.168.2.1
0 64513 i
r> 192.168.2.0
192.168.2.1
0 64513 i
Now we can see that the bgp table includes the AS 64512 in the AS path to
reach 130.130.1.0/24 and the origin i which means originated from IGP.
Lab 44: Redistribution between EIGRP and BGP
R2 redistributes between EIGRP and BGP

the show ip route command on R3 shows that the route toward 1.1.1.1 is
not installed because R2 does not advertise this route because routing
loops prevention:
D EX

D EX
D EX
To ensure that R2 advertises this route to R3 we will add the following

command which allow R2 to include the routes learned from an IGP(EIGRP
in this case) to be advertised to an IBGP peer (R3):
R2(config-router)# bgp redistribute-internal
Now the route toward 1.1.1.1 appears in the routing table:

D EX

D EX

D EX
D EX
If we want filter the connected routes advertised to R3 we can use routemap using the source-protocol under the route-map then include this routemap in the the distribute-list command under router eigrp ,all in R3 as
follow:
R3(config)#route-map filter deny 10
R3(config-route-map)#match source-protocol ?
bgp
Border Gateway Protocol (BGP)
connected Connected
eigrp
isis
mobile
ospf
rip
static
Enhanced Interior Gateway Routing Protocol (EIGRP)

ISO IS-IS
Mobile routes
Open Shortest Path First (OSPF)
Routing Information Protocol (RIP)
Static routes
R3(config-route-map)#match source-protocol connected

R3(config-route-map)#route-map filter permit 20
R3(config-route-map)#exi
R3(config-router)#distribute-list route-map filter in
we can see below with the show ip route command on R3 that 2.2.2.2 and
10.1.12.0 diseappers in the routing table:

D EX

D EX
C

We can match also the statics routes or routes originated grom different
IGP as shown by the symbol ? which display different options of the source
protocol.
Lab 45: LAB Challenge:EIGRP RIP OSPF FRAME-RELAY

REDISTRIBUTION VIRTUAL-LINK
Redistribute the networks 116.1.2.0/24 and 116.1.3.0/24 On R2 and R3

respectively:
R2
router eigrp 100
redistribute connected metric 1 1 1 1 1500 route-map R2_connected
!
ip prefix-list R2_fa0/0 seq 5 permit 116.1.2.0/24
!
route-map R2_connected permit 10
match ip address prefix-list R2_fa0/0
R3:
router eigrp 100
redistribute connected metric 1 1 1 1 1500 route-map R3_connected
!
ip prefix-list R3_fa0/0 seq 5 permit 116.1.3.0/24
!
route-map R3_connected permit 10
match ip address prefix-list R3_fa0/0
R5 redistributes the networks 10.1.2.0/24 and 10.1.3.0 from EIGRP into

OSPF, R4 then receives tow routes for both the two networks ,one from R5
which is an OSPF route external with AD 110 and another from R1 which is
an EIGRP route external with AD 170 so R4 will install the OSPF route
external via R5 because the lower AD (110 less than 170):
R4(config-router)#do sh ip route | i 116.1.2.0|116.1.3.0
O E2 116.1.3.0 [110/20] via 116.1.156.5, 00:01:41, Serial0/0
O E2 116.1.2.0 [110/20] via 116.1.156.5, 00:01:41, Serial0/0

D EX 116.1.3.0 [170/2560025856] via 116.1.145.4, 00:02:07, FastEthernet0/0

Here the ping fails:

R1(config)#do ping 116.1.2.2
.....
R9(config-if)#do ping 116.1.2.2

.....
the same result when i ping to 116.1.3.3,the ping fails:

1 116.1.156.5 36 msec 60 msec 20 msec
2 116.1.145.4 116 msec 32 msec 80 msec
3***
4 116.1.156.5 80 msec 124 msec 0 msec
5 116.1.145.4 44 msec 80 msec 76 msec
6***
7 116.1.156.5 192 msec 32 msec 48 msec
8 116.1.145.4 76 msec 240 msec 80 msec
9***
10 116.1.156.5 356 msec 336 msec 380 msec
11 116.1.145.4 348 msec 264 msec 172 msec
.....
1 116.1.145.4 32 msec 28 msec 48 msec

2 116.1.156.6 28 msec 28 msec 0 msec
3 116.1.156.5 80 msec 0 msec 60 msec
4 116.1.145.4 0 msec 80 msec 4 msec
5 116.1.156.6 120 msec 64 msec 64 msec
6 116.1.156.5 140 msec 4 msec 224 msec
7 116.1.145.4 64 msec 140 msec 136 msec
....
Here the suboptimal route causes a routing loop as shown above with
traceroute
the solution is to increase the AD of the external OSPF routes as follow:
On both R5 and R4:

ip access-list standard R2-R3-NETWORKS
permit 116.1.2.0 0.0.0.255
permit 116.1.3.0 0.0.0.255
!
router ospf 1
distance 180 0.0.0.0 255.255.255.255 R2-R3-NETWORKS
Here we tell to the routers R4 and R5 to look in the ACL R2-R3-NETWORKS

then set the distance 180 for the external routes ospf of the two networks
and learned from any route source (0.0.0.0 255.255.255.255 the address
with widcard mask means any ip address ):

R1#ping 116.1.2.2
!!!!!
R9#ping 116.1.2.2
!!!!!
1 200.11.99.8 32 msec 84 msec 20 msec
2 116.1.78.7 92 msec 12 msec 144 msec
3 116.1.67.6 104 msec 128 msec 124 msec
4 116.1.156.5 156 msec 176 msec 168 msec
5 116.1.145.1 188 msec 268 msec 216 msec
6 116.1.123.2 176 msec * 172 msec
no loop
Lab 46: OSPFv3 and EIGRP over ISATAP Tunnel
By definition:the Dynamic Multipoint IPv6 Tunnels like Automatic 6to4

Tunnels and Isatap Tunnels do not support IPv6 IGPs, requiring the use of
either static routes or multiprotocol BGP.Refer to the CCNP Route Official
Certification Guide Book ,Chapter :IPv4 and IPv6 Coexistence
Let's verify if is there a cases where we can use IGP over ISATAP Tunnel:
In this example: R7 represent the IPv4 backbone Network, we have three
sites A, B and C running IPv6 and with EDGE routers,these EDGE routers are
connected to R7 the IPv4 Backbone and running EIGRP,Site A has R2 as the
EDGE router,Site B has R3 as the EDGE router ,Site C has R5 as the EDGE
router. .we must provide full connectivity between the three sites with the
ISATAP Tunnel by running IGP such as OSPFv3 and EIGRP.
Let's go:
Before let's look the resulting of ipv6 address 2001:DB8:235::/64 eui-64
command, this command tells the router R3 for example to use the
modified eui-64 rules to give R3s Tunnel0 interface an IPv6 address of
2001:DB8:235::5EFE:303:303. R3 derives the last two octets(7 and from the
tunnel source Serial0/0 command,using Serial0/0s IPv4 address (3.3.3.3) to
deduce Tunnel 0s IPv6 address so 303:303 corresponds to 3.3.3.3,for R2
and R5 apply the same rule to derive IPv6 address of R3s Tunnel0
interface, also let's look the link-local addresses which will be used in the
ipv6 ospf neighbor command under tunnel interfaces:
R3(config-if)#do show ipv int br | begin Tunnel0
Tunnel0
[up/up]
FE80::5EFE:303:303
2001:DB8:235::5EFE:303:303

Tunnel0
[up/up]
FE80::5EFE:202:202
2001:DB8:235::5EFE:202:202

Tunnel0
[up/up]
FE80::5EFE:505:505
2001:DB8:235::5EFE:505:505
Case 1 :
With the default network type point-to-point in tunnel interfaces ,there is
no adjacencies between R2 R5 and R3:
R2
interface Tunnel0
ipv6 ospf 1 area 0
R3
interface Tunnel0
ipv6 ospf 1 area 0
R5
interface Tunnel0
ipv6 ospf 1 area 0
R5(config-if)#do show ipv6 ospf nei

Neighbor ID
6.6.6.6
Pri State
1 FULL/ -
Dead Time Interface ID

00:00:30
Interface
Serial0/0

Neighbor ID
4.4.4.4
Pri State
1 FULL/ -

00:00:37
Interface
Serial0/1

Neighbor ID
Pri State
Interface
1.1.1.1
1 FULL/ -
00:00:35
Serial0/0
Conclusion :IGP does not work over ISATAP Tunnel when running OSPFv3
with point-to-point network type
Case 2:
let's configure ipv6 ospf network non-broadcast in the tunnel interfaces ,in
non-broadcast we must use neighbor command to establish the adjacencies
:
R3
interface Tunnel0
ipv6 ospf network non-broadcast
ipv6 ospf neighbor FE80::5EFE:505:505
R2
interface Tunnel0
R5:
interface Tunnel0
There is adjacencies between R2 R3 and R5 as show by the following

outputs:
R2(config-rtr)#do show ipv ospf nei
Neighbor ID
Pri State
Interface
3.3.3.3
1 FULL/DR
00:01:57
5.5.5.5
1 FULL/DROTHER
1.1.1.1
1 FULL/ -
17
00:01:55
00:00:39
Tunnel0
16
Tunnel0
Serial0/0

Neighbor ID
Pri State
2.2.2.2
1 FULL/BDR
00:01:54
5.5.5.5
1 FULL/DROTHER
4.4.4.4
1 FULL/ -
16
00:01:35
00:00:39
Interface
Tunnel0
16
Tunnel0
Serial0/1
R3(config-rtr)#

Neighbor ID
Pri State
3.3.3.3
1 FULL/DR
2.2.2.2
1 FULL/BDR
6.6.6.6
1 FULL/ -

00:01:54
17
00:01:51
00:00:36
16
6
Interface
Tunnel0
Tunnel0
Serial0/0
the ping between the sites works successfully,i will show only the ping from
R1 toward the loopback interfaces of R4 and R6 for brevity :
R1#ping 2001:DB8::6 source 2001:DB8:1::1
Sending 5, 100-byte ICMP Echos to 2001:DB8::6, timeout is 2 seconds:
Packet sent with a source address of 2001:DB8:1::1
!!!!!
R1#
R1#ping 2001:DB8:4::4 source 2001:DB8:1::1

Sending 5, 100-byte ICMP Echos to 2001:DB8:4::4, timeout is 2 seconds:

!!!!!
R1#
The routes are exchanged between R2 R3 and R4 as show by the routing

table on R1 R4 and R6:
O 2001:DB8::2/128 [110/64]
via FE80::C202:2BFF:FEB4:0, Serial0/0
O 2001:DB8::3/128 [110/11175]
O 2001:DB8::4/128 [110/11239]
O 2001:DB8::5/128 [110/11175]
O 2001:DB8::6/128 [110/11239]
O 2001:DB8:4::4/128 [110/11239]
O 2001:DB8:6::6/128 [110/11239]
O 2001:DB8:34::/64 [110/11239]
O 2001:DB8:56::/64 [110/11239]
O 2001:DB8:235::5EFE:202:202/128 [110/64]
O 2001:DB8:235::5EFE:303:303/128 [110/11175]
O 2001:DB8:235::5EFE:505:505/128 [110/11175]

O 2001:DB8::1/128 [110/11239]
via FE80::C203:22FF:FEF8:0, Serial0/0
O 2001:DB8::2/128 [110/11175]
O 2001:DB8::3/128 [110/64]
O 2001:DB8::5/128 [110/11175]
O 2001:DB8::6/128 [110/11239]
O 2001:DB8:1::1/128 [110/11239]
O 2001:DB8:6::6/128 [110/11239]

O 2001:DB8:12::/64 [110/11239]
O 2001:DB8:56::/64 [110/11239]
O 2001:DB8:235::/64 [110/11175]

O 2001:DB8::1/128 [110/11239]
via FE80::C204:1DFF:FE4C:0, Serial0/0
O 2001:DB8::2/128 [110/11175]
O 2001:DB8::3/128 [110/11175]
O 2001:DB8::4/128 [110/11239]
O 2001:DB8::5/128 [110/64]
O 2001:DB8:1::1/128 [110/11239]
O 2001:DB8:4::4/128 [110/11239]
O 2001:DB8:12::/64 [110/11239]
O 2001:DB8:34::/64 [110/11239]
O 2001:DB8:235::/64 [110/11175]
IGP works over ISATAP Tunnel when running OSPFv3 with non-broadcast
network Type
Case3:
let's configure ipv6 ospf network point-to-multipoint non-broadcast in the
tunnel interfaces:
R3
interface Tunnel0
ipv6 ospf network point-to-multipoint non-broadcast
ipv6 ospf 1 area 0
R2
interface Tunnel0
R5:
interface Tunnel0
There is adjacencies between R2 R3 and R5:

R2(config-if)#do show ipv ospf nei
Neighbor ID
Pri State
Interface
5.5.5.5
1 FULL/ -
00:01:59
16
Tunnel0
3.3.3.3
1 FULL/ -
00:01:57
17
Tunnel0
1.1.1.1
1 FULL/ -
00:00:34
Serial0/0

Neighbor ID
Pri State
Interface
5.5.5.5
1 FULL/ -
00:01:54
16
Tunnel0
2.2.2.2
1 FULL/ -
00:01:46
16
Tunnel0
4.4.4.4
1 FULL/ -
00:00:31
Serial0/1

Neighbor ID
Pri State
Interface
2.2.2.2
1 FULL/ -
00:01:34
16
Tunnel0
3.3.3.3
1 FULL/ -
00:01:56
17
Tunnel0
6.6.6.6
1 FULL/ -
00:00:36
Serial0/0
the ping between the sites works successfully,i will show only the ping from
R1 toward the loopback interfaces of R4 and R6 for brevity :
R1#ping 2001:DB8::6 source 2001:DB8:1::1
!!!!!
R1#
R1#ping 2001:DB8:4::4 source 2001:DB8:1::1

!!!!!
R1#
The routes are exchanged between R2 R3 and R4 as show by the routing

tables on R1 ,i omitted the routing table of R4 and R6 for brevity :
O 2001:DB8::2/128 [110/64]
O 2001:DB8::3/128 [110/11175]
O 2001:DB8::4/128 [110/11239]
O 2001:DB8::5/128 [110/11175]
O 2001:DB8::6/128 [110/11239]
O 2001:DB8:4::4/128 [110/11239]

O 2001:DB8:6::6/128 [110/11239]
O 2001:DB8:34::/64 [110/11239]
O 2001:DB8:56::/64 [110/11239]
O 2001:DB8:235::5EFE:202:202/128 [110/64]
O 2001:DB8:235::5EFE:303:303/128 [110/11175]
O 2001:DB8:235::5EFE:505:505/128 [110/11175]
IGP works over ISATAP Tunnel when running OSPFv3 with point-tomultipoint non-broadcast network Type.
Case4:
Now we will see what happen with EIGRP,let's go:
R2
interface Tunnel0
no ipv6 ospf 1 area 0
ipv6 eigrp 1
R3
interface Tunnel0
ipv6 eigrp 1
R5
interface Tunnel0
ipv6 eigrp 1
We must enter no shutdown command under the ipv6 router eigrp :

R2(config-if)#ipv6 router eigrp 1
R2(config-rtr)#no shutdown


Until now there is no adjacencies between R2 R3 and R5:

R2(config-rtr)#do show ipv eigrp nei
IPv6-EIGRP neighbors for process 1
R2(config-rtr)#

R3(config-rtr)#

R5(config-rtr)#
Let's configure neighbor command to statically establish the adjacencies:

R2(config)#ipv6 router eigrp 1
R2(config-rtr)#neighbor FE80::5EFE:303:303 tunnel 0



Now we can see that the adjacencies is established as shown by the show
ipv eigr nei command on R2 R3 and R5:
R2(config-rtr)#do show ipv eigr nei
H Address
Interface
(sec)
1 Link-local address:

(ms)
Cnt Num
Tu0
11 00:02:23 50 5000 0 3
Tu0
12 00:02:46 102 5000 0 3
FE80::5EFE:303:303
FE80::5EFE:505:505

H Address
Interface
(sec)

(ms)
Cnt Num
Tu0
13 00:03:20 62 5000 0 5
Tu0
10 00:03:30 99 5000 0 5
FE80::5EFE:505:505
FE80::5EFE:202:202

H Address
Interface
(sec)

(ms)
Cnt Num
Tu0
10 00:03:23 102 5000 0 5
Tu0
12 00:03:55 61 5000 0 3
FE80::5EFE:303:303
FE80::5EFE:202:202
Because the sites A B and C are running OSPFv3, we must configure

redistribution on the EDGE RoutersR2 R3 and R5 between OSPFv3 and
EIGRP in order to exchange the routes over the Tunnel:
Let's go:
R2(config-rtr)#redistribute eigrp 1 include-connected
R2(config-rtr)#redistribute ospf 1 metric 1 1 1 1 1 include-connected


Looks now the routing table on R1 R4 and R6(the routers located in the
sites A B and C respectively):
R1(config-rtr)#do show ipv route ospf

U - Per-user Static route, M - MIPv6
D - EIGRP, EX - EIGRP external
O 2001:DB8::2/128 [110/64]
via FE80::C009:1FFF:FEE0:0, Serial0/0
OE2 2001:DB8::3/128 [110/20]
OE2 2001:DB8::4/128 [110/20]
OE2 2001:DB8::5/128 [110/20]
OE2 2001:DB8::6/128 [110/20]
OE2 2001:DB8:4::4/128 [110/20]
OE2 2001:DB8:6::6/128 [110/20]
OE2 2001:DB8:34::/64 [110/20]
OE2 2001:DB8:56::/64 [110/20]
OE2 2001:DB8:235::/64 [110/20]

OE2 2001:DB8::1/128 [110/20]
via FE80::C00B:1FFF:FEE0:0, Serial0/0
OE2 2001:DB8::2/128 [110/20]
O 2001:DB8::3/128 [110/64]
OE2 2001:DB8::5/128 [110/20]
OE2 2001:DB8::6/128 [110/20]
OE2 2001:DB8:1::1/128 [110/20]
OE2 2001:DB8:6::6/128 [110/20]
OE2 2001:DB8:12::/64 [110/20]
OE2 2001:DB8:56::/64 [110/20]
OE2 2001:DB8:235::/64 [110/20]

OE2 2001:DB8::1/128 [110/20]
via FE80::C00D:1FFF:FEE0:0, Serial0/0
OE2 2001:DB8::2/128 [110/20]
OE2 2001:DB8::3/128 [110/20]
OE2 2001:DB8::4/128 [110/20]
O 2001:DB8::5/128 [110/64]
OE2 2001:DB8:1::1/128 [110/20]
OE2 2001:DB8:4::4/128 [110/20]
OE2 2001:DB8:12::/64 [110/20]
OE2 2001:DB8:34::/64 [110/20]
OE2 2001:DB8:235::/64 [110/20]
Now the ping between the sites A B and C are successfull,for brevity we
launch the ping from R1 and R6 :
R1(config)#do ping 2001:DB8::6 source 2001:DB8:1::1
!!!!!
R1(config)#do ping 2001:DB8:4::4 source 2001:DB8:1::1

!!!!!
R6(config)#do ping 2001:DB8:1::1 so 2001:DB8::6

Packet sent with a source address of 2001:DB8::6
!!!!!
R6(config)#do ping 2001:DB8::4 so 2001:DB8:6::6

!!!!!
Finally :
-With OSPF in non-broadcast network type and point-to-multipoint nonbroadcast ,IGP OSPF works over isatap tunnels.
-With EIGRP ,by adding neighbor statement , IGP EIGRP works over isatap
tunnels.
Lab 47: IGP over ISATAP tunnel
This lab has the same purpuse that the lab OSPFv3 and EIGRP over ISATAP
Tunnel By definition:the Dynamic Multipoint IPv6 Tunnels like Automatic
6to4 Tunnels and Isatap Tunnels do not support IPv6 IGPs, requiring the use
of either static routes or multiprotocol BGP.
let 's verify with ospf and eigrp over isatap Tunnel between R1 and R3 and
we will try to ensure the connectivity over the ISATAP Tunnel between the
two ipv6 prefixes of both R1 and R3(the loopback interfaces of both R1 and
R3) :
R1:
interface loopback0
ipv6 address FEC0::1:1/112
ipv6 ospf 1 area 0
R3:
interface loopback0
ipv6 ospf 1 area 0
Before let's look the resulting of ipv6 address 2000:0:1:1::/64 eui-64

command, this command tells R1 for example to use the modified eui-64
rules to give R1s Tunnel0 interface an IPv6 address of
2000:0:1:1:0:5EFE:AC10:C01. R1 derives the last two octets(7 and from the
tunnel source Serial0/0 command,using Serial0/0s IPv4 address
(172.16.12.1) to deduce Tunnel 0s IPv6 address so AC10:0C01 corresponds
to 172.16.12.1, with 172 is AC, 16 is 10, 12 is C, and 1 is 1 ,for R3 apply the
same rule to derive IPv6 address of R3s Tunnel0 interface,using Serial0/1s
IPv4 address (172.16.23.3) ,172.16.23.3 corresponds to AC10:1703, also
let's look the link-local addresses which will be used in the ipv6 ospf
neighbor command under tunnel interfaces:
R1#show ipv int br | beg Tunnel0
Tunnel0 [up/up]
FE80::5EFE:AC10:C01
2000:0:1:1:0:5EFE:AC10:C01
R3#show ipv int br | beg Tunnel0

Tunnel0 [up/up]
FE80::5EFE:AC10:1703
2000:0:1:1:0:5EFE:AC10:1703
1st case:
R1(config-if)?#interface tunnel 0
R1(config-if)?#ipv6 ospf network non-broadcast
R1(config-if)#ipv6 ospf neighbor FE80::5EFE:AC10:1703
R3(config-if)#interface tunnel 0
R3(config-if)#ipv6 ospf network non-broadcast
R3(config-if)#ipv6 ospf neighbor FE80::5EFE:AC10:C01
R1(config-if)?#do show ipv ospf nei

3.3.3.3 1 FULL/DR 00:01:50 17 Tunnel0

1.1.1.1 1 FULL/BDR 00:01:09 17 Tunnel0
R1(config-if)#do show ipv route ospf

O FEC0::3:1/128 [110/11111]
via FE80::5EFE:AC10:1703, Tunnel0
R3(config-if)#do show ipv route ospf

O FEC0::1:1/128 [110/11111]
via FE80::5EFE:AC10:C01, Tunnel0
R3(config-if)#
R1(config-if)#do ping FEC0::3:1 so FEC0::1:1

Sending 5, 100-byte ICMP Echos to FEC0::3:1, timeout is 2 seconds:
Packet sent with a source address of FEC0::1:1
!!!!!

!!!!!
2nd case with point-to-multipoint non-broadcast:
R1(config-if)#ipv6 ospf network point-to-multipoint non-broadcast
R3(config-if)#ipv6 ospf network point-to-multipoint non-broadcast

!!!!!
R1(config-if)#

!!!!!
in both cases the pings are successfully between the ipv6 addresses of the
loopback interfaces .
now what happen with eigrp over isatap?
Let's configure eigrp over isatap tunnel

R1
interface Loopback0
ipv6 eigrp 1
!
interface Tunnel0
ipv6 eigrp 1
!
ipv6 router eigrp 1
no shut
R3
interface Loopback0
ipv6 eigrp 1
!
interface Tunnel0
ipv6 eigrp 1
!
ipv6 router eigrp 1
no shut
R1#show ipv6 interface tunnel 0 | include link-local

IPv6 is enabled, link-local address is FE80::5EFE:AC10:C01
No Virtual link-local address(es):
R3#show ipv6 interface tunnel 0 | include link-local

IPv6 is enabled, link-local address is FE80::5EFE:AC10:1703
No Virtual link-local address(es):
now we will configure the adjacencies eigrp statically with the neighbor
command followed by the link-local address on both R1 and R3:
R1(config-rtr)?#neighbor FE80::5EFE:AC10:1703 Tunnel 0
R3(config-rtr)#neighbor FE80::5EFE:AC10:C01 Tunnel 0
R1(config-rtr)#do show ipv6 eigrp nei

H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
0 Link-local address: Tu0 14 00:01:31 197 5000 0 3
FE80::5EFE:AC10:1703
R3(config-rtr)#do show ipv6 eigrp nei

H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
0 Link-local address: Tu0 13 00:03:39 967 5000 0 3
FE80::5EFE:AC10:C01
R1(config-rtr)#do show ipv route eigrp

D FEC0::3:0/112 [90/297372416]
via FE80::5EFE:AC10:1703, Tunnel0
R1(config-rtr)#
R3(config-rtr)#do show ipv route eigrp


D FEC0::1:0/112 [90/297372416]
via FE80::5EFE:AC10:C01, Tunnel0
R1(config)#do ping FEC0::3:1 so FEC0::1:1

!!!!!
R1(config)#
R3(config)#do ping FEC0::1:1 so FEC0::3:1

!!!!!
the pings are successfully between the ipv6 addresses of the loopback
interfaces .
-With OSPF in non-broadcast network type and point-to-multipoint nonbroadcast ,IGP OSPF works over isatap tunnels
-With EIGRP ,by adding neighbor statement , IGP EIGRP works over isatap
tunnels
Lab 48: IPV6 challenge lab
Requirements:
1. Configure all interfaces in the topology diagram with the IPv4 or IPv6
addresses shown.
2. Use EUI-64 addresses on the link between R3 and R4.
3. Configure EIGRP AS 1 on R1, R2, and R3 to route all IPv4 networks.
4. Disable EIGRP automatic summarization.
5. Configure a manual IPv6 tunnel between R1 and R3.
6. Include all IPv6 networks in OSPF area 0 on R1, R3, and R4.
7. Manually configure a router ID of 172.16.4.1 on R4 (this address does not
need to be reachable).
Configuration R1
interface Tunnel0
no ip address
ipv6 ospf 1 area 0
tunnel mode ipv6ip
!
interface Loopback0
no ip address
ipv6 ospf 1 area 0
!
interface Serial0/0/0
ip address 172.16.12.1 255.255.255.0
clock rate 2000000
!
router eigrp 1
network 172.16.12.0 0.0.0.255
no auto-summary
!
ipv6 router ospf 1
Configuration R3
interface tunnel 1
ipv6 ospf 1 area 0
tunnel source 172.16.23.3
tunnel mode ipv6ip
!
interface Loopback0
no ip address
ipv6 ospf 1 area 0
!
interface Serial0/0
no ip address
ipv6 enable
ipv6 address FEC0:34::/64 eui-64
ipv6 ospf 1 area 0
clock rate 2000000
!
interface Serial0/1
ip address 172.16.23.3 255.255.255.0
clock rate 2000000
!
!
router eigrp 1
network 172.16.23.0 0.0.0.255
no auto-summary
!
ipv6 router ospf 1
Configuration R2:
interface Serial0/0
ip address 172.16.12.2 255.255.255.0
clock rate 2000000
!
interface Serial0/1
ip address 172.16.23.2 255.255.255.0
clock rate 2000000
!
router eigrp 1
network 172.16.12.0 0.0.0.255

network 172.16.23.0 0.0.0.255
no auto-summary
Configuration R4
interface Loopback0
no ip address
ipv6 ospf 1 area 0
interface Serial0/0
no ip address
ipv6 address FEC0:34::/64 eui-64
ipv6 ospf 1 area 0
clock rate 2000000
!
ipv6 router ospf 1
router-id 172.16.4.1
Lab 49: Policy-Based Routing with default parameters
by definition in PBR when setting next-hop under route-map (set ip nexthop):

Without the default keyword: use PBR first, and if PBR fails, try to route
normally
with the default keyword: route the packets normally while
ignoring any default routes, if normal routing fails use PBR
Let's look the traceroute to show which path the packet takes from R4 and
R5 to reach 34.34.34.34 and 35.35.35.35 (the Lo's interfaces of R3) before
configuring PBR:
1 14.14.14.1 16 msec 32 msec 32 msec
2 13.13.13.2 76 msec * 96 msec
1 14.14.14.1 60 msec 44 msec 28 msec
2 13.13.13.2 92 msec * 88 msec
1 15.15.15.1 60 msec 48 msec 32 msec
2 13.13.13.2 92 msec * 100 msec
1 15.15.15.1 60 msec 48 msec 32 msec
2 13.13.13.2 68 msec * 76 msec
we can see that the packet goes through the path R1--R3 in both routers R4
and R5.
Now will configure Policy-Based Routing:
-first case PBR-R5 we will tell the router R1 to route the packet through the
path R1--R2--R3 if the source ip is 15.15.15.0 and the destination is
35.35.35.35
-second case PBR-R4 we will tell R1 to route the packet normally if the the
source ip is 14.14.14.0 and the destination is 34.34.34.34(which is through
the path R1--R3,but if the normal routing fails ,use the path R1--R2--R3):
access-list 101 permit ip 14.14.14.0 0.0.0.3 host 34.34.34.34
access-list 102 permit ip 15.15.15.0 0.0.0.3 host 35.35.35.35
!
route-map PBR-R5 permit 20
match ip address 102
set ip next-hop 12.12.12.2
!
route-map PBR-R4 permit 10
match ip address 101
set ip default next-hop 12.12.12.2
!
ip policy route-map PBR-R5
!
ip policy route-map PBR-R4
Let's verify if the PBR work correctly:

The following traceroute shown that the packet with the source ip
14.14.14.0 toward the destination 34.34.34.34 is going through the normal
routing because the default parameters included in the route map called
PBR-R4 (set ip default next-hop 12.12.12.2)
1 14.14.14.1 28 msec 32 msec 28 msec
2 13.13.13.2 84 msec * 52 msec
14.14.14.0 toward the destination 35.35.35.35 is going through the normal
routing R1--R3,but here the reason is not the default parameters in the
route-map PBR-R4 ,the reason is :because the implicit deny clause at the
end of the route map PBR-R4 ,the PBR lets the packet go through the
normal IP routing .
1 14.14.14.1 32 msec 44 msec 32 msec
2 13.13.13.2 60 msec * 60 msec
Now let's verify the PBR PBR-R5:

the following traceroute shown that the packet with the source ip
15.15.15.0 toward 35.35.35.35 is going through R1--R2--R3 as expected
because the route-map PBR-R5 is configured to route those packets
through R1--R2--R3 by setting the next-hop 12.12.12.2 without the default
parameters
1 15.15.15.1 32 msec 32 msec 28 msec
2 12.12.12.2 64 msec 60 msec 68 msec
3 23.23.23.2 76 msec * 76 msec
15.15.15.0 toward 34.34.34.34 is going through the normal routing R1--R3
because the implicit deny clause at the end of the route map PBR-R5 ,the
PBR lets the packet go through the normal IP:
1 15.15.15.1 32 msec 32 msec 32 msec
2 13.13.13.2 60 msec * 80 msec
Lab 50: IP SLA Tracking and Path Control
Configuration:
hostname R1
no ip domain lookup
ip domain name lab.local
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
ip sla monitor 11
type echo protocol ipIcmpEcho 209.165.201.30
frequency 10
ip sla monitor schedule 11 life forever start-time now
ip sla monitor 22
type echo protocol ipIcmpEcho 209.165.202.158
frequency 10
ip sla monitor schedule 22 life forever start-time now
!
track 1 rtr 11 reachability
delay down 10 up 1
!
track 2 rtr 22 reachability
delay down 10 up 1
!
interface Loopback0
description R1 LAN
ip address 192.168.1.1 255.255.255.0
!
interface Serial0/0
description R1 --> ISP1
bandwidth 128
ip address 209.165.201.2 255.255.255.252
no shutdown
!
interface Serial0/1
description R1 --> ISP2
bandwidth 128
ip address 209.165.202.130 255.255.255.252
no shutdown
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 209.165.201.1 2 track 1
ip route 0.0.0.0 0.0.0.0 209.165.202.129 3 track 2
ip route 0.0.0.0 0.0.0.0 209.165.201.1 5
hostname ISP1
!
interface Loopback0
description Simulated Internet Web Server
ip address 209.165.200.254 255.255.255.255
!
interface Loopback1
description ISP1 DNS Server
ip address 209.165.201.30 255.255.255.255
!
interface Serial0/0
description ISP1 --> R1
bandwidth 128
ip address 209.165.201.1 255.255.255.252
no shutdown
!
interface Serial0/1
description ISP1 --> ISP2
bandwidth 128
ip address 209.165.200.225 255.255.255.252
no shutdown
!
router eigrp 1
network 209.165.200.224 0.0.0.3
network 209.165.201.0 0.0.0.31
no auto-summary
!
ip route 192.168.1.0 255.255.255.0 209.165.201.2
hostname ISP2
!
interface Loopback0
description Simulated Internet Web Server
ip address 209.165.200.254 255.255.255.255
!
interface Loopback1
description ISP2 DNS Server
ip address 209.165.202.158 255.255.255.255
!
interface Serial0/0
description ISP2 --> R1
bandwidth 128
ip address 209.165.202.129 255.255.255.252
no shutdown
!
interface Serial0/1
description ISP2 --> ISP1
bandwidth 128
ip address 209.165.200.226 255.255.255.252
no shutdown
!
router eigrp 1
network 209.165.200.224 0.0.0.3
network 209.165.202.128 0.0.0.31
no auto-summary
!
ip route 192.168.1.0 255.255.255.0 209.165.202.130
The configuration Files for all Labs are available in my website:

http://meddane.e-monsite.com/
Redouane MEDDANE

Worpad Book 50 CCNP Route Labs

Hochgeladen von

Dokumentinformationen

Originalbeschreibung:

Originaltitel

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

Worpad Book 50 CCNP Route Labs

Hochgeladen von

Copyright:

Verfügbare Formate

50

Lab 29: Next-Hop Field with EIGRP over IPv6

Lab 1: ABRs election and Forward Address in NSSA with

R3#show ipv6 ospf | begin Area 1

1 13::3 60 msec 52 msec 56 msec

R1#show ipv6 route 34::/64

Forward Address: 40::4

R1#show ipv6 route ospf | begin 40::

Lab 2 : loop prevention mechanism of inter-area ospf

10.1.12.0 [110/128] via 10.1.23.2, 00:09:41, Serial0/0

R3#show ip ospf database summary | include Link State ID

R4#show ip route ospf

10.0.0.0/24 is subnetted, 3 subnets

10.1.12.0 [110/138] via 10.1.34.3, 00:13:17, FastEthernet0/0

10.1.23.0 [110/74] via 10.1.34.3, 00:16:21, FastEthernet0/0

10.1.23.0 [110/128] via 10.1.12.2, 00:21:14, Serial0/0

10.1.34.0 [110/138] via 10.1.12.2, 00:09:01, Serial0/0

let's add another router connected to R1 and running ospf in area 0:

let's see the routing table of R1 :

10.1.23.0 [110/128] via 10.1.12.2, 00:32:00, Serial0/0

R1#show ip ospf database summary | include 10.1.34.0|3.3.3.3

R5#show ip route 10.1.34.0

R1#show ip route ospf

10.1.23.0 [110/128] via 10.1.12.2, 00:45:37, Serial0/0

R4#show ip route | include 192.168.1.0

192.168.1.0/24 [110/139] via 10.1.34.3, 00:07:04, FastEthernet0/0

R3(config-router)#do show ip route | include 192.168.1.0

192.168.1.0/24 [110/129] via 10.1.23.2, 00:07:40, Serial0/0

let's remove the virtual link

if we create a virtual tunnel between R1 and R2 and configure this link in

after configuring the tunnel:

R3(config-router)#area 1 virtual-link 2.2.2.2

we have a good result:

192.168.1.0/24 [110/11186] via 10.1.34.3, 00:00:10, FastEthernet0/0

R3(config-router)#do show ip route | include 192.168.1.0

192.168.1.0/24 [110/129] via 10.1.23.2, 00:00:35, Serial0/0

Lab 3: Forward Address and path selection in OSPFv2

both R1 and R2 will do the redistribution of the static routes as shown in

R3#show ip route 172.16.1.0

10.1.13.1, from 1.1.1.1, 00:00:28 ago, via FastEthernet0/0

R3#show ip ospf border-routers

Now let's running ospf in fa0/0 of R1 and s0/0 of R2:

We can see that the preferred route in R3 is through R2(10.1.23.2) even if

so in this case R3 prefers the LSA Type 5 advertised by R2 instead of the

LSA Type 5 advertised by R1 why?

2- The LSA Type 5 advertised by R1 with FA 192.168.1.4,R3 looks the metric

how to solve this suboptimal route?

R3#show ip route 172.16.1.0

R3#show ip ospf database external | include Forward Address|Advertising Router

R2(config-if)#ip ospf network broadcast

R3#show ip route 172.16.1.0

R3#show ip ospf database external | include Forward Address|Advertising Router

R3# show ip route 192.168.1.0 | include metric

-R3 looks the metric to reach the FA 192.168.2.5 advertised by R2 which is

R3#show ip route 192.168.2.0 | include metric

R3#show ip route 172.16.1.0

so The metric 20 toward FA 192.168.1.4 is better than the metric 74 toward

Lab 4: OSPFv3 and the Forwarding Address

Forward Address in OSPFv3:

now what happen if we configure area 1 as nssa:

after configuring area 1 nssa we have still load balancing:

why ? to understand , as with OSPFv2, we can see that R1 receives two