Beruflich Dokumente
Kultur Dokumente
help candidates in the preparation for CISCO Systems' CCIE Service Provider Lab Exam. We do not take liability or
responsibility to any person or entity with respect to loss or damage caused by the information presented in the
workbook.
Cisco, Cisco Systems, and CCIE (Cisco Certified Internetwork Expert) are registered trademarks of Cisco Systems,
Inc. and of its affiliates in the USA and other countries.
The information presented in the workbook is not necessarily related to Cisco Systems, Inc. This workbook is not
affiliated by, endorsed by or sponsored by Cisco Systems, Inc. This workbook provides detailed and comprehensive
practical's for the preparation of CCIE SPv3 Lab Exam but it cannot be used as a replacement of other
supplementary books or prescribed materials.
This workbook is prepared for the individual candidates who have purchase it from us under non-disclosure
agreement. Imitation, copying, editing or posting contents of the workbook over the internet is part of copyright
and non-disclosure agreement violation.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 2
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 3
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 4
Lab A7
Section 1 -
Section 2 -
Section 3 -
Section 4 -
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 5
Lab A8
Section 1 -
Section 2 -
Section 3 -
Section 4 -
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 6
Single Topic Learning Labs Kit
Section 1 -
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 7
1.3 Implement BGP
1.3.0 BGP Basics
1.3.1 BGP Configuration
1.3.2 BGP Neighbor Types
1.3.3 BGP Next Hop Processing
1.3.4 BGP Route Reflectors
1.3.5 BGP Attributes Weight
1.3.6 BGP Attributes Local Preference
1.3.7 BGP Attributes AS-PATH
1.3.8 BGP Attributes MED
1.3.9 BGP Attributes Community
1.3.10 BGP Attributes Origin
1.3.11 BGP Route Redistribution
1.3.12 BGP Conditional Advertisements
1.3.13 BGP Route Filtering
1.3.14 BGP Timers
1.3.15 BGP Multipath
1.3.16 BGP Authentication
1.3.17 BGP Features
1.6 Multicast
1.6.0 PIM Configuration
1.6.1 IGMP Configuration
1.6.2 Static RP
1.6.3 Auto RP
1.6.4 BSR
1.6.5 MSDP
1.6.6 Multicast Filtering
1.6.7 MP BGP
1.6.8 SSM
Section 2 -
2.1.1 Ethernet
2.1.2 Frame Relay
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 8
Section 3 -
Section 4 -
Section 5 -
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 9
3.1
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 10
Table 1 : Loopback Interface Addresses
Loopback2 9.9.0.22/32
Loopback1 172.9.0.4/32
Loopback1 172.9.0.7/32
Loopback2 9.9.0.88/32
Loopback1 172.9.0.9/32
Loopback1 172.9.0.10/32
Loopback1 192.9.0.11/32
Loopback1 192.9.0.12/32
Loopback1 192.9.0.14/32
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 11
Loopback1 192.9.0.15/32
Loopback1 192.9.0.17/32
Loopback1 192.9.0.18/32
R1 Loopback0 239.255.0.1
R2 Loopback0 239.255.0.2
R3 Loopback0 239.255.0.3
R4 Loopback0 239.255.0.4
R5 Loopback0 239.255.0.5
R6 Loopback0 239.255.0.6
R7 Loopback0 239.255.0.7
R8 Loopback0 239.255.0.8
R9 Loopback0 239.255.0.9
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 12
Section 1
Implement, Optimize and Troubleshooting of Core IP Technologies
R2 47.0009 Loopback0
47.0009 GigabiEthernet0/0/0/0.23
47.0009 GigabiEthernet0/0/0/0.23
R3 47.0009 Loopback0
47.0009 GigabiEthernet0/0/0/0.23
47.0009 GigabiEthernet0/0/0/0.34
47.0009 GigabiEthernet0/0/0/0.35
47.0009 GigabiEthernet0/0/0/0.37
R4 47.0009 Loopback0
47.0009 GigabiEthernet0/0/0/0.34
47.0009 GigabiEthernet0/0/0/0.47
47.0009 GigabiEthernet0/0/0/0.48
R5 47.0009 Loopback0
47.0009 Ethernet0/0
47.0009 Ethernet0/1
47.0009 Ethernet0/2
R7 47.0009 Loopback0
47.0009 Ethernet0/0
47.0009 Ethernet0/1
R8 47.0009 Loopback0
47.0009 Ethernet0/0
47.0009 Ethernet0/1
R2 and R5 are unable to formISIS adjacency, fix the problem so that devices in AS 9 can get each other routes via
ISIS.
R3 and R7 are unable to form ISIS adjacency, fix the problem so that all devices in AS9 can get each other routes
via ISIS.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 13
Pre Configurations :
R2
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 14
R3
RP/0/0/CPU0:CPS_R0_R3#
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 15
RP/0/0/CPU0:CPS_R0_R3#show running-config router isis abc
Sat Jun 7 18:11:55.840 UTC
router isis abc
net 47.0009.0000.0000.3333.00
address-family ipv4 unicast
metric-style wide
!
address-family ipv6 unicast
single-topology
!
interface Loopback0
passive
address-family ipv4 unicast
!
address-family ipv6 unicast
!
!
interface GigabitEthernet0/0/0/0.23
address-family ipv4 unicast
!
address-family ipv6 unicast
!
!
interface GigabitEthernet0/0/0/0.34
address-family ipv4 unicast
!
address-family ipv6 unicast
!
!
interface GigabitEthernet0/0/0/0.35
address-family ipv4 unicast
!
address-family ipv6 unicast
!
!
interface GigabitEthernet0/0/0/0.37
address-family ipv4 unicast
!
address-family ipv6 unicast
!
!
!
RP/0/0/CPU0:CPS_R0_R3#
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 16
R4
RP/0/0/CPU0:CPS_R0_R4#
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 17
interface GigabitEthernet0/0/0/0.34
address-family ipv4 unicast
!
address-family ipv6 unicast
!
!
interface GigabitEthernet0/0/0/0.45
address-family ipv4 unicast
!
address-family ipv6 unicast
!
!
interface GigabitEthernet0/0/0/0.48
address-family ipv4 unicast
!
address-family ipv6 unicast
!
!
!
RP/0/0/CPU0:CPS_R0_R4#
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 18
R5
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 19
CPS_R0_R5#show running-config interface ethernet 0/2
Building configuration...
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 20
R7
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 21
R8
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 22
Pre Configuration Verification:
G0/0/0/0.35 35.3
G0/4/0/0.25 25.2 VLAN 17
VLAN 11 G0/0/0/0.34 34.4
VLAN 14
E0/1 78.7
G0/0/0/0.34 34.3
E0/2 35.5
E0/1 25.5 VLAN 14
VLAN 17 E0/1 78.8
VLAN 11
There are many IOS and XR commands to verify ISIS, like sh ip protocol (sh protocols on XR), sh clns interface (sh
isis interface on XR), sh clns protocol (sh isis protocol on XR) for checking the ISIS adjacency and for routes sh ip
route isis (sh route isis on XR), sh isis database verbose (same for XR) etc.
Considering the limited time first step should be verifying the ISIS adjacencies, another approach could be verifying
ISIS routing table to find missing networks and then verify adjacencies related to those missing networks
originating device, but better is to verify all the adjacencies first because there are chances to over look when a
route is installed in table from single path which should be installed via multiple paths.
R2
R2 is showing only one neighbor, as per topology it should show two neighbors R3 and R5, let's check quickly for
other devices we'll relook in detailed to fix it.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 23
R3
It looks good, R3 should have 4 neighbors and it has them. R2, R4, R5 and R7 are the neighbors.
R4
It looks good too, R4 should have 3 neighbors and it has those neighbors R3, R5 and R8.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 24
R5
It's not good like we have found for R2. R5 should have 3 neighbors R2, R3 and R8 but R2 is missing.
R7
It looks good, R7 should have 2 neighbors and it has those neighbors R3 and R8.
R8
It looks good too, R8 should have 2 neighbors and it has those neighbors R4 and R7.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 25
All good from ISIS adjacency point of view except for R2 and R5, let's check it in detail:
Yes on R2.
Amazing, it was really an easy one to catch, if the CLNS processing is disabled nothing will happen from ISIS
prospectives.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 26
Troubleshooting Solutions:
Though R5 interface is configured for ISIS routing protocol ISIS protocol operation is in shut down state on the
interface Ethernet0/1, because of the ISIS Protocol operations shut down on interface, nothing is happening.
interface Ethernet0/1
no isis protocol shutdown
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 27
Though it's obvious, let's have look to R2 and R5 ISIS adjacency table:
Looks good.
For the second problem below, lets inject the trouble and check:
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 28
No R7 here too.
No DIS election is pointing something related to configuration mismatch, DIS is not elected in ISIS network type
point to point, the output is indicating R3 wants to elect a DIS over the link, it has its priority 64 but unable to
receive remote side priority or response.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 29
R7 has selected itself as DIS because Circuit Id is showing of its own. If you don't wanna checking configuration like
a beginner on interfaces manually, let's do a debug for adjacency packets and see if we can find something:
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 30
CPS_R0_R7(config)#logging console
CPS_R0_R7(config)#end
CPS_R0_R7#debug isis adj-packets
IS-IS Adjacency related packets debugging is on for router process null
CPS_R0_R7#
*Jun 7 23:57:12.911: ISIS-Adj: Rec L2 IIH from aabb.cc00.0810 (Ethernet0/1), cir type L1L2, cir id
0000.0000.8888.02, length 74
*Jun 7 23:57:13.625: ISIS-Adj: Rec L1 IIH from aabb.cc00.0810 (Ethernet0/1), cir type L1L2, cir id
0000.0000.8888.02, length 74
CPS_R0_R7#
*Jun 7 23:57:13.998: ISIS-Adj: Rec L2 IIH from 000c.2989.3e27 (Ethernet0/0), cir type L1L2, cir id
0000.0000.3333.01, length 68
*Jun 7 23:57:13.998: ISIS-Adj: Multi-point IIH received on point-to-point interface: ignored IIH
*Jun 7 23:57:14.218: ISIS-Adj: Rec L1 IIH from 000c.2989.3e27 (Ethernet0/0), cir type L1L2, cir id
0000.0000.3333.01, length 68
*Jun 7 23:57:14.218: ISIS-Adj: Multi-point IIH received on point-to-point interface: ignored IIH
CPS_R0_R7#un all
Read this quote from Cisco Press article "Integrated IS-IS Routing Protocol Concepts" By Abe Martey:
IS-IS adjacencies on point-to-point links are initialized by receipt of ISHs through the ES-IS protocol. This is
followed by the exchange of point-to-point IIHs. The type of adjacency formed will depend on the parameters
exchanged in the IIHs. The IIHs also are sent periodically over the link to every hello interval to maintain the
adjacency. On Cisco routers, the default hello interval for point-to-point links is 10 seconds.
The method specified in ISO 10589 for building adjacencies over broadcast media, such as LANs, differs slightly
from that used on point-to-point links. Some of the significant differences are as follows:
Depending on the configuration, nodes on the LAN broadcast their hellos to well-known Level 1 and Level 2
broadcast MAC addresses.
Two-way communication is confirmed between adjacent nodes by using a three-way handshake procedure made
possible by the presence of an IS Neighbors field in the LAN (Level 1 or Level 2) hello packets. The reliable point-
to-point adjacency formation introduced by TLV Type 240 is similar to this process."
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 31
CPS_R0_R7#show running-config interface ethernet 0/0
Building configuration...
Though R7 interface is configured for isis routing protocol, but ISISnetwork type is configured point to point on the
Ethernet0/0, default ISIS network type for Ethernet media (multi-access or broadcast) is network type broadcast.
If the network type is not matching at both ends, ISIS adjacency will not form due to Hello packet type mismatch,
at broadcast network type LAN IIH is sent while for P2P Point to Point IIH is sent.
To short out this problem we need to either change the network type at R3 or simply remove this command on R7.
interface Ethernet0/0
no isis network point-to-point
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 32
Looks good, it is showing now both the neighbors.
Web IOU and XRv: If ISIS neighbors are showing in init state or not coming up, add no hello padding at global
router ISIS level for IOS devices. For IOS XR add disable hello-padding at isis interface level.
If still not coming up on IOS device add clns mtu 512 at IOS device interface/sub interface.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 33
If two IOS neighbors are configured to form both IPv4 and IPv6 neighbor ship and one of them is missing ipv6
router isis interface level command IPv4 adjacency will also not form, check it between R7 and R8. Try it by
removing ip router isis for ipv6 adjacency and on IOS XR. {This is based on IOU}.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 34
All IPv4 ISIS adjacencies are looking established, lets verify the routing tables followed by a ping test its very
important to check the IGP properly, correct IGP propagation sets the lab:
R2
R3
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 35
R4
R5
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 36
R7
R8
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 37
CPS_R0_R5#tclsh
CPS_R0_R5(tcl)#foreach address {
+>9.9.0.2
+>9.9.0.3
+>9.9.0.4
+>9.9.0.5
+>9.9.0.7
+>9.9.0.8} { ping $address source lo0 repeat 10
+>}
Type escape sequence to abort.
Sending 10, 100-byte ICMP Echos to 9.9.0.2, timeout is 2 seconds:
Packet sent with a source address of 9.9.0.5
!!!!!!!!!!
Success rate is 100 percent (10/10), round-trip min/avg/max = 1/1/1 ms
Type escape sequence to abort.
Sending 10, 100-byte ICMP Echos to 9.9.0.3, timeout is 2 seconds:
Packet sent with a source address of 9.9.0.5
!!!!!!!!!!
Success rate is 100 percent (10/10), round-trip min/avg/max = 1/1/1 ms
Type escape sequence to abort.
Sending 10, 100-byte ICMP Echos to 9.9.0.4, timeout is 2 seconds:
Packet sent with a source address of 9.9.0.5
!!!!!!!!!!
Success rate is 100 percent (10/10), round-trip min/avg/max = 1/1/3 ms
Type escape sequence to abort.
Sending 10, 100-byte ICMP Echos to 9.9.0.5, timeout is 2 seconds:
Packet sent with a source address of 9.9.0.5
!!!!!!!!!!
Success rate is 100 percent (10/10), round-trip min/avg/max = 4/4/5 ms
Type escape sequence to abort.
Sending 10, 100-byte ICMP Echos to 9.9.0.7, timeout is 2 seconds:
Packet sent with a source address of 9.9.0.5
!!!!!!!!!!
Success rate is 100 percent (10/10), round-trip min/avg/max = 1/1/1 ms
Type escape sequence to abort.
Sending 10, 100-byte ICMP Echos to 9.9.0.8, timeout is 2 seconds:
Packet sent with a source address of 9.9.0.5
!!!!!!!!!!
Success rate is 100 percent (10/10), round-trip min/avg/max = 1/1/1 ms
CPS_R0_R5(tcl)#
CPS_R0_R5(tcl)#exit
CPS_R0_R5#
Its recommended to perform ping test from all the devices with correct source.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 38
1.2 I SIS for IPv6 Troubleshooting
R2 47.0009 Loopback0
47.0009 GigabiEthernet0/0/0/0.23
47.0009 GigabiEthernet0/0/0/0.23
R3 47.0009 Loopback0
47.0009 GigabiEthernet0/0/0/0.23
47.0009 GigabiEthernet0/0/0/0.34
47.0009 GigabiEthernet0/0/0/0.35
47.0009 GigabiEthernet0/0/0/0.37
R4 47.0009 Loopback0
47.0009 GigabiEthernet0/0/0/0.34
47.0009 GigabiEthernet0/0/0/0.47
47.0009 GigabiEthernet0/0/0/0.48
R5 47.0009 Loopback0
47.0009 Ethernet0/0
47.0009 Ethernet0/1
47.0009 Ethernet0/2
R7 47.0009 Loopback0
47.0009 Ethernet0/0
47.0009 Ethernet0/1
R8 47.0009 Loopback0
47.0009 Ethernet0/0
47.0009 Ethernet0/1
R5 should have two equal paths installed in ISIS IPv6 routing table for network 2002:9:9:78::/64, currently there is
only one path available, fix the problem to get the desired output.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 39
Pre Configuration:
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 40
R2 has IPv6 ISIS routes for all required interfaces in AS9.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 41
R3
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 42
R3 has IPv6 ISIS routes for all required interfaces in AS9:
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 43
R4
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 44
R5
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 45
R7
R7 is receiving IPv6 ISIS routes from its only one next-hop not both, its problem here:
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 46
R8
R8 is receiving IPv6 ISIS routes from its only one next-hop not both, its problem here:
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 47
Troubleshooting Solution:
R7 interface Ethernet 0/1 is not advertised in to IPv6 ISIS, we are not seeing ipv6 router isis command applied on
R7 interface connecting to R8, because of it there is no ISIS IPv6 adjacency between R7 and R8.
Note: In Section 1.1 and 1.2, this problem was not injected because removing ipv6 router isis does not allow to
make ISIS IPv4 adjacency between the devices.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 48
Here is what we have asked to achieve:
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 49
1.3 ISIS for IPv4 Troubleshooting
R1 47.0101 Loopback0
47.0101 GigabiEthernet0/0/0/0.16
47.0101 GigabiEthernet0/0/0/0.19
R6 47.0106 Loopback0
47.0106 Ethernet0/0
47.0106 Ethernet0/1
R9 47.0109 Loopback0
47.0109 Ethernet0/0
47.0109 Ethernet0/0
R10 and R9 should form CLNS level-2-only adjacency. Fix the problem in pre configuration to achieve it.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 50
Pre Configurations:
R1
RP/0/0/CPU0:CPS_R0_R1#
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 51
R6
CPS_R0_R6#
router isis
net 47.0106.0000.0000.6666.00
metric-style wide
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 52
R9
CPS_R0_R9#
router isis
net 47.0110.0000.0000.9999.00
metric-style wide
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 53
R10
CPS_R0_R10#
router isis
net 47.0110.0000.0000.1010.00
metric-style wide
no hello padding
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 54
Pre Configuration Verification:
R6
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 55
R9
R10
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 56
Troubleshooting Solution:
Notice configuration here, as per question R9 should us area Id 47.0109, while that configured with wrong NET ID,
once NET ID is corrected R9 and R10 will have single L2 adjacency.
router isis
no net 47.0110.0000.0000.9999.00
net 47.0106.0000.0000.9999.00
Problem is solved.
If it is asked to have R9 and R10 in same area, we need to apply is-type level 2 on both R9 and R10.
Apply on any one will result the same output, still its recommended to apply at both ends.
R9
interface Ethernet0/1
isis circuit-type level-2-only
R10
interface Ethernet0/1
isis circuit-type level-2-only
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 57
R1
R6
R9
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 58
R10
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 59
1.4 OSPF for IPv6 Troubleshooting
R1 0 Loopback0
0 GigabiEthernet0/0/0/0.16
1009 GigabiEthernet0/0/0/0.19
R6 0 Loopback0
1009 Ethernet0/0
0 Ethernet0/1
R9 1009 Loopback0
1009 Ethernet0/0
1009 Ethernet0/1
R10 and R9 are unable to establish OSPF IPv6 adjacency and exchange OSPFv3 updates.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 60
Pre Configuration:
R1
RP/0/0/CPU0:CPS_R0_R1#
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 61
R6
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 62
R9
CPS_R0_R9#
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 63
R10
CPS_R0_R10#
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 64
Pre Configuration Verification:
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 65
R6
R9
R10
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 66
Let's check why OSPFv3 adjacency is not up between R9 and R10.
CPS_R0_R10(config)#logging console
CPS_R0_R10(config)#end
CPS_R0_R10#debug ospfv3 adj detail
CPS_R0_R10#conf t
CPS_R0_R10(config)#interface ethernet 0/1
CPS_R0_R10(config-if)#shut
CPS_R0_R10(config-if)#
*Jun 8 06:52:34.672: OSPFv3-1009-IPv6 ADJ Et0/1: IPv6 gonedown
*Jun 8 06:52:34.672: OSPFv3-1009-IPv6 ADJ Et0/1: Interface Ethernet0/1 going Down
*Jun 8 06:52:34.672: OSPFv3-1009-IPv6 ADJ Et0/1: Neighbor change Event
*Jun 8 06:52:34.672: OSPFv3-1009-IPv6 ADJ Et0/1: DR/BDR election on
*Jun 8 06:52:34.672: OSPFv3-1009-IPv6 ADJ Et0/1: Elect BDR 0.0.0.0
*Jun 8 06:52:34.672: OSPFv3-1009-IPv6 ADJ Et0/1: Elect DR 0.0.0.0
*Jun 8 06:52:34.672: OSPFv3-1009-IPv6 ADJ Et0/1: Elect BDR 0.0.0.0
*Jun 8 06:52:34.672: OSPFv3-1009-IPv6 ADJ Et0/1: Elect DR 0.0.0.0
*Jun 8 06:52:34.672: OSPFv3-1009-IPv6 ADJ Et0/1: DR: none BDR: none
*Jun 8 06:52:34.672: OSPFv3-1009-IPv6 ADJ Et0/1: Flush network LSA immediately
*Jun 8 06:52:34.672: OSPFv3-1009-IPv6 ADJ Et0/1: Remember old DR 9.9.0.10
CPS_R0_R10(config-if)#
*Jun 8 06:52:34.683: %LDP-5-NBRCHG: LDP Neighbor 9.9.0.9:0 (3) is DOWN (Interface not operational)
CPS_R0_R10(config-if)#no sh
*Jun 8 06:52:36.678: %LINK-5-CHANGED: Interface Ethernet0/1, changed state to administratively down
*Jun 8 06:52:37.684: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0/1, changed state to down
CPS_R0_R10(config-if)#no sh
CPS_R0_R10(config-if)#
*Jun 8 06:52:38.854: %PIM-5-NBRCHG: neighbor 9.9.109.9 UP on interface Ethernet0/1
CPS_R0_R10(config-if)#
*Jun 8 06:52:40.633: %PIM-5-DRCHG: DR change from neighbor 0.0.0.0 to 9.9.109.10 on interface Ethernet0/1
CPS_R0_R10(config-if)#
*Jun 8 06:52:40.847: %LINK-3-UPDOWN: Interface Ethernet0/1, changed state to up
*Jun 8 06:52:41.850: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0/1, changed state to up
CPS_R0_R10(config-if)#
*Jun 8 06:52:42.856: OSPFv3-1009-IPv6 ADJ Et0/1: IPv6 cameup
*Jun 8 06:52:42.856: OSPFv3-1009-IPv6 ADJ Et0/1: OSPF interface Ethernet0/1 going Up
CPS_R0_R10(config-if)#
*Jun 8 06:52:44.087: %LDP-5-NBRCHG: LDP Neighbor 9.9.0.9:0 (2) is UP
CPS_R0_R10(config-if)#
*Jun 8 06:53:22.861: OSPFv3-1009-IPv6 ADJ Et0/1: end of Wait
*Jun 8 06:53:22.861: OSPFv3-1009-IPv6 ADJ Et0/1: DR/BDR election on
*Jun 8 06:53:22.861: OSPFv3-1009-IPv6 ADJ Et0/1: Elect BDR 9.9.0.10
*Jun 8 06:53:22.861: OSPFv3-1009-IPv6 ADJ Et0/1: Elect DR 9.9.0.10
*Jun 8 06:53:22.861: OSPFv3-1009-IPv6 ADJ Et0/1: Elect BDR 0.0.0.0
*Jun 8 06:53:22.861: OSPFv3-1009-IPv6 ADJ Et0/1: Elect DR 9.9.0.10
*Jun 8 06:53:22.861: OSPFv3-1009-IPv6 ADJ Et0/1: DR: 9.9.0.10 (Id) BDR: none
Not a clear clue, adjacency all time getting stuck after DR/BDR election, unable to perform SPF.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 67
Troubleshooting Solution:
Default OSPF network type over broadcast media Ethernet is Broadcast, In OSPF broadcast networks as well as in
non broadcast networks DR/BDR selection happens.
But broadcast and non broadcast network hello and dead timers are different, for OSPF if timers of both the peers
are not matching adjacency will never form, let's have a look on it:
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 68
Let's change the network type on R9 to make the default network type broadcast:
interface Ethernet0/1
no ipv6 ospf network non-broadcast
After the changes adjacency got stuck at Two Way state, after a wait of 2-3 minutes:
Note: R6 and R10 will not be able to make OSPF v3 peering if the OSPF router-id is same on both.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 69
R1
R6
R9
R9 has all intra area and inter area both type of OSPFv3 routes.
R9 has installed all required AS 1009 routes in routing table.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 70
R10
R10 has all intra area and inter area both type of OSPFv3 routes.
R10 has installed all required AS 1009 routes in routing table.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 71
1.5 ISIS IPv4/IPv6 Level
IPv4/IPv6 ISIS in AS 1009 and AS 9 is preconfigured, verify the configuration and make sure below requirements
are achieved:
All devices in AS 9 should be running only ISIS level-1 for both IPv4 and IPv6 interfaces.
Make sure all IPv4/IPv6 subnets are installed in ISIS IPv4/IPv6 routing table of all devices and those ip subnets
are reachable to each other in AS 9 ISIS domain.
All devices in AS1009 should be running only ISIS level-2 for both IPv4 and IPv6 interfaces.
Make sure all IPv4/IPv6 subnets are installed in ISIS IPv4/IPv6 routing table of all devices and those ip subnets are
reachable to each other in AS 1009 ISIS domain.
Solution:
R2
RP/0/0/CPU0:CPS_R0_R2#conf t
Sun Jun 8 08:41:32.429 UTC
RP/0/0/CPU0:CPS_R0_R2(config)#router isis abc
RP/0/0/CPU0:CPS_R0_R2(config-isis)#is-type level-1
RP/0/0/CPU0:CPS_R0_R2(config-isis)#commit
Sun Jun 8 08:41:38.978 UTC
RP/0/0/CPU0:CPS_R0_R2(config-isis)#do sh run | b router isis abc
Sun Jun 8 08:42:47.313 UTC
Building configuration...
router isis abc
is-type level-1
net 47.0009.0000.0000.2222.00
address-family ipv4 unicast
metric-style wide
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 72
R3
RP/0/0/CPU0:CPS_R0_R3#conf t
Sun Jun 8 08:43:41.200 UTC
RP/0/0/CPU0:CPS_R0_R3(config)#router isis abc
RP/0/0/CPU0:CPS_R0_R3(config-isis)#is-type level-1
RP/0/0/CPU0:CPS_R0_R3(config-isis)#commit
Sun Jun 8 08:43:48.529 UTC
RP/0/0/CPU0:CPS_R0_R3(config-isis)#
R4
RP/0/0/CPU0:CPS_R0_R4#conf t
Sun Jun 8 08:44:44.378 UTC
RP/0/0/CPU0:CPS_R0_R4(config)#router isis abc
RP/0/0/CPU0:CPS_R0_R4(config-isis)#is-type level-1
RP/0/0/CPU0:CPS_R0_R4(config-isis)#commit
Sun Jun 8 08:44:50.607 UTC
RP/0/0/CPU0:CPS_R0_R4(config-isis)#
R5
CPS_R0_R5(config)#router isis
CPS_R0_R5(config-router)#is-type level-1
CPS_R0_R5(config-router)#end
R7
CPS_R0_R7(config)#router isis
CPS_R0_R7(config-router)#is-type level-1
CPS_R0_R7(config-router)#end
R8
CPS_R0_R8(config)#router isis
CPS_R0_R8(config-router)#is-type level-1
CPS_R0_R8(config-router)#end
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 73
R2
Looks good.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 74
R3
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 75
R5
Good so far.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 76
R1
RP/0/0/CPU0:CPS_R0_R1#conf t
Sun Jun 8 09:11:03.056 UTC
RP/0/0/CPU0:CPS_R0_R1(config)#router isis abc
RP/0/0/CPU0:CPS_R0_R1(config-isis)#is-type level-2
RP/0/0/CPU0:CPS_R0_R1(config-isis)#commit
Sun Jun 8 09:11:08.855 UTC
RP/0/0/CPU0:CPS_R0_R1(config-isis)#
R6
CPS_R0_R6#conf t
Enter configuration commands, one per line. End with CNTL/Z.
CPS_R0_R6(config)#router isis
CPS_R0_R6(config-router)#is-type level-2
CPS_R0_R6(config-router)#end
R9
CPS_R0_R9#conf t
Enter configuration commands, one per line. End with CNTL/Z.
CPS_R0_R9(config)#router isis
CPS_R0_R9(config-router)#is-type level-2
CPS_R0_R9(config-router)#end
R10
CPS_R0_R10#conf t
Enter configuration commands, one per line. End with CNTL/Z.
CPS_R0_R10(config)#router isis
CPS_R0_R10(config-router)#is-type level-2
CPS_R0_R10(config-router)#end
Let's keep final comprehensive verification for IGP part due for completing the last question related to Core IGP.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 77
3.1
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 318
Table 1 : Loopback Interface Addresses
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 319
R18 Loopback0 172.9.0.18/32 2002:172:9::18/128
Loopback1 192.9.0.18/32
R19 Loopback0 192.9.0.19/32
R20 Loopback0 172.9.0.20/32
R21 Loopback0 172.9.0.21/32
R22 Loopback0 172.9.0.22/32
R23 Loopback0 172.9.0.23/32
R24 Loopback0 172.9.0.24/32
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 320
Section 1
Implement, Optimize and Troubleshooting of Core IP Technologies
Check AS 9 devices to make sure their routing tables are in sync as per above table.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 321
Pre Configuration:
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 322
R4
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 323
R5
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 324
R6
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 325
R7
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 326
CPS_R0_R7#show running-config interface ethernet 0/2
interface Ethernet0/2
bandwidth 100000
ip address 9.9.37.7 255.255.255.0
ip pim sparse-mode
ipv6 address 2002:9:9:37::7/64
mpls ip
ipv6 ospf 9 area 0
end
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 327
Pre Configuration Verification
R2
RP/0/0/CPU0:CPS_R0_R2#sh protocols
R2 needs to have three interfaces advertised in to OSPF Area 0 - Loopback 0, Gi0/0/0/0.23 and Gi0/0/0/0.27.
As per show protocols output these three interfaces are advertised in to OSPF .
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 328
Lets check for OSPF adjacencies:
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 329
R3
RP/0/0/CPU0:CPS_R0_R3#show protocols
Wed Jun 11 16:37:51.857 UTC
R3 needs to have five interfaces advertised in OSPF Area 0 - Loopback 0, Gi0/0/0/0.23 and Gi0/0/0/0.34,
Gi0/0/0/0.35, Gi0/0/0/0.37.
As per show protocols output these four interfaces Loopback 0, Gi0/0/0/0.23 and Gi0/0/0/0.34, Gi0/0/0/0.35
are advertised in to OSPF .
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 330
Lets check for OSPF adjacencies:
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 331
R4
RP/0/0/CPU0:CPS_R0_R4#show protocols
Wed Jun 11 16:51:39.350 UTC
R4 needs to have four interfaces advertised in to OSPF Area 0 - Loopback 0, Gi0/0/0/0.34 and Gi0/0/0/0.46,
Gi0/0/0/0.47.
As per show protocols output these three Loopback 0, Gi0/0/0/0.34 and Gi0/0/0/0.47 interfaces are advertised in
to OSPF Area 0 .
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 332
Lets check for OSPF adjacencies:
RP/0/0/CPU0:CPS_R0_R4#
R5
R5 needs to have three interfaces advertised in OSPF Area 0 - Loopback 0, Ethernet 0/0 and Ethernet 0/1.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 333
Lets check for OSPF adjacencies:
CPS_R0_R5#
R6
R6 needs to have three interfaces advertised in OSPF Area 0 - Loopback 0, Ethernet 0/0 and Ethernet 0/1.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 334
Lets check for OSPF adjacencies:
CPS_R0_R6#
R7
R7 needs to have three interfaces advertised in OSPF Area 0 - Loopback 0, Ethernet 0/0 and Ethernet 0/1.
Interface Ethernet 0/0, Ethernet 0/1 are not advertised in to OSPF Area 0.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 335
CPS_R0_R7#show ip ospf neighbor
CPS_R0_R7#
CPS_R0_R7#
Troubleshooting Solutions :
G0/0/0/0.37 37.3
VLAN 17 E0/1 56.5
G0/0/0/0.27 27.2 G0/0/0/0.34 34.4
VLAN 11 VLAN 14
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 336
Lets start from R2:
Neighborship with R7 is down on R2, do you know why? Look at output R2 interface connecting to R7 is configured
with wrong IP address, IP between should be 27 in third octect as per rule of 9.9.XX.X. lets correct it:
RP/0/0/CPU0:CPS_R0_R2#conf t
Wed Jun 11 17:39:01.946 UTC
RP/0/0/CPU0:CPS_R0_R2(config)#interface GigabitEthernet0/0/0/0.27
RP/0/0/CPU0:CPS_R0_R2(config-subif)# ipv4 address 9.9.27.2 255.255.255.0
RP/0/0/CPU0:CPS_R0_R2(config-subif)#commit
Wed Jun 11 17:39:09.405 UTC
RP/0/0/CPU0:CPS_R0_R2(config-subif)#end
RP/0/0/CPU0:CPS_R0_R2#ping 9.9.27.7
Wed Jun 11 17:39:59.972 UTC
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 9.9.27.7, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
RP/0/0/CPU0:CPS_R0_R2#
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 337
Still adjacency did not come up:
Before checking at debugging level, lets check weather interface is advertised in to OSPF at R7 correctly:
CPS_R0_R7#conf t
Enter configuration commands, one per line. End with CNTL/Z.
CPS_R0_R7(config)#router ospf 9
CPS_R0_R7(config-router)#network 9.9.27.0 0.0.0.255 area 0
CPS_R0_R7(config-router)#end
CPS_R0_R7#
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 338
RP/0/0/CPU0:CPS_R0_R2#show ospf neighbor
Wed Jun 11 18:10:42.195 UTC
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 339
CPS_R0_R7#sh ip ospf interface ethernet 0/1
Ethernet0/1 is up, line protocol is up
Internet Address 9.9.27.7/24, Area 0, Attached via Network Statement
Process ID 9, Router ID 9.9.0.7, Network Type POINT_TO_POINT, Cost: 1
Topology-MTID Cost Disabled Shutdown Topology Name
0 1 no no Base
Transmit Delay is 1 sec, State POINT_TO_POINT
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
oob-resync timeout 40
Hello due in 00:00:05
Supports Link-local Signaling (LLS)
Cisco NSF helper support enabled
IETF NSF helper support enabled
Index 2/3, flood queue length 0
Next 0x0(0)/0x0(0)
Last flood scan length is 1, maximum is 1
Last flood scan time is 0 msec, maximum is 0 msec
Neighbor Count is 1, Adjacent neighbor count is 1
Adjacent with neighbor 9.9.0.2
Suppress hello for 0 neighbor(s)
CPS_R0_R7#
Its OSPF network type mismatch issue, R2 is using OSPF default network type broadcast for shared media while
R7 is using manually configured OSPF network type point-to-point on a shared media which is default on point to
point WAN links, lets correct network type on R7.
CPS_R0_R7#conf t
Enter configuration commands, one per line. End with CNTL/Z.
CPS_R0_R7(config)#interface Ethernet0/1
CPS_R0_R7(config-if)#no ip ospf network point-to-point
CPS_R0_R7(config-if)#end
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 340
RP/0/0/CPU0:CPS_R0_R2#sh route ospf
Wed Jun 11 18:20:33.075 UTC
R3 needs to have 4 neighbors, R2, R4, R5, R7, here its showing only one.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 341
RP/0/0/CPU0:CPS_R0_R3(config)#logging console debugging
RP/0/0/CPU0:CPS_R0_R3(config)#commit
RP/0/0/CPU0:CPS_R0_R3(config)#end
RP/0/0/CPU0:CPS_R0_R3#debug ospf 9 events gigabitEthernet 0/0/0/0.34
Wed Jun 11 18:53:22.810 UTC
RP/0/0/CPU0:CPS_R0_R3#
RP/0/0/CPU0:CPS_R0_R3#RP/0/0/CPU0:Jun 11 18:53:32.189 : ospf[1014]: Send hello to 224.0.0.5 area 0 on
GigabitEthernet0/0/0/0.34 from 9.9.34.3 (nbr/if state 3/5)
RP/0/0/CPU0:Jun 11 18:53:32.189 : ospf[1014]: Send hello pkt pri 1 options 0x12 DR 9.9.34.3 BDR 0.0.0.0 hello 20
dead 80 netmask 255.255.255.0, vrf default vrfid 0x60000000
RP/0/0/CPU0:Jun 11 18:53:42.109 : ospf[1014]: Rcv hello from 9.9.0.4 area 0 from GigabitEthernet0/0/0/0.34
9.9.34.4 (nbr/if state 3/5) vrf default vrfid 0x60000000
RP/0/0/CPU0:Jun 11 18:53:42.109 : ospf[1014]: Mismatched hello parameters from 9.9.34.4
RP/0/0/CPU0:Jun 11 18:53:42.109 : ospf[1014]: Trap of type 4 is not enabled
RP/0/0/CPU0:Jun 11 18:53:42.109 : ospf[1014]: Dead R 40 C 80, Hello R 10 C 20 Mask R 255.255.255.0 C
255.255.255.0
RP/0/0/CPU0:Jun 11 18:53:42.109 : ospf[1014]: hello from 9.9.0.4 area 0 failed validation
Default hello timer is 10 sec with multiplier 4 on broadcast media for OSPF but R4 is sending hello interval 20 sec
with dead 80 sec (20x4). To form OSPF adjacency hello and dead timers should match.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 342
Here is the issue, lets correct it:
RP/0/0/CPU0:CPS_R0_R3#conf t
Wed Jun 11 19:03:58.626 UTC
RP/0/0/CPU0:CPS_R0_R3(config)#router ospf 9
RP/0/0/CPU0:CPS_R0_R3(config-ospf)# router-id 9.9.0.3
RP/0/0/CPU0:CPS_R0_R3(config-ospf)# area 0
RP/0/0/CPU0:CPS_R0_R3(config-ospf-ar-if)# interface GigabitEthernet0/0/0/0.34
RP/0/0/CPU0:CPS_R0_R3(config-ospf-ar-if)# no hello-interval 20
RP/0/0/CPU0:CPS_R0_R3(config-ospf-ar-if)#commit
Wed Jun 11 19:04:18.515 UTC
RP/0/0/CPU0:CPS_R0_R3(config-ospf-ar-if)#end
We can see R5 interface E0/0 which is connecting to R3 is advertised in wrong area 1, yo form OSPF adjacency
apart from timers area id should also match, lets see in debug what does it show on R3:
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 343
Lets fix it on R5:
CPS_R0_R5#conf t
Enter configuration commands, one per line. End with CNTL/Z.
CPS_R0_R5(config)#router ospf 9
CPS_R0_R5(config-router)#network 9.9.35.0 0.0.0.255 area 0
CPS_R0_R5(config-router)#end
R3 has not enabled interface connecting to R7 (Gi0/0/0/0.37) for OSPF routing protocol, lets do it:
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 344
RP/0/0/CPU0:CPS_R0_R3#show running-config router ospf
Wed Jun 11 20:27:53.341 UTC
router ospf 9
router-id 9.9.0.3
area 0
interface Loopback0
!
interface GigabitEthernet0/0/0/0.23
!
interface GigabitEthernet0/0/0/0.34
!
interface GigabitEthernet0/0/0/0.35
!
!
!
RP/0/0/CPU0:CPS_R0_R3#conf t
Wed Jun 11 20:28:20.700 UTC
RP/0/0/CPU0:CPS_R0_R3(config)#router ospf 9
RP/0/0/CPU0:CPS_R0_R3(config-ospf)#area 0
RP/0/0/CPU0:CPS_R0_R3(config-ospf-ar)#interface GigabitEthernet0/0/0/0.37
RP/0/0/CPU0:CPS_R0_R3(config-ospf-ar-if)#commit
Wed Jun 11 20:28:43.288 UTC
RP/0/0/CPU0:CPS_R0_R3(config-ospf-ar-if)#end
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 345
Lets correct area on the R7 interface Eth0/2 which is connecting to R3:
CPS_R0_R7#conf t
Enter configuration commands, one per line. End with CNTL/Z.
CPS_R0_R7(config)#router ospf 9
CPS_R0_R7(config-router)#
CPS_R0_R7(config-router)#network 9.9.37.0 0.0.0.255 area 0
CPS_R0_R7(config-router)#
*Jun 11 20:34:37.674: %OSPF-6-AREACHG: 9.9.37.0/24 changed from area 1 to area 0
*Jun 11 20:34:47.177: %OSPF-5-ADJCHG: Process 9, Nbr 9.9.0.3 on Ethernet0/2 from LOADING to FULL, Loading
Done
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 346
Lets move to R4:
R4 has only one neighbor up, it needs to have 3 neighbors, lets check first for R4 and R6.
we can see both side interfaces are enabled for OSPF routing protocol with wrong area id on R4, it has configured
area id 10 for interface connecting to R6, lets correct it:
RP/0/0/CPU0:CPS_R0_R4#conf t
Wed Jun 11 20:49:55.541 UTC
RP/0/0/CPU0:CPS_R0_R4(config)#router ospf 9
RP/0/0/CPU0:CPS_R0_R4(config-ospf)#no area 10
RP/0/0/CPU0:CPS_R0_R4(config-ospf)#area 0
RP/0/0/CPU0:CPS_R0_R4(config-ospf-ar)#interface GigabitEthernet0/0/0/0.46
RP/0/0/CPU0:CPS_R0_R4(config-ospf-ar-if)#commit
Wed Jun 11 20:50:28.079 UTC
RP/0/0/CPU0:CPS_R0_R4(config-ospf-ar-if)#end
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 347
RP/0/0/CPU0:CPS_R0_R4#show ospf neighbor
Wed Jun 11 20:51:52.263 UTC
"OSPF neighbors that are in exstart or exchange state are trying to exchange DBD packets. The router and its
neighbor form a master and slave relationship. The adjacency should continue past this state. If it does not, there is
a problem with the DBD exchange, such as a maximum transmission unit (MTU) mismatch or the receipt of an
unexpected DBD sequence number." Cisco Documentation
RP/0/0/CPU0:CPS_R0_R4#conf t
Wed Jun 11 20:56:24.484 UTC
RP/0/0/CPU0:CPS_R0_R4(config)#logging console debugging
RP/0/0/CPU0:CPS_R0_R4(config)#commit
Wed Jun 11 20:56:33.924 UTC
RP/0/0/CPU0:CPS_R0_R4(config)#end
RP/0/0/CPU0:CPS_R0_R4#debug ospf 9 adj GigabitEthernet0/0/0/0.46
RP/0/0/CPU0:Jun 11 20:57:00.292 : ospf[1014]: 2 Way Communication to 9.9.0.6 on GigabitEthernet0/0/0/0.46,
state 2WAY
RP/0/0/CPU0:Jun 11 20:57:00.292 : ospf[1014]: Neighbor change Event on intf GigabitEthernet0/0/0/0.46
RP/0/0/CPU0:Jun 11 20:57:00.292 : ospf[1014]: DR/BDR election on GigabitEthernet0/0/0/0.46
RP/0/0/CPU0:Jun 11 20:57:00.292 : ospf[1014]: Elect BDR Router ID 0.0.0.0(IP Addr 0.0.0.0)
RP/0/0/CPU0:Jun 11 20:57:00.292 : ospf[1014]: Elect DR Router ID 9.9.0.6(IP Addr 9.9.46.6)
RP/0/0/CPU0:Jun 11 20:57:00.292 : ospf[1014]: Elect BDR Router ID 9.9.0.4(IP Addr 9.9.46.4)
RP/0/0/CPU0:Jun 11 20:57:00.292 : ospf[1014]: Elect DR Router ID 9.9.0.6(IP Addr 9.9.46.6)
RP/0/0/CPU0:Jun 11 20:57:00.292 : ospf[1014]: DR: 9.9.0.6(Id) 9.9.46.6(IP Addr)
RP/0/0/CPU0:Jun 11 20:57:00.292 : ospf[1014]: BDR: 9.9.0.4(Id) 9.9.46.4(IP Addr)
RP/0/0/CPU0:Jun 11 20:57:00.292 : ospf[1014]: Send DBD to 9.9.0.6(9.9.46.6) on GigabitEthernet0/0/0/0.46 seq
0x40dd opt 0x52 flag 0x7 len 32, vrf default vrfid 0x60000000
RP/0/0/CPU0:Jun 11 20:57:00.292 : ospf[1014]: Flush network LSA immediately
RP/0/0/CPU0:Jun 11 20:57:00.292 : ospf[1014]: NBR Negotiation Done. We are the SLAVE for nbr 9.9.0.6 on
GigabitEthernet0/0/0/0.46, area 0
RP/0/0/CPU0:Jun 11 20:57:00.292 : ospf[1014]: build dbd: took 0 ms for nbr 9.9.0.6, count=11, vrf default vrfid
0x60000000
RP/0/0/CPU0:Jun 11 20:57:00.292 : ospf[1014]: Send DBD to 9.9.0.6(9.9.46.6) on GigabitEthernet0/0/0/0.46 seq
0x3ad opt 0x52 flag 0x2 len 252, vrf default vrfid 0x60000000
RP/0/0/CPU0:Jun 11 20:57:04.961 : ospf[1014]: Rcv DBD from 9.9.0.6(9.9.46.6) on GigabitEthernet0/0/0/0.46
seq 0x3ad opt 0x52 flag 0x7 len 32 mtu 1400 state EXCHANGE vrf default vrfid 0x60000000
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 348
CPS_R0_R6#show running-config interface Ethernet0/0
Building configuration...
CPS_R0_R6#conf t
Enter configuration commands, one per line. End with CNTL/Z.
CPS_R0_R6(config)#interface ethernet 0/0
CPS_R0_R6(config-if)#no ip mtu 1400
CPS_R0_R6(config-if)#end
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 349
Lets now check for the R4 last OSPF neighbor, R7:
Interface Eth0/0 which connects to R4 is not enabled for OSPF routing, lets do it:
CPS_R0_R7#conf t
Enter configuration commands, one per line. End with CNTL/Z.
CPS_R0_R7(config)#router ospf 9
CPS_R0_R7(config-router)#network 9.9.47.0 0.0.0.255 area 0
CPS_R0_R7(config-router)#end
CPS_R0_R7#
CPS_R0_R7#ping 9.9.47.4
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 9.9.47.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 2/4/5 ms
CPS_R0_R7#
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 350
RP/0/0/CPU0:CPS_R0_R4#debug ospf 9 adj GigabitEthernet0/0/0/0.47
Wed Jun 11 21:15:32.016 UTC
RP/0/0/CPU0:CPS_R0_R4#
RP/0/0/CPU0:CPS_R0_R4#RP/0/0/CPU0:Jun 11 21:15:36.655 : ospf[1014]: Rcv DBD from 9.9.0.7(9.9.47.7) on
GigabitEthernet0/0/0/0.47 seq 0x1b45 opt 0x52 flag 0x7 len 32 mtu 1500 state EXSTART vrf default vrfid
0x60000000
RP/0/0/CPU0:Jun 11 21:15:36.655 : ospf[1014]: Nbr 9.9.0.7 has larger interface MTU
It says neighbor has larger MTU size, lets check and fix it:
R7 has MTU 1500 which is by default for ethernet media, R4 is showing MTU size 1300, lets check and correct it:
RP/0/0/CPU0:CPS_R0_R4#conf t
Wed Jun 11 21:21:48.820 UTC
RP/0/0/CPU0:CPS_R0_R4(config)#interface gigabitEthernet 0/0/0/0.47
RP/0/0/CPU0:CPS_R0_R4(config-subif)#no mtu 1300
RP/0/0/CPU0:CPS_R0_R4(config-subif)#commit
Wed Jun 11 21:22:04.239 UTC
RP/0/0/CPU0:CPS_R0_R4(config-subif)#end
Looks good.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 351
Lets move to R5:
R5 neighbors R3 showing up, lets check for its second neighbor R6:
CPS_R0_R6#ping 9.9.56.5
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 9.9.56.5, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/5 ms
CPS_R0_R6#
Connectivity and OSPF routing enablement look right. Lets do a debug and check on R5:
Wrong area ids are configured at both ends, lets correct them and check:
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 352
CPS_R0_R5#conf t
Enter configuration commands, one per line. End with CNTL/Z.
CPS_R0_R5(config)#router ospf 9
CPS_R0_R5(config-router)# network 9.9.56.0 0.0.0.255 area 0
CPS_R0_R5(config-router)#end
*Jun 11 21:36:36.479: %OSPF-6-AREACHG: 9.9.56.0/24 changed from area 10 to area 0
CPS_R0_R6#conf t
Enter configuration commands, one per line. End with CNTL/Z.
CPS_R0_R6(config)#router ospf 9
CPS_R0_R6(config-router)#network 9.9.56.0 0.0.0.255 area 0
CPS_R0_R6(config-router)#end
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 353
CPS_R0_R5#show ip ospf interface ethernet 0/1
Ethernet0/1 is up, line protocol is up
Internet Address 9.9.56.5/24, Area 0, Attached via Network Statement
Process ID 9, Router ID 9.9.0.5, Network Type BROADCAST, Cost: 1
Topology-MTID Cost Disabled Shutdown Topology Name
0 1 no no Base
Transmit Delay is 1 sec, State DR, Priority 1
Designated Router (ID) 9.9.0.5, Interface address 9.9.56.5
Backup Designated router (ID) 9.9.0.6, Interface address 9.9.56.6
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
oob-resync timeout 40
Hello due in 00:00:05
Supports Link-local Signaling (LLS)
Cisco NSF helper support enabled
IETF NSF helper support enabled
Index 3/3, flood queue length 0
Next 0x0(0)/0x0(0)
Last flood scan length is 1, maximum is 1
Last flood scan time is 0 msec, maximum is 1 msec
Neighbor Count is 1, Adjacent neighbor count is 1
Adjacent with neighbor 9.9.0.6 (Backup Designated Router)
Suppress hello for 0 neighbor(s)
CPS_R0_R5#
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 354
Its network type mismatch, lets correct it at R6:
CPS_R0_R6#conf t
Enter configuration commands, one per line. End with CNTL/Z.
CPS_R0_R6(config)#interface Ethernet0/1
CPS_R0_R6(config-if)#no ip ospf network point-to-point
CPS_R0_R6(config-if)#end
Perfect.
Now the last one R7, there should not be any problem with that at this stage we have already fixed problems on his
neighbors, lets check on that:
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 355
O 9.9.0.2/32 [110/2] via 9.9.27.2, 01:19:05, Ethernet0/1
O 9.9.0.3/32 [110/2] via 9.9.37.3, 01:18:50, Ethernet0/2
O 9.9.0.4/32 [110/2] via 9.9.47.4, 00:31:31, Ethernet0/0
O 9.9.0.5/32 [110/3] via 9.9.37.3, 01:18:50, Ethernet0/2
O 9.9.0.6/32 [110/3] via 9.9.47.4, 00:31:31, Ethernet0/0
O 9.9.23.0/24 [110/2] via 9.9.37.3, 01:18:50, Ethernet0/2
[110/2] via 9.9.27.2, 01:19:05, Ethernet0/1
O 9.9.34.0/24 [110/2] via 9.9.47.4, 00:31:31, Ethernet0/0
[110/2] via 9.9.37.3, 01:18:50, Ethernet0/2
O 9.9.35.0/24 [110/2] via 9.9.37.3, 01:18:50, Ethernet0/2
O 9.9.46.0/24 [110/2] via 9.9.47.4, 00:31:31, Ethernet0/0
O 9.9.56.0/24 [110/3] via 9.9.47.4, 00:04:10, Ethernet0/0
[110/3] via 9.9.37.3, 00:17:00, Ethernet0/2
CPS_R0_R7#
All set for OSPF IPv4, lets have a final check on all devices:
R2
R2 supposed to have 2 neighbors, all interlink and loopbacks routes in AS 9, which it has.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 356
R3
R3 supposed to have 4 neighbors, all interlink and loopbacks routes in AS 9, which it has.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 357
R4
R4 supposed to have 3 neighbors, all interlink and loopbacks routes in AS 9, which it has.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 358
R5
R5 supposed to have 2 neighbors, all interlink and loopbacks routes in AS 9, which it has.
R6
R6 supposed to have 2 neighbors, all interlink and loopbacks routes in AS 9, which it has.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 359
CPS_R0_R7#show ip ospf neighbor
R7 supposed to have 2 neighbors, all interlink and loopbacks routes in AS 9, which it has.
We have covered complete pool of the questions till date for this question, in brief those all are here:
Practice Labs are provided for Troubleshooting OSPF Adjacency Issues cover its in detail.
http://www.cisco.com/c/en/us/support/docs/ip/open-shortest-path-first-ospf/13699-29.html
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 360
Single Topic Learning Labs Kit
3.1
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 646
GNS3 Simulation Setup for Single Labs
To run GNS net files provided with Single Labs require additional software installation and configuration:
Download below items and keep handy before heading to next step:
GNS3 Installation
Run the setup and click on next next
Complete install with default options
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 647
Open Virtual box
Click at File Menu and select Import Appliance:
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 648
Click on folder icon and bourse to select the file iosxrv-demo-5.1.2.ova:
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 649
Click on Next:
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 650
Select the Name
Tick the MAC Address Option
Click on import:
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 651
It will take a minute or two, if you have downloaded the correct file:
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 652
New Machine is imported:
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 653
Select machine name
Click on settings:
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 654
Click on System
Reduce RAM to 3072 MB (Later you can play for actual size, recommended RAM capacity is 3 GB)
Uncheck Floppy
Uncheck CD/DVD:
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 655
Click on Network
Enable Adapter one
Follow settings in screenshot below:
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 656
Repeat it for all 4 Adapters one by one.
Click on OK:
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 657
Open GNS3
Click on Edit menu
Select and click on IOS Images and hypervisors:
Click on Image file icon
Browse the 7200 image file
Click on save
Browse the 3600 image file
Click on save
Click on close:
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 658
Click on Edit menu
Select and click on Preferences
Select Dynamips
Click on Test Settings
Wait for a minute for the message:
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 659
Click on VirtualBox
Click on Test Settings
Wait for a minute for the message:
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 660
Click on VirtualBox Guest tab
Type an Identifier name
Click on VM List and select com.cisco.ios.xrv
Increase the number of NICs to 4
Uncheck NAT to Host
Tick the Enable Console
Tick the Headless Mode
Click on save:
If you have created multiple hosts in virtual box, all of them will show here in VM list, you can select and configure
one by one to run multiple XRv routers.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 661
Click on Apply:
If you are familiar with GNS 3,create a topology, drag a virtual host and connect with devices.
Do not use interface e0 to connect any device, thatinterface is reserved for management purpose.
Make sure to select NIC Type as per below screenshots:
If you are not familiar with GNS 3, click on file menu, select open a project import provided net file and check the
NIC type as below:
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 662
Double click on Virtual Host Icon to open the Settings to set or check NIC Types:
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 663
Click on Virtual host name
Set NIC numbers to 4 if not already
Select the NIC Model to e1000:
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 664
Start all devices by a click on Green Indicator; you can start one by one by left click on device icon
Wait for a minute or two, until color gets change to green:
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 665
Wait for 1-3 minutes, XR willinitialize and load the factory configurations
Login with cisco/cisco:
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 666
Due to bug in GNS3 3.8 to make L2/L3 connectivity through,once all devices in topology up and running delete/add
XR connections one by one, delete it witha device wait for few seconds, connect that back to same interface where
it was connectedbefore deleting, do this for all the XR connections one by one, delete/add only connections from
XR, do not delete/add other connections:
Thank You
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 667
1.1.0 ISIS Basics
Content Removed
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 668
1.1.1 Implement ISIS
Configure ISIS to make all the hosts reachable to each other.
R1 and R2 should be configured in ISIS Area 49.0012 and R3 and R4 should be in Area 49.0034.
Physical Topology
Logical Topology
Host-2 192.168.2.2
G0/0//0.23 23.3
VLAN 23
F0/0.23 23.1
VLAN 23
F0/0.12 12.2
VLAN 12 SRE-R2
Host-3 192.168.3.3
G0/0//1 13.3
XRV-R3
G0/0//0.34 34.3
VLAN 34
F0/1 13.1
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 669
Basic Configuration:
SW
Vlan database
!
vlan 12
!
vlan 13
!
vlan 14
!
vlan 23
!
vlan 34
!
apply
!
exit
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 670
R1
interface FastEthernet0/0
no shut
!
interface FastEthernet0/0.12
encapsulation dot1q 12
ip add 192.168.12.1 255.255.255.252
!
interface FastEthernet0/0.14
encapsulation dot1q 14
ip add 192.168.14.1 255.255.255.252
!
interface FastEthernet0/1
ip add 192.168.13.1 255.255.255.252
!
interface loopback0
ip add 192.168.1.1 255.255.255.255
R2
interface FastEthernet0/0
no shut
!
interface FastEthernet0/0.12
encapsulation dot1q 12
ip add 192.168.12.2 255.255.255.252
!
interface FastEthernet0/0.23
encapsulation dot1q 23
ip add 192.168.23.1 255.255.255.252
!
interface loopback0
ip add 192.168.2.2 255.255.255.255
R3
interface GigabitEthernet0/0/0/0
no shut
!
interface GigabitEthernet0/0/0/0.23
encapsulation dot1q 23
ip add 192.168.23.2/24
!
interface GigabitEthernet0/0/0/0.34
encapsulation dot1q 34
ip add 192.168.34.1/24
interface GigabitEthernet0/0/0/1
ip add 192.168.13.2/24
no shut
!
interface loopback0
ip add 192.168.3.3/32
!
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 671
R4
interface FastEthernet0/0
no shut
!
interface FastEthernet0/0.14
encapsulation dot1q 14
ip add 192.168.14.2 255.255.255.252
!
interface FastEthernet0/0.34
encapsulation dot1q 34
ip add 192.168.34.2 255.255.255.252
!
interface loopback0
ip add 192.168.4.4 255.255.255.255
Verify basic ip connectivity, check all the interfaces are configured correct IP addresses according to the drawing,
vlans are created and correct interfaces assigned to them.
router isis
net 49.0012.0000.0000.0001.00
!
interface FastEthernet0/0.12
ip router isis
!
interface FastEthernet0/0.14
ip router isis
!
interface FastEthernet0/1
ip router isis
!
interface loopback0
ip router isis
router isis
net 49.0001.0000.0000.0001.00
interface FastEthernet0/0.12
ip router isis
We can specify ISIS instance identity, its optional on Cisco IOS but mandatory for Cisco IOS XR.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 672
Lets verify it:
R1 is showing routing protocol ISIS enabled for 4 interfaces, maximum paths to reach a destination can be 4, route
summarization is not configured and default administrative distance for ISIS is 115.
Once we enable ISIS on an interface, by default it tries to establish adjacencies for both IS Types.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 673
Lets complete ISIS configuration on other routers:
R2
router isis
net
!
interface FastEthernet0/0.12
ip router isis
!
interface FastEthernet0/0.23
ip router isis
!
interface loopback0
ip router isis
XRv-R3
router isis 3
net 49.0034.0000.0000.0003.00
address-family ipv4 unicast
!
interface GigabitEthernet0/0/0/0.23
address-family ipv4 unicast
!
interface GigabitEthernet0/0/0/0.34
address-family ipv4 unicast
!
interface GigabitEthernet0/0/0/1
address-family ipv4 unicast
!
interface loopback0
address-family ipv4 unicast
!
commit
R4
router isis
net 49.0034.0000.0000.0004.00
!
interface FastEthernet0/0.14
ip router isis
!
interface FastEthernet0/0.34
ip router isis
!
interface loopback0
ip router isis
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 674
Routers in same area form both Level 1 and Level 2 adjacencies if IS Type is not manually configured.
To conclude both outputs, R1 is showing two neighbors R3 - R4 and receiving routes of their connected hosts but
where is R2? If we look at drawing, R1 is connected to R2 why that is not showing up in neighbors list of R1? Host
connected to R2 is also missing from R1 Routing Table.
Output of showip protocols looks good, desired interfaces are enabled for ISIS routing.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 675
ISIS is enabled on interface but no Circuit ID assigned to it; Circuit ID cannot be assigned unless we have configured
ISIS correctly, its the Id of DIS (DR in OSPF) in ISIS.
Here problem is more obvious; its not showing Area Id something certainly not good with ISIS NET Entity.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 676
Lets reapply ISIS NET ID on R2:
router isis
net 49.0012.0000.0000.0002.00
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 677
R1 is showing both Level 1 and Level 2 neighbor ship with R2 while only Level 2 with R3 and R4. By default ISIS
routers in same area establish both Level 1 and Level 2 adjacencies.
Important thing here is the route for network 192.168.23.0/30 its between R2 R3, R1 is installing it from R2.
In case of 2 or more routes with unequal metric and same Level Type, the one with lower metric gets installed in
routing table.
If metric is equal along with Level Type from multiple neighbors, up to 4 routes get installed in the routing table.
Network 192.168.34.0/30 between R3 R4 is being installed from both R3 and R4, not from R2. By default a L1 -
L2 ISIS router does not advertise routes received from Level 2 neighbor to a Level 1 neighbor.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 678
Lets try to understand whats going on:
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 679
CPS-R01-R4.02-00 0x00000003 0x7FCA 499 0/0/0
Metric: 0 IS CPS-R01-R4.00
Metric: 0 IS CPS-R01-R1.00
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 680
CPS-R01-XRv-R3.00-00 0x00000016 0x8C5C 600 0/0/0
Area Address: 49.0034
NLPID: 0xCC
Hostname: CPS-R01-XRv-R3
IP Address: 192.168.3.3
Metric: 10 IS CPS-R01-R1.03
Metric: 10 IS CPS-R01-R2.03
Metric: 10 IS CPS-R01-R4.03
Metric: 10 IP 192.168.3.3 255.255.255.255
Metric: 20 IP 192.168.4.4 255.255.255.255
Metric: 10 IP 192.168.13.0 255.255.255.0
Metric: 20 IP 192.168.14.0 255.255.255.252
Metric: 10 IP 192.168.23.0 255.255.255.0
Metric: 10 IP 192.168.34.0 255.255.255.252
R2 is not advertising network 192.168.34.0 to R1, as Level 1 routers do not advertise routes received from Level 2
neighbors.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 681
A Layer 1/Layer 2 router identifies itself by setting an attach-bit (ATT-bit) in its Layer 1 link-state packet (LSP).
Here Attached bit is set for top two LSPs.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 682
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 683
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 684
RP/0/0/CPU0:CPS-R01-XRv-R3#sh isis interface brief
Sat May 31 04:22:36.251 UTC
IS-IS 3 Interfaces
Interface All AdjsAdjToposAdvTopos CLNS MTU Prio
OK L1 L2 Run/Cfg Run/Cfg L1 L2
----------------- --- --------- --------- --------- ---- ---- --------
Lo0 Yes 0 0 1/1 1/1 Up 1500 - -
Gi0/0/0/0.23 Yes 0 1 1/1 1/1 Up 1497 64 64
Gi0/0/0/0.34 Yes 1 1 1/1 1/1 Up 1497 64 64
Gi0/0/0/1 Yes 0 1 1/1 1/1 Up 1497 64 64
RP/0/0/CPU0:CPS-R01-XRv-R3#
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 685
CPS-R01-R1#tclsh
CPS-R01-R1(tcl)#foreach address {
+>192.168.1.1
+>192.168.2.2
+>192.168.3.3
+>192.168.4.4} { ping $address source lo0 repeat 10
+>}
CPS-R01-R1#tclsh
CPS-R01-R1(tcl)#foreach address {
+>192.168.1.1
+>192.168.2.2
+>192.168.3.3
+>192.168.4.4} { trace $address source lo0
+>}
Type escape sequence to abort.
Tracing the route to 192.168.1.1
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 686
1.1.2 ISIS Level 1
Configure all devices in ISIS area 49.1234.
All devices in network should form only ISIS Level 1 adjacencies.
Host-2 192.168.2.2
G0/0//0.23 23.3
VLA N 23
F0/0.23 23.1
VLA N 23
F0/0.12 12.2
VLA N 12 SRE-R2
Host-3 192.168.3.3
G0/0//1 13.3
XRV-R3
G0/0//0.34 34.3
VLA N 34
ISIS
Level 1
Area 49.1234 Ccieperfectsolutions.com
F0/1 13.1
R1
router isis
is-type level-1
no net 49.0012.0000.0000.0001.00
net 49.1234.0000.0000.0001.00
!
end
!
clear isis *
R2
router isis
is-type level-1
no net 49.0012.0000.0000.0002.00
net 49.1234.0000.0000.0002.00
!
end
!
clear isis *
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 687
R4
router isis
is-type level-1
no net 49.0034.0000.0000.0004.00
net 49.1234.0000.0000.0004.00
!
end
!
clear isis *
R3
router isis 3
no net 49.0034.0000.0000.0003.00
net 49.1234.0000.0000.0003.00
is-type level-1
!
commit
!
end
!
clear isisafi-all unicast route
Verify the applied configurations for any copy paste or typing error.
Though ISIS Level 1 is enabled on all devices globally above interface is still showing both Circuit Types. If we want
to see only Circuit Type Level 1, we need to enable Level 1 on the interface particularly.
Enabling ISIS Level 1 globally automatically disables Level 2 operations on the whole device as we can see Level 2
Metric and other attributes are disappeared.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 688
Lets enable IS Type Level 1 on this interface and check:
R1
interface fastethernet0/0.12
isis circuit-type level-1
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 689
R2:
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 690
R4:
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 691
R3:
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 692
1.1.3 ISIS Level 2
Configure all devices in ISIS domain in below areas:
R1 49.0001
R2 49.0002
R3 49.0003
R4 49.0004
Host-2 192.168.2.2
G0/0//0.23 23.3
VLA N 23
F0/0.23 23.1
VLA N 23
F0/0.12 12.2
VLA N 12 SRE-R2
Host-3 192.168.3.3
G0/0//1 13.3
XRV-R3
G0/0//0.34 34.3
VLA N 34
ISIS
Level 2
Ccieperfectsolutions.com
F0/1 13.1
R1
router isis
is-type level-2-only
no net 49.1234.0000.0000.0001.00
net 49.0001.0000.0000.0001.00
!
interface FastEthernet0/0.12
noisis circuit-type level-1
end
!
clear isis *
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 693
R2
router isis
is-type level-2-only
no net 49.1234.0000.0000.0002.00
net 49.0002.0000.0000.0002.00
!
end
!
clear isis *
R4
router isis
is-type level-2-only
no net 49.1234.0000.0000.0004.00
net 49.0002.0000.0000.0004.00
!
end
!
clear isis *
R3
router isis 3
is-type level-2-only
no net 49.1234.0000.0000.0003.00
net 49.0003.0000.0000.0003.00
!
commit
!
clear isisafi-all unicast route
Verify the applied configurations for any copy paste or typing error.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 694
Lets verify on R1:
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 695
R2
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 696
R4
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 697
R3
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 698
1.1.4ISIS Multi Level
R1
interface fastethernet0/1
shutdown
!
router isis
is-type level-1
no net 49.0001.0000.0000.0001.00
net 49.0124.0000.0000.0001.00
!
end
!
clear isis *
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 699
R2
router isis
is-type level-1-2
no net 49.0002.0000.0000.0002.00
net 49.0124.0000.0000.0001.00
!
end
!
clear isis *
R4
router isis
is-type level-1-2
no net 49.0002.0000.0000.0004.00
net 49.0124.0000.0000.0004.00
!
end
!
clear isis *
R3
interface gigabitethernet0/0/0/1
shutdown
!
router isis 3
is-type level-2-only
no net 49.0003.0000.0000.0003.00
net 49.0234.0000.0000.0003.00
!
commit
!
end
!
clear isisafi-all unicast route
Verify the applied configurations for any copy paste or typing error.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 700
R1 has two ISIS Level 1 Adjacencies.
Instead of sending Level 2 routes, Level 1 - 2 routers generate a default route to its Level 1 neighbors.
In above output R1 is receiving default route from both the Level 1-2 peers but not the R3 host route 192.168.3.3.
This design has a serious loop issue if configured at the edge of network, to reach 192.168.3.3 R1 will do load
sharing by routing packets to its both Level 1-2 peers.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 701
R3 Host 193.168.3.3 is not in R1 routing table, it has default route installed from two routers with traffic count
share 1.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 702
Lets check the return path from R3 to R1:
R3 is also receiving R1 Host route from both R2 and R4, further it depends on the number of transit links. If we add
one more device either between R2 R3 or R4 R3, scenario will change, forward and reverse path will not remain
same.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 703
As per above R2 will use R1 path to reach R4, generally Level 1 routers are considered Stub or Edge Routers.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 704
Here again R4 will transit R1 to reach R2.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 705
RP/0/0/CPU0:CPS-R01-XRv-R3#sh route isis
Sat May 31 10:51:14.166 UTC
Lets deal with Route Leaking options in next section to change the default ISIS behavior, by default Level 1 routers
only receive default route from boundary or Level 1-2 routers, at the Edge of network Level 1-2 routers use Level 1
router as transit path because of rule to prefer Level 1 routes over Level 2 to access their connected networks, if
they do not have ISIS Level 1 adjacency between them.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 706
1.1.5 ISIS Route Leaking
Create additional Loopback1 (192.168.XX.XX/32) on R1 and R3.
Advertise these Loopbacks in to ISIS domain.
Step 1:
R1
interface loopback1
ip add 192.168.11.11 255.255.255.255
ip router isis
R3
interface loopback1
ip add 192.168.33.33/32
!
router isis 3
interface loopback1
address-family ipv4 unicast
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 707
Step 2:
R2
router isis
redistributeisisip level-2 into level-1 distribute-list 101
!
access-list 101 permit ip host 192.168.3.3 host 255.255.255.255
!
clear isis rib redistribution *
An access list has deny action at the end by default thats why only one route is getting redistributed. Host
255.255.255.255 is wildcard for 0.0.0.0 which means all IPv4 addresses are allowed.
R4
router isis
redistributeisisip level-2 into level-1 route-map level-2-to-level-1
!
route-map level-2-to-level-1 permit 10
matchip address 10
!
clear isis rib redistribution *
A route-map has deny action at the end by default thats why only one route is getting redistributed.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 708
CPS-R01-R1#sh ip route 192.168.33.33
Routing entry for 192.168.33.33/32
Known via "isis", distance 115, metric 158, type inter area
Redistributing via isis
Last update from 192.168.14.2 on FastEthernet0/0.14, 00:02:38 ago
Routing Descriptor Blocks:
* 192.168.14.2, from 192.168.4.4, 00:02:38 ago, via FastEthernet0/0.14
Route metric is 158, traffic share count is 1
CPS-R01-R1#
Even if R2 and R4 respectively stop advertising loopbacks of R3, connectivity will work via default route.
Step 3:
R2
router isis
redistributeisisip level-1 into level-2 distribute-list 102
!
access-list 102 permit ip host 192.168.1.1 host 255.255.255.255
R4
router isis
redistribute isis ip level-1 into level-2 route-map level-1-to-level-2
!
route-map level-1-to-level-2 permit 10
matchip address 12
!
access-list 12 permit host 192.168.11.11
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 709
R4
access-list 12 deny host 192.168.1.1
access-list 12 permit any
R2 should only advertise R1 Loopback0 to R3 from Level 1 ISIS database.R2 needs to advertise its Level 2
database routes, lets look in to R2 database
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 710
CPS-R01-R2#sh isis database verbose | b IS-IS Level-2
Quite a number of prefixes, whole Level 2 Topology here, even 192.168.11.11 is also showing originated from R4.
Confusion is so easy, whatever the R2 is having in L2 Database Table is received from R3, will it be able send back?
Its best mechanism to avoid loops with one drawback of not having redundancy like we do have in Level 2 to Level
1 route leaking, with that default route always works as backup path, but if R2 gets failed R1 Loopback 0 cannot be
reachable to R3 via R4, same for Loopback 1.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 711
1.1.6 ISIS Passive Interface
Advertise all Loopbacks in the topology without using ip router isis.
Make sure those loopbacks never try to form ISIS adjacency on them.
Does not use redistribute command to advertise them.
R1
interface loopback0
noip router isis
!
interface loopback1
noip router isis
R2
interface loopback0
noip router isis
R4
interface loopback0
noip router isis
R3
router isis 3
interface Loopback0
no address-family ipv4 unicast
!
!
interface Loopback1
no address-family ipv4 unicast
!
commit
R1
router isis
passive-interface Loopback0
passive-interface Loopback1
To use passive interface or passive, ISIS needs to have at least one interface configured with ip router isis or
enabled for IP address family.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 712
CPS-R01-R1#sh clns interface lo0
Loopback0 is up, line protocol is up
CLNS protocol processing disabled
CPS-R01-R1#
R2
router isis
passive-interface Loopback0
R4
router isis
passive-interface Loopback0
R3
router isis 3
interface Loopback0
passive
address-family ipv4 unicast
!
interface Loopback1
passive
address-family ipv4 unicast
!
commit
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 713
All the loopbacks are advertised in to ISIS.
Passive interface default is another way around to stop unnecessary LSP floods on not required interfaces; it can be
used as below to achieve the same purpose:
R1
router isis
passive-interface default
no passive-interface FastEthernet0/0.12
no passive-interface FastEthernet0/0.14
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 714
1.1.7 ISIS Network Types
Configure ISIS Network Type Point to Point between R2 and R3.
Make sure there is no DIS selection on this link.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 715
LAN ID: CPS-R01-R2.03 is the ID of DIS which is R2. Media Type is LAN or broadcast.
Like OSPF, default ISIS network on Ethernet is broadcast where DIS (DR) is elected.
LSP Sequence Num marked with * are called Pseudo Node LSP, these do help to reduce database size and simplifies
SPF calculation in ISIS broadcast networks.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 716
Lets change the ISIS network type to point to point:
R2
interfacefastethernet 0/0.23
isis network point-to-point
R3
router isis 3
!
interface GigabitEthernet0/0/0/0.23
point-to-point
!
commit
SNPA PtoP means network point to point. Media Type changed to P2P.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 717
1.1.8 ISIS DIS Election
Make sure R3 is acting as DIS on the Link between R3 and R4.
R3
router isis 3
interface GigabitEthernet0/0/0/0.34
priority 127
!
commit
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 718
Highest Priority wins, now R3 has become DIS.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 719
1.1.9 ISIS Metric Types
Configure all devices in domain to support ISIS TLV 135.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 720
By default ISIS enabled routers use metric style narrow which supports maximum route metric 63.
Any type of interface participating in ISIS has default metric 10.
R1, R2, R4
router isis
metric-style wide
R3
router isis 3
address-family ipv4 unicast
metric-style wide
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 721
We can see metric style wide is enabled, wide metric is known as TLV 135. It allows ISIS to support extended
metric which is required particularly for MPLS TE. In above output R1 has stopped accepting and generating
metric types narrow which may create issues if network is live during transition. ISIS has a granularity by allowing
devices to support both types of metric by using command metric-style-transition.
R1
router isis
metric-style transition
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 722
1.1.10 ISIS Multi Instance
Configure ISIS as per drawing below.
Configure global instance for area 49.0124 and an additional ISIS instance ISIS_0023 on R2 for area 49.0023.
Configure 2 ISIS Instances on R3, Instance ISIS_0023 for area 49.0023 and Instance ISIS_0034 for area 49.0034.
R2 and R3 hosts should be advertised in to area 49.0124.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 723
SW
vlan database
!
vlan 12
!
vlan 13
!
vlan 14
!
vlan 23
!
vlan 34
!
apply
!
exit
interface range FastEthernet1/1 -4
switchport mode trunk
switchport trunk encapsulation dot1q
no shut
!
interface FastEthernet1/1
description connects to R1 interface f0/0
switchport trunk allowed vlan 1,2,12,14,1002-1005
!
interface FastEthernet1/2
description connects to R2 interface f0/0
switchport trunk allowed vlan 1,2,12,23,1002-1005
!
interface FastEthernet1/3
description connects to XR-R3 interface Gi0/0/0/0
switchport trunk allowed vlan 1,2,13,23,34,1002-1005
!
interface FastEthernet1/4
description connects to R4 interface f0/0
switchport trunk allowed vlan 1,2,14,34,1002-1005
R1
interface FastEthernet0/0
no shut
!
interface FastEthernet0/0.12
encapsulation dot1q 12
ip add 192.168.12.1 255.255.255.252
!
interface FastEthernet0/0.14
encapsulation dot1q 14
ip add 192.168.14.1 255.255.255.252
!
interface FastEthernet0/1
ip add 192.168.13.1 255.255.255.252
!
interface loopback0
ip add 192.168.1.1 255.255.255.255
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 724
R2
hostname CPS-R01-R2
interface FastEthernet0/0
no shut
!
interface FastEthernet0/0.12
encapsulation dot1q 12
ip add 192.168.12.2 255.255.255.252
!
interface FastEthernet0/0.23
encapsulation dot1q 23
ip add 192.168.23.1 255.255.255.252
!
interface loopback0
ip add 192.168.2.2 255.255.255.255
XRv-R3
hostname CPS-R01-XRv-R3
interface GigabitEthernet0/0/0/0
no shut
!
interface GigabitEthernet0/0/0/0.23
encapsulation dot1q 23
ip add 192.168.23.2/24
!
interface GigabitEthernet0/0/0/0.34
encapsulation dot1q 34
ip add 192.168.34.1/24
interface GigabitEthernet0/0/0/1
ip add 192.168.13.2/24
no shut
!
interface loopback0
ip add 192.168.3.3/32
commit
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 725
R4
hostname CPS-R01-R4
interface FastEthernet0/0
no shut
!
interface FastEthernet0/0.14
encapsulation dot1q 14
ip add 192.168.14.2 255.255.255.252
!
interface FastEthernet0/0.34
encapsulation dot1q 34
ip add 192.168.34.2 255.255.255.252
!
interface loopback0
ip add 192.168.4.4 255.255.255.255
router isis
net 49.0124.0000.0000.0001.00
passive-interface loopback0
!
interface FastEthernet0/0.12
isis circuit-type level-2-only
ip router isis
!
interface FastEthernet0/0.14
ip router isis
isis circuit-type level-1
R1 is enabled for ISIS Routing as per drawing and advertising required interfaces in to ISIS.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 726
R4
router isis
net 49.0124.0000.0000.0004.00
passive-interface loopback0
!
interface FastEthernet0/0.14
ip router isis
isis circuit-type level-1
!
interface FastEthernet0/0.34
ip router isis
isis circuit-type level-2-only
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 727
R2:
router isis
is-type level-2-only
net 49.0124.0000.0000.0002.00
!
interface FastEthernet0/0.12
ip router isis
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 728
It has additional ISIS instance enabled for FastEthernet0/0.23 and Loopback0.
R1 and R2 have Level 2 adjacency established for ISIS default instance. R2 is elected as DIS.
R2 is receiving 3 routes from R1.
Make sure to use separate system IDs and NET ID for each instance.
R3
router isis ISIS_0034
net 49.0034.0000.0000.0034.00
address-family ipv4 unicast
!
interface GigabitEthernet0/0/0/0.34
address-family ipv4 unicast
!
router isis ISIS_0023
net 49.0023.0000.0000.0023.00
address-family ipv4 unicast
!
interface GigabitEthernet0/0/0/0.23
address-family ipv4 unicast
!
interface loopback0
address-family ipv4 unicast
passive
!
commit
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 729
R3 is receiving 2 routes from R2 which are in R2 routing instance ISIS_23.
R3 is receiving 3 routes from R4.
If routes are not distributed between the instances those are advertised in both instances, by default those get
advertised to the neighbors of same instance.
R1 is only advertising loopback 0 to R3 which is in Level 1. By default Level 2 routes are not advertise to Level 1
neighbors to achieve this we need to do redistribution of Level 2 in Level 1 at R1.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 730
R2 is also not receiving R3 ISIS_0034 routes.
Lets do mutual redistribute in R3 both instances:
R1 is receiving only two routes from R4, if we want Level 2 routes from R4, we need to perform route leaking on
R4.
R1 is not receiving any route from R2 because R2 default instance is still not redistributed with ISIS_0023 by which
R2 is receiving R3 and R4 routes.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 732
Lets perform route leaking on R4:
R4
router isis
redistributeisisip level-2 into level-1 route-map level-2-to-level-1
!
access-list 34 permit 192.168.3.3
!
route-map level-2-to-level-1 permit 10
matchip address 34
Filtration is key thing while route leaking to avoid loops, if we do not add filter for R2, R1 will start using R4 to
reach R2.
R2
router isis
redistribute isis ISIS_0023 ip route-map ISIS_0023-to-Global
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 733
Now we can 192.168.3.3 is coming from R2. ISIS Routing perference it selects Level 1 route over Level 2 and
Level 2 route over external.
Still we are not seeing R2 Loopback0 in R1 routing table if we leak it from R4, path would be longer.
Lets add redistribute connected in R2 Global instance:
R2
router isis
redistribute connected
Looks clean but if R4 fails it will lose the reach ability to R1, lets redistribute R2 Global instance to ISIS_0023 to
allow R1 Host.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 734
RP/0/0/CPU0:CPS-R01-XRv-R3#sh route isis
Sun Jun 1 07:20:01.471 UTC
CPS-R01-R1#tclsh
CPS-R01-R1(tcl)#foreach address {
+>192.168.1.1
+>192.168.2.2
+>192.168.3.3
+>192.168.4.4} { ping $address source lo0 repeat 10
+>}
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 735
Lets have check for routing tables:
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 736
RP/0/0/CPU0:CPS-R01-XRv-R3#sh route isis
i L2 192.168.1.1/32 [115/10] via 192.168.23.1, 00:05:51, GigabitEthernet0/0/0/0.23
i L2 192.168.2.2/32 [115/10] via 192.168.23.1, 00:55:23, GigabitEthernet0/0/0/0.23
i L2 192.168.23.0/30 [115/20] via 192.168.23.1, 00:55:23, GigabitEthernet0/0/0/0.23
i L2 192.168.4.4/32 [115/10] via 192.168.34.2, 00:55:32, GigabitEthernet0/0/0/0.34
i L2 192.168.14.0/30 [115/20] via 192.168.34.2, 00:55:32, GigabitEthernet0/0/0/0.34
RP/0/0/CPU0:CPS-R01-XRv-R3#
Here, we can find one sub optimal path for R2 R4, R2 will transit R1 to reach R4, while R4 will transit R3 to reach
R2, if we perform route leaking from R1 Level 2 to Level 1, this should be shorted out.
R1
router isis
redistributeisisip level-2 into level-1 route-map level-2-to-level-1
!
access-list 12 permit 192.168.2.2
!
route-map level-2-to-level-1 permit 10
matchip address 12
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 737
CPS-R01-R4#sh ip route isis
If we enable wide metrics it will show as Level 2 route and internal routes are preferred over inter area routes.
Simulate such practicals and try to innovate unlike connecting 3 - 4 routers in planned way to get minimum issues
like we see in other workbooks, play around you need to understand all these caveats. Cisco Tests your concepts.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 738
1.1.11 ISIS Path Selection
Configure ISIS as per below drawing.
Optimize ISIS path so that R3 uses R1 to reach R5 connected host.
Optimize ISIS path so that R2 uses R4 to reach R5 connected host.
Loopbacks should be not advertised using either ip router isis or passive command.
Enable ISIS wide Metrics.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 739
SW:
vlan database
!
vlan 12
!
vlan 13
!
vlan 14
!
vlan 23
!
vlan 34
!
apply
!
exit
R1
interface FastEthernet0/0
no shut
!
interface FastEthernet0/0.12
encapsulation dot1q 12
ip add 192.168.12.1 255.255.255.252
!
interface FastEthernet0/0.14
encapsulation dot1q 14
ip add 192.168.14.1 255.255.255.252
!
interface loopback0
ip add 192.168.1.1 255.255.255.255
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 740
!
interface FastEthernet0/1
ip add 192.168.13.1 255.255.255.252
no shut
!
interface GigabitEthernet1/0
ip add 192.168.15.1 255.255.255.252
no shut
R2
interface FastEthernet0/0
no shut
!
interface FastEthernet0/0.12
encapsulation dot1q 12
ip add 192.168.12.2 255.255.255.252
!
interface FastEthernet0/0.23
encapsulation dot1q 23
ip add 192.168.23.1 255.255.255.252
!
interface loopback0
ip add 192.168.2.2 255.255.255.255
XRv-R3
interface GigabitEthernet0/0/0/0
no shut
!
interface GigabitEthernet0/0/0/0.23
encapsulation dot1q 23
ip add 192.168.23.2/24
!
interface GigabitEthernet0/0/0/0.34
encapsulation dot1q 34
ip add 192.168.34.1/24
interface GigabitEthernet0/0/0/1
ip add 192.168.13.2/24
no shut
!
interface loopback0
ip add 192.168.3.3/32
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 741
R4
interface FastEthernet0/0
no shut
!
interface FastEthernet0/0.14
encapsulation dot1q 14
ip add 192.168.14.2 255.255.255.252
!
interface FastEthernet0/0.34
encapsulation dot1q 34
ip add 192.168.34.2 255.255.255.252
!
interface FastEthernet0/1
ip add 192.168.45.1 255.255.255.252
no shut
!
interface loopback0
ip add 192.168.4.4 255.255.255.255
R5
interface FastEthernet0/0
ip add 192.168.15.2 255.255.255.252
no shut
!
interface FastEthernet0/1
ip add 192.168.45.2 255.255.255.252
no shut
!
interface loopback0
ip add 192.168.5.5 255.255.255.255
R1
router isis
net 49.1234.0000.0000.0001.00
metric-style wide
redistribute connected route-map connected
!
interface FastEthernet0/0.12
isis circuit-type level-2-only
ip router isis
!
interface FastEthernet0/0.14
ip router isis
isis circuit-type level-2-only
!
interface FastEthernet0/1
ip router isis
isis circuit-type level-2-only
!
route-map connected permit 10
match interface Loopback0
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 742
R2
router isis
is-type level-2-only
net 49.0124.0000.0000.0002.00
metric-style wide
redistribute connected route-map connected
!
interface FastEthernet0/0.12
ip router isis
interface FastEthernet0/0.23
ip router isis
R3
router isis ISIS_1234
net 49.1234.0000.0000.0003.00
is-type level-2-only
address-family ipv4 unicast
metric-style wide
redistribute connected level-2 route-policy connected
!
interface GigabitEthernet0/0/0/0.23
address-family ipv4 unicast
!
interface GigabitEthernet0/0/0/0.34
address-family ipv4 unicast
!
interface GigabitEthernet0/0/0/1
address-family ipv4 unicast
route-policy connected
if destination in (192.168.3.3) then
pass
endif
exit
commit
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 743
R4
router isis
net 49.1234.0000.0000.0004.00
metric-style wide
redistribute connected route-map connected
!
interface FastEthernet0/0.14
ip router isis
isis circuit-type level-2-only
!
interface FastEthernet0/0.34
ip router isis
isis circuit-type level-2-only
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 744
Lets verify Level 2 ISIS on all devices in area 49.1234:
R1 has ISIS enabled for three interfaces and it is redistributing connected interface in to ISIS.
R1 has 3 ISIS Level 2 neighbors, R2, R3 and R4.
R2 has been elected DIS between R1-R2; R1 has been elected DIS between R1-R3; R4 is elected DIS between R1-R4.
Because of not disabling ISIS Level 1 globally it has associated Attachment bit.
R1 has installed R2 Host route directly from R2.
R1 has installed R3 Host route directly from R3.
R1 has installed R4 Host route directly from R4.
All look good as expected.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 745
R2 has ISIS enabled for two interfaces and it is redistributing connected interface in to ISIS.
R2 has 2 ISIS Level 2 neighbors, R2 and R3.
R2 has been elected DIS between R1-R2; R2 has been elected DIS between R2-R3.
Because of disabling ISIS Level 1 globally it has no Attachment bit association.
R2 has installed R1 Host route directly from R1.
R2 has installed R3 Host route directly from R3.
R2 has installed R4 Host route from R4 both neighbors R1 and R3.
All look good as expected.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 746
R3 has ISIS enabled for three interfaces and it is redistributing connected interface in to ISIS.
R3 has 3 ISIS Level 2 neighbors, R1, R2 and R4.
R3 has installed R1 Host route directly from R1.
R3 has installed R2 Host route directly from R2.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 747
R3 has installed R4 Host route directly from R4.
All look good as expected.
R4 has ISIS enabled for two interfaces and it is redistributing connected interface in to ISIS.
R4 has 2 ISIS Level 2 neighbors, R1 and R3.
R4 has been elected DIS between R1-R4; R4 has been elected DIS between R3-R4.
Because of not disabling ISIS Level 1 globally it has associated Attachment bit and Level 1 database.
R4 has installed R1 Host route directly from R1.
R4 has installed R2 Host route from both neighbors R1 and R3.
R4 has installed R3 Host route directly from R3.
All look good as expected.
Rev 3.1 12June14 Copyright CcieperfectSolutions.com Guaranteed pass CCIE SPv3 in next attempt!!! Page 748