> 1.1 + 1.2 + 1.3 + 4.2--------L2--------------30 min
> 1.4 + 2.7 + 3.3 + 3.4 + 5.3--DMVPN-----------30 min
> 2.1 + 3.1 + 2.5 + 3.2 + 2.8--OSPF-BGP-MPLS---60 min
> 2.2 + 2.6 + 2.8 + 2.9 + 2.10-EIGRP-BGP-IPV6--45 min
> 2.3 + 2.4 + 2.11-------------EIGRP-BGP-------15 min
> 4.1 + 5.1 + 5.2 + 5.4--------SEC-NTP---------30 min
> 1.1 + 1.2 + 1.3 + 4.2--------L2--------------30 min
> 1.4 + 2.3 + 2.4+ 3.3 + 3.4 +2.7 + 5.3 + 2.11 --DMVPN-----------45 min
> 2.1 + 2.5 + 3.1 + 3.2 + 2.8--OSPF-BGP-MPLS---60 min
> 2.2 + 2.6 + 2.8 + 2.9 + 2.10-EIGRP-BGP-IPV6--45 min
> 4.1 + 5.1 + 5.2 + 5.4--------SEC-NTP---------30 min
*******************
Common Configurations:
*******************
=====================
1.1 + 1.2 + 1.3 + 4.2--------L2
=====================
SW1
SW2
SW3
SW4
vtp domain CCIE
vtp version 2
vtp mode
vtp password CCIErocks?
vlan 23,24,35,14,15,46,67,57,999
interface range e2/0-3
switchport trunk encapsulation dot1q
switchport mode trunk
switchport nonegotiate
interface range e3/0-3
switchport mode access
switchport access vlan 999
2.1 + 2.5 + 3.1 + 3.2 + 2.8--OSPF-BGP-MPLS
==================================
2.1:
----
router ospf 12345
router-id 123.1.1.1
network 123.0.0.0 0.255.255.255 area 0
2.5+3.1:
--------
R1:
----
mpls ldp router-id loopback 0 force
router ospf 12345
mpls ldp autoconfig area 0
router bgp 12345
bgp router-id 123.1.1.1
no bgp default ipv4-unicast
neighbor iBGP peer-group
neighbor iBGP remote-as 12345
neighbor iBGP update-source loopback 0
neighbor 123.2.2.2 peer-group iBGP
neighbor 123.3.3.3 peer-group iBGP
neighbor 123.6.6.6 peer-group iBGP
neighbor 123.7.7.7 peer-group iBGP
address-family ipv4
neighbor 123.2.2.2 activate
neighbor 123.3.3.3 activate
neighbor 123.6.6.6 activate
neighbor 123.7.7.7 activate
neighbor iBGP route-reflector-client
address-family vpnv4
neighbor 123.2.2.2 activate
neighbor 123.3.3.3 activate
neighbor 123.6.6.6 activate
neighbor 123.7.7.7 activate
neighbor iBGP route-reflector-client
R17
router eigrp CCIE
address-family ipv4 unicast autonomous-system 45678
network 123.17.17.17 0.0.0.0
network 123.20.1.10 0.0.0.0
network 123.20.1.18 0.0.0.0
network 10.20.1.25 0.0.0.0
af-interface e0/1
authentication mode hmac-sha-256 CCIE
af-interface e0/2
authentication mode hmac-sha-256 CCIE
exit-address-family
R18
router eigrp CCIE
address-family ipv4 unicast autonomous-system 45678
network 10.2.18.1 0.0.0.0
network 123.18.18.18 0.0.0.0
network 10.20.1.26 0.0.0.0
eigrp stub connected static redistribute
> 1.4 + 2.7 + 3.3 + 3.4 + 5.3--DMVPN-----------30 min
> 2.1 + 3.1 + 2.5 + 3.2 + 2.8--OSPF-BGP-MPLS---60 min
> 2.2 + 2.6 + 2.8 + 2.9 + 2.10-EIGRP-BGP-IPV6--45 min
> 2.3 + 2.4 + 2.11-------------EIGRP-BGP-------15 min
> 4.1 + 5.1 + 5.2 + 5.4--------SEC-NTP---------30 min
> 1.1 + 1.2 + 1.3 + 4.2--------L2--------------30 min
> 1.4 + 2.3 + 2.4
> 2.1 + 2.5 + 3.1 + 3.2 + 2.8--OSPF-BGP-MPLS---60 min
> 2.2 + 2.6 + 2.8 + 2.9 + 2.10-EIGRP-BGP-IPV6--45 min
> 4.1 + 5.1 + 5.2 + 5.4--------SEC-NTP---------30 min
*******************
Common Configurations:
*******************
=====================
1.1 + 1.2 + 1.3 + 4.2--------L2
=====================
SW1
SW2
SW3
SW4
vtp domain CCIE
vtp version 2
vtp mode
vtp password CCIErocks?
vlan 23,24,35,14,15,46,67,57,999
interface range e2/0-3
switchport trunk encapsulation dot1q
switchport mode trunk
switchport nonegotiate
interface range e3/0-3
switchport mode access
switchport access vlan 999
interface e0/0
switchport mode access
switchport access vlan
spanning-tree mode mst
spanning-tree mst configuration
name CCIE
revision 1
instance 1 vlan 1,15,23,35,57,67,999
instance 2 vlan 14,24,46
spanning-tree mst 1 root primary
spanning-tree mst 2 root secondary
spanning-tree portfast default
spanning-tree portfast bpduguard default
4.2
---
SW3:
interface range e0/0-3
switchport port-security
switchport port-security maximum 1
switchport port-security mac-address sticky
switchport port-security violation shutdown
========================================
1.4 + 2.3 + 2.4+ 3.3 + 3.4 +2.7 + 5.3 + 2.11 --- DMVPN
=========================================
R15,16,17,18,19,SW5,SW6
R15,16,17,SW5,SW6:
--------------------------
router eigrp CCIE
address-family ipv4 unicast autonomous-system 45678
network 123.17.17.17 0.0.0.0
network 123.20.1.10 0.0.0.0
network 123.20.1.18 0.0.0.0
network 10.20.1.25 0.0.0.0
af-interface e0/1
authentication mode hmac-sha-256 CCIE
af-interface e0/2
authentication mode hmac-sha-256 CCIE
exit-address-family
R18,R19:
int s1/0
encapsulation ppp
ppp chap hostname ACME-R18
ppp chap password CCIE
network 10.2.18.1 0.0.0.0
network 123.18.18.18 0.0.0.0
network 10.20.1.26 0.0.0.0
eigrp stub connected static redistribute
R17:
interface Tunnel0
ip address 10.20.1.25 255.255.255.248
no ip redirects
bandwidth 1000
delay 1000
ip mtu 1400
ip tcp adjust-mss 1380
ip nhrp map multicast dynamic
ip nhrp authentication 45678key
ip nhrp network-id 45678
ip nhrp holdtime 300
ip nhrp redirect
tunnel source Ethernet0/0
tunnel mode gre multipoint
tunnel vrf LOCALSP
================================1.4 + 2.3 + 2.4
=========================================
R15,16,17,18,19,SW5,SW6
R15,16,17,SW5,SW6:
--------------------------
router eigrp CCIE
address-family ipv4 unicast autonomous-system 45678
network 123.17.17.17 0.0.0.0
network 123.20.1.10 0.0.0.0
network 123.20.1.18 0.0.0.0
network 10.20.1.25 0.0.0.0
af-interface e0/1
authentication mode hmac-sha-256 CCIE
af-interface e0/2
authentication mode hmac-sha-256 CCIE
exit-address-family
R18,R19:
int s1/0
encapsulation ppp
ppp chap hostname ACME-R18
ppp chap password CCIE
router eigrp CCIE
address-family ipv4 unicast autonomous-system 45678network 10.2.18.1 0.0.0.0
network 123.18.18.18 0.0.0.0
network 10.20.1.26 0.0.0.0
eigrp stub connected static redistribute
R17:
interface Tunnel0
ip address 10.20.1.25 255.255.255.248
no ip redirects
bandwidth 1000
delay 1000
ip mtu 1400
ip tcp adjust-mss 1380
ip nhrp map multicast dynamic
ip nhrp authentication 45678key
ip nhrp network-id 45678
ip nhrp holdtime 300
ip nhrp redirect
tunnel source Ethernet0/0
tunnel mode gre multipoint
tunnel vrf LOCALSP
R18
interface Tunnel0
ip address 10.20.1.26 255.255.255.248
no ip redirects
bandwidth 1000
delay 1000
ip mtu 1400
ip tcp adjust-mss 1380
ip nhrp map 10.20.1.25 203.3.17.2
ip nhrp map multicast 203.3.17.2
ip nhrp nhs 10.20.1.25
ip nhrp authentication 45678key
ip nhrp network-id 45678
ip nhrp holdtime 300
ip nhrp shortcut
tunnel source Serial1/0
tunnel mode gre multipoint
tunnel vrf LOCALSP
crypto isakmp policy 10
encryption aes
authentication pre-share
group 2
crypto keyring KEYDMVPN vrf LOCALSP
pre-shared-key address 0.0.0.0 0.0.0.0 key CCIE
crypto ipsec transform-set CCIEXFORM esp-aes 128
mode transport
crypto ipsec profile DMVPNPROFILE
set transform-set CCIEXFORM
int tunnel 0
tunnel protection ipsec profile DMVPNPROFILE
2.7
---
R15
router bgp 45678
bgp router-id 123.15.15.15
neighbor 103.2.45.1 remote-as 10003
aggregate-address 123.20.1.0 255.255.255.0 summary-only
redistribute eigrp 45678
router eigrp CCIE
address-family ipv4 unicast autonomous-system 45678
topology base
redistribute bgp 45678 metric 10000 10 255 1 1500
R16
interface Ethernet0/0
ip vrf forwarding LOCALSP
ip address 203.3.16.2 255.255.255.252
router bgp 45678
bgp router-id 123.16.16.16
address-family ipv4 vrf LOCALSP
network 0.0.0.0 backdoor
neighbor 203.3.16.1 remote-as 20003
neighbor 203.3.16.1 activate
neighbor 203.3.16.1 prefix-list defaultroute in
neighbor 203.3.16.1 prefix-list denyall out
ip prefix-list defaultroute permit 0.0.0.0/0
ip prefix-list denyall deny 0.0.0.0/0 le 32
R17
interface Ethernet0/0
ip vrf forwarding LOCALSP
ip address 203.3.17.2 255.255.255.252
router bgp 45678
bgp router-id 123.17.17.17
address-family ipv4 vrf LOCALSP
network 0.0.0.0 backdoor
neighbor 203.3.17.1 remote-as 20003
neighbor 203.3.17.1 activate
neighbor 203.3.17.1 prefix-list defaultroute in
neighbor 203.3.17.1 prefix-list denyall out
ip prefix-list defaultroute permit 0.0.0.0/0
ip prefix-list denyall deny 0.0.0.0/0 le 32
R18
interface S1/0
ip vrf forwarding LOCALSP
ip address 203.3.18.2 255.255.255.252
router bgp 65222
bgp router-id 123.18.18.18
address-family ipv4 vrf LOCALSP
network 0.0.0.0 backdoor
neighbor 203.3.18.1 remote-as 20003
neighbor 203.3.18.1 activate
neighbor 203.3.18.1 prefix-list defaultroute in
neighbor 203.3.18.1 prefix-list denyall out
ip prefix-list defaultroute permit 0.0.0.0/0
ip prefix-list denyall deny 0.0.0.0/0 le 32
R19
interface S1/0
ip vrf forwarding LOCALSP
ip address 203.3.19.2 255.255.255.252
router bgp 65222
bgp router-id 123.19.19.19
address-family ipv4 vrf LOCALSP
network 0.0.0.0 backdoor
neighbor 203.3.19.1 remote-as 20003
neighbor 203.3.19.1 activate
neighbor 203.3.19.1 prefix-list defaultroute in
neighbor 203.3.19.1 prefix-list denyall out
ip prefix-list defaultroute permit 0.0.0.0/0
ip prefix-list denyall deny 0.0.0.0/0 le 32
do show ip bgp vpnv4 all
R17:
-----
shell processing full
2.11:
----
R15
ip multicast-routing
int loopback 0
ip pim sparse-mode
int e0/1
ip pim sparse-mode
int e0/2
ip pim sparse-mode
ip pim rp-candidate loopback 0
ip pim bsr-candidate loopback 0 32
2.1 + 2.5 + 3.1 + 3.2 + 2.8--OSPF-BGP-MPLS
==================================
2.1:
----
router ospf 12345
router-id 123.1.1.1
network 123.0.0.0 0.255.255.255 area 0
2.5+3.1:
--------
R1:
----
mpls ldp router-id loopback 0 force
router ospf 12345
mpls ldp autoconfig area 0
router bgp 12345
bgp router-id 123.1.1.1
no bgp default ipv4-unicast
neighbor iBGP peer-group
neighbor iBGP remote-as 12345
neighbor iBGP update-source loopback 0
neighbor 123.2.2.2 peer-group iBGP
neighbor 123.3.3.3 peer-group iBGP
neighbor 123.6.6.6 peer-group iBGP
neighbor 123.7.7.7 peer-group iBGP
address-family ipv4
neighbor 123.2.2.2 activate
neighbor 123.3.3.3 activate
neighbor 123.6.6.6 activate
neighbor 123.7.7.7 activate
neighbor iBGP route-reflector-client
address-family vpnv4
neighbor 123.2.2.2 activate
neighbor 123.3.3.3 activate
neighbor 123.6.6.6 activate
neighbor 123.7.7.7 activate
neighbor iBGP route-reflector-client
R2:
----
mpls ldp router-id loopback 0 force
no mpls ip propagate-ttl forwarded
router ospf 12345
mpls ldp autoconfig area 0
router bgp 12345
bgp router-id 123.2.2.2
no bgp default ipv4-unicast
neighbor 123.1.1.1 remote-as 12345
address-family ipv4
neighbor 123.1.1.1 activate
neighbor 123.1.1.1 next-hop-self
address-family ipv4 vrf GREEN
neighbor 10.120.12.2 remote-as 65112
neighbor 10.120.12.2 activate
address-family ipv4 vrf BLUE
neighbor 10.120.13.2 remote-as 65112
neighbor 10.120.13.2 activate
address-family ipv4 vrf RED
neighbor 10.120.14.2 remote-as 65112
neighbor 10.120.14.2 activate
address-family ipv4 vrf YELLOW
neighbor 10.120.15.2 remote-as 65112
neighbor 10.120.15.2 activate
address-family ipv4 vrf INET
neighbor 10.120.99.2 remote-as 65112
neighbor 10.120.99.2 activate
router bgp 12345
address-family vpnv4
neighbor 123.1.1.1 activate
address-family ipv4 vrf GREEN
neighbor 101.1.123.1 remote-as 10001
neighbor 101.1.123.1 activate
address-family ipv4 vrf BLUE
neighbor 101.1.123.1 remote-as 10001
neighbor 101.1.123.1 activate
address-family ipv4 vrf RED
neighbor 101.1.123.1 remote-as 10001
neighbor 101.1.123.1 activate
address-family ipv4 vrf YELLOW
neighbor 101.1.123.1 remote-as 10001
neighbor 101.1.123.1 activate
address-family ipv4 vrf INET
neighbor 101.1.123.1 remote-as 10001
neighbor 101.1.123.1 activate
2.8:
---
ip prefix-list net123 permit 123.0.0.0/8 le 32
router bgp 12345
address-family ipv4 vrf INET
neighbor 101.1.123.1 prefix-list net123 out
R12
router bgp 65111
bgp router-id 123.12.12.12
neighbor 201.1.12.1 remote-as 20001
redistribute connected
R13
router bgp 65111
bgp router-id 123.13.13.13
neighbor 201.1.13.1 remote-as 20001
neighbor 202.2.13.1 remote-as 20002
neighbor 202.2.13.1 weight 1000
redistribute connected
R14
router bgp 65111
bgp router-id 123.14.14.14
neighbor 202.2.14.1 remote-as 20002
redistribute connected
do show ip bgp
R20
router bgp 65112
neighbor 10.120.99.5 weight 1000
===================================
2.2 + 2.6 + 2.8 + 2.9 + 2.10-EIGRP-BGP-IPV6
===================================
router eigrp 34567
network 123.0.0.0 0.255.255.255
===================================
2.3 + 2.4 + 2.11-------EIGRP-BGP
===================================
2.2 + 2.6 + 2.8 + 2.9 + 2.10-EIGRP-BGP-IPV6
===================================
router eigrp 34567
network 123.0.0.0 0.255.255.255
int vlan 34
delay 100
R8
router bgp 34567
bgp router-id 123.8.8.8
no bgp default ipv4-unicast
neighbor IBGP peer-group
neighbor IBGP remote-as 34567
neighbor IBGP update-source loopback 0
neighbor 123.9.9.9 peer-group IBGP
neighbor 123.10.10.10 peer-group IBGP
neighbor 123.11.11.11 peer-group IBGP
neighbor 101.1.34.1 remote-as 10001
address-family ipv4
neighbor 123.9.9.9 activate
neighbor 123.10.10.10 activate
neighbor 123.11.11.11 activate
neighbor 101.1.34.1 activate
neighbor IBGP next-hop-self
redistribute eigrp 34567
ip prefix-list defaultroute permit 0.0.0.0/0
route-map defaulroute permit 10
match ip address prefix-list defaultroute
2.8:
----
R2
ip prefix-list net123 permit 123.0.0.0/8 le 32
router bgp 12345
address-family ipv4 vrf INET
neighbor 101.1.123.1 prefix-list net123 out
2.9:
----
R10
ipv6 unicast-routing
router ospfv3 1
router-id 123.10.10.10
interface loopback 0
ospfv3 1 ipv6 area 10
interface e0/1
ospfv3 1 ipv6 area 10
2.10:
----
R10
router bgp 34567
neighbor 2001:CC1E:BEF:10:201:1:34:1 remote-as 20001
address-family ipv6
neighbor 2001:CC1E:BEF:10:201:1:34:1 activate
redistribute ospf 1 match internal external 1 external 2 include-connected
2.3 + 2.4 + 2.11-------EIGRP-BGP
===================================
R17
router eigrp CCIE
address-family ipv4 unicast autonomous-system 45678
network 123.17.17.17 0.0.0.0
network 123.20.1.10 0.0.0.0
network 123.20.1.18 0.0.0.0
network 10.20.1.25 0.0.0.0
af-interface e0/1
authentication mode hmac-sha-256 CCIE
af-interface e0/2
authentication mode hmac-sha-256 CCIE
exit-address-family
R18
router eigrp CCIE
address-family ipv4 unicast autonomous-system 45678
network 10.2.18.1 0.0.0.0
network 123.18.18.18 0.0.0.0
network 10.20.1.26 0.0.0.0
eigrp stub connected static redistribute
No comments:
Post a Comment