!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
K5
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!2.1 Implement the Access-switch ports of Switched Network!!!
SW1
spanning-tree mod rapod-pvst
int vlan 10
ip add yy.yy.28.2 255.255.255.224
int vlan 41
ip add yy.yy.128.65 255.255.255.224
int vlan 140
ip add yy.yy.234.33 255.255.255.224
int vlan 234
ip add yy.yy.234.1 255.255.255.224
SW2
spanning-tree mode rapid-pvst
int vlan 42
ip add yy.yy.128.98 255.255.255.224
int vlan 52
ip add yy.yy.128.193 255.255.255.224
int vlan 230
ip add yy.yy.234.65 255.255.255.0
int vlan 234
ip add yy.yy.234.2 255.255.255.224
int fa0/5
switchport trunk encapslation dot1q
switchport trunk allowedvlan 52,53
switchport mode trunk
SW3
spanning-tree mode rapid-pvst
int vlan 23
ip add yy.yy.128.161 255.255.255.224
int vlan 53
ip adde yy.yy.128.226 255.255.255.224
int vlan 230
ip add yy.yy.234.66 255.255.255.224
int vlan 340
ip add yy.yy.234.98 255.255.255.224
int fa0/8
spanning-tree bpduguad enable
errdisable recovery interval 90
SW4
spanning-tree mode rapid-pvst
int vlan 20
ip add yy.yy.128.129 255.255.255.224
int vlan 30
ip add yy.yy.128.34 255.255.255.224
int vlan 140
ip add yy.yy.234.34 255.255.255.224
int vlan 234
ip dd yyy.yy.234.4 255.255.255.224
int vlan 340
ip add yy.yy.234.97 255.255.255.224
!!!1.3 ImplementFrame-Relay!!!
R1
int s0/1/0
encapslation frame-relay
no frame-reay inverse-arp
int s0/1/0.231 point-to-point
ip unnumbered lo 0
frame-relay interface-dlci 231
R3
int s0/0/0
encapslation frame-relay
no frame-reay inverse arp
int s0/0/0.223 point-to-point
ip unnumberded lo 0
frame-relay inteface-dlci 233
R5
frame-relay switching
int s0/0/0
no ip add
encapslation frame-relay
no frame-relay inberse arp
clock rate 128000
frame-relay lmi-ty cisco
frame-relay intf ty dce
frame-relay route 23
interface s0/1/0 233
int s0/1/0
no ip add
encapslation frame-relay
no frame-relay intf-ty dce
frame-route 233 interface s0/0/0 231
!!!1.4 Switching!!!
SW1
int range fa0/19 - 20
switchport trunk encapslation dot1q
switchort mode trunk
cannel-groupyy mode on
int range fa0/21 - 22
switchport trunk encapslation dot1q
switchport mode trunk
spanning-tree vlan 1 10 riority 0
spanning-tree vlan 20,30 priority 61440
SW2
int range fa019 - 20
switchport trunk enapslation dot1q
switchport mode trunk
channel-group yy mode on
int fa9/21 - 22
switchport trunk encapslation dot1q
switchport mode trunk
int range fa0/23 - 24
shutdown
SW3
int range fa0/19 - 20
switchport trunk encaslation dot1q
switchport mode trunk
channel-group yy mode on
int range fa0/21 - 22
switchport trunk encapslation dot1q
switchport mode trunk
int range fa0/23 - 24
shutdown
SW4
int range fa0/19 - 20
switchport trunk encapslation dot1q
switchport mode trunk
channel-group yy mode on
int range fa0/21-22
switchporttrunk encapslation do1a
switchport mode trunk
int range fa0/23 -24
switchport trunk encapslation dot1q
switchport mode trunk
!!!1.5 Switch port security!!!
SW3
int fa0/10
switchport port-security maximum 3
switchport port-security mac-address 0000.1234.1111
switchport port-security mac-address 0000.abcd.1111
switchport port-security aging type inactivity
switchport port-security aging time 5
switchport port-security
SW2
int fa0/15
mac access-group e6000 in
mac access-list extended e 6000
deny any any etype-6000
deny any any etype-6000
permit any any
SW1
ip routing
router ospf 1
yy.yy.7.7 0.0.0.0 area 0
network yy.yy.234.1 0.0.0.0 area 1
network yy.yy.234.33 0.0.0.0 area 0
int vlan 140
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 cisco
interface vlan 234
ip osp priority 0
SW2
ip routing
router ospf 1
network yy.yy.8.80.0.0 area 23
network yy.yy.234.2 0.0.0.0 area 1
network yy.yy.234.65 0.0.0.0 area 23
interface vlan 234
ip ospf priority 0
SW3
ip routing
router ospf 1
area 1 virtual-link yy.yy.10.10 authentication message-digest
area 1 virtual-link yy.yy.10.10 message-digest-key 1 md5 cisco
network yy.yy.9.9 0.0.0.0 area 1
network yy.yy,234.3 0.0.0.0 area 1
network yy.yy.234.66 0.0.00 area 23
network yy.yy.128.161 area 1
netwotk yy.yy.234.3 0.0.0.0 area 1
network yy.yy.128.161 0.0.0.0 area 1
network yy.yy.234.98 0.0.0.0 area 1
int vlan 234
ip ospf priority 0
SW4
ip routering
area 1 virtual-ink yy.yy.9.9 authenticatino message-digest
message-digest-key 1 md5 cisco
network yy.yy.10.10 0.0.0.0 area 1
network yy.yy.234.4 0.0.0.0 area 1
netwotk yy.yy.234.34 0.0.0.0 area 0
netwotk yy.yy.128.129 0.0.0.0 area 1
network yy.yy.234.97 0.0.0.0 area 1
int vlan 234
int vlan 140
iip ospf authentication message-digest
ip ospf message-digest-key 1 md5 cisco
R2
router ospf 1
netwotk yy.yy.2.2 0.0.0.0 area 1
netwotk yy.yy.128.130 0.0.0.0 area 1
network yy.yy.128.162 0.0.0.0 area 1
R4
rotuer rip
version 22
passive-interface default
neighbor yy.yy.12865
neighbor yy.yy.128.98
netwotk yy.0.0.0
no auto-summary
redistribute eigrp yy metric 5
int s0/0/0
ip access-group FROM BB1 in
ip acces-list standard FRO_BB1
deny 199.17.2.0 0.0.255.255
permit any
access-list 10 deny 199.172.0.0 0.0.255.255
router eigrp y
no auto-summary
redistribute rip metric 1544 200 255 1 1500
SW1
router rip
version 2
passive-interface default
neighbor yy.yy.128.66
network yy.yy.0.0
no auto-summary
redistribute ospf 1 metric 3
router ospf 1
redistribute rip subnts
SW2
router rip version 2
passive0interface default
neighbor yy.yy.128.99
netwotk yy.0.00
no auto0summary
redsitribute ospf 1 metric 3
router ospf 1
redistribute rip subnets
!!!implement IPV4 EIGRP!!!
R1
router eigrp yy
no auto0summar
network yy.yy.1.1 0.0.0.0
netwotk yy.yy.14.1 0.0.0.0
network yy.yy.128.1 0.0.0.0
netwotk 150.1.yy.1 0.0.0.0
R2
access-list 5 permit yy.yy.128.0 0.0.0.3
router eigrp yy
no auto0summary
netwotk yy.yy.23.2 0.0.0.0
refistribute ospf metric 1544 2000 255 1 500
distance 125 yy.yy.23.1 0.0.0.5
router ospf 1
redistribute eigrp yy subnets
interface s0/1/0
ip summary eigrp yy 198.2.0.0 255.255.248.0
R3
router eigrp yy
no auto-summary
netwotk yy.yy.3.3 0.0.0.0
netwotk yy.yy.23.1 0.0.0.0
netwotk 150.2.yy.1 0.0.0.0
network yy.yy.128.33 0.0.0.0
R4
access-list 5 permit yy.yy.128.32 0.0.0.31
router eigrpp yy
no auto-summary
netwotk yy.yy.4.4 0.0.0.0
netotk yy.yy.14.2 0.0.0.0
distanve 15 yy.yy.14.1 0.0.0.0 5
SW1
router eigrp yy
no auto-summary
netwotk yy.yy.128.2 0.0.0.0
SW4
router eigrp yy
no auto-summary
netwotk yy.yy.128.34 0.0.0.0
R5
router eigrp 100
no auto-summary
netwotk yy.yy.5.5 0.0.0.0
network yy.yy.128.194 0.0.0.0
network yy.yy.128.255 0.0.0.0
netwotk 150.3.yy.1 0.0.0.0
SW2
router eigrp 100
no auo-summary
network y.yy.128.193 0.0.0.0
redistribute ospf 1 subnets
SW3
router eigrp 100
no auro-summary
network yy.yy.128.126 0.0.0.0
router ospf 1
redsitribute eigrp 100 subnets
router eigrp 100
redistribute ospf mwtric 1544 2000 255 1 1500
!!!2.4 Implement IPv4BGP!!!
R1
router bgp 254
gp router-id yy.yy.1.1
bgp log-neighbor-changes
neighbor yy.yy.3.3 remote-as 254
neighbor y.yy.3.3 update-source lo 0
neibhbor yy.yy.128.2 remote-as yy
neighbor yy.yy.128.2 ebgp multihop 10
neighbor 150.1.yy.254 remote-as 254
neighbor 150.1.yy.254 mukimum-prefix 10 100 warning-only
no auto-summary
R2
router bgp 64500
no synchronization
bgp router-iid yy.yy.2.2
bgp log-neighbor-chnges
bgp confederation identufer yy
bgp confederation peers 645y
neighbor yy.yy.9.9 remote-as 645yy
neighbor yy.yy.9.9 ebgp-multihop
neighbor yy.yy.9.9 update-source lo 0
neighbor yy.yy.10.10 remote-as 645yy
neighbor yy.yy.19.19 ebgp-multihop 10
neighbor yy.yy.10.10 update-source o 0
no auto-smummary
R3
router bgp 254
no synchronizatin
bgp router-id yy.yy.3.3
bgp log-neighbor-changes
neighbor yy.yy.1.1 remote-as 254
neighbor yy.yy.1.1 updatesource-lo 0
neighbor yy.yy.128.34 remote-as yy
neighbor yy.yy.128.34 ebgp-multihop 10
neighbor 150.2.yy.254 remote-as 254
no auto summary
SW1
router bgp 645yy
no sync
bgp router-id yy.yy.7.7
bgp log-neighbor-changes bgp
confederation identifer yy
aggegate-address 199.68.0.0 255.255.224.0 as-set summary-only
yy.yy.1010 remote-as 645yy
yy.yy.10.10 update-surce lo 0
yy.yy.10.10 route-reflector-lient
neighbor yy.yy.10.10 next-hop-self
neighbor yy.yy.128.1 remote-as 254
neighbor yy.yy.128.1 ebgp-multihop 10
no auto-summary
SW2
router bgp 645yy
no sync
bgp router-id yy.yy.8.8
bgp log-neighbor-changes
bgp confederation identifier yy
neighbor yy.yy.10.10 remote-as 645 yy
neighbor yy.yy.10.10 update-surce lo 0
no auto-summary
SW3
router bgp 645yy
no sync
bgp route-id yy.yy.9.9
bgp log-neighbor-changes
bgp confederation identifer yy
bgp confederation peers 64500
neighbor yy.yy.2.2 remote-as 64500
neighbor yy.yy.2.2 ebgp-multihop 10
neighbor yy.yy.2.2 update-source lo 0
neighbor yy.yy.10.1 remote-as 645yy
neirhbor yy.yy.10.10 update-source lo 0
neighbor yy.yy.10.10 route-refrector-client
no autto-summary
SW4
router bgp 645yy
no sync
bgp router-id yy.yy.10.10
bgp log-neighbor-changes
bgp confederation identifer yy
bgp confederatino peers 64500
neighbor yy.yy.2.2 remote-as 64500
neighbor yy.yy.2.2 ebgp multihop 10
neighbor yy.yy.2.2 update-surce lo 0
neighbor yy.yy.7.7 remote-as 645yy
neighbor yy,yy,7.7 update-souce lo 0
neighbor yy.yy.7.7 route-refrector client
neighbor yy.yy.8.8 remote-as 645yy
neighbor yy.yy.8.8 update-source lo 0
neighbor yy.yy.8.8 route-refrector client
neighbor yy.yy.9.9 remote-as 645yy
neighbor yy.yy.9.9 update-source lo 0
neighbor yy.yy.9.9 route-reflector client
neighbor yy.yy.128.33 remote-as 254
neighbor yy.yy.128.33 ebgp multihop 10
no auto-summary
!!!Implement MPLS!!!
R1
mpls ip
mpls label-protocol ldp
mpls ldp route-id lo 0 force
ip vrf vpn yy
rd 100:1
route-target both 100:1
route-target import 300:1
interface s0/1/0.231
mpls ip
in s0/0/0
ip vrf forwarding vpnyy
ip address yy.yy.14.1 255.255.255.252
router eigrp 1
address-fammily ipv4 vrf vpn1yy
default-metric 10000 1 255 1 1500
redistribute bgp 254
network yy.yy.14.1 0.0.0.0
no auto-summary
autonomous-system yy
esit address-family
router bgp 254
no bgp default ipv4-unicast
address-family vpnv4
neighor yy.yy.3.3 activate
neighbor yy.yy.3.3 send-community extended
no auto-summary
exit address-family
address-family ipv4
neighbor yy.yy.3.3 activate
no auto-summary
no synchronizatin
exit address-family
address-family ipv4 vrf vpnyy
redistribute eigrp yy
no auto-summary
no sync
exit
address-family
R3
mpls ip
mpls label protocol ldp
mpls ldp route-id lo 0 force
ipvrf vpn3yy
id 300:1
route-target both 300:1
route-target import 100:1
interface s0/0/0.233
mpls ip
int s0/1/0
ip vrf forwarding vpn3yy
ip add yy.yy.23.1 255.255.255.252
rotuer eigrp 1
address-family ipv4 vrf vpn yy
default-metric
redistribute bgp 254
network yy.yy.23.1 0.0.0.0
no auto-summary
autonomous-system yy
exit address-family
router bgp 254
no bgp ipv4-unicast
address-family vpnv4
neighbor yy.yy.1.1 activate
neighbor yy.yy.1.1 send-community extended
no auto-summary
exit addres-family
address-faily ipv4
neighbor yy.yyy.1.1 activate
no auto-summary
no synchronization
exit address-family
address-family ipvr vrf vln3yy
redistribute eigrp yy
no auto-summary
no synchroniztion
exit address-family
!!!2.6Implement IPv6 OSPFv3!!!
R1
ipv6 unicast-routing
ipv6 router ospf 1
router-id 1.1.1.1
area 0 range FC01:ABC:123::/64
no shut
int s0/1/0.231
ipv6 address FC01:ABC:123::/64
ipv6 ospf 1 area 0
interfce tun 0
no ip add
ipv6 address FC01:ABC:100::1/64
ipv6 ospf 1 area 0
runnel source lo 0
tunnel destination yy.yy.8.8
R3
ipv6 unicast-routing
ipv6 router ospf 1
router-id 3.3.3.3
ara 0 rage FC01:ABC:123::/64
no shut
int s0/0/0.254
ipv6 address FC01:ABC:123:A::/64 eeui-64
ipv6 ospf 1 area 0
int tun 0
ipv6 address FC01:ABC:200::1/64
ipv6 ospf 1 area 0
tunnel source lo 0
tunnel destination yy.yy.9.9
R5
ipv6 unicast-routing
ipv6 router ospf 1
rotuer-id 5.5.5.5
area 0 range FX01:ABC:123::/64
no shut
int fa0/1.52
ipv6 adress FC0t:ABC:123:B::/64 eui-64
ipv6 ospf 1 area 0
int fa0/1.53
ipv6 address FC01:ABC:123:C:Y/64 eui-64
ipv6 ospf 1 area 0
SW2
sdm prefer dual-ipv4-and-ipv6 default
ipv6 unicast-routing
ipv6 router ospf 1
router-id 8.8.8.
area 0 range FC01:ABC:123:B::/64 eui-64
ipv6 ospf 1 area 0
int tun 0
no ip add
ipv6 add FC01:ABC:100::2/64
ipv6 ospf 1 area 0
tunnel source lo 0
tunnel destinatino yy.yy.1.1
SW3
sdm preer dual-ipv4-and-ipv6 default
ipv6 unicast routing
ipvt router ospf 1
router-id 9.9.9.9
area 0 range FC01:ABC:123::/64
no shut
int vlan 53
ipv6 address FC01:ABC:123::/64 eui 64
↑
?文字化けしてて数字がわからん
ipv6 ospf 1 area 0
int tun 0
no ip add
iv6 add FC01:ABC:200::2/64
ipv6 ospf 1 area 0
tunnel source lo 0
tunnel destination 19.19.3.3
R1
ip multicast-routing
int lo 0
ip pim spase-mode
ip igmp join-group 234.5.5.5
int s0/1/0.231
ip pim sparse-mode
int fa0/0
ip pim sparse-mode
ip pim send-rp announce lo 0 scope 16 group-list 10
ip pim sen-rp discovery lo 0 scope 16
access-list 10 permit host 234.5.5
R3
ip multicast-routing
int s0/0/0.233
ip pim spase-mode
!!!3.2 Help-Map!!!
R1
ip forward-protocol udp 3000
ip access-list extended UDP_3000
permit multicast helper-map 234.22.2 yy.yy.128.63 UDP_3000
int fa0/0
ip directed-broadcast
R3
ip forward-protocol udp 3000
ip access-list extendedudp_3000
permit udp yy.yy.128.32 0.0.0.31 any eq 3000
int fa0/1
ip pim sparse-mode
ip multicast helper-map
234.5.5.5 yy.yy.128.63 UDP_3000
!!!4.1 FTP_Access!!!
R5
username CISCO priviledge 5 password cisco
priviledge exec level 5 copy running-config startup-config
priviledge exec level 5 show clock
priviledge exec level 5 show ip int b
line vty 0 4
trsnaport input telnet
login local
!!!4.2 vlan-map!!!
SW2
access-list 101 permit ip any host yy.yy.128.194 eq telnet
acdcess-list 301 permit ip any host yy.yy.128.225 eq telent
access-list 101 permit ip any host yy.yy.5.5 eq telnet
vlan acess-map tel 15
match ip address 101
action drop
vlan access-map tel 20
action forward
vlan fillter tel vlan-list 230
!!!4.3 HSRP!!!
SW2
int vlan 42
standby 1 ip yy.yy.128.100
standby 1 prirority 100
standby 1 preempt
SW3
int fa0/0
standby 1 ip yy.yy.128.100
standby 1 priority 150
standby 1 perempt
!!!4.4 ntp!!!
R2
clock set 06:00:00 1 JAN 2000
ntp master 5
ntp authentivati-key 1 md5 cisco
ntp authenticate
ntp trusted-key 1
ntp source lo 0
ntp servver yy.yy.128.254
ntp up@date-calender
clock calender-valid
int fa0/1
ntp broadcast key 1
ntp authentication-key 1 md5 cisco
ntp authtenticate
ntp trusted-key 1
int vlan 23
ntp broadcast client
R1
ntp authentication-key 1 md5 cisco
ntp authenticate
ntp trusted-key 1
ntp server yy.yy.2.2 key 1 sourcw lo 0
!!!4.5 QoS CAR!!!
SW3
mls qos
ip access-list exrnded UDP_4000
permit udp yy.yy.0.0 0.0.0.31 any
class-map UDP_4000
match access-list group-name UDP4000
policy-map RATE-LIMIT
class UDP 4000
police 2000000 62500 exceeded-action drop
int vlan 23
service-policy input RATE-LIMIT
!!!5.1 HTTP Access!!!
R3
ip http server
time-range HTTP
periodec weekdays 10:00to 2:00
ip access-list extended strict
permit tcp 150.2.19.0 0.0.0.255 any eq www time-range HTTP
permit ip any any
int fa 0/0
ip access-group strict in
!!!5.2 Router IP trafic Export!!!
R1
ip traffic-export profile Export
interface fa0/0
mac-adress 0010.0020.0030;
incomming sample one-in-every 50
icomming access-list 100
int s0/0
ip trafic-export apply Export
access-list 100 tcp any any eq telnet
access-list 100 permit tcp an eq telnet any
!!!5.3 IP Source Tracker!!!
R5
ip source-track address-limit 5
ip source-track syslog-interval 1
ip source-track 150.3.yy.201
ip source-track 150.3.yy.202
ip source-track 150.3.yy.203
ip source-track 150.3.yy.204
ip source-track 150.3.yy.205
2011年10月6日木曜日
けぇにぷらす
###########################################################
LAB K2+
###########################################################
!!!1.1!!!
R1
int g0/1.11
no encapslation dot1q 11 native
encaps dot1q 11
ip address yy.yy.0.97 255.255.255.224
SW3
no monitor session all
int fa0/10
switchport access vlan 33
int vlan 33
ip add 150.3.yy.1 255.255.255.0
!!!1.2!!!
SW1
interface fa0/2
switchport mode access
swirchport access vlan 20
int fa 0/3
switchport mode access
switchport access vlan 20
int fa 0/4
switchport mode access
switchport access vlan 43
int fa0/5
switchport mode access
switchport access vlan 54
int vlan 12
ip add yy.yy.128.98 255.255.255.224
no shut
int vlan 51
ip add yy.yy.0.129 255.255.255.224
no shut
int fa0/10
no switchport
ip add 150.1.yy.1 255.255.255.0
SW2
int fa0/2
switchport mode access
switchport acess vlan 234
int fa0/3
switchport mode access
switchport access vlan 300
int fa0/4
switchport mode access
switchport access vlan 54
int fa0/5
switchport mode access
switchport access vlan 51
int vlan 42
ip add yy.yy.128.129 255.255.255.224
no shut
int vlan 243
ip add yy.yy.128.163 255.255.255.224
no shut
int fa 0/10
no switchport
ip add 150.2.yy.1 255.255.255.0
no shut
SW3
int fa0/10
switchport mode access
switchport access vlan 33
int vlan 243
ip add yy.yy.128.161 255.255.255.224
no shut
int vlan 234
ip add yy.yy.128.195 255.255.255.224
no shut
int vlan 33
ip add 150.3.yy.1 255.255.255.0
no shut
SW4
int vlan 243
ip add yy.yy.128.194 255.255.255.224
no shut
!!!1.3!!!
SW1
spanning-tree mode rapid-pvst
spanning-tree portfast bpduguard default
int range fa0/19 - 24
udld port aggresive
SW2
spaning-tree mode rapid-pvst
spanning-tree portfast bpduguard default
int range fa0/19 - 24
udld port aggressive
SW3
spanning-tree mode rapid-pvst
spanning-tree portfast bpdugurad default
int range fa0/19 - 24
udld port aggressive
SW4
spanning-tree mode rapid-pvst
spanning-tree portfast bpdugurd default
int range fa0/19 - 24
udld port aggresive
SW1
int range fa0/2 - 5
spanning-treeportfast
SW2
int range fa0/2 - 5
spaning-tree portfast
SW3
int range fa0/10
spanning-tree bpduguard disable
!!!1.4!!!
SW1
int range fa0/19 - 24
switchport trunk encapslation dot1q
switchport mode trunk
switchport nonegotiate
no sht
exit
SW2
int range fa0/19 - 24
switchport trunk encapslatio dot1q
switchport mode trunk
switchport nonegotiate
no shut
exit
SW3
int range fa0/19 - 24
switchport trunk encapslation dot1q
switchport mode trunk
switchport nonegotiate
no shut
exit
SW4
int range fa0/19 - 24
switchport trunk enccapslaton dot1q
switchport mode trunk
switchport nonegotiate
no shut
exit
SW1
int rane fa 0/19 - 20
channel-group 13 mode active
exit
int range fa 0/21 - 22
channel-group 14 mode active
exit
int range fa 0/23 - 24
channel-group 12 mode active
port-channel load-balanece dst-ip
SW2
int range fa0/19 - 20
channel-group 24 mode active
exit
int range fa0/21 - 22
channel-group 23 mode active
int range fa0/23-24
channel-group 23 mode active
exit
port-channel load-balance dst-ip
SW3
int range fa0/19
channel-group 13 mode active
exit
int range fa 0/21 - 22
channel-group 23 mode active
exit
int range fa0/23 - 24
channel-group 24 mode active
exit
port-channel load-balance dst-ip
SW4
int range fa0/19 20
channel-group 24 mode active
exit
int range fa0/21- 22
channel-group 14 mode active
exit
int range va 0/23 - 24
channel-group 34 mode active
exit
port-vhannel load-balance dst-ip
SW2
int fa0/1
switchport trunk encapslation dot1q
switchport mode trunk
switchport trunk allowed vlan 11,12
switchport nonegotiate
no shut
exit
R1
int fa0/1
no ip address
no shut
exit
int fa0/1.11
encapslatin dot1q
ip address yy.yy.0/65 255.255.255.224
no shut
exit
intfa0/1.12
encapslation dot1q 12
ip add yy.yy.128.97 255.255.255.224
no shut
exit
!!!1.5!!!
SW3
no monitor session all
monitor session 1 source intfa0/1 - 8 port-channel 13 both
monitor session 1 definition fa 0/11
SW1
mac adress-table aging-time 150 vlan 20
!!!1.7!!!
R5
frame-relay switching
int s0/0
encapslation frame-relay
frame-relay lmi-type cisco
frame-relay intf-ty dce
clock rate 64000
frame-relay roue 221 interface serial 0/1 223
no ip address
no shut
exit
int s0/1
encapslation frame-relay
frame-relay lmi-type cisco
frame-relay lmi-type dce
clock rate 64000
frame-relay route 223 interfce serial 0/0 221
no ip address
no shut
exit
R1
interface serial 0/1
encapslation frame-relay inverse-arp
no arp frame-relay
no ip address nosshut
exit
int s0/1.221 point-to-point
no ip address
frame-relay interface-dlci 221 ppp virtual-template 1
exit
exit
interface multilink
ppp multilink
ppp multilink grpup 1
ip unnumbered lo 0
exit
interace virtual-template 1
ppp multilink
ppp multilink grpoup 1
exit
R3
interface serial 0/0
encapslation frame-relay
no frame-relay inverse arp
no arp frame-relay
no ip address
no shut
exit
intefrce s0/0.223 point--to-point
frame-relay interfce-dlci 223 ppp vitrual-template 1
exit
interfrace multilink 1
ppp multilink
ppp multilink group 1
ip unnumbered lo 0
exit
interfce virtual-template 1
exit
ppp multilink
ppp multilink group 1
exit
R2
interface fa 0/0
ip address yy.yy.128.255 255.255.255.224
no shut
exit
interface fa0/1
ip add yy.yy.128.193 255.255.255.224
no shut
exit
interface serial 0/1
encapslation ppp
ip unnumbered fa0/0
no shu
exit
R3
int fa0/0
ip add yy.yy.0.33 255.255.255.224
no shut
exit
int fa 0/1
ip add yy.yy.0.1 255.255.255.224
exit
int s0/1
encapslation ppp
ip unnumbered fa 0/1
clockrate 64000
no shut
exit
R4
int fa0/0
ip add yy.yy.128.130 255.255.255.224
no shut
exit
int fa0/1
ip add yy.yy.254.2 255.255.255.0
no shut
exit
R5
int fa0/0
ip add yy.yy.254.1 255.255.255.0
no shut
exit
int fa0/1
ip add yy.yy.0.130 255.255.255.224
no shut
exit
!!!2.1!!!
SW1
ip routing
router ospf yy
router-id yy.yy.7.7
network yy.yy.7.7 0.0.0.0 area 0
network yy.yy.128.98 0.0.0.0 area 0
network yy.yy.0.129 0.0.0.0 area 52
redisstribute connected subnets rroute-map bb1
default-information originate always
exit
route-map bb1 permit 10
match interface fa0/0
R1
router ospf yy
router-id yy.yy.1.1
network yy.yy.1.1 0.0.0.0 area 0
network yy.yy.0.65 0.0.0.0 area 0
network yy.yy.128.97 0.0.0.0 area 0
R3
router ospf yy
router-id yy.yy.3.3
network yy.yy.3.3 0.0.0.0 area 0
network yy.yy.0.1 0.0.0.0 area 1
network yyy.yy.33 0.0.0.0 are 1
exit
R2
router ospf yy
router-id yy.yy.2.2
network yy.yy.2.20.0.0.0 area 1
network yy.yy.128.225 0.0.0.0 area 1
network yy.yy.128.193 0.0.0.0 area 1
exit
SW3
ip routing
router ospf yy
router-id yy.yy.9.9
network yy.yy.9.9 0.0.0.0 area 1
networrk yy.yy.128.195 0.0.0.0 area 1
network 128.161 0.0.0.0 area 1
exit
SW4
ip routing
router ospf yy
router-id yy.yy.10.10
yy.yy.10.10 0.0.0.0 area 1
network yy.yy.10.10 0.0.0.0area 1
network yy.yy.128.194 0.0.0.0 area 1
network yy.yy.128.162 0.0.0.0 area 1
exit
SW2
ip routing
router ospf yy
router-id yy.yy.8.8
network yy.yy.8.8 0.0.0.0 area 1
network yy.yy.128.129 0.0.0.0 ara 1
network yy.yy.128.163 0.0.0.0 area 1
redisrtribuute connected route-map bb2
default-information originate always
exit
route-map bb2 permit 10
match interfce fa0/10
exit
!!!2.3!!!
R5
router eigrp yy
no auto-summary
network yy.yy.254.1 0.0.0.0
redistribute connected metric 10000 100 255 1 1500 route-map lo
exit
route-map loopback permit 10
match int lo 0
exit
exit
SW3
router eigrp 100
no auto-summary
network 150.3.yy.1 0.0.0.0
eigrp stub receive-only
distribute-list rotue-map tag in vlan 33
exit
access-list 10 permit 0.0.0.0 127.255.255.255
route-map tag permit 10
match ip address 10
set tag 200
route-map tag permit 20
exit
router ospf yy
redistribute eigrp 100 subnets
summary-address 198.0.0.0 255.0.0.0
exit
!!!2.3!!!
R2
router bgp yy
no auto-summary
no syncronization
bgp router-id yy.yy.2.2
neighbor ibgp peer-group
neighbor ibgp remote-as yy
neighbor ibgp update-source lo 0
neighbor yy.yy.3.3 peer-group ibgp
neighbor yy.yy.7.7 peergrpup ibgp
neighbor yy.yy.8.8 peer-group ibgp
neighbor yy.yy.8.8 weight 100
exit
R3
router bgp yy
no auto-summary
nosyncronization
bgp rouer-id yy.yy.3.3
neighbor ibgp peer-group
neighbor ibgp remote-as yy
neighbor ibgp update-spource lo 0
neighbor yy.yy.2.2 peer-group ibgp
neighbor yy.yy.7.7 pee-group ibgp
neighbor yy..yy.8.8 peer-group ibgp
neighbor yy.yy.7.7 weight 100
SW1
router bgp yy
no auto summary
no syncronizationbgp router-id yy.yy.7.7
neighbor ibgp peer-group
ibgp remote-as y
neighbor ibgp update-source lo 0
neighbor yy.yy.2.2 peer-group ibgp
neighbor yy.yy.3.3 peer-group ibgp
neighbor yy.yy.8.8 peer-group ibgp
neighbor 150.1.yy.254 remoe-as 254
SW2
ip routeing
router bgp yy
no auto-summary
no syncronization
bgp router-id yy.yy.8.8
neighbor ibgp peer-group
neighbor ibgp remote-as yy
neighbot ibgp update-source lo 0
neighbor yy.yy.2.2 peer-group ibgp
neighbor yy.yy.7.7 peer-group ibgp
neighbor yy.yy.8.8 peer-group ibgp
neighbor 150.2.yy.254 route-map as in
exit
route-map as permit 10
set as-path prepend 253
exit
exit
!!!2.4!!!
R4
ip cef
mpls labelprotocol ldp
mpls ldp route0id lo 0 force
int fa0/1
mpls ip
exit
ip vrf vpn yy
vrf 100:1
route-target both 100:1
exit
interfce fa0/0
ip vrf forwarding vpn yy
ip address yy.yy.128.130 255.255.255.224
exit
router bgp 100
no auto-summary
no synchronization
bgp router-id yy.yy.4.4
neighbor yy.yy.5.5 update-source lo 0
neighbor yy.yy.5.5 remote-as 100
address-family vpn 4
neighbor yy.yy.5.5 active
neighboryy.yy.5.5 send-community-extended
exit
no bgp defualt ipv4-unicast
address-family ipv4 vrf vpn VPNYY
redistribute ospf yyvrf vpn yy
exit
exit
router ospf yy vrf vpn yy
redistribute bgp 100 subnets
netwrpk yy.yy.128.130 0.0.0.0
exit
R5
ip cef
mpls label protocop ldp
mpls ldp router-id lo 0 force
int fa0/3
mpls ip
exit
ipvrf vpn yy
rd 100:1
rote-target both 100:1
exit
int fa0/1
ip vrf forwarding vrf vpn yy
ip add yy.yy.0.130 255.255.255.224
exit
router bgp 100
no auto sum
no sync
router-id yy.yy.5.5
neighbor yy.yy.4.4 remote-as 100
neighbor yy.yy.4.4 update-source lo 0
address-familyvpnv4
neighbor yy.yy.4.4activate
neighbor yy.yy.4.4 send-community extended
exit
no bgp default ipv4 unicast
addresfamily ipv4 vrf vpn yy
redistribute ospf yy vrf vpn yy
exit
exit
router ospf yy vrf vpn yy
router-sofp yy vrf vpn yy
router-id yy.yy.5.5
redistribute bgp 100 subnets
network yy.yy.0.130 0.0.0.0 area 51
area 51 virtual-link yy.yy.7.7
exit
SW1
roter ospf yy
are 51 virtual-link yy.yy.5.5
exit
!!!2.5!!!
R3
int tun 35
tunnel source lo 0
tunnel destination yy.yy.0.130
ip unnumberdrd fa0/0
ip ospf yy area 1
exit
R5
int tun 35
tunnel source fa0/1
tunnel destination yy.yy.3.3
ip vrf forawrding vpn yy
ip unnumberded fa0/1
ip ospf yy area 1
ip tunnel vrf vpn yy
exit
R4
int lo 0
ip vrf forwarding vpnyy
ip address yy.yy.100.4 255.255.255.255
exit
R5
int lo 1
ip vrf forwarding vpn yy
ip address yy.yy.100.5 255.255.255.255
exit
R4
router bgp 100
address-family ipv4 vrf vpnyy
router bgp 100
address-family ipv4 vrf vpnyy
network yy.yy.100.5 mask 255.255.255.255
exit
R4
router ospf yy vrf vpn yy
aea 1 sham-link yy.yy.100.5
exit
R5
router ospf yy vrf vpnyy
are 1 sham-link yy.yy.100.5 yy.yy.100.4
exit
R2
ipv6 unicast routing
int fa0/1
ipv6 address 20yy:1010:10::2/24
exit
int fa0/0
ipv6 address 20yy:1010:10::2/64
SW3
sdm prefer dual ipv4-ipv6 routeing
int vlan 33
ipv6 address 20yy:1010:222::9/64
exit
intvlan 234
ipv6 address 20yy:1010:10::9/64
exit
R2
ipv6 router rip cisco
exit
intfa0/0
ipv6 rip cisco enable
exit
int fa0/1
ipv6 rip cisco enable
exit
SW3
ipv6 router rip cisco
exit
intvlan 33
ipv6 cisvco rip enable
exit
int vlan 234
ipv6 rip cisco enable
ipv6 rip cisco default-informatio originate metric 2
exit
!!!3.1!!!
SW2
ip multicust-routing
ip pim auto-rp listner
int vlan 243
ip igmp join-group 239.10.5.1
exit
SW3
ip multicast-routing
ip pim auto-rp-listner
in lo 0
ip pim sparse-mode
exit
int vlan 243
ip pim sparse-mpde
exit
access-list 10 permit 239.10.5.0 0.0.0.355
ip pim send-rp-announce ki o scope 16 group-list 10
SW4
ip muilticast-routing
ip pim auto-rp listner
int lo 0
ip pim sparse-,oe
exiit
int vlan 234
ip pim sparse-mode
!!!3.2!!!
access-list 20 permit 239.10.5
1
int vlan 243
ip igmp access-group 20
SW3
access-list 20 permit 239.10.5.1
int vlan 243
ip igmp acccess-group 20
exit
SW4
access-list 20 permit 239.10.5.1
int vlan 243
ip igmp access-group 20
!!!4.1!!!
LinkFragMentation
R1
map-class frame-relay FRTS
frame-relay cir 128000
frame-relay bcc 8000
frame-relay be 1000
exit
int s0/1
bandwidth 128
frame-relay traffic-shaping
exit
int s0/1.221 point-to-point
bandwidth 128
frame-relay interfce-dlci 221 ppp virtual-template 1
cclass FRTS
exit
exit
interfce Virtual-templat 1
bandwidth 128
exit
multilink bandle-name endpoint
int multilink 1
bandwidth 128
ppp multilink
bandwidth 128
ppp multilink
bandwidth 128
ppp multilink fragment delay 8
ppp multilink interleave
ppp multilink endpoint hostnae
exit
R3
map-class frame relay FRTS
frame-relay cir 1280000
frame-relay bc 8000
frame-relay be 1000
exit
int s0/0
bandwidth 128
frame-relay traffic-shaping
exit
int s9/1.223 point-to-point
bandwidth 128
frame-relay interface-lci 221 ppp virtual-template 1
class FRTS
exit
exit
int virtual-template 1
bandwidth 128
multilink-bandle endpoint hostname
exit
!!!4.2MQC!!!
R1
access-list 100 permit udp any any precedence critical
class-map match-all voip
match access-group 100
exit
policy-map voip
priority 45
exit
class class-default
fair-queue
exit
exit
interface multilink 1
service-policy output voip
exit
R3
aces-list 100 permit udp any any precedence critical
class-map match-all voip
exit
policy-map voip
class voip
priority 45
exit
class class-default
fair-queue
exit
exitinterface multilink 1
service-poicy output oip
exit
!!!4.3NTP!!!
R5
clock set 8:00:00 1 JAN 2010
conf t
clock timezone HK+8
nep master 5
ntp source fa0/1
ntp server yy.yy.254.254
ntp acces-group peer 10
ntp access-group serve-only 20
ntp peer vrf VPNyy yy.yy.3.3 key 1
ntp peer vrf VPNyy yy.yy.8.8
ntp peer vrf VPNyy yy.yy.7.7
access-list 10 permit yy.yy.254.254
access-list 10 permit 127..127.7.1
access-list 20 permit yy.yyy.3.3
access-list permit yy.yy.7.7
access-list 20 permit yy.yy.8.8
ntp update-calennder
clck calnder-vlid
ntp uthenticate
ntp trust-key 1
ntp authentication-key 1 md5 cisco
R3
clock timezone HK+8
ntp authenticate
ntp authentication-key 1 md5 cisco
ntp trust-key 1
ntp server yy.yy.0130 key 1 source lo 0
ntp update-calender
clock time-zone HK+8
ntpserer yy.yy.0.130 lo 0
SW2
clodk timezone HK+(
ntp server yy.yy.0.130 source lo 0
!!!4.3 Rsvp !!!!!!!!
R1
interface lo 0
ip rsvp bandwidth 64 64
exit
interface multilink 1
ip rsvp bandwidth 64 64
exit
ip rsvp reservation-host yy.yy.1.1 yy.yy.3.3 tp 23 10000 ff rate 10 1
R3
interface lo 0
ip rsvp bandwidth 64 64
exit
interfae multilinnk 1
ip rrsvp bandwidth 64 64
exit
ip rsvp sender-host yy.yy.1.1 yy.yy.3.3 23 10000 10 1
!!!4.4FirstHop redunndancy with Object Tracking!!!
SW3
track 10 ip route 0.0.0.0 0.0.0.0 reachability
interface vlan 234
sandby 1 ip yy.yy.128.96
standb 1 preempt
standby 1 track 10
standby 2 ip yy.yy.128.222
standby 2 priority 105
standby 2 preempt
standby 2 track
exit
SW4
track 10 ip rotue 0.0.0.0 reachability
interface vlan 234
standby 1 ip yy.yy.128.9
standby 1 pripority 105
standb 1 preempt
standby 1 track 10
standby 2 ip yy.yy.128.222
standby 2 track 10
exit
!!!MLS qos for Video!!!
SW4
mld qos
mps qos srr-queue output dscp-map queue 1 56
ip access-list extnded 100
permit ip host yy.yy.128.98 yy.yy.0.64 0.0.0.31
exit
clss-map match all voip
match access-group 100
exit
ms qos map policed-dscp 5 to 8
poliy-map policy
class voip
set ip dscp 56
police 300000 125000 exceeded-action police-dscp-trancemit
exit
exit
interface 0.6
service-policy input policy
mls qos cos 1
exit
interfce range fa0/19 - 24
mps qos trust dscp
mps qos cos 1
priority-queue out
exit
SW1
mls qos
ms qos srr-queue outout dscp-map queue 1 56
interface range fa019 - 24
mls qos trust dscp
mls qos cos 1
priority-queue out
exit
!!!5.1!!!
SW1
ip sla responder
SW2
SW2
mls qos
mos qos srr-queue output dscp-map queue 1 56
interface range fa0/19 - 24
mls qos trust dscp
mls qos cos
priority-queue out
int fa0/1
mls qos trust dscp
mps qos cos 1
priority-queue out
exit
!!!5.1 Ip Service Level Agreement!!!
SW1
ip spa responder
SW2
ip sa 1
tcp-connect yy.yy.7.7 23 source-ip yy.yy.8.
freuency 180
exit
ip sla 2
icmp-echo yy.yy.3.3 source-ip yy.yy.8.8
frquncy 180
exit
ip sla schedule 1 start-time now recuring
ip sla schedule 2 start-time now recuring
!!!5.2 SNMP !!!
R3
snmp-server communit public Ro
snmp-server community public ro
snmp community ciscoADMIN RW
snmp-server enable traps rsvp
snmp-server host yy.yy.128.336 public rsvp
SW2
snmp-server community public RO
snmp-server community ciscoADMIN RW
snmp-server user ciscoADMIN ciscoADMIN v1
snmp-server user ciscoADMIN ciscoADMIN v2c
snmp-server enable raps rtr
snmp-server host yy.yy.128.226 pubic rsvp
!!!5.2!!!
R3
snmp-server comunity public RO
snmp-server community ciscoADMIN RW
snmp-server enable trasps rsvp
enmp-server host yy.yy.128.226 public rsvp
SW2
snmp-server community public RO
snmp-server community public RO
snmp-server community ciscoADMIN RW
snmp-server user ciscoADMIN v1
snmp-server user ciscoADMIN v2c
snmp-server enable traps rtr
snmp-server host yy.yy.120.226 public rtr
ip sla reaction-configuration 1 react rtr threshold-type imediate action-type trapOnly
ip sla reaction-configuration 2 react rtr threshold imediate action-type traponly
!!!5.3!!!
R2
logging on
servicetimestaumps log dateline msec localtime
service timestamps debug datetim msec localtime
logging count
logging buffered 100000 warnings
ip ftp username reload
ip ftp passwprd cisco
exception corefile RackyyR2 compress
exception protocol ftp
exception dump yy.yy.126.196
R4
extendded ip access-list copp_acl_atack
10 permit udp any any eq 1434
20 permit udp any any eq 1434 any
30 permit ip any any fragments
extended ip access-list copp_acl_bgp
10 permit tcp any eq bgp host 1.1.4.4
20 permit tcp any host 1.1.4.4 eq bgp=179
extended ip access-list copp_acl_ldp
10 permit tcp any host 1.1.4.4 eq 646
20 permit tcp any eq 646 host 1.1.4.4
30 permit udp any eq 646 host 224.0.0.2 eq 646
extended ip access-list copp_acl_mgmt
10 permit icmp any any
20 permit pim any any
extended ip access-list copp ospf
!!!5.4!!!
R4
mls qos
class map match-all telnet id3
matchaccess-group name copp_acl_telnet
class-map match-all attack
match access-group name copp_acl_attack
clas map match-all mgmt
match access-group name copp_acl_mgmt
class-map match-any class-default
match any
class map match-any ldp_bgp_ospf_eigrp id 1
match access-group name copp_acl_ldp
match access-group name copp_acl_bgp
match access-group name copp_acl_ospf
match access-group name copp_acl_eigrp
class-map match-all l2arp
match protocol arp
policy map police
class attack
policerate 10 pps burst 2 packet
conform-action drop
exceed-action drop
class ldp_bgp_ospf_eigrp
class telnet
poolicerate 100 pps burst 24 packets
conform action transmit
exceeded action trancemit
LAB K2+
###########################################################
!!!1.1!!!
R1
int g0/1.11
no encapslation dot1q 11 native
encaps dot1q 11
ip address yy.yy.0.97 255.255.255.224
SW3
no monitor session all
int fa0/10
switchport access vlan 33
int vlan 33
ip add 150.3.yy.1 255.255.255.0
!!!1.2!!!
SW1
interface fa0/2
switchport mode access
swirchport access vlan 20
int fa 0/3
switchport mode access
switchport access vlan 20
int fa 0/4
switchport mode access
switchport access vlan 43
int fa0/5
switchport mode access
switchport access vlan 54
int vlan 12
ip add yy.yy.128.98 255.255.255.224
no shut
int vlan 51
ip add yy.yy.0.129 255.255.255.224
no shut
int fa0/10
no switchport
ip add 150.1.yy.1 255.255.255.0
SW2
int fa0/2
switchport mode access
switchport acess vlan 234
int fa0/3
switchport mode access
switchport access vlan 300
int fa0/4
switchport mode access
switchport access vlan 54
int fa0/5
switchport mode access
switchport access vlan 51
int vlan 42
ip add yy.yy.128.129 255.255.255.224
no shut
int vlan 243
ip add yy.yy.128.163 255.255.255.224
no shut
int fa 0/10
no switchport
ip add 150.2.yy.1 255.255.255.0
no shut
SW3
int fa0/10
switchport mode access
switchport access vlan 33
int vlan 243
ip add yy.yy.128.161 255.255.255.224
no shut
int vlan 234
ip add yy.yy.128.195 255.255.255.224
no shut
int vlan 33
ip add 150.3.yy.1 255.255.255.0
no shut
SW4
int vlan 243
ip add yy.yy.128.194 255.255.255.224
no shut
!!!1.3!!!
SW1
spanning-tree mode rapid-pvst
spanning-tree portfast bpduguard default
int range fa0/19 - 24
udld port aggresive
SW2
spaning-tree mode rapid-pvst
spanning-tree portfast bpduguard default
int range fa0/19 - 24
udld port aggressive
SW3
spanning-tree mode rapid-pvst
spanning-tree portfast bpdugurad default
int range fa0/19 - 24
udld port aggressive
SW4
spanning-tree mode rapid-pvst
spanning-tree portfast bpdugurd default
int range fa0/19 - 24
udld port aggresive
SW1
int range fa0/2 - 5
spanning-treeportfast
SW2
int range fa0/2 - 5
spaning-tree portfast
SW3
int range fa0/10
spanning-tree bpduguard disable
!!!1.4!!!
SW1
int range fa0/19 - 24
switchport trunk encapslation dot1q
switchport mode trunk
switchport nonegotiate
no sht
exit
SW2
int range fa0/19 - 24
switchport trunk encapslatio dot1q
switchport mode trunk
switchport nonegotiate
no shut
exit
SW3
int range fa0/19 - 24
switchport trunk encapslation dot1q
switchport mode trunk
switchport nonegotiate
no shut
exit
SW4
int range fa0/19 - 24
switchport trunk enccapslaton dot1q
switchport mode trunk
switchport nonegotiate
no shut
exit
SW1
int rane fa 0/19 - 20
channel-group 13 mode active
exit
int range fa 0/21 - 22
channel-group 14 mode active
exit
int range fa 0/23 - 24
channel-group 12 mode active
port-channel load-balanece dst-ip
SW2
int range fa0/19 - 20
channel-group 24 mode active
exit
int range fa0/21 - 22
channel-group 23 mode active
int range fa0/23-24
channel-group 23 mode active
exit
port-channel load-balance dst-ip
SW3
int range fa0/19
channel-group 13 mode active
exit
int range fa 0/21 - 22
channel-group 23 mode active
exit
int range fa0/23 - 24
channel-group 24 mode active
exit
port-channel load-balance dst-ip
SW4
int range fa0/19 20
channel-group 24 mode active
exit
int range fa0/21- 22
channel-group 14 mode active
exit
int range va 0/23 - 24
channel-group 34 mode active
exit
port-vhannel load-balance dst-ip
SW2
int fa0/1
switchport trunk encapslation dot1q
switchport mode trunk
switchport trunk allowed vlan 11,12
switchport nonegotiate
no shut
exit
R1
int fa0/1
no ip address
no shut
exit
int fa0/1.11
encapslatin dot1q
ip address yy.yy.0/65 255.255.255.224
no shut
exit
intfa0/1.12
encapslation dot1q 12
ip add yy.yy.128.97 255.255.255.224
no shut
exit
!!!1.5!!!
SW3
no monitor session all
monitor session 1 source intfa0/1 - 8 port-channel 13 both
monitor session 1 definition fa 0/11
SW1
mac adress-table aging-time 150 vlan 20
!!!1.7!!!
R5
frame-relay switching
int s0/0
encapslation frame-relay
frame-relay lmi-type cisco
frame-relay intf-ty dce
clock rate 64000
frame-relay roue 221 interface serial 0/1 223
no ip address
no shut
exit
int s0/1
encapslation frame-relay
frame-relay lmi-type cisco
frame-relay lmi-type dce
clock rate 64000
frame-relay route 223 interfce serial 0/0 221
no ip address
no shut
exit
R1
interface serial 0/1
encapslation frame-relay inverse-arp
no arp frame-relay
no ip address nosshut
exit
int s0/1.221 point-to-point
no ip address
frame-relay interface-dlci 221 ppp virtual-template 1
exit
exit
interface multilink
ppp multilink
ppp multilink grpup 1
ip unnumbered lo 0
exit
interace virtual-template 1
ppp multilink
ppp multilink grpoup 1
exit
R3
interface serial 0/0
encapslation frame-relay
no frame-relay inverse arp
no arp frame-relay
no ip address
no shut
exit
intefrce s0/0.223 point--to-point
frame-relay interfce-dlci 223 ppp vitrual-template 1
exit
interfrace multilink 1
ppp multilink
ppp multilink group 1
ip unnumbered lo 0
exit
interfce virtual-template 1
exit
ppp multilink
ppp multilink group 1
exit
R2
interface fa 0/0
ip address yy.yy.128.255 255.255.255.224
no shut
exit
interface fa0/1
ip add yy.yy.128.193 255.255.255.224
no shut
exit
interface serial 0/1
encapslation ppp
ip unnumbered fa0/0
no shu
exit
R3
int fa0/0
ip add yy.yy.0.33 255.255.255.224
no shut
exit
int fa 0/1
ip add yy.yy.0.1 255.255.255.224
exit
int s0/1
encapslation ppp
ip unnumbered fa 0/1
clockrate 64000
no shut
exit
R4
int fa0/0
ip add yy.yy.128.130 255.255.255.224
no shut
exit
int fa0/1
ip add yy.yy.254.2 255.255.255.0
no shut
exit
R5
int fa0/0
ip add yy.yy.254.1 255.255.255.0
no shut
exit
int fa0/1
ip add yy.yy.0.130 255.255.255.224
no shut
exit
!!!2.1!!!
SW1
ip routing
router ospf yy
router-id yy.yy.7.7
network yy.yy.7.7 0.0.0.0 area 0
network yy.yy.128.98 0.0.0.0 area 0
network yy.yy.0.129 0.0.0.0 area 52
redisstribute connected subnets rroute-map bb1
default-information originate always
exit
route-map bb1 permit 10
match interface fa0/0
R1
router ospf yy
router-id yy.yy.1.1
network yy.yy.1.1 0.0.0.0 area 0
network yy.yy.0.65 0.0.0.0 area 0
network yy.yy.128.97 0.0.0.0 area 0
R3
router ospf yy
router-id yy.yy.3.3
network yy.yy.3.3 0.0.0.0 area 0
network yy.yy.0.1 0.0.0.0 area 1
network yyy.yy.33 0.0.0.0 are 1
exit
R2
router ospf yy
router-id yy.yy.2.2
network yy.yy.2.20.0.0.0 area 1
network yy.yy.128.225 0.0.0.0 area 1
network yy.yy.128.193 0.0.0.0 area 1
exit
SW3
ip routing
router ospf yy
router-id yy.yy.9.9
network yy.yy.9.9 0.0.0.0 area 1
networrk yy.yy.128.195 0.0.0.0 area 1
network 128.161 0.0.0.0 area 1
exit
SW4
ip routing
router ospf yy
router-id yy.yy.10.10
yy.yy.10.10 0.0.0.0 area 1
network yy.yy.10.10 0.0.0.0area 1
network yy.yy.128.194 0.0.0.0 area 1
network yy.yy.128.162 0.0.0.0 area 1
exit
SW2
ip routing
router ospf yy
router-id yy.yy.8.8
network yy.yy.8.8 0.0.0.0 area 1
network yy.yy.128.129 0.0.0.0 ara 1
network yy.yy.128.163 0.0.0.0 area 1
redisrtribuute connected route-map bb2
default-information originate always
exit
route-map bb2 permit 10
match interfce fa0/10
exit
!!!2.3!!!
R5
router eigrp yy
no auto-summary
network yy.yy.254.1 0.0.0.0
redistribute connected metric 10000 100 255 1 1500 route-map lo
exit
route-map loopback permit 10
match int lo 0
exit
exit
SW3
router eigrp 100
no auto-summary
network 150.3.yy.1 0.0.0.0
eigrp stub receive-only
distribute-list rotue-map tag in vlan 33
exit
access-list 10 permit 0.0.0.0 127.255.255.255
route-map tag permit 10
match ip address 10
set tag 200
route-map tag permit 20
exit
router ospf yy
redistribute eigrp 100 subnets
summary-address 198.0.0.0 255.0.0.0
exit
!!!2.3!!!
R2
router bgp yy
no auto-summary
no syncronization
bgp router-id yy.yy.2.2
neighbor ibgp peer-group
neighbor ibgp remote-as yy
neighbor ibgp update-source lo 0
neighbor yy.yy.3.3 peer-group ibgp
neighbor yy.yy.7.7 peergrpup ibgp
neighbor yy.yy.8.8 peer-group ibgp
neighbor yy.yy.8.8 weight 100
exit
R3
router bgp yy
no auto-summary
nosyncronization
bgp rouer-id yy.yy.3.3
neighbor ibgp peer-group
neighbor ibgp remote-as yy
neighbor ibgp update-spource lo 0
neighbor yy.yy.2.2 peer-group ibgp
neighbor yy.yy.7.7 pee-group ibgp
neighbor yy..yy.8.8 peer-group ibgp
neighbor yy.yy.7.7 weight 100
SW1
router bgp yy
no auto summary
no syncronizationbgp router-id yy.yy.7.7
neighbor ibgp peer-group
ibgp remote-as y
neighbor ibgp update-source lo 0
neighbor yy.yy.2.2 peer-group ibgp
neighbor yy.yy.3.3 peer-group ibgp
neighbor yy.yy.8.8 peer-group ibgp
neighbor 150.1.yy.254 remoe-as 254
SW2
ip routeing
router bgp yy
no auto-summary
no syncronization
bgp router-id yy.yy.8.8
neighbor ibgp peer-group
neighbor ibgp remote-as yy
neighbot ibgp update-source lo 0
neighbor yy.yy.2.2 peer-group ibgp
neighbor yy.yy.7.7 peer-group ibgp
neighbor yy.yy.8.8 peer-group ibgp
neighbor 150.2.yy.254 route-map as in
exit
route-map as permit 10
set as-path prepend 253
exit
exit
!!!2.4!!!
R4
ip cef
mpls labelprotocol ldp
mpls ldp route0id lo 0 force
int fa0/1
mpls ip
exit
ip vrf vpn yy
vrf 100:1
route-target both 100:1
exit
interfce fa0/0
ip vrf forwarding vpn yy
ip address yy.yy.128.130 255.255.255.224
exit
router bgp 100
no auto-summary
no synchronization
bgp router-id yy.yy.4.4
neighbor yy.yy.5.5 update-source lo 0
neighbor yy.yy.5.5 remote-as 100
address-family vpn 4
neighbor yy.yy.5.5 active
neighboryy.yy.5.5 send-community-extended
exit
no bgp defualt ipv4-unicast
address-family ipv4 vrf vpn VPNYY
redistribute ospf yyvrf vpn yy
exit
exit
router ospf yy vrf vpn yy
redistribute bgp 100 subnets
netwrpk yy.yy.128.130 0.0.0.0
exit
R5
ip cef
mpls label protocop ldp
mpls ldp router-id lo 0 force
int fa0/3
mpls ip
exit
ipvrf vpn yy
rd 100:1
rote-target both 100:1
exit
int fa0/1
ip vrf forwarding vrf vpn yy
ip add yy.yy.0.130 255.255.255.224
exit
router bgp 100
no auto sum
no sync
router-id yy.yy.5.5
neighbor yy.yy.4.4 remote-as 100
neighbor yy.yy.4.4 update-source lo 0
address-familyvpnv4
neighbor yy.yy.4.4activate
neighbor yy.yy.4.4 send-community extended
exit
no bgp default ipv4 unicast
addresfamily ipv4 vrf vpn yy
redistribute ospf yy vrf vpn yy
exit
exit
router ospf yy vrf vpn yy
router-sofp yy vrf vpn yy
router-id yy.yy.5.5
redistribute bgp 100 subnets
network yy.yy.0.130 0.0.0.0 area 51
area 51 virtual-link yy.yy.7.7
exit
SW1
roter ospf yy
are 51 virtual-link yy.yy.5.5
exit
!!!2.5!!!
R3
int tun 35
tunnel source lo 0
tunnel destination yy.yy.0.130
ip unnumberdrd fa0/0
ip ospf yy area 1
exit
R5
int tun 35
tunnel source fa0/1
tunnel destination yy.yy.3.3
ip vrf forawrding vpn yy
ip unnumberded fa0/1
ip ospf yy area 1
ip tunnel vrf vpn yy
exit
R4
int lo 0
ip vrf forwarding vpnyy
ip address yy.yy.100.4 255.255.255.255
exit
R5
int lo 1
ip vrf forwarding vpn yy
ip address yy.yy.100.5 255.255.255.255
exit
R4
router bgp 100
address-family ipv4 vrf vpnyy
router bgp 100
address-family ipv4 vrf vpnyy
network yy.yy.100.5 mask 255.255.255.255
exit
R4
router ospf yy vrf vpn yy
aea 1 sham-link yy.yy.100.5
exit
R5
router ospf yy vrf vpnyy
are 1 sham-link yy.yy.100.5 yy.yy.100.4
exit
R2
ipv6 unicast routing
int fa0/1
ipv6 address 20yy:1010:10::2/24
exit
int fa0/0
ipv6 address 20yy:1010:10::2/64
SW3
sdm prefer dual ipv4-ipv6 routeing
int vlan 33
ipv6 address 20yy:1010:222::9/64
exit
intvlan 234
ipv6 address 20yy:1010:10::9/64
exit
R2
ipv6 router rip cisco
exit
intfa0/0
ipv6 rip cisco enable
exit
int fa0/1
ipv6 rip cisco enable
exit
SW3
ipv6 router rip cisco
exit
intvlan 33
ipv6 cisvco rip enable
exit
int vlan 234
ipv6 rip cisco enable
ipv6 rip cisco default-informatio originate metric 2
exit
!!!3.1!!!
SW2
ip multicust-routing
ip pim auto-rp listner
int vlan 243
ip igmp join-group 239.10.5.1
exit
SW3
ip multicast-routing
ip pim auto-rp-listner
in lo 0
ip pim sparse-mode
exit
int vlan 243
ip pim sparse-mpde
exit
access-list 10 permit 239.10.5.0 0.0.0.355
ip pim send-rp-announce ki o scope 16 group-list 10
SW4
ip muilticast-routing
ip pim auto-rp listner
int lo 0
ip pim sparse-,oe
exiit
int vlan 234
ip pim sparse-mode
!!!3.2!!!
access-list 20 permit 239.10.5
1
int vlan 243
ip igmp access-group 20
SW3
access-list 20 permit 239.10.5.1
int vlan 243
ip igmp acccess-group 20
exit
SW4
access-list 20 permit 239.10.5.1
int vlan 243
ip igmp access-group 20
!!!4.1!!!
LinkFragMentation
R1
map-class frame-relay FRTS
frame-relay cir 128000
frame-relay bcc 8000
frame-relay be 1000
exit
int s0/1
bandwidth 128
frame-relay traffic-shaping
exit
int s0/1.221 point-to-point
bandwidth 128
frame-relay interfce-dlci 221 ppp virtual-template 1
cclass FRTS
exit
exit
interfce Virtual-templat 1
bandwidth 128
exit
multilink bandle-name endpoint
int multilink 1
bandwidth 128
ppp multilink
bandwidth 128
ppp multilink
bandwidth 128
ppp multilink fragment delay 8
ppp multilink interleave
ppp multilink endpoint hostnae
exit
R3
map-class frame relay FRTS
frame-relay cir 1280000
frame-relay bc 8000
frame-relay be 1000
exit
int s0/0
bandwidth 128
frame-relay traffic-shaping
exit
int s9/1.223 point-to-point
bandwidth 128
frame-relay interface-lci 221 ppp virtual-template 1
class FRTS
exit
exit
int virtual-template 1
bandwidth 128
multilink-bandle endpoint hostname
exit
!!!4.2MQC!!!
R1
access-list 100 permit udp any any precedence critical
class-map match-all voip
match access-group 100
exit
policy-map voip
priority 45
exit
class class-default
fair-queue
exit
exit
interface multilink 1
service-policy output voip
exit
R3
aces-list 100 permit udp any any precedence critical
class-map match-all voip
exit
policy-map voip
class voip
priority 45
exit
class class-default
fair-queue
exit
exitinterface multilink 1
service-poicy output oip
exit
!!!4.3NTP!!!
R5
clock set 8:00:00 1 JAN 2010
conf t
clock timezone HK+8
nep master 5
ntp source fa0/1
ntp server yy.yy.254.254
ntp acces-group peer 10
ntp access-group serve-only 20
ntp peer vrf VPNyy yy.yy.3.3 key 1
ntp peer vrf VPNyy yy.yy.8.8
ntp peer vrf VPNyy yy.yy.7.7
access-list 10 permit yy.yy.254.254
access-list 10 permit 127..127.7.1
access-list 20 permit yy.yyy.3.3
access-list permit yy.yy.7.7
access-list 20 permit yy.yy.8.8
ntp update-calennder
clck calnder-vlid
ntp uthenticate
ntp trust-key 1
ntp authentication-key 1 md5 cisco
R3
clock timezone HK+8
ntp authenticate
ntp authentication-key 1 md5 cisco
ntp trust-key 1
ntp server yy.yy.0130 key 1 source lo 0
ntp update-calender
clock time-zone HK+8
ntpserer yy.yy.0.130 lo 0
SW2
clodk timezone HK+(
ntp server yy.yy.0.130 source lo 0
!!!4.3 Rsvp !!!!!!!!
R1
interface lo 0
ip rsvp bandwidth 64 64
exit
interface multilink 1
ip rsvp bandwidth 64 64
exit
ip rsvp reservation-host yy.yy.1.1 yy.yy.3.3 tp 23 10000 ff rate 10 1
R3
interface lo 0
ip rsvp bandwidth 64 64
exit
interfae multilinnk 1
ip rrsvp bandwidth 64 64
exit
ip rsvp sender-host yy.yy.1.1 yy.yy.3.3 23 10000 10 1
!!!4.4FirstHop redunndancy with Object Tracking!!!
SW3
track 10 ip route 0.0.0.0 0.0.0.0 reachability
interface vlan 234
sandby 1 ip yy.yy.128.96
standb 1 preempt
standby 1 track 10
standby 2 ip yy.yy.128.222
standby 2 priority 105
standby 2 preempt
standby 2 track
exit
SW4
track 10 ip rotue 0.0.0.0 reachability
interface vlan 234
standby 1 ip yy.yy.128.9
standby 1 pripority 105
standb 1 preempt
standby 1 track 10
standby 2 ip yy.yy.128.222
standby 2 track 10
exit
!!!MLS qos for Video!!!
SW4
mld qos
mps qos srr-queue output dscp-map queue 1 56
ip access-list extnded 100
permit ip host yy.yy.128.98 yy.yy.0.64 0.0.0.31
exit
clss-map match all voip
match access-group 100
exit
ms qos map policed-dscp 5 to 8
poliy-map policy
class voip
set ip dscp 56
police 300000 125000 exceeded-action police-dscp-trancemit
exit
exit
interface 0.6
service-policy input policy
mls qos cos 1
exit
interfce range fa0/19 - 24
mps qos trust dscp
mps qos cos 1
priority-queue out
exit
SW1
mls qos
ms qos srr-queue outout dscp-map queue 1 56
interface range fa019 - 24
mls qos trust dscp
mls qos cos 1
priority-queue out
exit
!!!5.1!!!
SW1
ip sla responder
SW2
SW2
mls qos
mos qos srr-queue output dscp-map queue 1 56
interface range fa0/19 - 24
mls qos trust dscp
mls qos cos
priority-queue out
int fa0/1
mls qos trust dscp
mps qos cos 1
priority-queue out
exit
!!!5.1 Ip Service Level Agreement!!!
SW1
ip spa responder
SW2
ip sa 1
tcp-connect yy.yy.7.7 23 source-ip yy.yy.8.
freuency 180
exit
ip sla 2
icmp-echo yy.yy.3.3 source-ip yy.yy.8.8
frquncy 180
exit
ip sla schedule 1 start-time now recuring
ip sla schedule 2 start-time now recuring
!!!5.2 SNMP !!!
R3
snmp-server communit public Ro
snmp-server community public ro
snmp community ciscoADMIN RW
snmp-server enable traps rsvp
snmp-server host yy.yy.128.336 public rsvp
SW2
snmp-server community public RO
snmp-server community ciscoADMIN RW
snmp-server user ciscoADMIN ciscoADMIN v1
snmp-server user ciscoADMIN ciscoADMIN v2c
snmp-server enable raps rtr
snmp-server host yy.yy.128.226 pubic rsvp
!!!5.2!!!
R3
snmp-server comunity public RO
snmp-server community ciscoADMIN RW
snmp-server enable trasps rsvp
enmp-server host yy.yy.128.226 public rsvp
SW2
snmp-server community public RO
snmp-server community public RO
snmp-server community ciscoADMIN RW
snmp-server user ciscoADMIN v1
snmp-server user ciscoADMIN v2c
snmp-server enable traps rtr
snmp-server host yy.yy.120.226 public rtr
ip sla reaction-configuration 1 react rtr threshold-type imediate action-type trapOnly
ip sla reaction-configuration 2 react rtr threshold imediate action-type traponly
!!!5.3!!!
R2
logging on
servicetimestaumps log dateline msec localtime
service timestamps debug datetim msec localtime
logging count
logging buffered 100000 warnings
ip ftp username reload
ip ftp passwprd cisco
exception corefile RackyyR2 compress
exception protocol ftp
exception dump yy.yy.126.196
R4
extendded ip access-list copp_acl_atack
10 permit udp any any eq 1434
20 permit udp any any eq 1434 any
30 permit ip any any fragments
extended ip access-list copp_acl_bgp
10 permit tcp any eq bgp host 1.1.4.4
20 permit tcp any host 1.1.4.4 eq bgp=179
extended ip access-list copp_acl_ldp
10 permit tcp any host 1.1.4.4 eq 646
20 permit tcp any eq 646 host 1.1.4.4
30 permit udp any eq 646 host 224.0.0.2 eq 646
extended ip access-list copp_acl_mgmt
10 permit icmp any any
20 permit pim any any
extended ip access-list copp ospf
!!!5.4!!!
R4
mls qos
class map match-all telnet id3
matchaccess-group name copp_acl_telnet
class-map match-all attack
match access-group name copp_acl_attack
clas map match-all mgmt
match access-group name copp_acl_mgmt
class-map match-any class-default
match any
class map match-any ldp_bgp_ospf_eigrp id 1
match access-group name copp_acl_ldp
match access-group name copp_acl_bgp
match access-group name copp_acl_ospf
match access-group name copp_acl_eigrp
class-map match-all l2arp
match protocol arp
policy map police
class attack
policerate 10 pps burst 2 packet
conform-action drop
exceed-action drop
class ldp_bgp_ospf_eigrp
class telnet
poolicerate 100 pps burst 24 packets
conform action transmit
exceeded action trancemit
けぇに
K2
###1.1###
R1
interface g0/1.11
no encapslation dot1q 11 native
encapslatoin dot1q 11
SW3
no monitor session 20 destination interface fa0/10
###1.2###
SW1-SW4
vtp somain RoutingandSwitching
vtp pass cisco
vtp mode tranceparent
vlan 11
name Marketing
vlan 12
name Sales
vlan 20
name Enginieering
vlan 30
name HR
vlan 33
name BB3
vlan 42
name ISP42
vlan 51
name ISP51
vlan 54
nae ISPBB
vlan 234
name Support
vlan 243
name QA
vlan 300
name Admin
exit
###
SW1
inter fa0/2
sw mode acc
sw acc vlan 20
no shut
int fa0/3
sw mode acc
sw acc vlan 30
no shu
int fa0/4
sw mode acc
sw acc vlan 42
no shut
int fa0/5
sw mode acc
sw acc vlan 54
no shut
int range fa0/2-5
spann portf
###
SW2
int fa0/2
sw mode acc
sw acc vlan 234
no shut
int fa0/3
sw mode acc
sw acc vlan 300
no shut
int fa0/4
sw mode acc
sw acc vlan 54
no shut
int fa0/5
sw mode acc
sw acc vlan 51
no shut
int range fa0/2 -5
spann portf
###
SW3
int fa0/10
sw mode acc
sw acc vlan 33
spann port f
no shut
###1.3###
spanning-tree mode rapod-pvst
spanning-tree portfast bpduguard default
interfa ran fa0/19 - 24
udld port aggressive
SW3
int fa0/10
spanning-tree bpduguard disable
###1.4###
SW1-4
port-channel load-balance dst-ip
inter range fa0/19 - 24
sw trunk en dot
sw mode trunk
sw no
no shut
SW1
int range fa0/19 - 20
channel-group 13 mode active
int range fa0/21 - 22
channel-group 14 mode active
int range fa0/23 - 24
channel-group 12 mode active
SW2
int fa0/1
sw trunk en dot
sw trunk all vlan 10 11
sw mode trunk
sw no
no shut
SW1
spanning-tree vlan 1 - 1005 priority 0
SW1-SW3
int lortchanel X4
cpanning-tree guard rott
SW2
int range fa0/19 - 20
channel-group 24 mode active
int range fa0/21 - 22
channel-group 23 mode acive
int range fa0/23 - 24
channelgroup 21 mode active
SW3
int range fa0/19 - 20
channel-group 1 mode active
int range fa0/21 - 22
channel-group 23 mode active
int range fa0/23 - 24
channel-group 34 mode active
SW4
int range fa0/19 - 20
channel-group 42 mode active
int range fa0/21 - 22
channel-group 42 mode active
int range fa0/23 - 24
channel-group 43 mode active
###1.5###
SW3
monitor session 1 source interface fa0/1 - 8, port 2 both
###1.6###
SW1
mac address-table agingtime 150 vlan 20
###1.7###
R5
frame-relay switching
int s1/0
encapslation frame-relay
frame-relay lmi-type cisco
frame-relay intf-ty dce
frame-relay route 221 interface s1/1 223
int s1/1
encapslation frame-relay
frame-relay lmi-ty cisco
frame-relay intf-ty dce
frame-relay route 223 interface s1/0 221
R1
en
conf t
intface s1/1
encapslation frame-relay
no arp frame-relay
no frame-relay inverse-arp
interface s1/1.13 point-to-point
frame-relay interface-dlci 221
R3
interface serial 1/0
envalslation frame-relay
no arp frame-relay
no frame-relay inverse-arp
ints1/0.31 point-to-point
frame-relay interrface-dlci 223
###2.1###
R1
en
conf t
router ospf 1
route-id 1.1.1.1
net 1.1.1.1 0.0.0.0 area 0
net 1.1.0.65 0.0.0.0 area 0
net 1.1.128.97 0.0.0.0 area 0
R2
en
conf t
router ospf 1
router-id 1.1.2.2
net 1.1.2.2 0.0.0.0 area 1
net 1.1.128.193 0.0.0.0 area 1
net 1.1.128.225 0.0.0.0 area 1
net 1.1.128.33 0.0.0.0 area 1
R3
router ospf 1
router-id 1.1.3.3
net 1.1.0.1 0.0.0.0. area 1
net 1.1.3.3 0.0.0.0 area 1
redistribute connected subnets route-map HR metric-type 1
route-map HR permit 10
match interface ether 0/0
int mutilink 1
ip ospf 1 area 0
R4
router ospf 1 vrf vpn 1
route-id 1.1.4.4
area 1 sham-link 1.1.100.4 1.1.100.5
redistribute bgp 100 metric-type 1 subnets
network 1.1.128.130 0.0.0.0 area 1
###
R5
router ospf 1 vrf vpn 1
route-id 1.1.5.5
area 1 sham-link 1.1.100.5 1.1.100.4
area 51 virtual-link 1.1.7.7
redistribute bgp 100 metric-type 1 subnets
network 1.1.0.130 0.0.0.0 are 51
SW1
router ospf 1
route-id 1.1.7.7
area 51 virtual-link 1.1.5.5
network 1.1.0.129 0.0.0.0 area 0
net 1.1.0.98 0.0.0.0 area 0
default-information originate always-metric type route-map moren
redistribute connected route-map bb1 metreic-type 1
ip access-list standaard moren
permit 150.1.1.0 0.0.0.255
route-map moren
match ip add moren
SW2
router ospf 1
route-id 1.1.8.8
network 1.1.8.8 0.0.0.0 area 1
net 1.1.128.129 0.0.0.0 area 1
net 1.1.128.163 0.0.0.0 area 1
default-information originate always metric-type 1 route-map moren
redistirbute connected route-map bb2 metric-type 1
ip access-list standard moren
permit 150.2.1.0 0.0.0.255
route-map moren
match ip add moren
SW3
router ospf 1
router-id 1.1.9.9
network 1.1.9.9 0.0.0.0 area 1
network 1.1.128.161 0.0.0.0 area 1
net 1.1.128.195 0.0.0.0 area 1
redistribute eigrp 100 subnets metric-type 1
summary-address 198.0.0.0 255.0.0.0
SW4
en
conf t
router ospf 1
router-id 1.1.10.10
network 1.1.10.10 0.0.0.0 area 1
network 1.1.128.162 0.0.0.0 area 1
network 1.1.128.194 0.0.0.0 area 1
###2.2###
R4
router eigrp 1
network 1.1.4.4 0.0.0.0
network 1.1.254.2 0.0.0.0
no auto-summary
R5
router eigrp 1
network 1.1.5.5 0.0.0.0
network 1.1.254.1 0.0.0.0
no auto-summary
SW3
router eigrp 100
netwrok 150.3.1.1 0.0.0.0
no auto-summary
eigrp stub receive-only
access-list 1 permit 0.0.0.0 127.255.255.255
route-map ClassA
match ip add 1
det tag 200
route-map ClassA per 20
exit
router eigrp 100
distribute-list route-map ClassA in
router ospf 1
redistribute eigrp 100 subnets metric-type 2
summary-address 198.0.0.0 255.0.0.0
###2.4###
R4
mpls ip
ip vrf vpn 1
rd 100:1
route-target both 100:1
mpls ldp lo 0 force
int lo 1
ip vrf forwarding vpn 1
ip add 1.1.100.4 255.255.255.255
int e0/1
ip vrf forwarding vpn 1
ip add 1.1.128.130 255.255.255.224
int e0/0
mpls ip
rouer bgp 100
no bgp default ipv4 uni
nei 1.1.5.5 remote-as 100
nei 1.1.5.5 up lo0
address-fam vpnv4
nei 1.1.5.5 activate
nei 1.1.5.5 send-community exten
address-family vrf vpn 1
redistribute ospf 1 vrf vpn1 match int external
redistribute connected
default information originate
R5
mpls ip
ip vrf vpn 1
rd 100:1
route-target both 100:1
mpls ldp lo 0 force
int lo 1
ip vrf forwarding vpn 1
ip add 1.1.100.5 255.255.255.255
int e0/0
ip vrf forwarding vpn 1
ip add 1.1.0.130 255.255.255.224
int e0/1
mpls ip
rouer bgp 100
no bgp default ipv4 uni
nei 1.1.4.4 remote-as 100
nei 1.1.4.4 up lo0
address-fam vpnv4
nei 1.1.4.4 activate
nei 1.1.4.4 send-community exten
address-family vrf vpn 1
redistribute ospf 1 vrf vpn1 match int external
redistribute connected
default information originate
###2.5###
SW3
gloval conf
sdm-prefer dual-ipv4-and ipv6 default
wri,rel
ipv6 u
int vlan33
ipv add 2001:1:300::9/64
int vlan 234
ipv add 2001:1:100:10::2/64
ipv router rip cisco
ipv6 rip cisco default-info ori
R2
ipv6 uni
inter g0/0
ipv6 add 2001:1:100::1/64
ipv router rip cisco
int g0/1
ipv add 2001:1:200::2/64
###3.1Multicast###
SW2
ip multicast-routing
int lo
ip pim sparse-mode
ip igmp join-group 239.10.5.1
int vlan 243
ip pim sparse-mode
ip pim autorp listner
SW3
ip multicast-routing
int lo 0
ip pim sparse-mode
int vlan 234
ip pim sparse-mode
int vlan 243
ip pim sparse-mode
ip pim autorp lintner
ip pim send-rp announce lo 0 scope 16 group-list 5
access-list 5 permit 239.10.5.0 0.0.0.255 22
SW4
ip multicast-routing
int lo 0
ip pim sparse-mode
int vlan 234
ip pim sparse-mode
int vlan 243
ip pim sparse-mode
ip pim autorp klistner
ip pim send-rp-discovery lo 0 scope 16
###3.2IPV4 SSM##
SW234
ip pim ssm range 5
access-list 5 permit 232.20.10.1
R2
ip multicast-routing
ip pim ssm range 5
access-list 5 permit 232.20.10.1
inter e0/1
ip pim sparse-mode
int e0/0
ip pim sparse-mode
ip igmp ver 3
ip pim v3 lite
ip urd
###4.1LinkFragmentation##
###
R1
class-map voip
match ip precedence 5
match ip rtp 16384 16383
policy-map voip
class voip
priority percent 45
policy-map shape
class class-default
shape average 128000 8000 1000
service-policy voip
multilink bundle-name endpoint
int multilink 1
ip unnumberded lo 0
ppp multilink fragment delay 8
ppp multilink interleave
bandwidth 128
service-policy output shape
interface s0/0/0.13 point-to-point
frame-relay interface-dlci 231 ppp virtual-template 1
interface virtual-template 1
ppp multilink group 1
###
R3
class-map voip
match ip precedence 5
match ip rtp 16384 16383
policy-map voip
class voip
priority percent 45
policy-map shape
class class-default
shape average 128000 8000 1000
service-policy voip
multilink bundle-name endpoint
int multilink 1
ip unnumberded e0/0
ppp multilink fragment delay 8
ppp multilink interleave
bandwidth 128
service-policy output shape
interface s0/0/0.13 point-to-point
frame-relay interface-dlci 233 ppp virtual-template 1
interface virtual-template 1
ppp multilink group 1
###
###4.2ntp###
R5
clock calendea-valid
ntp authentication-key 1 md5 cisco
ntp authenticate
ntp master 5
ntp source fa1/1
ntp access-group peer 1
ntp access-group serve-only 2
ntp update-calender
ntp peer vrf vpn 3 3.3.3.3 key 1
ntp peer vrf vpn 3 3.3.8.8
ntp peer vrf vpn 3 3.3.7.7
ntp server 3.3.254.254 source lo 0
access-list 2 permit 3.3.254.254
access-list 2 permit 127.127.7.1
access-list 1 permit 3.3.3.3
access-list 1 permit 3.3.7.7
access-list 1 permit 3.3.8.8
R3
ntp authentication-key 1 md5 cisco
ntp authenticate
ntp trust-key 1
ntp server 1.1.0.130 key 1 source lo 0
SW1 2
ntp server 1.1.0.130 source lo 0
###4.3RSVP###
R1
ip rsvp reservation-host 12.12.1.1 12.12.3.3 tcp 23 23 ff rate 10 1
interface multilink1
ip rsvp bandwidth 64 64
R3
ip rsvp sender-host 12.12.1.1 12.2.3.3 tcp 23 23 10 1
int multilink 1
ip rsvp bandwidth 64 64
###4.4MHSRP###
SW3
int vlan 234
standby 1 ip 1.1.128.196
standby 1 preempt
standby 2 ip 1.1.128.222
standby 2 priority 105
standby 2 preempt
standby 2 track 10
rtr 10
type echo protocol ipicmpEcho 12.12.128.163
rtr schedule 10 start-time now
track 10 rtr/ipsla 10
SW4
int vlan 234
standby 1 ip 1.1.128.196
standby 1 priority 105
standby 1 preempt
standby 1 track 10
standby 2 ip 1.1.128.222
standby 2 preempt
rtr 10
type echo protocol ipicmpEcho 12.12.128.163
rtr schedule 10 start-time now
track 10 rtr/ipsla10
###5.1IP SLA###
SW2
ip sla monitor 1
type echo protocol ipicmpEcho 12.12.3.3 source int lo 0
frequency 180
ip sla monitor schedulr 1 start-time now recurring
ip spa monitor 2
typeConnect dest-ipadd 12.12.7.7 dest-port 23 source-ipaddress 12.12.8.8
frequency 180
ip spa monitor schedule 2 start-time now recurring
SW1
ip sla monitor responder
!!!5.2snmp!!!
snmp-server community public ro
snmp-server community ciscoADMIN rw
snmp-server enale traps rtr/ipsla
snmp-server hos yy.yy.128.226 public
ip sla monitor reaction-configration 1 react rtt threshold-value 40 2 0 threshold-type immediate action-type traponlyip
R3
snmo-server communitu public ro
snmo-server community ciscoADMIN rw
snmp-server host yy.yy.128.226 public
snmp-server enable traps osp cisco-specific state-change sham-link
snmp enable traps osp cisco-specific errors shamlink
snmp-server enable traps osp cisco-specific retransmit shamlink
R2
service timestamps debug datetime msec localtime
loggng count
logging buffered 100000 warnings
exception core-file rack12R2 compress
exception protocol ftp
exception dump 12.12.128.196
ip ftp username reload
ip fftp password cico
ip ftp passive
###1.1###
R1
interface g0/1.11
no encapslation dot1q 11 native
encapslatoin dot1q 11
SW3
no monitor session 20 destination interface fa0/10
###1.2###
SW1-SW4
vtp somain RoutingandSwitching
vtp pass cisco
vtp mode tranceparent
vlan 11
name Marketing
vlan 12
name Sales
vlan 20
name Enginieering
vlan 30
name HR
vlan 33
name BB3
vlan 42
name ISP42
vlan 51
name ISP51
vlan 54
nae ISPBB
vlan 234
name Support
vlan 243
name QA
vlan 300
name Admin
exit
###
SW1
inter fa0/2
sw mode acc
sw acc vlan 20
no shut
int fa0/3
sw mode acc
sw acc vlan 30
no shu
int fa0/4
sw mode acc
sw acc vlan 42
no shut
int fa0/5
sw mode acc
sw acc vlan 54
no shut
int range fa0/2-5
spann portf
###
SW2
int fa0/2
sw mode acc
sw acc vlan 234
no shut
int fa0/3
sw mode acc
sw acc vlan 300
no shut
int fa0/4
sw mode acc
sw acc vlan 54
no shut
int fa0/5
sw mode acc
sw acc vlan 51
no shut
int range fa0/2 -5
spann portf
###
SW3
int fa0/10
sw mode acc
sw acc vlan 33
spann port f
no shut
###1.3###
spanning-tree mode rapod-pvst
spanning-tree portfast bpduguard default
interfa ran fa0/19 - 24
udld port aggressive
SW3
int fa0/10
spanning-tree bpduguard disable
###1.4###
SW1-4
port-channel load-balance dst-ip
inter range fa0/19 - 24
sw trunk en dot
sw mode trunk
sw no
no shut
SW1
int range fa0/19 - 20
channel-group 13 mode active
int range fa0/21 - 22
channel-group 14 mode active
int range fa0/23 - 24
channel-group 12 mode active
SW2
int fa0/1
sw trunk en dot
sw trunk all vlan 10 11
sw mode trunk
sw no
no shut
SW1
spanning-tree vlan 1 - 1005 priority 0
SW1-SW3
int lortchanel X4
cpanning-tree guard rott
SW2
int range fa0/19 - 20
channel-group 24 mode active
int range fa0/21 - 22
channel-group 23 mode acive
int range fa0/23 - 24
channelgroup 21 mode active
SW3
int range fa0/19 - 20
channel-group 1 mode active
int range fa0/21 - 22
channel-group 23 mode active
int range fa0/23 - 24
channel-group 34 mode active
SW4
int range fa0/19 - 20
channel-group 42 mode active
int range fa0/21 - 22
channel-group 42 mode active
int range fa0/23 - 24
channel-group 43 mode active
###1.5###
SW3
monitor session 1 source interface fa0/1 - 8, port 2 both
###1.6###
SW1
mac address-table agingtime 150 vlan 20
###1.7###
R5
frame-relay switching
int s1/0
encapslation frame-relay
frame-relay lmi-type cisco
frame-relay intf-ty dce
frame-relay route 221 interface s1/1 223
int s1/1
encapslation frame-relay
frame-relay lmi-ty cisco
frame-relay intf-ty dce
frame-relay route 223 interface s1/0 221
R1
en
conf t
intface s1/1
encapslation frame-relay
no arp frame-relay
no frame-relay inverse-arp
interface s1/1.13 point-to-point
frame-relay interface-dlci 221
R3
interface serial 1/0
envalslation frame-relay
no arp frame-relay
no frame-relay inverse-arp
ints1/0.31 point-to-point
frame-relay interrface-dlci 223
###2.1###
R1
en
conf t
router ospf 1
route-id 1.1.1.1
net 1.1.1.1 0.0.0.0 area 0
net 1.1.0.65 0.0.0.0 area 0
net 1.1.128.97 0.0.0.0 area 0
R2
en
conf t
router ospf 1
router-id 1.1.2.2
net 1.1.2.2 0.0.0.0 area 1
net 1.1.128.193 0.0.0.0 area 1
net 1.1.128.225 0.0.0.0 area 1
net 1.1.128.33 0.0.0.0 area 1
R3
router ospf 1
router-id 1.1.3.3
net 1.1.0.1 0.0.0.0. area 1
net 1.1.3.3 0.0.0.0 area 1
redistribute connected subnets route-map HR metric-type 1
route-map HR permit 10
match interface ether 0/0
int mutilink 1
ip ospf 1 area 0
R4
router ospf 1 vrf vpn 1
route-id 1.1.4.4
area 1 sham-link 1.1.100.4 1.1.100.5
redistribute bgp 100 metric-type 1 subnets
network 1.1.128.130 0.0.0.0 area 1
###
R5
router ospf 1 vrf vpn 1
route-id 1.1.5.5
area 1 sham-link 1.1.100.5 1.1.100.4
area 51 virtual-link 1.1.7.7
redistribute bgp 100 metric-type 1 subnets
network 1.1.0.130 0.0.0.0 are 51
SW1
router ospf 1
route-id 1.1.7.7
area 51 virtual-link 1.1.5.5
network 1.1.0.129 0.0.0.0 area 0
net 1.1.0.98 0.0.0.0 area 0
default-information originate always-metric type route-map moren
redistribute connected route-map bb1 metreic-type 1
ip access-list standaard moren
permit 150.1.1.0 0.0.0.255
route-map moren
match ip add moren
SW2
router ospf 1
route-id 1.1.8.8
network 1.1.8.8 0.0.0.0 area 1
net 1.1.128.129 0.0.0.0 area 1
net 1.1.128.163 0.0.0.0 area 1
default-information originate always metric-type 1 route-map moren
redistirbute connected route-map bb2 metric-type 1
ip access-list standard moren
permit 150.2.1.0 0.0.0.255
route-map moren
match ip add moren
SW3
router ospf 1
router-id 1.1.9.9
network 1.1.9.9 0.0.0.0 area 1
network 1.1.128.161 0.0.0.0 area 1
net 1.1.128.195 0.0.0.0 area 1
redistribute eigrp 100 subnets metric-type 1
summary-address 198.0.0.0 255.0.0.0
SW4
en
conf t
router ospf 1
router-id 1.1.10.10
network 1.1.10.10 0.0.0.0 area 1
network 1.1.128.162 0.0.0.0 area 1
network 1.1.128.194 0.0.0.0 area 1
###2.2###
R4
router eigrp 1
network 1.1.4.4 0.0.0.0
network 1.1.254.2 0.0.0.0
no auto-summary
R5
router eigrp 1
network 1.1.5.5 0.0.0.0
network 1.1.254.1 0.0.0.0
no auto-summary
SW3
router eigrp 100
netwrok 150.3.1.1 0.0.0.0
no auto-summary
eigrp stub receive-only
access-list 1 permit 0.0.0.0 127.255.255.255
route-map ClassA
match ip add 1
det tag 200
route-map ClassA per 20
exit
router eigrp 100
distribute-list route-map ClassA in
router ospf 1
redistribute eigrp 100 subnets metric-type 2
summary-address 198.0.0.0 255.0.0.0
###2.4###
R4
mpls ip
ip vrf vpn 1
rd 100:1
route-target both 100:1
mpls ldp lo 0 force
int lo 1
ip vrf forwarding vpn 1
ip add 1.1.100.4 255.255.255.255
int e0/1
ip vrf forwarding vpn 1
ip add 1.1.128.130 255.255.255.224
int e0/0
mpls ip
rouer bgp 100
no bgp default ipv4 uni
nei 1.1.5.5 remote-as 100
nei 1.1.5.5 up lo0
address-fam vpnv4
nei 1.1.5.5 activate
nei 1.1.5.5 send-community exten
address-family vrf vpn 1
redistribute ospf 1 vrf vpn1 match int external
redistribute connected
default information originate
R5
mpls ip
ip vrf vpn 1
rd 100:1
route-target both 100:1
mpls ldp lo 0 force
int lo 1
ip vrf forwarding vpn 1
ip add 1.1.100.5 255.255.255.255
int e0/0
ip vrf forwarding vpn 1
ip add 1.1.0.130 255.255.255.224
int e0/1
mpls ip
rouer bgp 100
no bgp default ipv4 uni
nei 1.1.4.4 remote-as 100
nei 1.1.4.4 up lo0
address-fam vpnv4
nei 1.1.4.4 activate
nei 1.1.4.4 send-community exten
address-family vrf vpn 1
redistribute ospf 1 vrf vpn1 match int external
redistribute connected
default information originate
###2.5###
SW3
gloval conf
sdm-prefer dual-ipv4-and ipv6 default
wri,rel
ipv6 u
int vlan33
ipv add 2001:1:300::9/64
int vlan 234
ipv add 2001:1:100:10::2/64
ipv router rip cisco
ipv6 rip cisco default-info ori
R2
ipv6 uni
inter g0/0
ipv6 add 2001:1:100::1/64
ipv router rip cisco
int g0/1
ipv add 2001:1:200::2/64
###3.1Multicast###
SW2
ip multicast-routing
int lo
ip pim sparse-mode
ip igmp join-group 239.10.5.1
int vlan 243
ip pim sparse-mode
ip pim autorp listner
SW3
ip multicast-routing
int lo 0
ip pim sparse-mode
int vlan 234
ip pim sparse-mode
int vlan 243
ip pim sparse-mode
ip pim autorp lintner
ip pim send-rp announce lo 0 scope 16 group-list 5
access-list 5 permit 239.10.5.0 0.0.0.255 22
SW4
ip multicast-routing
int lo 0
ip pim sparse-mode
int vlan 234
ip pim sparse-mode
int vlan 243
ip pim sparse-mode
ip pim autorp klistner
ip pim send-rp-discovery lo 0 scope 16
###3.2IPV4 SSM##
SW234
ip pim ssm range 5
access-list 5 permit 232.20.10.1
R2
ip multicast-routing
ip pim ssm range 5
access-list 5 permit 232.20.10.1
inter e0/1
ip pim sparse-mode
int e0/0
ip pim sparse-mode
ip igmp ver 3
ip pim v3 lite
ip urd
###4.1LinkFragmentation##
###
R1
class-map voip
match ip precedence 5
match ip rtp 16384 16383
policy-map voip
class voip
priority percent 45
policy-map shape
class class-default
shape average 128000 8000 1000
service-policy voip
multilink bundle-name endpoint
int multilink 1
ip unnumberded lo 0
ppp multilink fragment delay 8
ppp multilink interleave
bandwidth 128
service-policy output shape
interface s0/0/0.13 point-to-point
frame-relay interface-dlci 231 ppp virtual-template 1
interface virtual-template 1
ppp multilink group 1
###
R3
class-map voip
match ip precedence 5
match ip rtp 16384 16383
policy-map voip
class voip
priority percent 45
policy-map shape
class class-default
shape average 128000 8000 1000
service-policy voip
multilink bundle-name endpoint
int multilink 1
ip unnumberded e0/0
ppp multilink fragment delay 8
ppp multilink interleave
bandwidth 128
service-policy output shape
interface s0/0/0.13 point-to-point
frame-relay interface-dlci 233 ppp virtual-template 1
interface virtual-template 1
ppp multilink group 1
###
###4.2ntp###
R5
clock calendea-valid
ntp authentication-key 1 md5 cisco
ntp authenticate
ntp master 5
ntp source fa1/1
ntp access-group peer 1
ntp access-group serve-only 2
ntp update-calender
ntp peer vrf vpn 3 3.3.3.3 key 1
ntp peer vrf vpn 3 3.3.8.8
ntp peer vrf vpn 3 3.3.7.7
ntp server 3.3.254.254 source lo 0
access-list 2 permit 3.3.254.254
access-list 2 permit 127.127.7.1
access-list 1 permit 3.3.3.3
access-list 1 permit 3.3.7.7
access-list 1 permit 3.3.8.8
R3
ntp authentication-key 1 md5 cisco
ntp authenticate
ntp trust-key 1
ntp server 1.1.0.130 key 1 source lo 0
SW1 2
ntp server 1.1.0.130 source lo 0
###4.3RSVP###
R1
ip rsvp reservation-host 12.12.1.1 12.12.3.3 tcp 23 23 ff rate 10 1
interface multilink1
ip rsvp bandwidth 64 64
R3
ip rsvp sender-host 12.12.1.1 12.2.3.3 tcp 23 23 10 1
int multilink 1
ip rsvp bandwidth 64 64
###4.4MHSRP###
SW3
int vlan 234
standby 1 ip 1.1.128.196
standby 1 preempt
standby 2 ip 1.1.128.222
standby 2 priority 105
standby 2 preempt
standby 2 track 10
rtr 10
type echo protocol ipicmpEcho 12.12.128.163
rtr schedule 10 start-time now
track 10 rtr/ipsla 10
SW4
int vlan 234
standby 1 ip 1.1.128.196
standby 1 priority 105
standby 1 preempt
standby 1 track 10
standby 2 ip 1.1.128.222
standby 2 preempt
rtr 10
type echo protocol ipicmpEcho 12.12.128.163
rtr schedule 10 start-time now
track 10 rtr/ipsla10
###5.1IP SLA###
SW2
ip sla monitor 1
type echo protocol ipicmpEcho 12.12.3.3 source int lo 0
frequency 180
ip sla monitor schedulr 1 start-time now recurring
ip spa monitor 2
typeConnect dest-ipadd 12.12.7.7 dest-port 23 source-ipaddress 12.12.8.8
frequency 180
ip spa monitor schedule 2 start-time now recurring
SW1
ip sla monitor responder
!!!5.2snmp!!!
snmp-server community public ro
snmp-server community ciscoADMIN rw
snmp-server enale traps rtr/ipsla
snmp-server hos yy.yy.128.226 public
ip sla monitor reaction-configration 1 react rtt threshold-value 40 2 0 threshold-type immediate action-type traponlyip
R3
snmo-server communitu public ro
snmo-server community ciscoADMIN rw
snmp-server host yy.yy.128.226 public
snmp-server enable traps osp cisco-specific state-change sham-link
snmp enable traps osp cisco-specific errors shamlink
snmp-server enable traps osp cisco-specific retransmit shamlink
R2
service timestamps debug datetime msec localtime
loggng count
logging buffered 100000 warnings
exception core-file rack12R2 compress
exception protocol ftp
exception dump 12.12.128.196
ip ftp username reload
ip fftp password cico
ip ftp passive
登録:
コメント (Atom)