Drag and Drop Questions

May 8th, 2014 in ROUTE 642-902 Go to comments

Here you will find answers to Drag and Drop questions
Question 1
Drag each item to its proper location
Place the BGP attributes in the correct order used for determining a route.

Answer:

Question 2
Place the BGP commands to the proper locations

Answer:
+ show ip bgp: path selection values
+ show ip bgp summary: Memory usage
+ show ip route bgp: AD of BGP
+ show ip bgp neighbor: Notification, update
Question 3
Place the EIGRP commands to the proper locations

Answer:
Sources of routes information: show ip eigrp neighbor
What being learned: show ip eigrp topology
What actually being used: show ip route eigrp
Verify eigrp information for each network: show ip interface eigrp
Question 4
Place the EIGRP terms to the proper locations

Answer:
lists adjacent routers: Neighbor table
route entries for all destinations: Topology table
primary route to destination: Successor
best routers to destinations: Routing table
backup route to destination: Feasible successor
Question 5
Place the EIGRP packets to the proper locations

Answer:
Neighbor discovery/recovery mechanism: Hello
Indicate receipt of any EIGRP packet: Acknowledgement
Convey reachability of destinations: Update
Provides specific and reliable information of neighbors: Query
Instruct the originator not to recompute the route because feasible successors exist: Reply
DMVPN Tutorial

February 14th, 2015 in ROUTE Knowledge Go to comments

One of the most popular network topology in practical nowadays is shown below with one
HeadQuarter connecting to branch offices at some locations. The main enterprise resources are
located in the HeadQuarter.

The router at the HeadQuarter undertakes the role of a Hub while branch routers take the role of
Spokes. In this Hub-and-Spoke topology, each Branch can access some resources on the
HeadQuarter. But there are some disadvantages with this topology:
+ When a spoke wants to communicate with another Spoke, it must go through the Hub which
increases the traffic passing through the Hub, increase CPU and memory usage on Hub and can
create bottle-neck problem. This also increases latency for time-sensitive applications such as
VoIP, video conference
+ Each site requires a static public IP address if the environment between them are public (like
the Internet).
+ The configuration is complex, especially with large network. When a new Spoke is added,
additional configuration is required on Hub

Dynamic Multipoint VPN (DMVPN) is a solution of Cisco that can be used to overcome these
disadvantages. DMVPN provides the following advantages:
+ Provides full meshed connectivity with simple Hub-and-Spoke topology. The spokes can
communicate between each other without going through Hub
+ Only one static public IP address is required on Hub. Spokes can use dynamic (unknown)
public IP addresses
+ The configuration is simple even in large network. No additional configuration is required on
Hub when new Spokes are added.

DMVPN provides full-meshed connectivity

with Hub-and-Spoke topology

But notice that DMVPN is not a protocol, it is the combination of the following technologies:
+ Multipoint GRE (mGRE)
+ Next-Hop Resolution Protocol (NHRP)
+ Dynamic Routing Protocol (EIGRP, RIP, OSPF, BGP) (optional)
+ Dynamic IPsec encryption (optional)
+ Cisco Express Forwarding (CEF)
DMVPN combines multiple GRE (mGRE) Tunnels, IPSec encryption and NHRP (Next Hop
Resolution Protocol) to perform its job and save the administrator the need to define multiple
static crypto maps and dynamic discovery of tunnel endpoints.
To keep this tutorial simple we only mention about mGRE and NHRP.
Multipoint Generic Routing Encapsulation (mGRE)
Before taking about mGRE we should learn why we have to run GRE on DMVPN. The answer
is simple: because we want to run IPSec on it. And why we need IPSec? Because we want to
utilize the power of cheap but insecure Internet (and other insecure public) connections at our
sites.

As you may know, IPSec is a framework consisting of protocols and algorithms for protecting
data through an untrusted IP network, such as the internet. Although IPSec provides a secure
tunneling method but it does not support multicast and broadcast traffic so popular routing
protocol (OSPF, EIGRP, ) run based on multicast cannot be used with IPSec. So we have to
use GRE to wrap these multicast traffic. As a result, all traffic (including unicast, multicast and
broadcast) between sites are encapsulated into GRE packets before being encrypted and sent
over the network.
Now we knew why GRE should be used here. But traditional GRE (sometimes called point-topoint or p2p GRE) also has its limitation: for each connection to the Spoke, Hub router needs to
establish a separate GRE tunnel. So when the number of Spokes increases, Hub must increase
the number of tunnels at the same rate -> lots of configuration on Hub. So it is the time when
mGRE takes part in.
An mGRE tunnel inherits the concept of a classic GRE tunnel but an mGRE tunnel does not
require a unique tunnel interface for each connection between Hub and spoke like traditional
GRE. One mGRE can handle multiple GRE tunnels at the other ends. Unlike classic GRE
tunnels, the tunnel destination for a mGRE tunnel does not have to be configured; and all tunnels
on Spokes connecting to mGRE interface of the Hub can use the same subnet.

mGRE tunnel is treated as a non-broadcast multi-access (NBMA) environment. mGRE tunnel

does not have to be configured with a tunnel destination so we need another protocol to take care
of the destination addresses. In this case NHRP is used for NBMA environment.
Note: Besides the Tunnel IP address, each Spoke and Hub will have a NBMA IP address, which
is a public IP address used as the tunnel source IP address. We post the configuration here as an
example to help you understand more about the difference of these two IP addresses:
Hub
interface fa0/0
ip address 11.11.11.1 255.255.255.0

Spoke (Branch 3)
interface fa0/0
ip address 13.13.13.3 255.255.255.0

interface tunnel 1
ip address 192.168.100.1 255.255.255.0 ->
Tunnel IP address (private IP)
tunnel source fa0/0 -> NBMA IP address
(public IP)

interface tunnel 1
ip address 192.168.100.3 255.255.255.0 ->
Tunnel IP address (private IP)
tunnel source fa0/0 -> NBMA IP address
(public IP)

So the Tunnel address is the address configured under interface tunnel while the NBMA
address is the address used as source of the tunnel.
NHRP
Next Hop Resolution Protocol (NHRP), defined in RFC 2332, is a Layer 2 address resolution
protocol and cache, like Address Resolution Protocol (ARP). NHRP is used by a branch router
connected to a non-broadcast, multi-access (NBMA) sub-network to determine the IP address of
the NBMA next hop; in this case, the headend router or the destination IP address of another
branch router.
NHRP is used to map tunnel IP addresses to physical or real IP addresses, used by endpoint
routers. It resolves private addresses (those behind mGRE and optionally IPSEC) to a public
address. NHRP is layer 2 resolution protocol and cache, much like Address Resolution Protocol
(ARP) or Reverse ARP (Frame Relay).
In order for DMVPN to work correctly, DMVPN relies on NHRP to create a mapping database
of all spoke tunnels to real (public) IP addresses. When a Spoke joins a DMVPN network it will
register itself with the Hub via NHRP. The NHRP Registration Process is described below:
+ When a Spoke joins a DMVPN network, it sends a Registration Request to the Hub whose IP
address has already been configured on the Spoke (via the ip nhrp nhs <Hub IP address>
command)
+ The Registration Request contains the Spokes Tunnel and NBMA addresses along with the
hold time -> Hub does not have to statically configure Spoke IP -> simplify Hub configuration
+ Hub then create an NHRP mapping entry in its NHRP cache (just like an ARP cache) to keep
the mapping between Spokes Tunnel and NBMA addresses. The hold time of this mapping
equals to the hold time in the Registration Request.
+ Hub sends a NHRP Registration Reply to the Spoke to complete the process

NHRP Registration Process

Note:
+ The Spoke who sends NHRP Registration Request is called NHRP Client (NHC) while the
Hub who replies the request is called NHRP Server (NHS).
+ The Spokes NBMA address is often its public IP and obtained dynamically while the Spokes
Tunnel address is the private IP
+ NHRP mapping can be statically configured on both Spoke and Hub
A cool advantage of NHRP is the ability to help DMVPN establish direct Spoke-to-Spoke
communication without going through Hub. Lets see how NHRP works in this case.

NHRP Resolution Process

1. Before a spoke can directly send traffic to another spoke, it must still query the Hub to get the
NBMA address of the destination spoke. To do this, Spoke must send a NHRP Resolution
Request to the Hub asking for the NBMA address of the destination spoke.
2. The Hub replies with the NBMA (public) address of Spoke 3 (which is 13.13.13.3 in this
case). If the Hub does not known NBMA of Spoke 3 it will query Spoke 3 first.
3. The direct IPsec tunnel between two spokes is built only after that. But the spoke-to-spoke
tunnel is only temporary and is torn down after a pre-configured period of inactivity to save
resources.
Note:
+ In case NHS does not have an entry in its cache for the NHCs query, NHS returns an error and
the spoke will install an entry pointing to the NHS. So traffic must flow through the Hub
+ Instead of asking NHS, the destination spoke IP can be statically configured on the NHC.
+ Resolution is only used for spoke to spoke communication

Now lets see the whole picture of how NHRP takes part in the routing process.
1. Suppose Spoke 1 wants to send traffic to network 172.16.1.0/24 behind Spoke 2. It will look
up its routing table and see an entry like this:
172.16.1.0/24 via 192.168.100.2, Tunnel0
(means this subnet was learned from next-hop 192.168.100.2 via its Tunnel0)
2. Spoke 1 looks up its NHRP mapping table to search for the NBMA address of 192.168.100.2.
If it cant find one, it will send an NHRP Resolution Request to get the mapping information
from the Hub. Suppose the NBMA address of 192.168.100.2 configured on Spoke 2 is
12.12.12.2.
3. Now Spoke 1 has enough information to encapsulate original packets. It will encapsulate
packets with IP source of 11.11.11.1 (its NBMA address) and IP destination of 12.12.12.2 (Spoke
2s NBMA address) then send to the destination.

In the next part we will learn how to configure DMVPN

OSPF Evaluation Sim

February 9th, 2015 in Lab Sim Go to comments

You have been asked to evaluate an OSPF network and to answer questions a customer has about
its operation. Note: You are not allowed to use the show running-config command.

Although in this sim we are not allowed to use show running-config command but we post the
configuration here so that you can understand more about the topology.
R1
interface Loopback0
ip address 1.1.1.1
255.255.255.255
!
interface Serial0/0
ip address 192.168.13.1
255.255.255.0
ip ospf network non-broadcast
no shut
!
router ospf 1
network 192.168.13.0
0.0.0.255 area 0
network 1.1.1.1 0.0.0.0 area 0

R2
interface Loopback 0
ip address 2.2.2.2
255.255.255.255
!
interface S0/0
ip address 192.168.23.2
255.255.255.0
ip ospf network non-broadcast
no shut
!
router ospf 1
network 192.168.23.0
0.0.0.255 area 0
network 2.2.2.2 0.0.0.0 area 0
neighbor 192.168.23.3

R3
interface Loopback 0
ip address 3.3.3.3
255.255.255.255
!
interface Ethernet0/0
ip address 192.168.34.3
255.255.255.0
no shut
!
interface S1/0
ip address 192.168.23.3
255.255.255.0
ip ospf network non-broadcast
no shut
!
interface S1/1

ip address 192.168.13.3
255.255.255.0
ip ospf network non-broadcast
no shut
!
router ospf 1
network 192.168.13.0 0.0.0.255
area 0
network 192.168.23.0 0.0.0.255
area 0
network 192.168.34.0 0.0.0.255
area 1
network 3.3.3.3 0.0.0.0 area 0
area 1 virtual-link 4.4.4.4
neighbor 192.168.23.2
R4
interface Loopback 0
ip address 4.4.4.4
255.255.255.255
interface Ethernet0/0
ip address 192.168.34.4
255.255.255.0
no shut
!
interface Ethernet0/1
ip address 192.168.45.4
255.255.255.0
no shut
!
interface Ethernet0/2
ip address 192.168.46.4
255.255.255.0
no shut
!
router ospf 1
network 192.168.34.0
0.0.0.255 area 1
network 192.168.45.0
0.0.0.255 area 2
network 192.168.46.0
0.0.0.255 area 3
network 4.4.4.4 0.0.0.0 area 1
area 1 virtual-link 3.3.3.3
area 2 nssa
area 3 stub no-summary

R5
interface Loopback0
ip address 5.5.5.5
255.255.255.255
interface Loopback1
ip address 5.5.1.1
255.255.255.255
interface Loopback2
ip address 5.5.2.1
255.255.255.255
interface Loopback3
ip address 5.5.3.1
255.255.255.255
interface Loopback4
ip address 5.5.4.1
255.255.255.255
interface Ethernet0/0
ip address 192.168.45.5
255.255.255.0
no shut
!
router ospf 1
network 192.168.45.0
0.0.0.255 area 2
network 5.5.0.0 0.0.255.255
area 2
area 2 nssa

R6
interface Ethernet0/0
ip address 192.168.46.6
255.255.255.0
no shut
interface Loopback 0
ip address 6.6.6.6
255.255.255.255
!
router ospf 1
network 192.168.46.0 0.0.0.255
area 3
network 6.6.6.6 0.0.0.0 area 3
area 3 stub

Some notices from above configuration:

+ The OSPF network type between R2 & R3 is non broadcast.
+ R3 and R4 is running virtual-link to connect Area 2 & 3 to Area 0
+ Area 2 is a NSSA area while Area 3 is a Totally Stubby area
You can download this sim to practice at
http://www.digitaltut.com/download/ROUTE_OSPF.zip. Please use GNS3 with version older
than v1.0 to open it (v0.8.3.1 for example). IOS used in this lab: c3640-jk9s-mz.124-16.bin
Question 1
Explanation
To check OSPF LSA we should use the show ip ospf database command on R5:

In this sim there is no LSA Type 4 because there is no ASBR so maybe this question wants to ask
about LSA Type 3 (Summary Net Link States).
Note: LSA Type 4 is generated by ABR, not ASBR but without ASBR inside the network there
are no LSA Type 4 generated. For more information about OSPF LSA Types please read our
OSPF LSA Types Lab tutorial.
R3 advertises LSA Type 1 to R4 then R4 converts it into Type 3 and sends to R5 (because R4 is
the ABR) so we see the Link ID 3.3.3.3 of R3 is advertising by R4 (4.4.4.4). According to the
Age column, this LSA was advertised 1858 seconds ago.
Question 2
Explanation
Check the Serial1/0 interface of R3 which is connected to R2 with the show ip ospf interface
serial 1/0 command:

There are two things we should notice from the output above:
+ The network type connection between R2-R3 is NON_BROADCAST (usually we have
BROADCAST). OSPF neighbors are discovered using multicast Hello packets. In non
broadcast environment, multicast (and broadcast) messages are not allowed so OSPF
neighborship cannot be formed automatically. Therefore we have to establish OSPF neighborship
manually by using neighbor command under OSPF process (OSPF will send unicast Hello
message to this address). For example on R2 we have to use these commands:

router ospf 1
neighbor 192.168.23.3
And on R3:
router ospf 1
neighbor 192.168.23.2
+ For non broadcast environment the default Hello timer is 30 seconds; Dead timer (time to wait
before declaring a neighbor dead) is 120 seconds and Wait timer (causes the interface to exit out
of the wait period and select a DR on a broadcast network. This timer is always equal to the dead
timer interval) is 120 seconds. In the output we also see the default timers for non broadcast
network.
Question 3
Explanation
We can check the number of executed SPF algorithm via the show ip ospf command on R4:

In the output above we can see SPF has been executed 9 times.
Question 4
Explanation

Area 2 (of R5) is a Not-so-Stubby area (NSSA). You can check it by the show ip ospf
command on R4 or R5 (in Area 2 section). For example, below is the output of show ip ospf
command on R5:

In general, NSSA is same as normal area except that it can generate LSA Type 7 (redistribute
from another domain) so we can see both Loopback interfaces of R5 & R6 in the routing table of
R5.

Note: NSSA does not receive a default route by default so you will not see a default route on R5.
Area 3 (of R6) is a Totally-Stubby area so R6 only has one default route to outside world. You
can check with the show ip ospf command on R4 and R6 (area 3 section):

Notice that on R4 you will get more detail (shows stub area, no summary LSA) than on R6
(only shows stub area).
R6 is in a totally-stubby area so we will not see any R5s Loopback interfaces in R6 routing
table:

Note: You can see a default (summary) route to the outside (O*IA 0.0.0.0/0 )

EIGRP Evaluation Sim

February 9th, 2015 in Lab Sim Go to comments
You have been asked to evaluate how EIGRP is functioning in a network.

The configuration of R1 to R6 are posted below for your reference, useless lines are omitted:

R1
interface Loopback0
ip address 150.1.1.1
255.255.255.255
!
interface Ethernet0/0
description Link to R2
ip address 192.168.12.1
255.255.255.0
ip bandwidth-percent eigrp 1 20
!
interface Ethernet0/1
description Link to R3
ip address 192.168.13.1
255.255.255.0
ip bandwidth-percent eigrp 1 20
delay 5773
!
router eigrp 1
network 192.168.12.0
network 192.168.13.0
net 150.1.1.1 0.0.0.0
variance 11

R2
interface Ethernet0/0
description Link to R1
ip address 192.168.12.2
255.255.255.0
!
interface Ethernet0/1
description Link to R4
ip address 192.168.24.2
255.255.255.0
ip authentication mode eigrp 1
md5
ip authentication key-chain
eigrp 1 CISCO
!
router eigrp 1
network 192.168.12.0
network 192.168.24.0
!
key chain CISCO
key 1
key-string firstkey
key chain FIRSTKEY
key 1
key-string CISCO
key chain R3
key 1
key-string R3
key 2
key-string R1

R3
interface Ethernet0/0
description Link to R5
ip address 192.168.35.3
255.255.255.0
!
interface Ethernet0/1
description Link to R1
ip address 192.168.13.3
255.255.255.0
!
router eigrp 1
network 192.168.13.0
network 192.168.35.0

R4
interface Loopback0
ip address 150.1.4.4
255.255.255.255
!
interface Ethernet0/0
description Link to R6
ip address 192.168.46.4
255.255.255.0
!
interface Ethernet0/1
description Link to R2
ip address 192.168.24.4
255.255.255.0
ip authentication mode eigrp 1
md5

R5
interface Ethernet0/0
description Link to R3
ip address 192.168.35.5
255.255.255.0
!
interface Ethernet0/1
description Link to R6
ip address 192.168.56.5
255.255.255.0
!
router eigrp 1
network 192.168.35.0
network 192.168.56.0

R6
interface Loopback0
ip address 150.1.6.6
255.255.255.255
!
interface Loopback1
ip address 172.16.6.6
255.255.255.255
!
interface Ethernet0/0
ip address 192.168.46.6
255.255.255.0
!
interface Ethernet0/1
ip address 192.168.56.6
255.255.255.0

ip authentication key-chain eigrp

1 CISCO
!
router eigrp 1
network 192.168.46.0
network 192.168.24.0
network 150.1.4.4 0.0.0.0
!
key chain CISCO
key 1
key-string firstkey

!
router eigrp 1
distribute-list 1 out
network 150.1.6.6 0.0.0.0
network 172.16.6.6 0.0.0.0
network 192.168.46.0
network 192.168.56.0
!
access-list 1 permit
192.168.46.0
access-list 1 permit
192.168.56.0
access-list 1 permit 150.1.6.6
access-list 1 deny 172.16.6.6
access-list 2 permit
192.168.47.1
access-list 2 permit
192.168.13.1
access-list 2 permit
192.168.12.1
access-list 2 deny 150.1.1.1

Note: This sim uses IOS version 15 so no auto-summary is the default setting of EIGRP. You
dont have to type it.
You can download this sim to practice at
http://www.digitaltut.com/download/ROUTE_EIGRP.zip. Please use GNS3 with version older
than v1.0 to open it (v0.8.3.1 for example). IOS used in this lab: c3640-jk9s-mz.124-16.bin
Question 1
Explanation
First we need to get the IP address of R6s loopback address by show ip interface brief
command on R6:

Now we learned the R6s loopback address is 150.1.6.6. To see the ratio of traffic that is load
shared between paths, use the show ip route 150.1.6.6 command on R1:

This means that after 19 packets are sent to 192.168.13.3, R1 will send 80 packets to
192.168.12.2 (ratio 19:80). This is unequal cost path Load balancing (configured with variance
command).
Question 2
Explanation
Use the show running-config on R6 we will see a distribute-list applying under EIGRP:

With this distribute-list, only networks 192.168.46.0; 192.168.56.0 and 150.1.6.6 are advertised
out by R6.
Question 3
Explanation
Check on both R2 and R4:

To successfully authenticate between two EIGRP neighbors, the key number and key-string must
match. The key chain name is only for local use. In this case we have key number 1 and keystring CISCO and they match so EIGRP neighbor relationship is formed.
Question 4
Explanation
To check the advertised distance for a prefix we cannot use the show ip route command
because it only shows the metric (also known as Feasible Distance). Therefore we have to use the
show ip eigrp topology command:

Update: Although the show ip eigrp topology does not work in the exam but the show ip eigrp
1 topology does work so please use this command instead and we will find out the advertised
distance on R1.
There are two parameters in the brackets of 192.168.46.0/24 prefix: (1810944/333056). The first
one 1810944 is the Feasible Distance (FD) and the second 333056 is the Advertised
Distance (AD) of that route -> A is correct.
Just for your reference, this is the output of the show ip route command on R1:

In the first line:

D 192.168.46.0/24 [90/ 1810944] via 192.168.12.2, 00:10:01, Ethernet0/0
The first parameter 90 is the EIGRP Administrative Distance. The second parameter
1810944 is the metric of the route 192.168.46.0/24. R1 will use this metric to advertise this
route to other routers but the question asks about the advertised distance for the 192.168.46.0
network on R1 so we cannot use this command to find out the answer.
Question 5
Explanation
Check with the show running-config command on R1:

In the ip bandwitdh-percent eigrp 1 20 command, 1 is the EIGRP AS number while 20 is

the percent of interfaces bandwidth that EIGRP is allowed to use.
Note: By default, EIGRP uses up to 50% of the interface bandwidth. The bandwidth-percent
value can be configured greater than 100%. It is useful when we set interface bandwidth lower
than the real capacity of the link (for policy reasons, for example).

Practice Real ROUTE Labs with GNS3

May 8th, 2014 in Lab Sim, LabSim Go to comments
Well, the title said it all. Here are some screenshots of the labs in GNS3:
+ OSPF Sim:

+ IPv6 OSPF Virtual Link Sim:

+ EIGRP OSPF Redistribution Sim:

+ EIGRP Stub Sim:

+ Policy Based Routing Sim:

Link to download these ROUTE lab sims:

Download lab fies from digitaltut
Note:
+ For GNS3 Lab sims on digitaltut please use old version of GNS3 (v0.8.3.1 is recommended) so
that you can open it.
+ You have to find the IOS by yourself to run these labs. The IOS used in these labs is c2691adventerprisek9-mz.124-5a. If you have any problems or suggestions about these files please
comment here.
+ In real exam, you have to click on host (PC) to access command-line-interface of the router,
not the router itself.

EIGRP OSPF Redistribution Sim

May 8th, 2014 in Lab Sim, LabSim Go to comments
Question

Answer and Explanation:

First we need to find out 5 parameters (Bandwidth, Delay, Reliability, Load, MTU) of the s0/0/0
interface (the interface of R2 connected to R4) for redistribution :
R2#show interface s0/0/0
Write down these 5 parameters, notice that we have to divide the Delay by 10 because the metric
unit is in tens of microsecond. For example, we get Bandwidth=1544 Kbit, Delay=20000 us,
Reliability=255, Load=1, MTU=1500 bytes then we would redistribute as follows:
R2#config terminal
R2(config)# router ospf 1
R2(config-router)# redistribute eigrp 100 metric-type 1 subnets
R2(config-router)#exit
R2(config-router)#router eigrp 100
R2(config-router)#redistribute ospf 1 metric 1544 2000 255 1 1500

(Notice: In fact, these parameters are just used for reference and we can use other parameters
with no problem. Also, a candidate said that the simulator didnt accept the Bandwidth of 1544;
in that case, we can use a lower value, like 128.
If the delay is 20000us then we need to divide it by 10, that is 20000 / 10 = 2000)
Note: usec here does not mean microsecond (which is 1/1000 milliseconds) but means
millisecond. In short usec = msec. I dont know why they use the word usec here but just think
it is msec (According to this
link: http://www.cisco.com/en/US/tech/tk365/technologies_white_paper09186a0080094cb7.shtm
l#eigrpmetrics: The delay as shown in the show ip eigrp topology or show interface
commands is in microseconds)
For R3 we use the show interface fa0/0 to get 5 parameters too
R3#show interface fa0/0
For example we get Bandwidth=10000 Kbit, Delay=1000 us, Reliability=255, Load=1,
MTU=1500 bytes
R3#config terminal
R3(config)#router ospf 1
R3(config-router)#redistribute eigrp 100 metric-type 1 subnets
R3(config)#exit
R3(config-router)#router eigrp 100
R3(config-router)#redistribute ospf 1 metric 10000 100 255 1 1500
Finally you should try to show ip route to see the 172.16.100.1 network (the network behind
R4) in the routing table of R1 and make a ping from R1 to this network.
Note: If the link between R2 and R3 is FastEthernet link, we must put the command below under
EIGRP process to make traffic from R1 to go through R3 (R1 -> R2 -> R3 -> R4), which is
better than R1 -> R2 -> R4.
R2(config-router)# distance eigrp 90 105
This command sets the Administrative Distance of all EIGRP internal routes to 90 and all EIGRP
external routes to 105, which is smaller than the Administrative Distance of OSPF (110) -> the
link between R2 & R3 will be preferred to the serial link between R2 & R4.
A reader on our site has a closer explanation for the distance eigrp 90 105 command so we
quote it here for your reference:
The distance refers to the administrative distance of the routes provided by a given routing
process. By default, internal (which means non-redistributed) EIGRP routes are given an
administrative distance of 90 while external (redistributed from another routing process) EIGRP

routes are given an administrative distance of 170. The default administrative distance of OSPF
is 110. The administrative distance measures the distance from the truth and tells the router
which routes are more trustworthy. Lower administrative distance = more trustworthy. For this
reason, connected routes have an administrative distance of 0. They are the MOST
TRUSTWORTHY, because they are physically connected to the router. When making a decision
about which route to install in the routing table, the router looks at administrative distance first.
The metric (or cost) is only considered if two routes have the same administrative distance.
In this case, R2 will learn about R4s loopback network from both R4 and R3. The route from
R4 will be in OSPF (admin distance of 110) because R2 is also running OSPF while the route
from R3 will be an external EIGRP route (administrative distance of 170 by default). Since the
OSPF route has a lower administrative distance, it will get placed in R2s routing table and the
R3-provided route will be ignored. This is not optimal, since the path through R3 is a faster,
more reliable path. To fix this, we change the administrative distance of external EIGRP routes
at R2 by using the distance eigrp 90 105 command. This sets the administrative distance of
internal EIGRP routes to the default of 90 and changes the administrative distance of external
EIGRP routes to 105 (less than that of OSPF routes). Now, when R2 learns of the loopback
network from R4 and R3, it will install the now lower administrative distance external EIGRP
route from R3 and our traffic from R1 will take the faster path.

EIGRP Stub Sim

May 8th, 2014 in Lab Sim, LabSim Go to comments
Question
TUT Corporation has just extended their business. R3 is the new router from which they can
reach all Corporate subnets. In order to raise network stableness and lower the memory usage
and broadband utilization to R3, TUT Corporation makes use of route summarization together
with the EIGRP Stub Routing feature. Another network engineer is responsible for this solution.
However, in the process of configuring EIGRP stub routing connectivity with the remote
network devices off of R3 has been missing.

Presently TUT has configured EIGRP on all routers in the network R2, R3, and R4. Your duty is
to find and solve the connectivity failure problem with the remote office router R3. You should
then configure route summarization only to the distant office router R3 to complete the task after
the problem has been solved.
The success of pings from R4 to the R3 LAN interface proves that the fault has been corrected
and the R3 IP routing table only contains two 10.0.0.0 subnets.
Answer and Explanation:
First we have to figure out why R3 and R4 can not communicate with each other. Use the show
running-config command on router R3

Notice that R3 is configured as a stub receive-only router. The receive-only keyword will restrict
the router from sharing any of its routes with any other router in that EIGRP autonomous system.
This keyword will also prevent any type of route from being sent.

Therefore we will remove this command and replace it with the eigrp stub command:
R3#configure terminal
R3(config)#router eigrp 123
R3(config-router)#no eigrp stub receive-only
R3(config-router)#eigrp stub
R3(config-router)#end
Now R3 will send updates containing its connected and summary routes to other routers. Notice
that the eigrp stub command equals to the eigrp stub connected summary because the
connected and summary options are enabled by default.
Next we will configure router R3 so that it has only 2 subnets of 10.0.0.0 network. Use the show
ip route command on R3 to view its routing table
R3#show ip route

Because we want the routing table of R3 only have 2 subnets so we have to summary subnetworks at the interface which is connected with R3, the s0/0 interface of R4.
There is one interesting thing about the output of the show ip route shown above: the
10.2.3.0/24, which is a directly connected network of R3. We cant get rid of it in the routing

table no matter what technique we use to summary the networks. Therefore, to make the routing
table of R3 has only 2 subnets we have to summary other subnets into one subnet.
In the output if we dont see the summary line (like 10.0.0.0/8 is a summary) then we should
use the command ip summary-address eigrp 123 10.2.0.0 255.255.0.0 so that all the ping can
work well.
In conclusion, we will use the ip summary-address eigrp 123 10.2.0.0 255.255.0.0 at the
interface s0/0 of R4 to summary.
R4>enable
R4#configure terminal
R4(config)#interface s0/0
R4(config-if)#ip summary-address eigrp 123 10.2.0.0 255.255.0.0
Now we jump back to R3 and use the show ip route command to verify the effect, the output is
shown below:

(But please notice that the ip addresses and the subnet masks in your real exam might be
different so you might use different ones to solve this question)
But in your real exam, if you see the line 10.0.0.0/8 is a summary,.Null0 then you need to
summary using the network 10.0.0.0/8 with the command ip summary-address eigrp 123
10.0.0.0 255.0.0.0 . This configuration is less optimize than the first but it summaries into 2
subnets as the question requires (maybe you will not see this case, dont worry!).
The command copy running-config startup-config will not work so try using this command;
just skip if it doesnt work.
OSPF Sim

May 8th, 2014 in Lab Sim, LabSim Go to comments

Question

OSPF is configured on routers Amani and Lynaic. Amanis S0/0 interface and Lynaics S0/1
interface are in Area 0. Lynaics Loopback0 interface is in Area 2.

Your task is to configure the following:

Portlands S0/0 interface in Area 1
Amanis S0/1 interface in Area 1
Use the appropriate mask such that ONLY Portlands S0/0 and Amnanis S0/1 could be in
Area 1.
Area 1 should not receive any external or inter-area routes (except the default route).
Answer and Explanation:
First, we configure Portlands S0/0 interface so that it belongs to Area 1. So, we have to find out
which sub-network the IP address 192.168.4.5/30 (the IP of interface S0/0 of Portland) belongs
to. This address belongs to a subnetwork which has:
Increment: 4 (/30 = 255.255.255.252 or 1111 1111.1111 1111.1111 1111.1111 1100)
Network address: 192.168.4.4 (because 4 = 4 * 1 and 4 < 5)
Broadcast address: 192.168.4.7 (because 7 = 4 + 4 1) (It is not necessary to find out the
broadcast address but we should know it)
The question requires that only Portlands S0/0 and Amanis S0/1 could be in Area 1, therefore
we must use a wildcard of 0.0.0.3 (this wildcard is equivalent with a subnet mask of /30) so that
there are only 2 IP addresses can participate in area 1 (they are 192.168.4.5 & 192.168.4.6). The
full command we use here is network 192.168.4.4 0.0.0.3 area 1
The question also requires that Area 1 should not receive any external or inter-area routes
(except the default route). Recall that if we dont want the router to receive external routes, we

have to stop LSA Type 5. And if we dont want to receive inter-area routes, we have to stop LSA
Type 3 and Type 4. Therefore we have to configure area 1 as a totally stubby area. For your
information, here is the definition of a totally stubby area:
Totally stubb area This area does not accept summary LSAs from other areas (types 3 or 4)
or external summary LSAs (Type 5). Types 3,4 and 5 LSAs are replaced by the Area Border
Router(ABR) with a default router. Totally stubby areas protect internal routers by minimizing
the routing table and summarizing everything outside the area with a default route. (CCNP
BSCI Official Exam Certification Guide, Fourth Edition)
In conclusion, we have to configure area 1 as a totally stubby area. We do that by configuring
Portland as stub and configuring Amani (ABR router) as a stub + no-summarysuffix.
+ Configure Portland router as a stub:
Portland#configure terminal
Portland(config)#router ospf 1
Allow network 192.168.4.4/30 to join Area 1, notice that you have to convert subnet mask into
wildcard mask:
Portland(config-router)#network 192.168.4.4 0.0.0.3 area 1
Configure Portland as a stub:
Portland(config-router)#area 1 stub
Portland(config-router)#end
Portland#copy running-config startup-config
+ Configure Amani router as a totally stub:
Amani#configure terminal
Amani(config)#router ospf 1
Amani(config-router)#network 192.168.4.4 0.0.0.3 area 1
Make area 1 become a totally stubby area, notice that we can only use this command on ABR
router:
Amani(config-router)#area 1 stub no-summary
Amani(config-router)#end
Amani#copy running-config startup-config
Note: Make sure to check the OSPF process ID before typing your configuration. Maybe it is not
OSPF process 1 like the configuration above.

Other lab-sims on this site:

IPv6 OSPF Virtual Link Sim

May 8th, 2014 in Lab Sim, LabSim Go to comments
Question
TUT is a small company that has an existing enterprise network that is running IPv6 OSPFv3.
However, R4s loopback address (FEC0:4:4) cannot be seen in R1. Identify and fix this fault, do
not change the current area assignments. Your task is complete when R4s loopback address
(FEC0:4:4) can be seen in the routing table of R1.

Special Note: To gain the maximum number of points you must remove all incorrect or
unneeded configuration statements related to this issue.
Answer and Explanation:
To troubleshoot the problem, first issue the show running-config on all of 4 routers. Pay more
attention to the outputs of routers R2 and R3
The output of the show running-config command of R2:

The output of the show running-config command of R3:

We knew that all areas in an Open Shortest Path First (OSPF) autonomous system must be
physically connected to the backbone area (Area 0). In some cases, where this is not possible,we
can use a virtual link to connect to the backbone through a non-backbone area. The area through
which you configure the virtual link is known as a transit area. In this case, the area 11 will
become the transit area. Therefore, routers R2 and R3 must be configured with the area area-id
virtual-link neighbor-router-id command.
+ Configure virtual link on R2 (from the first output above, we learned that the OSPF process ID
of R2 is 1):
R2>enable
R2#configure terminal
R2(config)#ipv6 router ospf 1
R2(config-rtr)#area 11 virtual-link 3.3.3.3
(Notice that we have to use neighbor router-id 3.3.3.3, not R2s router-id 2.2.2.2)
+ Configure virtual link on R3 (from the second output above, we learned that the OSPF process
ID of R3 is 1 and we have to disable the wrong configuration of area 54 virtual-link 4.4.4.4):
R3>enable
R3#configure terminal
R3(config)#ipv6 router ospf 1
R3(config-rtr)#no area 54 virtual-link 4.4.4.4
R3(config-rtr)#area 11 virtual-link 2.2.2.2

We should check the configuration on R4:

R4>enable
R4#show running-config
You will see a wrongly configured virtual-link command. To get full mark we have to disable
this command:
R4#configure terminal
R4(config)#ipv6 router ospf 1
R4(config-rtr)#no area 54 virtual-link 3.3.3.3
After finishing the configuration dont forget to ping between R1 and R4 to make sure they work
well!
Now all the configuration was done. It is weird that we cant ping the IPv6 loopback interface of
R4 (with the ping or ping ipv6 command) but we can check by using the command show ipv6
route on R1
The copying running-config startup-config command will not work but dont worry, just skip
it.
Notice: If you issue the command show running-config on R1, you will see these two lines:
passive-interface default
no passive-interface fa0/0 (fa0/0 is the interface connecting with R2)
These two lines make all the interfaces of R1 become passive interfaces
except interface fa0/0. They areEIGRP Simlet
May 5th, 2014 in Lab Sim Go to comments

EIGRP SHOW IP EIGRP TOPOLOGY

ALL-LINKS
Here you will find answers to EIGRP Simlet question
Question
Refer to the exhibit. BigBids Incorporated is a worldwide auction provider. The network uses
EIGRP as its routing protocol throughout the corporation. The network administrator does not

understand the convergence of EIGRP. Using the output of the show ip eigrp topology all-links
command, answer the administrators questions.

Question 1
Which two networks does the Core1 device have feasible successors for? (Choose two)
A 172.17.0.0/30
B 172.17.1.0/24
C 172.17.2.0/24
D 172.17.3.0/25
E 172.17.3.128/25
F 10.140.0.0/24

Answer: A F
Explanation
To understand the output of the show ip eigrp topology all-links command command, lets
analyze an entry (we choose the second entry because it is better for demonstration than the first
one)

The first line tells us there is only 1 successor for the path to 10.140.0.0/24 network but there are
2 lines below. So we can deduce that one line is used for successor and the other is used for
another route to that network. Each of these two lines has 2 parameters: the first one (156160
or 157720) is the Feasible Distance (FD) and the second (128256 or 155160) is the
Advertised Distance (AD) of that route.
The next thing we want to know is: if the route via 172.17.10.2 (the last line) would become the
feasible successor for the 10.140.0.0/24 network. To figure out, we have to compare the
Advertised Distance of that route with the Feasible Distance of the successors route, if AD < FD
then it will become the feasible successor. In this case, because AD (155160) < FD (156160) so it
will become the feasible successor. Therefore we can conclude the network 10.140.0.0/24 has 1
feasible successor.
After understanding the output, lets have a look at the entire output:

Because the question asks about feasible successor so we just need to focus on entries which
have more paths than the number of successor. In this case, we find 3 entries that are in blue
boxes because they have only 1 successor but has 2 paths, so the last path can be the feasible
successor.

By comparing the value of AD (of that route) with the FD (of successors route) we figure out
there are 2 entries will have the feasible successor: the first and the second entry. The third entry
has AD = FD (30720) so we eliminate it.
Question 2
Which three EIGRP routes will be installed for the 172.17.3.128/25 and 172.17.2.0/24 networks?
(Choose three)
A 172.17.3.128.25 [90/28160] via 172.17.1 2, 01:26:35, FastEthernet0/2
B 172.17.3.128/25 [90/30720] via 172.17.3.2, 01:26:35, FastEthemet0/3
C 172.17.3.128/25 [90/30720] via 172.17.10.2, 01:26:35, FastEthernet0/1
D 172.17.2.0/24 [90/30720] via 172.17.10.2, 02:10:11, FastEthernet0/1
E 172.17.2.0/24 [90/28160] via 172.17.10.2, 02:10:11, FastEthernet0/1
F 172.17.2.0/24 [90/33280] via 172.17.3.2, 02:10:11, FastEthernet0/3

Answer: B C D
Explanation
First indicate the positions of these networks:

Network 172.17.3.128/25 has 2 successors, therefore the two paths below are both successors.
Network 172.17.2.0/24 has only 1 successor, therefore the path lies right under it is the
successor.
Question 3
Which three networks is the router at 172.17.10.2 directly connected to? (Choose three)
A 172.17.0.0/30
B 172.17.1.0/24
C 172.17.2.0/24
D 172.17.3.0/25
E 172.17.3.128/25
F 172.17.10.0/24

Answer: C E F
Explanation

First, we should notice about the entry in the orange box, it shows that the network
172.17.10.0/24 is directly connected with this router and has a FD of 28160. So we can guess the

networks that directly connected with router at 172.17.10.2 will be shown with an AD of 28160.
From that, we find out 3 networks which are directly connected to the router at 172.17.10.2 (they
are green underlined). The network 172.17.10.0/24 is surely directly connected to the router at
172.17.10.2 (in fact it is the network that links the router at 172.17.10.2 with Core1 router).

Other lab-sims on this site:

correctly configured so dont try to disable them.

Policy Based Routing Sim

May 8th, 2014 in Lab Sim, LabSim Go to comments
Question
Company TUT has two links to the Internet. The company policy requires that web traffic must
be forwarded only to Frame Relay link if available and other traffic can go through any links. No
static or default routing is allowed.

Answer and Explanation:

Notice: The answer and explanation below are from PeterPan and Helper.Please say thank to
them!
All the HTTP traffic from the EIGRP Network should go through Frame Relay link if available
and all the other traffic should go through either link.
The only router you are able to administrate is the Border Router, from the EIGRP Network you
may only send HTTP traffic. As the other people mentioned, actually it is not a BGP lab. You are
not able to execute the command router bgp 65001
1) Access list that catches the HTTP traffic:
BorderRouter(config)#access-list 101 permit tcp any any eq www
Note that the server was not directly connected to the Border Router. There were a lot of EIGRP
routes on it. In the real exam you do not know the exact IP address of the server in the EIGRP
network so we have to use the source as any to catch all the source addresses.
2) Route map that sets the next hop address to be ISP1 and permits the rest of the traffic:
BorderRouter(config)#route-map pbr permit 10
BorderRouter(config-route-map)#match ip address 101
BorderRouter(config-route-map)#set ip next-hop 10.1.101.1
BorderRouter(config-route-map)#exit
(Update: We dont need the last command route-map pbr permit 20 to permit other traffic
according to Cisco:
If the packets do not meet any of the defined match criteria (that is, if the packets fall off the
end of a route map), then those packets are routed through the normal destination-based routing
process. If it is desired not to revert to normal forwarding and to drop the packets that do not
match the specified criteria, then interface Null 0 should be specified as the last interface in the
list by using the set clause.
Reference:
http://www.cisco.com/en/US/products/ps6599/products_white_paper09186a00800a4409.shtml)
3) Apply the route-map on the interface to the server in the EIGRP Network:
BorderRouter(config-route-map)#exit
BorderRouter(config)#int fa0/0
BorderRouter(config-if)#ip policy route-map pbr
BorderRouter(config-if)#exit
BorderRouter(config)#exit
4) There is a Host for Testing, click on this host to open a box in which there is a button named
Generate HTTP traffic. Click on this button to generate some packets for HTTP traffic. Jump
back to the BorderRouter and type the command show route-map.
BorderRouter#show route-map

In the output you will see the line Policy routing matches: 9 packets. It means that the routemap we configured is working properly.

IPv6 OSPF Virtual Link Sim

May 8th, 2014 in Lab Sim, LabSim Go to comments
Question
TUT is a small company that has an existing enterprise network that is running IPv6 OSPFv3.
However, R4s loopback address (FEC0:4:4) cannot be seen in R1. Identify and fix this fault, do
not change the current area assignments. Your task is complete when R4s loopback address
(FEC0:4:4) can be seen in the routing table of R1.

Special Note: To gain the maximum number of points you must remove all incorrect or
unneeded configuration statements related to this issue.
Answer and Explanation:
To troubleshoot the problem, first issue the show running-config on all of 4 routers. Pay more
attention to the outputs of routers R2 and R3
The output of the show running-config command of R2:

The output of the show running-config command of R3:

We knew that all areas in an Open Shortest Path First (OSPF) autonomous system must be
physically connected to the backbone area (Area 0). In some cases, where this is not possible,we
can use a virtual link to connect to the backbone through a non-backbone area. The area through
which you configure the virtual link is known as a transit area. In this case, the area 11 will
become the transit area. Therefore, routers R2 and R3 must be configured with the area area-id
virtual-link neighbor-router-id command.
+ Configure virtual link on R2 (from the first output above, we learned that the OSPF process ID
of R2 is 1):
R2>enable
R2#configure terminal
R2(config)#ipv6 router ospf 1
R2(config-rtr)#area 11 virtual-link 3.3.3.3
(Notice that we have to use neighbor router-id 3.3.3.3, not R2s router-id 2.2.2.2)
+ Configure virtual link on R3 (from the second output above, we learned that the OSPF process
ID of R3 is 1 and we have to disable the wrong configuration of area 54 virtual-link 4.4.4.4):
R3>enable
R3#configure terminal
R3(config)#ipv6 router ospf 1
R3(config-rtr)#no area 54 virtual-link 4.4.4.4
R3(config-rtr)#area 11 virtual-link 2.2.2.2

We should check the configuration on R4:

R4>enable
R4#show running-config
You will see a wrongly configured virtual-link command. To get full mark we have to disable
this command:
R4#configure terminal
R4(config)#ipv6 router ospf 1
R4(config-rtr)#no area 54 virtual-link 3.3.3.3
After finishing the configuration dont forget to ping between R1 and R4 to make sure they work
well!
Now all the configuration was done. It is weird that we cant ping the IPv6 loopback interface of
R4 (with the ping or ping ipv6 command) but we can check by using the command show ipv6
route on R1
The copying running-config startup-config command will not work but dont worry, just skip
it.
Notice: If you issue the command show running-config on R1, you will see these two lines:
passive-interface default
no passive-interface fa0/0 (fa0/0 is the interface connecting with R2)
These two lines make all the interfaces of R1 become passive interfaces except interface fa0/0.
They are correctly configured so dont try to disable them.

EIGRP Stub Sim

May 8th, 2014 in Lab Sim, LabSim Go to comments
Question
TUT Corporation has just extended their business. R3 is the new router from which they can
reach all Corporate subnets. In order to raise network stableness and lower the memory usage
and broadband utilization to R3, TUT Corporation makes use of route summarization together
with the EIGRP Stub Routing feature. Another network engineer is responsible for this solution.
However, in the process of configuring EIGRP stub routing connectivity with the remote
network devices off of R3 has been missing.

Presently TUT has configured EIGRP on all routers in the network R2, R3, and R4. Your duty is
to find and solve the connectivity failure problem with the remote office router R3. You should
then configure route summarization only to the distant office router R3 to complete the task after
the problem has been solved.
The success of pings from R4 to the R3 LAN interface proves that the fault has been corrected
and the R3 IP routing table only contains two 10.0.0.0 subnets.
Answer and Explanation:
First we have to figure out why R3 and R4 can not communicate with each other. Use the show
running-config command on router R3

Notice that R3 is configured as a stub receive-only router. The receive-only keyword will restrict
the router from sharing any of its routes with any other router in that EIGRP autonomous system.
This keyword will also prevent any type of route from being sent.

Therefore we will remove this command and replace it with the eigrp stub command:
R3#configure terminal
R3(config)#router eigrp 123
R3(config-router)#no eigrp stub receive-only
R3(config-router)#eigrp stub
R3(config-router)#end
Now R3 will send updates containing its connected and summary routes to other routers. Notice
that the eigrp stub command equals to the eigrp stub connected summary because the
connected and summary options are enabled by default.
Next we will configure router R3 so that it has only 2 subnets of 10.0.0.0 network. Use the show
ip route command on R3 to view its routing table
R3#show ip route

Because we want the routing table of R3 only have 2 subnets so we have to summary subnetworks at the interface which is connected with R3, the s0/0 interface of R4.
There is one interesting thing about the output of the show ip route shown above: the
10.2.3.0/24, which is a directly connected network of R3. We cant get rid of it in the routing

table no matter what technique we use to summary the networks. Therefore, to make the routing
table of R3 has only 2 subnets we have to summary other subnets into one subnet.
In the output if we dont see the summary line (like 10.0.0.0/8 is a summary) then we should
use the command ip summary-address eigrp 123 10.2.0.0 255.255.0.0 so that all the ping can
work well.
In conclusion, we will use the ip summary-address eigrp 123 10.2.0.0 255.255.0.0 at the
interface s0/0 of R4 to summary.
R4>enable
R4#configure terminal
R4(config)#interface s0/0
R4(config-if)#ip summary-address eigrp 123 10.2.0.0 255.255.0.0
Now we jump back to R3 and use the show ip route command to verify the effect, the output is
shown below:

(But please notice that the ip addresses and the subnet masks in your real exam might be
different so you might use different ones to solve this question)
But in your real exam, if you see the line 10.0.0.0/8 is a summary,.Null0 then you need to
summary using the network 10.0.0.0/8 with the command ip summary-address eigrp 123
10.0.0.0 255.0.0.0 . This configuration is less optimize than the first but it summaries into 2
subnets as the question requires (maybe you will not see this case, dont worry!).
The command copy running-config startup-config will not work so try using this command;
just skip if it doesnt work.

OSPF Sim
May 8th, 2014 in Lab Sim, LabSim Go to comments
Question

OSPF is configured on routers Amani and Lynaic. Amanis S0/0 interface and Lynaics S0/1
interface are in Area 0. Lynaics Loopback0 interface is in Area 2.

Your task is to configure the following:

Portlands S0/0 interface in Area 1
Amanis S0/1 interface in Area 1
Use the appropriate mask such that ONLY Portlands S0/0 and Amnanis S0/1 could be in
Area 1.
Area 1 should not receive any external or inter-area routes (except the default route).
Answer and Explanation:
First, we configure Portlands S0/0 interface so that it belongs to Area 1. So, we have to find out
which sub-network the IP address 192.168.4.5/30 (the IP of interface S0/0 of Portland) belongs
to. This address belongs to a subnetwork which has:
Increment: 4 (/30 = 255.255.255.252 or 1111 1111.1111 1111.1111 1111.1111 1100)
Network address: 192.168.4.4 (because 4 = 4 * 1 and 4 < 5)
Broadcast address: 192.168.4.7 (because 7 = 4 + 4 1) (It is not necessary to find out the
broadcast address but we should know it)
The question requires that only Portlands S0/0 and Amanis S0/1 could be in Area 1, therefore
we must use a wildcard of 0.0.0.3 (this wildcard is equivalent with a subnet mask of /30) so that
there are only 2 IP addresses can participate in area 1 (they are 192.168.4.5 & 192.168.4.6). The
full command we use here is network 192.168.4.4 0.0.0.3 area 1
The question also requires that Area 1 should not receive any external or inter-area routes
(except the default route). Recall that if we dont want the router to receive external routes, we

have to stop LSA Type 5. And if we dont want to receive inter-area routes, we have to stop LSA
Type 3 and Type 4. Therefore we have to configure area 1 as a totally stubby area. For your
information, here is the definition of a totally stubby area:
Totally stubb area This area does not accept summary LSAs from other areas (types 3 or 4)
or external summary LSAs (Type 5). Types 3,4 and 5 LSAs are replaced by the Area Border
Router(ABR) with a default router. Totally stubby areas protect internal routers by minimizing
the routing table and summarizing everything outside the area with a default route. (CCNP
BSCI Official Exam Certification Guide, Fourth Edition)
In conclusion, we have to configure area 1 as a totally stubby area. We do that by configuring
Portland as stub and configuring Amani (ABR router) as a stub + no-summarysuffix.
+ Configure Portland router as a stub:
Portland#configure terminal
Portland(config)#router ospf 1
Allow network 192.168.4.4/30 to join Area 1, notice that you have to convert subnet mask into
wildcard mask:
Portland(config-router)#network 192.168.4.4 0.0.0.3 area 1
Configure Portland as a stub:
Portland(config-router)#area 1 stub
Portland(config-router)#end
Portland#copy running-config startup-config
+ Configure Amani router as a totally stub:
Amani#configure terminal
Amani(config)#router ospf 1
Amani(config-router)#network 192.168.4.4 0.0.0.3 area 1
Make area 1 become a totally stubby area, notice that we can only use this command on ABR
router:
Amani(config-router)#area 1 stub no-summary
Amani(config-router)#end
Amani#copy running-config startup-config

EIGRP Simlet

May 5th, 2014 in Lab Sim Go to comments

EIGRP SHOW IP EIGRP TOPOLOGY

ALL-LINKS
Here you will find answers to EIGRP Simlet question
Question
Refer to the exhibit. BigBids Incorporated is a worldwide auction provider. The network uses
EIGRP as its routing protocol throughout the corporation. The network administrator does not
understand the convergence of EIGRP. Using the output of the show ip eigrp topology all-links
command, answer the administrators questions.

Question 1
Which two networks does the Core1 device have feasible successors for? (Choose two)
A 172.17.0.0/30
B 172.17.1.0/24

C 172.17.2.0/24
D 172.17.3.0/25
E 172.17.3.128/25
F 10.140.0.0/24

Answer: A F
Explanation
To understand the output of the show ip eigrp topology all-links command command, lets
analyze an entry (we choose the second entry because it is better for demonstration than the first
one)

The first line tells us there is only 1 successor for the path to 10.140.0.0/24 network but there are
2 lines below. So we can deduce that one line is used for successor and the other is used for
another route to that network. Each of these two lines has 2 parameters: the first one (156160
or 157720) is the Feasible Distance (FD) and the second (128256 or 155160) is the
Advertised Distance (AD) of that route.
The next thing we want to know is: if the route via 172.17.10.2 (the last line) would become the
feasible successor for the 10.140.0.0/24 network. To figure out, we have to compare the
Advertised Distance of that route with the Feasible Distance of the successors route, if AD < FD
then it will become the feasible successor. In this case, because AD (155160) < FD (156160) so it
will become the feasible successor. Therefore we can conclude the network 10.140.0.0/24 has 1
feasible successor.
After understanding the output, lets have a look at the entire output:

Because the question asks about feasible successor so we just need to focus on entries which
have more paths than the number of successor. In this case, we find 3 entries that are in blue
boxes because they have only 1 successor but has 2 paths, so the last path can be the feasible
successor.
By comparing the value of AD (of that route) with the FD (of successors route) we figure out
there are 2 entries will have the feasible successor: the first and the second entry. The third entry
has AD = FD (30720) so we eliminate it.
Question 2
Which three EIGRP routes will be installed for the 172.17.3.128/25 and 172.17.2.0/24 networks?
(Choose three)
A 172.17.3.128.25 [90/28160] via 172.17.1 2, 01:26:35, FastEthernet0/2
B 172.17.3.128/25 [90/30720] via 172.17.3.2, 01:26:35, FastEthemet0/3
C 172.17.3.128/25 [90/30720] via 172.17.10.2, 01:26:35, FastEthernet0/1
D 172.17.2.0/24 [90/30720] via 172.17.10.2, 02:10:11, FastEthernet0/1
E 172.17.2.0/24 [90/28160] via 172.17.10.2, 02:10:11, FastEthernet0/1
F 172.17.2.0/24 [90/33280] via 172.17.3.2, 02:10:11, FastEthernet0/3

Answer: B C D

Explanation
First indicate the positions of these networks:

Network 172.17.3.128/25 has 2 successors, therefore the two paths below are both successors.
Network 172.17.2.0/24 has only 1 successor, therefore the path lies right under it is the
successor.
Question 3
Which three networks is the router at 172.17.10.2 directly connected to? (Choose three)
A 172.17.0.0/30
B 172.17.1.0/24
C 172.17.2.0/24
D 172.17.3.0/25
E 172.17.3.128/25
F 172.17.10.0/24

Answer: C E F

Explanation

First, we should notice about the entry in the orange box, it shows that the network
172.17.10.0/24 is directly connected with this router and has a FD of 28160. So we can guess the
networks that directly connected with router at 172.17.10.2 will be shown with an AD of 28160.
From that, we find out 3 networks which are directly connected to the router at 172.17.10.2 (they
are green underlined). The network 172.17.10.0/24 is surely directly connected to the router at
172.17.10.2 (in fact it is the network that links the router at 172.17.10.2 with Core1 router).