Edited 6/21/04
ISP – Lab 4.1.1 and Lab 4.1.2
service timestamps debug datetime msec localtime
service timestamps log datetime localtime
no service password-encryption
!
hostname ISP
!
!
clock timezone Hawaii -10
!
no ip domain-lookup
!
ip subnet-zero
!
interface Loopback0
ip address 10.2.1.2 255.255.255.252
!
interface Loopback1
ip address 192.168.1.1 255.255.255.0
!
interface Loopback2
ip address 192.168.2.1 255.255.255.0
!
interface Loopback3
ip address 192.168.3.1 255.255.255.0
!
interface Loopback4
ip address 192.168.4.1 255.255.255.0
!
interface Loopback5
ip address 192.168.5.1 255.255.255.0
!
interface Loopback6
ip address 192.168.6.1 255.255.255.0
!
interface Loopback10
description RedCross
ip address 213.173.185.10 255.255.255.0
interface Loopback11
description Cisco
ip address 198.133.219.25 255.255.255.0
!
interface Loopback12
description Google
ip address 216.239.33.101 255.255.255.0
!
interface FastEthernet0/0
description Link to Elmhurst
ip address 172.17.22.1 255.255.255.252
no shutdown
!
interface Serial0/0
no ip address
shutdown
!
interface Serial0/1
no ip address
shutdown
!
router bgp 222
synchronization
bgp log-neighbor-changes
network 10.2.1.0 mask 255.255.255.252
network 192.168.1.0
network 192.168.2.0
network 192.168.3.0
network 192.168.4.0
network 192.168.5.0
network 192.168.6.0
network 198.133.219.0
network 213.173.185.0
network 216.239.33.0
neighbor 172.17.22.2 remote-as 77
no auto-summary
!
ip classless
ip http server
!
!
banner motd ^C
MOD4-MOD4-MOD4-MOD4-MOD4-MOD4-MOD4-MOD4-MOD4-MOD4
ISP
-- Lab 4.1.1 and Lab 4.1.2 --
MOD4-MOD4-MOD4-MOD4-MOD4-MOD4-MOD4-MOD4-MOD4-MOD4
^C
!
line con 0
exec-timeout 20 0
password cisco
login
stopbits 1
flowcontrol hardware
line aux 0
no exec
line vty 0 4
exec-timeout 20 0
password cisco
logging synchronous
login
!
ntp clock-period 17208456
ntp master 2
!
! no issues
!
end
Orlando – Lab 4.1.1 and Lab 4.1.2
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Orlando
!
!
ip host Montreal 172.26.169.1 172.26.168.130 172.28.128.6
ip host Toronto 172.26.168.1 172.26.168.129 172.26.166.2 172.26.166.130
ip host Kingston 172.26.165.1 172.26.161.1 172.26.166.1 172.26.166.129
ip host Kingston_SW 172.26.161.2
ip host Orlando 172.28.128.8 172.17.22.2 172.28.170.1 172.28.171.1
ip host Elmhurst 172.28.170.2
ip host CCNP4_Server 172.28.128.9
!
ip host RedCross 213.173.185.10
ip host Cisco 198.133.219.25
ip host Google 216.239.33.101
ip host ISP 10.2.1.2
!
clock timezone Hawaii -10
!
no ip domain-lookup
!
ip subnet-zero
!
interface Loopback0
ip address 172.28.171.1 255.255.255.192
!
interface FastEthernet0/0
no ip address
speed auto
!
full-duplex
!
no shutdown
!
interface FastEthernet0/0.10
encapsulation dot1Q 10
ip address 172.17.22.2 255.255.255.252
!
interface FastEthernet0/0.28
encapsulation dot1Q 28
ip address 172.28.128.8 255.255.255.240
!
interface FastEthernet0/0.99
encapsulation dot1Q 99
ip address 172.28.170.1 255.255.255.192
!
interface Serial0/0
no ip address
shutdown
no fair-queue
!
interface Serial0/1
no ip address
shutdown
!
router bgp 77
bgp log-neighbor-changes
network 172.28.128.0 mask 255.255.255.240
network 172.28.170.0 mask 255.255.255.192
network 172.17.22.0 mask 255.255.255.252
network 172.28.171.0 mask 255.255.255.192
neighbor 172.17.22.1 remote-as 222
neighbor 172.28.128.6 remote-as 61
!
ip classless
!
ip route 0.0.0.0 0.0.0.0 172.17.22.1
ip http server
!
logging source-interface Loopback0
logging 172.28.128.9
!
access-list 77 remark Allow all workgroups Telnet and SNMP access
access-list 77 permit 172.26.0.0 0.0.255.255
access-list 77 remark Allow CCNP4_Server Telnet and SNMP access
access-list 77 permit 172.28.128.0 0.0.0.15
access-list 77 remark Allow Elmhurst Telnet and SNMP access
access-list 77 permit 172.28.170.0 0.0.0.63
!
!
snmp-server community Acme RO 77
snmp-server chassis-id Orlando
snmp-server enable traps snmp authentication coldstart warmstart
snmp-server enable traps tty
snmp-server enable traps config
snmp-server enable traps entity
snmp-server enable traps frame-relay
snmp-server enable traps syslog
snmp-server enable traps rtr
snmp-server enable traps ipmulticast
!
banner motd ^C
MOD4-MOD4-MOD4-MOD4-MOD4-MOD4-MOD4-MOD4-MOD4-MOD4
Orlando
an ACME Core Workgroup Router
-- Lab 4.1.1 and Lab 4.1.2 --
MOD4-MOD4-MOD4-MOD4-MOD4-MOD4-MOD4-MOD4-MOD4-MOD4
^C
!
line con 0
exec-timeout 20 0
password cisco
login
stopbits 1
flowcontrol hardware
line aux 0
line vty 0 4
access-class 77 in
exec-timeout 20 0
password cisco
logging synchronous
login
ntp server 172.17.22.1
!
! no issues
!
end
Elmhurst – Lab 4.1.1 and Lab 4.1.2
service timestamps debug datetime msec localtime
service timestamps log datetime localtime
no service password-encryption
!
hostname Elmhurst
!
!
!
logging buffered 65536 debugging
!
!
ip host Montreal 172.26.169.1 172.26.168.130 172.28.128.6
ip host Toronto 172.26.168.1 172.26.168.129 172.26.166.2 172.26.166.130
ip host Kingston 172.26.165.1 172.26.161.1 172.26.166.1 172.26.166.129
ip host Kingston_SW 172.26.161.2
ip host Orlando 172.28.128.8 172.17.22.2 172.28.170.1 172.28.171.1
ip host Elmhurst 172.28.170.2
ip host CCNP4_Server 172.28.128.9
!
ip host RedCross 213.173.185.10
ip host Cisco 198.133.219.25
ip host Google 216.239.33.101
ip host ISP 10.2.1.2
!
clock timezone Hawaii -10
!
ip subnet-zero
no ip domain-lookup
vtp domain CIT
vtp mode transparent
!
vlan 10
name ISP
!
vlan 28
name Core_28
!
vlan 99
name Management_VLAN
!
!
spanning-tree portfast default
spanning-tree extend system-id
spanning-tree backbonefast
spanning-tree vlan 28 priority 8192
!
!
interface Port-channel6
switchport mode trunk
no ip address
!
interface FastEthernet0/1
description Link to ISP
switchport access vlan 10
no ip address
!
interface FastEthernet0/2
description Link to Orlando
switchport mode trunk
speed 100
duplex full
no ip address
!
interface FastEthernet0/3
description Link to Montreal
switchport mode trunk
no ip address
channel-group 6 mode desirable
!
interface FastEthernet0/4
description Link to Montreal
switchport mode trunk
no ip address
channel-group 6 mode desirable
!
interface FastEthernet0/5
description Link to Server
switchport access vlan 28
no ip address
!
interface range FastEthernet0/6 - 24
no ip address
shutdown
!
interface GigabitEthernet0/1
no ip address
shutdown
!
interface GigabitEthernet0/2
no ip address
shutdown
!
interface Vlan1
no ip address
no ip route-cache
shutdown
!
interface Vlan99
description Management VLAN
ip address 172.28.170.2 255.255.255.192
no ip route-cache
no shutdown
!
ip default-gateway 172.28.170.1
!
ip http server
!
logging 172.28.128.9
!
access-list 77 remark Allow all workgroups Telnet and SNMP access
access-list 77 permit 172.26.0.0 0.0.255.255
access-list 77 remark Allow CCNP4_Server Telnet and SNMP access
access-list 77 permit 172.28.128.0 0.0.0.15
access-list 77 remark Allow Elmhurst Telnet and SNMP access
access-list 77 permit 172.28.170.0 0.0.0.63
!
snmp-server engineID local 800000090300000A8A584101
snmp-server community Acme RO 77
snmp-server chassis-id Elmhurst
snmp-server enable traps snmp authentication coldstart
snmp-server enable traps config
snmp-server enable traps syslog
snmp-server enable traps entity
snmp-server enable traps rtr
snmp-server enable traps c2900
snmp-server enable traps vtp
snmp-server enable traps vlan-membership
snmp-server enable traps MAC-Notification
snmp-server enable traps hsrp
snmp-server enable traps cluster
!
banner motd ^C
MOD4-MOD4-MOD4-MOD4-MOD4-MOD4-MOD4-MOD4-MOD4-MOD4
Elmhurst
an ACME Corporate Core Switch
-- Lab 4.1.1 and Lab 4.1.2 --
MOD4-MOD4-MOD4-MOD4-MOD4-MOD4-MOD4-MOD4-MOD4-MOD4
^C
!
line con 0
exec-timeout 20 0
password cisco
logging synchronous
login
flowcontrol hardware
line vty 0 4
access-class 77 in
exec-timeout 20 0
password cisco
logging synchronous
login
line vty 5 15
access-class 77 in
exec-timeout 20 0
password cisco
logging synchronous
login
!
ntp clock-period 17179895
ntp server 172.17.22.1
!
! no issues
!
end
Montreal – Lab 4.1.1 and Lab 4.1.2
service timestamps debug datetime msec localtime
service timestamps log datetime localtime
no service password-encryption
!
hostname Montreal
!
!
!
logging buffered 65536 debugging
ip host Montreal 172.26.169.1 172.26.168.130 172.28.128.6
ip host Toronto 172.26.168.1 172.26.168.129 172.26.166.2 172.26.166.130
ip host Kingston 172.26.165.1 172.26.161.1 172.26.166.1 172.26.166.129
ip host Kingston_SW 172.26.161.2
ip host Orlando 172.28.128.8 172.17.22.2 172.28.170.1 172.28.171.1
ip host Elmhurst 172.28.170.2
ip host CCNP4_Server 172.28.128.9
!
ip host RedCross 213.173.185.10
ip host Cisco 198.133.219.25
ip host Google 216.239.33.101
ip host ISP 10.2.1.2
!
clock timezone Hawaii -10
!
vlan 28
name Core_28
ip subnet-zero
ip routing
no ip domain-lookup
!
vtp domain CIT
vtp mode transparent
!
!
spanning-tree extend system-id
spanning-tree backbonefast
!
!
!
interface Loopback0
ip address 172.26.169.1 255.255.255.192
!
interface Port-channel62
description EtherChannel bundle to Elmhurst
switchport trunk encapsulation dot1q
switchport mode trunk
no ip address
spanning-tree vlan 28 port-priority 32
!
interface range FastEthernet0/1 – 2
no ip address
shutdown
!
interface FastEthernet0/3
description Link to Elmhurst
switchport trunk encapsulation dot1q
switchport mode trunk
no ip address
channel-group 62 mode desirable
!
interface FastEthernet0/4
description Link to Elmhurst
switchport trunk encapsulation dot1q
switchport mode trunk
no ip address
channel-group 62 mode desirable
!
interface FastEthernet0/5
description Link to Toronto
no switchport
ip address 172.26.168.130 255.255.255.192
speed 100
duplex full
!
interface range FastEthernet0/6 – 24
no ip address
shutdown
!
interface range GigabitEthernet 0/1 – 2
no ip address
shutdown
!
interface Vlan1
no ip address
no ip mroute-cache
!
interface Vlan28
description Path to Elmhurst
ip address 172.28.128.6 255.255.255.240
!
router eigrp 606
redistribute static
redistribute bgp 61 metric 10000 100 255 1 1500
network 172.26.168.128 0.0.0.63
network 172.26.169.0 0.0.0.63
no auto-summary
eigrp log-neighbor-changes
!
router bgp 61
bgp log-neighbor-changes
network 172.26.161.0 mask 255.255.255.192
network 172.26.162.0 mask 255.255.255.192
network 172.26.163.0 mask 255.255.255.192
network 172.26.164.0 mask 255.255.255.192
network 172.26.165.0 mask 255.255.255.192
network 172.26.166.0 mask 255.255.255.192
network 172.26.166.128 mask 255.255.255.192
network 172.26.168.0 mask 255.255.255.192
network 172.26.168.128 mask 255.255.255.192
network 172.26.169.0 mask 255.255.255.192
aggregate-address 172.26.0.0 255.255.0.0 summary-only
neighbor 172.28.128.8 remote-as 77
neighbor 172.28.128.8 distribute-list CIT in
!
ip classless
ip route 0.0.0.0 0.0.0.0 172.28.128.8
ip http server
!
ip access-list standard CIT
remark Include the Cisco web site
permit 198.133.219.0 0.0.0.255
!
access-list 61 remark Allow all workgroups Telnet and SNMP access
access-list 61 permit 172.26.0.0 0.0.255.255
access-list 61 remark Allow CCNP4_Server Telnet and SNMP access
access-list 61 permit 172.28.128.0 0.0.0.15
access-list 61 remark Allow Elmhurst Telnet and SNMP access
access-list 61 permit 172.28.170.0 0.0.0.63
!
logging source-interface Loopback0
logging 172.28.128.9
snmp-server engineID local 800000090300000A8A466781
snmp-server community Acme RO 61
snmp-server chassis-id Montreal
snmp-server enable traps snmp authentication warmstart coldstart
snmp-server enable traps config
snmp-server enable traps entity
snmp-server enable traps rtr
snmp-server enable traps vlan-membership
snmp-server enable traps vtp
snmp-server enable traps MAC-Notification
snmp-server enable traps hsrp
snmp-server enable traps cluster
snmp-server enable traps bgp
!
banner motd ^C
MOD4-MOD4-MOD4-MOD4-MOD4-MOD4-MOD4-MOD4-MOD4-MOD4
Montreal
an ACME Core Workgroup Router / Switch
-- Lab 4.1.1 and Lab 4.1.2 --
MOD4-MOD4-MOD4-MOD4-MOD4-MOD4-MOD4-MOD4-MOD4-MOD4
^C
!
line con 0
exec-timeout 20 0
password cisco
login
flowcontrol hardware
line vty 0 4
access-class 61 in
exec-timeout 20 0
password cisco
logging synchronous
login
line vty 5 15
access-class 61 in
exec-timeout 20 0
password cisco
logging synchronous
login
!
ntp server 172.17.22.1
!
! broken configs here - start
!
interface Port-channel62
shutdown
!
interface range FastEthernet0/1 – 4
shutdown
!
! broken configs here - end
!
end
Toronto – Lab 4.1.1 and Lab 4.1.2
service timestamps debug datetime msec localtime
service timestamps log datetime localtime
no service password-encryption
!
hostname Toronto
!
!
!
logging buffered 65536 debugging
ip host Montreal 172.26.169.1 172.26.168.130 172.28.128.6
ip host Toronto 172.26.168.1 172.26.168.129 172.26.166.2 172.26.166.130
ip host Kingston 172.26.165.1 172.26.161.1 172.26.166.1 172.26.166.129
ip host Kingston_SW 172.26.161.2
ip host Orlando 172.28.128.8 172.17.22.2 172.28.170.1 172.28.171.1
ip host Elmhurst 172.28.170.2
ip host CCNP4_Server 172.28.128.9
!
ip host RedCross 213.173.185.10
ip host Cisco 198.133.219.25
ip host Google 216.239.33.101
ip host ISP 10.2.1.2
!
memory-size iomem 10
!
clock timezone Hawaii -10
!
ip subnet-zero
!
!
no ip domain-lookup
!
!
!
interface Loopback0
ip address 172.26.168.1 255.255.255.192
!
interface FastEthernet0/0
description Link to Montreal
ip address 172.26.168.129 255.255.255.192
ip policy route-map USE_FAST
speed 100
!
full-duplex
!
no shutdown
!
interface Serial0/0
description Fast Link to Kingston
bandwidth 1544
ip address 172.26.166.2 255.255.255.192
no shutdown
!
interface Serial0/1
description Slow Link to Kingston (adtran 1/2)
bandwidth 512
ip address 172.26.166.130 255.255.255.192
encapsulation frame-relay
frame-relay interface-dlci 201
no shutdown
!
router eigrp 606
passive-interface default
no passive-interface FastEthernet0/0
no passive-interface Serial0/0
no passive-interface Serial0/1
network 172.26.166.0 0.0.0.63
network 172.26.166.128 0.0.0.63
network 172.26.168.0 0.0.0.63
network 172.26.168.128 0.0.0.63
no auto-summary
!
ip classless
no ip http server
!
!
ip access-list extended Admin
permit ip any 172.26.161.0 0.0.0.255
permit ip any 172.26.165.0 0.0.0.255
!
ip access-list extended END_USERS
remark Allow PC End Users
permit ip any 172.26.164.0 0.0.0.255
permit ip any 172.26.162.0 0.0.1.255
!
access-list 61 remark Allow all workgroups Telnet and SNMP access
access-list 61 permit 172.26.0.0 0.0.255.255
access-list 61 remark Allow CCNP4_Server Telnet and SNMP access
access-list 61 permit 172.28.128.0 0.0.0.15
access-list 61 remark Allow Elmhurst Telnet and SNMP access
access-list 61 permit 172.28.170.0 0.0.0.63
!
route-map USE_FAST deny 10
match ip address END_USERS
!
route-map USE_FAST permit 20
match ip address Admin
set ip next-hop 172.26.166.129
!
logging source-interface Loopback0
logging 172.28.128.9
snmp-server community Acme RO 61
snmp-server chassis-id Toronto
snmp-server enable traps snmp authentication coldstart warmstart
snmp-server enable traps tty
snmp-server enable traps config
snmp-server enable traps entity
snmp-server enable traps frame-relay
snmp-server enable traps syslog
snmp-server enable traps rtr
snmp-server enable traps ipmulticast
!
banner motd ^C
MOD4-MOD4-MOD4-MOD4-MOD4-MOD4-MOD4-MOD4-MOD4-MOD4
Toronto
an ACME Distribution Workgroup Router
-- Lab 4.1.1 and Lab 4.1.2 --
MOD4-MOD4-MOD4-MOD4-MOD4-MOD4-MOD4-MOD4-MOD4-MOD4
^C
!
line con 0
exec-timeout 20 0
password cisco
login
stopbits 1
flowcontrol hardware
line aux 0
no exec
line vty 0 4
access-class 61 in
exec-timeout 20 0
password cisco
logging synchronous
login
!
ntp clock-period 17208260
ntp server 172.17.22.1
!
! no issues
!
end
Kingston – Lab 4.1.1 and Lab 4.1.2
service timestamps debug datetime msec localtime
service timestamps log datetime localtime
no service password-encryption
!
hostname Kingston
!
!
!
logging buffered 65536 debugging
ip host Montreal 172.26.169.1 172.26.168.130 172.28.128.6
ip host Toronto 172.26.168.1 172.26.168.129 172.26.166.2 172.26.166.130
ip host Kingston 172.26.165.1 172.26.161.1 172.26.166.1 172.26.166.129
ip host Kingston_SW 172.26.161.2
ip host Orlando 172.28.128.8 172.17.22.2 172.28.170.1 172.28.171.1
ip host Elmhurst 172.28.170.2
ip host CCNP4_Server 172.28.128.9
!
ip host RedCross 213.173.185.10
ip host Cisco 198.133.219.25
ip host Google 216.239.33.101
ip host ISP 10.2.1.2
!
memory-size iomem 10
clock timezone Hawaii -10
!
ip subnet-zero
!
!
no ip domain-lookup
no ip dhcp conflict logging
ip dhcp excluded-address 172.26.162.1
ip dhcp excluded-address 172.26.163.1
ip dhcp excluded-address 172.26.164.1
!
ip dhcp pool PC2
network 172.26.162.0 255.255.255.192
default-router 172.26.162.1
dns-server 172.28.128.9
domain-name Acme
lease 0 0 10
!
ip dhcp pool PC3
network 172.26.163.0 255.255.255.192
default-router 172.26.163.1
dns-server 172.28.128.9
domain-name Acme
lease 0 0 10
!
ip dhcp pool PC4