Module 11 CCNA CISCO tự học cho người mới bắt đầu
phamvoanhthang239
14 views
120 slides
Sep 14, 2025
Slide 1 of 120
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
About This Presentation
CCNA
Slide Content
A a
cisco
Understanding WAN Technologies
Implementing Wide-Area Networks
cisco
Understanding WAN Technologies
Implementing Wide-Area Networks
Introduction to WAN Technologies
Introduction to WAN Technologies (Cont.)
Main Office
Home Offices
Business Partners Regional Office Remote
CET
Main Office
Home Offices
Business Partners Regional Office Remote
CET
WAN Topology Options
“8
Star, or Hub-and-Spoke, Topology:
+ Benefits: Network simplicity, low number of circuits
+ Drawbacks: Suboptimal traffic flow, no redundancy
Fully Meshed Topology:
+ Benefits: Any-to-any connectivity, high level of redundancy
+ Drawbacks: Configuration complexity, number of circuits
Partially Meshed Topology:
+ A compromise between star and fully meshed
(22018 Cassansier ia at Al ga wann
“8
Star, or Hub-and-Spoke, Topology:
+ Benefits: Network simplicity, low number of circuits
+ Drawbacks: Suboptimal traffic flow, no redundancy
Fully Meshed Topology:
+ Benefits: Any-to-any connectivity, high level of redundancy
+ Drawbacks: Configuration complexity, number of circuits
Partially Meshed Topology:
+ A compromise between star and fully meshed
(22018 Cassansier ia at Al ga wann
WAN Connectivity Options
Dedicated Switched Internet
Dedicated Switched Internet
WAN Connectivity Options (Cont.)
Satellite
Telephone
Line Fiber Cable
ADSL
T3 Leased
Line
Coaxial
Cable
(22018 Cassansier ia at Al ga wann
Satellite
Telephone
Line Fiber Cable
ADSL
T3 Leased
Line
Coaxial
Cable
(22018 Cassansier ia at Al ga wann
Provider-Managed VPNs
BR2
Layer 2 MPLS VPN (VPLS and VPWS):
+ Customer routers exchange routes directly.
+ Some applications need Layer 2 connectivity to work.
Layer 3 MPLS VPN:
+ Customer routers exchange routes with SP routers.
+ It provides Layer 3 service across the backbone.
BR2
Layer 2 MPLS VPN (VPLS and VPWS):
+ Customer routers exchange routes directly.
+ Some applications need Layer 2 connectivity to work.
Layer 3 MPLS VPN:
+ Customer routers exchange routes with SP routers.
+ It provides Layer 3 service across the backbone.
Enterprise-Managed VPNs
Main Site
Business Partner
with a Cisco Router
u Cisco ASA
Regional Office with Firewall
a Cisco ASA Firewall Perimeter
Router
ED) Site-to-Site VPN
SOHO with a Mobile Worker with
Cisco Router Cisco AnyConnect on [D Remote-Access VPN
a Laptop Computer
(22018 Cassansier ia at Al ga wann
Main Site
Business Partner
with a Cisco Router
u Cisco ASA
Regional Office with Firewall
a Cisco ASA Firewall Perimeter
Router
ED) Site-to-Site VPN
SOHO with a Mobile Worker with
Cisco Router Cisco AnyConnect on [D Remote-Access VPN
a Laptop Computer
(22018 Cassansier ia at Al ga wann
Enterprise-Managed VPNs (Cont.)
Site-to-Site VPN options:
+ IPsec tunnel:
— |Psec is a framework of open security standards.
+ GRE over IPsec:
« Addition of GRE to IPsec enables routing and multicast.
+ DMVPN (Cisco proprietary):
— Simple hub-and-spoke configuration.
— Zero-touch configuration for new spokes.
+ IPsec VTI (Cisco proprietary):
— Simplified IPsec tunnel mode configuration.
— Natively supports features that previously required GRE (routing, multicast).
Site-to-Site VPN options:
+ IPsec tunnel:
— |Psec is a framework of open security standards.
+ GRE over IPsec:
« Addition of GRE to IPsec enables routing and multicast.
+ DMVPN (Cisco proprietary):
— Simple hub-and-spoke configuration.
— Zero-touch configuration for new spokes.
+ IPsec VTI (Cisco proprietary):
— Simplified IPsec tunnel mode configuration.
— Natively supports features that previously required GRE (routing, multicast).
WAN Devices
SÍ | =
CSU/DSU / —W u
Optical
Converter
(22018 Canaries at Al ga wann
SÍ | =
CSU/DSU / —W u
Optical
Converter
(22018 Canaries at Al ga wann
WAN Devices (Cont.)
Router
(DTE) CSU/DSU
(DCE)
Digital T-Carrier Line
(Telephone or Coaxial Cable)
(22018 Cassansier ia at Al ga wann =
Router
(DTE) CSU/DSU
(DCE)
Digital T-Carrier Line
(Telephone or Coaxial Cable)
(22018 Cassansier ia at Al ga wann =
WAN Devices (Cont.)
DSL
Telephone Cable
DSL
Telephone Cable
WAN Devices (Cont.)
Converter
Converter
WAN Devices (Cont.)
La == = Wireless
Che >>
Wireless
Router
La == = Wireless
Che >>
Wireless
Router
A a
cisco
Understanding Point-to-Point Protocols
Implementing Wide-Area Networks
cisco
Understanding Point-to-Point Protocols
Implementing Wide-Area Networks
Serial Point-to-Point Communication Links
Serial point-to-point links use leased lines to provide a dedicated
connection.
_ +
New York Office London Office
2018 Cascante
Serial point-to-point links use leased lines to provide a dedicated
connection.
_ +
New York Office London Office
2018 Cascante
Bandwidth
USA T1 = 1.544 Mbps
USA T2 = (4 T1 lines) 6 Mbps
U.S.A T3 = (28 T1 lines) 45 Mbps
U.S.A T4 = (168 T1 lines) 275 Mbps
Europe El =2 Mbps
Europe E2 = (128 E0 lines) 8 Mbps
Europe E3 = (16 E1 lines) 34 Mbps
Europe E4 = (64 El lines) 140 Mbps
USA T1 = 1.544 Mbps
USA T2 = (4 T1 lines) 6 Mbps
U.S.A T3 = (28 T1 lines) 45 Mbps
U.S.A T4 = (168 T1 lines) 275 Mbps
Europe El =2 Mbps
Europe E2 = (128 E0 lines) 8 Mbps
Europe E3 = (16 E1 lines) 34 Mbps
Europe E4 = (64 El lines) 140 Mbps
Point-to-Point Protocol
Overview of PPP:
+ PPP provides a standard method for transporting datagrams over point-
to-point links.
+ PPP supports PAP and CHAP authentication.
DSU/CSU (A = CSU/DSU
PPP
Flag Address Control Protocol Data Flag
Overview of PPP:
+ PPP provides a standard method for transporting datagrams over point-
to-point links.
+ PPP supports PAP and CHAP authentication.
DSU/CSU (A = CSU/DSU
PPP
Flag Address Control Protocol Data Flag
Point-to-Point Protocol (Cont.)
PPP is a layered architecture:
+ PPP can carry packets from several protocol suites using NCP.
+ PPP controls the setup of several link options using LCP.
IPv4 IPv6 Layer 3 Protocols
IPv6cP Other
Network
Network Control Protocol Layer
Data Link
Layer
Synchronous or Asynchronous Physical
Physical Media Layer
PPP is a layered architecture:
+ PPP can carry packets from several protocol suites using NCP.
+ PPP controls the setup of several link options using LCP.
IPv4 IPv6 Layer 3 Protocols
IPv6cP Other
Network
Network Control Protocol Layer
Data Link
Layer
Synchronous or Asynchronous Physical
Physical Media Layer
Topology
Lod Lo0
Lo1
Lo1
Lod Lo0
Lo1
Lo1
Job Aid
Lod Lod
192.168.1.1/24 192.168.2.1/24
_ 10.112 _—-
Le seit Ce
Se1/1
Da 10.1.1.1 =
Lo1 Lo1
172.16.1.1/24 172.16.2.1/24
Lod Lod
192.168.1.1/24 192.168.2.1/24
_ 10.112 _—-
Le seit Ce
Se1/1
Da 10.1.1.1 =
Lo1 Lo1
172.16.1.1/24 172.16.2.1/24
Configuring Serial Interface for PPP
To configure a serial interface for PPP, perform the following actions:
Enter serial interface configuration mode.
Router (config)# interface serial interface number
Set bandwidth on the interface (this does not physically change the
bandwidth of the interface).
Router (config-if)# bandwidth bandwidth
Set the clock rate to a specified value.This should be set on DCE
cable only!
Router (config-1£)+ clock rate clock_rate
Set the interface encapsulation to PPP (default is HDLC).
Router (config-if)# encapsulation ppp
To configure a serial interface for PPP, perform the following actions:
Enter serial interface configuration mode.
Router (config)# interface serial interface number
Set bandwidth on the interface (this does not physically change the
bandwidth of the interface).
Router (config-if)# bandwidth bandwidth
Set the clock rate to a specified value.This should be set on DCE
cable only!
Router (config-1£)+ clock rate clock_rate
Set the interface encapsulation to PPP (default is HDLC).
Router (config-if)# encapsulation ppp
Configure Serial Interface on R1
Step 1: Configure the Serial1/1 interface on R1 for a clock rate of
64,000 bps and define the bandwidth as 64 kbps.
Rl(config)# interface Serial1/1
Rl (config-if)# clock rate 64000
Rl (config-if)# bandwidth 64
- The clock rate command controls the actual speed at which the serial link runs
(in bits per second).
- The bandwidth command sets the information which is provided to the
dynamic routing protocols for determining the metrics that are associated with
the link (in kilobits per second).
Step 1: Configure the Serial1/1 interface on R1 for a clock rate of
64,000 bps and define the bandwidth as 64 kbps.
Rl(config)# interface Serial1/1
Rl (config-if)# clock rate 64000
Rl (config-if)# bandwidth 64
- The clock rate command controls the actual speed at which the serial link runs
(in bits per second).
- The bandwidth command sets the information which is provided to the
dynamic routing protocols for determining the metrics that are associated with
the link (in kilobits per second).
Verifying Serial Interface
To verify a serial interface for PPP, perform the following actions:
Display information about the physical interface and to determine
the type of cable.
Router# show controllers interface
Verify encapsulation method that is configured on the serial
interface.
Router# show interfaces
To verify a serial interface for PPP, perform the following actions:
Display information about the physical interface and to determine
the type of cable.
Router# show controllers interface
Verify encapsulation method that is configured on the serial
interface.
Router# show interfaces
Verify Status Indicators on R1
Step 2: Verify that the status indicators are all "up."
R1# show controllers Seriall/l
M4T: show controller:
<...output omitted. ..>
cable type : V.11 (X.21) MB EAS, received clockrate 64000
<... Output omitted...>
The status indicators are all up, the cable type is DCE.
Step 2: Verify that the status indicators are all "up."
R1# show controllers Seriall/l
M4T: show controller:
<...output omitted. ..>
cable type : V.11 (X.21) MB EAS, received clockrate 64000
<... Output omitted...>
The status indicators are all up, the cable type is DCE.
Verify Bandwidth and Encapsulation
Step 3: Verify the bandwidth setting and the current serial
encapsulation method.
Rl# show interfaces Serial 1/1
line protocol is up
Hardware is M4T
Internet address is 10.1.1.1/24
MTU 1500 bytes, #19 QU BB@BPeee, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
dB, crc 16, loopback not set
The default encapsulation is HDLC.
Step 3: Verify the bandwidth setting and the current serial
encapsulation method.
Rl# show interfaces Serial 1/1
line protocol is up
Hardware is M4T
Internet address is 10.1.1.1/24
MTU 1500 bytes, #19 QU BB@BPeee, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
dB, crc 16, loopback not set
The default encapsulation is HDLC.
Verify Routing Table on R1
Step 4: Verify the content of the routing table on R1.
Rl# show ip route
<...output omitted...>
B LRICRO/R (OO via LOL, 00:29091, Sertata/2
<...output omitted...>
The Loopback interface on R2 (192.168.2.1) is accessible via
EIGRP from R1.
Step 4: Verify the content of the routing table on R1.
Rl# show ip route
<...output omitted...>
B LRICRO/R (OO via LOL, 00:29091, Sertata/2
<...output omitted...>
The Loopback interface on R2 (192.168.2.1) is accessible via
EIGRP from R1.
Verify Access of R2 from R1
Step 5: From R1, ping the LoopbackO interface (192.168.2.1) of R2.
Rl# ping 192.168.2.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.2.1, timeout is 2 seconds:
LEE]
|. ane + 220 sue BPE. zound-trip min/avg/max = 21/21/21 ms
The ping should succeed.
Step 5: From R1, ping the LoopbackO interface (192.168.2.1) of R2.
Rl# ping 192.168.2.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.2.1, timeout is 2 seconds:
LEE]
|. ane + 220 sue BPE. zound-trip min/avg/max = 21/21/21 ms
The ping should succeed.
Configure PPP on R1
Step 6: Set the encapsulation protocol on the R1 Serial1/1 interface
to PPP.
Rl(config)# interface Serial1/1
Rl(config-if)# encapsulation ppp
Rl (config-if)#
*Dec 3 13:28:08.576: *LINEPROTO-5-UPDOWN: Mins protocol an Interfaces
¡Seria11/1, changed state to down
*Dec 3 13:28:18.198: SDUAL-S-NBRCHANGE: BRGRENIBWS 2009 Nelighbos 10,1.1.2
(Seria11/1) is
SR: holding time expired
The line protocol and the EIGRP neighbor relationship went down
because encapsulation is still set to HDLC on the R2 peer.
Step 6: Set the encapsulation protocol on the R1 Serial1/1 interface
to PPP.
Rl(config)# interface Serial1/1
Rl(config-if)# encapsulation ppp
Rl (config-if)#
*Dec 3 13:28:08.576: *LINEPROTO-5-UPDOWN: Mins protocol an Interfaces
¡Seria11/1, changed state to down
*Dec 3 13:28:18.198: SDUAL-S-NBRCHANGE: BRGRENIBWS 2009 Nelighbos 10,1.1.2
(Seria11/1) is
SR: holding time expired
The line protocol and the EIGRP neighbor relationship went down
because encapsulation is still set to HDLC on the R2 peer.
Verify Serial Interface
Step 7: Display the status of the Serial1/1 interface on R1.
Rl# show ip interface brief Serial1/1
Interface IP-Address OK? Method Status Protocol
10.1.1.1 YES manual up
The administrative status of the interface is "up," but the protocol is
"down."
Step 7: Display the status of the Serial1/1 interface on R1.
Rl# show ip interface brief Serial1/1
Interface IP-Address OK? Method Status Protocol
10.1.1.1 YES manual up
The administrative status of the interface is "up," but the protocol is
"down."
Configure PPP on R2
Step 8: Configure Serial1/1 interface on R2 to use PPP
encapsulation and configure its bandwidth setting to 64.
R2(config)# interface Serial1/1
R2(config-if)# bandwidth 64
R2 (config-if)# encapsulation ppp
*Dec 3 14:45:36.286: #LINEPROTO-5-UPDOWN: Mins protocol an Interfaces
*Dec 3 14:45:42.460: $DUAL-5-NBRCHANGE: EIGRP-IPv4 100: Neighbor 10.1.1.1
(Seriall/l) is up: new adjacency
The line protocol and EIGRP neighbor relationship is "up," because
encapsulation is still set to PPP on both sides.
Step 8: Configure Serial1/1 interface on R2 to use PPP
encapsulation and configure its bandwidth setting to 64.
R2(config)# interface Serial1/1
R2(config-if)# bandwidth 64
R2 (config-if)# encapsulation ppp
*Dec 3 14:45:36.286: #LINEPROTO-5-UPDOWN: Mins protocol an Interfaces
*Dec 3 14:45:42.460: $DUAL-5-NBRCHANGE: EIGRP-IPv4 100: Neighbor 10.1.1.1
(Seriall/l) is up: new adjacency
The line protocol and EIGRP neighbor relationship is "up," because
encapsulation is still set to PPP on both sides.
Verify PPP on R2
Step 9: Verify serial encapsulation method on R2.
R2# show interfaces Serial1/1
Serial1/1 is up, line protocol is up
Hardware is M4T
Internet address is 10.1.1.2/24
MTU 1500 bytes, BW 64 Kbit/sec, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
BBB, ice open
Both R1 and R2 are using the PPP encapsulation method.
Step 9: Verify serial encapsulation method on R2.
R2# show interfaces Serial1/1
Serial1/1 is up, line protocol is up
Hardware is M4T
Internet address is 10.1.1.2/24
MTU 1500 bytes, BW 64 Kbit/sec, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
BBB, ice open
Both R1 and R2 are using the PPP encapsulation method.
Verify Connectivity
Step 10: Ping the LoopbackO interface (192.168.1.1) of R1 from R2
R2# ping 192.168.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
LEE]
mn 200 pessens (Gf). -ound-trip min/avg/max = 33/33/34 ms
Ping should succeed.
Step 10: Ping the LoopbackO interface (192.168.1.1) of R1 from R2
R2# ping 192.168.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
LEE]
mn 200 pessens (Gf). -ound-trip min/avg/max = 33/33/34 ms
Ping should succeed.
Configuring PAP Authentication for PPP
PAP Authentication for PPP works in the following manner:
Username: HQ U B A Username: Branch
Password: C1sco123 Seren LENS Password: C1sco123
Password: C1sco123
[Acceptor Reject | or Reject
ES SE
M —
E Username: HQ
Branch Password: C1sco123 HQ
[Accept orReject | or Reject
PAP Authentication for PPP works in the following manner:
Username: HQ U B A Username: Branch
Password: C1sco123 Seren LENS Password: C1sco123
Password: C1sco123
[Acceptor Reject | or Reject
ES SE
M —
E Username: HQ
Branch Password: C1sco123 HQ
[Accept orReject | or Reject
Configuring PAP Authentication for PPP (Cont.)
To configure PAP authentication for PPP, perform the following
actions:
Define the username and password that the local router uses to
authenticate the PPP peer in the global configuration mode.
Router (config)# username username password password
Set the authentication type to PAP on the Serial interface.
Router (config-1£)+ ppp authentication pap
(Optional) Enable outbound PAP authentication. To authenticate
itself to a remote device, the local router uses the username and
password that the ppp pap sent-username command specifies.
Router (config-if)# ppp pap sent-username <username> password <password>
To configure PAP authentication for PPP, perform the following
actions:
Define the username and password that the local router uses to
authenticate the PPP peer in the global configuration mode.
Router (config)# username username password password
Set the authentication type to PAP on the Serial interface.
Router (config-1£)+ ppp authentication pap
(Optional) Enable outbound PAP authentication. To authenticate
itself to a remote device, the local router uses the username and
password that the ppp pap sent-username command specifies.
Router (config-if)# ppp pap sent-username <username> password <password>
Configure Usemame and Password
Step 1: On R1, define the username "User2" using the "cisco"
password.
Rl(config)# username User2 password cisco
Step 2: On R2, define the username "User1" using the "cisco"
password.
R2(config)# username Userl password cisco
Step 1: On R1, define the username "User2" using the "cisco"
password.
Rl(config)# username User2 password cisco
Step 2: On R2, define the username "User1" using the "cisco"
password.
R2(config)# username Userl password cisco
Configure PAP Authentication (Cont.)
Step 3: Configure PAP authentication on the Serial1/1 interface on
R1. Set "R1" as the sent username and "cisco" as the password.
Rl(config)# interface Seriall/1
Rl(config-if)# ppp authentication pap
Rl(config-if)# ppp pap sent-username Userl password cisco
Step 4: Configure PAP authentication on the Serial1/1 interface on
R2. Set "R2" as the sent username and "cisco" as the password.
R2(config)# interface Seriall/1
R2 (config-1£)+ ppp authentication pap
R2(config-if)# ppp pap sent-username User2 password cisco
Step 3: Configure PAP authentication on the Serial1/1 interface on
R1. Set "R1" as the sent username and "cisco" as the password.
Rl(config)# interface Seriall/1
Rl(config-if)# ppp authentication pap
Rl(config-if)# ppp pap sent-username Userl password cisco
Step 4: Configure PAP authentication on the Serial1/1 interface on
R2. Set "R2" as the sent username and "cisco" as the password.
R2(config)# interface Seriall/1
R2 (config-1£)+ ppp authentication pap
R2(config-if)# ppp pap sent-username User2 password cisco
Verifying PPP Session
Verify PPP session establishment and authentication type.
Router# show ppp all
Verify PPP session establishment and authentication type.
Router# show ppp all
Verify PPP Session Establishment
Step 5: On R2, verify that the PPP session is established.
R2# show ppp all
Interface/ID OPEN+ Nego* Fail- Stage Peer Address Peer Name
sei AGBS EAB: 1ecr+ corc> LocalT Mei AA Userl
The PPP session is established using PAP authentication on the
Serial1/1 interface to the peer that is named R1 using the peer IP
address 10.1.1.1.
Step 5: On R2, verify that the PPP session is established.
R2# show ppp all
Interface/ID OPEN+ Nego* Fail- Stage Peer Address Peer Name
sei AGBS EAB: 1ecr+ corc> LocalT Mei AA Userl
The PPP session is established using PAP authentication on the
Serial1/1 interface to the peer that is named R1 using the peer IP
address 10.1.1.1.
Configuring CHAP Authentication for PPP
CHAP Authentication for PPP works in the following manner:
Username: HQ Username: Branch
Password: C1sco123 Password: C1sco123
Challenge
Response
Accept or Reject
Challenge
5
Response
— MER A „
=a
___ MEER A „A
dr A
Accept or Reject
CHAP Authentication for PPP works in the following manner:
Username: HQ Username: Branch
Password: C1sco123 Password: C1sco123
Challenge
Response
Accept or Reject
Challenge
5
Response
— MER A „
=a
___ MEER A „A
dr A
Accept or Reject
Configuring CHAP Authentication for PPP (Cont.)
To configure CHAP authentication for PPP, perform the following
actions:
Configure the router hostname to identify it.
Router (configf)# hostname hostname
Configure the username and password in the global configuration
mode to authenticate the PPP peer.
Router (configf)# username username password password
Set the authentication type to CHAP on the Serial interface.
Router (config-if)# ppp authentication chap
To configure CHAP authentication for PPP, perform the following
actions:
Configure the router hostname to identify it.
Router (configf)# hostname hostname
Configure the username and password in the global configuration
mode to authenticate the PPP peer.
Router (configf)# username username password password
Set the authentication type to CHAP on the Serial interface.
Router (config-if)# ppp authentication chap
Configure Username and Password
Step 1: On R1, define the username "R2" using the "cisco"
password.
Rl(config)# username R2 password cisco
Step 2: On R2, define the username "R1" using the "cisco"
password.
R2(config)# username Rl password cisco
Step 1: On R1, define the username "R2" using the "cisco"
password.
Rl(config)# username R2 password cisco
Step 2: On R2, define the username "R1" using the "cisco"
password.
R2(config)# username Rl password cisco
Configure CHAP Authentication
Step 3: Remove PPP PAP authentication configuration and change
the authentication type to CHAP on the Serial1/1 interface on R1.
Rl(config)# interface Serial1/1
Rl (config-if)# no ppp authentication pap
Rl(config-if)# no ppp pap sent-username Userl password cisco
Rl(config-if)# ppp authentication chap
Step 4: Remove PPP PAP authentication configuration and change
the authentication type to CHAP on the Serial1/1 interface on R2.
R2(config)# interface Seriall/1
R2(config-if)+ no ppp authentication pap
Rl(config-if)# no ppp pap sent-username User2 password cisco
R2(config-if)# ppp authentication chap
Hostnames, usernames, and passwords are already configured.
Step 3: Remove PPP PAP authentication configuration and change
the authentication type to CHAP on the Serial1/1 interface on R1.
Rl(config)# interface Serial1/1
Rl (config-if)# no ppp authentication pap
Rl(config-if)# no ppp pap sent-username Userl password cisco
Rl(config-if)# ppp authentication chap
Step 4: Remove PPP PAP authentication configuration and change
the authentication type to CHAP on the Serial1/1 interface on R2.
R2(config)# interface Seriall/1
R2(config-if)+ no ppp authentication pap
Rl(config-if)# no ppp pap sent-username User2 password cisco
R2(config-if)# ppp authentication chap
Hostnames, usernames, and passwords are already configured.
Debug CHAP Authentication
Step 5: Enable debugging of PPP authentication on R2. Then
disable and reenable the interface Serial1/1.
R2(config-if)# do debug ppp authentication
R2 (config-if)# shutdown
R2 (config-if)# no shutdown
PPP authentication debugging is on
*Dec 7 09:40:57.897: Sel/l PPP: Using default call direction
*Dec 7 09:40:57.897: Sel/l Treating connection as a dedicated line
*Dec 7 09:40:57.897: Sel/1 PPP: Session handle[F000011] Session id[16]
*Dec 7 09:40:57.923: Sel/1 CHAP: O CHALLENGE id 1 len 23 from "R2"
*Dec 7 09:40:57.927: Sel/1 CHAP: I CHALLENGE id 1 len 23 from "R1"
*Dec 7 09:40:57.927: Sel/l PP! Sent CHAP SENDAUTH Request
*Dec 7 09:40:57.927: Sel/l PPP: Received SENDAUTH Response PASS
*Dec 7 09:40:57.927: Sel/l CHAP: Using hostname from configured hostname
*Dec 7 09:40:57.927: Sel/1 CHAP: Using password from AAA
*Dec 7 09:40:57.927: Sel/1 CHAP: O RESPONSE id 1 len 23 from "R2"
*Dec 7 09:40:57.933: Sel/1 CHAP: I RESPONSE id 1 len 23 fro Ri"
*Dec 7 09:40:57.933: Sel/l PPP: Sent CHAP LOGIN Request
*Dec 7 09:40:57.933: Sel/1 PPP: Received LOGIN Response PASS
*Dec 7 09:40:57.938: Sel/1 CHAP: O SUCCESS id 1 len 4
*Dec 7 09:40:57.943: Sel/1 CHAP: I SUCCESS id 1 len 4
Both sides challenge each other, respond to each other, and pass
each other.
Step 5: Enable debugging of PPP authentication on R2. Then
disable and reenable the interface Serial1/1.
R2(config-if)# do debug ppp authentication
R2 (config-if)# shutdown
R2 (config-if)# no shutdown
PPP authentication debugging is on
*Dec 7 09:40:57.897: Sel/l PPP: Using default call direction
*Dec 7 09:40:57.897: Sel/l Treating connection as a dedicated line
*Dec 7 09:40:57.897: Sel/1 PPP: Session handle[F000011] Session id[16]
*Dec 7 09:40:57.923: Sel/1 CHAP: O CHALLENGE id 1 len 23 from "R2"
*Dec 7 09:40:57.927: Sel/1 CHAP: I CHALLENGE id 1 len 23 from "R1"
*Dec 7 09:40:57.927: Sel/l PP! Sent CHAP SENDAUTH Request
*Dec 7 09:40:57.927: Sel/l PPP: Received SENDAUTH Response PASS
*Dec 7 09:40:57.927: Sel/l CHAP: Using hostname from configured hostname
*Dec 7 09:40:57.927: Sel/1 CHAP: Using password from AAA
*Dec 7 09:40:57.927: Sel/1 CHAP: O RESPONSE id 1 len 23 from "R2"
*Dec 7 09:40:57.933: Sel/1 CHAP: I RESPONSE id 1 len 23 fro Ri"
*Dec 7 09:40:57.933: Sel/l PPP: Sent CHAP LOGIN Request
*Dec 7 09:40:57.933: Sel/1 PPP: Received LOGIN Response PASS
*Dec 7 09:40:57.938: Sel/1 CHAP: O SUCCESS id 1 len 4
*Dec 7 09:40:57.943: Sel/1 CHAP: I SUCCESS id 1 len 4
Both sides challenge each other, respond to each other, and pass
each other.
Verify Connectivity
Step 6: Ping the R1 LoopbackO interface (192.168.1.1) from R2.
2# ping 192.168.1.1
escape sequence t
‚ 100-byte ICM! nos to 192.168.1.1, timeout is 2 seconds:
sai dé idees IM. round-trip min/avg/max = 33/33/
Ping should be successful.
34 ms
Step 6: Ping the R1 LoopbackO interface (192.168.1.1) from R2.
2# ping 192.168.1.1
escape sequence t
‚ 100-byte ICM! nos to 192.168.1.1, timeout is 2 seconds:
sai dé idees IM. round-trip min/avg/max = 33/33/
Ping should be successful.
34 ms
Verify PPP Session Establishment
Step 7: On R2, verify that the PPP session gets established.
R2# show ppp all
Interface/ID OPEN+ Nego* Fail- Stage Peer Address
ea GB: GEAR rece+ cor> Locair lol =
PPP session is established using CHAP authentication on Serial 1/1
interface to the peer named R1 using peer IP address 10.1.1.1.
Step 7: On R2, verify that the PPP session gets established.
R2# show ppp all
Interface/ID OPEN+ Nego* Fail- Stage Peer Address
ea GB: GEAR rece+ cor> Locair lol =
PPP session is established using CHAP authentication on Serial 1/1
interface to the peer named R1 using peer IP address 10.1.1.1.
End of Discovery
Topology
y - Se1/1 =
R1 Se1/1 R2
y - Se1/1 =
R1 Se1/1 R2
Job Aid
Se1/2
sy 10722 =>
Se1/1 =e Í
Ri 0111 se! R2
10.1.1.2
Se1/2
sy 10722 =>
Se1/1 =e Í
Ri 0111 se! R2
10.1.1.2
Multilink PPP
———=pP
Point-to-Point
MLP overview:
+ MLP combines multiple physical links into a logical bundle called a
Multilink PPP bundle.
+ The MLP over Serial Interfaces feature provides the following
functionalities:
— Load balancing
— Increased redundancy
— Link fragmentation and interleaving (LFI)
E
———=pP
Point-to-Point
MLP overview:
+ MLP combines multiple physical links into a logical bundle called a
Multilink PPP bundle.
+ The MLP over Serial Interfaces feature provides the following
functionalities:
— Load balancing
— Increased redundancy
— Link fragmentation and interleaving (LFI)
E
Verify Status of Serial Interfaces
Step 1: On R1 verify the status of serial interfaces that are
connected to R2.
Rl# show interfaces Seriall/1
Hardware is M4T
MTU 1500 bytes, BW 1544 Kbit/sec, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
) LCP Open
Rl# show interfaces Seriall/2
Hardware is M4T
MIU 1500 bytes, BW 1544 Kbit/sec, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
BBD, LcP Open
- Interfaces are up and configured for PPP encapsulation.
IP addresses are assigned to physical serial interfaces.
Step 1: On R1 verify the status of serial interfaces that are
connected to R2.
Rl# show interfaces Seriall/1
Hardware is M4T
MTU 1500 bytes, BW 1544 Kbit/sec, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
) LCP Open
Rl# show interfaces Seriall/2
Hardware is M4T
MIU 1500 bytes, BW 1544 Kbit/sec, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
BBD, LcP Open
- Interfaces are up and configured for PPP encapsulation.
IP addresses are assigned to physical serial interfaces.
Verify Routing Table on R1
Step 2: Verify the content of the routing table on R1.
R1+ show ip route
Rx
‚output omitted...>
| hod DUR 3
<...output omitted. ..>
nn 2e RER —
.. output omitted...>
Loopback on R2 (192.168.2.1) is accessible via EIGRP from R1.
The traffic that is sent to marked networks is load-balanced between interfaces
Serial1/1 and Serial1/2.
Step 2: Verify the content of the routing table on R1.
R1+ show ip route
Rx
‚output omitted...>
| hod DUR 3
<...output omitted. ..>
nn 2e RER —
.. output omitted...>
Loopback on R2 (192.168.2.1) is accessible via EIGRP from R1.
The traffic that is sent to marked networks is load-balanced between interfaces
Serial1/1 and Serial1/2.
Verify Access to R2 from R1
Step 3: From R1, ping the LoopbackO interface (192.168.2.1) on R2.
R1+ ping 192.168.2.1
escape sequence to ak
‚ 100-byte ICM! to 192.168.2.1, timeout is 2 seconds:
i ide IM. round-trip min/avg/max = 21/21/21 ms
Ping should succeed.
Step 3: From R1, ping the LoopbackO interface (192.168.2.1) on R2.
R1+ ping 192.168.2.1
escape sequence to ak
‚ 100-byte ICM! to 192.168.2.1, timeout is 2 seconds:
i ide IM. round-trip min/avg/max = 21/21/21 ms
Ping should succeed.
Configuring a Multilink Bundle
To configure a multilink bundle, perform the following actions:
Assign a multilink bundle group number and enter the interface
configuration mode.
Router (config) # interface multilink group-number
Assign an IP address to the multilink interface.
Router (config-if)# ip address address mask
Enable MLP.
Router (config-if)# ppp multilink
Restrict a physical link to join only the designated multilink group
interface.
Router (config-if)# ppp multilink group group-number
To configure a multilink bundle, perform the following actions:
Assign a multilink bundle group number and enter the interface
configuration mode.
Router (config) # interface multilink group-number
Assign an IP address to the multilink interface.
Router (config-if)# ip address address mask
Enable MLP.
Router (config-if)# ppp multilink
Restrict a physical link to join only the designated multilink group
interface.
Router (config-if)# ppp multilink group group-number
Configure Multilink Interface on R1
Step 4: Create a multilink interface on R1.
Rl (config) # interface Multilinkl
Rl(config-if)# ip address 10.1.1.1 255.255.255.0
Rl (config-if)# ppp multilink
Rl (config-if)# ppp multilink group 1
+ Setthe IP address.
+ Enable the MLP feature.
+ Restrict physical links with the multilink group 1 only to join this bundle.
Step 4: Create a multilink interface on R1.
Rl (config) # interface Multilinkl
Rl(config-if)# ip address 10.1.1.1 255.255.255.0
Rl (config-if)# ppp multilink
Rl (config-if)# ppp multilink group 1
+ Setthe IP address.
+ Enable the MLP feature.
+ Restrict physical links with the multilink group 1 only to join this bundle.
Configure Multilink Interface on R2
Step 5: Create a multilink interface on R2.
R2(config)# interface Multilinkl
R2(config-if)# ip address 10.1.1.2 255.255.255.0
R2(config-if)# ppp multilink
R2(config-if)# ppp multilink group 1
+ Setthe IP address.
+ Enable the MLP feature.
+ Restrict physical links with the multilink group 1 only to join this bundle.
Step 5: Create a multilink interface on R2.
R2(config)# interface Multilinkl
R2(config-if)# ip address 10.1.1.2 255.255.255.0
R2(config-if)# ppp multilink
R2(config-if)# ppp multilink group 1
+ Setthe IP address.
+ Enable the MLP feature.
+ Restrict physical links with the multilink group 1 only to join this bundle.
Assigning an Interface to a Multilink Bundle
To assign an interface to a multilink bundle, perform the following
actions:
Enter the interface configuration mode for the serial interface.
Router (config) # interface serial slot/subslot/port
Remove any specified IP address.
Router (config-if)# no ip address
Enable PPP encapsulation.
Router (config-if)# encapsulation ppp
Enable MLP.
Router (config-if)# ppp multilink
Restrict a physical link to join only the designated multilink group
interface.
Router (config-if)# ppp multilink group group-number
To assign an interface to a multilink bundle, perform the following
actions:
Enter the interface configuration mode for the serial interface.
Router (config) # interface serial slot/subslot/port
Remove any specified IP address.
Router (config-if)# no ip address
Enable PPP encapsulation.
Router (config-if)# encapsulation ppp
Enable MLP.
Router (config-if)# ppp multilink
Restrict a physical link to join only the designated multilink group
interface.
Router (config-if)# ppp multilink group group-number
Remove IP Addresses from Physical Interfaces
Step 6: Remove the IP addresses from Serial1/1 and Serial1/2
interfaces on both R1 and R2.
Rl(config)# interface Seriall/1
Rl(config-if)# no ip address
Rl(config-if)# exit
Rl(config)# interface Seriall/2
Rliconfig-if)# no ip address
R2(config)# interface Serial 1/1
R2(config-if)# no ip address
R2 (config-if)# exit
R2 (config)# interface Serial 1/2
R2 (config-if)# no ip address
- You should not set IP addresses on physical interfaces.
- |P address will be set on logical interface.
Step 6: Remove the IP addresses from Serial1/1 and Serial1/2
interfaces on both R1 and R2.
Rl(config)# interface Seriall/1
Rl(config-if)# no ip address
Rl(config-if)# exit
Rl(config)# interface Seriall/2
Rliconfig-if)# no ip address
R2(config)# interface Serial 1/1
R2(config-if)# no ip address
R2 (config-if)# exit
R2 (config)# interface Serial 1/2
R2 (config-if)# no ip address
- You should not set IP addresses on physical interfaces.
- |P address will be set on logical interface.
Assign Interfaces to the Multilink Bundle on R1
Step 7: Assign interfaces Serial1/1 and Serial1/2 to the interface
Multilink 1 on R1.
Rl(config)# interface Serial1/1
Rl (config-if)# ppp multilink
Rl(config-if)# ppp multilink group 1
Rl (config-if)# exit
Rl(config)# interface Seriall/2
Rl(config-if)# ppp multilink
Rl(config-if)# ppp multilink group 1
Step 7: Assign interfaces Serial1/1 and Serial1/2 to the interface
Multilink 1 on R1.
Rl(config)# interface Serial1/1
Rl (config-if)# ppp multilink
Rl(config-if)# ppp multilink group 1
Rl (config-if)# exit
Rl(config)# interface Seriall/2
Rl(config-if)# ppp multilink
Rl(config-if)# ppp multilink group 1
Assign Interfaces to the Multilink Bundle on R2
Step 8: Assign interfaces Serial1/1 and Serial1/2 to the interface
Multilink 1 on R2.
R2(config)# interface Seriall/1
R2(config-if)# ppp multilink
R2(config-if)# ppp multilink group 1
R2 (config-if)# exit
R2 (config)# interface Seriall/2
R2(config-if)# ppp multilink
R2(config-if)# ppp multilink group 1
Step 8: Assign interfaces Serial1/1 and Serial1/2 to the interface
Multilink 1 on R2.
R2(config)# interface Seriall/1
R2(config-if)# ppp multilink
R2(config-if)# ppp multilink group 1
R2 (config-if)# exit
R2 (config)# interface Seriall/2
R2(config-if)# ppp multilink
R2(config-if)# ppp multilink group 1
Verifying Multilink Bundle
Display multilink PPP bundle information.
Router# show ppp multilink
Display multilink PPP bundle information.
Router# show ppp multilink
Verify Multilink PPP Bundle
Step 9: Verify the multilink PPP bundle information on R1.
R1# show ppp multilink
Multilinkl
Bundle name: R2
Remote Endpoint Discriminator: [1] R2
Local Endpoint Discriminator: [1] Rl
Bundle up for 01:32:05, total bandwidth 3088, load 1/255
<...output omitted. ..>
1 © inactive (max 255, min not set)
No inactive multilink interfaces
Interfaces Serial1/1 and Serial1/2 are active members of the
Multilink 1 PPP bundle.
Step 9: Verify the multilink PPP bundle information on R1.
R1# show ppp multilink
Multilinkl
Bundle name: R2
Remote Endpoint Discriminator: [1] R2
Local Endpoint Discriminator: [1] Rl
Bundle up for 01:32:05, total bandwidth 3088, load 1/255
<...output omitted. ..>
1 © inactive (max 255, min not set)
No inactive multilink interfaces
Interfaces Serial1/1 and Serial1/2 are active members of the
Multilink 1 PPP bundle.
Shut Down Interface on R1
Step 10: Shut down the interface Serial1/1 on R1 to simulate a
failure on this link.
Rl(config)# interface Serial1/1
Rl(config-if)# shutdown
Step 10: Shut down the interface Serial1/1 on R1 to simulate a
failure on this link.
Rl(config)# interface Serial1/1
Rl(config-if)# shutdown
Verify Multilink Status After Failure
Step 11: Verify the status of the interface Multilink1 on R1 router.
R1# show interfaces Multilink1
Multilinkl is up, line protocol is up
Hardware is multilink group interface
Internet address is 10.1.1.1/24
MTU 1500 bytes, BW 1544 Kbit/sec, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, LCP Open, multilink Open
Open: IPCP, CDPCP, loopback not set
Keepalive set (10 sec)
The logical interface Multilink 1 stays up because of the remaining
member interface Serial1/2.
Step 11: Verify the status of the interface Multilink1 on R1 router.
R1# show interfaces Multilink1
Multilinkl is up, line protocol is up
Hardware is multilink group interface
Internet address is 10.1.1.1/24
MTU 1500 bytes, BW 1544 Kbit/sec, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, LCP Open, multilink Open
Open: IPCP, CDPCP, loopback not set
Keepalive set (10 sec)
The logical interface Multilink 1 stays up because of the remaining
member interface Serial1/2.
Verify Routing Table on R1
Step 12: Verify the content of the routing table on R1 again.
R1# show ip route
...output omitted...>
190/2297856] via 10.1.1.2, 00:14:24, Muledlinkt
...output omitted...>
1907/2297856] via 10.1.1.2, 00:14:24, Multilinkl
<...output omitted...>
A
18
The outgoing interface in the routing table for networks learned via
EIGRP points to the logical interface Multilink1.
Step 12: Verify the content of the routing table on R1 again.
R1# show ip route
...output omitted...>
190/2297856] via 10.1.1.2, 00:14:24, Muledlinkt
...output omitted...>
1907/2297856] via 10.1.1.2, 00:14:24, Multilinkl
<...output omitted...>
A
18
The outgoing interface in the routing table for networks learned via
EIGRP points to the logical interface Multilink1.
Verify Access of R2 from R1
Step 13: From R1, ping the LoopbackO interface (192.168.2.1) on
R2.
R1# ping 192.168.2.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.2.1, timeout is 2 seconds:
8008
Sate ls 100 pescens (PS), round-trip min/avg/max = 21/21/21 ms
The ping is still successful despite the interface Serial1/1 on R1
being shut down.
Step 13: From R1, ping the LoopbackO interface (192.168.2.1) on
R2.
R1# ping 192.168.2.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.2.1, timeout is 2 seconds:
8008
Sate ls 100 pescens (PS), round-trip min/avg/max = 21/21/21 ms
The ping is still successful despite the interface Serial1/1 on R1
being shut down.
End of Discovery
Topology
=> Etho/1 Etho/1 =>
R1 R2
=> Etho/1 Etho/1 =>
R1 R2
Job Aid
Lod Lod
192.168.1.1/24 10.1.1.2 192.168.2.1/24
Etho/1
Etho/1
Lo1 Lo1
172.16.1.1/24 172.16.2.1/24
Lod Lod
192.168.1.1/24 10.1.1.2 192.168.2.1/24
Etho/1
Etho/1
Lo1 Lo1
172.16.1.1/24 172.16.2.1/24
PPPoE Client
PPPoE client overview:
+ PPPoE is a commonly used application in the deployment of DSL.
+ ACisco router can act as a PPPoE client.
+ You can connect multiple PCs on the Ethernet segment that is
connected to the Cisco IOS router acting as a PPPoE client.
NEON 7 E, >
a Ex =
Router DSL DSLAM Access
Modem Concentrator
PPPoE Session
PPPoE client overview:
+ PPPoE is a commonly used application in the deployment of DSL.
+ ACisco router can act as a PPPoE client.
+ You can connect multiple PCs on the Ethernet segment that is
connected to the Cisco IOS router acting as a PPPoE client.
NEON 7 E, >
a Ex =
Router DSL DSLAM Access
Modem Concentrator
PPPoE Session
Configuring Dialer Interface on PPPoE Client
To configure dialer interface on PPPoE client, perform the following
actions:
Define a dialer interface.
Router (config) # interface Dialerl
Specify that the IP address for the dialer interface is obtained via
PPP/IPCP address negotiation.
Router (config-if)# ip address negotiated
Set the encapsulation mode to PPP.
Router (config-if)# encapsulation ppp
Specify the dialing pool that the dialer interface uses to connect to a
specific destination subnetwork.
Router (config-if)# dialer pool number
To configure dialer interface on PPPoE client, perform the following
actions:
Define a dialer interface.
Router (config) # interface Dialerl
Specify that the IP address for the dialer interface is obtained via
PPP/IPCP address negotiation.
Router (config-if)# ip address negotiated
Set the encapsulation mode to PPP.
Router (config-if)# encapsulation ppp
Specify the dialing pool that the dialer interface uses to connect to a
specific destination subnetwork.
Router (config-if)# dialer pool number
Create a Dialer Interface on R1
Step 1: Create a dialer interface to handle the PPPoE connection.
Rl(config)# interface Dialerl
Rl(config-if)# ip address negotiated
Rl (config-if)# encapsulation ppp
Rl (config-if)# dialer pool 1
- Instruct the client to use an IP address that the PPPoE server provides.
+ Sets the encapsulation type to PPP.
- Specifies the dialing pool that the dialer interface uses to connect to a specific
destination subnetwork to "1."
Step 1: Create a dialer interface to handle the PPPoE connection.
Rl(config)# interface Dialerl
Rl(config-if)# ip address negotiated
Rl (config-if)# encapsulation ppp
Rl (config-if)# dialer pool 1
- Instruct the client to use an IP address that the PPPoE server provides.
+ Sets the encapsulation type to PPP.
- Specifies the dialing pool that the dialer interface uses to connect to a specific
destination subnetwork to "1."
Assigning Physical Interface to PPPoE Dial Group
To assign physical interface PPPoE dial group, perform the following
actions:
Enter the interface configuration mode.
Router (config)# interface interface-id
Remove all IP addresses from the interface.
Router (config-if)# no ip address
Configure a PPPoE client and tie the dialer interface configuration to
a physical interface.
Router (config-if)# pppoe-client dial-pool-number number
To assign physical interface PPPoE dial group, perform the following
actions:
Enter the interface configuration mode.
Router (config)# interface interface-id
Remove all IP addresses from the interface.
Router (config-if)# no ip address
Configure a PPPoE client and tie the dialer interface configuration to
a physical interface.
Router (config-if)# pppoe-client dial-pool-number number
Assign Interface to PPPoE Dial Group
Step 2: Assign the interface Ethernet0/1 to a newly created PPPoE
dial group 1. Also make sure that no IP address is manually
assigned to the Ethernet0/1 interface.
Rl(config)# interface Ethernet0/1
Rl(config-if)# no ip address
Rl (config-1£)+ pppoe-client dial-pool-number 1
“Dec: 11 1254 .540: %DIALER-6-BIND: Interface Vi2 bound to profile Dil
*Dec 11 12:4 .541: %LINK-3-UPDOWN: Interface Virtual-Access2, changed state
to up
Rl(config-if)#
*Dec 11 12:49:17.550: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-
Access2, € d state to up
*Dec 11 12:4 7.593: %DUAL-5-NBRCHANGE: EIGRP-IPv4 100: Neighbor 10.10.10.2
(Dialerl) is up: new adjacency
PPPoE session has successfully been formed and EIGRP
neighborship gets established between R1 and R2.
Step 2: Assign the interface Ethernet0/1 to a newly created PPPoE
dial group 1. Also make sure that no IP address is manually
assigned to the Ethernet0/1 interface.
Rl(config)# interface Ethernet0/1
Rl(config-if)# no ip address
Rl (config-1£)+ pppoe-client dial-pool-number 1
“Dec: 11 1254 .540: %DIALER-6-BIND: Interface Vi2 bound to profile Dil
*Dec 11 12:4 .541: %LINK-3-UPDOWN: Interface Virtual-Access2, changed state
to up
Rl(config-if)#
*Dec 11 12:49:17.550: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-
Access2, € d state to up
*Dec 11 12:4 7.593: %DUAL-5-NBRCHANGE: EIGRP-IPv4 100: Neighbor 10.10.10.2
(Dialerl) is up: new adjacency
PPPoE session has successfully been formed and EIGRP
neighborship gets established between R1 and R2.
Verifying PPPoE Client
To verify PPPoE client, perform the following actions:
Verify that the dialer interface is up.
Router# show ip interface brief
Verify that PPPoE session gets established.
Router? show pppoe session
To verify PPPoE client, perform the following actions:
Verify that the dialer interface is up.
Router# show ip interface brief
Verify that PPPoE session gets established.
Router? show pppoe session
Verify IP Address Negotiation
Step 3: Verify that the interface Dialer1 has negotiated an IP
address from R2.
Rl# show ip interface brief
Interface IP-Address OK? Method Status
Protocol
<.. output omitted...>
<...output omitted...>
R1 gets the IP address from PPPoE server R2, from the pool of IP
addresses starting with 10.10.10.3 and ending with 10.10.10.10.
Step 3: Verify that the interface Dialer1 has negotiated an IP
address from R2.
Rl# show ip interface brief
Interface IP-Address OK? Method Status
Protocol
<.. output omitted...>
<...output omitted...>
R1 gets the IP address from PPPoE server R2, from the pool of IP
addresses starting with 10.10.10.3 and ending with 10.10.10.10.
Verify PPPoE Session
Step 4: Verify that PPPoE session gets established on R1.
Rl# show pppoe session
1
Unig ID PPPoE RemMAC Port VI VA State
SID LocMAC VA-st Type
N/A 4 aabb.cc00.2010 MMM Dil Vi2 up
aabb.cc00.1£10 up
PPPoE session gets established on the interface Ethernet0/1.
Step 4: Verify that PPPoE session gets established on R1.
Rl# show pppoe session
1
Unig ID PPPoE RemMAC Port VI VA State
SID LocMAC VA-st Type
N/A 4 aabb.cc00.2010 MMM Dil Vi2 up
aabb.cc00.1£10 up
PPPoE session gets established on the interface Ethernet0/1.
Verify Access to R2
Step 5: Ping the Loopback0 interface (192.168.1.2) on R2.
Rl# ping 192.168.2.1
Type escape sequence to abort.
Sending 5, 10 e I
nos to 192.168.2.1, timeout is 2 seconds:
Sate ls 200 persens (B/S), -ounc-trip min/avg/max = 4/4/5 ms
The ping should be successful because EIGRP has been
preconfigured on both routers.
Step 5: Ping the Loopback0 interface (192.168.1.2) on R2.
Rl# ping 192.168.2.1
Type escape sequence to abort.
Sending 5, 10 e I
nos to 192.168.2.1, timeout is 2 seconds:
Sate ls 200 persens (B/S), -ounc-trip min/avg/max = 4/4/5 ms
The ping should be successful because EIGRP has been
preconfigured on both routers.
End of Discovery
OU LU LR
cisco
Configuring GRE Tunnels
Implementing Wide-Area Networks
cisco
Configuring GRE Tunnels
Implementing Wide-Area Networks
GRE Tunnel Overview
The following are the main GRE—Generic Routing Encapsulation
characteristics:
+ GRE is one of many tunneling protocols
+ IP protocol 47 defines GRE packets
+ Allows routing information to be passed between connected networks
+ No encryption
IP VPN Site
Passenger Protocol)
Transport GRE
IP Header Header E EMS
The following are the main GRE—Generic Routing Encapsulation
characteristics:
+ GRE is one of many tunneling protocols
+ IP protocol 47 defines GRE packets
+ Allows routing information to be passed between connected networks
+ No encryption
IP VPN Site
Passenger Protocol)
Transport GRE
IP Header Header E EMS
Job Aid
172.16.99.1 172.16.99.2
Tu ro
10.10.1.1
Eth0/0
10.10.2.1
Etho/1
10.10.3.1
Eth0/0
Eth0/0
10.10.1.2
Etho/0
Eth0/1 10.10.3.2
= Etho/1
172.16.1.1
172.16.4.1
Loo Loo Loo Loo
172.16.11.1 10.10,12.1 10.10.13.1 172.16.14.1
172.16.99.1 172.16.99.2
Tu ro
10.10.1.1
Eth0/0
10.10.2.1
Etho/1
10.10.3.1
Eth0/0
Eth0/0
10.10.1.2
Etho/0
Eth0/1 10.10.3.2
= Etho/1
172.16.1.1
172.16.4.1
Loo Loo Loo Loo
172.16.11.1 10.10,12.1 10.10.13.1 172.16.14.1
Display Routing Table on R1
Step 1: Output and observe the routing table on R1.
Rl# show ip route
<... output omitted ...>
Gateway of last resort is not set
10.0.0.0/8 is variably subnetted, 3 subnets, 3 masks
s
c 10.10.1.0/24 is directly connected, Ethernet0/0
L 10.10.1.1/32 is directly connected, Ethernet0/0
172.16.0.0/16 is variably subnetted, 4 subnets, 2 masks
€ 172.16.1.0/24 is directly connected, Ethernet0/1
L 172.16.1.1/32 is directly connected, Ethernet0/1
(el 172.16.11.0/24 is directly connected, Loopback0
L 172.16.11.1/32 is directly connected, Loopback0
R1 is not running any dynamic routing protocols.
The only other route is a static route for the 10.0.0.0/8 network.
Step 1: Output and observe the routing table on R1.
Rl# show ip route
<... output omitted ...>
Gateway of last resort is not set
10.0.0.0/8 is variably subnetted, 3 subnets, 3 masks
s
c 10.10.1.0/24 is directly connected, Ethernet0/0
L 10.10.1.1/32 is directly connected, Ethernet0/0
172.16.0.0/16 is variably subnetted, 4 subnets, 2 masks
€ 172.16.1.0/24 is directly connected, Ethernet0/1
L 172.16.1.1/32 is directly connected, Ethernet0/1
(el 172.16.11.0/24 is directly connected, Loopback0
L 172.16.11.1/32 is directly connected, Loopback0
R1 is not running any dynamic routing protocols.
The only other route is a static route for the 10.0.0.0/8 network.
Verify Connectivity from R1 to R4
Step 2: Ping R4 from R1.
Rl# ping 10.10.3.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.3.2, timeout is 2 seconds:
Este ls 100 persens (B/S), -ound-zrip min/avg/max = 1/1/1 ms
R1 and R4 can reach each other using the 10.0.0.0/8 network.
Step 2: Ping R4 from R1.
Rl# ping 10.10.3.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.3.2, timeout is 2 seconds:
Este ls 100 persens (B/S), -ound-zrip min/avg/max = 1/1/1 ms
R1 and R4 can reach each other using the 10.0.0.0/8 network.
Displaying Routing Table on R2
Step 3: Output and observe the routing table on R2.
R2# show ip route
<... output omitted ...>
10.0.0.0/8 is variably subnetted, 8 subnets, 2 masks
10.10.1.0/24 is directly connected, Ethernet0/0
10.10.1.2/32 is directly connected, Ethernet0/0
10.10.2.0/24 is directly connected, Ethernet0/1
10.10.2.1/32 is directly connected, Ethernet0/1
Ethernet0/1
10.10.12.0/24 ie directly connected, Loopback0
10.10.12.1/32 is directly connected, Loopback0
Bro@roara
+ R2is running EIGRP and is peering with R3.
- R2 and R3 are aware of the entire 10.0.0.0/8 address space within the topology.
+ R2 and R3 have no awareness of the 172.16.0.0/16 address space that is
behind R1 and R4.
Step 3: Output and observe the routing table on R2.
R2# show ip route
<... output omitted ...>
10.0.0.0/8 is variably subnetted, 8 subnets, 2 masks
10.10.1.0/24 is directly connected, Ethernet0/0
10.10.1.2/32 is directly connected, Ethernet0/0
10.10.2.0/24 is directly connected, Ethernet0/1
10.10.2.1/32 is directly connected, Ethernet0/1
Ethernet0/1
10.10.12.0/24 ie directly connected, Loopback0
10.10.12.1/32 is directly connected, Loopback0
Bro@roara
+ R2is running EIGRP and is peering with R3.
- R2 and R3 are aware of the entire 10.0.0.0/8 address space within the topology.
+ R2 and R3 have no awareness of the 172.16.0.0/16 address space that is
behind R1 and R4.
Configuring GRE Tunnel
To implement a GRE tunnel, perform the following actions:
Create a tunnel interface.
Router (config)# interface tunnel tunnel-id
Configure GRE tunnel mode. This is a default tunnel mode so it is
not necessary to configure it.
Router (config-if)# tunnel mode gre ip
Configure an IP address for the tunnel interface.
Router (config-if)# ip address ip-address mask
Specify the tunnel source IP address.
Router (config-if)# tunnel source ip-address
Specify the tunnel destination IP address.
Router (config-if)# tunnel destination ip-address
To implement a GRE tunnel, perform the following actions:
Create a tunnel interface.
Router (config)# interface tunnel tunnel-id
Configure GRE tunnel mode. This is a default tunnel mode so it is
not necessary to configure it.
Router (config-if)# tunnel mode gre ip
Configure an IP address for the tunnel interface.
Router (config-if)# ip address ip-address mask
Specify the tunnel source IP address.
Router (config-if)# tunnel source ip-address
Specify the tunnel destination IP address.
Router (config-if)# tunnel destination ip-address
Configure GRE Tunnel on R1 and R4
Steps 4 and 5: Establish tunnels on the R1 and R4 routers.
Rl(config)# interface tunnel0
Rl(config-if)# ip address 172.16.99.1 255.255.255.0
Rl(config-if)# tunnel source 10.10.1.1
Rl(config-if)# tunnel destination 10.10.3.2
R4(config)# interface tunnel0
R4(config-if)# ip address 172.16.99.2 255.255.255.0
Ré(config-if)# tunnel source 10.10.3.2
R4(config-if)# tunnel destination 10.10.1.1
+ Default tunnel mode for tunnel interface is GRE.
+ Line protocol comes up immediately after the tunnel is fully configured.
Steps 4 and 5: Establish tunnels on the R1 and R4 routers.
Rl(config)# interface tunnel0
Rl(config-if)# ip address 172.16.99.1 255.255.255.0
Rl(config-if)# tunnel source 10.10.1.1
Rl(config-if)# tunnel destination 10.10.3.2
R4(config)# interface tunnel0
R4(config-if)# ip address 172.16.99.2 255.255.255.0
Ré(config-if)# tunnel source 10.10.3.2
R4(config-if)# tunnel destination 10.10.1.1
+ Default tunnel mode for tunnel interface is GRE.
+ Line protocol comes up immediately after the tunnel is fully configured.
Verifying GRE Tunnel
To verify a GRE tunnel, perform the following actions:
Determine whether the tunnel interface is up or down.
Router# show ip interface brief Tunnel tunnel-id
Verify the state of the GRE tunnel.
Router# show interface tunnel tunnel-id
Verify that the tunnel network is seen as directly connected in the
routing table.
Router# show ip route
To verify a GRE tunnel, perform the following actions:
Determine whether the tunnel interface is up or down.
Router# show ip interface brief Tunnel tunnel-id
Verify the state of the GRE tunnel.
Router# show interface tunnel tunnel-id
Verify that the tunnel network is seen as directly connected in the
routing table.
Router# show ip route
Verify Status of Tunnel Interfaces
Steps 6: Preview tunnel interface status on R1.
R1# show ip interface brief Tunnel0
Interface IP-Address OK? Method Status
Protocol
172.16.99.1 YES) manual up ®
Step 7: Preview tunnel interface information on R4.
R4# show interface Tunnel 0
Tunsel0 is up, line protocol is up
Hardware is Tunnel
MTU 17916 bytes, BW 100 Kbit/sec, DLY 50000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation TUNNEL, loopback not set
Keepalive not set
En
<... output omitted ...>
Both interfaces are up.
Steps 6: Preview tunnel interface status on R1.
R1# show ip interface brief Tunnel0
Interface IP-Address OK? Method Status
Protocol
172.16.99.1 YES) manual up ®
Step 7: Preview tunnel interface information on R4.
R4# show interface Tunnel 0
Tunsel0 is up, line protocol is up
Hardware is Tunnel
MTU 17916 bytes, BW 100 Kbit/sec, DLY 50000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation TUNNEL, loopback not set
Keepalive not set
En
<... output omitted ...>
Both interfaces are up.
Verify Connectivity to the Tunnel Interface
Step 8: Display routes on the R1.
Rl# show ip route
<... output omitted ...>
EEE Aie comes, Tametó
Step 9: Ping the IP address of the R4 Tunnel0 interface from R1.
Ri# ping 172.16.99.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.99.2, timeout is 2 seconds:
00090
Guccess gate ds 209 peresns (9/5). <ound-trip min/avg/max = 1/1/1 ms
- Both interfaces are up.
+ Traffic that is destined for 172.16.99.0/24 enters the GRE tunnel interface.
- Tunnel interface on Rd is accessible from R1.
Step 8: Display routes on the R1.
Rl# show ip route
<... output omitted ...>
EEE Aie comes, Tametó
Step 9: Ping the IP address of the R4 Tunnel0 interface from R1.
Ri# ping 172.16.99.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.99.2, timeout is 2 seconds:
00090
Guccess gate ds 209 peresns (9/5). <ound-trip min/avg/max = 1/1/1 ms
- Both interfaces are up.
+ Traffic that is destined for 172.16.99.0/24 enters the GRE tunnel interface.
- Tunnel interface on Rd is accessible from R1.
Add GRE Tunnel to a Routing Process
Steps 10 and 11: Configure OSPF on R1 and R4.
R4(config)# router ospf 1
R4 (config-router)# network 172.16.0.0 0.0.255.255 area 0
Rl(config)# router ospf 1
Rl(config-router)# network 172.16.0.0 0.0.255.255 area 0
#Nov 4 11:41:51.093: $OSPF-5-ADJCHG: Process 1, Nbr 0.0.0.4 on mai) Geom
CORDES 85 EUER, Loading Done
- You can run dynamic routing protocol through the tunnel.
+ OSPF neighborship is successfully established.
Steps 10 and 11: Configure OSPF on R1 and R4.
R4(config)# router ospf 1
R4 (config-router)# network 172.16.0.0 0.0.255.255 area 0
Rl(config)# router ospf 1
Rl(config-router)# network 172.16.0.0 0.0.255.255 area 0
#Nov 4 11:41:51.093: $OSPF-5-ADJCHG: Process 1, Nbr 0.0.0.4 on mai) Geom
CORDES 85 EUER, Loading Done
- You can run dynamic routing protocol through the tunnel.
+ OSPF neighborship is successfully established.
Verify Access to Networks Routed Through GRE Tunnel
Steps 12 and 13: Make sure routes work.
Rl# show ip route
<... output omitted ...>
<... output omitted ...>
Rl# ping 172.16.4.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.4.1, timeout is 2 seconds:
Évesess ste de 200 percens BA), round-trip min/avg/max = 1/1/1 ms
+ Rt has learned about the networks running behind the R4 loopback 0 and
Ethernet 0/1 interfaces via the OSPF routing protocol.
- The traffic destined to the R4 Loopback 0 and Ethernet 0/1 interfaces will enter
the GRE Tunnel 0 interface.
Steps 12 and 13: Make sure routes work.
Rl# show ip route
<... output omitted ...>
<... output omitted ...>
Rl# ping 172.16.4.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.4.1, timeout is 2 seconds:
Évesess ste de 200 percens BA), round-trip min/avg/max = 1/1/1 ms
+ Rt has learned about the networks running behind the R4 loopback 0 and
Ethernet 0/1 interfaces via the OSPF routing protocol.
- The traffic destined to the R4 Loopback 0 and Ethernet 0/1 interfaces will enter
the GRE Tunnel 0 interface.
Display the OSPF Neighbors of R1
Step 14: Preview ospf neighbor.
Rl# show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
0.0.0.4 o EUMP = 00:00:37
R4 is an OSPF neighbor of R1, using the GRE tunnel.
Step 14: Preview ospf neighbor.
Rl# show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
0.0.0.4 o EUMP = 00:00:37
R4 is an OSPF neighbor of R1, using the GRE tunnel.
End of Discovery
OU LU LR
cisco
Configuring Single Homed EBGP
Wide-Area Networks
cisco
Configuring Single Homed EBGP
Wide-Area Networks
Interdomain Routing
Se
ÉS (OSPF. EIGRP) ES —>” [ES (OSPF. EIGRP) ES
E E ee
AS 65000 AS 65001
- AS—Autonomous System
— Collection of networks under a single technical administration
+ |GP-—-Interior Gateway Protocol
— Optimum intra-AS routing
— OSPF, RIP, EIGRP, IS-IS, etc.
+ EGP—Exterior Gateway Protocol
— Runs between autonomous systems
— Enables routing policies
— Improves security
Se
ÉS (OSPF. EIGRP) ES —>” [ES (OSPF. EIGRP) ES
E E ee
AS 65000 AS 65001
- AS—Autonomous System
— Collection of networks under a single technical administration
+ |GP-—-Interior Gateway Protocol
— Optimum intra-AS routing
— OSPF, RIP, EIGRP, IS-IS, etc.
+ EGP—Exterior Gateway Protocol
— Runs between autonomous systems
— Enables routing policies
— Improves security
Introduction to EBGP
(Customer B)
EBGP characteristics:
+ Reliable updates: TCP port 179
+ Interdomain routing—EGP
+ Customer exchanges routes with
the ISP
+ ISPs exchange routes with other
ISPs
» Scalable
+ Secure
+ Supports routing policies
(Customer B)
EBGP characteristics:
+ Reliable updates: TCP port 179
+ Interdomain routing—EGP
+ Customer exchanges routes with
the ISP
+ ISPs exchange routes with other
ISPs
» Scalable
+ Secure
+ Supports routing policies
0050 05
cisco
Discovery 51: Configure and Verify Single
_ Homed EBGP
cisco
Discovery 51: Configure and Verify Single
_ Homed EBGP
Topology
BGP AS 100
BGP AS 200
te Argo sar 28
BGP AS 100
BGP AS 200
te Argo sar 28
Job Aid
10.0.1.0/24
Etho/1
BGP AS 100
10.0.2.0/24
BGP AS 200
murs Aug ana 2
10.0.1.0/24
Etho/1
BGP AS 100
10.0.2.0/24
BGP AS 200
murs Aug ana 2
Configuring EBGP
+ Define the BGP process.
+ Establish a BGP neighbor relationship.
+ Advertise the networks.
2018 Cassandre atten At nua rai. ES
+ Define the BGP process.
+ Establish a BGP neighbor relationship.
+ Advertise the networks.
2018 Cassandre atten At nua rai. ES
Configuring EBGP (Cont.)
To configure EBGP, perform the following actions:
Start BGP routing process.
Router (confg)# router bgp as-number
Only one BGP routing process per router is allowed.
Define an external neighbor.
Router (config)# neighbor peer-ip-address remote-as peer-as-number
Advertise networks into BGP.
Router (config)# network network [mask network-mask]
To configure EBGP, perform the following actions:
Start BGP routing process.
Router (confg)# router bgp as-number
Only one BGP routing process per router is allowed.
Define an external neighbor.
Router (config)# neighbor peer-ip-address remote-as peer-as-number
Advertise networks into BGP.
Router (config)# network network [mask network-mask]
Verify BGP Configuration on R1
Step 1: Display BGP section of the configuration on R1.
Rl# show running-config | section bgp
bgp log-neighbor-changes
BGP has been preconfigured on the customer side.
BGPAS is 100.
Network 10.0.1.0/24 has been announced to all BGP neighbors.
Neighbor 192.168.1.10 (ISP1) has been configured.
Step 1: Display BGP section of the configuration on R1.
Rl# show running-config | section bgp
bgp log-neighbor-changes
BGP has been preconfigured on the customer side.
BGPAS is 100.
Network 10.0.1.0/24 has been announced to all BGP neighbors.
Neighbor 192.168.1.10 (ISP1) has been configured.
Configure BGP on ISP1
Step 2: Configure both sides for BGP session to be established.
+ ISP1isinAS1
+ R11 (192.168.1.11) is the first neighbor in AS 100
+ R2(192.168.2.11) is the second neighbor in AS 200.
ISPl(config)# router bgp 1
ISPl (config-router)# neighbor 192.168.1.11 remote-as 100
ISP1(config-router) # neighbor 192.168.2.11 remote-as 200
Step 2: Configure both sides for BGP session to be established.
+ ISP1isinAS1
+ R11 (192.168.1.11) is the first neighbor in AS 100
+ R2(192.168.2.11) is the second neighbor in AS 200.
ISPl(config)# router bgp 1
ISPl (config-router)# neighbor 192.168.1.11 remote-as 100
ISP1(config-router) # neighbor 192.168.2.11 remote-as 200
Configure BGP on ISP1 (Cont.)
Step 3 and 4: Configure ISP1 further.
Syslog message indicates that external BGP sessions are
successfully established.
*Oct 6 11:36:01.393: %BGP-5-ADJCHANGE: neighbor 192.168.1.11 Up
*0ct 6 11:36:12.364: *BGP-5-ADJCHANGE: neighbor 192.168.2.11 Up
ISP1 should announce LoopbackO network (10.0.0.0/24) in the BGP
process. Before you announce it, verify that the exact match exists
in the routing table.
ISP1+# show ip route
<... output omitted ...>
10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
€
L 10.0.0.1/32 is directly connected, Loopbacx0
<... output omitted ...>
ISPl (config-router)# network 10.0.0.0 mask 255.255.255.0
Step 3 and 4: Configure ISP1 further.
Syslog message indicates that external BGP sessions are
successfully established.
*Oct 6 11:36:01.393: %BGP-5-ADJCHANGE: neighbor 192.168.1.11 Up
*0ct 6 11:36:12.364: *BGP-5-ADJCHANGE: neighbor 192.168.2.11 Up
ISP1 should announce LoopbackO network (10.0.0.0/24) in the BGP
process. Before you announce it, verify that the exact match exists
in the routing table.
ISP1+# show ip route
<... output omitted ...>
10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
€
L 10.0.0.1/32 is directly connected, Loopbacx0
<... output omitted ...>
ISPl (config-router)# network 10.0.0.0 mask 255.255.255.0
Verifying EBGP
To verify EBGP, perform the following actions:
Display the BGP status and lists all configured neighbors.
Router# show ip bgp summary
Display TCP and BGP connections to neighbors.
Rouetr# show ip bgp neighbors [neighbor-address]
Display all routing information that is received from all neighbors.
Router# show ip bgp
To verify EBGP, perform the following actions:
Display the BGP status and lists all configured neighbors.
Router# show ip bgp summary
Display TCP and BGP connections to neighbors.
Rouetr# show ip bgp neighbors [neighbor-address]
Display all routing information that is received from all neighbors.
Router# show ip bgp
Verify BGP Session on ISP1
Step 5: Verify the state of BGP session on ISP1.
ISP1# show ip bgp summary
<... output omitted ...>
Neighbor v AS MsgRevd MsgSent TolVer InQ OutQ Up/Down
State/PfxRcd
4 5 6 3 0 0
4 5 6 3 © o
+ ISP1 has established a session with 192.168.1.11 which is in AS 100.
+ ISP1 has established a session with 192.168.2.11 which is in AS 200.
- From each of the neighbors, ISP1 has received one prefix.
Step 5: Verify the state of BGP session on ISP1.
ISP1# show ip bgp summary
<... output omitted ...>
Neighbor v AS MsgRevd MsgSent TolVer InQ OutQ Up/Down
State/PfxRcd
4 5 6 3 0 0
4 5 6 3 © o
+ ISP1 has established a session with 192.168.1.11 which is in AS 100.
+ ISP1 has established a session with 192.168.2.11 which is in AS 200.
- From each of the neighbors, ISP1 has received one prefix.
Verify BGP Neighbors on ISP1
Step 6: Verify BGP state with the neighbors on ISP 1.
ISP1# show ip bgp neighbors 192.168.1.11
BGP neighbor is 192.168.1.11, remote AS 100, external link
BGP version 4, remote router ID 10.0.1.1
BED etats = BstebMished, up for 00:01:16
Last read 00:00:24, last write 00:00:05, hold time is 180, keepalive interval
is 60 seconds
<... output omitted ...>
ISP1# show ip bgp neighbors 192.168.2.11
‘BGP neighbor is 192.168.2.11, remote AS 200, external link
BGP version 4, remote router ID 10.0.2.1
@ Establllshed, uo for 00:02:31
Last read 00:00:42, last write 00:00:11, hold time is 180, keepalive interval
is 60 seconds
<... Output omitted ...>
ISP1 has BGP session established with both neighbors. Note that
the BGP connection is identified as an external link.
ES a aia Aga asar #7
Step 6: Verify BGP state with the neighbors on ISP 1.
ISP1# show ip bgp neighbors 192.168.1.11
BGP neighbor is 192.168.1.11, remote AS 100, external link
BGP version 4, remote router ID 10.0.1.1
BED etats = BstebMished, up for 00:01:16
Last read 00:00:24, last write 00:00:05, hold time is 180, keepalive interval
is 60 seconds
<... output omitted ...>
ISP1# show ip bgp neighbors 192.168.2.11
‘BGP neighbor is 192.168.2.11, remote AS 200, external link
BGP version 4, remote router ID 10.0.2.1
@ Establllshed, uo for 00:02:31
Last read 00:00:42, last write 00:00:11, hold time is 180, keepalive interval
is 60 seconds
<... Output omitted ...>
ISP1 has BGP session established with both neighbors. Note that
the BGP connection is identified as an external link.
ES a aia Aga asar #7
Verify Received Prefixes on ISP1
Step 7: Display BGP.
ISP1+ show ip bgp
<... output omitted ...>
Network Next Hop Metric LocPrf Weight Path
*> 10.0.0.0/24 0.0.0.0 o 32768 i
> 0 0 100 i
67 lo] 0 200 i
ISP1 has three networks in the BGP table:
+ — 10.0.0.0/24, which has been locally configured on ISP1.
+ 10.0.1.0/24, which has been announced from 192.168.1.11 (R1) neighbor.
+ 10.0.2.0/24, which has been announced from 192.168.2.11 (R2) neighbor.
Step 7: Display BGP.
ISP1+ show ip bgp
<... output omitted ...>
Network Next Hop Metric LocPrf Weight Path
*> 10.0.0.0/24 0.0.0.0 o 32768 i
> 0 0 100 i
67 lo] 0 200 i
ISP1 has three networks in the BGP table:
+ — 10.0.0.0/24, which has been locally configured on ISP1.
+ 10.0.1.0/24, which has been announced from 192.168.1.11 (R1) neighbor.
+ 10.0.2.0/24, which has been announced from 192.168.2.11 (R2) neighbor.
End of Discovery
Tags
Categories
EducationDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 14
- Slides 120
- Age 79 days
Related Slideshows
11
TLE-9-Prepare-Salad-and-Dressing.pptxkkk
MaAngelicaCanceran
32 views
12
LESSON 1 ABOUT MEDIA AND INFORMATION.pptx
JojitGueta
26 views
60
GRADE-8-AQUACULTURE-WEEKQ1.pdfdfawgwyrsewru
MaAngelicaCanceran
41 views
26
Feelings PP Game FOR CHILDREN IN ELEMENTARY SCHOOL.pptx
KaistaGlow
40 views
![Jeopardy_Figures_of_Speech_Template.pptx [Autosaved].pptx](https://slidepub.com/thumb/5828/284015828.jpg)
54
Jeopardy_Figures_of_Speech_Template.pptx [Autosaved].pptx
acecamero20
25 views
7
Jeopardy_Figures_of_Speech.pptxvdsvdsvsdvsd
acecamero20
25 views