综合技术

My CCNP TSHOOT Lab: The Overall Picture

微信扫一扫,分享到朋友圈

My CCNP TSHOOT Lab: The Overall Picture
0

During the last few weeks I published a couple of blogposts concerning routing protocols such as BGP, OSPFv3, and EIGRP . (Use the “Cisco Router” tag on my blog to list all of them.) They are all part of my current Cisco lab that I am using for my CCNP TSHOOT exam preparation. While I depicted only the details of the routing protocols in those blogposts, I am showing my overall lab with all of its Cisco IOS configs here. Just to have the complete picture. There are a couple of not-yet-blogged configs such as VRRP, GLBP, NTP authentication, embedded event manager (EEM), or route-maps and distribute/prefix lists though.

This is the complete lab as already shown in all the other blogposts:

Configurations

Some quick notes about them (read: reminder to myself):

  • The default config for all routers is based on this post: Basic Cisco Configuration . That is: timestamps, banner, SSH with ACLs, SSH public key authentication, SNMP with ACLs, NTP, logging, archive.
  • R4 and R5 use three different FHRPs in sum. ;) On interfaces gi0/0 it is VRRP for legacy IP and HSRP for IPv6 (since my VRRP version is not able to handle IPv6 as well), while GLBP on interfaces gi0/1 for both Internet protocols. All four processes use MD5 authentication.
  • All routers use NTP via IPv6 with MD5 authentication (since SHA-1 is not supported).
  • On R2 there is an “ event manager applet CONFIG-STARTED ” that generates a syslog message and sends an email if an admin starts a configure session.
  • Two GRE tunnels between R1 and R3, one over IPv6 and another over legacy IP. The latter uses a “keepalive” which is not possible for IPv6. No routing over those tunnels though.
  • Route-Maps on R4 and R5 for BGP to set the local-preference for some networks to 200 to force only one router to be used. Sent to the Palo Alto firewall “out”. R4 with a route-map for IPv4 and R5 for IPv6.
  • Just for fun: R2 uses an ACL for IPv4 and a prefix-list for IPv6 to filter outgoing EIGRP updates to R1. However, all networks are explicitly permitted, hence it’s just added security in case of misconfigurations on R3.
  • On S2 there are two Raspberry Pis on ports 3 and 4 with PoE adapters.
  • For all other details about the dynamic routing protocols refer to my previous blogposts.
  • For even more protocols related to layer 2 refer to my CCNP SWITCH / Wireshark challenges post listing 22 protocols and 46 challenges around them.

Here are the full configurations for the five involved Cisco routers, from left to right according to the lab overview:

R4, iBGP to the left, OSPF to the right:

!
! Last configuration change at 16:15:31 CET Thu Feb 22 2018 by weberjoh
! NVRAM config last updated at 16:38:44 CET Thu Feb 22 2018 by weberjoh
! NVRAM config last updated at 16:38:44 CET Thu Feb 22 2018 by weberjoh
version 15.1
service timestamps debug datetime msec show-timezone year
service timestamps log datetime msec show-timezone year
service password-encryption
!
hostname R4
!
boot-start-marker
boot-end-marker
!
!
security passwords min-length 12
logging buffered 64000
enable secret 5 $1$FdCb$spI/lHO.AREaK4fFrcLuw0
!
aaa new-model
!
!
!
!
!
!
!
aaa session-id common
!
clock timezone CET 1 0
clock summer-time CEST recurring last Sun Mar 2:00 last Sun Oct 3:00
no network-clock-participate wic 0 
no network-clock-participate wic 1 
!
dot11 syslog
no ip source-route
!
!
ip cef
!
!
!
ip domain name weberlab.de
ip name-server 2003:DE:2016:120::A08:53
ipv6 unicast-routing
ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
!
!
voice-card 0
!
crypto pki token default removal timeout 0
!
!
!
!
license udi pid CISCO2851 sn FCZ09417188
archive
 path scp://iosarchive:[email protected]/$h-$t
 write-memory
username weberjoh privilege 15 secret 5 $1$dZt.$HTgDJhM2cEld9SBRSrFfX1
!
redundancy
!
!
controller E1 0/0/0
!
controller E1 0/1/0
!
ip ssh logging events
ip ssh version 2
ip ssh dh min size 2048
ip ssh pubkey-chain
  username weberjoh
   key-hash ssh-rsa F6CB07741AC18888F65459330E8F2363 
  quit
!
track 24 interface GigabitEthernet0/1 line-protocol
!
track 25 interface GigabitEthernet0/1 line-protocol
! 
!
!
!
!
!
!
!
interface Loopback0
 ip address 192.168.255.14 255.255.255.255
 ipv6 address 2003:DE:2016:1FF::14/128
 ipv6 ospf 1 area 0.0.0.0
!
interface GigabitEthernet0/0
 description Uplink zu Dell-Switch Port 19
 ip address 192.168.120.24 255.255.255.0
 standby version 2
 standby 25 ipv6 autoconfig
 standby 25 priority 110
 standby 25 preempt
 standby 25 authentication md5 key-string 7 080B495D1C0A2C04260309252438332D21
 standby 25 track 25 decrement 20
 duplex auto
 speed auto
 ipv6 address 2003:DE:2016:120::24/64
 ipv6 nd ra suppress all
 ipv6 ospf 1 area 0.0.0.0
 vrrp 24 ip 192.168.120.4
 vrrp 24 priority 110
 vrrp 24 authentication md5 key-string 7 002E16151148380719245F
 vrrp 24 track 24 decrement 20
!
interface GigabitEthernet0/1
 description Downlink zu S1 Port 1
 ip address 192.168.121.4 255.255.255.0
 ip ospf authentication message-digest
 ip ospf message-digest-key 1 md5 7 062C0029421F5A5556435F5859
 ip ospf priority 100
 glbp 136 ipv6 autoconfig
 glbp 136 priority 150
 glbp 136 preempt
 glbp 136 authentication md5 key-string 7 13034247595F5C7F2F7471633621450642505303580E5100595640450C01040703070C5B580404010F57465301030D535A751A4A5C1A541614530A05727F262D30
 glbp 137 ip 192.168.121.137
 glbp 137 preempt
 glbp 137 authentication md5 key-string 7 0056155301035C5456724E1C5E480741430F5D00727F7179656676125240070555080D55050B014E1700015204010D000E0A53540C0454465E005E5C560E751E4F
 duplex auto
 speed auto
 ipv6 address 2003:DE:2016:121::4/64
 ipv6 nd ra suppress all
 ipv6 ospf priority 100
 ipv6 ospf 1 area 0.0.0.0
 ipv6 ospf authentication ipsec spi 2311 sha1 7 0255250E2D505E7819185A3B214442522A5C727F76786A61744054415158070B0007712C544C300C0A
!
router ospf 4
 router-id 192.168.255.14
 auto-cost reference-bandwidth 10000
 passive-interface default
 no passive-interface GigabitEthernet0/1
 network 192.168.120.0 0.0.0.255 area 0.0.0.0
 network 192.168.121.0 0.0.0.255 area 0.0.0.0
 default-information originate
!
router bgp 64512
 bgp router-id 192.168.255.14
 bgp log-neighbor-changes
 no bgp default ipv4-unicast
 neighbor 2003:DE:2016:120::F02:443 remote-as 64512
 neighbor 2003:DE:2016:120::F02:443 description Forti-v6
 neighbor 2003:DE:2016:120::F02:443 password 7 012315550A52485E7119
 neighbor 2003:DE:2016:1FF::1 remote-as 64512
 neighbor 2003:DE:2016:1FF::1 description Palo-v6 Loopback
 neighbor 2003:DE:2016:1FF::1 password 7 080B4346074A4B4644
 neighbor 2003:DE:2016:1FF::1 update-source Loopback0
 neighbor 2003:DE:2016:1FF::15 remote-as 64512
 neighbor 2003:DE:2016:1FF::15 description R5-Dual Loopback
 neighbor 2003:DE:2016:1FF::15 password 7 045D04090D205E
 neighbor 2003:DE:2016:1FF::15 update-source Loopback0
 neighbor 192.168.120.33 remote-as 64512
 neighbor 192.168.120.33 description Forti-v4
 neighbor 192.168.120.33 password 7 0236170A5A5F41701C1B
 neighbor 192.168.255.1 remote-as 64512
 neighbor 192.168.255.1 description Palo-v4 Loopback
 neighbor 192.168.255.1 update-source Loopback0
 !
 address-family ipv4
  network 192.168.121.0
  redistribute ospf 4 match internal external 1 external 2
  neighbor 2003:DE:2016:1FF::15 activate
  neighbor 2003:DE:2016:1FF::15 next-hop-self
  neighbor 192.168.120.33 activate
  neighbor 192.168.120.33 next-hop-self
  neighbor 192.168.255.1 activate
  neighbor 192.168.255.1 next-hop-self
  neighbor 192.168.255.1 route-map BGP-to-Palo out
 exit-address-family
 !
 address-family ipv6
  redistribute ospf 1 match internal external 1 external 2
  network 2003:DE:2016:121::/64
  neighbor 2003:DE:2016:120::F02:443 activate
  neighbor 2003:DE:2016:120::F02:443 next-hop-self
  neighbor 2003:DE:2016:1FF::1 activate
  neighbor 2003:DE:2016:1FF::1 next-hop-self
  neighbor 2003:DE:2016:1FF::15 activate
  neighbor 2003:DE:2016:1FF::15 next-hop-self
 exit-address-family
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
ip route 0.0.0.0 0.0.0.0 192.168.120.1
ip route 192.168.255.1 255.255.255.255 GigabitEthernet0/0 192.168.120.1
ip route 192.168.255.2 255.255.255.255 GigabitEthernet0/0 192.168.120.33
ip route 192.168.255.15 255.255.255.255 GigabitEthernet0/0 192.168.120.25
ip ospf name-lookup
!
ip access-list standard snmp-access-v4
 permit 192.168.120.0 0.0.0.255
 deny   any
ip access-list standard vty-access-v4
 permit 192.168.0.0 0.0.255.255 log
 deny   any log
!
!
ip prefix-list IPv4-Loopbacks seq 5 permit 192.168.255.11/32
ip prefix-list IPv4-Loopbacks seq 10 permit 192.168.255.12/31
logging trap debugging
logging host ipv6 2003:DE:2016:120::B10:514
ipv6 route 2003:DE:2016:1FF::1/128 GigabitEthernet0/0 2003:DE:2016:120::1
ipv6 route 2003:DE:2016:1FF::2/128 GigabitEthernet0/0 2003:DE:2016:120::F02:443
ipv6 route 2003:DE:2016:1FF::15/128 GigabitEthernet0/0 2003:DE:2016:120::25
ipv6 route ::/0 2003:DE:2016:120::1
ipv6 router ospf 1
 router-id 192.168.255.14
 auto-cost reference-bandwidth 10000
 default-information originate
 passive-interface default
 no passive-interface GigabitEthernet0/1
!
ipv6 ospf name-lookup
!
!
!
!
route-map BGP-to-Palo permit 10
 match ip address prefix-list IPv4-Loopbacks
 set local-preference 200
!
route-map BGP-to-Palo permit 20
 description This matches everything to be an explicit allow any at the end
!
snmp-server community n5rAD1ig314IqfioYBWw RO ipv6 snmp-access-v6 snmp-access-v4
snmp-server ifindex persist
snmp-server location On the top of the rack
snmp-server contact Johannes Weber
!
!
!
!
ipv6 access-list snmp-access-v6
 permit ipv6 2003:DE:2016:120::/64 any
 deny ipv6 any any
!
ipv6 access-list vty-access-v6
 permit ipv6 2003:DE:2016::/48 any log
 deny ipv6 any any log
!
control-plane
!
!
!
!
mgcp profile default
!
!
!
!
!
banner login ^C######################################
#         Webernetz.net Labor        #
# Finger weg wenn du nicht ich bist! #
######################################
^C
!
line con 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
 history size 100
line aux 0
line vty 0 4
 access-class vty-access-v4 in
 exec-timeout 0 0
 privilege level 15
 ipv6 access-class vty-access-v6 in
 logging synchronous
 history size 100
 transport input ssh
!
scheduler allocate 20000 1000
ntp authentication-key 1 md5 113B3301213D15204E160B00626818722E133E4658 7
ntp authentication-key 2 md5 0650583F671F383B40360C161938192771057A3C67 7
ntp authentication-key 3 md5 050E2104106F47544C365B1C080317312771131A3C 7
ntp authenticate
ntp trusted-key 1
ntp trusted-key 2
ntp trusted-key 3
ntp update-calendar
ntp server ipv6 2.pool.ntp.org
ntp server ntp1.weberlab.de key 1
ntp server ntp2.weberlab.de key 2
ntp server ntp3.weberlab.de key 3 prefer
ntp server ipv6 2.de.pool.ntp.org
end

R5, same like R4: iBGP to the left, OSPF to the right:

!
! Last configuration change at 16:12:24 CET Thu Feb 22 2018 by weberjoh
! NVRAM config last updated at 16:38:45 CET Thu Feb 22 2018 by weberjoh
! NVRAM config last updated at 16:38:45 CET Thu Feb 22 2018 by weberjoh
version 15.1
service timestamps debug datetime msec show-timezone year
service timestamps log datetime msec show-timezone year
service password-encryption
!
hostname R5
!
boot-start-marker
boot-end-marker
!
!
security passwords min-length 12
logging buffered 64000
enable secret 5 $1$FdCb$spI/lHO.AREaK4fFrcLuw0
!
aaa new-model
!
!
!
!
!
!
!
aaa session-id common
!
clock timezone CET 1 0
clock summer-time CEST recurring last Sun Mar 2:00 last Sun Oct 3:00
!
dot11 syslog
no ip source-route
!
!
ip cef
!
!
!
ip domain name weberlab.de
ip name-server 2003:DE:2016:120::A08:53
ipv6 unicast-routing
ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
!
!
voice-card 0
!
crypto pki token default removal timeout 0
!
!
!
!
license udi pid CISCO2851 sn FCZ132070SQ
archive
 log config
  hidekeys
 path scp://iosarchive:[email protected]/$h-$t
 write-memory
username weberjoh privilege 15 secret 5 $1$dZt.$HTgDJhM2cEld9SBRSrFfX1
!
redundancy
!
!
ip ssh logging events
ip ssh version 2
ip ssh dh min size 2048
ip ssh pubkey-chain
  username weberjoh
   key-hash ssh-rsa F6CB07741AC18888F65459330E8F2363 
  quit
! 
!
!
!
!
!
!
!
interface Loopback0
 ip address 192.168.255.15 255.255.255.255
 ipv6 address 2003:DE:2016:1FF::15/128
 ipv6 ospf 1 area 0.0.0.0
!
interface GigabitEthernet0/0
 description Uplink zu Dell-Switch Port 20
 ip address 192.168.120.25 255.255.255.0
 standby version 2
 standby 25 ipv6 autoconfig
 standby 25 preempt
 standby 25 authentication md5 key-string 7 09664B1A0C163E013F04010B25373F3627
 duplex auto
 speed auto
 ipv6 address 2003:DE:2016:120::25/64
 ipv6 nd ra suppress all
 ipv6 ospf 1 area 0.0.0.0
 vrrp 24 ip 192.168.120.4
 vrrp 24 authentication md5 key-string 7 11231C160201380D122F38
!
interface GigabitEthernet0/1
 description Downlink zu S1 Port 2
 ip address 192.168.121.5 255.255.255.0
 ip ospf authentication message-digest
 ip ospf message-digest-key 1 md5 7 062C0029421F5A5556435F5859
 ip ospf priority 50
 glbp 136 ipv6 autoconfig
 glbp 136 preempt
 glbp 136 authentication md5 key-string 7 0827191B5B4A5D42165B5554292872296766704606400155010C00000157504C470B00075050560D530853525D0F024653500D0F530C704D48511F044F46090907
 glbp 137 ip 192.168.121.137
 glbp 137 priority 150
 glbp 137 preempt
 glbp 137 authentication md5 key-string 7 0056155301035C5456724E1C5E480741430F5D00727F7179656676125240070555080D55050B014E1700015204010D000E0A53540C0454465E005E5C560E751E4F
 duplex auto
 speed auto
 ipv6 address 2003:DE:2016:121::5/64
 ipv6 nd ra suppress all
 ipv6 ospf priority 50
 ipv6 ospf 1 area 0.0.0.0
 ipv6 ospf authentication ipsec spi 2311 sha1 7 0255250E2D505E7819185A3B214442522A5C727F76786A61744054415158070B0007712C544C300C0A
!
router ospf 4
 router-id 192.168.255.15
 auto-cost reference-bandwidth 10000
 passive-interface default
 no passive-interface GigabitEthernet0/1
 network 192.168.120.0 0.0.0.255 area 0.0.0.0
 network 192.168.121.0 0.0.0.255 area 0.0.0.0
 default-information originate
!
router bgp 64512
 bgp router-id 192.168.255.15
 bgp log-neighbor-changes
 no bgp default ipv4-unicast
 neighbor 2003:DE:2016:120::F02:443 remote-as 64512
 neighbor 2003:DE:2016:120::F02:443 description Forti-v6
 neighbor 2003:DE:2016:120::F02:443 password 7 046B18575E78021F594C
 neighbor 2003:DE:2016:1FF::1 remote-as 64512
 neighbor 2003:DE:2016:1FF::1 description Palo-v6 Loopback
 neighbor 2003:DE:2016:1FF::1 password 7 080B4346074A4B4644
 neighbor 2003:DE:2016:1FF::1 update-source Loopback0
 neighbor 2003:DE:2016:1FF::14 remote-as 64512
 neighbor 2003:DE:2016:1FF::14 description R4-Dual Loopback
 neighbor 2003:DE:2016:1FF::14 password 7 045D04090D205E
 neighbor 2003:DE:2016:1FF::14 update-source Loopback0
 neighbor 192.168.120.33 remote-as 64512
 neighbor 192.168.120.33 description Forti-v4
 neighbor 192.168.120.33 password 7 06361C701D1747485542
 neighbor 192.168.255.1 remote-as 64512
 neighbor 192.168.255.1 description Palo-v4 Loopback
 neighbor 192.168.255.1 update-source Loopback0
 !
 address-family ipv4
  network 192.168.121.0
  redistribute ospf 4 match internal external 1 external 2
  neighbor 2003:DE:2016:1FF::14 activate
  neighbor 2003:DE:2016:1FF::14 next-hop-self
  neighbor 192.168.120.33 activate
  neighbor 192.168.120.33 next-hop-self
  neighbor 192.168.255.1 activate
  neighbor 192.168.255.1 next-hop-self
 exit-address-family
 !
 address-family ipv6
  redistribute ospf 1 match internal external 1 external 2
  network 2003:DE:2016:121::/64
  neighbor 2003:DE:2016:120::F02:443 activate
  neighbor 2003:DE:2016:120::F02:443 next-hop-self
  neighbor 2003:DE:2016:1FF::1 activate
  neighbor 2003:DE:2016:1FF::1 next-hop-self
  neighbor 2003:DE:2016:1FF::1 route-map BGP-to-Palo out
  neighbor 2003:DE:2016:1FF::14 activate
  neighbor 2003:DE:2016:1FF::14 next-hop-self
 exit-address-family
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
ip route 0.0.0.0 0.0.0.0 192.168.120.1
ip route 192.168.255.1 255.255.255.255 GigabitEthernet0/0 192.168.120.1
ip route 192.168.255.2 255.255.255.255 GigabitEthernet0/0 192.168.120.33
ip route 192.168.255.14 255.255.255.255 GigabitEthernet0/0 192.168.120.24
ip ospf name-lookup
!
ip access-list standard snmp-access-v4
 permit 192.168.120.0 0.0.0.255
 deny   any
ip access-list standard vty-access-v4
 permit 192.168.0.0 0.0.255.255 log
 deny   any log
!
logging trap debugging
logging host ipv6 2003:DE:2016:120:00:00:B10:514
ipv6 route 2003:DE:2016:1FF::1/128 GigabitEthernet0/0 2003:DE:2016:120::1
ipv6 route 2003:DE:2016:1FF::2/128 GigabitEthernet0/0 2003:DE:2016:120::F02:443
ipv6 route 2003:DE:2016:1FF::14/128 GigabitEthernet0/0 2003:DE:2016:120::24
ipv6 route ::/0 2003:DE:2016:120::1
ipv6 router ospf 1
 router-id 192.168.255.15
 auto-cost reference-bandwidth 10000
 default-information originate
 passive-interface default
 no passive-interface GigabitEthernet0/1
!
ipv6 ospf name-lookup
!
!
ipv6 prefix-list IPv6-Loopbacks seq 5 permit 2003:DE:2016:1FF::11/128
ipv6 prefix-list IPv6-Loopbacks seq 10 permit 2003:DE:2016:1FF::12/127
!
!
!
route-map BGP-to-Palo permit 10
 match ipv6 address prefix-list IPv6-Loopbacks
 set local-preference 200
!
route-map BGP-to-Palo permit 20
 description This matches everything to be an explicit allow any at the end
!
snmp-server community n5rAD1ig314IqfioYBWw RO ipv6 snmp-access-v6 snmp-access-v4
snmp-server ifindex persist
snmp-server location On the top of the rack
snmp-server contact Johannes Weber
!
!
!
!
ipv6 access-list vty-access-v6
 permit ipv6 2003:DE:2016::/48 any log
 deny ipv6 any any log
!
ipv6 access-list snmp-access-v6
 permit ipv6 2003:DE:2016:120::/64 any
 deny ipv6 any any
!
control-plane
!
!
!
!
mgcp profile default
!
!
!
!
!
banner login ^C######################################
#         Webernetz.net Labor        #
# Finger weg wenn du nicht ich bist! #
######################################
^C
!
line con 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
 history size 100
line aux 0
line vty 0 4
 access-class vty-access-v4 in
 exec-timeout 0 0
 privilege level 15
 ipv6 access-class vty-access-v6 in
 logging synchronous
 history size 100
 transport input ssh
!
scheduler allocate 20000 1000
ntp authentication-key 1 md5 073D0B48782607295D2E2B284E71067415271D674A 7
ntp authentication-key 2 md5 115F4E1B3C433A2E410B35393D0F062E462A5F0A44 7
ntp authentication-key 3 md5 050E2104106F47544C365B1C080317312771131A3C 7
ntp authenticate
ntp trusted-key 1
ntp trusted-key 2
ntp trusted-key 3
ntp update-calendar
ntp server ipv6 2.pool.ntp.org
ntp server ntp1.weberlab.de key 1
ntp server ntp2.weberlab.de key 2
ntp server ntp3.weberlab.de key 3 prefer
ntp server ipv6 2.de.pool.ntp.org
end

R1, OSPF to the left, EIGRP to the right:

!
! Last configuration change at 13:54:47 CET Thu Feb 22 2018 by weberjoh
! NVRAM config last updated at 16:38:47 CET Thu Feb 22 2018 by weberjoh
! NVRAM config last updated at 16:38:47 CET Thu Feb 22 2018 by weberjoh
version 15.1
service timestamps debug datetime msec show-timezone year
service timestamps log datetime msec show-timezone year
service password-encryption
!
hostname R1
!
boot-start-marker
boot-end-marker
!
!
security passwords min-length 12
logging buffered 64000
enable secret 5 $1$FdCb$spI/lHO.AREaK4fFrcLuw0
!
aaa new-model
!
!
!
!
!
!
!
aaa session-id common
!
clock timezone CET 1 0
clock summer-time CEST recurring last Sun Mar 2:00 last Sun Oct 3:00
!
dot11 syslog
no ip source-route
!
!
ip cef
!
!
!
ip domain name weberlab.de
ip name-server 2003:DE:2016:120::A08:53
ipv6 unicast-routing
ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
!
key chain EIGRP-Bose-Password
 key 1
  key-string 7 0034000708565A575617495C1A485542
!
!
!
!
!
!
voice-card 0
!
crypto pki token default removal timeout 0
!
!
!
!
license udi pid CISCO2811 sn FCZ115171R6
archive
 path scp://iosarchive:[email protected]/$h-$t
 write-memory
username weberjoh privilege 15 secret 5 $1$dZt.$HTgDJhM2cEld9SBRSrFfX1
!
redundancy
!
!
ip ssh logging events
ip ssh version 2
ip ssh dh min size 2048
ip ssh pubkey-chain
  username weberjoh
   key-hash ssh-rsa F6CB07741AC18888F65459330E8F2363
  quit
! 
!
!
!
!
!
!
!
interface Loopback0
 ip address 192.168.255.11 255.255.255.255
 ipv6 address 2003:DE:2016:1FF::11/128
 ipv6 ospf 1 area 0.0.0.0
!
interface Tunnel0
 ip address 172.16.255.1 255.255.255.252
 keepalive 10 3
 tunnel source Loopback0
 tunnel destination 192.168.255.13
!
interface Tunnel1
 ip address 172.16.255.5 255.255.255.252
 tunnel source Loopback0
 tunnel mode gre ipv6
 tunnel destination 2003:DE:2016:1FF::13
!
interface FastEthernet0/0
 description Uplink zu S1 Port 24
 bandwidth 8000
 ip address 192.168.121.42 255.255.255.0
 ip flow ingress
 ip ospf authentication message-digest
 ip ospf message-digest-key 1 md5 7 1123160D19435840577E66777D
 duplex auto
 speed auto
 ipv6 address 2003:DE:2016:121::42/64
 ipv6 nd ra suppress all
 ipv6 ospf 1 area 0.0.0.0
 ipv6 ospf authentication ipsec spi 2311 sha1 7 0255250E2D505E7819185A3B214442522A5C727F76786A61744054415158070B0007712C544C300C0A
!
interface FastEthernet0/1
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface Serial0/0/0
 description Downlink zu R2 Port s0/3/0
 bandwidth 8000
 ip address 192.168.122.1 255.255.255.252
 ip flow ingress
 ipv6 address 2003:DE:2016:122::/127
 ipv6 nd ra suppress all
 ipv6 ospf 1 area 0.0.0.0
 clock rate 8000000
!
interface Serial0/0/1
 no ip address
 shutdown
 clock rate 2000000
!
!
router eigrp Bose
 !
 address-family ipv4 unicast autonomous-system 4711
  !
  af-interface default
   authentication mode md5
   authentication key-chain EIGRP-Bose-Password
   passive-interface
  exit-af-interface
  !
  af-interface Serial0/0/0
   no passive-interface
  exit-af-interface
  !
  topology base
   default-metric 100000 100 255 50 1500
   redistribute ospf 4
  exit-af-topology
  network 192.168.121.0
  network 192.168.122.0 0.0.0.3
  network 192.168.255.11 0.0.0.0
  eigrp router-id 192.168.255.11
 exit-address-family
 !
 address-family ipv6 unicast autonomous-system 4711
  !
  af-interface default
   authentication mode md5
   authentication key-chain EIGRP-Bose-Password
   passive-interface
  exit-af-interface
  !
  af-interface Serial0/0/0
   no passive-interface
  exit-af-interface
  !
  topology base
   default-metric 100000 100 255 50 1500
   redistribute ospf 1 include-connected
  exit-af-topology
  eigrp router-id 192.168.255.11
 exit-address-family
!
router ospf 4
 router-id 192.168.255.11
 auto-cost reference-bandwidth 10000
 summary-address 192.168.255.12 255.255.255.254
 redistribute eigrp 4711 subnets
 passive-interface default
 no passive-interface FastEthernet0/0
 network 192.168.121.0 0.0.0.255 area 0.0.0.0
 network 192.168.122.0 0.0.0.3 area 0.0.0.0
 network 192.168.255.11 0.0.0.0 area 0.0.0.0
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
ip ospf name-lookup
!
ip access-list standard snmp-access-v4
 permit 192.168.120.0 0.0.0.255
 deny   any
ip access-list standard vty-access-v4
 permit 192.168.0.0 0.0.255.255 log
 deny   any log
!
logging trap debugging
logging host ipv6 2003:DE:2016:120:00:00:B10:514
ipv6 router ospf 1
 router-id 192.168.255.11
 auto-cost reference-bandwidth 10000
 summary-prefix 2003:DE:2016:1FF::12/127
 passive-interface default
 no passive-interface FastEthernet0/0
 redistribute eigrp 4711 include-connected
!
ipv6 ospf name-lookup
!
!
!
!
snmp-server community n5rAD1ig314IqfioYBWw RO ipv6 snmp-access-v6 snmp-access-v4
snmp-server ifindex persist
snmp-server location On the top of the rack
snmp-server contact Johannes Weber
!
!
!
!
ipv6 access-list vty-access-v6
 permit ipv6 2003:DE:2016::/48 any log
 deny ipv6 any any log
!
ipv6 access-list snmp-access-v6
 permit ipv6 2003:DE:2016:120::/64 any
 sequence 15 permit ipv6 2003:DE:2016:125::/64 any
 sequence 20 deny ipv6 any any
!
control-plane
!
!
!
!
mgcp profile default
!
!
!
!
!
banner login ^C######################################
#         Webernetz.net Labor        #
# Finger weg wenn du nicht ich bist! #
######################################
^C
!
line con 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
 history size 100
line aux 0
line vty 0 4
 access-class vty-access-v4 in
 exec-timeout 0 0
 privilege level 15
 ipv6 access-class vty-access-v6 in
 logging synchronous
 history size 100
 transport input ssh
!
scheduler allocate 20000 1000
ntp authentication-key 1 md5 113B3301213D15204E160B00626818722E133E4658 7
ntp authentication-key 2 md5 0650583F671F383B40360C161938192771057A3C67 7
ntp authentication-key 3 md5 050E2104106F47544C365B1C080317312771131A3C 7
ntp authenticate
ntp trusted-key 1
ntp trusted-key 2
ntp trusted-key 3
ntp update-calendar
ntp server ipv6 2.pool.ntp.org
ntp server ntp1.weberlab.de key 1
ntp server ntp2.weberlab.de key 2
ntp server ntp3.weberlab.de key 3 prefer
ntp server ipv6 2.de.pool.ntp.org
end

R2, running only EIGRP:

!
! Last configuration change at 16:28:16 CET Thu Feb 22 2018 by weberjoh
! NVRAM config last updated at 16:38:48 CET Thu Feb 22 2018 by weberjoh
! NVRAM config last updated at 16:38:48 CET Thu Feb 22 2018 by weberjoh
version 15.1
service timestamps debug datetime msec show-timezone year
service timestamps log datetime msec show-timezone year
service password-encryption
!
hostname R2
!
boot-start-marker
boot-end-marker
!
!
! card type command needed for slot/vwic-slot 0/0
security passwords min-length 12
logging buffered 64000
enable secret 5 $1$FdCb$spI/lHO.AREaK4fFrcLuw0
!
aaa new-model
!
!
!
!
!
!
!
aaa session-id common
!
clock timezone CET 1 0
clock summer-time CEST recurring last Sun Mar 2:00 last Sun Oct 3:00
network-clock-participate wic 1 
!
dot11 syslog
no ip source-route
!
!
ip cef
!
!
!
ip domain name weberlab.de
ip name-server 2003:DE:2016:120::A08:53
ipv6 unicast-routing
ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
!
key chain EIGRP-Bose-Password
 key 1
  key-string 7 0034000708565A575617495C1A485542
!
!
!
!
!
!
voice-card 0
!
crypto pki token default removal timeout 0
!
!
!
!
license udi pid CISCO2811 sn FCZ1050731Z
archive
 path scp://iosarchive:[email protected]/$h-$t
 write-memory
username weberjoh privilege 15 secret 5 $1$dZt.$HTgDJhM2cEld9SBRSrFfX1
!
redundancy
!
!
ip ssh logging events
ip ssh version 2
ip ssh dh min size 2048
ip ssh pubkey-chain
  username weberjoh
   key-hash ssh-rsa F6CB07741AC18888F65459330E8F2363 
  quit
! 
!
!
!
!
!
!
!
interface Loopback0
 ip address 192.168.255.12 255.255.255.255
 ipv6 address 2003:DE:2016:1FF::12/128
!
interface FastEthernet0/0
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface FastEthernet0/1
 description Downlink zu S2 Port 1
 ip address 192.168.127.1 255.255.255.0
 duplex auto
 speed auto
 ipv6 address 2003:DE:2016:127::1/64
 ipv6 nd ra suppress all
!
interface BRI0/1/0
 no ip address
!
interface BRI0/1/1
 no ip address
!
interface Serial0/3/0
 description Uplink zu R1 Port s0/0/0
 bandwidth 8000
 ip address 192.168.122.2 255.255.255.252
 ipv6 address 2003:DE:2016:122::1/127
 ipv6 nd ra suppress all
 no fair-queue
!
interface Serial0/3/1
 no ip address
 shutdown
 clock rate 2000000
!
!
router eigrp Bose
 !
 address-family ipv4 unicast autonomous-system 4711
  !
  af-interface default
   authentication mode md5
   authentication key-chain EIGRP-Bose-Password
  exit-af-interface
  !
  topology base
   distribute-list EIGRP-Filter out Serial0/3/0
  exit-af-topology
  network 192.168.122.0 0.0.0.3
  network 192.168.127.0
  network 192.168.255.12 0.0.0.0
  eigrp router-id 192.168.255.12
 exit-address-family
 !
 address-family ipv6 unicast autonomous-system 4711
  !
  af-interface default
   authentication mode md5
   authentication key-chain EIGRP-Bose-Password
  exit-af-interface
  !
  topology base
   distribute-list prefix-list EIGRPv6-Filter out Serial0/3/0
  exit-af-topology
  eigrp router-id 192.168.255.12
 exit-address-family
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
!
ip access-list standard EIGRP-Filter
 permit 192.168.255.13
 permit 192.168.255.12
 permit 192.168.124.0 0.0.0.255
 permit 192.168.127.0 0.0.0.255
 permit 192.168.128.0 0.0.1.255
ip access-list standard snmp-access-v4
 permit 192.168.120.0 0.0.0.255
 deny   any
ip access-list standard vty-access-v4
 permit 192.168.0.0 0.0.255.255 log
 deny   any log
!
logging trap debugging
logging host ipv6 2003:DE:2016:120:00:00:B10:514
!
!
ipv6 prefix-list EIGRPv6-Filter seq 5 permit 2003:DE:2016:124::/64
ipv6 prefix-list EIGRPv6-Filter seq 10 permit 2003:DE:2016:127::/64
ipv6 prefix-list EIGRPv6-Filter seq 15 permit 2003:DE:2016:128::/62 ge 63 le 64
ipv6 prefix-list EIGRPv6-Filter seq 20 permit 2003:DE:2016:1FF::12/128
ipv6 prefix-list EIGRPv6-Filter seq 25 permit 2003:DE:2016:1FF::13/128
!
!
!
snmp-server community n5rAD1ig314IqfioYBWw RO ipv6 snmp-access-v6 snmp-access-v4
snmp-server ifindex persist
snmp-server location On the top of the rack
snmp-server contact Johannes Weber
!
!
!
!
ipv6 access-list vty-access-v6
 permit ipv6 2003:DE:2016::/48 any log
 deny ipv6 any any log
!
ipv6 access-list snmp-access-v6
 permit ipv6 2003:DE:2016:120::/64 any
 deny ipv6 any any
!
control-plane
!
!
voice-port 0/1/0
!
voice-port 0/1/1
!
voice-port 0/2/0
!
voice-port 0/2/1
!
!
!
mgcp profile default
!
!
!
!
!
banner login ^C######################################
#         Webernetz.net Labor        #
# Finger weg wenn du nicht ich bist! #
######################################
^C
!
line con 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
 history size 100
line aux 0
line vty 0 4
 access-class vty-access-v4 in
 exec-timeout 0 0
 privilege level 15
 ipv6 access-class vty-access-v6 in
 logging synchronous
 history size 100
 transport input ssh
!
scheduler allocate 20000 1000
ntp authentication-key 1 md5 113B3301213D15204E160B00626818722E133E4658 7
ntp authentication-key 2 md5 0650583F671F383B40360C161938192771057A3C67 7
ntp authentication-key 3 md5 050E2104106F47544C365B1C080317312771131A3C 7
ntp authenticate
ntp trusted-key 1
ntp trusted-key 2
ntp trusted-key 3
ntp update-calendar
ntp server ipv6 2.pool.ntp.org
ntp server ipv6 2.de.pool.ntp.org
ntp server ntp1.weberlab.de key 1
ntp server ntp2.weberlab.de key 2
ntp server ntp3.weberlab.de key 3 prefer
event manager applet CONFIG-STARTED
 event cli pattern "configure terminal" sync no skip no occurs 1
 action 1.0 syslog priority critical msg "Configuration mode was entered. Regards, JWE"
 action 2.0 mail server "192.168.110.24" to "[email protected]" from "[email protected]" subject "Config Started at R2" body "Nur noch ein bisschen mehr Text." source-interface Loopback0
!
end

R3, running only EIGRP, connecting several client subnets:

!
! Last configuration change at 15:19:07 CET Thu Feb 22 2018 by weberjoh
! NVRAM config last updated at 16:38:49 CET Thu Feb 22 2018 by weberjoh
! NVRAM config last updated at 16:38:49 CET Thu Feb 22 2018 by weberjoh
version 15.1
service timestamps debug datetime msec show-timezone year
service timestamps log datetime msec show-timezone year
service password-encryption
!
hostname R3
!
boot-start-marker
boot-end-marker
!
!
security passwords min-length 12
logging buffered 64000
enable secret 5 $1$FdCb$spI/lHO.AREaK4fFrcLuw0
!
aaa new-model
!
!
!
!
!
!
!
aaa session-id common
!
clock timezone CET 1 0
clock summer-time CEST recurring last Sun Mar 2:00 last Sun Oct 3:00
!
dot11 syslog
no ip source-route
!
!
ip cef
!
ip dhcp excluded-address 192.168.124.1 192.168.124.10
ip dhcp excluded-address 192.168.128.1 192.168.128.10
ip dhcp excluded-address 192.168.129.1 192.168.129.10
!
ip dhcp pool VLAN124-Clients
 network 192.168.124.0 255.255.255.0
 default-router 192.168.124.1 
 dns-server 192.168.120.22 
 domain-name weberlab.de
!
ip dhcp pool VLAN128-Clients
 network 192.168.128.0 255.255.255.0
 dns-server 192.168.120.22 
 domain-name weberlab.de
 default-router 192.168.128.1 
!
ip dhcp pool VLAN129-Clients
 network 192.168.129.0 255.255.255.0
 default-router 192.168.129.1 
 dns-server 192.168.120.22 
 domain-name weberlab.de
!
!
ip domain name weberlab.de
ip name-server 2003:DE:2016:120::A08:53
ipv6 unicast-routing
ipv6 cef
ipv6 dhcp pool VLAN124-Clients
 dns-server 2003:DE:2016:120::A08:53
 domain-name weberlab.de
!
ipv6 dhcp pool VLAN128-Clients
 dns-server 2003:DE:2016:120::A08:53
 domain-name weberlab.de
!
ipv6 dhcp pool VLAN129-Clients
 dns-server 2003:DE:2016:120::A08:53
 domain-name weberlab.de
!
!
multilink bundle-name authenticated
!
!
!
!
!
!
key chain EIGRP-Bose-Password
 key 1
  key-string 7 0034000708565A575617495C1A485542
!
!
!
!
!
!
voice-card 0
!
crypto pki token default removal timeout 0
!
!
!
!
license udi pid CISCO2811 sn FCZ093171JF
archive
 path scp://iosarchive:[email protected]/$h-$t
 write-memory
username weberjoh privilege 15 secret 5 $1$dZt.$HTgDJhM2cEld9SBRSrFfX1
!
redundancy
!
!
ip ssh logging events
ip ssh version 2
ip ssh dh min size 2048
ip ssh pubkey-chain
  username weberjoh
   key-hash ssh-rsa F6CB07741AC18888F65459330E8F2363 
  quit
ip scp server enable
! 
!
!
!
!
!
!
!
interface Loopback0
 ip address 192.168.255.13 255.255.255.255
 ipv6 address 2003:DE:2016:1FF::13/128
!
interface Tunnel0
 ip address 172.16.255.2 255.255.255.252
 keepalive 10 3
 tunnel source Loopback0
 tunnel destination 192.168.255.11
!
interface Tunnel1
 ip address 172.16.255.6 255.255.255.252
 tunnel source Loopback0
 tunnel mode gre ipv6
 tunnel destination 2003:DE:2016:1FF::11
!
interface FastEthernet0/0
 description Uplink zu S2 Port 2
 no ip address
 duplex auto
 speed auto
!
interface FastEthernet0/0.124
 description VLAN124-Clients
 encapsulation dot1Q 124
 ip address 192.168.124.1 255.255.255.0
 ipv6 address 2003:DE:2016:124::1/64
 ipv6 nd other-config-flag
!
interface FastEthernet0/0.127
 description Uplink Transfer Segment
 encapsulation dot1Q 127
 ip address 192.168.127.2 255.255.255.0
 ipv6 address 2003:DE:2016:127::2/64
 ipv6 nd ra suppress all
!
interface FastEthernet0/0.128
 description VLAN128-Clients
 encapsulation dot1Q 128
 ip address 192.168.128.1 255.255.255.0
 ipv6 address 2003:DE:2016:128::1/64
 ipv6 nd other-config-flag
!
interface FastEthernet0/0.129
 description VLAN129-Clients
 encapsulation dot1Q 129
 ip address 192.168.129.1 255.255.255.0
 ipv6 address 2003:DE:2016:129::1/64
 ipv6 nd other-config-flag
!
interface FastEthernet0/1
 no ip address
 shutdown
 duplex auto
 speed auto
!
!
router eigrp Bose
 !
 address-family ipv4 unicast autonomous-system 4711
  !
  af-interface default
   authentication mode md5
   authentication key-chain EIGRP-Bose-Password
   passive-interface
  exit-af-interface
  !
  af-interface FastEthernet0/0.127
   summary-address 192.168.128.0 255.255.254.0
   no passive-interface
  exit-af-interface
  !
  topology base
  exit-af-topology
  network 192.168.124.0
  network 192.168.127.0
  network 192.168.128.0
  network 192.168.129.0
  network 192.168.255.13 0.0.0.0
  eigrp router-id 192.168.255.13
  eigrp stub connected summary
 exit-address-family
 !
 address-family ipv6 unicast autonomous-system 4711
  !
  af-interface default
   authentication mode md5
   authentication key-chain EIGRP-Bose-Password
   passive-interface
  exit-af-interface
  !
  af-interface FastEthernet0/0.127
   summary-address 2003:DE:2016:128::/63
   no passive-interface
  exit-af-interface
  !
  topology base
  exit-af-topology
  eigrp router-id 192.168.255.13
  eigrp stub connected summary
 exit-address-family
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
!
ip access-list standard snmp-access-v4
 permit 192.168.120.0 0.0.0.255
 deny   any
ip access-list standard vty-access-v4
 permit 192.168.0.0 0.0.255.255 log
 deny   any log
!
logging trap debugging
logging host ipv6 2003:DE:2016:120::B10:514
!
!
!
!
snmp-server community n5rAD1ig314IqfioYBWw RO ipv6 snmp-access-v6 snmp-access-v4
snmp-server ifindex persist
snmp-server location On the top of the rack
snmp-server contact Johannes Weber
!
!
!
!
ipv6 access-list snmp-access-v6
 permit ipv6 2003:DE:2016:120::/64 any
 deny ipv6 any any
!
ipv6 access-list vty-access-v6
 permit ipv6 2003:DE:2016::/48 any log
 deny ipv6 any any log
!
control-plane
!
!
!
!
mgcp profile default
!
!
!
!
!
banner login ^C######################################
#         Webernetz.net Labor        #
# Finger weg wenn du nicht ich bist! #
######################################
^C
!
line con 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
 history size 100
line aux 0
line vty 0 4
 access-class vty-access-v4 in
 exec-timeout 0 0
 privilege level 15
 ipv6 access-class vty-access-v6 in
 logging synchronous
 history size 100
 transport input ssh
!
scheduler allocate 20000 1000
ntp authentication-key 1 md5 113B3301213D15204E160B00626818722E133E4658 7
ntp authentication-key 2 md5 0650583F671F383B40360C161938192771057A3C67 7
ntp authentication-key 3 md5 050E2104106F47544C365B1C080317312771131A3C 7
ntp authenticate
ntp trusted-key 1
ntp trusted-key 2
ntp trusted-key 3
ntp update-calendar
ntp server ipv6 2.de.pool.ntp.org
ntp server ntp1.weberlab.de key 1
ntp server ntp2.weberlab.de key 2
ntp server ntp3.weberlab.de key 3 prefer
ntp server ipv6 2.pool.ntp.org
end

HSRP, VRRP, GLBP

At least for those FHRP protocols I have not yet shown any details in other blogposts. I won’t open another big thing here but want to list a few show commands for them. As already described above I am using VRRP for IPv4 and HSRP for IPv6 on the gi0/0 interfaces from R4 and R5, while two instances of GLBP for IPv6 and IPv4 on the gi0/1 interfaces.

HSRP:

R4#show standby brief
                     P indicates configured to preempt.
                     |
Interface   Grp  Pri P State   Active          Standby         Virtual IP
Gi0/0       25   110 P Active  local           FE80::225:45FF:FE60:17C0
                                                               FE80::5:73FF:FEA0:19
R4#
R4#
R4#show standby
GigabitEthernet0/0 - Group 25 (version 2)
  State is Active
    1 state change, last state change 10:07:55
  Virtual IP address is FE80::5:73FF:FEA0:19
  Active virtual MAC address is 0005.73a0.0019
    Local virtual MAC address is 0005.73a0.0019 (v2 IPv6 default)
  Hello time 3 sec, hold time 10 sec
    Next hello sent in 1.968 secs
  Authentication MD5, key-string
  Preemption enabled
  Active router is local
  Standby router is FE80::225:45FF:FE60:17C0, priority 100 (expires in 8.928 sec)
  Priority 110 (configured 110)
    Track object 25 state Up decrement 20
  Group name is "hsrp-Gi0/0-25" (default)
R4#

VRRP:

R4#show vrrp brief
Interface          Grp Pri Time  Own Pre State   Master addr     Group addr
Gi0/0              24  110 3570       Y  Master  192.168.120.24  192.168.120.4
R4#
R4#
R4#show vrrp
GigabitEthernet0/0 - Group 24
  State is Master
  Virtual IP address is 192.168.120.4
  Virtual MAC address is 0000.5e00.0118
  Advertisement interval is 1.000 sec
  Preemption enabled
  Priority is 110
    Track object 24 state Up decrement 20
  Authentication MD5, key-string
  Master Router is 192.168.120.24 (local), priority is 110
  Master Advertisement interval is 1.000 sec
  Master Down interval is 3.570 sec
 
R4#

GLBP:

R4#show glbp brief
Interface   Grp  Fwd Pri State    Address         Active router   Standby router
Gi0/1       136  -   150 Active   FE80::7:B4FF:FE00:8800
                                                  local           FE80::225:45FF:FE60:17C1
Gi0/1       136  1   -   Listen   0007.b400.8801  FE80::225:45FF:FE60:17C1
                                                                  -
Gi0/1       136  2   -   Active   0007.b400.8802  local           -
Gi0/1       137  -   100 Standby  192.168.121.137 192.168.121.5   local
Gi0/1       137  1   -   Listen   0007.b400.8901  192.168.121.5   -
Gi0/1       137  2   -   Active   0007.b400.8902  local           -
R4#
R4#
R4#show glbp
GigabitEthernet0/1 - Group 136
  State is Active
    1 state change, last state change 10:08:28
  Virtual IP address is FE80::7:B4FF:FE00:8800 (auto-configured)
  Hello time 3 sec, hold time 10 sec
    Next hello sent in 2.432 secs
  Redirect time 600 sec, forwarder timeout 14400 sec
  Authentication MD5, key-string
  Preemption enabled, min delay 0 sec
  Active is local
  Standby is FE80::225:45FF:FE60:17C1, priority 100 (expires in 9.184 sec)
  Priority 150 (configured)
  Weighting 100 (default 100), thresholds: lower 1, upper 100
  Load balancing: round-robin
  Group members:
    0015.626a.fef1 (FE80::215:62FF:FE6A:FEF1) local
    0025.4560.17c1 (FE80::225:45FF:FE60:17C1) authenticated
  There are 2 forwarders (1 active)
  Forwarder 1
    State is Listen
    MAC address is 0007.b400.8801 (learnt)
    Owner ID is 0025.4560.17c1
    Redirection enabled, 599.200 sec remaining (maximum 600 sec)
    Time to live: 14399.200 sec (maximum 14400 sec)
    Preemption enabled, min delay 30 sec
    Active is FE80::225:45FF:FE60:17C1 (primary), weighting 100 (expires in 9.248 sec)
    Client selection count: 1
  Forwarder 2
    State is Active
      1 state change, last state change 10:07:54
    MAC address is 0007.b400.8802 (default)
    Owner ID is 0015.626a.fef1
    Redirection enabled
    Preemption enabled, min delay 30 sec
    Active is local, weighting 100
GigabitEthernet0/1 - Group 137
  State is Standby
    1 state change, last state change 10:08:18
  Virtual IP address is 192.168.121.137
  Hello time 3 sec, hold time 10 sec
    Next hello sent in 0.544 secs
  Redirect time 600 sec, forwarder timeout 14400 sec
  Authentication MD5, key-string
  Preemption enabled, min delay 0 sec
  Active is 192.168.121.5, priority 150 (expires in 8.672 sec)
  Standby is local
  Priority 100 (default)
  Weighting 100 (default 100), thresholds: lower 1, upper 100
  Load balancing: round-robin
  Group members:
    0015.626a.fef1 (192.168.121.4) local
    0025.4560.17c1 (192.168.121.5) authenticated
  There are 2 forwarders (1 active)
  Forwarder 1
    State is Listen
    MAC address is 0007.b400.8901 (learnt)
    Owner ID is 0025.4560.17c1
    Time to live: 14397.920 sec (maximum 14400 sec)
    Preemption enabled, min delay 30 sec
    Active is 192.168.121.5 (primary), weighting 100 (expires in 9.152 sec)
  Forwarder 2
    State is Active
      1 state change, last state change 10:07:52
    MAC address is 0007.b400.8902 (default)
    Owner ID is 0015.626a.fef1
    Preemption enabled, min delay 30 sec
    Active is local, weighting 100
R4#

That’s It

This was my last blogpost concerning CCNP exam topics. At least for now. I got the certificate on Feb 27, 2018. :D

After three books, 1600 pages, many days in my lab with approx 30 network protocols, etc. I passed my #CCNP certification today. Cheers! pic.twitter.com/Ovv4AAOXJO

— Johannes Weber :guitar: (@webernetz) February 27, 2018

Thanks for watching. ;) “And don’t forget to hit the subscribe button!”

For more posts about routing/switching you can follow the “Routing” or “Switching” categories concerning various firewall/router vendors, or the “Cisco Router“/”Cisco Switch” tags for posts related to Cisco stuff.

Featured image “ Frankfurt Main Panorama ” by tausend und eins, fotografie is licensed under CC BY 2.0 .

阅读原文...


微信扫一扫,分享到朋友圈

My CCNP TSHOOT Lab: The Overall Picture
0

Webernetz

Now it’s easier to protect your browsing privacy on iOS devices with 1.1.1.1 app

上一篇

More companies want fairness to open source license enforcement

下一篇

评论已经被关闭。

插入图片

热门分类

往期推荐

My CCNP TSHOOT Lab: The Overall Picture

长按储存图像,分享给朋友