Ccie Tshoot v5.0 Demo

!"#$%&'" )*+,-.'/0++12%3 4456 7+,12%3 8 9:21&02%3 ;<= :::<>2&*+%2&/)*$2%2%3<&+?

CCIE R&S by Narbik Kocharians

Advanced CCIE R&S Work Book v5.0 © 2014 Narbik Kocharians. All rights reserved

Page 1 of 65

Troubleshooting Switching Scenario 1

• • •

@A BA) *'?+#' $%C &+??$%"D/ ,%.'// +10'*:2/' /1$1'" @A BA) &0$%3' 10' EF!B $//23%?'%1 G+, ?,/1 -' E67G /H'&2I2& :0'% *'/+.#2%3 10'/' 1$/J/

!" $%& !' ($% )*+ ,-.$/01-2 $% *345 -,--16%7 *345 1- (6%819:;,& 6% .2, 5<=<> $%& .2, 066?/$(@ < 1%.,;8$(,- 68 .2,-, .A6 ;6:.,;-7

F'1K/ #'*2IC 10' H*+-.'?L

On R1: R1#Show ip ospf neighbor R1#

F'1K/ #'*2IC *'$&0$-.2.21C -C M2%32%3 7N I*+? 7O -,1 -'I+*' :' &$% H2%3 .'1K/ I2%" +,1 10' 5M $""*'// +I 10'2* P=D= 2%1'*I$&'L R1#Show run int f0/0 | B interface interface FastEthernet0/0 ip address 10.1.1.1 255.255.255.0 duplex auto speed auto end

On R2: R2#Show run int f0/0 | B interface interface FastEthernet0/0 ip address 10.1.1.2 255.255.255.0



Page 2 of 65

duplex auto speed auto end

On R1: R1#Ping 10.1.1.2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.1.1.2, timeout is 2 seconds:

.!!!! Success rate is 80 percent (4/5), round-trip min/avg/max = 1/1/1 ms M2%3 2/ /,&&'//I,.< 5/ A9MP &+%I23,*'" +% 10' &+**'&1 2%1'*I$&'/Q F'1K/ #'*2ICL

On R1: R1#Show ip ospf interface brief

Interface

PID

Area

IP Address/Mask

Cost

State Nbrs F/C

Lo0 Fa0/0

1 1

0 0

1.1.1.1/24 10.1.1.1/24

1 1

LOOP DR

0/0 0/0

On R2: R2#Show ip ospf interface brief

Interface

PID

Area

IP Address/Mask

Cost

State Nbrs F/C

Lo0 Fa0/0

1 1

0 0

2.2.2.2/24 10.1.1.2/24

1 1

LOOP DR

0/0 0/0

R$/'" +% 10' +,1H,1 +I 10' $-+#' /0+: &+??$%"/ A9MP :$/ &+%I23,*'" +% 10' &+**'&1 2%1'*I$&'/< F'1K/ #'*2IC 10' &+%I23,*$12+% +I A9MP +% 10'/' 1:+ *+,1'*/L R2#Show run | s router ospf router ospf 1 network 2.2.2.2 0.0.0.0 area 0 network 10.1.1.2 0.0.0.0 area 0

On R1: R1#Show run | s router ospf



Page 3 of 65

router ospf 1 network 1.1.1.1 0.0.0.0 area 0 network 10.1.1.1 0.0.0.0 area 0

B+ I2.1'*2%3 :0$1/+'#'*< F'1K/ &0'&J 9SO $%" /'' 2I 10' EF!B/ $*' &+%I23,*'"L

On SW1: SW1#Show vlan brief | Exc unsup

VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------1

default

active

Fa0/4, Fa0/6, Fa0/8, Fa0/9 Fa0/10, Fa0/17, Fa0/18, Fa0/20 Fa0/21, Fa0/22, Fa0/23, Fa0/24 Gi0/1, Gi0/2

12

VLAN0012

active

Fa0/1, Fa0/2

21 34 56 186 196 296 339 691 946

VLAN0021 VLAN0034 VLAN0056 VLAN0186 VLAN0196 VLAN0296 VLAN0339 VLAN0691 VLAN0946

active active active active active active active active active

Fa0/7 Fa0/3 Fa0/5 Fa0/13 Fa0/11 Fa0/12 Fa0/14 Fa0/15 Fa0/16

F'1K/ &0'&J 10' &+%I23,*$12+% +I P=DO $%" P=DNL SW1#Show run int f0/1 | B inter interface FastEthernet0/1 switchport access vlan 12 switchport mode access spanning-tree portfast end SW1#Show run int f0/2 | B inter interface FastEthernet0/2 switchport access vlan 12 switchport mode access spanning-tree portfast end

!*' 10'/' *+,1'*/ &+%%'&1'" 1+ 10' &+**'&1 /:21&0Q >$C -' 10'*' 2/ $ H*+-.'? :210 10' "2$3*$?L CCIE R&S by Narbik Kocharians


Page 4 of 65

On SW1: SW1#Show cdp neighbors | Inc R1|R2

R2 R1

Fas 0/2 Fas 0/1

154 124

R S I R S I

2811 2811

Fas 0/0 Fas 0/0

F'1K/ /'' 2I 10'*' 2/ $% $&&'//T.2/1 +* $% $&&'//T?$H &+%I23,*'" +% 102/ /:21&0L SW1#Show access-list Extended IP access list 100 10 permit icmp any any

9,*' '%+,30 $% $&&'//T.2/1 2/ &+%I23,*'"U -,1 21 2/ ABFG $..+:2%3 54>MU .'1K/ /'' :0$1 &+%I23,*$12+% +% 102/ /:21&0 2/ &$..2%3 10' $&&'//T.2/1L SW1#Show run | inc 100

match ip address 100 access-list 100 permit icmp any any )0'*' ?,/1 -' $ *+,1'T?$H +* $ EF!B !&&'//T?$H *'I'*'%&2%3 $&&'//T.2/1 O==U .'1K/ #'*2ICL SW1#Show run | i route-map SW1# SW1#Show run | Inc vlan access-map

vlan access-map tst 10 F'1K/ &0'&J 102/ #.$% $&&'//T?$HL SW1#Show run | B vlan access-map vlan access-map tst 10 action forward match ip address 100 vlan filter tst vlan-list 1-4094

(The rest of the output is omitted) :+:V:' &$% &.'$*.C /'' 10' H*+-.'?U 10' EF!B $&&'//T?$H 2/ *'I'*'%&2%3 $&&'//T.2/1 O== :02&0 ABFG H'*?21/ 54>M $%" I+*:$*"/ 21U $%" /2%&' 10'*' 2/ %+ +10'* /1$1'?'%1 10$1 H'*?21/ 10' *'/1 +I 10' 1*$II2&U A9MP 1*$II2& 2/ "*+HH'"< 92%&' :' &$% BA) *'?+#' $%C &+%I23,*$12+% $%" :' 0$#' 1+ -' #'*C /H'&2I2& :0'%



Page 5 of 65

:' *'/+.#' 102/ 12&J'1U .'1K/ H'*?21 A9MP +% $&&'//T.2/1 O==L

Access-list 100 permit ospf any any SW1(config)# F'1K/ &0'&J 7OL

On R1: A%&' :' &+%%'&1 1+ 7OK/ &+%/+.' :' /0+,." /'' 10' I+..+:2%3 ?'//$3' 10$1 2/ &+%I2*?2%3 A9MPK/ $"W$&'%&CL

%OSPF-5-ADJCHG: Process 1, Nbr 2.2.2.2 on FastEthernet0/0 from LOADING to FULL, Loading Done R1#Show ip route ospf

O

2.0.0.0/32 is subnetted, 1 subnets 2.2.2.2 [110/2] via 10.1.1.2, 00:01:15, FastEthernet0/0

M'*I'&1<

!B $%& !C ($% )*+ 41%9 ,$(2 6.2,;7 +2,-, .A6 ;6:.,;- $;, 1% DEF) BC> !B 1- (6%%,(.,& .6 3G" $%& !C 1- (6%%,(.,& .6 3G'> .2, 5<="H 1%.,;8$(,- 68 .2,-, .A6 -A1.(2,- $;, (6%819:;,& $- $ .;:%@ 01%@7

F'1K/ &+%I2*? 10' H*+-.'?L


..... Success rate is 0 percent (0/5) F'1K/ &0'&J 10' !7M 1$-.'L



Page 6 of 65

R3#Show arp Protocol Internet

Address 34.1.1.3

Internet

34.1.1.4

Age (min) -

0

Hardware Addr 0007.b35b.8310

Type ARPA

Incomplete

ARPA

Interface FastEthernet0/0

F'1K/ &0'&J $%" /'' 2I 10'*' 2/ $% $&&'//T.2/1 &+%I23,*'" +% 7X +* 7YL

On R3: R3#Show access-list R3#

On R4: R4#Show access-list R4#

F'1K/ &0'&J 10' /:21&0'/ Z9SO $%" 9SN[L

On SW1: SW1#Show run int f0/3 | B interface interface FastEthernet0/3

switchport access vlan 34 switchport mode access spanning-tree portfast end

On SW2: SW2#Show run int f0/4 | B interface interface FastEthernet0/4


Let’s check the trunk: On SW1:



Page 7 of 65

SW1#Show interface trunk Port Fa0/19

Mode on

Encapsulation 802.1q

Status trunking

Native vlan 1

Port Fa0/19

Vlans allowed on trunk 1-4094

Port Fa0/19

Vlans allowed and active in management domain 1,12,21,34,56,186,196,296,339,691,946

Port Fa0/19

Vlans in spanning tree forwarding state and not pruned 1,12,21,34,56,186,196,296,339,691,946

On SW2: SW2#Show interface F0/19 trunk Port Fa0/19

Mode on

Encapsulation isl

Status trunking

Native vlan 1

Port Fa0/19


Port Fa0/19

Vlans allowed and active in management domain 1,33,56,152,339,691

Port Fa0/19

Vlans in spanning tree forwarding state and not pruned 1,33,56,152,339,691

S0C "+%K1 :' /'' EF!B XY 2% 10' \EF!B/ $..+:'" $%" $&12#' 2% ?$%$3'?'%1 "+?$2%]Q

Let’s check the VLANs on SW2 On SW2: SW2#Show vlan brief | Exc unsup VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/7 Fa0/8, Fa0/9, Fa0/10, Fa0/13 Fa0/14, Fa0/15, Fa0/16, Fa0/17 Fa0/18, Fa0/20, Fa0/21, Fa0/22 Fa0/23, Fa0/24, Gi0/1, Gi0/2 21 VLAN0021 active Fa0/12 CCIE R&S by Narbik Kocharians


Page 8 of 65

33 56 152

VLAN0033 VLAN0056 VLAN0152

active active active

Fa0/11 Fa0/6 Fa0/5

6$*.2'* :' /$: 10$1 10' P=DY 2%1'*I$&' :$/ &+%I23,*'" 2% EF!B XYU -,1 21 "+'/ %+1 /0+: ,H 2% 10' .2/1 +I EF!B/U .'1K/ *'H'$1 10' /$?' &+??$%" $%" /'' $.. 10' EF!B/ Z/,HH+*1'" $%" ,%/,HH+*1'"[L

On SW2: SW2#Show vlan brief VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/8 Fa0/9, Fa0/10, Fa0/11, Fa0/12 Fa0/13, Fa0/16, Fa0/17, Fa0/18 Fa0/20, Fa0/21, Fa0/22, Gi0/1 Gi0/2 33 VLAN0033 active Fa0/7

34

VLAN0034

act/unsup Fa0/4

56 152 339 691 1002 1003 1004 1005

VLAN0056 VLAN0152 VLAN0339 VLAN0691 fddi-default token-ring-default fddinet-default trnet-default

active active active active act/unsup act/unsup act/unsup act/unsup

Fa0/6 Fa0/5 Fa0/14 Fa0/15

9,*' '%+,30 :' &$% /'' 10' EF!B -,1 :0C "+'/ 21 0$#' $% \ $&1D,%/,H] /1$1,/Q F'1K/ #'*2ICL

On SW2: SW2#Show vlan id 34 VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------34 VLAN0034 act/unsup Fa0/4, Fa0/19

VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2 ---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ -----1500 0 0 34 fddi 100034 Remote SPAN VLAN ---------------Disabled Primary Secondary Type CCIE R&S by Narbik Kocharians

Ports Advanced CCIE R&S Work Book v5.0 © 2014 Narbik Kocharians. All rights reserved

Page 9 of 65

------- --------- ----------------- ------------------------------------------

S' &$% &.'$*.C /'' 10' H*+-.'?U 10' ?'"2$ 1CH' :$/ &0$%3'"U .'1K/ &+**'&1 10' H*+-.'? $%" #'*2ICL

On SW2: Vlan 34 SW2(config)# SW2(config-vlan)# media ethernet SW2(config-vlan)#Exit

To verify the configuration: On SW2: SW2#Show vlan brief | Exc unsup

VLAN Name

Status

Ports

---- -------------------------------- --------- ------------------------------1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/8 Fa0/9, Fa0/10, Fa0/11, Fa0/12 Fa0/13, Fa0/16, Fa0/17, Fa0/18 Fa0/20, Fa0/21, Fa0/22, Gi0/1 Gi0/2 33 VLAN0033 active Fa0/7

34

VLAN0034

active

Fa0/4

56 152 339 691

VLAN0056 VLAN0152 VLAN0339 VLAN0691

active active active active

Fa0/6 Fa0/5 Fa0/14 Fa0/15

)02/ .++J/ ?,&0 -'11'*U .'1K/ #'*2IC EF!B XY +% 10' 1*,%JL SW2#Show interface F0/19 trunk Port Fa0/19

Mode on

Encapsulation isl

Port Fa0/19


Port Fa0/19

Vlans allowed and active in management domain 1,21,33-34,56,152,339,691

Port Fa0/19

Vlans in spanning tree forwarding state and not pruned 1,21,33-34,56,152,339,691


Status trunking


Native vlan 1

Page 10 of 65

Let’s test the solution: On R3: R3#Ping 34.1.1.4 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 34.1.1.4, timeout is 2 seconds:

..... Success rate is 0 percent (0/5) F'1K/ &0'&J 10' !7M 1$-.'L R3#Show arp Protocol Internet

Address 34.1.1.3

Internet

34.1.1.4

Age (min) -

0


Type ARPA

Incomplete

ARPA


S0C &$%K1 :' H2%3Q )0' 1*,%J 2/ ,HU 10' EF!B 2/ 2% $&1 /1$1'U :0$1 './' &$% -' :*+%3Q F'1K/ &0'&J 10' 1*,%J/ 2% "'1$2. +%' ?+*' 12?'L

On SW1: SW1#Sh interface trunk Port

Mode

Encapsulation

Status

Native vlan

Fa0/19

on

802.1q

trunking

1

Port Fa0/19


Port Fa0/19


Port Fa0/19


F'1K/ /,??$*2^' 10' +,1H,1 +I 10' $-+#' /0+: &+??$%"L • • • •

)0' 1*,%J 2%1'*I$&' 2/ P=DO_ >+"' 2/ AB 6%&$H/,.$12+% 2/ `=N

Page 11 of 65

•

B$12#' EF!B 2/ O

Let’s check the trunk on SW2 On SW2: SW2#Show interface trunk

Port

Mode

Encapsulation

Status

Native vlan

Fa0/19

on

isl

trunking

1

Port Fa0/19


Port Fa0/19

Vlans allowed and active in management domain 1,21,33-34,56,152,339,691

Port Fa0/19

Vlans in spanning tree forwarding state and not pruned 1,21,33-34,56,152,339,691

S' &$% /'' 10' H*+-.'?U 9SO 2/ &+%I23,*'" :210 $% '%&$H/,.$12+% +I `=N
On SW2: SW2(config)#Int F0/19 SW2(config-if)#Swi trunk encapsulation dot1q

F'1K/ 1'/1 10' /+.,12+% $3$2%U -,1 :' 0$#' 1+ :$21 X= /'&+%"/ I+* 9)M 1+ &+%#'*3'L


..!!! Success rate is 60 percent (3/5), round-trip min/avg/max = 1/1/1 ms R3#Show arp Protocol Internet

Address 34.1.1.3

Internet

34.1.1.4

Age (min) -


4


Type ARPA


0015.fa03.c3a1

ARPA

FastEthernet0/0


Page 12 of 65

M'*I'&1<<

!I $%& !J ($%K. ,-.$/01-2 $% L19;? $&M$(,%(N7 L19;? F3 "<< 1- (6%819:;,& 6% .2, 5<=< 68 !I $%& .2, 5<=" 1%.,;8$(, 68 !JO !I 1- $&P,;.1-1%9 %,.A6;@- I7I7I7<='C $%& !J 1$&P,;.1-1%9 J7J7J7<='C7

F'1K/ #'*2IC 10' H*+-.'?L

On R5: R5#Show ip eigrp neighbor IP-EIGRP neighbors for process 100 R5#

F'1K/ &0'&J 10' 2%1'*I$&' &+%I23,*$12+% +I 7;L R5#Show run int f0/0 | B inter interface FastEthernet0/0 ip address 56.1.1.5 255.255.255.0 duplex auto speed auto end

)0' 2%1'*I$&' 2/ &+%I23,*'" :210 $ $% 5M $""*'// +I ;b
Interface Lo0 Fa0/0

Peers 0 0

Xmit Queue Un/Reliable 0/0 0/0

Mean SRTT 0 0

Pacing Time Un/Reliable 0/1 0/1

Multicast Flow Timer 0 50

Pending Routes 0 0

4$% :' M2%3 ;b


Page 13 of 65

Sending 5, 100-byte ICMP Echos to 56.1.1.6, timeout is 2 seconds:

.!!!! Success rate is 80 percent (4/5), round-trip min/avg/max = 1/1/4 ms F'1K/ #'*2IC 10' /:21&0H+*1 10$1 7; 2/ &+%%'&1'" 1+L

On SW1: SW1#Sh run int f0/5 | B inter interface FastEthernet0/5

switchport access vlan 56 switchport mode access end

)0' &+%I23,*$12+% 2/ &+**'&1U .'1K/ #'*2IC 10' EF!B +% 10' 1*,%JL SW1#Show interface trunk Port Fa0/19

Mode on


Status trunking

Native vlan 1

Port Fa0/19


Port Fa0/19


Port Fa0/19


6#'*C102%3 .++J/ 1+ -' &+**'&1.C &+%I23,*'"< F'1K/ &0'&J 9SNL

On SW2: SW2#Show inter trunk Port Fa0/19 Fa0/23 Fa0/24

Mode on on on

Encapsulation 802.1q 802.1q 802.1q

Port Fa0/19 Fa0/23

Vlans allowed on trunk 1-4094 1-4094


Status trunking trunking trunking


Native vlan 1 1 1

Page 14 of 65

Fa0/24

1-4094

Port Fa0/19 Fa0/23 Fa0/24

Vlans allowed and active in management domain 1,21,33-34,56,152,339,691 1,21,33-34,56,152,339,691 1,21,33-34,56,152,339,691


Vlans in spanning tree forwarding state and not pruned 1,21,33-34,56,152,339,691 1,21,33-34,56,152,339,691 21,34,56,152

)0' 1*,%J 2/ &+%I23,*'" 1+ &$**C 10' EF!BU -,1 :' 0$#' 1:+ $""212+%$. 1*,%J/U .'1K/ /'' :02&0 H+*1 2/ I+*':$*"2%3 10' 1*$II2& I+* EF!B ;bL SW2#Show spanning-tree Vlan 56 VLAN0056 Spanning tree enabled protocol ieee Root ID Priority 32824 Address 0014.a934.b880 Cost 19 Port 21 (FastEthernet0/19) Hello Time 2 sec Max Age 20 sec Bridge ID

Forward Delay 15 sec

Priority 32824 (priority 32768 sys-id-ext 56) Address 001b.2be5.1200 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 300

Interface Role Sts Cost Prio.Nbr Type ---------------- ---- --- --------- -------- ----------------------------

Fa0/6 Fa0/19

Desg FWD 19 Root FWD 19

128.8 128.21

Edge P2p P2p

Fa0/23 Fa0/24

Desg FWD 19 Desg FWD 19

128.25 128.26

P2p P2p

)0' H+*1 10$1 7b 2/ &+%%'&1'" 1+ 2/ 2% PS@ /1$1'U 10' *++1 H+*1 I+* 102/ EF!B 2/ P=DO_ 2%1'*I$&'U 2I 102/ 2/ &+**'&1U 10'%U 9SO ?,/1 -' 10' *++1 I+* 102/ E.$%< F'1K/ #'*2ICL

On SW1: SW1#Show spanning-tree root Root


Hello Max Fwd


Page 15 of 65

Vlan ---------------VLAN0001 VLAN0012 VLAN0021 VLAN0034

VLAN0056 VLAN0186 VLAN0196 VLAN0296 VLAN0339 VLAN0691 VLAN0946

Root ID Cost Time Age Dly -------------------- --------- ----- --- --32769 000c.302d.9980 57 2 20 15 32780 0012.7f40.9380 0 2 20 15 32789 0012.7f40.9380 0 2 20 15 32802 0012.7f40.9380 0 2 20 15

32824 0012.7f40.9380 32954 32964 33064 33107 33459 33714

0012.7f40.9380 0012.7f40.9380 0012.7f40.9380 000c.302d.9980 000c.302d.9980 0012.7f40.9380

0

2

20

15

0 0 0 57 57 0

2 2 2 2 2 2

20 20 20 20 20 20

15 15 15 15 15 15

Root Port ---------Fa0/19

Fa0/19 Fa0/19

M'*I'&1U .'1K/ #'*2IC 10' &+%I23,*$12+% +I 9SNK/ P=Db 2%1'*I$&'L

On SW2: SW2#Show run int f0/6 | B inter interface FastEthernet0/6

switchport access vlan 56 switchport mode access

storm-control multicast level 0.00 spanning-tree portfast end

S' /'' 10' H*+-.'?U 10' \91+*?T&+%1*+.] &+??$%" 2/ -.+&J2%3 $.. >,.12&$/1 1*$II2& -C /'112%3 21/ .'#'. 1+ =<==U -,1 /2%&' :' &$% BA) &+%I23,*' $%C +I 10' /:21&0'/ 1+ *'/+.#' 102/ 12&J'1U .'1K/ &+%I23,*' 10' *+,1'*/ 1+ '/1$-.2/0 $% $"W$&'%&C ,/2%3 ,%2&$/1L

On R5: R5(config)#Router eigrp 100 Neighbor 56.1.1.6 F0/0 R5(config-router)#

On R6: R6(config)#Router eigrp 100 Neighbor 56.1.1.5 F0/1 R6(config-router)#

Let’s verify the configuration: On R6:



Page 16 of 65

R6#Show ip eigrp neighbors EIGRP-IPv4 Neighbors for AS(100) R5#

S0$1 './' &$% -' :*+%3Q )0' *+,1'*/ $*' BA) &+%I23,*'" :210 $% $&&'//T.2/1U F'1K/ '%$-.' \"'-,3 2H H$&J'1 "'1$2.] $%" 12' $% $&&'//T .2/1 1+ 21 $%" $%$.C^' 10' +,1H,1L

On R5: R'I+*' &+%I23,*2%3 $%C $&&'//T.2/1U 10' \90+: $&&'//T.2/1] ?,/1 -' ,/'" 1+ &+%I2*? 10$1 %+ +10'* $&&'//T.2/1 2/ ,/2%3 10' /$?' %,?-'*< R5#Show access-list R5# R5(config)#access-list 100 permit eigrp host 56.1.1.6 host 56.1.1.5 R5(config)#access-list 100 permit eigrp host 56.1.1.5 host 56.1.1.6 R5#Debug ip packet det 100 IP packet debugging is on (detailed) for access list 100

IP: s=56.1.1.5 proto=88 IP: s=56.1.1.5 proto=88 IP: s=56.1.1.5 proto=88 IP: s=56.1.1.5 proto=88 IP: s=56.1.1.5 proto=88 IP: s=56.1.1.5 proto=88

(local), d=56.1.1.6 (FastEthernet0/0), len 60, sending, (local), d=56.1.1.6 (FastEthernet0/0), len 60, sending, (local), d=56.1.1.6 (FastEthernet0/0), len 60, sending, (local), d=56.1.1.6 (FastEthernet0/0), len 60, sending, (local), d=56.1.1.6 (FastEthernet0/0), len 60, sending, (local), d=56.1.1.6 (FastEthernet0/0), len 60, sending,

51 .++J/ .2J' 7; 2/ /'%"2%3 ,%2&$/1 0'..+/ -,1 %+1 *'&'2#2%3 $%C102%3 I*+? 7b< F'1K/ "+ 10' /$?' +% 7bL

On R6: R6#Show access-list R6# R6(config)#access-list 100 permit eigrp host 56.1.1.6 host 56.1.1.5



Page 17 of 65

R6(config)#access-list 100 permit eigrp host 56.1.1.5 host 56.1.1.6 R6#Debug ip packet det 100 IP packet debugging is on (detailed) for access list 100

s=56.1.1.6 (local), proto=88 s=56.1.1.6 (local), packet, proto=88 s=56.1.1.6 (local), proto=88 s=56.1.1.6 (local), packet, proto=88 s=56.1.1.6 (local), proto=88 s=56.1.1.6 (local), packet, proto=88

d=56.1.1.5 (FastEthernet0/1), len 60, sending, d=56.1.1.5 (FastEthernet0/1), len 60, sending full d=56.1.1.5 (FastEthernet0/1), len 60, sending, d=56.1.1.5 (FastEthernet0/1), len 60, sending full d=56.1.1.5 (FastEthernet0/1), len 60, sending, d=56.1.1.5 (FastEthernet0/1), len 60, sending full

51 .++J/ .2J' 7; 2/ /'%"2%3 ,%2&$/1 c'..+/ 1+ 7b -,1 %+1 *'&'2#2%3 $%CU $%" 7b 2/ /'%"2%3 d%2&$/1 c'..+/ 1+ 7; -,1 21 2/ BA) *'&'2#2%3 $%C I*+? 7;< F'1K/ &0'&J 10' /:21&0'/ I+* $% $&&'//T.2/1L

On SW1: SW1#Show access-list Extended IP access list 100 10 permit icmp any any 20 permit ospf any any

!cVVV)02/ $&&'//T.2/1 :$/ *'I'*'%&'" -C $ E.$% $&&'//T?$H $%" 21 2/ ABFG $..+:2%3 54>M $%" A9MP $%" BA) 623*H< F'1K/ $"" 623*H 1+ 10' $&&'//T.2/1 $%" #'*2IC $3$2%L

On SW1 SW1(config)# Access-list 100 permit eigrp any any

To verify the configuration: On R5: 5% 10' +,1H,1 +I 10' "'-,3U C+, /0+,." /'' 10$1 C+, 0$#' '/1$-.2/0'" 623*H $"W$&'%&C $%" C+, $*' /'%"2%3 $%" *'&'2#2%3 623*H H$&J'1/ I*+? 7bL



Page 18 of 65

%DUAL-5-NBRCHANGE: IP-EIGRP(0) 100: Neighbor 56.1.1.6 (FastEthernet0/0) is up: new adjacency IP: tableid=0, s=56.1.1.6 (FastEthernet0/0), d=56.1.1.5 (FastEthernet0/0), routed via RIB IP: s=56.1.1.6 (FastEthernet0/0), d=56.1.1.5 (FastEthernet0/0), len 60, rcvd 3, proto=88 IP: s=56.1.1.5 (local), d=56.1.1.6 (FastEthernet0/0), len 60, sending, proto=88 R5#Show ip eigrp neighbor IP-EIGRP neighbors for process 100

H

Address

Interface

0

56.1.1.6

Fa0/0

Hold Uptime (sec) 11 00:00:49

SRTT (ms)

RTO

6

200

Q Seq Cnt Num 0

3

R5#Show ip route Eigrp

D

6.0.0.0/24 is subnetted, 1 subnets 6.6.6.0 [90/156160] via 56.1.1.6, 00:01:56, FastEthernet0/0

On Both Routers: R6#U all R5(config)# No access-list 100

M'*I'&1<

!Q ($% )*+ ?1%9 !RK- S<="7'" 1%.,;8$(,7

R'I+*' 10' 12&J'1 2/ #'*2I2'"U .'1K/ I2%" +,1 10' e=DO
On R8: R8#Show run int g0/1.21 | B interface



Page 19 of 65

interface GigabitEthernet0/1.21 encapsulation dot1Q 21 ip address 12.1.1.2 255.255.255.0 end


..... Success rate is 0 percent (0/5) F'1K/ #'*2IC 10' !7M 1$-.'L R7#Show arp

Protocol

Address

Internet

12.1.1.1

Age (min) -

Hardware Addr

Type

24e9.b3ab.4b20

ARPA

Internet

12.1.1.2

0

Incomplete

ARPA

Internet

33.3.3.1

-

24e9.b3ab.4b21

ARPA

Interface GigabitEthernet0/0 GigabitEthernet0/1

F'1K/ &0'&J 9SOL

On SW1: SW1#Show interface F0/7 status Port

Name

Fa0/7

Status

Vlan

Duplex

Speed Type

connected

21

a-full

a-100 10/100BaseTX

SW1#Show vlan brie | Exc unsup VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------1 default active Fa0/4, Fa0/6, Fa0/8, Fa0/9 Fa0/10, Fa0/17, Fa0/18, Fa0/20 Fa0/21, Fa0/22, Fa0/23, Fa0/24 Gi0/1, Gi0/2 12 VLAN0012 active Fa0/1, Fa0/2

21

VLAN0021

active

Fa0/7

34 56 186 196



Fa0/3 Fa0/5 Fa0/13 Fa0/11



Page 20 of 65

296 339 691 946



Fa0/12 Fa0/14 Fa0/15 Fa0/16

)0' +,1H,1 +I 10' $-+#' /0+: &+??$%" *'#'$./ 10$1 EF!B NO 2/ $&12#' $%" H+*1 P=Df :02&0 2/ &+%%'&1'" 1+ 7f 2/ H$*1 +I 102/ E.$%< SW1#Show run int F0/7 | B interface interface FastEthernet0/11


F'1K/ #'*2IC 10' 1*,%J .2%JL SW1#Show interface trunk Port Fa0/19

Mode on


Status trunking

Native vlan 1

Port Fa0/19


Port Fa0/19


Port Fa0/19


5%1'*I$&' P=DO_ 2/ 10' 1*,%J 10$1 &$**2'/ 1*$II2&< F'1K/ /'' 2I 9)M 2/ ,/2%3 102/ H+*1L SW1#Show spanning-tree Vlan 21 VLAN0021 Spanning tree enabled protocol ieee Root ID Priority 32789 Address 0012.7f40.9380 This bridge is the root Hello Time 2 sec Max Age 20 sec Bridge ID

Priority Address


32789 (priority 32768 sys-id-ext 21) 0012.7f40.9380



Page 21 of 65

Hello Time 2 sec Aging Time 300

Max Age 20 sec


Interface Role Sts Cost Prio.Nbr Type ---------------- ---- --- --------- -------- -------------

Fa0/7 Fa0/19

Desg FWD 19 Desg FWD 19

128.9 128.21

Edge P2p P2p

S'..VVV10' 2%1'*I$&' 10$1 7f 2/ &+%%'&1'" 1+ 2/ I+*:$*"2%3 I+* EF!B NOU $%" /+ 2/ 10' P=DO_ 2%1'*I$&'< 92&%' 102/ 2%1'*I$&' 2/ &+%%'&1'" 1+ 9SNU .'1K/ 3+ 1+ 9SN $%" #'*2IC 102/ 2%I+*?$12+%< 7'?'?-'* 10$1 7`K/ e=DO 2%1'*I$&' 2/ &+%%'&1'" 1+ 9SXK/ P=D`<

On SW2: SW2#Show inter trunk Port Fa0/19 Fa0/23 Fa0/24

Mode on on on

Encapsulation 802.1q 802.1q 802.1q

Status trunking trunking trunking

Native vlan 1 1 1


Vlans allowed on trunk 1-4094 1-4094 1-4094


Vlans allowed and active in management domain 1,21,33-34,56,152,339,691 1,21,33-34,56,152,339,691 1,21,33-34,56,152,339,691


Vlans in spanning tree forwarding state and not pruned 1,21,33-34,56,152,339,691 1,21,33-34,56,152,339,691 21,34,56,152

)02/ 2/ /1$*12%3 1+ ?$J' /'%/'U 9SN 2/ ,/2%3 2%1'*I$&'/ P=DNX $%"D+* P=DNY 1+ *'$&0 9SX< F'1K/ /'' 2I 9)M 2/ ,/2%3 10'/' 2%1'*I$&'/L SW2#Show spanning-tree Vlan 21 | B Interface Interface

Role Sts Cost

Prio.Nbr Type

---------------- ---- --- --------- -------- ---------------------------



Page 22 of 65

Fa0/19 Fa0/23 Fa0/24

Root FWD 19 Desg FWD 19 Desg FWD 19

128.21 128.25 128.26

P2p P2p P2p

)0' 1*$II2& I+* EF!B NO &+?'/ 2% 10*+,30 P=DO_ $%" ,/'/ H+*1/ P=DNX $%" P=DNY 1+ *'$&0 9SX< F'1K/ #'*2IC 9SXK/ &+%I23,*$12+%L

On SW3: SW3#Show cdp neighbor Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone

Device ID SW4 SW2 SW2

Local Intrfce

Holdtme

Fas 0/19 Fas 0/24 Fas 0/23

144 156 156

Capability S I S I S I

Platform

Port ID

WS-C3550-2Fas 0/19 WS-C3560-2Fas 0/24 WS-C3560-2Fas 0/23

S' "+%K1 '#'% /'' 7Ù -$/'" +% +,* 1+H+.+3C "2$3*$?U 7`K/ e=DO 2%1'*I$&' /0+,." -' &+%%'&1'" 1+ 9SXK/ P=D` 2%1'*I$&'< F'1K/ &0'&J 7`K/ &+%I23,*$12+%L

On R8: R8#Show run int G0/1.21 | B interface interface GigabitEthernet0/1.21 encapsulation dot1Q 21 ip address 12.1.1.2 255.255.255.0 end

7` 2/ &+%I23,*'" $/ $ 1*,%JU .'1K/ &0'&J 10' 2%1'*I$&' +I 9SX 10$1 7` 2/ &+%%'&1'" 1+L

On SW3: SW3#Show run int f0/8 | B inter interface FastEthernet0/12 switchport trunk encapsulation isl switchport mode trunk end

)0' H+*1 +% 9SX 2/ $./+ &+%I23,*'" $/ $ 1*,%JU -,1 21 2/ ,/2%3 $% 59F '%&$H/,.$12+% $%" BA) `=N


Page 23 of 65

On SW3: SW3(config)#int f0/8 SW3(config-if)#Switch trunk encapsulation dot

F'1K/ &.'$* 10' &"H 1$-.'U :$21 b= /'&+%"/ $%" #'*2IC 10' &+%%'&12#21C ,/2%3 4@ML SW3#Clear cdp table SW3#Show cdp neighbor Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone

Device ID

Local Intrfce

Holdtme

Capability

Platform

Port ID

SW4 SW2 SW2

Fas 0/19 Fas 0/24 Fas 0/23

154 169 169

S I S I S I


R8

Fas 0/8

156

R B S I

CISCO1921/Gig 0/1

Let’s verify and test the solution: On R8: R8#Ping 12.1.1.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 12.1.1.1, timeout is 2 seconds:

..... Success rate is 0 percent (0/5) R8#Show arp Protocol

Address

Internet

12.1.1.1

Internet Internet

12.1.1.2 152.1.1.2

Age (min)

Hardware Addr

Type

0

Incomplete

ARPA

-

000e.d774.2c21 000e.d774.2c21

ARPA ARPA

Interface FastEthernet0/1.21 FastEthernet0/1.152

@+'/ E.$% NO 'g2/1 +% 9SXL

On SW3: SW3#Show vlan brief

VLAN Name

Status

Ports

---- -------------------------------- --------- -------------------------------



Page 24 of 65

1

default

active

33 186 196 296 339 691 946 1002 1003 1004 1005

VLAN0033 VLAN0186 VLAN0196 VLAN0296 VLAN0339 VLAN0691 VLAN0946 fddi-default token-ring-default fddinet-default trnet-default

active active active active active active active act/unsup act/unsup act/unsup act/unsup

Fa0/1, Fa0/2, Fa0/3, Fa0/4 Fa0/5, Fa0/6, Fa0/7, Fa0/10 Fa0/17, Fa0/18, Fa0/20, Fa0/21 Fa0/22, Gi0/1, Gi0/2 Fa0/9 Fa0/13 Fa0/11 Fa0/12 Fa0/14 Fa0/15 Fa0/16

B+U 21 "+'/ %+1U .'1K/ &+%I23,*' E.$% NO $%" :$21 X= /'&+%"/ -'I+*' 1'/12%3L

Vlan 21 SW3(config)# SW3(config-vlan)#Exit 5I 10' \6g21] &+??$%" 2/ BA) ,/'"U 10' E.$% 2/ %+1 &*'$1'"< F'1K/ #'*2IC *'$&0$-2.21CL


.!!!! Success rate is 80 percent (4/5), round-trip min/avg/max = 1/1/4 ms M'*I'&1<

!H ($% )*+ ?1%9 !QK- S<=" 1%.,;8$(,

F'1K/ I2%" +,1 10' 5M $""*'// +I 7fK/ e=DO 2%1'*I$&'L

On R7:



Page 25 of 65

R7#Show run int g0/1 | B interface interface GigabitEthernet0/1 ip address 33.3.3.1 255.255.255.0 duplex auto speed auto end

To verify the problem On R9: R9#Ping 33.3.3.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 33.3.3.1, timeout is 2 seconds:

..... Success rate is 0 percent (0/5) R9#Show arp Protocol Internet

Address 33.3.3.3

Age (min) -

Hardware Addr 000b.be03.54c1

Type ARPA


5/ 102/ 2%1'*I$&' ,HQ R9#Show ip int brief F0/1 Interface

IP-Address

OK? Method Status

Protocol

FastEthernet0/1

33.3.3.3

YES manual up

down

S0C 2/ 102/ 2%1'*I$&' "+:%Q F'1K/ &0'&J 10' /:21&0H+*1 +% 9SX 10$1 102/ *+,1'* 2/ &+%%'&1'" 1+L

On SW3: SW3#Show run int f0/9 | B inter interface FastEthernet0/9 switchport access vlan 33 switchport mode access speed 10 spanning-tree portfast end



Page 26 of 65

)02/ .++J/ &+**'&1U .'1K/ &0'&J 10' /1$1,/ +I 10' P=D_ 2%1'*I$&' +% 102/ /:21&0L SW3#Show interface F0/9 Status Port

Name

Fa0/13

Status

Vlan

notconnect

33

Duplex

auto

Speed Type

10 10/100BaseTX

F'1K/ &0'&J 10' e=DO 2%1'*I$&' +I 7_L

On R9: R9#Show run int f0/1 | B inter interface FastEthernet0/1 ip address 33.3.3.3 255.255.255.0 duplex auto speed 100 end

S' &$% &.'$*.C /'' 10' H*+-.'?U 7_K/ P=DO 2/ &+%I23,*'" :210 $ /H''" +I O== >-H/U :0'*'$/U 10' P=D_ 2%1'*I$&' +% 9SX 2/ &+%I23,*'" :210 O= >-H/< F'1K/ &+%I23,*' 10' P=D_ 2%1'*I$&' +I 9SX :210 $ /H''" +I O== >-H/L

On SW3: SW3(config)#Int F0/9 SW3(config-if)#Speed 100

Interface FastEthernet0/9, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/9, changed state to up )0' $-+#' &+%/+.' ?'//$3' /1$1' 10$1 10' P=D_ 2%1'*I$&' +I 10' .+&$. /:21&0 2/ %+: 2% dMDdM /1$1'<

Let’s try to confirm reachability: On R9: R9#Ping 33.3.3.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 33.3.3.1, timeout is 2 seconds:

.!!!! Success rate is 80 percent (4/5), round-trip min/avg/max = 1/1/4 ms CCIE R&S by Narbik Kocharians


Page 27 of 65

+2, L.2,;(2$%%,0 /,.A,,% 3G' $%& 3GB 1- )*+ (6T1%9 :?7

)+ #'*2IC 10' H*+-.'?L

On SW2: SW2#Show etherchannel summary Flags:

D I H R U u w d

-

down P - in port-channel stand-alone s - suspended Hot-standby (LACP only) Layer3 S - Layer2 in use f - failed to allocate aggregator unsuitable for bundling waiting to be aggregated default port

Number of channel-groups in use: 1 Number of aggregators: 1

Group

Port-channel

Protocol

Ports

------+-------------+-----------+----------------------------------------------23 Po23(SD) PAgP Fa0/23(I) Fa0/24(I)

)0' .'11'* \9] 2% 10' \M+*1T40$%%'.] &+.,?' 1'../ ,/ 10$1 10' M+*1 40$%%'. 2%1'*I$&' 2/ $ .$C'* N 2%1'*I$&' $%" 10' .'11'* \@] 2%"2&$1'/ 10$1 10' /1$1,/ 2/ "+:%< F'1K/ &0'&J 9:XL

On SW3: SW3#Show etherchannel summary Flags:

D I H R U u w d

-


Number of channel-groups in use: 1 CCIE R&S by Narbik Kocharians


Page 28 of 65

Number of aggregators:

1

Group

Ports

Port-channel

Protocol

------+-------------+-----------+-------------------------------------

23

Po23(SD)

PAgP

Fa0/23(I)

Fa0/24(I)

F++J2%3 $1 10' +,1H,1 +I 10' $-+#' /0+: &+??$%"U -+10 /:21&0'/ $*' ,/2%3 M!3MU $%" 10' 610'*&0$%%'. 2/ $ .$C'* N 610'*&0$%%'.U Rd) 21 2/ "+:% Z)0' .'11'* \@] 2% 10' 9@ 2%"2&$1'/ 10$1 21 2/ "+:%[< F'1K/ &0'&J 10' &+%I23,*$12+% +I 10'/' 1:+ /:21&0'/L

On SW2: SW2#Show run int F0/23 | B interface interface FastEthernet0/23 switchport trunk encapsulation dot1q switchport mode trunk

channel-group 23 mode auto end SW3#show run int F0/24 | B interface interface FastEthernet0/24 switchport trunk encapsulation dot1q switchport mode trunk

channel-group 23 mode auto end

On SW3: SW3#Show run int F0/23 | B interface interface FastEthernet0/23 switchport trunk encapsulation dot1q switchport mode trunk

channel-group 23 mode auto end SW3#Show run int F0/24 | B interface interface FastEthernet0/24 switchport trunk encapsulation dot1q switchport mode trunk

channel-group 23 mode auto end CCIE R&S by Narbik Kocharians


Page 29 of 65

)0' +,1H,1 +I 10' $-+#' &+%I23,*$12+% *'#'$./ 10$1 -+10 /:21&0'/ $*' &+%I23,*'" 2% \!,1+] ?+"'U 2% \!,1+] ?+"' %+%' +I 10' /:21&0'/ 2%212$1' 10' %'3+12$12+% H*+&'//< )+ I2g 102/ H*+-.'?U +%.C +%' /2"' %''"/ 1+ -' &0$%3'"L

On SW2: SW2(config)#int range f0/23-24 SW2(config-if-range)#Channel-group 23 mode desirable

G+, /0+,." /'' 10' I+..+:2%3 &+%/+.' ?'//$3'/L

Line protocol on Interface FastEthernet0/23, changed state to down Line protocol on Interface FastEthernet0/24, changed state to down Line protocol on Interface FastEthernet0/23, changed state to up Line protocol on Interface FastEthernet0/24, changed state to up Interface Port-channel23, changed state to up Line protocol on Interface Port-channel23, changed state to up

To verify the configuration: On SW2: SW2#Show etherchannel summary Flags:

D I H R U u w d

-



Group

Port-channel

Protocol

Ports

------+-------------+-----------+-----------------------

23

Po23(SU)

PAgP

Fa0/23(P)

Fa0/24(P)

On SW3: SW3#Show etherchannel summary



Page 30 of 65

Flags:

D I H R U u w d

-



Group

Port-channel

Protocol

Ports

------+-------------+-----------+-----------------------

23

Po23(SU)

PAgP

Fa0/23(P)

Fa0/24(P)

)0' .'11'*/ \9d] 2%"2&$1' 10$1 10' H+*1 &0$%%'. 2/ $ .$C'* 1:+ $%" 21K/ 2% ,/'<

!R ($% )*+ ?1%9 !IK- 5<=" 1%.,;8$(,7

F'1K/ I2%" +,1 10' 5M $""*'// +I 7;K/ P=DO 2%1'*I$&' -'I+*' #'*2IC2%3 10' H*+-.'?L

On R5: R5#Show run int f0/1 | B interface interface FastEthernet0/1 ip address 152.1.1.5 255.255.255.0 duplex auto speed auto end

On R8: R8#Ping 152.1.1.5 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 152.1.1.5, timeout is 2 seconds: CCIE R&S by Narbik Kocharians


Page 31 of 65

..... Success rate is 0 percent (0/5) F'1K/ /'' 7`K/ e=DO &+%I23,*$12+%L R8#Show ip int br | Exc unass Interface GigabitEthernet0/1.21 GigabitEthernet0/1.152

IP-Address 12.1.1.2 152.1.1.2

OK? Method Status YES manual up YES manual up

Protocol up up

F'1K/ &0'&J $%" /'' 2I 9SX &$% /'' 7`L

On SW3: SW3#Show cdp nei | Inc R8

Device ID

Local Intrfce

Holdtme

Capability

Platform

Port ID

SW4 SW2 SW2

Fas 0/19 Fas 0/24 Fas 0/23

175 130 130

S I S I S I


R8

Fas 0/8

177

R B S I

CISCO1921/Gig 0/1

R9

Fas 0/9

178

R S I

2811

Fas 0/1

F'1K/ /'' 2I E.$% O;N 2/ &+%I23,*'" +% 9SXL

On SW3: SW3#Show vlan brief | Exc unsup

VLAN Name

Status

Ports

---- -------------------------------- --------- ------------------------------1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4 Fa0/5, Fa0/6, Fa0/7, Fa0/10 Fa0/17, Fa0/18, Fa0/20, Fa0/21 Fa0/22, Gi0/1, Gi0/2 21 VLAN0021 active 33 VLAN0033 active Fa0/9 186 VLAN0186 active Fa0/13 196 VLAN0196 active Fa0/11 296 VLAN0296 active Fa0/12 339 VLAN0339 active Fa0/14 691 VLAN0691 active Fa0/15 946 VLAN0946 active Fa0/16

EF!B O;N 2/ BA) &+%I23,*'" +% 9SXU .'1K/ &+%I23,*' 102/ EF!BL CCIE R&S by Narbik Kocharians


Page 32 of 65

SW3(config)# Vlan 152 SW3(config-vlan)#Exit

F'1K/ :$21 I+* 9H$%%2%3T1*'' 1+ &+%#'*3' -'I+*' 1'/12%3 10' &+%I23,*$12+%L

To verify the configuration: On R8: R8#Ping 152.1.1.5 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 152.1.1.5, timeout is 2 seconds:

.!!!! Success rate is 80 percent (4/5), round-trip min/avg/max = 1/1/4 ms

G+, ?,/1 \90,1] $%" \B+ 90,1] 10' P=DO_ 2%1'*I$&' +I 9SX $%" 9SY -'I+*' H*+&''"2%3U :0'% /0,112%3 10' I=DO_ 2%1'*I$&' "+:%U C+, ?,/1 :$21 I+* 10' 2%1'*I$&' 1+ 1*$%/212+% 2%1+ "+:% /1$1' -'I+*' 2//,2%3 10' \B+ 90,1] &+??$%"<

+2, (01,%. @,,?- 6% 9,..1%9 .2, 86006A1%9 (6%-60, T,--$9,- 6% 3GBU VWXEXYCYWXEXZ4*!+ZX[3F\ELXU WXEX &1-$/0,& 1%.,;8$(, 5$<="H> :%1&1;,(.16%$0 01%@ &,.,(.,& V4]YCYL!!ZX[3F\ELU :&0& ,;;6; &,.,(.,& 6% 5$<="H> ?:..1%9 5$<="H 1% ,;;Y&1-$/0, -.$., VE[)L4!*+*YIYW4X*G)U E1%, ?;6.6(60 6% [%.,;8$(, 5$-.L.2,;%,.<="H> (2$%9,& -.$., .6 &6A% VE[)^YBYW4X*G)U [%.,;8$(, 5$-.L.2,;%,.<="H> (2$%9,& -.$., .6 &6A% V4]YCYL!!Z!L_*DL!U F..,T?.1%9 .6 ;,(6P,; 8;6T :&0& ,;;Y&1-$/0, -.$., 6% 5$<="H VE[)^YBYW4X*G)U [%.,;8$(, 5$-.L.2,;%,.<="H> (2$%9,& -.$., .6 :?



Page 33 of 65

VE[)L4!*+*YIYW4X*G)U E1%, ?;6.6(60 6% [%.,;8$(, 5$-.L.2,;%,.<="H> (2$%9,& -.$., .6 :? `6: T$N /;,$@ 6%, 68 .2, ;:0,- 1% .21- 0$/K- ;:0,- -.$.,& 1% .2, /,91%%1%9 68 .21- 0$/7

To verify the problem: On SW3: SW3#Show udld F0/19 Interface Fa0/19 --Port enable administrative configuration setting: Enabled / in aggressive mode Port enable operational state: Enabled / in aggressive mode

Current bidirectional state: Unidirectional Current operational state: Disabled port Message interval: 7 Time out interval: 5

No neighbor cache information stored )0' +,1H,1 +I 10' $-+#' /0+: &+??$%" /1$1'/ 10$1 $ d%2"2*'&12+%$. .2%J 2/ :0$1 2/ "'1'&1'" $%" 10' &+%/+.' ?'//$3'/ #'*2IC 102/ 2%I+*?$12+%< R,1 S0CQ F'1K/ &0'&J 10' 2%1'*I$&' &+%I23,*$12+% +I 9SX $%" 9SYh /2%&' :' &$% BA) H0C/2&$..C 2%/H'&1 +* 1+,&0 10' H+"/ 2% 102/ .$- +* 2% 10' $&1,$. 4456 .$-U 0+: "+ :' I2g 102/ H*+-.'?Q SW3#Show run int f0/19 | B inter interface FastEthernet0/19 switchport trunk encapsulation dot1q switchport mode trunk

udld port aggressive end

On SW4: SW4#Show run int f0/19 | B inter interface FastEthernet0/19 switchport trunk encapsulation dot1q switchport mode trunk

udld port aggressive CCIE R&S by Narbik Kocharians


Page 34 of 65

mac access-group tst in end

c???VVV.'1K/ &0'&J 10' ?$& $&&'//T.2/1 &$..'" \1/1]L SW4#Show run | B mac access-list mac access-list extended tst

deny

any host 0100.0ccc.cccc

permit any any

SASV< )0' >!4 10$1 2/ -'2%3 I2.1'*'" +% 2%3*'// P=DO_ 2%1'*I$&' +I 9SX 2/ 10' "'/12%$12+% >$& $""*'// ,/'" -C d@F@< 5% +*"'* 1+ I2g 102/ H*+-.'?U :' /0+,." W,/1 *'?+#' 10' ?$& $&&'//T.2/1 $.. 1+3'10'*<

On SW4 No mac access-list extended tst SW4(config)#

To verify the configuration: On SW3 SW3#Show udld f0/19 Interface Fa0/19 --Port enable administrative configuration setting: Enabled / in aggressive mode Port enable operational state: Enabled / in aggressive mode

Current bidirectional state: Bidirectional Current operational state: Advertisement - Single neighbor detected Message interval: 7 Time out interval: 5 Entry 1 --Expiration time: 43 Cache Device index: 1 Current neighbor state: Bidirectional Device ID: CAT0629X0DG Port ID: Fa0/19 Neighbor echo 1 device: CAT0628Z0LB



Page 35 of 65

Neighbor echo 1 port: Fa0/19 Message interval: 15 Time out interval: 5

CDP Device name: SW4

L;$-, .2, -.$;.:? (6%819:;$.16% $%& .2, aP0$%7&$.b $%& ;,06$& .2, &,P1(,- /,86;, ?;6(,,&1%9 .6 .2, %,c. -(,%$;167



Page 36 of 65

Troubleshooting Switching Scenario 2

• •

@A BA) &+%I23,*' +* &0$%3' 10' E)M "+?$2% +% $%C +I 10' I+,* /:21&0'/< @A BA) &0$%3' EF!B $//23%?'%1/



Page 37 of 65

!J $%& !R ($% %6. ,-.$/01-2 $% L19;? %,192/6; $&M$(,%(N7

F'1K/ #'*2IC 10' H*+-.'?L

On R6: R6#Show ip eigrp neighbors EIGRP-IPv4 Neighbors for AS(1)

H

Address

Interface

0

68.1.1.8

Fa0/0

Hold Uptime (sec) 14 00:04:31

SRTT (ms)

RTO

2

200

Q Seq Cnt Num 0

6

51 .++J/ .2J' 10' 1:+ *+,1'*/ 0$#' '/1$-.2/0'" $ %'230-+* $"W$&'%&C< F'1K/ H2%3 b`
..... Success rate is 0 percent (0/5) !*' 10'/' 1:+ *+,1'*/ +% 10' /$?' EF!BQ F'1K/ &0'&J 9SO $%" 9SXL

On SW1: SW1#Show Vlan br | Exc unsup

VLAN Name

Status

Ports

---- -------------------------------- --------- ------------------------------1 default active Fa0/4, Fa0/5, Fa0/9, Fa0/10 Fa0/11, Fa0/18, Fa0/20, Fa0/22 Fa0/23, Fa0/24, Gi0/1, Gi0/2

68

VLAN0068

active

Fa0/6

212 213 214 215 216 217

VLAN0212 VLAN0213 VLAN0214 VLAN0215 VLAN0216 VLAN0217

active active active active active active

Fa0/12 Fa0/13 Fa0/14 Fa0/15 Fa0/16 Fa0/17

On SW3: CCIE R&S by Narbik Kocharians


Page 38 of 65

SW3#Show vlan brief | Exc unsup

VLAN Name

Status

Ports

---- -------------------------------- --------- ------------------------------1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4 Fa0/5, Fa0/6, Fa0/7, Fa0/9 Fa0/10, Fa0/11, Fa0/18, Fa0/22 Fa0/24, Gi0/1, Gi0/2

68

VLAN0068

active

Fa0/8

212 213 214 215 216 217

VLAN0212 VLAN0213 VLAN0214 VLAN0215 VLAN0216 VLAN0217

active active active active active active

Fa0/12 Fa0/13 Fa0/14 Fa0/15 Fa0/16 Fa0/17

7b $%" 7` $*' 2% EF!B bÙ .'1K/ &0'&J 10' 1*,%J $%" /'' 2I 10' 1*,%J 2/ $..+:2%3 10' 1*$II2& I+* 102/ EF!B 1+ 1*$#'*/' 10*+,30L

On SW1: SW1#Show interface trunk Port Fa0/19 Fa0/21

Mode on on

Encapsulation 802.1q 802.1q

Status trunking trunking

Native vlan 1 1

Port Fa0/19 Fa0/21

Vlans allowed on trunk 1-4094 1-4094

Port Fa0/19 Fa0/21

Vlans allowed and active in management domain 1,68,212-217 1,68,212-217

Port Fa0/19 Fa0/21

Vlans in spanning tree forwarding state and not pruned 1,68,212-217 1,68,212-217

On SW3: SW3#Show interface trunk Port Fa0/19 Fa0/20

Mode desirable desirable

Encapsulation n-802.1q n-isl


Status trunking trunking


Native vlan 1 1 Page 39 of 65

Fa0/21 Fa0/23

on on

802.1q 802.1q

trunking trunking

1 1

Port Fa0/19 Fa0/20 Fa0/21 Fa0/23

Vlans allowed on trunk 1-4094 1-4094 1-4094 1-4094

Port Fa0/19 Fa0/20 Fa0/21 Fa0/23

Vlans allowed and active in management domain 1,68,212-217 1,68,212-217 1,68,212-217 1,68,212-217


Vlans in spanning tree forwarding state and not pruned 1,68,212-217 68 1,68,212-217

Port Fa0/23

Vlans in spanning tree forwarding state and not pruned 1,68,212-217

9+ I$* /+ 3++"U .'1K/ #'*2IC 10' H$10 I*+? 9SO 1+ 9SXL

On SW1: SW1#Show spanning-tree vlan 68 VLAN0068 Spanning tree enabled protocol ieee Root ID Priority 24644 Address 000c.858b.7a00

Bridge ID

Interface

Cost

38

Port Hello Time

21 (FastEthernet0/19) 2 sec Max Age 20 sec


Priority 32836 (priority 32768 sys-id-ext 68) Address 0012.7f40.9380 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 300

Role Sts Cost

Prio.Nbr Type

---------------- ---- --- --------- -------- -----Fa0/6 Desg FWD 19 128.8 P2p CCIE R&S by Narbik Kocharians


Page 40 of 65

Fa0/19

Root FWD 19

128.21

P2p

Fa0/21

Desg FWD 19

128.23

P2p

)0' P$=Db 2%1'*I$&' +I 9SO &+%%'&1/ 1+ 7bU $%" I*+? 9SOK/ H'*/H'&12#'U -+10 P=DO_ $%" P=DNO $*' 2% I+*:$*"2%3 /1$1'U -,1 P=DO_ 2/ 10' *++1 H+*1U $%" 10' .+&$. /:21&0 0$/ $ &+/1 +I XÙ :02&0 ?'$%/ 10$1 21 0$/ 1+ 1*$#'*/' 1:+ O==> .2%J/ Z)0' "'I$,.1 &+/1 +I $ P$/1 610'*%'1 2%1'*I$&' 2/ O_[U 102/ ?'$%/ 10$1 9SX 2/ 10' *++1< F'1K/ #'*2IC 102/ -C *'H'$12%3 10' /$?' /0+: &+??$%" +% 9SNL

On SW2: SW2#Show spanning-tree vlan 68 VLAN0068 Spanning tree enabled protocol ieee Root ID Priority 24644 Address 000c.858b.7a00

Bridge ID

Interface

Cost

19

Port Hello Time

25 (FastEthernet0/23) 2 sec Max Age 20 sec


Priority 32836 (priority 32768 sys-id-ext 68) Address 001d.e5d6.0000 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 300

Role Sts Cost

Prio.Nbr Type

---------------- ---- --- --------- -------- -----

Fa0/19 Fa0/23

Desg FWD 19 Root FWD 19

128.21 128.25

P2p P2p

F'1K/ #'*2IC 102/ 2%I+*?$12+% +% 9SXL

On SW3: SW3#Show spanning-tree Vlan 68 VLAN0068 Spanning tree enabled protocol ieee Root ID Priority 24644 Address 000c.858b.7a00

This bridge is the root Hello Time Bridge ID

Priority Address

2 sec

Max Age 20 sec


24644 (priority 24576 sys-id-ext 68) 000c.858b.7a00



Page 41 of 65

Hello Time 2 sec Aging Time 300

Interface

Max Age 20 sec

Role Sts Cost


Prio.Nbr Type

---------------- ---- --- --------- -------- ------

Fa0/8

Desg FWD 19

128.8

P2p

Fa0/19 Fa0/20 Fa0/21 Fa0/23

Desg Desg Desg Desg

128.19 128.20 128.21 128.23

P2p P2p P2p P2p

FWD FWD FWD FWD

19 19 19 19

S0C 2/ 9SO 3+2%3 10*+,30 9SN 1+ 3'1 1+ 9SXU :0'% 10' .2%J Z)0' P=DNO[ -'1:''% 9SO $%" 9SX $*' 1*,%J2%3 $%" 2% \PS@] /1$1'Q )02/ &$% ?'$% 10$1 :' 0$#' $ /H$%%2%3T1*'' .++H< F'1K/ &0'&J 10' P=DNO 2%1'*I$&'/ +I 9SO $%" 9SXL

On SW1: SW1#Show run int f0/21 | B interface interface FastEthernet0/21 switchport trunk encapsulation dot1q switchport mode trunk end

On SW3: SW3#Show run int f0/21 | B interface interface FastEthernet0/21 switchport trunk encapsulation dot1q switchport mode trunk

spanning-tree bpdufilter enable end

S' &$% /'' 10' H*+-.'?U [email protected]'* 2/ &+%I23,*'" +% 10' P=DNO 2%1'*I$&' +I 9SXU 102/ "+'/ ?'$% 10$1 :' 0$#' $ /H$%%2%3T1*'' .++H< F'1K/ &0'&J 10' 4Md ,12.2^$12+% +% 9SXL SW3#Show processes cpu | Inc five CPU utilization for five seconds: 99%/93%; one minute: 99%; five minutes:92%

.'1K/ *'?+#' 102/ $%" #'*2IC 102/ &+%I23,*$12+%h +%&' 10' [email protected]'* 2/ *'?+#'"U 9SO /0+,." ,/' 21/ P=DNO 2%1'*I$&' $/ 21/ *++1 H+*1 $%" '210'* 9SO +* 9SN :2.. 1*$%/212+% 10'2* P=DO_ 2%1'*I$&' 2%1+ \RFi] /1$1' I+* 102/ EF!BL CCIE R&S by Narbik Kocharians


Page 42 of 65

On SW3: SW3(config)#Int f0/21 SW3(config-if)# No spanning-tree bpdufilter enable

On SW1: SW1#Show spanning-tree vlan 68 | B Interface

Interface

Role Sts Cost

Prio.Nbr Type

---------------- ---- --- --------- -------- ----Fa0/6 Desg FWD 19 128.8 P2p Fa0/19 Desg FWD 19 128.21 P2p

Fa0/21

Root FWD 19

128.23

P2p

F'1K/ &0'&J 9SNU 21 0$/ H*+-$-.C 1*$%/212+%'" 21/ P=DO_ 2%1'*I$&' 1+ -.+&J2%3L

On SW2: SW2#Show spanning-tree vlan 68 | B Interface

Interface

Role Sts Cost

Prio.Nbr Type

---------------- ---- --- --------- -------- ------

Fa0/19

Altn BLK 19

128.21

P2p

Fa0/23

Root FWD 19

128.25

P2p

F'1K/ &0'&J 7b $%" /'' 2I 0$/ '/1$-.2/0'" $% 623*H %'230-+* $"W$&'%&CL

On R6: R6#Show ip eigrp neighbors IP-EIGRP neighbors for process 1 H Address Interface 0

68.1.1.8

Fa0/0

Hold Uptime SRTT (sec) (ms) 12 00:04:49 3

RTO

Q Seq Cnt Num 200 0 15

R6#Ping 68.1.1.8 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 68.1.1.8, timeout is 2 seconds:

!!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms



Page 43 of 65

On SW3: SW3#Show processes cpu | Inc five CPU utilization for five seconds: 0%/0%; one minute: 0%; five minutes: 8%

9cd) $%" BA 90,1 10' P=DO 2%1'*I$&' +% 7Y< [% DEF) CI> !I 1- (6%819:;,& $- $ Xd_4 -,;P,;> $%& !C $- $ Xd_4 (01,%.7 !C ($% %6. $(e:1;, $% [4 $&&;,-- 8;6T .21- Xd_4 -,;P,;7 51c .21- ?;6/0,T A1.26:. ;,T6P1%9 $%N (6TT$%&-7

F'1K/ #'*2IC 10' H*+-.'?L

On R4: R4#Show ip int brief

Interface

IP-Address

OK? Method Status

FastEthernet0/0 Serial0/0

unassigned unassigned

YES unset YES unset

FastEthernet0/1

unassigned

YES DHCP

Serial0/1

unassigned

YES unset

Protocol

administratively down down administratively down down up up administratively down down

F'1K/ #'*2IC 10' &+%I23,*$12+% +% 10' P=DO 2%1'*I$&'L R4#Show run int f0/1 | B interface interface FastEthernet0/1 ip address dhcp duplex auto speed auto end

)0' P=DO 2%1'*I$&' +I 7Y 2/ &+%I23,*'" &+**'&1.CU .'1K/ #'*2IC 10' &+%I23,*$12+% +I 10' @c4M /'*#'* Z7;[L

On R5: CCIE R&S by Narbik Kocharians


Page 44 of 65

R5#Show run | S dhcp pool ip dhcp pool tst network 45.1.1.0 255.255.255.0 R5#Show run | Inc dhcp ip dhcp excluded-address 45.1.1.5 ip dhcp pool tst R5#Show ip int br | Exc unass

Interface

IP-Address

OK? Method Status

Protocol

FastEthernet0/1

45.1.1.5

YES manual up

up

51 /''?/ .2J' 10' &+%I23,*$12+% :$/ H'*I+*?'" &+**'&1.C< F'1K/ #'*2IC 10' EF!B &+%I23,*$12+% +% 9SNL

On SW2: SW2#Show vlan br | Exc unsup

VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------1

default

active

12 36

VLAN0012 VLAN0036

active active

Fa0/7, Fa0/8, Fa0/9, Fa0/10 Fa0/11, Fa0/14, Fa0/15, Fa0/16 Fa0/18, Fa0/20, Fa0/21, Fa0/22 Fa0/24, Gi0/1, Gi0/2 Fa0/1, Fa0/2 Fa0/3, Fa0/6

45

VLAN0045

active

Fa0/4, Fa0/5

68 212 213 214 215 216 217


active active active active active active active

Fa0/12 Fa0/13

Fa0/17

)0' EF!B 2/ &+%I23,*'" H*+H'*.CU 10' *+,1'*/ $*' &+%I23,*'" H*+H'*.CU &+,." 10'*' -' $ E.$% $&&'//T?$H +* $% $&&'//T.2/1 -.+&J2%3 102/ 1*$II2&Q F'1K/ #'*2ICL SW2#Show vlan access-map SW2# SW2#Show access-list CCIE R&S by Narbik Kocharians


Page 45 of 65

SW2#

F'1K/ &0'&J I+* $%C &+%I23,*$12+% 10$1 0$/ Y; 2% 21L SW2#Show run | Inc 45

ip dhcp snooping vlan 45 switchport access vlan 45 switchport access vlan 45

SASV@c4M 9%++H2%3 2/ '%$-.'" I+* EF!B Y;U .'1K/ #'*2IC @c4M 9%++H2%3 &+%I23,*$12+%L SW2#Show ip dhcp snooping

Switch DHCP snooping is enabled DHCP snooping is configured on following VLANs: 45 Insertion of option 82 is enabled circuit-id format: vlan-mod-port remote-id format: MAC Option 82 on untrusted port is not allowed Verification of hwaddr field is enabled Interface ------------------------

Trusted -------

Rate limit (pps) ----------------

)0' +,1H,1 +I 10' $-+#' &+??$%" *'#'$./ 10$1 @c4M /%++H2%3 2/ '%$-.'" 3.+-$..CU $%" 21K/ $HH.2'" 1+ EF!B Y;U $%" +H12+% `N 2/ $./+ '%$-.'"< 5I +H12+% `N 2/ '%$-.'"U 10' 0+/1K/ @c4M @2/&+#'* ?'//$3' :2.. 2%&.,"' 10' \&2*&,21T2"] :02&0 2/ 10' >!4 $""*'// +I 9SNU $%" 10' \H+*1T2"] :02&0 2/ 10' H+*1 1+ :02&0 10' *+,1'* 2/ &+%%'&1'" 1+U /2%&' 10'/' $""'" 2%I+*?$12+% 2/ BA) ,%"'*/1++" -C 10' @c4M /'*#'*U 21 23%+*'/ 10' "2/&+#'* ?'//$3'/ *'&'2#'" -C 7Y< F'1K/ "2/$-.' +H12+% `NL

No ip dhcp snooping information option SW2(config)# F'1K/ #'*2IC 102/ &+%I23,*$12+% +% 7YL

On R4: R4#Show ip int br

Interface

IP-Address

OK? Method Status

FastEthernet0/0 Serial0/0

unassigned unassigned

YES unset YES unset

up up administratively down down

FastEthernet0/1

unassigned

YES DHCP

up



Protocol up Page 46 of 65

Serial0/1

unassigned

YES unset

administratively down down

F'1K/ '%$-.' \@'-,3 2H H$&J'1 "'1] +% 7YL R4#Debug ip packet detail IP packet debugging is on (detailed)

IP: s=0.0.0.0 (local), d=255.255.255.255 (FastEthernet0/1), len 604, sending broad/multicast UDP src=68, dst=67 IP: s=0.0.0.0 (local), d=255.255.255.255 (FastEthernet0/1), len 604, sending broad/multicast UDP src=68, dst=67 IP: s=0.0.0.0 (local), d=255.255.255.255 (FastEthernet0/1), len 604, sending broad/multicast UDP src=68, dst=67 S' &$% /'' 10$1 10' .+&$. *+,1'* 2/ /'%"2%3 10' @c4M "2/&+#'* ?'//$3'/ -,1 21K/ BA) *'&'2#2%3 $%C +II'*/< F'1K/ 3+ 10*+,30 :0$1 :' 0$#' #'*2I2'" /+ I$*L 7Y 2/ &+%I23,*'" $/ $ @c4M &.2'%1 7; 2/ &+%I23,*'" $/ $ @c4M 9'*#'* 9SN 0$/ 10'/' 1:+ *+,1'*/ 2% EF!B Y; 9SN 2/ &+%I23,*'" :210 \5M @c4M 9%++H2%3] $%" \5M "0&H /%++H2%3 #.$% Y;]< AH12+% `N 2/ $./+ "2/$-.'" 92%&' 10' "0&H /%++H2%3 +H12+% 2/ '%$-.'" $%" $HH.2'" 1+ EF!B Y;U $.. H+*1/ 2% EF!B Y; :2.. 1*$%/212+% 2%1+ ,%1*,/1'" /1$1'< S0'% $ H+*1 2/ 2% ,%1*,/1'" /1$1'U 10' /:21&0 :2.. "2/&$*" 10' @c4M ?'//$3'/ .2J' AII'*U !4iU B!4i &+?2%3 I*+? $.. H+*1/U 102/ 2%&.,"'/ 10' H+*1 10$1 7; 2/ &+%%'&1'" 1+< )02/ 2/ "'/23%'" 10$1 :$C 1+ ?2123$1' *+3,' @c4M /'*#'*/< F'1K/ /'' 2I 102/ H+*1 2/ 1*,/1'"L

On SW2: SW2#Show run int f0/5 | B interface interface FastEthernet0/5 switchport access vlan 45 switchport mode access spanning-tree portfast end



Page 47 of 65

AiVV:' &$% /'' 10' H*+-.'?< F'1K/ 1*,/1 102/ H+*1L SW2(config)#int f0/5 SW2(config-if)#ip dhcp snooping trust

To verify the configuration: On R4: R4(config)#int f0/1 R4(config-if)#Shut No shut R4(config-if)#

G+, /0+,." /'' 10' I+..+:2%3 "'-,3 +,1H,1L

IP: s=0.0.0.0 (local), d=255.255.255.255 (FastEthernet0/1), len 604, sending broad/multicast UDP src=68, dst=67 IP: s=45.1.1.5 (FastEthernet0/1), d=255.255.255.255, len 328, rcvd 2 UDP src=67, dst=68 IP: s=0.0.0.0 (local), d=255.255.255.255 (FastEthernet0/1), len 604, sending broad/multicast UDP src=68, dst=67 IP: s=45.1.1.5 (FastEthernet0/1), d=255.255.255.255, len 328, rcvd 2 UDP src=67, dst=68 %DHCP-6-ADDRESS_ASSIGN: Interface FastEthernet0/1 assigned DHCP address 45.1.1.1, mask 255.255.255.0, hostname R4 G+, ?$C 3'1 $ "2II'*'%1 5M $""*'// I*+? 10' /$?' *$%3'< R4#Show ip int br | Exc unass Interface

IP-Address

OK? Method Status

Protocol

FastEthernet0/1

45.1.1.1

YES DHCP

up

up

F'1K/ "2/$-.' 10' "'-,3L R4#Undebug all All possible debugging has been turned off



Page 48 of 65

DEF) "'B 1- (6%819:;,& A1.2 -.$.1( [4 36:;(, S:$;& /:. 1. 1- %6. A6;@1%97

RC .++J2%3 $1 10' "2$3*$?U :' &$% /'' 10$1 10' P=D= 2%1'*I$&'/ +I 7OU 7N $%" 7X $*' &+%I23,*'" 2% EF!B ONX< F'1K/ #'*2ICL

On SW1: SW1#Show vlan brief | Exc unsup VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------1 default active Fa0/4, Fa0/5, Fa0/9, Fa0/10 Fa0/11, Fa0/18, Fa0/20, Fa0/22 Fa0/23, Fa0/24, Gi0/1, Gi0/2 12 VLAN0012 active 36 VLAN0036 active 45 VLAN0045 active 68 VLAN0068 active Fa0/6 114 VLAN0114 active 121 VLAN0121 active

123

VLAN0123

active

Fa0/1, Fa0/2, Fa0/3

212 213 214 215 216 217 232


active active active active active active active

Fa0/12 Fa0/13 Fa0/14 Fa0/15 Fa0/16 Fa0/17

F'1K/ #'*2IC 10' 5M 9+,*&' e,$*" &+%I23,*$12+% +% 9SOL

On SW1: SW1#Show run int f0/1 | B interface interface FastEthernet0/1 switchport access vlan 123 switchport mode access spanning-tree portfast

ip verify source end



Page 49 of 65

SW1#Show run int f0/2 | B interface interface FastEthernet0/2 switchport access vlan 123 switchport mode access spanning-tree portfast

ip verify source end SW1#Show run int f0/3 | B interface interface FastEthernet0/3 switchport access vlan 123 switchport mode access spanning-tree portfast

ip verify source end

F'1K/ #'*2IC 10' /+,*&' -2%"2%3 1$-.'U :' /0+,." /'' 10*'' -2%"2%3/U +%' I+* 7OU +%' I+* 7NU $%" $%+10'* I+* 7X L

On SW1: SW1#Show ip source binding | Inc 123.1.1

00:00:22:22:22:22 00:00:22:22:22:22 00:00:11:11:11:11 00:00:11:11:11:11 00:00:33:33:33:33 00:00:33:33:33:33

123.1.1.2 123.1.1.1 123.1.1.3

infinite infinite infinite

static static static

123 123 123

FastEthernet0/2 FastEthernet0/1 FastEthernet0/3

)0' 1$-.' .++J'" &+**'&1U .'1K/ &0'&J 10' &+%I23,*$12+% +I 10' P=D= 2%1'*I$&'/ +I 7OU 7N $%" 7XL

On R1: R1#Show int f0/0 | Inc bia|address

Hardware is Gt96k FE, address is 0000.1111.1111 (bia 0016.c898.c6e0)

Internet address is 123.1.1.1/24

On R2: R2#Show int f0/0 | Inc bia|address Hardware is Gt96k FE, address is 0000.2222.2222 (bia 0011.9279.1f70)

Internet address is 123.1.1.2/24 CCIE R&S by Narbik Kocharians


Page 50 of 65

On R3: R3#Show int f0/0 | Inc bia|address Hardware is Gt96k FE, address is 0000.3333.3333 (bia 0012.d927.d710)

Internet address is 123.1.1.3/24 )02/ 2/ &+%I23,*'" &+**'&1.C< F'1K/ #'*2IC @c4M 9%++H2%3 &+%I23,*$12+%L

On SW1: SW1#Show ip dhcp snooping

Switch DHCP snooping is disabled DHCP snooping is configured on following VLANs: 123 Insertion of option 82 is enabled circuit-id format: vlan-mod-port remote-id format: MAC Option 82 on untrusted port is not allowed Verification of hwaddr field is enabled Interface Trusted Rate limit (pps) ---------------------------------------------

)0' +,1H,1 +I 10' $-+#' /0+: &+??$%" *'#'$./ 10$1 10' @c4M 9%++H2%3 I'$1,*' 2/ BA) '%$-.'"U .'1K/ #'*2IC 102/ -C .++J2%3 $1 10' *,%%2%3 &+%I23,*$12+%L

On SW1: SW1#Show run | Inc ip dhcp snooping

ip dhcp snooping vlan 123 G'/U :' &$% /'' 10$1 21 2/ $HH.2'" 1+ EF!B ONXU -,1 21 2/ BA) '%$-.'" 3.+-$..CU .'1K/ '%$-.' @c4M 9%++H2%3 3.+-$..CL

On SW1: SW1(config)#IP Dhcp snooping

To verify the configuration: On SW1 CCIE R&S by Narbik Kocharians


Page 51 of 65

SW1#Show ip dhcp snooping

Switch DHCP snooping is enabled DHCP snooping is configured on following VLANs: 123 Insertion of option 82 is enabled circuit-id format: vlan-mod-port remote-id format: MAC Option 82 on untrusted port is not allowed Verification of hwaddr field is enabled Interface Trusted ------------------------------

Rate limit (pps) ----------------

M'*I'&1V<.'1K/ 1'/1 10' &+%I23,*$12+% -C &0$%32%3 10' 5M $""*'// +I 7O 1+ ONX
On R1: R1(config)#int f0/0 R1(config-if)#ip addr 123.1.1.10 255.255.255.0 R1#Ping 123.1.1.2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 123.1.1.2, timeout is 2 seconds:

..... Success rate is 0 percent (0/5) F'1K/ &0$%3' 10' 5M $""*'// +I 7O -$&J 1+ ONX
On R1 R1(config)#int f0/0 R1(config-if)#ip addr 123.1.1.1 255.255.255.0 R1#Ping 123.1.1.2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 123.1.1.2, timeout is 2 seconds:

!!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms

On SW1: CCIE R&S by Narbik Kocharians


Page 52 of 65

SW1#Sh ip source binding static

MacAddress -----------------00:00:22:22:22:22 00:00:11:11:11:11 00:00:33:33:33:33

IpAddress

Lease(sec)

--------------123.1.1.2 123.1.1.1 123.1.1.3

---------infinite infinite infinite

Type -------static static static

VLAN ---123 123 123

Interface ---------FastEthernet0/2 FastEthernet0/1 FastEthernet0/3

Total number of bindings: 3

+2, 5<="H 1%.,;8$(, 68 3GC 1- (6%819:;,& $- $ .;:%@ 01%@7 +2, :-,; 2$- -,.:? ?6;. -,(:;1.N 6% .21- 1%.,;8$(, $%& -,. .2, T$c1T:T %:T/,; 68 ]F_ $&&;,--,- .6 '> /:. 86; -6T, ;,$-6% .21- 1- )*+ A6;@1%97

F'1K/ #'*2IC 10' &+%I23,*$12+% +% 9SYL

On SW4: SW4#Show run int f0/19 | B interface interface FastEthernet0/19 switchport trunk encapsulation dot1q switchport mode trunk

switchport port-security maximum 2 switchport port-security aging time 5 switchport port-security aging type inactivity S' &$% /'' 10$1 10' ?$g2?,? %,?-'* +I >!4 $""*'//'/ $..+:'" 2/ NU $%" 10' $32%3 1CH' $%" $32%3 12?' $*' $./+ /'1< R,1 10' H+*1 /'&,*21C 2/ BA) '%$-.'"< F'1K/ #'*2IC 102/ 2%I+*?$12+%L SW4#Show port-security interface F0/19

Port Security

: Disabled

Port Status Violation Mode Aging Time Aging Type SecureStatic Address Aging Maximum MAC Addresses

: : : : : :


Secure-down Shutdown 5 mins Inactivity Disabled 2


Page 53 of 65

Total MAC Addresses Configured MAC Addresses Sticky MAC Addresses Last Source Address:Vlan Security Violation Count

: : : : :

0 0 0 0000.0000.0000:0 0

F'1K/ '%$-.' H+*1T/'&,*21CL SW4(config)#int f0/19 SW4(config-if)#Switchport port-security

A%&' 10' H+*1T/'&,*21C 2/ '%$-.'"U C+, /0+,." /'' 10' I+..+:2%3 &+%/+.' ?'//$3'/L

%PM-4-ERR_DISABLE: psecure-violation error detected on Fa0/19, putting Fa0/19 in err-disable state %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address 000a.f402.6d93 on port FastEthernet0/19. S' &$% &.'$*.C /'' 10$1 H+*1 /'&,*21C 2/ :+*J2%3U +%&' 10' I'$1,*' :$/ '%$-.'"U 10' 2%1'*I$&' 1*$%/212+%'" 2%1+ '**T"2/$-.' /1$1'< )+ #'*2IC 102/ 2%I+*?$12+%L SW4#Show interface f0/19 status Port

Name

Fa0/19

Status

Vlan

Duplex

err-disabled 1

auto

Speed Type

auto 10/100BaseTX

[% DEF) "'> !" ($% )*+ ?1%9 !'K- 5<=" 1%.,;8$(,

F'1K/ #'*2IC 10' H*+-.'?L


..... CCIE R&S by Narbik Kocharians


Page 54 of 65

Success rate is 0 percent (0/5) R1#Show arp Protocol Internet

Address 12.1.1.1

Internet

12.1.1.2

Internet Internet

123.1.1.1 123.1.1.2

Age (min) -

0 11

Hardware Addr 0000.2121.2121

Type ARPA

Incomplete

ARPA

0000.1111.1111 0000.2222.2222

ARPA ARPA

Interface FastEthernet0/1 FastEthernet0/0 FastEthernet0/0

S' &$% /'' 10$1 !7M :$/ \2%&+?H.'1']U 102/ &$% ?'$% 10$1 :' 0$#' $ .$C'* N H*+-.'?U -'I+*' &0'&J2%3 .$C'* NU .'1K/ /'' 10' &+%I23,*$12+% +I 10' P=DO 2%1'*I$&'/ +I 7O $%" 7NL

On R1: R1#Show run int f0/1 | B interface interface FastEthernet0/1 mac-address 0000.2121.2121 ip address 12.1.1.1 255.255.255.0 duplex auto speed auto end

On R2: R2#Show run int f0/1 | B interface interface FastEthernet0/1 mac-address 0000.1212.1212 ip address 12.1.1.2 255.255.255.0 duplex auto speed auto end

S'..VV10' 2%1'*I$&'/ $*' &+%I23,*'" &+**'&1.CU .'1K/ #'*2IC 10' /:21&0 &+%I23,*$12+%L

On SW2: SW2#Show vlan br | Exc unsup

VLAN Name

Status

Ports

---- -------------------------------- --------- ------------------------------1 default active Fa0/7, Fa0/8, Fa0/9, Fa0/10 Fa0/11, Fa0/14, Fa0/15, Fa0/16



Page 55 of 65

Fa0/18, Fa0/20, Fa0/21, Fa0/22 Fa0/24, Gi0/1, Gi0/2

12

VLAN0012

active

Fa0/1, Fa0/2

36 45 68 114 121 123 212 213 214 215 216 217 232

VLAN0036 VLAN0045 VLAN0068 VLAN0114 VLAN0121 VLAN0123 VLAN0212 VLAN0213 VLAN0214 VLAN0215 VLAN0216 VLAN0217 VLAN0232

active active active active active active active active active active active active active

Fa0/3, Fa0/6 Fa0/4, Fa0/5

Fa0/12 Fa0/13

Fa0/17

F'1K/ &0'&J 10' EF!BL SW2#Show vlan id 12 VLAN Name Status Ports ---- -------------------------------- --------- -------------------------------

12

VLAN0012

active

Fa0/1, Fa0/2, Fa0/19, Fa0/23

VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2 ---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ -----1500 0 0 12 enet 100012 Remote SPAN VLAN ---------------Disabled Primary Secondary Type Ports ------- --------- ----------------- ----------------------------------

)02/ 2/ $./+ &+**'&1U .'1K/ #'*2IC 10' 2%1'*I$&' &+%I23,*$12+%U ?$C-' $% $&&'//T.2/1 2/ &+%I23,*'" 1+ -.+&J 10' &+??,%2&$12+% -'1:''% 10' 1:+ *+,1'*/L SW2#Show run int f0/1 | B interface interface FastEthernet0/1 switchport access vlan 12 switchport mode access spanning-tree portfast SW2#Show run int f0/2 | B interface



Page 56 of 65

interface FastEthernet0/2 switchport access vlan 12 switchport mode access spanning-tree portfast

F'1K/ #'*2IC 10' >!4 $""*'// +I 10'/' 1:+ *+,1'*/ +% 10' /:21&0L SW2#Show mac address-table dynamic interface f0/1 vlan 12 Mac Address Table ------------------------------------------Vlan ----

12

Mac Address -----------

Type --------

Ports -----

0000.2121.2121

DYNAMIC

Fa0/1

Total Mac Addresses for this criterion: 1 SW2#Show mac address-table dynamic interface f0/2 vlan 12 Mac Address Table ------------------------------------------Vlan ----


Type --------

Ports -----

)0' /:21&0 "+'/ %+1 /'' 7NU 102/ &+,." -' 10$1 7N "2" %+1 /'' 10' H2%3 3'%'*$1'" -C 7OU .'1K/ H2%3 I*+? 7N $%" #'*2IC 10' *'/,.1L


..... Success rate is 0 percent (0/5)

On SW2: SW2#Show mac address-table dynamic interface f0/2 vlan 12

Mac Address Table -------------------------------------------



Page 57 of 65

Vlan ----


Type --------

Ports -----

SASV?$C -' /+?'102%3 2/ I2.1'*2%3D-.+&J2%3 10' >!4 $""*'// +I 7NU .'1K/ #'*2ICL SW2#Show run | Inc 0000.1212.1212

mac-address-table static 0000.1212.1212 vlan 12 drop S' &$% &.'$*.C /'' 10' H*+-.'?U 102/ 2/ &$..'" d%2&$/1 >!4 $""*'// I2.1'*2%3< S0'% 102/ I'$1,*' 2/ '%$-.'"U 10' /:21&0 "*+H/ H$&J'1/ :210 10' &+%I23,*'" >!4 $""*'// $/ /+,*&' +* "'/12%$12+%< )0' /:21&0 2/ &+%I23,*'" 1+ "*+H $%C 1*$II2& /+,*&2%3 +* "'/12%'" 1+ \====!4 $""*'// 2% EF!B ON< F'1K/ *'?+#' 102/ I2.1'* $%" 1*C $3$2%L SW2(config)# No mac address-table static 0000.1212.1212 vlan 12 drop

To verify the configuration: On R1: R1#Ping 12.1.1.2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 12.1.1.2, timeout is 2 seconds:


On SW2: SW2#Show mac address-table dynamic interface f0/2 vlan 12 Mac Address Table ------------------------------------------Vlan ----

12


Type --------

Ports -----

0000.1212.1212

DYNAMIC

Fa0/2

Total Mac Addresses for this criterion: 1



Page 58 of 65

[% DEF) BJ> !J ($% %6. ?1%9 !B7

F'1K/ #'*2IC 10' H*+-.'?L


..... Success rate is 0 percent (0/5) R3#Show arp Protocol Internet

Address 36.1.1.3

Internet

36.1.1.6

Internet

123.1.1.3

Age (min) -

Hardware Addr 0000.3636.3636

Type ARPA

0

Incomplete

ARPA

-

0000.3333.3333

ARPA

Interface FastEthernet0/1 FastEthernet0/0

51 .++J/ .2J' 10' H*+-.'? 2/ :210 9SNU .'1K/ #'*2IC 9SNK/ &+%I23,*$12+%L

On SW2: SW2#Show vlan br | exc unsup

VLAN Name

Status

Ports

---- -------------------------------- --------- ------------------------------1 default active Fa0/7, Fa0/8, Fa0/9, Fa0/10 Fa0/11, Fa0/14, Fa0/15, Fa0/16 Fa0/18, Fa0/20, Fa0/21, Fa0/22 Fa0/24, Gi0/1, Gi0/2 12 VLAN0012 active Fa0/1, Fa0/2

36

VLAN0036

active

Fa0/3, Fa0/6

45 68 114 121 123 212 213 214 215 216

VLAN0045 VLAN0068 VLAN0114 VLAN0121 VLAN0123 VLAN0212 VLAN0213 VLAN0214 VLAN0215 VLAN0216

active active active active active active active active active active

Fa0/4, Fa0/5


Fa0/12 Fa0/13


Page 59 of 65

217 232

VLAN0217 VLAN0232

active active

Fa0/17

SW2#Show mac address-table dynamic interface F0/3 vlan 36 Mac Address Table ------------------------------------------Vlan ----

36


Type --------

Ports -----

0000.3636.3636

DYNAMIC

Fa0/3

Total Mac Addresses for this criterion: 1

SW2#Show mac address-table dynamic interface F0/6 vlan 36 Mac Address Table ------------------------------------------Vlan ----


Type --------

Ports -----

)0' /:21&0 "+'/ %+1 /'' 10' >!4 $""*'// +I 7bU .'1K/ &0'&J 10' &+%I23,*$12+% +I 10' P=DXU $%" P=Db 2%1'*I$&'/ +% 10' /:21&0U $%" 10'% &0'&J I+* $ ,%2&$/1 >$& $""*'// I2.1'*2%3L SW2#Show run int f0/3 | B inter interface FastEthernet0/3 switchport access vlan 36 switchport mode access spanning-tree portfast SW2#Show run int f0/6 | B inter interface FastEthernet0/6 switchport access vlan 36 switchport mode access spanning-tree portfast Let’s find out the MAC address of R6:

On R6: R6#Show int f0/1 | inc bia CCIE R&S by Narbik Kocharians


Page 60 of 65

Hardware is MV96340 Ethernet, address is 0000.6363.6363 (bia 0017.5aad.52ab)

SW2#Show run | Inc 0000.6363.6363 SW2#

S0$1 './' &+,." -' 10' H*+-.'?Q >$C -' /+?' 1CH' +I I2.1'*2%3 2/ &+%I23,*'" -$/'" +% 10' 2%1'*I$&'Q F'1K/ #'*2ICL

On SW2 SW2#Show run | Inc Fa0/6

monitor session 1 destination interface Fa0/6 51 .++J/ .2J' 9M!B :$/ &+%I23,*'" +% 9SN $%" 10' "'/12%$12+% H+*1 +* 10' ?+%21+* H+*1 :$/ &+%I23,*'" 1+ -' P=Db 2%1'*I$&'< S0'% $ H+*1 2/ &+%I23,*'" $/ ?+%21+* H+*1U 10' H+*1 "+'/ %+1 1*$%/?21 $%C 1*$II2& 'g&'H1 10$1 *'a,2*'" I+* 10' 9M!B /'//2+% $%" 2%&+?2%3 1*$II2& 2/ %'#'* .'$*%'" +* I+*:$*"'" +% $ "'/12%$12+% H+*1< F'1K/ *'?+#' 10' &+??$%" $%" #'*2IC 10' &+??,%2&$12+%L SW2(config)# No monitor session 1 destination interface Fa0/6

On R3 R3#Ping 36.1.1.6 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 36.1.1.6, timeout is 2 seconds:


[% DEF) QR> !Q ($% )*+ ?1%9 !RK- 5<=< 1%.,;8$(,7

F'1K/ #'*2IC 10' H*+-.'?L

On R7: CCIE R&S by Narbik Kocharians


Page 61 of 65

R7#Ping 78.1.1.8 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 78.1.1.8, timeout is 2 seconds:

..... Success rate is 0 percent (0/5) R7#Show arp

Protocol

Address

Internet

78.1.1.7

Age (min) -

0000.7777.7777

Hardware Addr

ARPA

Type

Internet

78.1.1.8

0

Incomplete

ARPA

Interface GigabitEthernet0/0

S' /0+,." %+1 :$/1' 12?'U :' /0+,." 3+ *2301 1+ 10' 9SO $%" &0'&J 21/ &+%I23,*$12+%L

On SW1: SASVVC+, /0+,." /'' 10' I+..+:2%3 &+%/+.' ?'//$3'/ +% 9SOL

%SW_DAI-4-DHCP_SNOOPING _DENY: 1 Invalid ARPs (Req) on Fa0/7, vlan 78.([0000.7777.7777/78.1.1.7/0000.0000.0000/78.1.1.8/02:24:37 UTC Mon Mar 1 1993]) %SW_DAI-4-DHCP_SNOOPING_DENY: 1 Invalid ARPs (Req) on Fa0/7, vlan 78.([0000.7777.7777/78.1.1.7/0000.0000.0000/78.1.1.8/02:24:37 UTC Mon Mar 1 1993]) %SW_DAI-4-DHCP_SNOOPING_DENY: 1 Invalid ARPs (Req) on Fa0/7, vlan 78.([0000.7777.7777/78.1.1.7/0000.0000.0000/78.1.1.8/02:24:37 UTC Mon Mar 1 1993]) %SW_DAI-4-DHCP_SNOOPING_DENY: 1 Invalid ARPs (Req) on Fa0/7, vlan 78.([0000.7777.7777/78.1.1.7/0000.0000.0000/78.1.1.8/02:24:37 UTC Mon Mar 1 1993]) %SW_DAI-4-DHCP_SNOOPING_DENY: 1 Invalid ARPs (Req) on Fa0/7, vlan 78.([0000.7777.7777/78.1.1.7/0000.0000.0000/78.1.1.8/02:24:37 UTC Mon Mar 1 1993]) P*+? 10' $-+#' &+%/+.' ?'//$3'/ :' &$% /'' 10$1 :' 0$#' $ H*+-.'? :210 @!5 Z@C%$?2& !*H 5%/H'&12+%[< )0' $-+#' &+%/+.' ?'//$3' /1$1'/ 10' I+..+:2%3L )0' 9:21&0 Z9SO[ *'&'2#'" $% 2%#$.2" !7M *'a,'/1 Z7'a[ +% P$=Df 2% EF!B f`< )0' !7M *'a,'/1 :$/ I*+? $ 0+/1 :210 $ >!4 $""*'// +I ====


Page 62 of 65

f`
On SW1: SW1#Show run | Inc ip arp

ip arp inspection vlan 78 S' &$% /'' 10$1 10' \5M !7M 2%/H'&12+%] &+??$%" 2/ BA) *'I'*'%&2%3 $% !7M $&&'//T.2/1U $%" +-#2+,/.C \5M @c4M 9%++H2%3] 2/ $./+ '%$-.'"U +* './' @C%$?2& !7M 5%/H'&12+% :+,." %+1 0$#' :+*J'"< F'1K/ #'*2IC 10' '%1*2'/ 2% 10' @c4M 9%++H2%3 @RL SW1#Show ip dhcp snooping binding MacAddress ------------------

IpAddress ---------------

00:00:88:88:88:88

78.1.1.8

Lease(sec) ----------

9217

Type -------------

dhcp-snooping

VLAN ----

78

Interface ----------------

FastEthernet0/8

Total number of bindings: 1

S' &$% &.'$*.C /'' 10' H*+-.'?U :0'% 10' P=Df 2%1'*I$&' +I 9SO *'&'2#'/ 10' !7M *'a,'/1 I*+? 7fU 21 &+%/,.1/ 10' @c4M /%++H2%3 @R I+* $% '%1*C I+* 7fU $%" /2%&' 21 "+'/ %+1 I2%" +%'U 21 "*+H/ 10' H$&J'1 $%" /'%"/ $ &+%/+.' ?'//$3'< F'1K/ $"" $% '%1*C I+* 7f 2% 10' 9%++H2%3 @R $%" 1*C H2%32%3 $3$2%< F'1K/ I2%" +,1 10' >!4 $""*'// +I 7`L

On R7: R7#Show int g0/0 | Inc bia Hardware is CN Gigabit Ethernet, address is 0000.7777.7777(bia 24e9.b3ab.4b20)

On SW1: SW1#IP Dhcp snooping bindin 0000.7777.7777 vlan 78 78.1.1.7 int F0/7 exp 1000

To verify the configuration: On R7: R7#Ping 78.1.1.8 Type escape sequence to abort. CCIE R&S by Narbik Kocharians


Page 63 of 65

Sending 5, 100-byte ICMP Echos to 78.1.1.8, timeout is 2 seconds:


`6:; (01,%. 1- (6T?0$1%1%9 .2$. 2, ($% %6. -$P, .2, ;:%%1%9 (6%819:;$.16% 6% 3GC /N :-1%9 aG;b $%& ,P,;N.1T, 2, .;1,- .6 -$P, :-1%9 .2, aG!b (6TT$%& 2, 9,.- .2, 86006A1%9 (6%-60, ,;;6; T,--$9,U L;;6; ;,$&1%9 (6%819 810, f80$-2U=f-.$;.:?Y(6%819 810, 6?,% 8$10,& g)6. ,%6:92 -?$(,h *! -.$;.:?Y(6%819 810, 6?,% 8$10,& g)6. ,%6:92 -?$(,h

F'1K/ #'*2IC 10' H*+-.'?L

On SW4: SW4# wr

startup-config file open failed (Not enough space) SASV:0$1 &$% &$,/' 10$1Q F'1K/ #'*2IC 10' -++1 H$*$?'1'*/L SW4#Show boot BOOT path-list:

c3550-ipservicesk9-mz.122-25.SEE4.bin

Config file:

flash:/

Private Config file: Enable Break: Manual Boot: HELPER path-list: NVRAM/Config file buffer size:

flash:/private-config.text no no

393216

S' &$% /'' 10' H*+-.'?U 10' \4+%I23 I2.'] 2/ 2%/1*,&1'" 1+ -' /$#'" 2% 10' I.$/0U -,1 $ I2.' %$?' 0$/ %+1 -''% /H'&2I2'"< F'1K/ I2g 102/ H*+-.'?L SW4(config)#Boot config-file flash:/config.text



Page 64 of 65

Ccie Tshoot v5.0 Demo

Recommend Documents