My Countingdown

Showing posts with label IP Services. Show all posts
Showing posts with label IP Services. Show all posts

Friday, December 16, 2011

Lab 8. IP Services - EMM



Configure in R1 if interface loopback zero is set down so EMM will activate automatically again.

R1#
event manager applet CheckLoopback
 event syslog pattern “Interface Loopback0.* down” period 1
 action 2.0 cli command “ena”
 action 2.1 cli command “conf t”
 action 2.2 cli command  “int lo0“
 action 2.3 cli command “no shut”
 action 3.0 syslo msg “Interface Loopback0 is activated by EMM”

Let’s do test by shutdown interface loopback

R1(config-applet)#int lo0
R1(config-if)#shut

Dec 15 05:32:46.191: %LINK-5-CHANGED: Interface Loopback0, changed state to administratively down
Dec 15 05:32:46.567: %HA_EM-6-LOG: CheckLoopback: Interface Loopback0 is activated by EMM
Dec 15 05:32:46.583: %SYS-5-CONFIG_I: Configured from console by vty0
Dec 15 05:32:48.531: %LINK-3-UPDOWN: Interface Loopback0, changed state to up
Posted by at No comments:
Labels: ,

Lab 7. IP Services - SNMP



Configure SNM in R2 with parameter as follow:
  • R2 will send information if any configuration change will send to 1.1.1.1
  • R2 will send information if any BGP changing to 1.1.1.1
  • Except 1.1.1.1, no any host is allowed to request snmp information
Let's make the lab

R2#
snmp-server community public ro 10
access-list 10 permit permit host 1.1.1.1
snmp-server enable traps config
snmp-server enable traps bgp
snmp-server host 1.1.1.1 public config
snmp-server host 1.1.1.1 public bgp
Posted by at No comments:
Labels: ,

Lab 6. IP Services - NTP


Let's make ip p2p and IGP as follow:

R1#
interface Loopback0
 ip address 1.1.1.1 255.255.255.255
 ip ospf 1 area 0
!
interface FastEthernet0/0
 ip address 12.12.12.1 255.255.255.0
 ip ospf 1 area 0
 no shut

R2#
interface Loopback0
 ip address 2.2.2.2 255.255.255.255
 ip ospf 1 area 0
!
interface FastEthernet0/0
 ip address 12.12.12.2 255.255.255.0
 ip ospf 1 area 0
 no shut

Let’s create NTP server in R1. Then R1 & R2 have ntp authentication

R1#
R1#clock set 11:41:00 15 december 2011   ---- > in exec mode
R1(config)#clock timezone jakarta 7
R1(config)#ntp master 2
R1(config)#ntp authentication-key 1 md5 cisco

R2#
R2(config-if)#ntp server 1.1.1.1
R2(config)#ntp authentication-key 1 md5 cisco
R2(config)#ntp authenticate
R2(config)#ntp trusted-key 1
R2(config)#ntp server 1.1.1.1 key 1

Verify ntp & clock

R1#show clock
11:44:37.511 jakarta Thu Dec 15 2011

R1#show ntp status
Clock is synchronized, stratum 2, reference is 127.127.7.1
nominal freq is 250.0000 Hz, actual freq is 250.0000 Hz, precision is 2**18
reference time is D293F98E.65638BB2 (11:43:58.396 jakarta Thu Dec 15 2011)
clock offset is 0.0000 msec, root delay is 0.00 msec
root dispersion is 0.02 msec, peer dispersion is 0.02 msec

R1#sh ntp associations
      address         ref clock     st  when  poll reach  delay  offset    disp
*~127.127.7.1      .LOCL.            1    45    64  377     0.0    0.00     0.0
 * master (synced), # master (unsynced), + selected, - candidate, ~ configured

R2(config)#do sh clock
.04:44:47.834 UTC Thu Dec 15 2011

R2(config)#do sh ntp stat
Clock is unsynchronized, stratum 16, no reference clock
nominal freq is 250.0000 Hz, actual freq is 250.0000 Hz, precision is 2**18
reference time is C029479E.E7672A48 (00:19:42.903 UTC Fri Mar 1 2002)
clock offset is 308982290666.1083 msec, root delay is 91.71 msec
root dispersion is 19965208.94 msec, peer dispersion is 16000.00 msec

Just wait! Check again!

R2(config)#do sh ntp stat
Clock is synchronized, stratum 3, reference is 1.1.1.1
nominal freq is 250.0000 Hz, actual freq is 250.0000 Hz, precision is 2**18
reference time is D2945B98.1C940849 (11:42:16.111 UTC Thu Dec 15 2011)
clock offset is -13.7526 msec, root delay is 27.68 msec
root dispersion is 25.10 msec, peer dispersion is 11.31 msec


R2(config)#do sh ntp associ 
      address         ref clock     st  when  poll reach  delay  offset    disp
 ~1.1.1.1          127.127.7.1       2    20    64    0    91.7  308982  16000.
 * master (synced), # master (unsynced), + selected, - candidate, ~ configured

Oupsss… the clock is not the same!!! Make sure the time zone is the same!

R2(config)#clock timezone jakarta 7
Dec 15 04:46:03.776: %SYS-6-CLOCKUPDATE: System clock has been updated from 04:46:03 UTC Thu Dec 15 2011 to 11:46:03 jakarta Thu Dec 15 2011, configured from console by console.

R2(config)#do sh clock
11:46:09.589 jakarta Thu Dec 15 2011
Posted by at No comments:
Labels: ,

Lab 4. IP Services - GLBP



The IP point-to-point and IGP please refer to previous lab! -> http://pursuingmydestiny.blogspot.com/2011/12/lab-3-ip-services-vrrp-ip-sla.html

Let’s create GLBP

R1#
interface FastEthernet0/0
 ip address 12.12.12.1 255.255.255.0
 glbp 1 ip 12.12.12.12

R2#
interface FastEthernet0/0
 ip address 12.12.12.2 255.255.255.0
 glbp 1 ip 12.12.12.12

Verify GLBP

R1#show glbp brief
Interface   Grp  Fwd Pri   State     Address               Active router   Standby router
Fa0/0       1        -   100   Active   12.12.12.12         local               12.12.12.2
Fa0/0       1       1     -      Active   0007.b400.0101  local                -
Fa0/0       1       2     -      Listen   0007.b400.0102  12.12.12.2       -


R2#sh glbp brie
Interface   Grp  Fwd Pri  State       Address              Active router   Standby router
Fa0/0       1        -   100  Standby  12.12.12.12         12.12.12.1      local
Fa0/0       1       1     -     Listen     0007.b400.0101  12.12.12.1       -
Fa0/0       1       2     -     Active     0007.b400.0102  local                -

You see that all interface is active. 
Let’s do check by trace route from Virtual PC

VPCS 1 >trace 3.3.3.3                         --- -> PC1 go to R3 via R1
traceroute to 3.3.3.3, 64 hops max
 1   12.12.12.1   28.000 ms  8.000 ms  8.000 ms
 2   13.13.13.3   33.000 ms  *  30.000 ms


VPCS 2 >trace 3.3.3.3                       --- -> PC2 go to R3 via R2
traceroute to 3.3.3.3, 64 hops max
 1   12.12.12.2   28.000 ms  6.000 ms  7.000 ms
 2   23.23.23.3   28.000 ms  *  35.000 ms
Posted by at No comments:
Labels: ,

Lab 3. IP Services - VRRP IP SLA


Now, let’s make VRRP first in R1 and R2

R1#
interface Loopback0
 ip address 1.1.1.1 255.255.255.255
!
interface FastEthernet0/0
 ip address 12.12.12.1 255.255.255.0
 vrrp 1 ip 12.12.12.12
 vrrp 1 priority 110
 vrrp 1 authentication md5 key-string cisco
!
interface Serial0/0
 ip address 13.13.13.1 255.255.255.0
!
router eigrp 1
 network 0.0.0.0
 no auto-summary

R2#
interface FastEthernet0/0
 ip address 12.12.12.2 255.255.255.0
 vrrp 1 ip 12.12.12.12
 vrrp 1 authentication md5 key-string cisco
!
interface Serial0/0
 ip address 23.23.23.2 255.255.255.0
!
router eigrp 1
 network 0.0.0.0
 no auto-summary

R3#
interface Loopback0
 ip address 3.3.3.3 255.255.255.255
!
interface FastEthernet0/0
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface Serial0/0
 ip address 13.13.13.3 255.255.255.0
 clock rate 2000000
!
interface FastEthernet0/1
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface Serial0/1
 ip address 23.23.23.3 255.255.255.0
 clock rate 2000000
!
router eigrp 1
 network 0.0.0.0
 no auto-summary

Check vrrp before add ip sla

R1(config)#do sh vrrp brief
Interface          Grp Pri Time  Own Pre State     Master addr     Group addr
Fa0/0               1   110 3570       Y      Master  12.12.12.1      12.12.12.12

R2#sh vrrp bri
Interface          Grp Pri Time  Own Pre State   Master addr     Group addr
Fa0/0               1   100 3609       Y      Backup  12.12.12.1      12.12.12.12

Let’s make ip sla

R1#
ip sla monitor 1
  type echo protocol ipIcmpEcho 3.3.3.3
    timeout 2000
    frequency 3
!
ip sla monitor schedule 1 start-time now
track 1 rtr 1

Let’s down loopback 0 in R3

R3(config)#int lo0
R3(config-if)#shut

Wait ...

R1(config-track)#
*Mar  1 00:10:33.107: %TRACKING-5-STATE: 1 rtr 1 state Up->Down
R1(config-track)#
*Mar  1 00:10:36.499: %VRRP-6-STATECHANGE: Fa0/0 Grp 1 state Master -> Backup
R1(config-track)#

R2#
*Mar  1 00:10:16.963: %VRRP-6-STATECHANGE: Fa0/0 Grp 1 state Backup -> Master
R2#

Now check vrrp in R1 & R2

R1(config-track)#do sh vrrp bri
Interface          Grp Pri Time  Own Pre State   Master addr     Group addr
Fa0/0                1   90  3570       Y      Backup  12.12.12.2      12.12.12.12

R2#sh vrrp bri
Interface          Grp Pri Time  Own Pre State   Master addr     Group addr
Fa0/0                1   100 3609       Y     Master  12.12.12.2      12.12.12.12
Posted by at No comments:
Labels: , ,

Lab 2. IP Services - HSRP Track Route



Let’s make HSRP first in R1 and R2

R1#
interface Loopback0
 ip address 1.1.1.1 255.255.255.255
!
interface FastEthernet0/0
 ip address 12.12.12.1 255.255.255.0
 standby 1 ip 12.12.12.12
 standby 1 priority 110
 standby 1 preempt
 standby 1 authentication md5 key-string cisco
!
interface Serial0/0
 ip address 13.13.13.1 255.255.255.0
!
router eigrp 1
 network 0.0.0.0
 no auto-summary

R2#
interface Loopback0
 ip address 2.2.2.2 255.255.255.255
!
interface FastEthernet0/0
 ip address 12.12.12.2 255.255.255.0
 standby 1 ip 12.12.12.12
 standby 1 preempt
 standby 1 authentication md5 key-string cisco
!
interface Serial0/0
 ip address 23.23.23.2 255.255.255.0
!
router eigrp 1
 network 0.0.0.0
 no auto-summary

R3#
interface Loopback0
 ip address 3.3.3.3 255.255.255.255
!
interface Serial0/0
 ip address 13.13.13.3 255.255.255.0
!
interface Serial0/1
 ip address 23.23.23.3 255.255.255.0
!
router eigrp 1
 network 0.0.0.0
 no auto-summary

Verify hsrp before add route tracking

R1#show standby brief
                     P indicates configured to preempt.                     |
Interface   Grp  Pri  P State   Active          Standby         Virtual IP
Fa0/0        1    110 P Active  local           12.12.12.2      12.12.12.12

R2(config-if)#do sh stan bri
                     P indicates configured to preempt.                  |
Interface   Grp  Pri  P State   Active          Standby         Virtual IP
Fa0/0        1    100 P Standby 12.12.12.1      local           12.12.12.12

Now let’s add route tracking in R1. So if R1 doesn’t have 3.3.3.3/32 in routing table, the priority in R1 will decrease 20. Then the active HSRP will change to R2.

R1#
track 1 ip route 3.3.3.3 255.255.255.255 reachability
!
interface fa0/0
  standby 1 track 1 decrement 20

Let’s test by shutdown interface loopback 0 in R3 which is 3.3.3.3/32.

R3(config)#int lo0
R3(config-if)#shut

Just wait… then

*Mar  1 00:18:11.755: %TRACKING-5-STATE: 1 ip route 3.3.3.3/32 reachability Up->Down
R1(config-if)#
*Mar  1 00:18:12.899: %HSRP-5-STATECHANGE: FastEthernet0/0 Grp 1 state Active -> Speak
R1(config-if)#
*Mar  1 00:18:22.899: %HSRP-5-STATECHANGE: FastEthernet0/0 Grp 1 state Speak -> Standby

Verify HSRP

R1(config-if)#do sh stand brie
                     P indicates configured to preempt.                     |
Interface   Grp  Pri  P State   Active          Standby         Virtual IP
Fa0/0         1    90  P Standby 12.12.12.2      local           12.12.12.12

R2(config-if)#do sh stand bri
                     P indicates configured to preempt.                     |
Interface   Grp  Pri  P State   Active          Standby         Virtual IP
Fa0/0         1    100 P Active  local           12.12.12.1      12.12.12.12
Posted by at No comments:
Labels: , ,

Lab 1. IP Services - DHCP Server


Let’s do DHCP test. We set f0/0 in R2 using  DHCP.

R1#
interface Loopback0
 ip address 1.1.1.1 255.255.255.255
 ip ospf 1 area 0
!
interface FastEthernet0/0
 ip address 12.12.12.1 255.255.255.0
 ip ospf 1 area 0
 no shut

R2#
interface Loopback0
 ip address 2.2.2.2 255.255.255.255
 ip ospf 1 area 0
!
interface FastEthernet0/0
 ip address dhcp
 ip ospf 1 area 0
 no shut

Verify interface brief in R2

R2(config-if)#do sh ip int brie
Interface                      IP-Address      OK?  Method   Status                          Protocol
FastEthernet0/0            unassigned      YES   DHCP     up                                up
FastEthernet0/1            unassigned      YES   unset        administratively down   down
Loopback0                  2.2.2.2           YES   manual      up                                up

Interface Fa0/0 R2 should get ip from R1 as DHCP server

R1#
ip dhcp excluded-address 12.12.12.1
!
ip dhcp pool TEST
   network 12.12.12.0 255.255.255.0
   domain-name cisco.com
   dns-server 12.12.12.1
   default-router 12.12.12.1

Just wait!

R2(config-if)#
*Mar  1 00:12:41.363: %DHCP-6-ADDRESS_ASSIGN: Interface FastEthernet0/0 assigned DHCP address 12.12.12.2, mask 255.255.255.0, hostname R2
R2(config-if)#
*Mar  1 00:12:46.495: %OSPF-5-ADJCHG: Process 1, Nbr 1.1.1.1 on FastEthernet0/0 from LOADING to FULL, Loading Done

Good! Now Fa0/0 in R2 got ip address from R1.
Verify DHCP in R1!

R1#show ip dhcp pool
Pool TEST :
 Utilization mark (high/low)    : 100 / 0
 Subnet size (first/next)       : 0 / 0
 Total addresses                : 254
 Leased addresses               : 1
 Pending event                  : none
 1 subnet is currently in the pool :
 Current index        IP address range                    Leased addresses
 12.12.12.3           12.12.12.1       - 12.12.12.254      1

R1#show ip dhcp binding
Bindings from all pools not associated with VRF:
IP address          Client-ID/              Lease expiration        Type
                    Hardware address/
                    User name
12.12.12.2   0063.6973.636f.2d63.    Mar 02 2002 12:12 AM    Automatic
                    3030.312e.3135.3634.
                    2e30.3030.302d.4661.
                    302f.30

Verify the IP, OSPF, and routing table in R2. Make sure can ping to loopback R1

R2(config-if)#do sh ip int brie
Interface                       IP-Address      OK? Method Status                Protocol
FastEthernet0/0            12.12.12.2      YES   DHCP   up                    up
FastEthernet0/1            unassigned       YES   unset  administratively down down
Loopback0                  2.2.2.2            YES   manual up                      up

R2(config-if)#do sh ip ospf nei 
Neighbor ID     Pri   State           Dead Time   Address         Interface
1.1.1.1           1   FULL/DR         00:00:34    12.12.12.1      FastEthernet0/0
R2(config-if)#do sh ip rout
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is 12.12.12.1 to network 0.0.0.0

     1.0.0.0/32 is subnetted, 1 subnets
O       1.1.1.1 [110/11] via 12.12.12.1, 00:02:09, FastEthernet0/0
     2.0.0.0/32 is subnetted, 1 subnets
C       2.2.2.2 is directly connected, Loopback0
     12.0.0.0/24 is subnetted, 1 subnets
C       12.12.12.0 is directly connected, FastEthernet0/0
S*   0.0.0.0/0 [254/0] via 12.12.12.1

R2(config-if)#do ping 1.1.1.1 
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/32/44 ms
Posted by at No comments:
Labels: ,
Subscribe to: Posts (Atom)