of 575
7/23/2019 Cciev5 Configuration Troubleshooting Lab 1 4 Questions Solutions v1 Release
1/574
0 | P a
CCIE4ALL R Sv5
CCIE ROUTING AND SWITCHING v5.0
ADVANCED CONFIGURATION & TROUBLESHOOTING LAB
WORKBOOK QUESTIONS & SOLUTIONS
+44 (0) 7787 520 858 | 7894 248 694
7/23/2019 Cciev5 Configuration Troubleshooting Lab 1 4 Questions Solutions v1 Release
2/574
0 | P a g e
Copyright
CCIEv5 R&S Advanced Configuration & Troubleshooting Lab Workbook
by Tom Mark Giembicki & Sean Paul Draper
Copyright 2015, CCIE4ALL All Right Reserved
Produced in the United Kingdom
This book contains material protected under International and Federal Copyright Laws and Treaties. Any
unauthorized reprint or use of this material is prohibited. No part of this book may be reproduced or transmitted in
any form or by any means, electronic or mechanical, including photocopying, recording, or by any information
storage and retrieval system without express written permission from the author / publisher.
CCIE R&S Advanced Configuration and Troubleshooting Lab Workbook may be purchased for educational,
business or sales promotional use. For more information, contact [email protected]@gmail.com
Acknowledgments
Tom Mark GiembickiTom is in the productivity business. At some level, we all are. Wed like to think that whatever
solution were selling or service were providing will offer a benefit or make life better in some way.
So long as were in an organization with limited finances (which probably includes most for-profit and not-for-profit
organizations these days) we need to measure better in two ways. One way of making things better means
better for the organization itself, so it can do a better job of achieving its mission for its customers. The other way
makes things better for the people who work in the organization. The tendency generally seems to be to focus on
making things better for the organization (and therefore the bottom line), but unfortunately, as organizations go
about making these types of improvements, it is easy to forget that better for the people often has a direct
impact on better for the organization, ie. making tasks easier and faster for the individuals in a company
generally leads to increasing the overall productivity of the company. I would like to thank my family for absolutely
everything I have achieved so far in my life and also Insight Team for helping me manage clients appointments
and business trips while working on this book.
Sean Paul DraperThere are too many friends to list here you all know who you are, I would also like to give thank
to my family, especially my mother.
mailto:[email protected]:[email protected]:[email protected]:[email protected]:[email protected]:[email protected]:[email protected]7/23/2019 Cciev5 Configuration Troubleshooting Lab 1 4 Questions Solutions v1 Release
3/574
1 | P a g e
TABLE OF CONTENTS
COPYRIGHT ..................................................................................................................................................... 0
ACKNOWLEDGMENTS ...................................................................................................................................... 0
FOREWORD ..................................................................................................................................................... 8
TROUBLESHOOTING SECTION .......................................................................................................................... 9
DIAGNOSTICS SECTION .................................................................................................................................. 10
CONFIGURATION SECTION ............................................................................................................................. 11
OBJECTIVES AND AUDIENCE .......................................................................................................................... 12
WARNING AND DISCLAIMER .......................................................................................................................... 13
LICENSE AGREEMENT ..................................................................................................................................... 13
TERM AND TERMINATION OF LICENSE AGREEMENT ...................................................................................... 14
WARANTY ...................................................................................................................................................... 14
CCIE EXAM IOS & CATEGORY CHANGES ......................................................................................................... 15
CCIE EXAM QUIDELINES UPDATE ................................................................................................................... 16
LAB EXAM GUIDELINES .................................................................................................................................. 17
LAB#1 ............................................................................................................................................................ 20
SAN FRANCISCO GROUP HQ .......................................................................................................................... 20
VLANTRUNKVTP ............................................................................................................................................... 20
ETHERCHANNEL...................................................................................................................................................... 23
SPANNING-TREE MST ....................................................... ................................................................. ..................... 28
SPANNING-TREE TUNING.............................................................. ................................................................. .......... 32
LAYER 2SECURITY.................................................................................................................................................. 34
CDP .................................................................................................................................................................... 36
SERVICE PROVIDER#9 .................................................................................................................................... 38
VLANTRUNKVTP ............................................................................................................................................... 38
ETHERCHANNEL...................................................................................................................................................... 43
SPANNING-TREE RAPID PVST ........................................................ ................................................................. .......... 49
SPANNING-TREE TUNING.............................................................. ................................................................. .......... 53
SPANNING-TREE TIMERS............................................................... ................................................................. .......... 54
SPANNING-TREE UPLINKFAST................................................................................................................................... 55
ROUTER ON A STICK................................................................................................................................................ 56
SYDNEY BUSINESS MODEL HQ ....................................................................................................................... 60
VLANTRUNKVTP ............................................................................................................................................... 60
SPANNING-TREE RAPID PVST ........................................................ ................................................................. .......... 63
SPANNING-TREE TUNING.............................................................. ................................................................. .......... 65
L2SECURITY......................................................... ................................................................. ................................ 67
SAN FRANCISCO GROUP REMOTE SITE .......................................................................................................... 70
DHCPMANUAL BINDINGS (7-BYTE) ......................................................................................................................... 70SAN FRANCISCO GROUP DATA CENTRE.......................................................................................................... 73
7/23/2019 Cciev5 Configuration Troubleshooting Lab 1 4 Questions Solutions v1 Release
4/574
2 | P a g e
DHCP(27-BYTE) ................................................................................................................................................. 73
BERLIN HQ HOME .......................................................................................................................................... 76
DHCPEXCLUSION............................................................ ................................................................. ..................... 76
BERLIN REMOTE OFFICE ................................................................................................................................. 78
DHCPMULTIPLE SUBNET FUNCTIONALITY................................................................................................................... 78
BERLIN HQ DATA CENTRE .............................................................................................................................. 83
DHCPEXCLUSION............................................................ ................................................................. ..................... 83
SYDNEY BUSINESS MODEL HQ ....................................................................................................................... 87
PPPOE................................................................................................................................................................. 87
SYDNEY BUSINESS REMOTE OFFICE - SP#7 ..................................................................................................... 90
MULTILINK PPP ............................................................... ................................................................. ..................... 90
SP#3/SP#4 ..................................................................................................................................................... 95
PPPPAP/CHAP ................................................................................................................................................... 95
SP#2/SP#6 ..................................................................................................................................................... 97
PPPEAP ................................................................ .............................................................. ................................ 97
SAN FRANCISCO GROUP REMOTE SITE ........................................................................................................ 102
EIGRP ............................................................................................................................................................... 102
SAN FRANCISCO GROUP DATA CENTRE........................................................................................................ 104
EIGRP ............................................................................................................................................................... 104
SAN FRANCISCO GROUP HQ ........................................................................................................................ 106
EIGRP ............................................................................................................................................................... 106
EIGRPMETRIC..................................................... ................................................................. .............................. 109
EIGRPOFFSET-LIST.......................................................... ................................................................. ................... 112
EIGRPDISTRIBUTE LIST......................................................................................................................................... 115
EIGRPROUTE TAG............................................................................................................................................... 119
EIGRPAUTHENTICATION.............................................................. ................................................................. ........ 123
EIGRPBFD......................................................................................................................................................... 126
BERLIN HQ HOME USER ............................................................................................................................... 128
EIGRP ............................................................................................................................................................... 128
BERLIN REMOTE OFFICE ............................................................................................................................... 129
EIGRP ............................................................................................................................................................... 129
SYDNEY BUSINESS MODEL HQ ..................................................................................................................... 130
EIGRP ............................................................................................................................................................... 130
DHCP ......................................................... .............................................................. ......................................... 132
SYDNEY BUSINESS REMOTE OFFICE(1) ......................................................................................................... 134
EIGRP ............................................................................................................................................................... 134
SYDNEY BUSINESS REMOTE OFFICE(2) ......................................................................................................... 135
EIGRP ............................................................................................................................................................... 135
7/23/2019 Cciev5 Configuration Troubleshooting Lab 1 4 Questions Solutions v1 Release
5/574
3 | P a g e
SERVICE PROVIDER#9 .................................................................................................................................. 138
OSPF ................................................................................................................................................................ 138
OSPF ................................................................................................................................................................ 144
OSPFLOCAL POLICY ROUTING............................................................................................................................... 147
OSPFPOLICY ROUTING..................................................... ................................................................. ................... 148
OSPFLSA ........................................................... ................................................................. .............................. 149
OSPFAUTHENTICATION............................................................... ................................................................. ........ 150
OSPFMPLS ........................................................ ................................................................. .............................. 153
OSPFFILTERING.................................................................................................................................................. 158
BERLIN HQ DATA CENTRE ............................................................................................................................ 160
OSPF ................................................................................................................................................................ 160
SERVICE PROVIDER #1.................................................................................................................................. 163
EBGP ................................................................................................................................................................ 163
SERVICE PROVIDER #2.................................................................................................................................. 166
EBGP ................................................................................................................................................................ 166
SERVICE PROVIDER #3.................................................................................................................................. 169
EBGP ................................................................................................................................................................ 169
SERVICE PROVIDER #4.................................................................................................................................. 171
EBGP ................................................................................................................................................................ 171
SERVICE PROVIDER #5.................................................................................................................................. 173
EBGP ................................................................................................................................................................ 173
SERVICE PROVIDER #6.................................................................................................................................. 176IBGP ................................................................................................................................................................. 176
SERVICE PROVIDER #6.................................................................................................................................. 179
NLRIADVERTISEMENT.......................................................................................................................................... 179
SERVICE PROVIDER #6 #7 ............................................................................................................................. 180
EBGP ................................................................................................................................................................ 180
BGPFILTERING..................................................... ................................................................. .............................. 182
SERVICE PROVIDER #7 #8 ............................................................................................................................. 184
EBGP ................................................................................................................................................................ 184
SP#7 - SP#8SBM HQSBM REMOTE OFFICE#1 ......................................................................................... 186
EBGP ................................................................................................................................................................ 186
EBGP ................................................................................................................................................................ 188
SERVICE PROVIDER #9.................................................................................................................................. 191
IBGP ................................................................................................................................................................. 191
SAN FRANCISCO GROUP HQ ........................................................................................................................ 195
IBGP ................................................................................................................................................................. 195
EBGP-NEXT HOP SELF..................................................... ................................................................. ................... 199ROUTE PREFERENCE.......................................................... ................................................................. ................... 203
7/23/2019 Cciev5 Configuration Troubleshooting Lab 1 4 Questions Solutions v1 Release
6/574
4 | P a g e
SAN FRANCISCO GROUP REMOTE SITE ........................................................................................................ 213
REDISTRIBUTION................................................................................................................................................... 213
SAN FRANCISCO GROUP DATA CENTRE........................................................................................................ 214
EBGP ................................................................................................................................................................ 214
SYDNEY BUSINESS MODEL HQ ..................................................................................................................... 215
NETWORK SERVICES -NAT .................................................................................................................................... 215
NETWORK SERVICESNAT ................................................................................................................................... 217
INTERNET CONNECTIVITY -SLA ...................................................... ................................................................. ........ 220
SERVICE PROVIDER #3.................................................................................................................................. 223
BGPCOMMUNITIES............................................................................................................................................. 223
SERVICE PROVIDER#6 .................................................................................................................................. 226
BGPCOMMUNITIES............................................................................................................................................. 226
SERVICE PROVIDER #5.................................................................................................................................. 228
BGPAGGREGATION SUMMARY ONLY.............................................................................................................. ........ 228
SERVICE PROVIDER #6.................................................................................................................................. 230
BGPAGGREGATION SUPPRESS MAP.......................................................... .............................................................. 230
REDISTRIBUTIONINTERNET CONNECTIVITY........................................................... ................................................... 232
IPV6 TABLE .................................................................................................................................................. 234
.................................................................................................................................................................... 236
SAN FRANCISCO GROUP HQ ........................................................................................................................ 238
OSPFV3 ................................................................ ............................................................... .............................. 238RIP/OSPFV3/REDISTRIBUTION........................................................................................................... ................... 242
OSPFV3METRIC................................................................................................................................................. 246
OSPFV3AUTHENTICATION.................................................................................................................................... 249
OSPFV3HSRP ................................................................................................................................................... 251
IPV6GENERIC PREFIX........................................................................................................................................... 256
SAN FRANCISCO GROUP HQSERVICE PROVIDER#5 ................................................................................... 258
EBGP ................................................................................................................................................................ 258
SAN FRANCISCO GROUP REMOTE SITE ........................................................................................................ 261
EIGRPV6 ........................................................................................................................................................... 261DEFAULT ROUTE.................................................................................................................................................. 263
SAN FRANCISCO GROUP DATA CENTRE........................................................................................................ 264
EIGRPV6-DHCP ............................................................ ................................................................. ................... 264
EBGP ................................................................................................................................................................ 267
ROUTE ADVERTISEMENT........................................................................................................................................ 268
IPV6GLOBAL DNSSERVICE................................................................................................................................... 270
GRETUNNEL...................................................................................................................................................... 272
DNS&SSH ......................................................... ................................................................. .............................. 275
SFG-DC /SP#6/SP#9/ BERLIN HQ-DC ............................................................................................................ 279
IPV6PART I ........................................................................................................................................................ 279
7/23/2019 Cciev5 Configuration Troubleshooting Lab 1 4 Questions Solutions v1 Release
7/574
5 | P a g e
IPV6PART II ....................................................................................................................................................... 281
IPV6REDISTRIBUTION....................................................... ................................................................. ................... 285
SERVICE PROVIDER #6SERVICE PROVIDER#9 ............................................................................................ 288
LDPAUTHENTICATION.......................................................................................................................................... 288
LDPSESSION PROTECTION............................................................ ................................................................. ........ 290
VRFBERLIN-HQRO ............................................................................................................................................. 292VRFSFG-WHDC ............................................................ ................................................................. ................... 303
VRFBERLIN-DCWH ............................................................................................................................................ 313
VRFFILTERING.................................................................................................................................................... 320
LDP/TDPLABEL PROTECTION....................................................... ................................................................. ........ 322
LABEL FILTERING.................................................................................................................................................. 324
VRFROUTE LEAKING............................................................................................................................................ 328
VRF/GLOBAL ROUTE LEAKING....................................................... ................................................................. ........ 331
SYDNEY BUSINESS MODEL HQ/REMOTE OFFICES ........................................................................................ 342
DMVPN ............................................................................................................................................................ 342
DHCP ......................................................... .............................................................. ......................................... 350DMVPNROUTES................................................................................................................................................ 353
DMVPNENCRYPTION.......................................................................................................................................... 355
VERIFICATION .............................................................................................................................................. 361
SYDNEY BUSINESS - SAN FRANCISCO GROUP - REMOTE OFFICES ................................................................. 363
IPSEC VPN ......................................................................................................................................................... 363
SYDNEY BUSINESS MODEL HQ/REMOTE OFFICES ........................................................................................ 368
MULTICAST......................................................................................................................................................... 368
MULTICAST......................................................................................................................................................... 372
SP#2/SP#6/SP#7 .......................................................................................................................................... 379
MULTICAST MSDPTOPOLOGY PREPERATION......................................................... ................................................... 379
MSDP ........................................................................................................................................................... 380
MULTICAST SP#2................................................................................................................................................. 380
MULTICAST SP#6................................................................................................................................................. 382
MULTICAST SP#7................................................................................................................................................. 384
MULTIPROTOCOL BGPEXTENSION....................................................................................................... ................... 385
MSDPPASSWORD PROTECTION/TIMERS................................................................................................................. 391
SERVICE PROVIDER #9.................................................................................................................................. 392
CLI ASCIIENTRY.................................................................................................................................................. 392
SERVICE PROVIDER #6.................................................................................................................................. 394
SYSTEM PROTECTION............................................................................................................................................ 394
DSCP, TOS AND IP PRECEDENCE MAPPPINGS............................................................................................... 396
SYDNEY BUSINESS MODEL HQ ..................................................................................................................... 397
TELNET ................................................................ ............................................................... .............................. 397
TELNET ................................................................ ............................................................... .............................. 400
SERVICE PROVIDER #9.................................................................................................................................. 402
7/23/2019 Cciev5 Configuration Troubleshooting Lab 1 4 Questions Solutions v1 Release
8/574
6 | P a g e
CONTROL PLANE.................................................................................................................................................. 402
NTP-PART I ........................................................ ................................................................. .............................. 406
NTPPART II ...................................................... ................................................................. .............................. 412
DNS ........................................................... .............................................................. ......................................... 413
HTTP ................................................................................................................................................................ 417
NETFLOW .......................................................... ................................................................. .............................. 419
NETFLOW .......................................................... ................................................................. .............................. 420FLEXIBLE NETFLOW ............................................................................................................................................ 422
NAT .................................................................................................................................................................. 425
EEMI ......................................................... .............................................................. ......................................... 427
EEMII ........................................................ .............................................................. ......................................... 429
EEMIII ................................................................ ................................................................ .............................. 431
EEMIV.............................................................................................................................................................. 432
TFTP ................................................................................................................................................................. 433
SYDNEY BUSINESS MODEL HQ ..................................................................................................................... 434
DHCPSNOOPING................................................................................................................................................ 434
NBAR ......................................................... .............................................................. ......................................... 437QOS ........................................................... .............................................................. ......................................... 439
SNMP ........................................................ .............................................................. ......................................... 442
SNMP ........................................................ .............................................................. ......................................... 444
SNMPV3 ........................................................................................................................................................... 445
VERIFICATION .............................................................................................................................................. 451
LAB#2 .......................................................................................................................................................... 467
EIGRPOVER THE TOP (OTP) ................................................................................................................................ 467
LAB#3 .......................................................................................................................................................... 476
MPLS CORESERVICE PROVIDER 9 .............................................................................................................. 476
VLANTRUNKVTP ............................................................................................................................................. 476
ETHERCHANNEL ........................................................... ................................................................. ................... 481
SPANNINGTREE ........................................................... ................................................................. ................... 486
SAN FRANCISCO GROUP HQ ........................................................................................................................ 491
VLANTRUNKVTP ............................................................................................................................................. 491
ETHERCHANNEL ........................................................... ................................................................. ................... 495
SPANNINGTREE ........................................................... ................................................................. ................... 498
SYDNEY BUSINESS MODEL ........................................................................................................................... 503
VLANTRUNKVTP ............................................................................................................................................. 503
ETHERCHANNEL ........................................................... ................................................................. ................... 506
SPANNINGTREE ........................................................... ................................................................. ................... 509
TROUBLESHOOTING GUIDELINES ................................................................................................................. 515
LAB#4 .......................................................................................................................................................... 518
INCIDENT#1 ........................................................................................................................................................ 518
INCIDENT#2 ........................................................................................................................................................ 519
INCIDENT#3 ........................................................................................................................................................ 520
INCIDENT#4 ........................................................................................................................................................ 522INCIDENT#5 ........................................................................................................................................................ 524
7/23/2019 Cciev5 Configuration Troubleshooting Lab 1 4 Questions Solutions v1 Release
9/574
7 | P a g e
INCIDENT#6 ........................................................................................................................................................ 525
INCIDENT#7 ........................................................................................................................................................ 527
INCIDENT#8 ........................................................................................................................................................ 528
INCIDENT#9 ........................................................................................................................................................ 530
INCIDENT#10 ...................................................................................................................................................... 532
INCIDENT#11 ...................................................................................................................................................... 534
INCIDENT#12 ...................................................................................................................................................... 536INCIDENT#13 ...................................................................................................................................................... 539
LAB#5 .......................................................................................................................................................... 543
LAYER 2 TECHNOLOGIES .............................................................................................................................. 543
SECTION 1.1 ....................................................................................................................................................... 543
SECTION 1.2 ....................................................................................................................................................... 545
SECTION 1.3 ....................................................................................................................................................... 546
SECTION 1.4 ....................................................................................................................................................... 547
SECTION 1.5 ....................................................................................................................................................... 548
SECTION 1.6 ....................................................................................................................................................... 549
SECTION 1.7 ....................................................................................................................................................... 549
SECTION 1.8 ....................................................................................................................................................... 550
SECTION 1.9 ....................................................................................................................................................... 551
LAYER 3 TECHNOLOGIES .............................................................................................................................. 553
SECTION 2.1 ....................................................................................................................................................... 553
SECTION 2.2 ....................................................................................................................................................... 555
SECTION 2.3 ....................................................................................................................................................... 556
SECTION 2.4 ....................................................................................................................................................... 559
SECTION 2.5 ....................................................................................................................................................... 560
SECTION 2.6 ....................................................................................................................................................... 561SECTION 2.7 ....................................................................................................................................................... 562
SECTION 2.8 ....................................................................................................................................................... 566
SECTION 2.9 ....................................................................................................................................................... 566
SECTION 2.10 ..................................................................................................................................................... 566
SECTION 2.11 ..................................................................................................................................................... 567
SECTION 2.12 ..................................................................................................................................................... 567
SECTION 2.13 ..................................................................................................................................................... 567
SECTION 2.14 ..................................................................................................................................................... 570
SECTION 2.15 ..................................................................................................................................................... 570
SECTION 2.16 ..................................................................................................................................................... 570
SECTION 2.17 ..................................................................................................................................................... 571
SECTION 2.18 ..................................................................................................................................................... 572
VPN TECHNOLOGIES .................................................................................................................................... 572
SECTION 3.1 ....................................................................................................................................................... 572
END OF WORKBOOK .................................................................................................................................... 573
7/23/2019 Cciev5 Configuration Troubleshooting Lab 1 4 Questions Solutions v1 Release
10/574
8 | P a g e
Foreword
While the CCIE certification has long been the standard for network excellence, previous versions of the CCIE Lab
did not test real-life scenarios where topics such as Frame Relay , WCCP to name a few more have now been
completely removed from the version CCIEv5 lab with the lab now more focused on relevant topics such as IPv6 ,
VPN and troubleshooting methodologies.
While the CCIE Written exam remains essentially the same, the CCIE Lab exam has significant changes. The entire
version 5 Lab exam will be utilized on 100% virtual equipment. Features on Cisco IOS Software Release 15 can now
be tested in the lab and along with virutlaising the devices the exam provides a more realistic network with much
larger network topologies. The main objective of this workbook session is to give an overview of how the exams are
conducted and to provide you good guidance on what you need to look at when preparing and taking the
exams.
The CCIE lab exam now consists of three specific sections:
Troubleshooting
DIAG
Configuration
We have included a few screenshots from Cisco Live program , see the following :
7/23/2019 Cciev5 Configuration Troubleshooting Lab 1 4 Questions Solutions v1 Release
11/574
9 | P a g e
Troubleshooting Section
Network topology of ~30 virtual routers and switches
Scenario is fully preconfigured but contains faults
2h30 maximum (visible countdown timer + 30 min warning after 2h)
Content designed to be doable within 2h
Incidents stem are symptom-based
Verifications are result-based + constraints
No partial scoring
7/23/2019 Cciev5 Configuration Troubleshooting Lab 1 4 Questions Solutions v1 Release
12/574
10 | P a g e
Diagnostics Section
Independent scenarios putting candidates into the role of a Network Support engineer who diagnoses networking
issues
Analyze, identify, locate and explain the root cause
Recommend optimal troubleshooting procedures leading to the root cause
Recommend network changes isolating the issue without causing more harm
Analyzing, correlating and discerning multiple sources of documentation
Email threads
Network topology diagrams
Console sessions log , Syslogs, Monitoring charts,
Network traffic captures
Designed to be doable within 30 minutes
Tickets stem are very generic
Scenarios provided by additional documentation
Verifications are deterministic
Partial scoring possible per ticket
7/23/2019 Cciev5 Configuration Troubleshooting Lab 1 4 Questions Solutions v1 Release
13/574
11 | P a g e
Configuration Section
Network topology with virtual routers and switches
Scenario is partly preconfigured and items are inter-dependent!
Item#10 may require Item#1 to be completed! And Vice versa!!
Sequence of items is not aligned to the implementation sequence!!
May include implicit troubleshooting
5h30 maximum (no visible countdown timer, refer to proctors clock)
Items stem are based on requirements and constraints
Verification rules check for functionalities, not specific configurations
Validate alternate solution configurations
No partial scoring
7/23/2019 Cciev5 Configuration Troubleshooting Lab 1 4 Questions Solutions v1 Release
14/574
12 | P a g e
Objectives and Audience
CCIEv5.0 Routing and Switching Advanced Configuration and Troubleshooting Labspresents you with full
configuration / troubleshooting lab scenarios in exam style format to echo the real CCIE Routing and Switching
v5.0 lab exam. This publication gives you the opportunity to put into practice your own extensive theoretical
knowledge of subjects to find out how they interact with each other on a larger complex scale.
As the network evolves to support technological advances such as the Internet of Everything and employee
mobility, there is a significant demand for expert-level engineers with proven skills to support forward-looking
trends. The enhanced CCIE Routing and Switching Exams, along with expert-level training for CCIE, provide
sophisticated education and requisite certification to support tomorrows advanced networks. These new
standards reflect both the evolution of job skills that employers are looking for at the expert level and the evolution
of related technologies that are relevant to todays enterprise network environments. Network engineers who use
the expert-level training will be equipped with the knowledge and validated skills required to accelerate expert-level competency in the field.
Cisco announced a major revision of theCCIE Routing and Switching (R&S) Certificationand expert-level training
to meet the increasing challenges of enterprise networks evolving in size, scope and complexity. As the network
carries more essential services, networking experts are expected to anticipate, diagnose and resolve complex
network issues accurately and quickly. The increasing importance of the network to drive significant productivity
and cost benefits to organizations as well as the role of the network in transforming businesses have driven
worldwide demand for skilled IT staff.
Cisco, the Cisco Logo, CCNA, CCNP, CCDP, CCDA, CCIE, Cisco CertifiedNetwork Associate,
Cisco Certified Design Professional, Cisco Certified DesignAssociate, and Cisco Certified Network
Professional, are registered trademarks of Cisco Systems, Inc.The contents contained wherein, is not associated or
endorsed by Cisco Systems, Inc.
https://learningnetwork.cisco.com/community/certifications/ccie_routing_switchinghttps://learningnetwork.cisco.com/community/certifications/ccie_routing_switchinghttps://learningnetwork.cisco.com/community/certifications/ccie_routing_switchinghttps://learningnetwork.cisco.com/community/certifications/ccie_routing_switching7/23/2019 Cciev5 Configuration Troubleshooting Lab 1 4 Questions Solutions v1 Release
15/574
13 | P a g e
Warning And Disclaimer
PLEASE READ THIS SUBSCRIPTION LICENSE AGREEMENT CAREFULLY BEFORE USING THIS PRODUCT.
BY ORDERING THIS PRODUCT YOU ARE CONSENTING TO BE BOUND BY THIS LICENSING AGREEMENT.IF YOU DO NOT
AGREE TO ALL OF THE TERMS OF THIS LICENSE, THEN DO NOT PURCHASE THIS PRODUCT.
This book is designed to provide information about the Cisco Certified Internetwork Expert (CCIE)
Routing and Switching (R&S) Lab 5.0 Exam. Maximum effort has been made to make this book accurate and
informative as possible, but no warranty or fitness is implied. You should use this book as a general guide.
The authors, shall have neither liability nor responsibility to any person or entity with respect to any loss or damages
arising from the information contained in this book.
This book is written only with the hope of the author that your reading and understanding the contents will alert
you to questions that you should ask and pitfalls which you should attempt to avoid before attempting to take you
lab exam.
License Agreement
CCIEv5.0 Routing and Switching Advanced Configuration and Troubleshooting Lab Workbook is copyrighted. In
addition, this product is at all times the property of Tom Mark Giembicki and Sean Paul Draper , and the customershall agree to use this product only for themselves, the licensed user. The license for the specific customer remains
valid from the purchase date until they pass their CCIE Routing and Switching lab exam.
CCIEv5.0 Routing and Switching Advanced Configuration and Troubleshooting Lab Workbook materials are
licensed by individual customer. This material cannot be resold, transferred, traded, sold, or have the price shared
in any way. Each specific individual customer must have a license to use this product. The customer agrees that
this product is always the property of Tom Mark Giembicki and Sean Paul Draper, and they are just purchasing a
license to use it. A Customers license will be revoked if they violate this licensing agreement in any way.
Copies of this material in any form or fashion are strictly prohibited. If for anyreason a licensed copy of this material
is lost or damaged a new copy will be provided free of charge, except for the cost of printing, shipping andhandling.
Individuals or entities that knowingly violate the terms of this licensing agreement may be subject to punitive
damages that Tom Mark Giembicki and Sean Paul Draper could seek in civil court. In addition, individuals or
entities that knowingly violate the terms of this license agreement may be subject to criminal penalties as are
allowed by law.
7/23/2019 Cciev5 Configuration Troubleshooting Lab 1 4 Questions Solutions v1 Release
16/574
14 | P a g e
Term and Termination of License Agreement
This License is effective until terminated. Customer may terminate this License at any time by destroying all copies
of written and electronic material of this product.
Customer's rights under this License will terminate immediately without notice from Tom Mark Giembicki and Sean
Paul Draper, if Customer fails to comply with any provision of this License. Upon termination, Customer must destroyall copies of material in its possession or control. The license for the specific user remains valid from the purchase
date until the user passes their lab exam pertaining to the purchased subscription. Once the customer passes the
relevant lab exam the license is terminated and all material written or electronic in their possession or control must
be destroyed or returned to Tom Mark Giembicki and Sean Paul Draper.
WarantyNo warranty of any kind is provided with this product. There are no guarantees that the use of this product will
help a customer pass any exams, tests, or certifications,or enhance their knowledge in any way. The product is
provided on an AS IS basis.
In no event will Tom Mark Giembicki and Sean Paul Draper, its suppliers, or licensed resellers be liable for any
incurred costs, lost revenue, lost profit, lost data, or any other damages regardless of the theory of liability arising
out of use or inability to use this product.
7/23/2019 Cciev5 Configuration Troubleshooting Lab 1 4 Questions Solutions v1 Release
17/574
15 | P a g e
CCIE Exam IOS & Category Changes
Equipment List and IOS Requirements
The lab exam tests any feature that can be configured on the equipment and IOS versions indicated here:
3925 series routers - IOS 15.3(T)Advanced Enterprise Services
For additional information referenceCISCO IOS Configuration guide
Catalyst 3560X series switches running IOS Version 15.0SAdvanced IP Services
For additional information referenceCISCO IOS Configuration guide
Version 5 of the CCIE exam is organized into 6 categories versus the existing 11
Network Principlesis a new category that includes foundational topics that are covered only on the written exam.
Layer 2 Technologiespredominately covers LAN Switching and WAN circuit technologies.
Layer 3 Technologiescovers both interior and exterior routing protocols (RIP, EIGRP, OSPF, ISIS and BGP). Both IPv4
and IPv6 will be included as well as more focus on dual-stack technologies. IP Multicast is no longer a separate
category it is included in both the Layer 2 and Layer 3 technology category.
VPN Technologiesis a new category that includes Tunnelling and Encryption sub-domains. Tunnelling includes
MPLS L2 and L3 VPNs and well as DMVPN and IPv6 Tunnelling techniques. Encryption includes IPsec with pre-
shared key. GETVPN is also included but only on the written exam.
Infrastructure Securityincludes both Device and Network Security with both focusing on features supported in ISR
routers and CAT 3K switches. It excludes topics that rely on dynamic crypto (PKI) or any remote servers.
Infrastructure Serversincludes System Management, Services, Quality of Service (QoS) and network optimization.
QoS was a separate category in version 4 of the exam, it is still included is version 5 of the exam, it is just absorbed
in a different category. Layer 2 QoS topics are included on the written exam only.
http://www.cisco.com/c/en/us/support/ios-nx-os-software/ios-15-4m-t/products-installation-and-configuration-guides-list.htmlhttp://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3750x_3560x/software/release/15-0_2_se/configuration/guide/3750x_cg.htmlhttp://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3750x_3560x/software/release/15-0_2_se/configuration/guide/3750x_cg.htmlhttp://www.cisco.com/c/en/us/support/ios-nx-os-software/ios-15-4m-t/products-installation-and-configuration-guides-list.html7/23/2019 Cciev5 Configuration Troubleshooting Lab 1 4 Questions Solutions v1 Release
18/574
16 | P a g e
CCIE exam quidelines update
Topics Added to the CCIE Routing and Switching v5.0 Written Exam:
Describe basic software architecture differences between IOS and IOS XE
Identify Cisco Express Forwarding Concepts
Explain General Network Challenges
Explain IP, TCP and UDP OperationsDescribe Chassis Virtualization and Aggregation Technologies
Explain PIM Snooping
Describe WAN Rate-based Ethernet Circuits
Describe BGP Fast Convergence Features
ISIS (for IPv4 and IPv6)
Describe Basic Layer 2 VPNWireline
Describe Basic L2VPNLAN Services
Describe GET VPN
Describe IPv6 Network Address Translation
Topics Added to the CCIE Routing and Switching v5.0 Written and Lab Exams:
Interpret Packet Capture
Implement and Troubleshoot Bidirectional Forwarding Detection
Implement EIGRP (multi-address) Named Mode
Implement Troubleshoot and Optimize EIGRP and OSPF Convergence and Scalabililty
Implement and Troubleshoot DMVPN (single hub)
Implement and Troubleshoot IPsec with pre-shared key
Implement and Troubleshoot IPv6 First Hop Security
Topics Moved from the CCIE RS v4.0 Lab exam to the CCIE RS v5.0 Written Exam:
Describe IPv6 Multicast
Describe RIPv6 (RIPng)
Describe IPv6 Tunneling Techniques
Describe Device Security using IOS AAA with TACACS+ and Radius
Describe 802.1x
Describe Layer 2 QoS
Identify Performance Routing (PfR)
Topics Removed from the CCIE RS v4.0 Exam:
Flexlink ISL Layer 2 Protocol Tunneling
Frame-Relay (LFI, FR Traffic Shaping)
WCCP
IOS Firewall and IPS
RITE, RMON
RGMP
RSVP QoS, WRR/SRR
7/23/2019 Cciev5 Configuration Troubleshooting Lab 1 4 Questions Solutions v1 Release
19/574
17 | P a g e
Lab Exam Guidelines
We would advise that you read the whole workbook before you start. This will give you an understanding of where
different technologies will be running in the network and should help you visualize the entire network.
This is one of the most important concepts when dealing with the CCIE R&S lab exam administered by Cisco.
Load the initial configuration files for the routers. Refer to the diagram(s) for the interface connections to other
routers.
In the real exam no configuration changes can be made to the Internet routers (marked grey) however
throughout this workbook the Internet routers will need to be configured for certain tasks.
All of the devices have been preconfigured with initial configurations.
Do a Root Cause Analysis before doing any configuration change
The overall scenario targets full reachability between all sites, unless specified.
Revert to initial configuration if in doubt (manage devices menu)
There are many valid solutions, grading is based on outcome.
Points are awarded per item if the solution meets all requirements.
Do not remove any feature preconfigured! ACL, PBR, NAT, CoPP, MQC,
Do not change routing protocol(s) boundaries, unless it is the issue!
Do not use static route and redistributions unless explicitly requested to.
Use the validation test to confirm resolution (necessary but not sufficient!)
Do backward verifications using the validation test of each incident
Do not change IP addressing or routing protocols boundaries.
Do not add interfaces unless specified.
Plan for regression tests after completed substantial changes
7/23/2019 Cciev5 Configuration Troubleshooting Lab 1 4 Questions Solutions v1 Release
20/574
18 | P a g e
CCIEv5 Routing Switching
Avanced Configuration &
Troubleshooting Lab#1
Questions & Solutions
Tom
Mark
Giembicki
Sean Paul Draper
7/23/2019 Cciev5 Configuration Troubleshooting Lab 1 4 Questions Solutions v1 Release
21/574
19 | P a g e
R8 R9
R10 R11
E3/0 E2/0E2/0
E2/0E1/0 E2/0
E1/0 E3/0
E0/0 E0/0
E1/0 E1/0
E0/1 E0/1
E0/2 E0/2E0/3
E1/0E1/1
E1/0E1/1
SW1 SW2
BGP
AS 64784
E1/2
Copyright 2015 CCIE4ALL. All rights reserved
VLAN118
VLAN119
VLAN 111
VLAN811
R8 R9
R10 R11E2/0 E1/0
E1/0 E2/0
E3/0
E0/0 E0/0
SVI SVI
E3/0 E2/0E2/0
E1/0 E1/0
SW1 SW2
.1 .2
.5
.6
.9
.10
.13
.14
.17
.18
.21
.22
.25 .26
IPv4/IPv6
Core
BGP
AS 64784
San Francisco Group
HeadquarterSan Francisco Group
Headquarter
E1/3 E1/3
CCIEv5 R S L2/L3 Topology
EIGRP HQ AS150192.168.10.0 /30
Lo0:192.X.X.X/32
R8 Lo1:192.188.188.188/32
R9 Lo1:192.188.188.188/32
Mgmt VLAN100
192.100.X.X/24
7/23/2019 Cciev5 Configuration Troubleshooting Lab 1 4 Questions Solutions v1 Release
22/574
20 | P a g e
LAB#1
San Francisco Group HQ
VLAN TRUNK VTP
Configure SW1 and SW2 with the following:
The VTP domain should be configured to CCIE_Rocks (without the quotes)
Ensure that VTP traffic is MD5 secured using a password of CCIE_Rocks?(question mark is part of
password)
Use VTP version 2
Configure 802.1qtrunk links between the switches according to the Layer 2 Diagram
Only active VLANs should be allowed on trunk links
VLAN 811 MTU(Maximum Transision Unit) should be set to 1400
Ensure that VLAN 999 traffic is not tagged when sent over the trunk links
After synchronization both switches must not propagate VLAN configuration changes to eachother
Configuration:
SW1
vtp domain CCIE_Rocks
vtp version 2
vtp password CCIE_Rocks(Esc+Q)? see note
vtp mode server
vlan 811
mtu 1400
interface range Ethernet1/0 1 , Ethernet1/3
switchport trunk encapsulation dot1q
switchport trunk native vlan 999
switchport trunk allowed vlan 1,111,118,119,811,999
switchport mode trunk
vtp mode transparent
SW2
vtp domain CCIE_Rocks
vtp version 2
vtp password CCIE_Rocks(Esc+Q)? see note
vtp mode server
vlan 811
mtu 1400
interface range Ethernet1/0 1 , interface Ethernet1/3
switchport trunk encapsulation dot1q
switchport trunk native vlan 999
switchport trunk allowed vlan 1,111,118,119,811,999
switchport mode trunk
vtp mode transparent
7/23/2019 Cciev5 Configuration Troubleshooting Lab 1 4 Questions Solutions v1 Release
23/574
21 | P a g e
Verification:
SW1#show vtp statusVTP Version capable : 1 to 3
VTP version running : 2VTP Domain Name : CCIE_RocksVTP Pruning Mode : DisabledVTP Traps Generation : DisabledDevice ID : aabb.cc00.3300Configuration last modified by 192.168.10.6 at 12-6-14 09:16:07
Feature VLAN:--------------
VTP Operating Mode : TransparentMaximum VLANs supported locally : 1005
Number of existing VLANs : 10Configuration Revision : 0MD5 digest : 0xD9 0x16 0xB7 0xD6 0x00 0x64 0x8A 0xBE
0x41 0x35 0x4B 0xD0 0xAB 0x6E 0xAD 0xA2
SW2#sh vtp statuVTP Version capable : 1 to 3
VTP version running : 2VTP Domain Name : CCIE_RocksVTP Pruning Mode : DisabledVTP Traps Generation : DisabledDevice ID : aabb.cc00.3400Configuration last modified by 192.168.10.6 at 12-10-14 19:45:05
Feature VLAN:--------------
VTP Operating Mode : TransparentMaximum VLANs supported locally : 1005
Number of existing VLANs : 10Configuration Revision : 0MD5 digest : 0x68 0xA8 0x6D 0x78 0xC3 0xF6 0xB5 0x94
0x42 0x15 0x53 0x12 0xA3 0x95 0xB1 0x62
SW1#show vtp passwordVTP Password: CCIE_Rocks?
SW2#sh vtp passVTP Password: CCIE_Rocks?
SW1#show int trunkPort Mode Encapsulation Status Native vlanEt1/0 on 802.1q trunking 999Et1/1 on 802.1q trunking 999Et1/3 on 802.1q trunking 999
Port Vlans allowed on trunkEt1/0 1,111,118-119,811,999Et1/1 1,111,118-119,811,999Et1/3 1,111,118-119,811,999
Port Vlans allowed and active in management domainEt1/0 1,111,118-119,811,999Et1/1 1,111,118-119,811,999Et1/3 1,111,118-119,811,999
Port Vlans in spanning tree forwarding state and not prunedEt1/0 1,111,118-119,811,999Et1/1 1,111,118-119,811,999
Et1/3 1,111,118-119,811,999
7/23/2019 Cciev5 Configuration Troubleshooting Lab 1 4 Questions Solutions v1 Release
24/574
22 | P a g e
SW2#sh int trunkPort Mode Encapsulation Status Native vlanEt1/0 on 802.1q trunking 999Et1/1 on 802.1q trunking 999Et1/3 on 802.1q trunking 999
Port Vlans allowed on trunkEt1/0 1,111,118-119,811,999
Et1/1 1,111,118-119,811,999Et1/3 1,111,118-119,811,999
Port Vlans allowed and active in management domainEt1/0 1,111,118-119,811,999Et1/1 1,111,118-119,811,999Et1/3 1,111,118-119,811,999
Port Vlans in spanning tree forwarding state and not prunedEt1/0 1,111,118-119,811,999Et1/1 noneEt1/3 none
SW1#show vlan id 811VLAN Name Status Ports---- -------------------------------- --------- -------------------------------811 R9-SW1 active Et0/1, Et1/0, Et1/1, Et1/3
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------811 enet 100811 1400 - - - - - 0 0
Primary Secondary Type Ports------- --------- ----------------- ------------------------------------------
SW2#show vlan id 811VLAN Name Status Ports---- -------------------------------- --------- -------------------------------811 R9-SW1 active Et0/3, Et1/0, Et1/1, Et1/3
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------811 enet 100811 1400 - - - - - 0 0
Primary Secondary Type Ports------- --------- ----------------- ------------------------------------------
Note:You can configure the system to recognize a particular keystroke (key combination or sequence) as command
aliases. In other words, you can set a keystroke as a shortcut for executing a command. To enable the system to
interpret a keystroke as a command, use the either of the following key combinations before entering the command
sequence:
Ctrl-Vor Esc, Q- Configures the system to accept the following keystroke as a user-configured command entry (rather
than as an editing command)
7/23/2019 Cciev5 Configuration Troubleshooting Lab 1 4 Questions Solutions v1 Release
25/574
23 | P a g e
Etherchannel
SW1 and SW2 should run an industry standard Etherchannel
Only Ethernet1/0 and Ethernet1/1 should participate in the Etherchannel configuration
If SW1 detects a loop due to an error in this configuration it should disable both links
Ensure that SW1 initiate the negotiation whereas SW2 should not attempt to negotiate
Ensure that Ethernet1/0 on SW1 is more likely to transmit the packets over the industry Etherchannel -
use the best value possible
For all Etherchannel ports set the load balancing method so that it is based on source and
destination mac-address
Configuration:
SW1
interface range ethernet1/0 1
channel-group 12 mode active
interface ethernet1/0lacp port-priority 0
interface Port-channel12
switchport
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,111,118,119,811,999
switchport mode trunk
port-channel load-balance src-dst-mac
spanning-tree etherchannel guard misconfig
SW2
interface range ethernet1/0 1
channel-group 12 mode passive
interface ethernet1/0
lacp port-priority 0
interface Port-channel12
switchport
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,111,118,119,811,999
switchport mode trunk
port-channel load-balance src-dst-mac
spanning-tree etherchannel guard misconfig
Verification:
SW1#show etherchannel summary | be NumNumber of channel-groups in use: 1Number of aggregators: 1
Group Port-channel Protocol Ports------+-------------+-----------+-----------------------------------------------
12 Po12(SU) LACP Et1/0(P) Et1/1(P)
7/23/2019 Cciev5 Configuration Troubleshooting Lab 1 4 Questions Solutions v1 Release
26/574
24 | P a g e
SW2#sh etherc summ | be GroGroup Port-channel Protocol Ports------+-------------+-----------+-----------------------------------------------12 Po12(SU) LACP Et1/0(P) Et1/1(P)
SW1#show int po12 switchport
Name: Po12Switchport: Enabled
Administrative Mode: trunkOperational Mode: trunk
Administrative Trunking Encapsulation: dot1qOperational Trunking Encapsulation: dot1qNegotiation of Trunking: OnAccess Mode VLAN: 1 (default)Trunking Native Mode VLAN: 999 (NATIVE)
Administrative Native VLAN tagging: enabledVoice VLAN: noneAdministrative private-vlan host-association: noneAdministrative private-vlan mapping: noneAdministrative private-vlan trunk native VLAN: noneAdministrative private-vlan trunk Native VLAN tagging: enabledAdministrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: noneAdministrative private-vlan trunk associations: noneAdministrative private-vlan trunk mappings: noneOperational private-vlan: noneTrunking VLANs Enabled: 1,111,118,119,811,999Pruning VLANs Enabled: 2-1001Appliance trust: none
SW1#show etherchannel 12 detailGroup state = L2Ports: 2 Maxports = 16Port-channels: 1 Max Port-channels = 16Protocol: LACPMinimum Links: 0
Ports in the group:-------------------
Port: Et1/0------------Port state = Up Mstr Assoc In-BndlChannel group = 12 Mode = Active Gcchange = -Port-channel = Po12 GC = - Pseudo port-channel = Po12Port index = 0 Load = 0x00 Protocol = LACPFlags: S - Device is sending Slow LACPDUs F - Device is sending fast LACPDUs.
A - Device is in active mode. P - Device is in passive mode.Local information:
LACP port Admin Oper Port PortPort Flags State Priority Key Key Number StateEt1/0 SA bndl 0 0xC 0xC 0x101 0x3D
Partner's information:LACP port Admin Oper Port Port
Port Flags Priority Dev ID Age key Key Number StateEt1/0 SP 0 aabb.cc00.3400 2s 0x0 0xC 0x101 0x3CAge of the port in the current state: 0d:00h:02m:39sPort: Et1/1------------Port state = Up Mstr Assoc In-BndlChannel group = 12 Mode = Active Gcchange = -Port-channel = Po12 GC = - Pseudo port-channel = Po12Port index = 0 Load = 0x00 Protocol = LACPFlags: S - Device is sending Slow LACPDUs F - Device is sending fast LACPDUs.
A - Device is in active mode. P - Device is in passive mode.Local information:
LACP port Admin Oper Port PortPort Flags State Priority Key Key Number StateEt1/1 SA bndl 32768 0xC 0xC 0x102 0x3DPartner's information:
LACP port Admin Oper Port PortPort Flags Priority Dev ID Age key Key Number StateEt1/1 SP 32768 aabb.cc00.3400 1s 0x0 0xC 0x102 0x3C
7/23/2019 Cciev5 Configuration Troubleshooting Lab 1 4 Questions Solutions v1 Release
27/574
25 | P a g e
Age of the port in the current state: 0d:00h:02m:37sPort-channels in the group:---------------------------
Port-channel: Po12 (Primary Aggregator)------------Age of the Port-channel = 0d:00h:03m:42sLogical slot/port = 16/1 Number of ports = 2HotStandBy port = null
Port state = Port-channel Ag-InuseProtocol = LACPPort security = DisabledPorts in the Port-channel:Index Load Port EC state No of bits------+------+------+------------------+-----------0 00 Et1/0 Active 00 00 Et1/1 Active 0
Time since last port bundled: 0d:00h:02m:37s Et1/1
SW2#show etherchannel 12 detailGroup state = L2Ports: 2 Maxports = 16Port-channels: 1 Max Port-channels = 16Protocol: LACPMinimum Links: 0
Ports in the group:-------------------
Port: Et1/0------------Port state = Up Mstr Assoc In-BndlChannel group = 12 Mode = Passive Gcchange = -Port-channel = Po12 GC = - Pseudo port-channel = Po12Port index = 0 Load = 0x00 Protocol = LACPFlags: S - Device is sending Slow LACPDUs F - Device is sending fast LACPDUs.
A - Device is in active mode. P - Device is in passive mode.Local information:
LACP port Admin Oper Port PortPort Flags State Priority Key Key Number State
Et1/0 SP bndl 0 0xC 0xC 0x101 0x3CPartner's information:
LACP port Admin Oper Port PortPort Flags Priority Dev ID Age key Key Number StateEt1/0 SA 32768 aabb.cc00.3300 23s 0x0 0xC 0x101 0x3DAge of the port in the current state: 0d:00h:01m:14sPort: Et1/1------------Port state = Up Mstr Assoc In-BndlChannel group = 12 Mode = Passive Gcchange = -Port-channel = Po12 GC = - Pseudo port-channel = Po12Port index = 0 Load = 0x00 Protocol = LACPFlags: S - Device is sending Slow LACPDUs F - Device is sending fast LACPDUs.
A - Device is in active mode. P - Device is in passive mode.Local information:
LACP port Admin Oper Port Port
Port Flags State Priority Key Key Number StateEt1/1 SP bndl 32768 0xC 0xC 0x102 0x3CPartner's information:
LACP port Admin Oper Port PortPort Flags Priority Dev ID Age key Key Number StateEt1/1 SA 32768 aabb.cc00.3300 26s 0x0 0xC 0x102 0x3DAge of the port in the current state: 0d:00h:01m:16s
Port-channels in the group:---------------------------
Port-channel: Po12 (Primary Aggregator)------------Age of the Port-channel = 0d:00h:01m:42sLogical slot/port = 16/1 Number of ports = 2HotStandBy port = nullPort state = Port-channel Ag-InuseProtocol = LACPPort security = Disabled
Ports in the Port-channel:Index Load Port EC state No of bits------+------+------+------------------+-----------
7/23/2019 Cciev5 Configuration Troubleshooting Lab 1 4 Questions Solutions v1 Release
28/574
26 | P a g e
0 00 Et1/0 Passive 00 00 Et1/1 Passive 0
Time since last port bundled: 0d:00h:01m:14s Et1/0Time since last port Un-bundled: 0d:00h:01m:17s Et1/1
SW1#show etherchannel load-balanceEtherChannel Load-Balancing Configuration:
src-dst-mac
EtherChannel Load-Balancing Addresses Used Per-Protocol:Non-IP: Source XOR Destination MAC addressIPv4: Source XOR Destination MAC addressIPv6: Source XOR Destination MAC address
SW1#show spanning-tree summarySwitch is in pvst modeRoot bridge for: VLAN0001, VLAN0111, VLAN0118-VLAN0119, VLAN0811, VLAN0999Extended system ID is enabledPortfast Default is disabledPortFast BPDU Guard Default is disabledPortfast BPDU Filter Default is disabledLoopguard Default is disabledEtherChannel misconfig guard is enabledConfigured Pathcost method used is shortUplinkFast is disabledBackboneFast is disabled
Name Blocking Listening Learning Forwarding STP Active---------------------- -------- --------- -------- ---------- ----------VLAN0001 0 0 0 4 4VLAN0111 0 0 0 2 2VLAN0118 0 0 0 3 3VLAN0119 0 0 0 2 2VLAN0811 0 0 0 3 3VLAN0999 0 0 0 2 2---------------------- -------- --------- -------- ---------- ----------6 vlans 0 0 0 16 16
SW2# show spanning-tree summarySwitch is in pvst modeRoot bridge for: noneExtended system ID is enabledPortfast Default is disabled
PortFast BPDU Guard Default is disabledPortfast BPDU Filter Default is disabledLoopguard Default is disabledEtherChannel misconfig guard is enabledConfigured Pathcost method used is shortUplinkFast is disabledBackboneFast is disabled
Name Blocking Listening Learning Forwarding STP Active---------------------- -------- --------- -------- ---------- ----------VLAN0001 1 0 0 1 2VLAN0111 1 0 0 3 4VLAN0118 1 0 0 1 2VLAN0119 1 0 0 2 3VLAN0811 1 0 0 2 3VLAN0999 1 0 0 1 2---------------------- -------- --------- -------- ---------- ----------6 vlans 6 0 0 10 16
7/23/2019 Cciev5 Configuration Troubleshooting Lab 1 4 Questions Solutions v1 Release
29/574
27 | P a g e
Note: Spanning Tree
The multiple spanning-tree (MST) implementation is based on the IEEE 802.1sstandard.
The per-VLAN spanning-tree plus (PVST+) protocol is based on the IEEE 802.1Dstandard and Cisco proprietary extensions.The rapid per-VLAN spanning-tree plus (rapid-PVST+) protocol based on the IEEE 802.1wstandard.
The STP uses a spanning-tree algorithm to select one switch of a redundantly connected network as the root of the spanning tree.The algorithm calculates the best loop-free path through a switched Layer 2 network by assigning a role to each port based on therole of the port in the active topology:
RootA forwarding port elected for the spanning-tree topologyDesignatedA forwarding port elected for every switched LAN segmentAlternateA blocked port providing an alternate path to the root bridge in the spanning treeBackupA blocked port in a loopback configuration
The stable, active spanning-tree topology of a switched network is controlled by these elements:
The unique bridge ID (switch priority and MAC address) associated with each VLAN on each switch. In a switch stack, allswitches use the same bridge ID for a given spanning-tree instance.
The spanning-tree path cost to the root switch.The port identifier (port priority and MAC address) associated with each Layer 2 interface.
When the switches in a network are powered up, each functions as the root switch. Each switch sends a configuration BPDUthrough all of its ports. The BPDUs communicate and compute the spanning-tree topology. Each configuration BPDU contains thisinformation:
The unique bridge ID of the switch that the sending switch identifies as the root switchThe spanning-tree path cost to the rootThe bridge ID of the sending switchMessage ageThe identifier of the sending interface
When selecting the root port on a switch stack, spanning tree follows this sequence:
Selects the lowest root bridge IDSelects the lowest path cost to the root switchSelects the lowest designated bridge IDSelects the lowest designated path cost
Selects the lowest port ID
*directly from Cisco website
7/23/2019 Cciev5 Configuration Troubleshooting Lab 1 4 Questions Solutions v1 Release
30/574
28 | P a g e
Spanning-Tree MST
All odd VLANs in your network must be assigned to Spanning-tree instance 1
All even VLANs in your network must be assigned to Spanning-tree instance 2
All other VLANs in your network must be assigned to Spanning-tree instance 3
Use domain name as CISCO without the quotes and set revision to the lowest value
Ensure SW1 is root switch for Instance 1 and backup root switch for instance 2
Ensure SW2 is root switch for Instance 2 and backup root switch for instance 1
Ensure that BPDU received on the ports connecting routers have no effect to your spanning tree
decision
Spanning-tree process should wait 30 seconds before it attempts to re-converge if it didnt receive
any spanning-tree configuration messages
Configuration:
SW1
spanning-tree mode mst
spanning-tree mst configuration
name CISCO
revision 1
instance 1 vlan 111, 119, 811, 999
instance 2 vlan 118
instance 3 vlan 1-4094
spanning-tree mst max-age 30
spanning-tree mst 1 root primary
spanning-tree mst 2 root secondary
interface Ethernet 0/0spanning-tree bpduguard disable
spanning-tree guard root
interface Ethernet 0/1
spanning-tree bpduguard disable
spanning-tree guard root
interface Ethernet 0/2
spanning-tree bpduguard disable
spanning-tree guard root
SW2
spanning-tree mode mst
spanning-tree mst configuration
name CISCO
revision 1
instance 1 vlan 111, 119, 811, 999
instance 2 vlan 118
instance 3 vlan 1-4094
spanning-tree mst max-age 30
spanning-tree mst 2 root primary
spanning-tree mst 1 root secondary
interface Ethernet0/0
spanning-tree bpduguard disable
7/23/2019 Cciev5 Configuration Troubleshooting Lab 1 4 Questions Solutions v1 Release
31/574
29 | P a g e
spanning-tree guard root
interface Ethernet0/1
spanning-tree bpduguard disable
spanning-tree guard root
interface Ethernet0/2
spanning-tree bpduguard disable
spanning-tree guard root
interface Ethernet0/3
spanning-tree bpduguard disable
spanning-tree guard root
interface Ethernet1/2
spanning-tree bpduguard disable
spanning-tree guard root
Verification:
SW1#show spanning-tree summarySwitch is in mst mode (IEEE Standard)Root bridge for: MST0-MST1, MST3Extended system ID is enabledPortfast Default is disabledPortFast BPDU Guard Default is disabledPortfast BPDU Filter Default is disabledLoopguard Default is disabledEtherChannel misconfig guard is enabledConfigured Pathcost method used is short (Operational value is long)UplinkFast is disabledBackboneFast is disabledName Blocking Listening Learning Forwarding STP Active---------------------- -------- --------- -------- ---------- ----------MST0 0 0 0 6 6
MST1 0 0 0 3 3MST2 1 0 0 2 3MST3 0 0 0 4 4