My Answer to CCBootcamp lab 1   Date:2002.4.5

Keywords: CCBootcamp answer ip local policy route-map OSPF NBMA

    I had finished the CCBootcamp Lab 1 myself and find out that my answer is better then that one which is passing online. looking at that answer you will be wondered, according to the lab script, we should use routing but no layer 3 to layer 2 mapping to accomplish the task, but the answer provided did not.Here is my answer and some key points:

    First, I have to introduce my lab. Because we don't have a 2509 or 2511 to act as terminal server right now, I used a 2505 instead. Each router connect its ethernet port to 2505's hub port, and configured with a secondary address of 129.1.1.0/24 as management address, It is a good idea, I can now telnet from a router (R7) to access the console, but I have to handle routing update carefully, preventing them be sending out the ethernet port, so as not to cause an 'Area ID mismatch' error.

    Another question with my lab is that we don't have enough memory on 2522s to run a 12.1 image, so we still have 11.3 or older version run on some routers, one thing must not be ignored is you have to enable ip subnet-zero and ip classless because it wasn't the default setting.

    As the lab script demanded, we don't use any 'frame-relay map ip' commands, since the default ospf network type on NBMA interface is non-broadcast, neighbor is manually set, with proper priority. I have to reboot some router to make R1 the DR.

    As hints implies, we used ip policy route-map to modify the routes to give it an correct next-hop address. the policy route-map should be applied to incoming interface, for example s1 on R4 and E0 on R5. Since we testing the connectivity on the router, i.e. the ping packet is source from the router itself, we have to enable ' ip local policy route-map'.The route map must not modifying multicast traffic such as 224.0.0.5 and 224.0.0.6 for OSPF to work correctly.

    I know my answer is far from perfect, any help from anybody is appreciated. Mail me at nnwh@163.net, thanks in advanced.

    Detail configuration: 

          
R1#sh run
Building configuration...

Current configuration:
!
version 12.0
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname R1
!
enable password cisco
!
ip subnet-zero
!
!
!
interface Ethernet0
 ip address 129.1.1.201 255.255.255.0 secondary
 ip address 10.1.1.1 255.255.0.0
 no ip directed-broadcast
!
interface Serial0
 no ip address
 no ip directed-broadcast
 encapsulation frame-relay
 no ip mroute-cache
 logging event subif-link-status
 logging event dlci-status-change
 no fair-queue
!
interface Serial0.1 multipoint
 ip address 10.10.1.1 255.255.0.0
 no ip directed-broadcast
 frame-relay interface-dlci 102		;use frame-relay map ip and ip ospf network tho solve this in usu.
 frame-relay interface-dlci 103
 frame-relay interface-dlci 105
!
interface Serial1
 no ip address
 no ip directed-broadcast
 shutdown
!
router ospf 1
 passive-interface Ethernet0
 network 10.1.1.1 0.0.0.0 area 1
 network 10.10.1.1 0.0.0.0 area 0
 neighbor 10.10.1.3 priority 1		;I specified no priority to the neighbors of R1, after the router become DR, it assign a priority of 1 to its neighbors
 neighbor 10.10.1.5 priority 1		;Reboot neighbors to make R1 DR if needed
 neighbor 10.10.1.3 priority 1
 neighbor 10.10.1.2 priority 1
!
ip classless
!
!
line con 0
 transport input none
line aux 0
line vty 0 4
 password cisco
 login
!
end


R2#sh run
Building configuration...

Current configuration:
!
version 12.0
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname R2
!
enable secret 5 $1$Rs8H$DnN/UatNAxg3lCypfq7nO.
!
ip subnet-zero
!
!
!
interface Ethernet0
 ip address 129.1.1.202 255.255.255.0 secondary
 ip address 137.20.20.1 255.255.255.0
 no ip directed-broadcast
 ip policy route-map local			;Policy applied to interface for incomming traffic
!
interface Serial0
 ip address 10.10.1.2 255.255.0.0
 no ip directed-broadcast
 encapsulation frame-relay
 no ip mroute-cache
 logging event subif-link-status
 logging event dlci-status-change
 no fair-queue
 frame-relay interface-dlci 201
!
interface Serial1
 no ip address
 no ip directed-broadcast
 shutdown
!
router ospf 1
 passive-interface Ethernet0
 network 10.10.1.2 0.0.0.0 area 0
 network 137.20.20.1 0.0.0.0 area 10
 neighbor 10.10.1.1 priority 1
 default-information originate always metric 100 metric-type 1
!
ip local policy route-map local			;Policy applied to router-originated traffic
ip classless
!         
access-list 101 permit ip any 224.0.0.0 15.255.255.255
route-map local permit 10			;Don't policy route multicast traffic
 match ip address 101
!
route-map local permit 20
 match ip address 102				;Only match ip address and match length is usable in policy routing
 set ip next-hop 10.10.1.1			;You can use set default in , set in ter , set ip defa next-hop, set ip next-hop , set ip precedence , set ip tos in policy routing
!
!
line con 0
 transport input none
line aux 0
line vty 0 4
 password cisco
 login
!
end


R3#sh run
Building configuration...

Current configuration:
!
version 11.2
no service udp-small-servers
no service tcp-small-servers
!
hostname R3
!
enable password cisco
!
ip subnet-zero				;Check to ensure ip subnet-zero and ip classless is enable if you running an old image
no ip domain-lookup
!
interface Ethernet0
 ip address 129.1.1.203 255.255.255.0
!
interface Serial0
 ip address 10.10.1.3 255.255.0.0
 encapsulation frame-relay
 no fair-queue
 frame-relay interface-dlci 301
!
interface Serial1
 ip address 10.34.1.1 255.255.0.0
 ip policy route-map s1
 clockrate 64000
!
router ospf 1
 network 10.10.1.3 0.0.0.0 area 0
 network 10.34.1.1 0.0.0.0 area 3
 neighbor 10.10.1.1 priority 1
 area 3 virtual-link 10.44.2.1			;The ip address is the neighbor's RID, not the interface address
!
ip local policy route-map local
ip classless
access-list 101 permit ip any 224.0.0.0 15.255.255.255
access-list 101 permit ip any host 10.34.1.1
access-list 101 permit ip any host 10.10.1.3
route-map s1 permit 10
 match ip address 101
!
route-map s1 permit 20
 set ip next-hop 10.10.1.1
!         
route-map local permit 10
 match ip address 101
!
route-map local permit 20
 match ip address 102
 set ip next-hop 10.10.1.1
!
!
!
line con 0
line aux 0
line vty 0 4
 password cisco
 login
!
end

           
R4#sh run
Building configuration...

Current configuration:
!
version 12.0
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname R4
!
enable password cisco
!
ip subnet-zero
no ip domain-lookup
!
!
!
hub ether 0 1
 link-test
 auto-polarity
!
hub ether 0 2
 link-test
 auto-polarity
!
hub ether 0 3
 link-test
 auto-polarity
!
hub ether 0 4
 link-test
 auto-polarity
!
hub ether 0 5
 link-test
 auto-polarity
!
hub ether 0 6
 link-test
 auto-polarity
!
hub ether 0 7
 link-test
 auto-polarity
!
hub ether 0 8
 link-test
 auto-polarity
!
interface Loopback0
 ip address 10.44.1.1 255.255.255.0
 no ip directed-broadcast
!
interface Loopback1
 ip address 10.44.2.1 255.255.255.0
 no ip directed-broadcast
!
interface Ethernet0
 ip address 129.1.1.204 255.255.255.0 secondary
 ip address 10.4.1.1 255.255.0.0
 no ip directed-broadcast
!
interface Serial0
 ip address 10.34.1.2 255.255.0.0
 no ip directed-broadcast
 no ip mroute-cache
 no fair-queue
!
interface Serial1
 no ip address
 no ip directed-broadcast
 shutdown
!
router ospf 1
 passive-interface Ethernet0
 network 10.4.1.1 0.0.0.0 area 3
 network 10.34.1.2 0.0.0.0 area 3
 network 10.44.1.1 0.0.0.0 area 44
 network 10.44.2.1 0.0.0.0 area 44
 area 3 virtual-link 129.1.1.203
!
ip classless
!
!
line con 0
 transport input none
line aux 0
line vty 0 4
 password cisco
 login
!
end
          

R5#sh run
Building configuration...

Current configuration:
!
version 11.2
no service password-encryption
no service udp-small-servers
no service tcp-small-servers
!
hostname R5
!
enable secret 5 $1$OUEo$wAvd1m.sc904x.FSkKJ.S.
!
ip subnet-zero
!
interface Ethernet0
 ip address 129.1.1.205 255.255.255.0 secondary
 ip address 11.1.1.5 255.255.0.0
 ip policy route-map local
!
interface Serial0
 ip address 10.10.1.5 255.255.0.0
 encapsulation frame-relay
 no fair-queue
 frame-relay interface-dlci 501
!
interface Serial1
 no ip address
 shutdown
!
interface Serial2
 no ip address
 shutdown
!
interface Serial3
 no ip address
 shutdown
!
interface Serial4
 no ip address
 shutdown
!
interface Serial5
 no ip address
 shutdown
!
interface Serial6
 no ip address
 shutdown
!
interface Serial7
 no ip address
 shutdown
!
interface Serial8
 no ip address
 shutdown
!
interface Serial9
 no ip address
 shutdown
!
interface BRI0
 no ip address
 shutdown
!
router ospf 1
 passive-interface Ethernet0
 network 10.10.1.5 0.0.0.0 area 0
 network 11.1.1.5 0.0.0.0 area 4
 neighbor 10.10.1.3
 neighbor 10.10.1.2
 neighbor 10.10.1.1 priority 1
!
ip local policy route-map local
ip classless
access-list 101 permit ip any 224.0.0.0 15.255.255.255
route-map local permit 10
 match ip address 101
!
route-map local permit 20
 match ip address 102
 set ip next-hop 10.10.1.1
!
!
!
line con 0
line aux 0
line vty 0 4
 password cisco
 login
!
end

R7#sh run
Building configuration...

Current configuration:
!
version 11.1
service slave-log
service udp-small-servers
service tcp-small-servers
!
hostname R7
!
enable secret 5 $1$FIEw$ZaQnsEy.8HQBWHSCcuVOK0
!
frame-relay switching
!
interface Ethernet0
 ip address 10.1.1.2 255.255.0.0 secondary
 ip address 129.1.1.7 255.255.255.0
!
interface Serial0
 no ip address
 encapsulation frame-relay
 no fair-queue
 clockrate 64000
 frame-relay intf-type dce
 frame-relay route 102 interface Serial1 201
 frame-relay route 103 interface Serial2 301
 frame-relay route 105 interface Serial3 501
!
interface Serial1
 no ip address
 encapsulation frame-relay
 clockrate 64000
 frame-relay intf-type dce
 frame-relay route 201 interface Serial0 102
!
interface Serial2
 no ip address
 encapsulation frame-relay
 clockrate 64000
 frame-relay intf-type dce
 frame-relay route 301 interface Serial0 103
!
interface Serial3
 no ip address
 encapsulation frame-relay
 clockrate 64000
 frame-relay intf-type dce
 frame-relay route 501 interface Serial0 105
!
interface Serial4
 no ip address
 shutdown
!
interface Serial5
 no ip address
 shutdown
!
interface Serial6
 no ip address
 shutdown
!
interface Serial7
 no ip address
 shutdown
!
interface Serial8
 no ip address
 shutdown
!
interface Serial9
 no ip address
 shutdown
!
interface BRI0
 no ip address
 shutdown
!
ip host r1 129.1.1.201
ip host r2 129.1.1.202
ip host r3 129.1.1.203
ip host r4 129.1.1.204
ip host r5 129.1.1.205
no ip classless
ip route 0.0.0.0 0.0.0.0 10.1.1.1
no logging console
!
!
line con 0
line aux 0
line vty 0 4
 password cisco
 login
!         
end

 

»¶Ó­À´ÐÅÌÖÂÛ¡£