CCIE考试考点之一:
1、画图、接线
2、帧中继(做IP MAP, no inverarp)
3、IP ADDRESSING(VLSM) 使用一个B类地址段132.y.0.0/16,backbone 1的地址为150.100.1.0/24,backbone 2的地址为150.100.2.0/24
4、RIP(IGRP Default route, RIP, redistribution)
R1从BACKBONE 1上学习一个路由,做filter 只允许199.199.y.0发到路由表中,在所有的路由器上面都能够看到这个路由。将132.y.0.0地址段发送到backbone上。
5、OSPF(area, point-to-multipoint, virtual-link)
FR上使用地址段/27,其余为/24
AREA 5配置成NSSA,在R5上配置一个loop端口,地址为192.192.1.0,该地址需要广播到所有的路由器上,不能将该地址放到某个area中。在R3和R1上看到METRIC不一样。在R2、R5上配置,在R5上产生一个缺省路由。
由于R3很忙,因此希望OSPF PROCESS间隔时间不少于30秒钟。
6、ISDN(DDR)
配置R3和R5作为备份,使用静态路由,在R5到R2的连接不通的时候,该路由起作用。
配置CALLBACK。R3为server,r5为client.
备份启用以后,R5上的路由器需要连通backbone1上的路由器和其余的路由器。其余的路由器上仍旧可以看到R5上激活端口的路由并可以连通,并且192.192.1.0/24路由在R1和R3上的metric不一样。
7、NETWORK PERFORMANCE
在R1、R3和R4上配置CIR、BC、BE、MINCIR,使用MAP-CLASS,当带宽超过48000时候开始设置DE值,超过64000时丢包。采样时间间隔为125ms。在收到becn信息的时候减少为16kbps。应用到所有的PVC上。
8、BGP
R1为AS 1031,R4为AS 1034,R2/R3/R5为AS1099,R1与r4之间,R4与R3之间实现ebgp peer,R2/R3/R5实现IBGP PEER,r4与150.100.2.254(as 254)实现EBGP PEER。本网络在BACKBONE2的路由器上统一表现为一个AS 2。
BACKBONE 2上的路由器向R4送197.68.1/4/5/22.0路由,需要将前三条路由总结,尽量少总结路由。其余路由不能够见到。
在R5上新建一个LOOP,使用地址192.192.2.0,该路由在所有的路由器上都能够看到,并且发送到BACKBONE 2的路由器上,仅能将该路由发送到BACKBONE 2上。
9、DLSW
在R3和R2之间做一个PEER,使R3上的VLAN A和RING 1/VLAN B可以通信。
R4加入该DLSW NETWORK,使得R4上的RING 2可以和VLAN A/VLAN B通信。只能配置一个PEER,不能使用BORD PEER。
Ring 1 上面有客户机启动session,发送很多EXPLORER,使得TR端口丢包,配置R2的TR端口,使得每次可以处理100个包。
配置R4,使得只能通过SNA数据包,包括TEST,SAP为04/08/0C的包和他们的回应,filter要使用最少的命令行。
10、IPX
在所有的端口除了ISDN和LOOPBACK以外配置IPX路由。帧中继上只能用EIGRP。
在BACKBONE 2上能够传过来IPX路由,只能接收AA00路由。
在R2上配置,使得R5上只能有网络号为AA00名字为FSERV1的文件服务器 SAP项。
配置,使得VLAN B上的客户不能访问FSERV1,但是R5上还需要有该项。
10、APPLETALK(RTMP/EIGRP)
在所有的端口除了ISDN以外配置APPLETALK路由。帧中继上只能用EIGRP。
VLAN A和VLAN B上的zone为ether。R1不能看到VLAN A的路由,但是能够看到VLAN B的路由。
Disable ISDN上的IP功能。可以使用静态路由。在R2和R3之间的连接断的时候,ISDN能够启动,平时不能启动。CALLBACK还是起作用。两端都能够发起呼叫。
11、IOS FEATURES
在R3上有一些用户,只有普通权限。现在要做更多的限制,拥有ccie口令的用户只可以使用show命令。
拥有ccie口令的用户可以使用show和其他命令,其他的用户不能够使用show。
配置R1,使得VLAN A上的用户可以通过WEB BROWSER上输入路由器的命令,只允许IP为150.100.1.75的用户访问。
在R3和R4上配置,使得帧中继端口上的广播包限制在每秒160个包,240000个字节,QUEUE的长度为80。
12、MOBILE
在R1、R2和R3上配置。VLAN A上的用户可以在BACKBONE 1和VLAN B上工作而不需要修改IP地址,可以连通所有的活动端口。
13、SWITCH
设置2/12可以监听VLAN A上的流量。
VLAN 200的MAXAGE是30秒。
CCIE考试考点之二:
Version 6.1b information
O. general information
在Address没有特指的条件下,establish 135.x.y.y/24(x= RACK number, y是任意数)。
在整个router 上建立loopback interface. Address 为135.x.y.y(x== RACK number, y是router 号)
VLANA是/22;VLANB是/26;FRAME RELAY是/28;BRI是/30。
Backbone1是150.100.1.x、backbone2是150.100.2.x (x=RACK number?)
Token ring is 16Mbps.
用enable mode 使得telnet access all router。
使所有的routers 和所有的routers 的interface之间的ping 成为可能。
1.Configuration figure(config 图)
Lab config reference. 以上述条件为依据完成config 图,并写出interface number, address and subnet.mask.
2.Config the communication Server
从R1到R6,以及Catalyst, 都与各自的Communication Server的ASYNC PORT1~7相连接。Config communication server by accessing communication server console.port to 各自的router console at the same time.
Set up communication server so that you can be connected by only inputting each machine’s name (R1-R6, Cat5).
3.Config Catalyst
Set up VLANA (VLAN number=50), VLANB (VLAN number=75).
After config of routing.protocol is finished, please set up catalyst console by using address 135.x.30.30 (x = rack number) so that it can be pinged from all routers.
4.config frame relay
参考图(标有各interface的DLCI图和源于CISCO ROUTER的frame relay config 定义的部分提示)。根据ANSI,LMI-TYPE set up frame relay.
对R1、R2不设定subinterface.
5.Routing.Protocol (OSPF) config
如config fig. 一样,config OSPF.
VLANA is backbone, frame relay is area1, TRN1is area2, VLANB is area5, ISDN is area6。Router’s loopback.interface should be advertised in any area.
Set up interface cost of Ethernet as 90. But don’t use IP OSPF COST command.
6.RIP config
Config RIP in R1, confirm routing information sent from backbone1 by RIP. In wnich only 192.x.x.x can be taken in.
Summary 192.x.1.0 and 192.x.3.0 as one network to show up to OSPF, redistribute 192.x.12.0 as a network into OSPF system.
From R1 to backbone1 only 135.x.0.0 network can be seen.
7.Config default gateway
There is a IRDP client in VLANA. By the IRDP client, not config default.gateway static, but access it to 135.x.o.o network. Meanwhile give R6 priority as default.gateway and put R3 as last.
8.ISDN config
Call from R5 and access to all area when R5’s PVC is disconnect.
You can’t call from R3.
CHALLENGE’s CHAP can only send from R3
From R5, use userx as user ID instead of host name(R5)
9.IGRP config
Use IGRP between R3 and R4. Meanwhile use ruck number as Asnumber.
Redistribute between OSPF and IGRP
R3 appears as default route on R4,. Note: the commands address summary, static route, addition network can’t be used.
10.VPN config
Configure ATM interface on R6. Its end router has address 192.1.x.254. Set up PVC(VPI=0, VCI=32).
There is a client group in VLANB with their own IP address, CIDR BLOCK is 192.1.0.0/18. The network from the BLOCK which has not been used is available. The client is default.gateway and use address 192.1.32.175. The client in VLANB need to connect to other VPN client group which is at the end of ATM interface on R6, the address is 192.1.6.x. These clients at the end of ATM interface is routing.protocol using EIGRP. Please set up that client in VLANB can be connected with client.group at the end of ATM interface on R6. 135.x.0.0 network and CIDR group’s network are completely independent. It is not necessary for the networks to see each other.
Set up R5, R6. Make sure client group in VLANB must go through router at the end of ATM interface once, than communicate with all network.
Communication should be continued by ISDN even though frame.relay is down.
11.IPX
Configure IPX address on all interface, not including loopback, ISDN, ATM, backbone. Any two interfaces of all routers can be connected, optional use RIP and/or EIGRP.
In VLANA R3 and R6 can’t be in the same network.
In VLANA sap traffic is increasing. Make sap updates transmit only when server changes happen.In VLANA there is no IPX server.
12.DLSw
Set up connection between TRN1 R2 and TRN2 R4, VLANB R5 and VLANA R2 by DLSw. Don’t connect token ring and VLANA/B.
Explorer frame on R4 destinating to the MAC address 4000.2200.xxxx on R2 is not permitted forwarded. Data frame is permitted to go through.
CCIE考试考点之三:
Sencond Day
1.BGP (question nomi??)
Configure BGP on all routers.
Set up AS100x on R2,R3,R6; AS300x on R1; AS 200x on R5; AS x on R4. x=ruck number.
R1, R5 建立与AS100x 共有的peer(??)
2.BGP set up, summary route set up
Set up router 150.100.2.254 and BGP peer on backbone2. AS of 150.100.2.254 is 254.
Summary received route from AS254 at BGP and tell AS100x. At AS 100x, other route (except summaried route) can also be seen. BGP information should be seen on all routers.
Tell R5 all of summaried address. But get that route from AS x.
3.BGP default .route
Define loopback interface of 192.192.x.0 network on R4 and advertise BGP’s(??) route.
Pass 192.192.x.o’s(??) to AS 254.
BGP’s default route can be seen by R1 when it is possible to reach 192.192.x.o network from R2.(nomi??)
4.AppleTalk
Set up AppleTalk on all interface except backbone1/2, ATM, ISDN, loopback.
On FR routing.protocol use EIGRP. On others anything can be used.
Network of TRN2 can only be seen on R4 router. But all networks must be seen on R4. And filter can’t be used.
VLANA can’t be seen from R5.
5.Accesslist
Set up access list to meet following demand on output interface of Serial 0 on R2.
POP in VLANB is not permitted to access from TRN1 to SMtp server.
SNMP traffic is not permitted.
About UDP traffic from client in TRN2 to VLANB, client port from 6000to 7000 are permitted.
Don’t put PING from R1 to R3. But PING from R3 to R1.
Backbone1 can not access to Tacacs+ server in VLANB.
Other traffic are permitted.
6.Broadcast Control
Set up Catalyst Switch. Broadcast in VLANB is undre 20% of range.
The average length of Broadcast frame, include Preamble, is 740 bite.
7.Traffic control
Set up www traffic under 1.5Mbps on output of tokenring interface of R4.
8.NetBOIS filter
Set up a filter on output of tokenring interface of R4, which access to server NBxSRV is not permitted through. x is any one character. But access to other server is permitted.
9.IP multicast routing (1)
Set up IP Multicast on R1, R2, R3, R6.
Get R1 enrolled in 224.0.5.5 Multicast Group. PING from R2, R3, R6 to 224.0.5.5.
10.IP multicast routing (2)
Set up Catalyst Switch so that it can receive Multicast Group information from R2, R6.
R3 can receive Multicast pocket(?).
CCIE考试考点之四:
V7.1
Loopback 137.y.x.x rack number , x router number
1.ospf area as diagram. After completed , all interface should be seen on all router.
2.rip
1)configure rip on r1 (e0,s1) and r5(s1)
2)r1 s1& r5 s1 unicast to backbone 1
3)config r1 so that only allow one rute from ri enter into bb1
4)r1 can connect to all other router , but not allowed using summary/static/default route
3.VLAN AND ISL and catalyst
1)catalyst 5000 上设置vlana(20), vlanb(30),vlanc(50),vland(80),vlane(70)
2)trunk 上不允许走vlan80
3)vlana(r2 e0),vlanb(r3 e0),vlanc(r5 e0),vlane(cat 5 sc0)trunk to r6
4.irb
1)config irb on r6 so that routing packet vlan a, b , c ,e
2)只允许r2,r3,r5,r6之间建立ospf邻接关系
5.Ospf
1)area 4 中可能有内存比较少的路由器,配置area 4 解决问题。
2)其他所有端口不能够进入任何一个area
6.isdn
1)basic
r5 initiate call r3 only
configure pap authentication and r3 , r5 using different password
when the error rate of r3 bir more than 10%,auto disconnect isdn link
3)pf on demand circuit to backup Ethernet
7.Hsrp & dhcp
1)configure hsrp on the token ring interface of r2 and r6 so that r6 is prefer than r2
2)when either the token ring interface of r6 fail ,r2 become active
3)there have some hosts on ring 1 of 6 ,configure r6 as dhcp server.
8.ATM LANE
1)cofigure on r6 as lecs using the atm address xxxxxxxxxxxx
2)configure r6 as les ,and lec of lane
3)configure eigrp 100 on r2 ring 1 ,r6 ring 1 and atm cloud
4)configure route redistribution from eigrp 100 to ospf , but not allowed from ospf to eigrp 100 . 在ATMcloud 上有路由器195.3.2.254
9.BGP BASIC
1)configure ibgp on r3 , r4 ,r5 , r6
2)r4 与bb2 上面的路由器(as254)建立peer ,bgp 不能建立full mesh.
3)Either r4 and inter to r1 ,so that all router can learn this route
4)Add a loopback inter to r1 ,so that all router can learn this route
5)Add a loopback inter to r3 , so that r1 cann’t learn the route.不能是由路由filter 实现。
10.Voip
1)configure voip on r6 so that the telphone on fxs can call to xxx sussessful
2)configure auto ring down on r6
11.Ipx
1)在r2,r3,r4,r5上配置ipx , 只允许使用eigrp , as=rack no .
2)r4与bb2路由器之间运行rip , r1 与 r5 之间运行 rip
3)在isdn上配置ipx拨号路由,使用snapshot ,只有在r5的以太端口down的时候,ddr才能够启动,只允许r5call r3 , 活动时间为5min, 安静时间为2hour.
4)在r5上做filter , r1上只看见AA00路由。
12.IP MULTICASTING
1)在R2 , R3,R4的局域网端口上配置PIM SPARSE-MODE ,BB2上不要设置
2)R4,R2的局域网端口参加224.1.2.3组,R2作为RP且只为该组的RP
13.DLSW
1)R4与R2,R6之间建立peer , r2 为r6的备份,只有在r6的peer down时才起作用。R2,r6上不能使用remote peer
14.IOS FEATURE , CAT 5000
1)VLAN 80 没有外接的桥和交换机,不要让它发送BPDU
2)2/4上面有只允许某个MAC
3)2/6上面有一个MAC,设置静态,关机仍旧在。
4)fr上面一个路由器使用dlci 101 ,在bb2上有一个tftp服务器,150.100.1.137, 该路由器在启动时使用autoinstall
【编辑推荐】