web-iou模擬器內(nèi)含版本拓?fù)鋞s1ts2ts3ccnp綜合終極版

5Layer2Tech(7questions)21Layer3Tech(10Questions)25Multicast(2questions)4AdvancedServices(7questions)20Optimizethenetwork(2questions)6Section1–Layer2ThefollowinghasbeenpreconfiguredonyouSw1istheVTPv2serverandsw2,sw3,sw4areVTPclientsAllrequiredVLANsaccordingtothetopologydiagramTroubleshootlayer2Twofaultshavebeeninjectedintothepreconfigured.Theseissuesmayimpedeaworkingsolutionforcertainportionsofthislabexam,andtheseissuescsoaffectanylabexamsectionyoumustverifythatallofyourconfigurationsworkasexpected.Ifsomethingisnotworkingasexpected,thenyoumustfixtheunderlyingproblem.Pointwillbeawardedforsolvingeachproblemcorrectly.However,ifyoufailtosolveaparticularproblembuttheinjectedfaultpreventyoufromhavingaworkingsolutioninanysectionofthislab,thenyouwilllosepointsforthefaultandforthescenariothatisnotworking.-Therearenophysicalfaults.ALLhardwareisinworkingorder,andyoudonotneedtophysicallytouchanydeviceorcableinordertosolveaproblem.-Dependingonthescenario,resolvingafaultmayrequireeitheroneormultiplecommandlinesononeormultipledevices.Solveonefault:Score2pointsSolvetwofaults:Score4interfacerangef0/19-noshutdown3pointVLANandaccess-VLANVLANR1-R1G0/1SW1R1-R1G0/0SW3R2-R2G0/0SW3R3-R3G0/0SW1R4-R4F0/1R5SW1-SW1SVISW3SW1-SW1SVISW4SW3-SW3SVISW4R4F0/0SW1R5F0/0SW2SW4SVISW3SW3ConfigurethefourswitchesasperthefollowingConfigureallSVIinterfacesinallfourswitchesasper“Diagram1:IGPCompletetheconfigurationoftheVLANsfortheaccessportsaspertheVALNtableabove(whichiscasesensitive).EnsurethatallunusedphysicalportsonallswitchesareshutdownandconfiguredasaccessportsinVLAN999(donotfettheGigabitEthernetports)ConfigureVTPtransparentmodeonallAllfourswitchesmustbeawareofallthementionedVLANsaswellasanyotherVLANsrequiredinanyensuingquestionsduringtheexam(ifany)Score:3pointsinterfacerangef0/19-switchportmodetrunk vtpversion2vlanvlan18vlan12vlan36vlan45vlan68vlan69vlan89vlan100nameBB1vlan200nameBB2vlan300nameBB3vlan500vlan999interfacef0/1interfacef0/2switchportmodeaccessinterfacef0/3switchportmodeaccessinterfacef0/4switchportmodeaccessinterfacef0/5switchportmodeaccessinterfacef0/10switchportmodeaccessswitchportaccessvlaninterfacerangef0/6-9,f0/11-18,g0/1-2switchportmodeaccessinterfacef0/1switchportmodeaccessinterfacef0/4switchportmodeaccessinterfacef0/5switchportmodeaccessinterfacef0/10switchportmodeaccessswitchportaccessvlaninterfacerangef0/6-9,f0/11-18,g0/1-2switchportmodeaccessinterfacef0/10switchportaccessvlaninterfacerangef0/1-9,f0/11-18,g0/1-2switchportmodeaccessinterfacerangef0/1-18,g0/1-2switchportmodeaccessswitchportaccessvlan999interfaceloopbackipaddressinterfacevlanipaddressinterfacevlanipaddinterfacevlanipaddressinterfacevlaninterfaceloopbackipaddressinterfacef0/2noipaddressnoshutdowninterfacef0/3noipaddressinterfaceloopbackipaddressinterfacevlanipaddressinterfacevlanipaddressinterfacevlanipaddressinterfacevlanipaddressinterfacevlaninterfaceloopbackipaddressinterfacevlanipaddressinterfacevlanipaddressinterfacevlanipaddSpanning-treeConfigureSTPonallfourswitchesasperthefollowingrequirementsAllswitchesmustrunaseparateSTPinstanceforeachVLANAllSTPinstancesmustusethedefaulto,forward,andmax-agetimers.EnabletherapidconvergenceonallfourswitchesSw1mustbeelectedtherootswitchforALLVLANS(effectively,fortheentirerangeofallpossibleVLANIDs).Sw2mustbeelectedthebackupswitchforALLVLANS(effectively,fortheentirerangeofallpossibleVLANIDs).EnsurethatbothSw1andsw2havethebestchanceofkeetheirrespectiverootorbackuproleevenifanewswitchisaddedtothetopologylateron.Ensurethatsw1,sw2andsw3dono dBPDUsanddonotprocessreceivedBPDUsontheirportFa0/10only.spanning-treemoderapid-pvstspanning-treevlan1-4094priority0interfacef0/10spanning-treebpdufilterinterfacerangef0/1-24,g0/1-2 spanning-treeguardrootspanning-treemoderapid-pvstspanning-treevlan1-4094priority4096interfacef0/10spanning-treebpdufilterinterfacerangef0/1-22g0/1-2沒(méi)敲spanning-treeguardrootinterfacef0/10spanning-treemoderapid-switchTrunkingandreferto“Diagram5Trunkports”andconfiguredyournetworkasperthefollowingAllinter-switchlinksmustuseencapsulation802.1QDisableDTPonalltrunksEnsurethatthenativeVLAN(VLAN1)isalwaysOneachswitch,configurethree200Mb/sfault-tolerantlinksrelyingontheIEEE802.3adstandard.Trafficforwardedthroughthesefault-tolerantlinksmustbeload-balancedbasedonthesourceanddestinationMACaddresses.Score:3pointsvlandot1qtaginterfacerangef0/19-24switchportmodetrunkswtnv1channel-protocollacpinterfacerangef0/21-22channel-protocollacpinterfacerangef0/23-24channel-protocollacpLANConfigureyournetworkasperthefollowingEnsurethatonlythelegitimaterouterinterfaceisallowedtoconnecttoFa0/1Fa0/2ofSW1(referto“Diagram6:AccessSw1mustdynamicallylearntheselegitimateMACaddressesandautomaticallysavethemintheconfigurationfile.EnsurethatSW1doesnotneedtorelearnthelegitimateMACaddressesafterSW1Sw1mustshutdowntheportifasecurityviolationoccursoneitherofthesetwointerfacerangef0/1-2switchportport-securitymac-addressstickyswitchportport-security um1AdvancedLANFiveuserswillconnecttothenetworkviaVLAN500onfa0/1tofa0/5onSW4Configureyournetworkasperthefollowingrequirements:Ensurethatthesefiveportsstartforwardingtrafficassoonastheworkstationisconnectedtothem.EnsurethatthesefiveportsareallowedtocommunicatewiththeirLayer3gateway(theVLAN500SVIonSW3)andareprohibitedfromdirectlysendingframestoeachEnsurethatnoneofthesefiveportsforwardsfloodedtrafficduetoanunicastorunknownDonotconfigureanyprivateVLANto plishthistask.Score:3pointsinterfacerangef0/1-5switchportmodeaccessswitchportprotectedswitchportblockunicastspanning-treeportfastnoWANConfigureyournetworkasperthefollowingrequirements:ConfigurePPPontheseriallinkbetweenR3andR5ConfigureFrame-RelayontheseriallinksbetweenR5,R1,R4andAllFrame-RelayinterfacesmustbeabletotheneighboringIPV4addressaswellastheirownIPV4address.UsertheinterfaceandDLCInumbersindicatedin“Diagram8:Frame-Relay”inorderto plishthistask.DisableFrame-RelayInverseARPonallFrame-Relayinterfaces.Donotdisabletheinterfaceserfaces0/1/0encapsulationframe-relayipaddressframe-relaymapip200frame-relaymapip200b noshutdowninterfaces0/0/0encapsulationframe-relayinterfaces0/0/0.12point-to-pointframe-relayinterface-dlci112interfaces0/0/0.100point-to-pointinterfaces0/0/0interfaces0/1/0encapsulationframe-relayipaddressframe-relaymapip212frame-relaymapip212noshutdowninterfaces0/0nopeerneighbor-ipaddressframe-relayswitchinginterfaces0/0/0encapsulationframe-relayframe-relayintf-typedceipaddressframe-relaymapip200frame-relaymapip200noshutdowninterfaces0/1/0encapsulationframe-relayframe-relayintf-typedceipaddressframe-relaymapip212frame-relaymapip212noshutdowninterfaces0/1/0encapsulationpppnopeerneighbor-ipaddressnointerfaces0/0/0encapsulationframe-relayframe-relayintf-typedceipaddframe-relayinterface-dlci112interfaces0/0/0.100point-to-pointinterfaces0/0/0nointerfaceloopbackipaddressinterfaceipaddressnoshutdowninterfaceipaddressinterfaceloopbackipaddressinterfaceipaddressnoshutdowninterfaceipaddressnointerfaceloopbackipaddressinterfaceipaddressnoshutdowninterfaceipaddressinterfaceloopbackipaddressinterfaceipaddressnoshutdowninterfaceipaddressinterfaceloopbackipaddressinterfaceipaddressnoshutdowninterfaceipaddressnoSection2–Layer3Afteransweringeachofthefollowingquestions,makesurethatallconfiguredinterfacesandsubnetsareconsistentlyvisibleonallpertinentroutersandswitches.DonotredistributebetweenandIGPprotocolandBGPunlessstatedotherwiseinaYouneedtoaBGProuteonlyifrequiredtodosobythequestion,otherwisetherouteshouldbeonlyintheBGPtable.LoopbackinterfacesmustbeadvertisedatleastintheIGPasshowninthe“Diagram1:IGPRouting”andmayeventuallybeadvertisedinadditionalIGPifneeded.Byofsection,allsubnetsonyourtopology(excludingallinterfacesofSW2butincludingallotherloopbackinterfaces).Mustbereachableviafromanywhereinthetopology.Thebackboneinterfacesneedtobereachableonlyiftheyarepartofthesolutiontoaquestion.Theloopbackinterfacesmustbeseenasahostroute/32intheroutingtableunlessstatedotherwiseinaquestion.IPV4ConfigureOSPFV2asper“Diagram1:IGPRouting”andaccordingtothefollowingTheOSPF mustbe100forallOSPFTheOSPFrouterIDsmustbestableandmustbeconfiguredusingtheIPaddressofinterfaceLoopback0.Loopback0interfacesmustbeadvertisedintheOSPFareashownin“Diagram1:Routing”andmustappearashostTheVALN500interfaceofSW3mustbeconfiguredintoOSPFarea500,butnoOSPFomaybesentoutofthisinterfaceEnsurethatSW1iselectedastheDesignatedRouteronallthreeVLAN(VLAN16,36and68)andensurethatitmaintainsthebestchanceofbeingre-electedassuch.Theg0/1interfaceofR1andtheg0/0interfaceofR3mustalwaysremainintheDROTHERstate.OSPFarea1mustbeconfiguredasastubarea,whichallowstheinjectionofexternalroutes.EnablelabelswitchingontheserialinterfacesbetweenR1,R3andR5byusingEnsurethattheLDPsessionsarealwayssourcedfromtheloopback0interfaceonallDonotcreateadditionalOSPFDonotuseanyIPaddressnotlistedin“Diagram1:IGPRouting”unlessexplicitlyDonotenableOSPFonanyinterfacesotherthantheonesshownin“Diagram1:Routing”unlessexplicitlyScore:3SW1#clearipospfResetALLOSPFprocesses?[no]:yrouterospfrouter-idarea1networkareanetworkareanetworkarea1interfacef0/1ipospfprioritymplslabelprotocolmplsldprouter-idloopback0forceinterfaces0/0/0.12mplsmplsiprouterospfrouter-idarea1networkareanetworkareanetworkarea1interfacef0/0ipospfprioritymplslabelprotocolmplsldprouter-idloopback0forceinterfaces0/0routerospfrouter-idarea1networkareanetworkareanetworkarea1mplslabelprotocolldpmplsldprouter-idloopback0forceinterfaces0/1/0mplsmplsipmplsipiproutingrouter-idnetworkareanetworkareanetworkareanetworkareaarea1interfacevlan68interfacevlan36interfacevlan16iproutingrouter-idnetworkareanetworkareanetworkareapassive-interfacevlanIPV4ConfigureyournetworkasperthefollowingConfigureEIGRPASYYandEIGRPAS100asper“Diagram1:IGPDisableautomaticsummarizationbothautonomoussystems.Sw4mustreceivesixEIGRPexternalprefixesfromBB3.ConfigurethedelayforinterfaceF0/1ofbothR4andR5to100milliseconds(10,000tensofmicroseconds)EnableLDPontheserialinterfacesbetweenR1,R2,R4andR5aswellasontheFastEthernetlinkbetweenR4andR5.EnsurethattheLDPsessionsarealwayssourcedfromtheloopback0interfaceonallroutereigrp12networknetworknetworkmplsiproutereigrp12networknetworkmplslabelprotocolldpmplsldprouter-idloopback0forceinterfaces0/1/0routereigrp12networknetworknetworkinterfacef0/1delaymplslabelprotocolmplsldprouter-idloopback0forceinterfacef0/1mplsipmplsipmplsiproutereigrp12networknetworkdelay10000mplsiproutereigrp12networkiproutingnoauto-networkIPV4ConfigureRIPversion2asper“Diagram1:IGPRouting”andaccordingtothefollowingDisableautomaticRIPmustbeenabledonlyfortherequiredinterfaces,nootherinterfacesmaysendanyRIPupdates.versionnoauto-summarynetworkversionnoauto-summarynetworkiproutingrouterripversion2 passive-interfacedefaultnopassive-interfacevlan69nopassive-interfacevlan89networknetworkredistribution:EIGRPintoConfigureyournetworkasperthefollowingrequirements:RedistributeOSPFintoEIGRPandviceversaonR5only.DonotredistributeanywhereelsebetweenthesetwoEnsurethatofEIGRProutersarestillabletoreachanyOSPFprefix,whenthelinkbetweenR4andR5fail.TheinterfaceVLAN500ofSW3mustappearasaninterareaprefixinarea0only.Itmustneverappearinanyotherareas,yoursolutionmustremainvalidevenifanewareawasaddedtotheOSPF DonotmodifytheadministratordistanceofScore:4pointsrouterospfroutereigrp12redistributeospf100metric1000010025511500interfaces0/0/0.100routereigrpipprefix-listdeny_vlan500deny/24ipprefix-listdeny_vlan500permit/0lerouterospfarea0filter-listprefixdeny_vlan500Redistribution:EIGRPversusConfigureyournetworkasperthefollowingrequirements:RedistributeEIGRP100intoRIPV2andviceversaonSW4RedistributeOSPFintoRIPv2onSW1only.DonotredistributeRIPv2intoEnsurethatSW1originatesadefaultrouteeverywhereintotheOSPFEnsurethatalldevices(butSW2)inyourtopologycanreach150.3.YY.254.Donotuseanystaticroutetoresolveanyroutingissue.Atthistimeinyourlab,youmustbeabletoreacheveryinternalIPaddressesfromanydevice(butSW2)Score:2routerredistributeeigrp100metricroutereigrpredistributeripmetric1000010025511500routerredistributeospf100metricrouterospfdefault-information-originatealwaysIPV4Configureyournetworkasper“Diagram2:BGPRouting”andaccordingtothefollowingrequirements:WiththeexceptionofR1,allroutersinBGPASYYmusthaveonlyoneIBGPAllIBGPsessionsmustberesilientintheeventofaphysicalSecureallIBGPsessionswithaMD5hash,usethestring“cisco”tothateffect(withoutquotes)R1mustalwaysinitiateallBGPspeakers.Nobgpdefaultipv4-unicastScore:2routerbgpbgprouter-idbgplog-neighbor-changesneighborremote-asneighbortransportconnection-modeactiveneighborpasswordcisconeighborremote-as12neighbortransportconnection-modeactiveneighborpasswordcisconeighborremote-as12neighbortransportconnection-modeactiveneighborpasswordcisconeighborremote-as12neighbortransportconnection-modeactiveneighborpasswordcisconeighborremote-as12neighbortransportconnection-modeactiveneighborpasswordcisconeighborremote-as12neighbortransportconnection-modeactiveneighborpasswordciscoaddress-familyipv4unicastneighborneighborneighborneighborneighborneighborrouterbgpbgprouter-idnobgpdefaultipv4-unicastneighbortransportconnection-modepassiveneighborpasswordcisconeighborupdate-sourceloopback0address-familyipv4unicastrouterbgpbgprouter-idnobgpdefaultipv4-unicastneighbortransportconnection-modepassiveneighborpasswordcisconeighborupdate-sourceloopback0address-familyipv4unicastrouterbgpbgprouter-idnobgpdefaultipv4-unicastneighbortransportconnection-modepassiveneighborpasswordcisconeighborupdate-sourceloopback0address-familyipv4unicastrouterbgpbgprouter-idnobgpdefaultipv4-unicastneighbortransportconnection-modepassiveneighborpasswordcisconeighborupdate-sourceloopback0address-familyipv4unicastrouterbgpbgprouter-idnobgpdefaultipv4-unicastneighbortransportconnection-modeneighborpasswordneighborupdate-sourceloopback0address-familyipv4unicastrouterbgpbgprouter-idnobgpdefaultipv4-unicastneighbortransportconnection-modepassiveneighborpasswordcisconeighborupdate-sourceloopback0address-familyipv4unicastneighborIPV4Configureyournetworkasper“Diagram2:BGPRouting”andaccordingtothefollowingrequirements:EstablishEBGPbetweenASYYandAS254onbothR4andR5byusingtheirphysicalTheprefixesofVLAN_100andVLAN_200mayappearasaBGPnext-hopaddressinR4andR5only.ConfigureAS144onSW4topeerwithASEnsurethatSW4installsinitsroutingtabletwoequal-costpathsforanyBGPprefixesoriginatedinAS254.EnsurethatSW3load-balancesanytrafficthatisdestinedtoAS254throughbothR1andR2.Usethefollowingcommandtoverifythisrequirement.setlocal-preferencerouterbgpaddress-familyipv4unicastneighbornext-hop-neighbor54activateneighbor54route-maplocinrouterbgpaddress-familyipv4unicastneighbornext-hop-routerbgpaddress-familyipv4unicastrouterbgpaddress-familyipv4unicastneighboractivaterouterbgpbgprouter-idnobgpdefaultipv4-unicast neighborremote-as12address-familyipv4 um-paths2我考場(chǎng)是在ipv4下敲的k5是在上邊敲neighborneighborMPLSandSw2issimulatinodistantcustomersitesinBGPAS777thatareinterconnectedwithL3 ,whichisprovidedbyyourcorenetwork.Theinterfaceloopback71ofSW2simulatestheSITE1,whichisconnectedtoR3,andtheinterfaceloopback72simulatestheSITE2,whichisconnectedtoR2.Referto“Diagram3: ”formoreConfigureyournetworkasperthefollowingR2andR5mustexchangeprefixesviaBGPbyusingtheroutedistinguisher2:2R3andR5mustexchangeprefixesviaBGPbyusingtheroutedistinguisher3:3R2andR3maynotperdirectlywithoneanother.Configure“mplsldpexplicit-null”onbothSW2mustmaintaintwoseparateroutingtablesforeachsite,asdescribedin“Diagram3:L3TheonlyprefixthatSW2mayseeinitsglobalroutingtableisitspreconfiguredloopback0interfaceYourconfigurationmustfullyreconvergeafterareloadofanyPErouteratoftheexam.VerifyyoursolutionbyusingthefollowingcommandsonScore:4rd2:2route-exportroute-import3:3mplsldpexplicit-nullipvrfforwardingSITE2ipaddressrouterbgpneighborremote-as12neighborupdate-source!address-familyv4neighbor neighbornext-hop-self!address-familyipv4vrfSITE2neighborneighboras-rd3:3route-importroute-export3:3mplsldpexplicit-nullipvrfforwardingSITE1ipaddressrouterbgpneighborremote-as12neighborupdate-source!address-familyv4neighbor munity!address-familyipv4vrfSITE1neighborneighboras-overriderouterbgpneighborremote-as12neighborupdate-sourceneighborremote-as12neighborupdate-source!address-familyv4neighbor neighborroute-reflector-clientneighborneighbor neighborroute-reflector-clientipipvrfSITE1rdrd2:2interfaceloopback71ipaddress1interfaceloopback72ipaddress2interfaceipvrfforwardingipaddressinterfaceipvrfforwardingipaddressrouterbgpnobgpdefaultipv4-unicast加了這個(gè)address-familyipv4vrfSITE2neighborremote-asnosynchronizationnetwork2masknetworkmask我在這里!address-familyipv4vrfSITE1nosynchronizationnetwork1masknetworkmaskaccess-list1permitroutereigrpoffset-list1in10000000AllIPv6addresseswerepreconfiguredasAllglobalunicastaddressesmatch2001:RR:YY:SS::HH/MM,RRistheidentifieroftherouting (YYforEIGRPYY,1YYforOSPF).YYstandsforyourtwo-digitracknumber,writtenindecimalformatSSisthethirdoctetoftheIPV4addressofthesameinterface,writtenindecimalHHistheforthoctetoftheIPV4addressofthesameinterface,writtenindecimalMMisthesubnetmaskandmustbe/112forloopbackinterfacesand/64forotherQuestionConfigureyournetworkasper“Diagram4:IPV6Routing”andaccordingtofollowingConfigureallroutersbelongingtoEIGRPv4ASYYtorunEIGRPv6ASYYUsetheLoopback0IPv4addressastheEIGRPv6routerID.Configurethearea0ofOSPFv6(betweentheSW1andSW3asshownthe"DiagramofIPv6Routing").TheOSPFv3procemustbeRedistributeOSPFv6intoEIGRPv6andviceversaonSW3.EnsurethatthereisfullreachabilityamongallIPv6speakers.Score:2pointsipv6unicast-routingipv6routereigrp12noshutdowninterfaceloopbackipv6eigrp12interfaceipv6eigrp12interfaceipv6eigrp12frame-relaymapipv62001:12:12:14::4200frame-relaymapinterfaces0/0/0.12point-to-pointipv6address2001:12:12:15::1/64ipv6eigrp12ipv6unicast-routingipv6routereigrp12noshutdowninterfaceloopbackipv6eigrp12interfaceipv6eigrp12interface

200broadcast///ipv6ipv6eigrp12frame-relaymapipv62001:12:12:24::4212frame-relaymapipv6FE80::EE44:76FF:FEB1:48FA212broadcastipv6unicast-routingipv6routereigrp12noshutdowninterfaceloopbackipv6eigrp12interfaceipv6eigrp12interfaceipv6eigrp12frame-relaymapipv62001:12:12:14::1200frame-relaymapipv6FE80::21C:58FF:FE1A:C434200broadcastinterfaces0/1/0ipv6eigrp12frame-relaymapipv62001:12:12:24::2212frame-relaymapipv6FE80::216:C8FF:FEDD:9532212broadcastipv6unicast-routingipv6routereigrp12noshutdowninterfaceipv6address2001:12:12:45::5/64ipv6eigrp12interfaces0/0/0.12point-to-pointipv6address2001:12:12:15::5/64ipv6eigrp12interfaceipv6addressipv6unicast-routingipv6routerospf100router-idinterfaceloopbackipv6ospf100area0interfacevlanipv6ospf100area0ipv6routereigrp12router-idnoshutdownrouter-idinterfaceloopbackipv6ospf100area0interfacevlanipv6ospf100area0interfacevlanipv6eigrp12interfacevlanipv6eigrp12ipv6routereigrpredistributeconnectedmetric100001002551redistributeospf100metric1000010025511500ipv6routerospf100redistributeeigrp12IPV6Configureyournetworkasper"Diagram4:IPv6Routing"andaccordingtothefollowingrequirements.ConfigureatunnelbetweenR1andR3totransportIPv6trafficfromR3totheEIGRPv6.ThetunneltransportmodemustbeGRE,anditmustberesilienttosinglephysicallinkfailure.ThetunnelmustusetheIPv6prefix2001:13:13:13::/64ExtendtheEIGRPv6YYtoR3overthetunnel.R3mustbeabletoreachtheLoopback0interfaceofSW1viathetunnel.Score:2pointinterfacenoipipv6eigrp12tunnelsourceLoopback0ipv6unicast-routingipv6routereigrp12noshutdowninterfaceloopbackipv6eigrp12noipaddressipv6eigrp12tunnelsourceLoopback0Section3–IPConfiguremulticastinyournetworkasperthefollowingEnablemulticastforallinterfacesbelongingtoospf100andeigrpyy(includingloopback0interfaces)ThenetworkshouldeverhavetofloodandprunemulticasttrafficunnecessaryAddaloopback1interfaceonbothR2andR3withthesameipaddressR2mustadvertiseloopback1intoEIGRPYY,R3mustadvertiseloopback1intoOSPF100.Eachloopback1mustbeelectedastherendez-vouspointintheirandmustalsobeusedasthesourceofthemapinformationbroadcastsUseanon-proprietarymethodtodiscoverandannouncetheRPinformationMulticastservicearelocatedinvlan68，andreceiversarelocatedonthelinkbetweenR4andSimulatethereceiverswithastaticjoinonthef0/1interfaceofReceiversmustbeabletoreceivetrafficsenttothegroupfromSW1EnsurethatR3istheactualRPinuseintheOSPFandtha dstheScore:2pointsipmulticast-routinginterfaceLoopback0ippimsparse-modeinterfaceVlan68ippimsparse-modeinterfaceVlan16ippimsparse-modeinterfaceVlan36ippimsparse-modeinterfaceLoopback0interfaceVlan68interfaceVlan500interfaceVlan18interfaceVlan12ipmulticast-routinginterfaceLoopback0ippimsparse-modeinterfaceFastEthernet0/0ippimsparse-modeinterfaceFastEthernet0/1ippimsparse-modippimsparse-modeippimsparse-modeippimsparse-modeinterfaceipaddress00routereigrpnetwork00ipmulticast-routinginterfaceLoopback0ippimsparse-modeippimsparse-modeinterfaceSerial0/1/0ippimsparse-modeinterfaceLoopback1ippimsparse-modeinterfaceipaddress00routerospfnetwork00area1ipmulticast-routinginterfaceLoopback0ippimsparse-modeinterfaceLoopback1ippimsparse-modeippimsparse-modeinterfaceSerial0/0ipmulticast-ippimsparse-ippimsparse-modeinterfaceSerial0/0/0ippimsparse-ippimsparse-modeipmulticast-routinginterfaceLoopback0ippimsparse-modeinterfaceSerial0/1/0ippimsparse-modeinterfaceSerial0/0/0.100ippimsparse-modeippimsparse-modeippimsparse-modeinterfaceippimdr-priority255ipmsdppeerconnect-sourcel0IPmsdporiginator-idlo0ippimbsr-candidaoopback1ippimrp-candidaoopback1ipmsdppeerconnect-sourcel0IPmsdporiginator-idlo0ippimbsr-candida oopback10ippimrp-candidaoopback1advancedmulticastContinueconfiguringmulticastinyournetworkasperthefollowingrequirements：EnsurethatbothRPsprocessjoinrequestsfrouponly.Ensurethatonlytheauthorizedsources(locatedinVLAN_68)areallowedtoregisterwiththeRPsDonotuseanyroute-maamedaccess-listtoachievethistask.Score:2pointsR2/R3:第二問(wèn)嘉科的不通，直海廣做通access-list11permitaccess-list111permitip55hostipippimbsr- oopback1ippimrp- oopback1group-listippimaccept-registerlistippimaccept-rp00Section4–AdvanceIPDeviceConfigureR5asperthefollowingTheadministratoruser"admin"mustbeabletousetheSSHprotocolinordertomanagetherouterbyusingthepassword"ccie"ThisusermustreceivetheenablepromptdirectlywhenloggingintoTheuser"guest"mustbeabletousetheSSHprotocolinordertoconnecttotherouterbyusingthepassword"cisco".Thisusermustreceivetheuser-mode(non-enable-mode)promptwhenloggingintoDisableallnon-SSHaccessmethodsontheVTYlinesofR5.Donotuserthecommand"access-class"to plishthis.Enablea umof16userstoconnectconcurrentlyatanypointintime.Configurethe name" "onR5.Configureandensurethattheconsolesdoesnotrequireausernamepromptandthatitpresentstheuserwiththeuser-mode(non-enable-mode)prompt.DonotmodifytheenableVerifyyoursolutionbyusingR3astheSSHclientandverifyifthefollowingcommandssucceedasexpected.RackYYR3#ssh-lguest1YY.5.5.5 cryptokeygenrsaipsshmaxstartupsusernameadminprivilege15password0ccieusernameguestprivilege1password0ciscolinevty015loginlocaltransportinputsshlinecon0nologin 但是con下沒(méi)有這個(gè)配置我就沒(méi)加如果有的話改成0，，默認(rèn)是0QualityofConfigureyournetworkasperthefollowingCreateinterfaceLoopback148inSW3withtheIPaddress/32andadditintoEIGRPYYbyanymeansavailable.CreateinterfaceLoopback148inR4withtheIPaddress/32andadditintoEIGRPYYbyanymeansavailable.TrafficsourcedfromLoopback148ofSW3anddestinedtoLoopback148ofR4(andonlythistraffic)mustalwaysleaveSW3viainterfaceVLAN18nootherinterfacemayevertransmitthesepackets.SW3mustload-balance(betweenR1andR2)anyothertrafficdestinedtoLo148ofIncaseinterfaceVLAN18ofSW3isnotoperationalpacketsbetweenLo148ofSW3andLo148ofR4mustbedroopedonSW3.Useasinglenumberedandextendedaccess-listwithasingleentryinordertoplishthisrequirement.DonotmodifyanyEIGRPparameteranywhereto plishthisrequirement.Usethefollowingteststovalidateyoursolutionippimsparse-modeipaddressroutereigrpnetworkaccess-list148permitiphosthostroute-mapPBRpermit10matchipaddresssetinterfacevlan18null0//考場(chǎng)敲這條沒(méi)有警告，咱這有警告iplocalpolicyroute-mapPBRinterfaceloopbackipaddressroutereigrp12networkDeviceConfigureandapplyonR5asingleingresspolicy-mapnamed"CONTROL"thatcontainsexactlythreeuser-definedclass-mapsaccordingtothefollowingConfigureaclass-mapcalled"SSH"accordingtothefollowingAnySSHsessioninitiatedfromVLAN18anddestinedtotheinterfaceSe0/0/1ofR5mustnotbed.to16kb/sallotherSSHtrafficaccordingtothefollowingrequirements.Theconform-actionmustbe"transmit".Theexceed-actionmustbe"drop".Theburstvaluemustnotbeconfigure.Configureanamedaccess-listcalled"SSH"inordertoclassifytheaboveSSHConfigureanotherclass-mapcalled"BLOCK"accordingtothefollowingHTTP(destinedtoport80)andHTTPS(destinedtoport443)trafficsourcedfromanyhostlocatedonVLAN500anddestinedtoanywheremustbedropped.Configureanamedaccess-listcalled"HTTP"containingexactlytwoentriesinordertoclassifytheaboveHTTPandHTTPStraffics.Configureanothernamedaccess-listcalled"ALL_ICMP"containingthesinglestatement"permiticmpanyany".Theclass-map"BLOCK"mustdropthetrafficmatchedbythesetwoaccess-list("HTTP"and"ALL_ICMP").Configureanotherclass-mapcalled"ICMP_LIMIT"accordingtothefollowingICMPechoandecho-replytoorfromanywheremustbedto100p/s,allowing10packetsinburst.Configureanamedaccess-listcalled"ICMP_ECHO"inordertoclassifytheaboveICMPechoandecho-replytraffic.Donotuseany"matchnot"statementinanyclass-Ensurethatanydevice(butSW2)canstilltheinterfacesofAllclass-mapandaccess-listnamesarecasesensitiveandmustnotincludeanyNote:kb/s=kilobitspersecondandp/s=packetspersecond.Score:2pointsipaccess-listextendeddenytcp55hosteqpermittcpanyanyeqipaccess-listextendedpermittcp55anyeqwwwpermittcp55anyeq443permiticmpanyanypermiticmpanyanyechopermiticmpanyanyecho-class-mapmatch-allSSHclass-mapmatch-anyBLOCKmatchaccess-groupnameALL-class-mapmatch-allICMP_LIMIT!!classSSH16000conform-actiontransmitexceed-a