My Answer to CCBootcamp lab 1
Keywords: CCBootcamp answer ip local policy route-map OSPF NBMA
I had finished the CCBootcamp Lab 1 myself and find out that my answer is better then that one which is passing online. looking at that answer you will be wondered, according to the lab script, we should use routing but no layer 3 to layer 2 mapping to accomplish the task, but the answer provided did not.Here is my answer and some key points:
First, I have to introduce my lab. Because we don't have a 2509 or 2511 to act as terminal server right now, I used a 2505 instead. Each router connect its ethernet port to 2505's hub port, and configured with a secondary address of 129.1.1.0/24 as management address, It is a good idea, I can now telnet from a router (R7) to access the console, but I have to handle routing update carefully, preventing them be sending out the ethernet port, so as not to cause an 'Area ID mismatch' error.
Another question with my lab is that we don't have enough memory on 2522s to run a 12.1 image, so we still have 11.3 or older version run on some routers, one thing must not be ignored is you have to enable ip subnet-zero and ip classless because it wasn't the default setting.
As the lab script demanded, we don't use any 'frame-relay map ip' commands, since the default ospf network type on NBMA interface is non-broadcast, neighbor is manually set, with proper priority. I have to reboot some router to make R1 the DR.
As hints implies, we used ip policy route-map to modify the routes to give it an correct next-hop address. the policy route-map should be applied to incoming interface, for example s1 on R4 and E0 on R5. Since we testing the connectivity on the router, i.e. the ping packet is source from the router itself, we have to enable ' ip local policy route-map'.The route map must not modifying multicast traffic such as 224.0.0.5 and 224.0.0.6 for OSPF to work correctly.
I know my answer is far from perfect, any help from anybody is appreciated. Mail me at nnwh@163.net, thanks in advanced.
Detail configuration:
R1#sh run
Building configuration...
Current configuration:
!
version 12.0
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname R1
!
enable password cisco
!
ip subnet-zero
!
!
!
interface Ethernet0
ip address 129.1.1.201 255.255.255.0 secondary
ip address 10.1.1.1 255.255.0.0
no ip directed-broadcast
!
interface Serial0
no ip address
no ip directed-broadcast
encapsulation frame-relay
no ip mroute-cache
logging event subif-link-status
logging event dlci-status-change
no fair-queue
!
interface Serial0.1 multipoint
ip address 10.10.1.1 255.255.0.0
no ip directed-broadcast
frame-relay interface-dlci 102;use frame-relay map ip and ip ospf network tho solve this in usu.
frame-relay interface-dlci 103
frame-relay interface-dlci 105
!
interface Serial1
no ip address
no ip directed-broadcast
shutdown
!
router ospf 1
passive-interface Ethernet0
network 10.1.1.1 0.0.0.0 area 1
network 10.10.1.1 0.0.0.0 area 0
neighbor 10.10.1.3 priority 1;I specified no priority to the neighbors of R1, after the router become DR, it assign a priority of 1 to its neighbors
neighbor 10.10.1.5 priority 1;Reboot neighbors to make R1 DR if needed
neighbor 10.10.1.3 priority 1
neighbor 10.10.1.2 priority 1
!
ip classless
!
!
line con 0
transport input none
line aux 0
line vty 0 4
password cisco
login
!
end
R2#sh run
Building configuration...
Current configuration:
!
version 12.0
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname R2
!
enable secret 5 $1$Rs8H$DnN/UatNAxg3lCypfq7nO.
!
ip subnet-zero
!
!
!
interface Ethernet0
ip address 129.1.1.202 255.255.255.0 secondary
ip address 137.20.20.1 255.255.255.0
no ip directed-broadcast
ip policy route-map local;Policy applied to interface for incomming traffic
!
interface Serial0
ip address 10.10.1.2 255.255.0.0
no ip directed-broadcast
encapsulation frame-relay
no ip mroute-cache
logging event subif-link-status
logging event dlci-status-change
no fair-queue
frame-relay interface-dlci 201
!
interface Serial1
no ip address
no ip directed-broadcast
shutdown
!
router ospf 1
passive-interface Ethernet0
network 10.10.1.2 0.0.0.0 area 0
network 137.20.20.1 0.0.0.0 area 10
neighbor 10.10.1.1 priority 1
default-information originate always metric 100 metric-type 1
!
ip local policy route-map local
;Policy applied to router-originated traffic
ip classless
!
access-list 101 permit ip any 224.0.0.0 15.255.255.255
route-map local permit 10
;Don't policy route multicast traffic
match ip address 101
!
route-map local permit 20
match ip address 102
;Only match ip address and match length is usable in policy routing
set ip next-hop 10.10.1.1
;You can use set default in , set in ter , set ip defa next-hop, set ip next-hop , set ip precedence , set ip tos in policy routing
!
!
line con 0
transport input none
line aux 0
line vty 0 4
password cisco
login
!
end
R3#sh run
Building configuration...
Current configuration:
!
version 11.2
no service udp-small-servers
no service tcp-small-servers
!
hostname R3
!
enable password cisco
!
ip subnet-zero;Check to ensure ip subnet-zero and ip classless is enable if you running an old image
no ip domain-lookup
!
interface Ethernet0
ip address 129.1.1.203 255.255.255.0
!
interface Serial0
ip address 10.10.1.3 255.255.0.0
encapsulation frame-relay
no fair-queue
frame-relay interface-dlci 301
!
interface Serial1
ip address 10.34.1.1 255.255.0.0
ip policy route-map s1
clockrate 64000
!
router ospf 1
network 10.10.1.3 0.0.0.0 area 0
network 10.34.1.1 0.0.0.0 area 3
neighbor 10.10.1.1 priority 1
area 3 virtual-link 10.44.2.1;The ip address is the neighbor's RID, not the interface address
!
ip local policy route-map local
ip classless
access-list 101 permit ip any 224.0.0.0 15.255.255.255
access-list 101 permit ip any host 10.34.1.1
access-list 101 permit ip any host 10.10.1.3
route-map s1 permit 10
match ip address 101
!
route-map s1 permit 20
set ip next-hop 10.10.1.1
!
route-map local permit 10
match ip address 101
!
route-map local permit 20
match ip address 102
set ip next-hop 10.10.1.1
!
!
!
line con 0
line aux 0
line vty 0 4
password cisco
login
!
end
R4#sh run
Building configuration...
Current configuration:
!
version 12.0
service timestamps debug