Академический Документы
Профессиональный Документы
Культура Документы
Questionnaire
55 123 999
Use the following requirements to configure the Etherchannel of SW1, SW2, SW3 and SW4: Use encapsulation 802.1q Configure the Industry standard Etherchannel between SW1 and SW2. Configure the Cisco proprietary Etherchannel between SW3 and SW4. Ensure that SW1 and SW3 must initiate the negotiation and SW2 and SW4 must not start the negotiation
Configure the spanning-tree topology according to the following requirement without configuring anything on SW4. Make sure that port Fa0/20 is forwarding for the spanning-tree topology rather than blocking for even vlans on SW4. Use the highest numeric values to achieve this task. Any traffic received from VLAN_BB1 and VLAN_BB2 must be replicated to a traffic analyzer connected to SW4 Fa0/15 via VLAN 999 You need to monitor any future interfaces connecting to VLAN_BB1 and VLAN_BB2 Any traffic flowing through the trunk between SW3 and SW4 must be replicated to another traffic analyzer connected to SW4 Fa0/16 There should not be any configuration regarding this on SW3. Dont create any new VLAN while configuring this
1.6 RSPAN
R4 must require R1 and R2 to authenticate using CHAP but R1 and R2 must not require R4 to authenticate R1 and R2 cannot use ppp chap hostname, they can use ppp chap password with "CCIE". Make sure that all CHAP passwords are shown in clear int the configuration
Use radius server at YY.YY.44.200 as authentication server and fallback to the local AAA database in case the server is unreachable Use CISCO as key required by the Radius server Make sure AAA authentication does not affect any console or line VTY from any PPP devices (ensure that there is no username prompt either) Use only default method list for both console and line VTY.
Configure Enhanced Interior Gateway Routing Protocol (EIGRP) 100 on SW2 in order to establish EIGRP neighbor with Backbone 3 in the IGP topology diagram. BB3 has IP address 150.3.YY.254 and is using AS number 100 Disable auto-summary
o o o o
Redistribute RIP into OSPF on R3 such that the routing table on R5 contains the following. O N2 199.172.15.0/24 [110/30] O N2 199.172.13.0/24 [110/30] O N1 199.172.7.0/24 [110/XXX] O N1 199.172.5.0/24 [110/XXX]
Redistribute EIGRP into OSPF on SW2 such that Redistributed EIGRP routes must not be advertised into Area 51 Redistributed EIGRP routes must be advertised into Area 0 and 142 as OSPF Type E2 SW2 must advertise an inter-area default route into Area 51 only Dont use any route-map and do not add any static route anywhere
Configure iBGP peering for R1, R2, SW2, R3 and R5 as per the following requirement. Where possible failure of a physical interface should not permanently affect BGP peer connections Minimize number of BGP peering sessions and all BGP speakers in AS YY except SW2 must have only one iBGP peer All BGP routes on all devices must be valid routes Configure BGP as per diagram BGP routes from BB1 must have community values 254 207 103 in AS YY BGP routes from BB2 must have community values 254 208 104 in AS YY Make sure that all BGP speakers in AS YY (even R2) are pointing all BGP prefixes from AS 254 via BB1 only (their BGP next hop must be the IP address of the backbone devices)
Make sure that all exits are constantly probed The voice traffic is sourced from VLAN_$$ destined to the voice gateway R5 (YY.YY.55.5) and marked with DSCP "EF" You should user access-list specifying only source address and DSCP value You must use "set mode select-exit good"
Configure sparse mode on ospf area 142 on R1, R2, R4 according to the following requirements. Ensure that multicast stream should be a transient one and scope is 5 for company wide. R4 should send static RP address FEC1:CC1E:44:4 for multicast group FFTS:4000:4000 R1 fa0/0 should join the multicast group FFTS:4000:4000 You should be able to ping the multicast group from R2 fa0/0
Section 3 IP Multicast
3.1 IPv4 Multicast
Used dynamic method to support PIMv1 and PIMv2. There is a multicast source on VLAN 44 and clients are located on the BB3 subnet (150.3.YY.0 /24) Configure R1 and R2 loopback0 to be a rendezvous point (RP). Ensure that R2 loopback 0 should be the preferred RP but R1 loopback 0 is able take over in case R1 goes down. Simulate clients have sent requests to join the multicast group 239.YY.YY.1. Make sure R4 f0/0 is able to ping this multicast IP.
Ensure PIM register message should reach RP via SW1. If SW1 goes down, PIM register messages should reach RP via one of the switches in Area
Configure your four switches according to the following requirements. Make sure that ports SW1-f0/1 to SW1-F0/5 are marking all untagged packets to "COS 1" Make sure that these ports are trusting the COS value if packets are already marked. Ensure that all switches are queuing packets marked with "COS 1" in the ingress queue #1 Ensure that all switches are queuing packets marked with "COS 5" in the ingress queue #2 Ensure that all switches drop ingress traffic marked with "COS 1" when the respective ingress queue level is between 40 and 100 percent Ensure that the switches do not drop packets marked with "COS 5" in ingress until the respective ingress queue in completely full
The IT administrator requires that you implement QoS. For traffic coming from BB2 allocate 10000 kbps on R2 f0/0. For traffic coming from BB1 allocate 1000 kbps on R3 s0/0/0. This should not affect any other traffic other than to all possible traffic entering from these links
Secure OSPF area 0 according to the following requirement Use the strongest authentication type The password must be saved in clear in the config and must be seen to "cisco" You are not allowed to use any commands in the router configuration
R4 has been configured to provide the following parameters for DHCP clients on VLAN 44 IP addresses DNS servers YY.YY.55.50 and YY.YY.55.51 Domain name cisco.com Default gateway is YY.YY.44.4
The administrator wants that the DHCP deployment is as secured as possible. Complete the DHCP configuration on R4 and SW1 according to the following requirements: Protect users in VLAN 44 from rogue DHCP servers Ensure that only R4 services the DHCP requests Disable the insertion and removal of option-82 field Protect the DHCP server from DHCP attacks originating from SW1 port Fa0/14, which may lead to resource exhaustion and ensure that maximum 3 different hosts can still connect to that port (Shutdown the port when violation occurred) Note: Make sure that SW1 Fa 0/14 is enabled and provisioned so that the customer only needs to connect the printer to the port
Configure 2 eem scripts one for enabling ospf debug if the ospf neighborship of R3 goes down. Configure R3 with event manger applet ENABLE_OSPF_DEBUG when the ospf adjacency goes down to R5. It should enable the debug ip ospf event and debug ip ospf adj Configure another EEM applet DISABLE_OSPF_DEBUG when OSPF neighbor ship comes up with R5. It should disable all the debug messages. Make sure that each event generates a syslog message with a priority of 6 that shows the name of the event being activated. These logs should be seen both in the console and in the log buffer. You MUST be able to have these events run on R3 when R5 bounces its interface
The Past is to be respected and acknowledgedI, but not to be worshipped. It is our future in which we will find our Greatness.
-WaytoCcar