Lab 1.1

CCIE R&S v5 Lab ver 1.
Copyright@www.passccieexam.com All Right Reserved
Updated on 15th April,2015
Page 1
CCIE R&S v5 Lab ver 1.1
Disclaimer : CCCIE RSv5 lab Exam Workbook is designed to provide extensive

practical information to help candidates in the preparation for CISCO Systems CCIE
RSv5 Lab Exam. We do not take liability or responsibility to any person or entity with
respect to loss or damage caused by the information presented in the workbook
Cisco, Cisco Systems,and CCIE (Cisco Certified Internetwork Expert) are registered
trademarks of Cisco Systems, Inc.And of its affiliates in the USA and other countries .
The information presented in the workbook is not necessarily related to Cisco
Systems, Inc. This workbook is not affiliated, endorsed or sponsored by Cisco
Systems, Inc.This workbook provides detailed and comprehensive practical examples
for the preparation of CCIE RSv5 labs but cannot be used as a replacement of other
supplementary books or prescribed materials. Purpose of the workbook is to provide
more practical information about the CCIE RSv5 lab Exam.
This workbook is prepared for the individual candidates who have purchased it with
non-disclosure agreement. Imitation, copying, editing or posting contents of the
workbook over the internet is part of copyright and non-disclosure agreement
violation.
Page 2
Page 3
Configure the ACME Headquarters network (AS 12345) & New York Office (34567) as per the
following requirements.
1.
2.
3.
4.
5.
The VTP domain must be set to CCIE

Use VTP version 2
SW1 must be the VTP server and SW2 must be the VTP client
Secure all VTP updates with an MD5 digest of the ASCII string "CCIErocks$
SW3 & SW4 must not advertise their VLAN configuration but must forward VTP advertisement
that they receive out on their trunk ports.
6. In order to avoid as much as possible unknown unicast flooding in all vlans the administrator
requires that any dynamic entries learned by other SW1 and SW2 must be retained for 2 hours
before being refreshed.
Solution :SW1 ------ Configuration

SW1(config)#vtp version 2
SW1(config)#vtp domain CCIE
SW1(config)#vtp password CCIErock$
SW1(config)#vtp mode server
SW1(config)#mac address-table aging-time 7200
------------------> Note CCIErock$ is without quotes

------------------> 7200 seconds = 2 hours
Page 4
SW2 ------ Configuration

SW2(config)#vtp mode client
SW2(config)#mac address-table aging-time 7200

------------------> 7200 seconds = 2 hours

SW3(config)#vtp mode transparent

SW4(config)#vtp mode transparent
Verification :On SW1
Page 5
On SW2
On SW3
Page 6
NOTE :- Mac address-table aging-time 300 is by default on SW3
On SW4
NOTE :- Mac address-table aging-time 300 is by default on SW4
Page 7
Configure All Switch Ports as per the following requirements :1. Complete the configuration of all vlans so that all routers that are located in ACME's headquarters
(AS12345) and New York office (AS 34567) can ping their directly connected neighbors.
2. All four switches (SW1-SW4) must have four dot1q trunks that do not rely on negotiation
DO NOT configure any ether channel
3. Ensure that the following unused ports on all four switches are shutdown and configured as access
ports in vlan 999
E3/0 - E3/3 are unused on SW1 and SW2

SW1(config)#vlan 14
SW1(config-vlan)#exit
SW1(config)#vlan 15
SW1(config)#vlan 23
SW1(config)#vlan 24
SW1(config)#vlan 35
SW1(config)#vlan 46
SW1(config)#vlan 57
SW1(config)#vlan 67
SW1(config)#vlan 999
SW1(config)#
Page 8
SW1(config)#interface range ethernet 2/0 3

SW1(config-if-range)#switchport trunk encapsulation dot1q
SW1(config-if-range)#switchport mode trunk
SW1(config-if-range)#switchport nonegotiate
SW1(config-if-range)#exit
SW1(config)#
SW1(config-if-range)#switchport mode access
SW1(config-if-range)#switchport access vlan 999
SW1(config-if-range)#shutdown
SW1(config)#
SW1(config)# interface ethernet 0/0
SW1(config-if)#switchport mode access
SW1(config-if)#switchport access vlan 14
SW1(config-if)#no shutdown
SW1(config-if)#exit
SW1(config)#
SW1(config)#interface ethernet 0/1
SW1(config-if)#exit
SW1(config)#
SW1(config-if)#exit
SW1(config)#
SW1(config-if)#exit
SW1(config)#
SW1(config-if)#exit
Page 9

SW1(config-if)#exit
SW1(config)#
SW1(config-if)#exit
SW1(config)#
SW1(config-if)#exit
SW1(config)#
SW2
------ Configuration

SW2(config)#
SW2(config)#
SW2(config-if)#exit
SW2(config)#
Page 10

SW2(config-if)#exit
SW2(config)#
SW2(config-if)#exit
SW2(config)#
SW2(config-if)#exit
SW2(config)#
SW2(config-if)#exit
SW2(config)#
SW2(config-if)#exit
SW2(config)#
SW2(config-if)#exit
SW2(config)#
SW2(config-if)#exit
Page 11
SW3
SW3(config)#vlan 34
SW3(config)#vlan 38
SW3(config)#vlan 49
SW3(config)#vlan 89
SW3(config)#
SW3(config)#
SW3(config)# interface range ethernet 1/0 - 3 , ethernet 3/0 3
SW3(config)#
SW3(config-if)#exit
SW3(config)#
SW3(config-if)#exit
SW3(config)#
Page 12

SW3(config-if)#exit
SW3(config)#
SW3(config-if)#exit
SW3(config)#
SW4
SW4(config)#vlan 34
SW4(config)#vlan 38
SW4(config)#vlan 49
SW4(config)#vlan 89
SW4(config)#exit
SW4(config)#
SW4(config)# interface range ethernet 1/0 - 3 , ethernet 3/0 3
SW4(config)#
Page 13

SW4(config-if)#exit
SW4(config)#
SW4(config-if)#exit
SW4(config)#
SW4(config-if)#exit
SW4(config)#
SW4(config-if)#exit
SW4(config)#
Page 14
Page 15
On SW2
Page 16
On SW3
Page 17
Page 18
On SW4
Page 19
NOTE :- Once Section 1.2 is completed , test connectivity by pinging directly

connected ALL Routers in AS 12345
Page 20
Configure the ACME network as per the following requirements.

1.
2.
3.
4.
5.
SW1 must be the root switch for all odd vlans and must be the backup for all even vlans
SW2 must be the root switch for all even vlans and must be the backup for all odd vlans
SW3 must be the root switch for all odd vlans and must be the backup for all even vlans
SW4 must be the root switch for all even vlans and must be the backup for all odd vlans
Explicitly configure the root and backup roles, assuming that other switches with default configuration
may eventually be added in the network in the future
6. All Switches must maintain one stp instance per vlan

7. Use stp mode that has only 3 possible port states.
8. All access ports must immediately transitioned to the forwarding state upon link up and they must still
participate in STP . Use single command per switch to enable this
9. Access ports must automatically shut down if they receive any BPDU and an administrator must still
manually re-enable the port. Use a single command per switch to enable this feature.
Solution :SW1
SW1(config)#spanning-tree mode rapid- pvst

SW1(config)#spanning-tree portfast default
SW1(config)#spanning-tree portfast bpduguard default
SW1(config)#Spanning-tree vlan 1,15,23,35,57,67,999 root primary
SW1(config)#Spanning-tree vlan 14,24,46 root secondary
SW1(config)#errdisable recovery cause bpduguard
SW2

SW2(config)#Spanning-tree vlan 14,24,46 root primary
SW2(config)#Spanning-tree vlan 1,15,23,35,57,67,999 root secondary
Page 21
SW3

SW3(config)#Spanning-tree vlan 1,49,89,111,411,999 root primary
SW3(config)#Spanning-tree vlan 34,38,310 root secondary
SW4

SW4(config)#Spanning-tree vlan 34,38,310 root primary
SW4(config)#Spanning-tree vlan 1,49,89,111,411,999 root secondary
Page 22
On SW2
On SW3
On SW4
Page 23
NOTE :- 1) When SW1 goes down , SW2 will become root switch for all odd vlans.
2) When SW2 goes down , SW1 will become root switch for all even vlans.
3) When SW3 goes down , SW4 will become root switch for all odd vlans.
4) When SW4 goes down , SW3 will become root switch for all even vlans.
Page 24
Configure WAN Connectivity as per the following requirements

1. The WAN links must rely on a layer 2 protocol that supports link negotiation and authentication.
2. The Service provider expects both R18 and R19 to complete three way hand shake by providing the
expected response of a challenge that is sent by R63
3. R18 must use the username ACME-R18 and password CCIE
4. R19 must use the username ACME-R19 and password CCIE
Solution :R18
R18(config)#interface serial 1/0

R18(config-if)#encapsulation ppp
R18(config-if)#no peer neighbor-route
R18(config-if)#ppp chap hostname ACME-R18
R18(config-if)#ppp chap password CCIE
R18(config-if)#no shutdown
R18(config-if)#exit
R18(config
R19
R19(config)#interface serial 1/0

R19(config-if)#encapsulation ppp
R19(config-if)#no peer neighbor-route
R19(config-if)#ppp chap hostname ACME-R19
R19(config-if)#ppp chap password CCIE
R19(config-if)#no shutdown
R19(config-if)#exit
R19(config)#
Page 25
Verification :On R18
Page 26
On R19
Page 27
Configure OSPFv2 area 0 in ACME HQ (AS12345) according to the following requirements

1. Configure the OSPF process id to 12345 and set the router id to interface loopback 0 on all seven routers
2. The interface loopback 0 at each router must be seen as an internal OSPF prefix by all other routers
3. Ensure that OSPF is not running on any interface that is facing another AS. Use any method to
accomplish this requirement .
4. SW 1 and SW2 must not participate in routing at all
5. Do not change the default OSPF cost of any interface in AS12345
6. R1 must see the following OSPF routes in the routing table
Page 28
Solution :R1 ------ Configuration

R1(config)#router ospf 12345
R1(config-router)#router-id 123.1.1.1
R1(config-router)#network 123.10.1.1 0.0.0.0 area 0
R1(config-router)#exit
R1(config)#
R2 ------ Configuration
R2(config)#
R3(config)#
R4(config)#
Page 29
R5(config)#
R6(config)#
R7(config)#
Page 30
Verification :On R1
On R2
Page 31
On R3
On R4
On R5
On R6
On R7
Page 32
Configure EIGRP for ipv4 in the New York office (AS34567) according to the following requirements
1. The EIGRP Autonomous System is 34567
2. The interface loopback 0 on each router must be seen as an internal EIGRP prefix by all other routers
3. Ensure the EIGRP is not running on any interface that is facing another AS. Use any method to
accomplish this requirement
4. Using a single command on one switch only ensure that R8 installs two equal-cost route for the
following three path
Vlan 411
Interface loopback0 at SW4
Interface loopback0 at R11
5. Using a single command on one switch only ensure that R9 installs two equal cost route for the
following three path
Vlan 310
Interface loopback0 at SW3
Interface loopback0 at R10

R8(config)#router eigrp 34567
R8(config-router)#network 123.10.2.1 0.0.0.0
R8(config-router)#no auto-summary
R8(config)#
Page 33
R9(config)#

R10(config)#

R11(config)#

SW3(config)#router eigrp 34567
SW3(config-router)#network 123.10.2.13 0.0.0.0
SW3(config-router)#no auto-summary
SW3(config-router)#exit
SW3(config)#
SW3(config)#interface vlan 34
SW3(config-if)#delay 100
Page 34

SW4(config)#
SW4(config-if)#delay 100
Verification :On R8
Page 35
On R9
Page 36
On R10
On R11
On SW3
On SW4
Page 37
Configure EIGRP in AS 45678 according to the following requirements.

2. The interface loopback0 at each router must be seen as an internal EIGRP prefix by all other routers
3. Ensure the EIGRP is not running on any interface that is facing another AS. Use any method to
accomplish this requirement .
4. SW5 and SW6 are layer 3 switches and must configure EIGRP
5. On all three routers R15, 16, 17 must use EIGRP with 64bit metric version
6. Do not change the interface bandwidth on any physical interface in AS 45678

R15(config)#router eigrp CCIE
R15(config-router)#address-family ipv4 unicast autonomous-system 45678
R15(config-router-af)#network 123.20.1.1 0.0.0.0
R15(config-router-af)# topology base
R15(config-router-af-topology)#no auto-summary
R15(config-router-af-topology)#exit-af-topology
R15(config-router-af)#exit-address-family
R15(config)#

R16(config)#
Page 38

R17(config)#

SW5(config)#Vlan 5
SW5(config)#Vlan 55
----------------> Pre-configured

SW5(config)#

SW6(config)#Vlan 6
SW6(config)#Vlan 66

SW6(config)#
Page 39
Page 40
On R16
Page 41
On R17
Page 42
On SW5
Page 43
On SW6
Page 44
Configure EIGRP in AS 65222 according to the following requirements.

2. The interface loopback0 at each router must be seen as an internal EIGRP prefix by all other routers
3. Ensure that EIGRP is not running on any interface that is facing another AS.Use any method to
accomplish this requirement
4. Ensure that R17 should be the DMVPN hub and R18, R19 should be as the spoke. Use the preconfigured tunnel 0
Pre-configuration for tunnel 0 on each routers

On R17
Interface tunnel 0
no ip redirects
Ip address 123.20.1.25 255.255.255.248
tunnel source ethernet 0/0
tunnel mode gre multipoint
On R18
Interface tunnel 0
no ip redirects
Ip address 123.20.1.26 255.255.255.248
tunnel source Serial1/0
On R19
Interface tunnel 0
no ip redirects
Ip address 123.20.1.27 255.255.255.248
tunnel source Serial1/0
Page 45

R17(config-router-af)#topology base
R17(config-router-af-topology)# no auto-summary
------------------> tunnel 0 ip address
R17(config)#

R18(config-router)# network 10.1.18.1 0.0.0.0
R18(config-router)#eigrp stub connected
R18(config-router)# no auto-summary
R18(config)#
------------------> Connected PC ip address

------------------> Loopback 0 ip address

R19(config-router)#eigrp stub connected
R19(config-router)# no auto-summary
R19(config)#
------------------> Connected PC ip address

------------------> Loopback 0 ip address
Page 46
Page 47
On R18
Page 48
On R19
Note : You will get the above result only after completing Section 3.3
(DMVPN task).
Page 49
BGP is partially pre-configured in ACME headquarters. Complete the configuration as required.

Configure the IBGP in ACMEs headquarters (AS 12345) according to the following requirements.
1.
2.
3.
4.
5.
R4 and R5 must not establish any BGP session at any time

All BGP routers must use their interface loopback0 as their BGP router-id
Disable the default ipv4 unicast address family for peering session establishment in all BGP routers
R1 must be the ipv4 route-reflector for BGP AS 12345
R1 must use the peer-gorup named IBGP for all internal peerings
Configure EBGP between ACME's San Francisco and San Jose sites according to the following requirements
6. R20 is the CE router and uses EBGP to connect to the managed services that are provided by the PE
routers R2 and R3
7. R20 must establish separate EBGP peering with both R2 and R3 for every VRF
8. R20 must advertise the following prefix to all of its BGP peers
123.0.0.0/8 summary-only
10.0.0.0/8 summary-only
9. R20 must advertise a default route to all of its BGP peer except to 10.120.99.1 and 10.120.99.5
Solution :For IBGP

R1(config)#router bgp 12345
R1(config-router)#bgp router-id 123.1.1.1
R1(config-router)#no bgp default ipv4-unicast
R1(config-router)#neighbor IBGP peer-group
R1(config-router)#neighbor IBGP remote-as 12345
R1(config-router)#neighbor IBGP update-source loopback 0
R1(config-router)#neighbor 123.2.2.2 peer-group IBGP
Page 50
R1(config-router)#address-family ipv4
R1(config-router-af)#neighbor IBGP route-reflector-client
R1(config-router-af)#neighbor 123.2.2.2 activate
R1(config)#
R2(config-router)#neighbor 123.1.1.1 remote-as 12345
R2(config-router)#neighbor 123.1.1.1 update-source loopback 0
R2(config)#
R3(config)#
Page 51
R6(config)#
R7(config)#
For EBGP
R2(config-router)#address-family ipv4 vrf BLUE
R2(config-router-af)#neighbor 10.120.13.2 remote-as 65112
R2(config-router)#
R2(config-router)#address-family ipv4 vrf GREEN
R2(config-router)#
Page 52
R2(config-router)#address-family ipv4 vrf INET

R2(config-router)#
R2(config-router)#address-family ipv4 vrf RED
R2(config-router)#
R2(config-router)#address-family ipv4 vrf YELLOW
R2(config)#
On R3 ------ Configuration
R3(config-router)#address-family ipv4 vrf BLUE
R3(config-router)#
R3(config-router)#address-family ipv4 vrf GREEN
R3(config-router)#
R3(config-router)#
R3(config-router)#
Page 53
R3(config-router)#address-family ipv4 vrf YELLOW

R3(config)#

R20(config-router)#network 10.0.0.0
R20(config-router)#network 123.0.0.0
R20(config-router)#neighbor 10.120.12.1 default-originate
R20(config-router)#aggregate-address 123.0.0.0 255.0.0.0 summary-only
R20(config-router)# auto-summary
R20(config)#
Page 54
Verification :For IBGP

On R1
On R2
On R3
On R6
Page 55
On R7
For EBGP
On R2
Page 56
Page 57
On R3
Page 58
On R20
Page 59
Page 60
BGP is partially pre-configured in ACME New York office(AS 34567).

Complete the configuration as required.
Configure IBGP in AS 34567 according to the following requirements
1.
2.
3.
4.
5.
6.
7.
8.
SW3 and SW4 must not establish any BGP session at any time
All four BGP routers must use their interface loopback0 as their bgp router-id
Disable the default ipv4 unicast address family for peering session establishment in all BGP routers
Configure full mesh IBGP peering between all four routers use any configuration method
R9 must be selected as the preferred exit point for traffic destined to remote AS's
R11 must be selected as the next preferred exit point in case R9 fails
No BGP speaker in AS 34567 must use network statement under the BGP router configuration.
Ensure that all the BGP next-hop is never marked as unreachable as long as interface loopback0 of
the remote peer is known via IGP
Configure EBGP in AS 34567 according to the following requirements

9. All four BGP routers must establish EBGP peering with their neighboring AS as shown in diagram 3
(BGP topology)
10. All four BGP routers must redistribute EIGRP into BGP
11. R9 and R11 must redistribute only the BGP default route into Eigrp
12. Ensure that R9 is the only router that sees the default as a BGP route and that all other routers
(R8, R10, R11) see it as an EIGRP external router.
Solution :For IBGP

Page 61
R8(config-router-af)#neighbor 123.9.9.9 next-hop-self
R8(config)#
R9(config-router)#bgp default local-preference 102
R9(config)#

Page 62
R10(config)#

R11(config-router)#bgp default local-preference 101
R11(config)#
Page 63
For EBGP
R8(config-router-af)#redistribute eigrp 34567
R8(config)#
R9(config-router-af)#neighbor 33.34.4.1 route-map DEFAULT in
R9(config)#
R9(config)#ip prefix-list DEFAULT permit 0.0.0.0/0
R9(config)#route-map DEFAULT
R9(config-route-map)#match ip address prefix-list DEFAULT
R9(config-route-map)#exit
R9(config)#
R9(config-router)#redistribute bgp 34567 route-map DEFAULT metric 100000 10 255 1 1500
R9(config)#
Page 64

R10(config)#

R11(config)#
R11(config)#ip prefix-list DEFAULT permit 0.0.0.0/0
R11(config)#route-map DEFAULT
R11(config-route-map)#match ip address prefix-list DEFAULT
R11(config-route-map)#exit
R11(config)#
R11(config-router)#redistribute bgp 34567 route-map DEFAULT
R11(config)#
Page 65
Verification :For IBGP

On R8
On R9
On R10
On R11
Page 66
For EBGP
On R8
Page 67
On R9
Page 68
Page 69
On R10
Page 70
On R11
Page 71
Page 72
On R8
Page 73
Configure EBGP in ACME's APAC region (AS45678 and AS 65222) according to the following
requirements.
Refer Diagram 3 : BGP routing
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
SW5 and SW6 must not establish any BGP session at any time.
All BGP routers must use their interface loopback0 as the BGP router-id.
No IBGP peering session are allowed in AS 45678.
R15 must establish an EBGP peering with AS 10003 and must receive a default route as well as other
prefix.
R15 must redistribute BGP into EIGRP vice versa.
R15 must also advertise an aggregate prefix for 123.20.1.0/24 to AS 10003 and must suppress all
components prefixes.
R16 , R17 , R18 , R19 must establish an EBGP peering with AS 20003 and must receive a default route as
well as other prefix.
R16 , R17 , R18 , R19 must not advertise any prefix to AS 20003.
As long as R15 operational , R16 , R17 , R18 , R19 must prefer the EIGRP default route over the EBGP
default route.
Do not create any VRF in anywhere in order to accomplish the above requirements.

R15(config-router)#redistribute eigrp 45678
R15(config)#
R15(config-router)#address-family ipv4 autonomous-system 45678
R15(config-router-af)#topology base
R15(config-router-af-topology)#redistribute bgp 45678
R15(config)#
Page 74

R16(config-router)#distance 171 203.3.16.1 0.0.0.0 1
R16(config)#
R16(config)#access-list 1 permit 0.0.0.0

R17(config)#

R18(config)#

R19(config)#
Page 75
Page 76
On R16
Page 77
On R17
Page 78
On R18
Page 79
On R19
Page 80
Configure the ACME network as per the following requirements

1. All ACME border routers in AS 12345 must filter the BGP prefixes that are advertised to their SP in VRF
INET and must allow all prefixes that belong to class A 123.0.0.0./8 and all other VRF's must propagate
all prefix
2. All ACME border routers in AS 34567 must filter the BGP prefixes that are advertised to their SP and
must allow only all prefixes that belong to the class A 123.0.0.0/8
3. Do not use any route-map or access-list to accomplish the above requirements
4. R13 must route traffic preferably via AS 20002, use any method to accomplish this requirement
5. All three remote sites in AS 65111 must be able to ping 1.2.3.4 and traceroute must reveal the exact
same path as shown in the following output
R12# ping 1.2.3.4 source loopback0

!!!!!
R12# traceroute 1.2.3.4 source loopback0
1. 201.1.12.1 [AS 65112]
2. 201.1.123.2 [AS 65112]
3. 10.120.12.1 [AS 65112] [MPLS: label 135 EXP 0]
4. 10.120.12.2 [AS 65112]
5. 10.120.99.5 [AS 65112]
6. 102.2.123.1 [AS 65112]
7. 33.10.2.1 [AS 65112]

R2(config)#ip prefix-list FILTER permit 123.0.0.0/8 le 32
Page 81
R2(config-router-af)#neighbor 101.1.123.1 prefix-list FILTER out

R2(config)#
R3(config)#Ip prefix-list FILTER permit 123.0.0.0/8 le 32
R3(config)#Router bgp 12345
R3(config-router)#Address-family ipv4 vrf INET
R3(config-router-af)#Neighbor 102.2.123.1 remote-as 10002
R3(config-router-af)#Neighbor 102.2.123.1 activate
R3(config-router-af)#Neighbor 102.2.123.1 prefix-list FILTER out
R3(config)#
R6(config)#
R7(config)#
Page 82
R8(config)#ip prefix-list FILTER permit 123.0.0.0/8 le 32
R8(config-router)#Address-family ipv4
R8(config)#
R9(config-router-af)#neighbor 102.2.34.1 prefix-list FILTER out
R9(config)#

R10(config)#

R11(config)#
Page 83

R12(config-router)#Redistribute connected
R12(config-router)#Neighbor 201.1.12.1 remote-as 20001
R12(config)#

R13(config-router)#Neighbor 202.2.13.1 weight 1
R13(config)#

R14(config)#

R20(config-router)#Neighbor 10.120.99.5 weight 1
R20(config)#
Page 84
On R13
Page 85
On R14
Note : You will get the above result only after completing Section 3.1 & 3.2
(MPLS VPN PART 1 & PART 2)
Page 86
Configure OSPFv3 in the ACME New York office as per the following requirements.
1. Configure the OSPF process id 1 and set the router-id as interface loopback0
2. SW4 must be selected as the designated router on VLAN 34 and must have the best chance.
3. SW3 must be selected as the back-up designated router on VLAN 34 and must take over the
designated router if Switch4 is down.
Ipv6 address is Pre-Configured

SW3(config)#ipv6 unicast-routing
SW3(config)#ipv6 router ospf 1
SW3(config-rtr)#router-id 123.33.33.33
SW3(config-rtr)#exit
SW3(config)#
SW3(config)#interface loopback 0
SW3(config-if)# Ipv6 ospf 1 area 0
SW3(config)#exit
SW3(config)#
SW3(config-if)#ipv6 ospf priority 254
SW3(config)#exit
SW3(config)#
SW3(config-if)#interface vlan 310
SW3(config-if)#exit
SW3(config)#
Page 87

SW4(config)#ipv6 unicast-routing
SW4(config)#Ipv6 router ospf 1
SW4(config-rtr)#Router-id 123.44.44.44
SW4(config-rtr)#exit
SW4(config)#
SW4(config)#Interface loopback 0
SW4(config-if)#exit
SW4(config)#
SW4(config)#Interface vlan 34
SW4(config-if)#Ipv6 ospf priority 255
SW4(config-if)#exit
SW4(config)#
SW4(config-if)#Interface vlan 411
SW4(config-if)#exit
SW4(config)#

R10(config)#ipv6 unicast-routing
R10(config)#Ipv6 router ospf 1
R10(config-rtr)#Router-id 123.10.10.10
R10(config-rtr)#exit
R10(config)#
R10(config)#Interface ethernet0/1
R10(config-if)#Ipv6 ospf 1 area 10
R10(config-if)#exit
R10(config)#
R10(config)#Interface loopback 0
R10(config-if)#exit
R10(config)#
Page 88

R11(config)#ipv6 unicast-routing
R11(config)#Ipv6 router ospf 1
R11(config-rtr)#Router-id 123.11.11.11
R11(config)#
R11(config)#Interface ethernet0/2
R11(config-if)#exit
R11(config)#
R11(config-if)#exit
R11(config)#
On R11
Page 89
On SW3
On SW4
Page 90
Configure ACME network as per the following requirements

1.
2.
3.
4.
5.
Establish the four eBGP peering as indicated on "diagram IPV6 routing"

Do not use the network command under the BGP address-family ipv6 on either R10 or R11
Both regional Service Provider will advertise the necessary prefixes
Advertise the ipv6 prefix on interface Ethernet 0/0 into BGP on both R12 and R14
Configure your network such that any ipv6 that include can communicate with any ipv6 user that is
located and vice versa.
6. Do not use any static route or default route anywhere
7. Use the following ping to verify your configuration
R12# ping 2001:CC1E:BEF:14:202:2:14:1 source Ethernet0/0

!!!!!

R10(config-router)#neighbor 2001:CC1E:BEF:10:201:1:34:1 remote-as 20001
R10(config-router-af)#neighbor 2001:CC1E:BEF:10:201:1:34:1 activate
R10(config-router-af)#redistribute ospf 1 match internal external
R10(config)#
R10(config)#ipv6 router ospf 1
R10(config-rtr)#redistribute bgp 34567
R10(config)#
Page 91

R11(config-router-af)#redistribute ospf 1 match internal external
R11(config)#
R11(config)#ipv6 router ospf 1
R11(config-rtr)#redistribute bgp 34567
R11(config)#

R12(config-router-af)#neighbor 2001:CC1E:BEF:124:201:1:12:1 allowas-in
R12(config-router-af)#network 2001:CC1E:BEF:12::/64
R12(config)#

R14(config-router-af)#neighbor 2001:CC1E:BEF:144:202:2:14:1 allowas-in
R14(config-router-af)#network 2001:CC1E:BEF:14::/64
R14(config)#
Page 92
Verification:On R10
Page 93
On R11
On R12
Page 94
Assume that Streaming server is connected in vlan 5 on SW5 and receiver are located at the DMVPN
spoke R18 and R19
1. Only network segments with active receivers that explicitly require the data must receive the multicast
traffic
2. Interface loopback0 of R15 must be configured as RP
3. Use a standard method of dynamically distributing the RP
4. Both R16 and R17 must participate in the multicast routing
5. For testing purpose ,Configure interface ethernet0/0 of both R18 and R19 to join group 232.1.1.1

R15(config)#ip multicast-routing
R15(config)#interface loopback 0
R15(config-if)#ip pim sparse-mode
R15(config-if)#exit
R15(config)#
R15(config)#interface ethernet 0/1
R15(config-if)#exit
R15(config)#
R15(config)#int ethernet 0/2
R15(config-if)#exit
R15(config)#
R15(config)#ip pim rp-candidate loopback 0
R15(config)#ip pim bsr-candidate loopback 0
Page 95

SW5(config)#ip multicast-routing
SW5(config)#int vlan 5
SW5(config-if)#ip pim sparse-mode
SW5(config-if)#exit
SW5(config)#
SW5(config)#int vlan 55
SW5(config-if)#exit
SW5(config)#

SW6(config)#ip multicast-routing
SW6(config-if)#exit
SW6(config)#
SW6(config-if)#exit
SW6(config)#

R16(config-if)# ip pim sparse-mode
R16(config-if)#exit
R16(config)#
R16(config-if)#exit
R16(config)#
Page 96

R17(config)#interface tunnel 0
R17(config-if)#exit
R17(config)#
R17(config-if)#exit
R17(config)#
R17(config-if)#exit
R17(config)#

R18(config-if)#exit
R18(config)#
R18(config-if)#ip igmp join-group 232.1.1.1
R18(config-if)#exit
R18(config)#

R19(config-if)#exit
R19(config)#
Page 97
R19(config-if)#ip igmp join-group 232.1.1.1

R19(config-if)#exit
R19(config)#
On SW6
On R15
Page 98
On R16
On R17
On R18
On R19
Page 99
On SW5
On SW6
Note : You will get the above result only after completing Section 3.3
(DMVPN task).
Page 100
Refer to "diagram 3 BGP topology" and "diagram 4 VPN technology"

The ACME HQ network (AS12345) uses MPLS L3VPN in order to clearly separate remote site
networks
The ACME corporate security policies are centralized and enforced at the San Jose site
(AS 65112) for all remote sites. the policies require that all traffic that is originated from
any remote sites (with the exception of New York office)
Configure MPLS L3 VPN in the ACME network according to the following requirements
1. Enable LDP only on required interfaces on all seven routers in AS 12345

2. Use the interface loopback 0 to establish LDP peering
3. Ensure that no MPLS interface that belongs to any router in AS12345 is visible on a traceroute
that originates outside of the AS
4. R2, R3, R6 and R7 must be configured as PE routers
5. R1, R4 and R5 must be configured as P routers
Page 101

R1(config)#Mpls ldp router-id loopback 0 force
R1(config)#No mpls ip propagate-ttl
R1(config)#Router ospf 12345
R1(config-router)#Mpls ldp autoconfig
R1(config)#
R2(config)#
R3(config)#
R4(config)#
Page 102
R5(config)#
R6(config)#
R7(config)#
Page 103
Verifcation :On R1
On R2
Page 104
On R3
On R4
Page 105
On R5
On R6
Page 106
On R7
Page 107
Refer to "diagram 3 BGP topology" and "diagram 4 VPN technologie"

The global and regional service providers have agreed to transport the ACME VPN via PE to PE EBGP
peering that are already preconfigured.
Complete all the configuration of MPLS L3 VPN in the ACME network according to the following
requirements
1. R1 must reflect VPNv4 prefixes from any PE to any other PE in AS 12345

2. R2 and R3 must establish EBGP peering with both global Service Providers
(As 10001 and AS 10002) for the following VRF's
GREEN
BLUE
RED
YELLOW
INET
3. R6 must establish an EBGP peering with the regional SP (AS 20001) for the following VRFs
GREEN
BLUE
INET
4. R7 must establish an EBGP peering with the regional SP (AS 20002) for the following VRFs
BLUE
RED
INET
5. All ip address used for EBGP peering must pass the BGP's directly connected check
6. No BGP speaker is AS 12345 may use the network or redistribute statement under any address-family of
the BGP router configuration
7. At the end of the exam scenario the interface ethernet 0/0 of the gateway router in any remote site
must be able to connect to the interface ethernet 0/0 of any other remote gateway that belongs to AS
65111 or AS 65222
Page 108
8. Use the following tests as examples of connectivity checks
R12# ping 10.2.19.1 source ethernet0/0

!!!!!
R12# traceroute 10.2.19.1 source ethernet0/0

R1(config-router)#address-family vpnv4
R1(config-router-af)#neighbor IBGP send-community extended
R1(config-router-af)#neighbor IBGP route-reflector-client
R1(config)#
R2(config-router)#Address-family vpnv4
R2(config-router-af)#Neighbor 123.1.1.1 send-community extended
R2(config)#
R3(config)#
Page 109
R6(config)#
R7(config)#
R2(config-router)#Address-family ipv4 vrf BLUE
R2(config-router-af)#Exit-address-family
R2(config-router)#
R2(config-router)#Address-family ipv4 vrf GREEN
R2(config-router)#
R2(config-router)#
R2(config-router)#Address-family ipv4 vrf RED
R2(config-router)#
Page 110
R2(config-router)#Address-family ipv4 vrf YELLOW

R2(config)#
R3(config-router)#
R3(config-router)#
R3(config-router)#
R3(config-router)#Address-family ipv4 vrf RED
R3(config-router)#
R3(config-router)#Address-family ipv4 vrf YELLOW
R3(config)#
Page 111
R6(config-router)#
R6(config-router)#
R6(config)#
R7(config-router)#
R7(config-router)#
R7(config)#
Page 112
On R2
Page 113
On R3
On R6
Page 114
On R7
Page 115
Configure DMVPN phase 3 in the ACME APAC region (AS 45678 and 65222) as per the following
requirements
1.
2.
3.
4.
5.
Use the preconfigured interface tunnel 0 on all the three routers in order to accomplish this task
R17 must be configured as the hub router
R18 and R19 must be the spoke routers and must participate in the NHRP information exchange
Disable send icmp redirect message on all three tunnel 0 interfaces
Configure the following parameters on all the three tunnel 0 interfaces
6.
7.
8.
9.
Configure the bandwidth 1000 kbps

Configure the delay to 10000 msec
Adjust the ip MTU to 1400 Bytes
Adjust the TCP MSS to 1380 Bytes
Authenticate NHRP using the string 45678key

Use the NHRP network-id 45678
Configure NHRP hold time to 5 min
Ensure that spoke-to-spoke traffic does not transit via the hub

R17(config-if)# ip address 123.20.1.25 255.255.255.248
R17(config-if)#bandwidth 1000
R17(config-if)#no ip redirects
R17(config-if)#ip mtu 1400
R17(config-if)#ip nhrp authentication 45678key
R17(config-if)#ip nhrp map multicast dynamic
R17(config-if)#ip nhrp network-id 45678
R17(config-if)#ip nhrp holdtime 300
R17(config-if)#ip tcp adjust-mss 1380
R17(config-if)#delay 1000
R17(config-if)#tunnel source ethernet 0/0
R17(config-if)#tunnel mode gre multipoint
R17(config-if)#ip nhrp redirect
R17(config-if)#exit
R17(config)#
Page 116

R17(config-router)# address-family ipv4 unicast autonomous-system 45678
R17(config-router-af)#af-interface tunnel 0
R17(config-router-af-interface)#no split-horizon
R17(config-router-af-interface)#no next-hop-self
R17(config-router-af-interface)#exit-af-interface
R17(config)#

R18(config-if)#ip address 123.20.1.26 255.255.255.248
R18(config-if)#ip nhrp nhs 123.20.1.25
R18(config-if)#ip nhrp map 123.20.1.25 203.3.17.2
R18(config-if)#ip nhrp map multicast 203.3.17.2
R18(config-if)#ip nhrp shortcut
R18(config-if)#tunnel source serial 1/0
R18(config-if)#exit
R18(config)#

R19(config)#Interface Tunnel 0
R19(config-if)#ip address 123.20.1.27 255.255.255.248
R19(config-if)#ip nhrp nhs 123.20.1.25
Page 117
R19(config-if)#ip nhrp map 123.20.1.25 203.3.17.2

R19(config-if)#ip nhrp map multicast 203.3.17.2
R19(config-if)#ip nhrp shortcut
R19(config-if)#tunnel source serial 1/0
R19(config-if)#exit
R19(config)#
On R17
Page 118
On R18
On R19
Page 119
Refer to "Diagram 4 VPN technology"

Secure the DMVPN tunnel using IPSEC according to the following requirements
1. Configure IKE Phase 1 as per the following
Use AES encryption with the pre-shared key CCIE

The key must appear in plain text in the configuration
All IPsec tunnels must be authenticated using the same IKE Phase 1 pre-shared key
Use 1024 bits for the key exchange using the Diffie-Hellman algorithm
Configure a single policy using priority 10
2. Configure IKE Phase 2 as per the following requirements
Use CCIEXFORM as transform-set name

use DMVPNPROFILE as IPSEC profile name
use IPSEC in transport mode
use the IPSEC protocol ESP and algorithm AES with 128 bits
3. Ensure that the DMVPN cloud is secured using above parameters.
Use tunnel protection in your configuration.
Solution :-
For Phase 1
R17(config)#crypto isakmp enable
R17(config)#crypto isakmp policy 10
R17(config-isakmp)#authentication pre-share
R17(config-isakmp)#encryption aes
R17(config-isakmp)#group 2
R17(config-isakmp)#exit
R17(config)#
Page 120
R17(config)#crypto isakmp key CCIE address 203.3.18.2

R17(config)#crypto isakmp key CCIE address 203.3.19.2

R18(config)#Crypto isakmp enable
R18(config)#Crypto isakmp policy 10
R18(config-isakmp)#Authentication pre-share
R18(config-isakmp)#Group 2
R18(config)#
R18(config)#Crypto isakmp key CCIE address 203.3.17.2
R18(config)#

R19(config)#Crypto isakmp enable
R19(config)#Crypto isakmp policy 10
R19(config-isakmp)#Authentication pre-share
R19(config-isakmp)#Group 2
R19(config)#
R19(config)#Crypto isakmp key CCIE address 203.3.17.2
R19(config)#
For Phase 2
R17(config)#Crypto ipsec transform-set CCIEXFORM esp-aes 128
R17(cfg-crypto-trans)#mode transport
R17(cfg-crypto-trans)#exit
R17(config)#
R17(config)#crypto ipsec profile DMVPNPROFILE
R17(ipsec-profile)#set transform-set CCIEXFORM
R17(ipsec-profile)#exit
R17(config)#
Page 121
R17(config-if)#tunnel protection ipsec profile DMVPNPROFILE
R17(config-if)#exit
R17(config)#

R18(config)#
R18(config)#
R18(config-if)#exit
R18(config)#

R19(config)#
R19(config)#
R19(config-if)#exit
R19(config)#
Page 122
On R18
On R19
Page 123
Refer to Diagram 1 : Main Topology

Configure R20 in the ACME San Jose office as per the following
1. All users who connect to R20 via the console port or via any of VTY lines using SSH must be prompted
with the below message before any other prompt is displayed
WARNING! ACCESS RESTRICTED!
2. Do not include any extra spaces or any other characters as the ones shown above

R20(config)#banner motd *
WARNING! ACCESS RESTRICTED!*
----> Copy Paste this statement from question to avoid spaces
R20(config)#
R20(config)#banner login *
WARNING! ACCESS RESTRICTED!*
----> Copy Paste this statement from question to avoid spaces
Page 124
R20(config)#line vty 0 4
R20(config-line)#no motd-banner
R20(config-line)#exit
R20(config)#exit
R20#quit
NOTE : After WARNING! ACCESS RESTRICTED! do not enter or space . You can use * symbol or
return button or type m to come out
Page 125

Configure ACME New York office as per the following
1. Ensure that interfaces ethernet 0/0 , ethernet 0/1 , ethernet 0/2 , ethernet 0/3 of SW3 forward traffic
that was sent from expected and legitimate host and servers.
2. Sw3 must dynamically learn only one mac address per port and must save the mac address in its startup
configuration
3. Sw3 must shut down the port if security violation occurs on any of these four ports

SW3(config)#Interface range ethernet 0/0-3
SW3(config-if-range)#switchport port-security
SW3(config-if-range)#switchport port-security mac-address sticky
SW3(config-if-range)#switchport port-security maximum 1
SW3(config-if-range)#switchport port-security violation shutdown
SW3(config)#
Page 126

Configure R20 int the ACME San Jose office as per the following requirements
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
Enable SSH access in R20 using the domain name acme.org

R20 must accept up to five remote authorized users to connect at the same time using SSH
Create the user "test" with password "test" in the local database of R20
Ensure that R20 accepts SSH connections with clients with source ip in 123.10.2.0/24. All other source
ip must be denied. Use standard ACL to configure this requirement.
R20 must produce a syslog message for all SSH connection attempts whether permitted or denied
When authenticate the username test must be granted privilege level 1
Do not enable aaa new-model command on R20
Ensure that SSH is the only remote access method permitted on VTY lines of R20
Ensure that the console is not affected by your solution and no username prompt is presented on the
console port
Test your solution from any device that is located in AS 34567 and ensure that the following sequence
of command produce the following output
R10 # ssh -l test 123.20.20.20

WARNING!ACCESS RESTRICTED
R20>
R20>show privilage
current privilage level is 1
R20>
R20>q
R10#
Page 127

R20(config)#service linenumber
R20(config)#username test password test
R20(config)#ip domain-name acme.org
R20(config)#crypto key generate rsa
How many bits in the modulus [512]: 1024
R20(config)#ip ssh maxstartups 5
R20(config)#ip ssh logging events
R20(config)#ip ssh version 2
R20(config)#Access-list 1 permit 123.10.2.0 0.0.0.255 log
R20(config)#Access-list 1 deny any log
R20(config)#line vty 0 4
R20(config-line)#access-class 1 in
R20(config-line)#login local
R20(config-line)#transport input ssh
R20(config-line)#privilege level 1
R20(config-line)#exit
R20(config)#
Page 128
On R20
Page 129

1. R20 must enable all private corporate traffic that is originated from any host with source ip address
10.1.0.0/16 or 10.2.0.0/16 to connect to any public destination that is located in AS 34567 or in any
source
2. All remote sites in AS 65111 and 65222 must be able to connect to these public destinations
3. R20 must swap the source ip address in these packets with the ip address of its interface loopback0
4. R20 must allow multiple concurrent connections
5. Use a standard ACL to accomplish the above requirements
The following tests must succeed after the above requirements

(in addition to previous requirements) are achieved
!!!!!
!!!!!

R20(config)#interface loopback 0
R20(config-if)#ip nat outside
R20(config-if)#exit
R20(config)#
R20(config)#interface range ethernet 0/0.12 - ethernet 0/0.15
R20(config-if-range)#ip nat inside
R20(config-if-range)#exit
R20(config)#
R20(config)#interface ethernet 0/0.99
R20(config-subif)#ip nat outside
R20(config-subif)#exit
R20(config)#
Page 130
R20(config)#interface range ethernet 0/1.12 - ethernet 0/1.15

R20(config-if-range)#ip nat inside
R20(config-if-range)#exit
R20(config)#
R20(config)#interface ethernet 0/1.99
R20(config-subif)#ip nat outside
R20(config-subif)#exit
R20(config)#
R20(config)#access-list 2 permit 10.1.0.0 0.0.255.255
R20(config)#access-list 2 permit 10.2.0.0 0.0.255.255
R20(config)#ip nat inside source list 2 interface loopback 0 overload
On R20
Note :-
Interface has address 10.120.12.2 ( ip nat inside )

Interface has address 10.120.99.6 ( ip nat outside )
Page 131
Configure R17 as per the following requirements
1. The output shown below must be seen on R17 during 10 sec after R15 successfully pings interface
loopback 0 of R19
R15# ping 123.19.19.19

!!!!!
R17#show ip flow top-talkers
SrcIf
Et0/2
SrcIPaddress
123.20.1.9
DstIf
Tu0*
DestIPaddress
123.19.19.19
Pr SrcP
01 0000
DstP
0800
Bytes
500

R17(config)#ip flow-export version 9
R17(config)#ip flow-top-talkers
R17(config-flow-top-talkers)#top 10
R17(config-flow-top-talkers)#sort-by bytes
R17(config-flow-top-talkers)#cache-timeout 10
R17(config-flow-top-talkers)#match input-interface ethernet 0/2
R17(config-flow-top-talkers)#match source address 123.20.1.9 255.255.255.255
R17(config-flow-top-talkers)#exit
R17(config)#
R17(config-if)#ip flow egress
R17(config-if)#exit
Page 132
On R17
Page 133
Configure ACME as per the following requirements

1.
2.
3.
4.
5.
SW3 must provide an authoritative time source to the ACME network

R10 and R12 must synchronize their clock to SW3 using NTP v4 for IPv6
R10 and R12 must operate in client mode
Sw3 must not capture or use any time information that is sent by R12 and R14
All NTP traffic must rely on IPv6 connectivity only
All NTP traffic must be sourced and destined to interface loopback 0 of the
corresponding devices

SW3(config)#ntp master
SW3(config)#ntp source loopback 0
SW3(config)#interface loopback 0
SW3(config-if)#ntp disable ip
SW3(config-if)#exit
SW3(config)#
SW3(config)#ntp peer 2001:CC1E:BEF:0:123:10:10:10 version 4
SW3(config)#ntp peer 2001:CC1E:BEF:0:123:12:12:12 version 4
-----------> disable ipv4 for running ipv6 only
------------> R10s loopback 0 ipv6 address

------------> R12s loopback 0 ipv6 address

R10(config)#Ntp source loopback 0
R10(config-if)#Ntp disable ip
R10(config-if)#exit
R10(config)#
R10(config)#ntp server 2001:CC1E:BEF:0:123:33:33:33 version 4
------------> disable ipv4 for running ipv6 only
--------> SW3s loopback 0 ipv6 address
Page 134

R12(config-if)#exit
R12(config)#
-----------> disable ipv4 for running ipv6 only
R12(config)#ntp server 2001:CC1E:BEF:0:123:33:33:33 version 4
--------> SW3s loopback 0 ipv6 address

R14(config-if)#exit
R14(config)#
------------> disable ipv4 for running ipv6 only
Page 135
Page 136

Lab 1.1

Загружено:

Сведения о документе

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

Lab 1.1

Загружено:

Авторское право:

Доступные форматы

CCIE R&S v5 Lab ver 1.

Copyright@www.passccieexam.com All Right Reserved

Updated on 15th April,2015

CCIE R&S v5 Lab ver 1.1

Updated on 15th April,2015

Disclaimer : CCCIE RSv5 lab Exam Workbook is designed to provide extensive

Copyright@www.passccieexam.com All Right Reserved

CCIE R&S v5 Lab ver 1.1

Copyright@www.passccieexam.com All Right Reserved

Updated on 15th April,2015

CCIE R&S v5 Lab ver 1.1

Updated on 15th April,2015

The VTP domain must be set to CCIE

Solution :SW1 ------ Configuration

Copyright@www.passccieexam.com All Right Reserved

------------------> Note CCIErock$ is without quotes

CCIE R&S v5 Lab ver 1.1

Updated on 15th April,2015

SW2 ------ Configuration

------------------> Note CCIErock$ is without quotes

SW3 ------ Configuration

------------------> Note CCIErock$ is without quotes

SW4 ------ Configuration

------------------> Note CCIErock$ is without quotes

Verification :On SW1

Copyright@www.passccieexam.com All Right Reserved

CCIE R&S v5 Lab ver 1.1

Updated on 15th April,2015

Copyright@www.passccieexam.com All Right Reserved

CCIE R&S v5 Lab ver 1.1

Updated on 15th April,2015

NOTE :- Mac address-table aging-time 300 is by default on SW3

NOTE :- Mac address-table aging-time 300 is by default on SW4

Copyright@www.passccieexam.com All Right Reserved

CCIE R&S v5 Lab ver 1.1

Updated on 15th April,2015

Solution :SW1 ------ Configuration

Copyright@www.passccieexam.com All Right Reserved

CCIE R&S v5 Lab ver 1.1

Updated on 15th April,2015

SW1(config)#interface range ethernet 2/0 3

Copyright@www.passccieexam.com All Right Reserved

CCIE R&S v5 Lab ver 1.1

Updated on 15th April,2015

SW1(config)#interface ethernet 1/1

SW2(config)#interface range ethernet 2/0 3

Copyright@www.passccieexam.com All Right Reserved

CCIE R&S v5 Lab ver 1.1

Updated on 15th April,2015

SW2(config)#interface ethernet 0/1

Copyright@www.passccieexam.com All Right Reserved

CCIE R&S v5 Lab ver 1.1

Updated on 15th April,2015

CCIE R&S v5 Lab ver 1.1

Updated on 15th April,2015

SW3(config)#interface ethernet 0/2

CCIE R&S v5 Lab ver 1.1

Updated on 15th April,2015

SW4(config)# interface ethernet 0/0

Verification :On SW1

Copyright@www.passccieexam.com All Right Reserved

CCIE R&S v5 Lab ver 1.1

Copyright@www.passccieexam.com All Right Reserved

Updated on 15th April,2015