Logical Topology

Logical Topology

Physical Topology

Physical Topology

1 Introduction

The purpose of this exercise is to learn how to configure OSPF on a group of Cisco routers so that they exchange network reachability information and maintain their own routing tables dynamically.

All participants will work within a group as a team. Each group has three routers and four switches to work with. There is a certain dependency between the labs as the exercises progress. Make sure to maintain your configuration unless otherwise instructed. All exercises will use a common IP addressing scheme and network topology. As you go through the exercises all the examples are given from the point of view of R11, the border router in group 1. Make sure to take the examples and adapt them to your own router, network topology and addressing scheme.

1.1 Router types used in the lab

Cisco 7206 VXR

1.2 Address Space Allocation

Group IPv4 Block IPv6 Block
1 10.1.0.0/16 fd00:1::/32
2 10.2.0.0/16 fd00:2::/32
3 10.3.0.0/16 fd00:3::/32
4 10.4.0.0/16 fd00:4::/32
5 10.5.0.0/16 fd00:5::/32

Each group will then further partition their space like this:

IPv4 IPv6 Description
10.X.1.0/24 fd00:X:1:1::/64 Core Network
10.X.64.0/24 fd00:X:2:64::/64 Data Subnet (VLAN 64)
10.X.65.0/24 fd00:X:2:65::/64 VOIP Subnet (VLAN 65)
10.X.254.0/24 fd00:X:0:FE::/64 Router Loopback Subnet
10.X.255.0/24 fd00:X:0:FF::/64 Switch MGMT Subnet (VLAN 255)

With X being your group number (1,2,3,4,5)

2 Exercises

2.1 Basic Router Configuration

Configure each router based on the following example for R11:

hostname R11
!
aaa new-model
aaa authentication login default local
aaa authentication enable default enable
username nsrc secret nsrc
enable secret nsrc
service password-encryption
line vty 0 4
 transport preferred none
line console 0
 transport preferred none
!
no logging console
logging buffered 8192 debugging
no ip domain-lookup
ipv6 unicast-routing

2.2 Interface Configuration

Configure each router's interface according to the diagram (where X represents your group):

RX1: use Y=1

interface loopback 0
 ip address 10.X.254.Y 255.255.255.255
 ipv6 address fd00:X:0:fe::Y/128
!
interface GigabitEthernet1/0
 ip address 10.X.1.Y 255.255.255.0
 description Link to Core
 ipv6 address fd00:X:1:1::Y/64
 no ip redirects
 no ip directed-broadcast
 no ip proxy-arp
 no shutdown

Use address .2 for RX2 and .3 for RX3.

On the access side, where you will use VLANs:

RX2:

interface Fast0/0
 no ip address
 no shutdown
!
interface Fast0/0.64
 encapsulation dot1Q 64
 ip address 10.X.64.2 255.255.255.0
 description Link VLAN 64
 ipv6 enable
 ipv6 address fd00:X:2:64::2/64
 no ip redirects
 no ip directed-broadcast
 no ip proxy-arp
 no shutdown

Do the same for VLANs 65 and 255.

RX3:

interface Fast0/0 
 no ip address
 no shutdown
!
interface Fast0/0.64
 encapsulation dot1Q 64
 ip address 10.X.64.3 255.255.255.0
 description Link VLAN 64
 ipv6 enable
 ipv6 address fd00:X:2:64::3/64
 no ip redirects
 no ip directed-broadcast
 no ip proxy-arp
 no shutdown

Do the same for VLANs 65 and 255.

2.3 Testing Connectivity

Ping your neighbor routers:

R11# ping 10.X.1.2
R11# ping 10.X.1.3
R11# ping fd00:X:1:1::2
R11# ping fd00:X:1:1::3

And verify the output of the following commands:

show arp           : Shows ARP cache
show interface <int>       : Shows interface state and configuration
show ip interface      : Shows interface IP state and config
show ipv6 neighbors    : Shows IPv6 neighbors
show ipv6 interface <int>  : Shows interface state and configuration
show ipv6 interface        : Shows interface state and configuration

Now try pinging these other addresses in your network:

R11# ping 10.X.254.2
R11# ping 10.X.254.3
R11# ping 10.X.64.2
R11# ping 10.X.64.3
R11# ping 10.X.65.2
R11# ping 10.X.65.3
R11# ping 10.X.255.2           
R11# ping 10.X.255.3
R11# ping ipv6 fd00:X:0:FE::2
R11# ping ipv6 fd00:X:0:FE::3
R11# ping ipv6 fd00:X:2:64::2
R11# ping ipv6 fd00:X:2:64::3
R11# ping ipv6 fd00:X:2:65::2
R11# ping ipv6 fd00:X:2:65::3
R11# ping ipv6 fd00:X:0:FF::2
R11# ping ipv6 fd00:X:0:FF::3

What is happening? Why can we not ping some of the addresses?

2.4 Dynamic Routing with OSPF

  1. Configure a new OSPF routing process and configure OSPF on the interfaces where adjacencies need to be established, and also on any interface that needs to have its subnets advertised by OSPF.

In the case of R12 and R13, this includes the sub-interfaces for VLANs 64, 65 and 255. Notice that we are configuring authentication for the OSPF adjacencies. This is important.

Notice that we will use the number "10" as the OSPF process number for routers R11, R12 and R13. This number is local to the router, so it doesn't need to match the process number of a neighboring router. However, it is strongly recommended that you use the same number throughout your network. Most people use their Autonomous System number (although OSPF has nothing to do with the BGP AS).

R11:

router ospf 10
 log-adjacency-changes 
 passive-interface default
 area 0 authentication message-digest
 no passive-interface GigabitEthernet1/0
 auto-cost reference-bandwidth 1000
!
ipv6 router ospf 10
 log-adjacency-changes 
 passive-interface default
 no passive-interface GigabitEthernet1/0
 area 0 authentication ipsec spi 256 md5 0123456789ABCDEF0123456789ABCDEF
 auto-cost reference-bandwidth 1000
!
interface Loopback0
 ip ospf 10 area 0
 ipv6 ospf 10 area 0
!
interface GigabitEthernet1/0
 ip ospf 10 area 0
 ip ospf authentication-key nsrc
 ipv6 ospf 10 area 0
  1. STOP -- Checkpoint.
show ip ospf neighbor      : show adjacencies
show ip route              : show routes in routing table
show ip ospf               : shows general OSPF information
show ip ospf interface     : shows the status of OSPF in an interface
show ipv6 ospf neighbor
show ipv6 route
show ipv6 ospf
show ipv6 ospf interface

  1. How many routes do you have on R11 for each access network?

  2. Is there a preferred path? Why?

2.5 Using OSPF Cost

Load balance the traffic for the different access networks by using OSPF link costs.

  1. Check each interface's cost:
R12#show ip ospf interface Fast0/0.64
  1. If you did the Layer-2 exercises and used PVST to load balance traffic for the different VLANs, make sure that you assign OSPF link costs accordingly to avoid unnecessary hops.

Hint: You need to make the cost lower than the current cost on the path that you want the router to prefer, and higher on the path that you want the router to NOT prefer.

R12:

interface Fast0/0.64
 ip ospf cost 5
 ipv6 ospf cost 5
!
interface Fast0/0.65
 ip ospf cost 5 
 ipv6 ospf cost 5
!
interface Fast0/0.255 
 ip ospf cost 15
 ipv6 ospf cost 15

Verify the routing table in R11:

R11# show ip route ospf

2.6 Removing Static Routes

The OSPF Lab is normally conducted after completing the static routing exercise. There still will be lots of static routes within the network so that each group can reach the others.

We will now remove these static routes, carefully.

  1. Ensure that RX1 is announcing a default route by OSPF into the core network. To do this, we use the following command.

RX1:

router ospf 10
 default-information originate
!
ipv6 router ospf 10
 default-information originate
  1. Once RX1 is announcing the default route by OSPF, RX2 and RX3 should check this by using:
R11# show ip ospf rib

for IPv4, and for IPv6:

R11# show ipv6 ospf rib

which will show a default route in the OSPF RIB. If the route is there, RX2 and RX3 can remove the static routes to other groups and the default route pointing to RX1. For example, for R12 and R13 using IPv4:

no ip route 0.0.0.0 0.0.0.0 10.1.1.1
no ip route 10.2.0.0 255.255.0.0 10.1.1.1
no ip route 10.3.0.0 255.255.0.0 10.1.1.1
no ip route 10.4.0.0 255.255.0.0 10.1.1.1
no ip route 10.5.0.0 255.255.0.0 10.1.1.1

Do the same for IPv6 on RX2 and RX3.

RX2 and RX3 should check that routing to the other groups is still working. Try ping and traceroute.

There should now be no static routes remaining in either IPv4 or IPv6 routing configuration on RX2 and RX3.

  1. Router RX1 can now remove the static routes pointing to RX2 and RX3 for each of the Data, VoIP and Management vLANs. These routes are learned by OSPF from those routers. For example, for R11 using IPv4:
no ip route 10.1.64.0 255.255.255.0 10.1.1.2
no ip route 10.1.64.0 255.255.255.0 10.1.1.3
no ip route 10.1.65.0 255.255.255.0 10.1.1.2
no ip route 10.1.65.0 255.255.255.0 10.1.1.3
no ip route 10.1.255.0 255.255.255.0 10.1.1.2
no ip route 10.1.255.0 255.255.255.0 10.1.1.3
  1. To finish off, all teams should now check the Routing Table for both IPv4 and IPv6. Document the output of:
R11# show ip route

and

R11# show ipv6 route

and be prepared to show this to the workshop instructors. The group network is now using a dyanmic routing protocol to share routing information within the group - a much more scalable solution than the effort that was required to set up the static routes in the previous lab exercise.