Scribd
Upload
29 views41 pages

ENARSI SA Configuration - ILM

Uploaded by

Boni Acebedo
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
29 views41 pages

ENARSI SA Configuration - ILM

Uploaded by

Boni Acebedo
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 41

ENARSI Skills Assessment - Configuration (Instructor Version)

Instructor Note: Red f ont color or gray highlights indicate text that appears in the instructor copy only.

Topology

Addressing Table

Device Interface IPv4 Address/Mask IPv6 Address/Prefix Length Link-Local Address

R1 G0/0/0 209.165.200.1/24 2001:db8:200::1/64 f e80::1:1

R1
G0/0/1 10.165.249.1/24 2001:db8:249::1/64 f e80::1:2

R1
Loopback 0 10.0.0.1/24 2001:db8:10::1/64 f e80::1:3

R1
Loopback 1 10.165.248.1/24 2001:db8:248::1/64 f e80::1:4
R2 G0/0/0 209.165.200.2/24 2001:db8:200::2/64 f e80::2:1

R2
G0/0/1 209.165.201.2/24 2001:db8:201::2/64 f e80::2:2

R2
Loopback 0 172.16.0.1/24 2001:db8:172::1/64 f e80::2:3

R2
Loopback 1 209.165.224.1/24 2001:db8:224::1/64 f e80::2:4

© 2020 - 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 1 of 41 www.netacad.com
ENARSI Skills Assessment - Configuration

Device Interface IPv4 Address/Mask IPv6 Address/Prefix Length Link-Local Address

R3 G0/0/0 209.165.201.1/24 2001:db8:201::1/64 f e80::3:1

R3
G0/0/1 192.168.241.1/24 2001:db8:241::1/64 f e80::3:2

R3
Loopback 0 192.168.0.1/24 2001:db8:192::1/64 f e80::3:3

R3
Loopback 1 192.168.240.1/24 2001:db8:240::1/64 f e80::3:4

D1 G1/0/11 10.165.249.2/25 2001:db8:249::2/64 f e80::d1:1

D1
VLAN 250 10.165.250.1/24 2001:db8:24a::1/64 f e80::d1:2

D1
VLAN 251 10.165.251.1/24 2001:db8:24b::1/64 f e80::d1:3

D2 G1/0/11 192.168.241.2/24 2001:db8:241::2/64 f e80::d2:1

D2
VLAN 242 192.168.242.1/24 2001:db8:242::1/64 f e80::d2:2

D2
VLAN 243 192.168.243.1/24 2001:db8:243::1/64 f e80::d2:3
A1 VLAN 250 10.165.250.2/24 2001:db8:24a::2/64 f e80::a1:1

PC1 NIC DHCP SLAAC EUI-64/CGA


PC2 NIC 10.165.251.5/24 2001:db8:24b::5/64 EUI-64/CGA

PC3 NIC DHCP SLAAC EUI-64/CGA


PC4 NIC DHCP SLAAC EUI-64/CGA

Objectives
Part 1: Build the Network and Configure Basic Device Settings and Interface Addressing
Part 2: Configure Routing to Specifications

Background / Scenario
You have been tasked with conf iguring routing f or the network according to a set of specif ications. You must
be precise and conf igure routing to adhere to the requirements provided.
Note: This lab is an exercise in conf iguring routing options and does not necessarily ref lect networking best
practices.
Note: The routers used with CCNP hands-on labs are Cisco 4221 with Cisco IOS XE Release 16.9.4
(universalk9 image). The switches used in the labs are Cisco Catalyst 3650 with Cisco IOS XE Release
16.9.4 (universalk9 image) and Cisco Catalyst 2960 with Cisco IOS Release 15.2(2) (lanbasek9 image).
Other routers, switches, and Cisco IOS versions can be used. Depending on the model and Cisco IOS
version, the commands available and the output produced might vary f rom what is shown in the labs. Ref er to
the Router Interf ace Summary Table at the end of the lab f or the correct interf ace identif iers.
Note: Make sure that the routers and switches have been erased and have no startup conf igurations. If you
are unsure, contact your instructor.
Note: The def ault Switch Database Manager (SDM) template on a Catalyst 2960 does not support IPv6. You
must change the def ault SDM template to the dual-ipv4-and-ipv6 def ault template using the sdm prefer dual-
ipv4-and-ipv6 default global conf iguration command. Changing the template will require a reboot.
Instructor Note: Ref er to the Instructor Lab Manual f or the procedures to initialize and reload devices.

© 2020 - 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 2 of 41 www.netacad.com
ENARSI Skills Assessment - Configuration

Required Resources
• 3 Routers (Cisco 4221 with Cisco IOS XE Release 16.9.4 universal image or comparable)
• 2 Switches (Cisco 3650 with Cisco IOS XE Release 16.9.4 universal image or comparable)
• 1 Switch (Cisco 2960 with Cisco IOS Release 15.2(2) lanbasek9 image or comparable)
• 4 PCs (Choice of Operating System with terminal emulation program installed)
• Console cables to conf igure the Cisco IOS devices via the console ports
• Ethernet and serial cables as shown in the topology

Instructions

Part 1: Build the Network and Configure Basic Device Settings and Interface
Addressing
In Part 1, you will set up the network topology and conf igure basic settings and interf ace addressing on
routers.

Step 1: Cable the network as shown in the topology.


Attach the devices as shown in the topology diagram, and cable as necessary.

Step 2: Configure basic settings for each device.


a. Console into each device, enter global conf iguration mode, and apply the basic settings. The startup
conf igurations f or each device are provided below.
Instructor Note: Each device should have the enarsi directory in f lash with the appropriate reset.tcl s cript existing
there. If not, use the f ollowing scripts to create them:
Router Reset Script
enable
delete /force /recursive flash:/enarsi
mkdir flash:/enarsi

tclsh
puts [ open "flash:/enarsi/reset.tcl" w+ ] {
typeahead "\n"
copy running-config startup-config
typeahead "\n"
erase startup-config
puts "Reloading the router"
typeahead "\n"
reload
}
tclquit
D1/D2 (Cisco 3650) Reset Script - The def ault 3650 SDM template supports IPv6, so it is not set by this
script.
enable

© 2020 - 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 3 of 41 www.netacad.com
ENARSI Skills Assessment - Configuration

delete /force /recursive flash:/enarsi


mkdir flash:/enarsi

tclsh
puts [ open "flash:/enarsi/reset.tcl" w+ ] {
typeahead "\n"
copy running-config startup-config
typeahead "\n"
erase startup-config
delete /force vlan.dat
puts "Reloading the switch"
typeahead "\n"
reload
}
tclquit
A1 (Cisco 2960 Script) - The def ault 2960 SDM template does not support IPv6, so this script includes that
setting.
enable
delete /force /recursive flash:/enarsi
mkdir flash:/enarsi

tclsh
puts [ open "flash:/enarsi/reset.tcl" w+ ] {
typeahead "\n"
copy running-config startup-config
typeahead "\n"
erase startup-config
delete /force vlan.dat
delete /force multiple-fs
ios_config "sdm prefer lanbase-routing"
typeahead "\n"
puts "Reloading the switch in 1 minute, type reload cancel to halt"
typeahead "\n"
reload
}
tclquit
Router R1
hostname R1
no ip domain lookup
ipv6 unicast-routing
banner motd # This is R1, ENARSI SA Part 1 #
enable secret cisco12345

© 2020 - 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 4 of 41 www.netacad.com
ENARSI Skills Assessment - Configuration

username admin privilege 15 algorithm-type scrypt secret cisco12345


interface g0/0/0
ip address 209.165.200.1 255.255.255.0
ipv6 address fe80::1:1 link-local
ipv6 address 2001:db8:200::1/64
no shutdown
exit
interface g0/0/1
ip address 10.165.249.1 255.255.255.0
ipv6 address fe80::1:2 link-local
ipv6 address 2001:db8:249::1/64
no shutdown
exit
interface s0/1/0
ip address 209.165.202.1 255.255.255.0
ipv6 address fe80::1:3 link-local
ipv6 address 2001:db8:202::1/64
no shutdown
exit
interface s0/1/1
ip address 209.165.203.1 255.255.255.0
ipv6 address fe80::1:4 link-local
ipv6 address 2001:db8:203::1/64
no shutdown
exit
interface loopback 0
ip address 10.0.0.1 255.255.255.0
ipv6 address fe80::1:5 link-local
ipv6 address 2001:db8:10::1/64
no shutdown
exit
interface loopback 1
ip address 10.165.248.1 255.255.255.0
ipv6 address fe80::1:6 link-local
ipv6 address 2001:db8:248::1/64
no shutdown
exit
line con 0
logging synchronous
exec-timeout 0 0
exit
line vty 0 4
login local
transport input telnet
exec-timeout 5 0

© 2020 - 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 5 of 41 www.netacad.com
ENARSI Skills Assessment - Configuration

exit
alias exec reset.now tclsh flash:/enarsi/reset.tcl
end
Router R2
hostname R2
no ip domain lookup
ipv6 unicast-routing
banner motd # This is R2, ENARSI SA Part 1 #
enable secret cisco12345
username admin privilege 15 algorithm-type scrypt secret cisco12345
interface g0/0/0
ip address 209.165.200.2 255.255.255.0
ipv6 address fe80::2:1 link-local
ipv6 address 2001:db8:200::2/64
no shutdown
exit
interface g0/0/1
ip address 209.165.201.2 255.255.255.0
ipv6 address fe80::2:2 link-local
ipv6 address 2001:db8:201::2/64
no shutdown
exit
interface loopback 0
ip address 172.16.0.1 255.255.255.0
ipv6 address fe80::2:3 link-local
ipv6 address 2001:db8:172::1/64
no shutdown
exit
interface loopback 1
ip address 209.165.224.1 255.255.255.0
ipv6 address fe80::2:4 link-local
ipv6 address 2001:db8:224::1/64
no shutdown
exit
line con 0
logging synchronous
exec-timeout 0 0
exit
line vty 0 4
login local
transport input telnet
exec-timeout 5 0
exit
alias exec reset.now tclsh flash:/enarsi/reset.tcl
end

© 2020 - 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 6 of 41 www.netacad.com
ENARSI Skills Assessment - Configuration

Router R3
hostname R3
no ip domain lookup
ipv6 unicast-routing
banner motd # This is R3, ENARSI SA Part 1 #
enable secret cisco12345
username admin privilege 15 algorithm-type scrypt secret cisco12345
interface g0/0/0
ip address 209.165.201.1 255.255.255.0
ipv6 address fe80::3:1 link-local
ipv6 address 2001:db8:201::1/64
no shutdown
exit
interface g0/0/1
ip address 192.168.241.1 255.255.255.0
ipv6 address fe80::3:2 link-local
ipv6 address 2001:db8:241::1/64
no shutdown
exit
interface s0/1/0
ip address 209.165.202.2 255.255.255.0
ipv6 address fe80::3:3 link-local
ipv6 address 2001:db8:202::2/64
no shutdown
exit
interface s0/1/1
ip address 209.165.203.2 255.255.255.0
ipv6 address fe80::3:4 link-local
ipv6 address 2001:db8:203::2/64
no shutdown
exit
interface loopback 0
ip address 192.168.0.1 255.255.255.0
ipv6 address fe80::3:5 link-local
ipv6 address 2001:db8:192::1/64
no shutdown
exit
interface loopback 1
ip address 192.168.240.1 255.255.255.0
ipv6 address fe80::3:6 link-local
ipv6 address 2001:db8:240::1/64
no shutdown
exit
line con 0
logging synchronous

© 2020 - 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 7 of 41 www.netacad.com
ENARSI Skills Assessment - Configuration

exec-timeout 0 0
exit
line vty 0 4
login local
transport input telnet
exec-timeout 5 0
exit
alias exec reset.now tclsh flash:/enarsi/reset.tcl
end
Switch D1
hostname D1
no ip domain lookup
ip routing
ipv6 unicast-routing
banner motd # This is D1, ENARSI SA Part 1 #
enable secret cisco12345
username admin privilege 15 algorithm-type scrypt secret cisco12345
vlan 250
name Users
exit
vlan 251
name Servers
exit
interface range g1/0/1-24
switchport mode access
shutdown
interface g1/0/11
no switchport
ip address 10.165.249.2 255.255.255.0
ipv6 address fe80::d1:1 link-local
ipv6 address 2001:db8:249::2/64
no shutdown
exit
interface g1/0/23
switchport mode access
spanning-tree portfast
switchport access vlan 250
no shutdown
exit
interface vlan 250
ip address 10.165.250.1 255.255.255.0
ipv6 address fe80::d1:2 link-local
ipv6 address 2001:db8:24A::1/64
no shutdown
exit

© 2020 - 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 8 of 41 www.netacad.com
ENARSI Skills Assessment - Configuration

interface vlan 251


ip address 10.165.251.1 255.255.255.0
ipv6 address fe80::d1:3 link-local
ipv6 address 2001:db8:24B::1/64
no shutdown
exit
interface range g1/0/5-6
switchport mode trunk
channel-group 1 mode active
no shutdown
exit
ip dhcp excluded-address 10.165.250.1 10.165.250.5
ip dhcp pool VLAN250DHCP
network 10.165.250.0 255.255.255.0
default-router 10.165.250.1
exit
line con 0
logging synchronous
exec-timeout 0 0
exit
line vty 0 4
login local
transport input telnet
exec-timeout 5 0
exit
alias exec reset.now tclsh flash:/enarsi/reset.tcl
end

Switch D2
hostname D2
no ip domain lookup
ip routing
ipv6 unicast-routing
banner motd # This is D2, ENARSI SA Part 1 #
enable secret cisco12345
username admin privilege 15 algorithm-type scrypt secret cisco12345
vlan 242
name Users
exit
interface range g1/0/1-24
switchport mode access
shutdown
interface g1/0/11
no switchport
ip address 209.165.241.2 255.255.255.0
ipv6 address fe80::d2:1 link-local

© 2020 - 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 9 of 41 www.netacad.com
ENARSI Skills Assessment - Configuration

ipv6 address 2001:db8:241::2/64


no shutdown
exit
interface g1/0/23
switchport mode access
spanning-tree portfast
switchport access vlan 242
no shutdown
exit
interface g1/0/24
switchport mode access
spanning-tree portfast
switchport access vlan 243
no shutdown
exit
interface vlan 242
ip address 192.168.242.1 255.255.255.0
ipv6 address fe80::d2:2 link-local
ipv6 address 2001:db8:242::1/64
no shutdown
exit
interface vlan 243
ip address 192.168.243.1 255.255.255.0
ipv6 address fe80::d1:3 link-local
ipv6 address 2001:db8:243::1/64
no shutdown
exit
ip dhcp excluded-address 192.168.242.1 192.168.242.5
ip dhcp pool VLAN242DHCP
network 192.168.242.0 255.255.255.0
default-router 192.168.242.1
exit
ip dhcp excluded-address 192.168.243.1 192.168.243.5
ip dhcp pool VLAN243DHCP
network 192.168.243.0 255.255.255.0
default-router 192.168.243.1
exit
line con 0
logging synchronous
exec-timeout 0 0
exit
line vty 0 4
login local
transport input telnet
exec-timeout 5 0

© 2020 - 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 10 of 41 www.netacad.com
ENARSI Skills Assessment - Configuration

exit
alias exec reset.now tclsh flash:/enarsi/reset.tcl
end
Switch A1
hostname A1
no ip domain lookup
banner motd # This is A1, ENARSI SA Part 1 #
enable secret cisco12345
username admin privilege 15 algorithm-type scrypt secret cisco12345
vlan 251
name Servers
exit
interface range f0/1-24
switchport mode access
shutdown
exit
interface f0/23
switchport mode access
switchport access vlan 250
spanning-tree portfast
no shutdown
exit
interface f0/24
switchport mode access
switchport access vlan 251
spanning-tree portfast
no shutdown
exit
interface vlan 250
ip address 10.165.250.2 255.255.255.0
ipv6 address fe80::a1:1 link-local
ipv6 address 2001:db8:24A::2/64
no shutdown
exit
ip default-gateway 10.165.250.1
interface f0/23
shutdown
exit
interface range f0/1-3
switchport mode trunk
channel-group 1 mode active
no shutdown
exit
line con 0
logging synchronous

© 2020 - 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 11 of 41 www.netacad.com
ENARSI Skills Assessment - Configuration

exec-timeout 0 0
exit
line vty 0 4
login local
transport input telnet
exec-timeout 5 0
exit
alias exec reset.now tclsh flash:/enarsi/reset.tcl
end
b. Set the clock on each device to UTC time.
c. Save the running conf iguration to startup -conf ig.
d. Verif y the IPv4 and IPv6 conf iguration on hosts as shown in the Addressing Table. PC2 should be
manually conf igured.

Part 2: Configure Routing to Specifications


Implement routing in the network using the f ollowing specif ications .
Note: The enable secret is cisco12345. If you must provide a username, the conf igured username is admin.

Step 1: Configure R1 and D1 to communicate using Named EIGRP.


a. Name the process ENARSI-SA and use autonomous system number 1 f or both IPv4 and IPv6.
b. Use the router id 0.4.10.1 f or R1 and 0.4.10.2 f or D1 with address f amily IPv4.
c. Use the router id 0.6.10.1 f or R1 and 0.6.10.2 f or D1 with address f amily IPv6.
d. Advertise individual IPv4 and IPv6 networks attached to R1 and D1. Do not summarize.
e. Ensure R1 interf ace G0/0/0 does not send or receive EIGRP updates in either address f amily.
f. Ensure D1 will not f orm an EIGRP adjacency on interf ace VLAN 250 or interf ace VLAN 251 in either
address f amily.
Instructor Note: Commands used to complete this step on R1 include those shown below. Note that the option
exists to use passive-interf ace def ault and no passive-interf ace f or specif ic interf aces, or to use passive-interf ace
on specif ic interf aces only.
router eigrp ENARSI-SA
address-family ipv4 unicast autonomous-system 1
eigrp router-id 0.4.10.1
network 10.0.0.0
network 10.165.248.0
network 10.165.249.0
exit-address-family
address-family ipv6 unicast autonomous-system 1
eigrp router-id 0.6.10.1
af-interface g0/0/0
shutdown
exit-af-interface
exit-address-family
exit

© 2020 - 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 12 of 41 www.netacad.com
ENARSI Skills Assessment - Configuration

Instructor Note: Commands used to complete this step on D1 include those shown below. Note that the option
exists to use passive-interf ace def ault and no passive-interf ace f or specif ic interf aces, or to use passive-interf ace
on specif ic interf aces only.
router eigrp ENARSI-SA
address-family ipv4 unicast autonomous-system 1
eigrp router-id 0.4.10.2
network 10.165.249.0
network 10.165.250.0
network 10.165.251.0
af-interface vlan 250
passive-interface
exit
af-interface vlan 251
passive-interface
exit
exit-address-family
address-family ipv6 unicast autonomous-system 1
eigrp router-id 0.6.10.2
af-interface vlan 250
passive-interface
exit
af-interface vlan 251
passive-interface
exit
exit-address-family
exit

Step 2: Configure R1 to speak BGP for AS 10 using Multi-Protocol BGP.


a. Conf igure MP-BGP f or AS 10 and disable the def ault IPv4 behavior.
b. Use the BGP router-id 4.6.10.1.
c. Conf igure neighbor statements as f ollows:
1) Establish adjacency with R2 in AS 172 via G0/0/0 using IPv4 and IPv6.
2) Establish adjacency with R3 in AS 192 via S0/1/0 using IPv4 and IPv6.
3) Establish adjacency with R3 in AS 192 via S0/1/1 using IPv4 and IPv6.
d. Activate the neighbors under the appropriate unicast address f amily.
e. Advertise all of the individual networks in AS 10. Do not summarize.
Instructor Note: Commands used to complete this step include the f ollowing :
router bgp 10
no bgp default ipv4-unicast
bgp router-id 4.6.10.1
neighbor 209.165.200.2 remote-as 172
neighbor 209.165.202.2 remote-as 192
neighbor 209.165.203.2 remote-as 192
neighbor 2001:db8:200::2 remote-as 172

© 2020 - 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 13 of 41 www.netacad.com
ENARSI Skills Assessment - Configuration

neighbor 2001:db8:202::2 remote-as 192


neighbor 2001:db8:203::2 remote-as 192
address-family ipv4 unicast
neighbor 209.165.200.2 activate
neighbor 209.165.202.2 activate
neighbor 209.165.203.2 activate
network 10.165.248.0 mask 255.255.255.0
network 10.165.249.0 mask 255.255.255.0
network 10.165.250.0 mask 255.255.255.0
network 10.165.251.0 mask 255.255.255.0
network 10.0.0.0 mask 255.255.255.0
exit
address-family ipv6 unicast
neighbor 2001:db8:200::2 activate
neighbor 2001:db8:202::2 activate
neighbor 2001:db8:203::2 activate
network 2001:db8:248::/64
network 2001:db8:249::/64
network 2001:db8:24a::/64
network 2001:db8:24b::/64
network 2001:db8:10::/64
exit
exit

Step 3: Configure R1 to redistribute BGP into EIGRP.


Conf igure R1 to redistribute BGP 10 into both EIGRP address f amilies with an appropriate metric.
Instructor Note: Commands used to complete this step include those shown below. Note that the option exists to
use passive-interf ace def ault and no passive-interf ace f or specif ic interf aces, or to use passive-interf ace on
specif ic interf aces only.
router eigrp ENARSI-SA
address-family ipv4 unicast autonomous-system 1
topology base
redistribute bgp 10 metric 1000000 10 255 1 1500
exit
exit-address-family
address-family ipv6 unicast autonomous-system 1
topology base
redistribute bgp 10 metric 1000000 10 255 1 1500
exit
exit

Step 4: Configure R2 to speak BGP for AS 172 using Multi-Protocol BGP.


a. Conf igure static def ault routes f or IPv4 and IPv6 pointed to null0.
b. Conf igure MP-BGP f or AS 172 and disable the def ault IPv4 behavior.
c. Use the BGP router-id 4.6.172.2.

© 2020 - 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 14 of 41 www.netacad.com
ENARSI Skills Assessment - Configuration

d. Conf igure neighbor statements as f ollows:


1) Establish adjacency with R1 in AS 10 via G0/0/0 using IPv4 and IPv6.
2) Establish adjacency with R3 in AS 192 via G0/01 using IPv4 and IPv6.
e. Activate the neighbors under the appropriate unicast address f amily.
f. Advertise all of the individual networks in AS 10. Do not summarize.
1) For the def ault routes, use the network 0.0.0.0 mask 0.0.0.0 and network ::/0 commands.
Instructor Note: Commands used to complete this step include the f ollowing:
ip route 0.0.0.0 0.0.0.0 null0
ipv6 route ::/0 null0
router bgp 172
no bgp default ipv4-unicast
bgp router-id 4.6.172.2
neighbor 209.165.200.1 remote-as 10
neighbor 209.165.201.1 remote-as 192
neighbor 2001:db8:200::1 remote-as 10
neighbor 2001:db8:201::1 remote-as 192
address-family ipv4 unicast
neighbor 209.165.200.1 activate
neighbor 209.165.201.1 activate
network 172.16.0.0 mask 255.255.255.0
network 209.165.224.0
network 0.0.0.0 mask 0.0.0.0
exit
address-family ipv6 unicast
neighbor 2001:db8:200::1 activate
neighbor 2001:db8:201::1 activate
network 2001:db8:172::/64
network 2001:db8:224::/64
network ::/0
exit
exit

Step 5: Configure R3 to speak BGP for AS 192 using Multi-Protocol BGP.


a. Conf igure MP-BGP f or AS 10 and disable the def ault IPv4 behavior.
b. Use the BGP router-id 4.6.192.3.
c. Conf igure neighbor statements as f ollows:
1) Establish adjacency with R2 in AS 172 via G0/0/0 using IPv4 and IPv6.
2) Establish adjacency with R1 in AS 10 via S0/1/0 using IPv4 and IPv6.
3) Establish adjacency with R1 in AS 10 via S0/1/1 using IPv4 and IPv6.
d. Activate the neighbors under the appropriate unicast address f amily.
e. Advertise all of the individual networks in AS 192. Do not summarize.
Instructor Note: Commands used to complete this step include the f ollowing:

© 2020 - 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 15 of 41 www.netacad.com
ENARSI Skills Assessment - Configuration

router bgp 192


no bgp default ipv4-unicast
bgp router-id 4.6.192.3
neighbor 209.165.201.2 remote-as 172
neighbor 209.165.202.1 remote-as 10
neighbor 209.165.203.1 remote-as 10
neighbor 2001:db8:201::2 remote-as 172
neighbor 2001:db8:202::1 remote-as 10
neighbor 2001:db8:203::1 remote-as 10
address-family ipv4 unicast
neighbor 209.165.201.2 activate
neighbor 209.165.202.1 activate
neighbor 209.165.203.1 activate
network 192.168.240.0
network 192.168.241.0
network 192.168.242.0
network 192.168.243.0
network 192.168.0.0
exit
address-family ipv6 unicast
neighbor 2001:db8:201::2 activate
neighbor 2001:db8:202::1 activate
neighbor 2001:db8:203::1 activate
network 2001:db8:240::/64
network 2001:db8:241::/64
network 2001:db8:242::/64
network 2001:db8:243::/64
network 2001:db8:192::/64
exit
exit

Step 6: Configure R3 and D2 to communicate using OSPFv3-Address Families.


a. Use OSPFv3 process-id number 1 on both R3 and D2.
b. Use the router id 0.0.192.3 f or R3 and 0.0.192.2 f or D2.
c. Conf igure R3 interf aces Loopback 0 and Loopback 1 as OSPF point -to-point networks f or both IPv4 and
IPv6.
d. Advertise individual IPv4 and IPv6 networks attached to R3 and D2. Do not summarize.
e. Ensure R3 will not f orm an OSPFv3 adjacency on interf ace G0/0/0 in either address f amily.
f. Ensure D2 will not f orm an OSPFv3 adjacency on interf ace VLAN 250 or interf ace VLAN 251 in either
address f amily.
g. Redistribute BGP 192 into OSPFv3 in both address f amilies. Do not specif y a custom metric or metric -
type.
Instructor Note: Commands used to complete this step on R3 include those shown below. Note that the option
exists to use passive-interf ace def ault and no passive-interf ace f or specif ic interf aces, or to use passive-interf ace
on specif ic interf aces only.

© 2020 - 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 16 of 41 www.netacad.com
ENARSI Skills Assessment - Configuration

router ospfv3 1
router-id 0.0.192.3
address-family ipv4 unicast
passive-interface default
no passive-interface g0/0/1
redistribute bgp 192
exit
address-family ipv6 unicast
passive-interface default
no passive-interface g0/0/1
redistribute bgp 192
exit
exit
interface g0/0/1
ospfv3 1 ipv4 area 0
ospfv3 1 ipv6 area 0
exit
interface loopback 0
ip ospf network point-to-point
ipv6 ospf network point-to-point
ospfv3 1 ipv4 area 0
ospfv3 1 ipv6 area 0
exit
interface loopback 1
ip ospf network point-to-point
ipv6 ospf network point-to-point
ospfv3 1 ipv4 area 0
ospfv3 1 ipv6 area 0
exit
Instructor Note: Commands used to complete this step on D2 include those shown below. Note that the option
exists to use passive-interf ace def ault and no passive-interf ace f or specif ic interf aces, or to use passive-interf ace
on specif ic interf aces only.
router ospfv3 1
router-id 0.0.192.2
address-family ipv4 unicast
passive-interface default
no passive-interface g1/0/11
exit
address-family ipv6 unicast
passive-interface default
no passive-interface g1/0/11
exit
exit
interface g1/0/11
ospfv3 1 ipv4 area 0
ospfv3 1 ipv6 area 0

© 2020 - 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 17 of 41 www.netacad.com
ENARSI Skills Assessment - Configuration

exit
interface vlan 242
ospfv3 1 ipv4 area 0
ospfv3 1 ipv6 area 0
exit
interface vlan 243
ospfv3 1 ipv4 area 0
ospfv3 1 ipv6 area 0
exit
end

Step 7: Verify Operation.


a. BGP path selection should f ollow the shortest AS path in all cases .
1) Traf f ic moving f rom R1 to R3 networks should cross a serial interf ace.
2) Traf f ic moving f rom R1 to R2 or R3 to R2 should cross the GigabitEthernet interf aces.
b. Because there is no security in place, each host should be able to ping every other host and device on
the network.

Router Interface Summary Table


Router Model Ethernet Interface #1 Ethernet Interface #2 Serial Interface #1 Serial Interface #2

Fast Ethernet 0/0 Fast Ethernet 0/1


1800 (F0/0) (F0/1) Serial 0/0/0 (S0/0/0) Serial 0/0/1 (S0/0/1)
Gigabit Ethernet 0/0 Gigabit Ethernet 0/1
1900 (G0/0) (G0/1) Serial 0/0/0 (S0/0/0) Serial 0/0/1 (S0/0/1)
Fast Ethernet 0/0 Fast Ethernet 0/1
2801 (F0/0) (F0/1) Serial 0/1/0 (S0/1/0) Serial 0/1/1 (S0/1/1)
Fast Ethernet 0/0 Fast Ethernet 0/1
2811 (F0/0) (F0/1) Serial 0/0/0 (S0/0/0) Serial 0/0/1 (S0/0/1)
Gigabit Ethernet 0/0 Gigabit Ethernet 0/1
2900 (G0/0) (G0/1) Serial 0/0/0 (S0/0/0) Serial 0/0/1 (S0/0/1)
Gigabit Ethernet 0/0/0 Gigabit Ethernet 0/0/1
4221 (G0/0/0) (G0/0/1) Serial 0/1/0 (S0/1/0) Serial 0/1/1 (S0/1/1)
Gigabit Ethernet 0/0/0 Gigabit Ethernet 0/0/1
4300 (G0/0/0) (G0/0/1) Serial 0/1/0 (S0/1/0) Serial 0/1/1 (S0/1/1)

Note: To f ind out how the router is conf igured, look at the interf aces to identif y the type of router and how many
interf aces the router has. There is no way to ef f ectively list all the combinations of conf igurations f or each router
class. This table includes identif iers f or the possible combinations of Ethernet and Serial interf aces in the device.
The table does not include any other type of interf ace, even though a specif ic router may contain one. An
example of this might be an ISDN BRI interf ace. The string in parenthesis is the legal abbreviation that can be
used in Cisco IOS commands to represent the interf ace.
End of document

© 2020 - 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 18 of 41 www.netacad.com
ENARSI Skills Assessment - Configuration

Device Configs – Final

Router R1
R1# show run
Building configuration...

Current configuration : 5800 bytes


!
version 16.9
service timestamps debug datetime msec
service timestamps log datetime msec
platform qfp utilization monitor load 80
no platform punt-keepalive disable-kernel-core
!
hostname R1
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$i3nW$PAsFaNnxVNL7g8dsGnSx./
!
no aaa new-model
!
no ip domain lookup
!
login on-success log
!
subscriber templating
!
ipv6 unicast-routing
multilink bundle-name authenticated
!
diagnostic bootup level minimal
!
spanning-tree extend system-id
!
username admin privilege 15 secret 9
$9$ZgwX5rg1yDMSH2$opyuVtGAnPj7f54TPAs78Qs3I7T2ivhLXp9NES4wQnk
!
redundancy
mode none
!
interface Loopback0
ip address 10.0.0.1 255.255.255.0
ipv6 address FE80::1:5 link-local
ipv6 address 2001:DB8:10::1/64
!
interface Loopback1

© 2020 - 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 19 of 41 www.netacad.com
ENARSI Skills Assessment - Configuration

ip address 10.165.248.1 255.255.255.0


ipv6 address FE80::1:6 link-local
ipv6 address 2001:DB8:248::1/64
!
interface GigabitEthernet0/0/0
ip address 209.165.200.1 255.255.255.0
negotiation auto
ipv6 address FE80::1:1 link-local
ipv6 address 2001:DB8:200::1/64
!
interface GigabitEthernet0/0/1
ip address 10.165.249.1 255.255.255.0
negotiation auto
ipv6 address FE80::1:2 link-local
ipv6 address 2001:DB8:249::1/64
!
interface Serial0/1/0
ip address 209.165.202.1 255.255.255.0
ipv6 address FE80::1:3 link-local
ipv6 address 2001:DB8:202::1/64
!
interface Serial0/1/1
ip address 209.165.203.1 255.255.255.0
ipv6 address FE80::1:4 link-local
ipv6 address 2001:DB8:203::1/64
!
router eigrp ENARSI-SA
!
address-family ipv4 unicast autonomous-system 1
!
topology base
redistribute bgp 10 metric 1000000 10 255 1 1500
exit-af-topology
network 10.0.0.0
eigrp router-id 0.4.10.1
exit-address-family
!
address-family ipv6 unicast autonomous-system 1
!
af-interface GigabitEthernet0/0/0
shutdown
exit-af-interface
!
topology base
redistribute bgp 10 metric 1000000 10 255 1 1500
exit-af-topology
eigrp router-id 0.6.10.1
exit-address-family
!
router bgp 10

© 2020 - 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 20 of 41 www.netacad.com
ENARSI Skills Assessment - Configuration

bgp router-id 4.6.10.1


bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor 2001:DB8:200::2 remote-as 172
neighbor 2001:DB8:202::2 remote-as 192
neighbor 2001:DB8:203::2 remote-as 192
neighbor 209.165.200.2 remote-as 172
neighbor 209.165.202.2 remote-as 192
neighbor 209.165.203.2 remote-as 192
!
address-family ipv4
network 10.0.0.0 mask 255.255.255.0
network 10.165.248.0 mask 255.255.255.0
network 10.165.249.0 mask 255.255.255.0
network 10.165.250.0 mask 255.255.255.0
network 10.165.251.0 mask 255.255.255.0
neighbor 209.165.200.2 activate
neighbor 209.165.202.2 activate
neighbor 209.165.203.2 activate
exit-address-family
!
address-family ipv6
network 2001:DB8:10::/64
network 2001:DB8:248::/64
network 2001:DB8:249::/64
network 2001:DB8:24A::/64
network 2001:DB8:24B::/64
neighbor 2001:DB8:200::2 activate
neighbor 2001:DB8:202::2 activate
neighbor 2001:DB8:203::2 activate
exit-address-family
!
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
!
control-plane
!
banner motd ^C This is R1, ENARSI SA Part 1 ^C
alias exec reset.now tclsh flash:/enarsi/reset.tcl
!
line con 0
exec-timeout 0 0
logging synchronous
transport input none
stopbits 1
line aux 0
stopbits 1
line vty 0 4

© 2020 - 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 21 of 41 www.netacad.com
ENARSI Skills Assessment - Configuration

exec-timeout 5 0
login local
transport input telnet
!
end

Router R2
R2# show run
Building configuration...

Current configuration : 4762 bytes


!
version 16.9
service timestamps debug datetime msec
service timestamps log datetime msec
platform qfp utilization monitor load 80
no platform punt-keepalive disable-kernel-core
!
hostname R2
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$0hz6$/cF4u1wUcY9ssD.S/Npo41
!
no aaa new-model
!
no ip domain lookup
!
login on-success log
!
subscriber templating
!
ipv6 unicast-routing
multilink bundle-name authenticated
!
diagnostic bootup level minimal
!
spanning-tree extend system-id
!
username admin privilege 15 secret 9
$9$.JcOt7LrpkBWq0$qT8H9p97PyDqEJ1VRZrmj8mp2L9wOvmnUei09Nl6M7U
!
redundancy
mode none
!
interface Loopback0
ip address 172.16.0.1 255.255.255.0

© 2020 - 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 22 of 41 www.netacad.com
ENARSI Skills Assessment - Configuration

ipv6 address FE80::2:3 link-local


ipv6 address 2001:DB8:172::1/64
!
interface Loopback1
ip address 209.165.224.1 255.255.255.0
ipv6 address FE80::2:4 link-local
ipv6 address 2001:DB8:224::1/64
!
interface GigabitEthernet0/0/0
ip address 209.165.200.2 255.255.255.0
negotiation auto
ipv6 address FE80::2:1 link-local
ipv6 address 2001:DB8:200::2/64
!
interface GigabitEthernet0/0/1
ip address 209.165.201.2 255.255.255.0
negotiation auto
ipv6 address FE80::2:2 link-local
ipv6 address 2001:DB8:201::2/64
!
router bgp 172
bgp router-id 4.6.172.2
bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor 2001:DB8:200::1 remote-as 10
neighbor 2001:DB8:201::1 remote-as 192
neighbor 209.165.200.1 remote-as 10
neighbor 209.165.201.1 remote-as 192
!
address-family ipv4
network 0.0.0.0
network 172.16.0.0 mask 255.255.255.0
network 209.165.224.0
neighbor 209.165.200.1 activate
neighbor 209.165.201.1 activate
exit-address-family
!
address-family ipv6
network ::/0
network 2001:DB8:172::/64
network 2001:DB8:224::/64
neighbor 2001:DB8:200::1 activate
neighbor 2001:DB8:201::1 activate
exit-address-family
!
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
ip route 0.0.0.0 0.0.0.0 Null0

© 2020 - 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 23 of 41 www.netacad.com
ENARSI Skills Assessment - Configuration

!
ipv6 route ::/0 Null0
!
control-plane
!
banner motd ^C This is R2, ENARSI SA Part 1 ^C
alias exec reset.now tclsh flash:/enarsi/reset.tcl
!
line con 0
exec-timeout 0 0
logging synchronous
transport input none
stopbits 1
line aux 0
stopbits 1
line vty 0 4
exec-timeout 5 0
login local
transport input telnet
!
end

Router R3
R3# show run
Building configuration...

Current configuration : 5863 bytes


!
version 16.9
service timestamps debug datetime msec
service timestamps log datetime msec
platform qfp utilization monitor load 80
no platform punt-keepalive disable-kernel-core
!
hostname R3
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$XU2w$tRZEn5rFHZG3QuOJ5hNAm.
!
no aaa new-model
!
no ip domain lookup
!
login on-success log
!
subscriber templating

© 2020 - 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 24 of 41 www.netacad.com
ENARSI Skills Assessment - Configuration

!
ipv6 unicast-routing
multilink bundle-name authenticated
!
diagnostic bootup level minimal
!
spanning-tree extend system-id
!
username admin privilege 15 secret 9
$9$rgAPMVhFfFn7Cu$9S64DkcIhU2PNDhSoSkg.HRSQRya3H2TWOgYKkWwGeU
!
redundancy
mode none
!
interface Loopback0
ip address 192.168.0.1 255.255.255.0
ip ospf network point-to-point
ipv6 address FE80::3:5 link-local
ipv6 address 2001:DB8:192::1/64
ospfv3 1 ipv4 area 0
ospfv3 1 ipv6 area 0
ospfv3 1 ipv6 network point-to-point
!
interface Loopback1
ip address 192.168.240.1 255.255.255.0
ip ospf network point-to-point
ipv6 address FE80::3:6 link-local
ipv6 address 2001:DB8:240::1/64
ospfv3 1 ipv4 area 0
ospfv3 1 ipv6 area 0
ospfv3 1 ipv6 network point-to-point
!
interface GigabitEthernet0/0/0
ip address 209.165.201.1 255.255.255.0
negotiation auto
ipv6 address FE80::3:1 link-local
ipv6 address 2001:DB8:201::1/64
!
interface GigabitEthernet0/0/1
ip address 192.168.241.1 255.255.255.0
negotiation auto
ipv6 address FE80::3:2 link-local
ipv6 address 2001:DB8:241::1/64
ospfv3 1 ipv6 area 0
ospfv3 1 ipv4 area 0
!
interface Serial0/1/0
ip address 209.165.202.2 255.255.255.0
ipv6 address FE80::3:3 link-local
ipv6 address 2001:DB8:202::2/64

© 2020 - 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 25 of 41 www.netacad.com
ENARSI Skills Assessment - Configuration

!
interface Serial0/1/1
ip address 209.165.203.2 255.255.255.0
ipv6 address FE80::3:4 link-local
ipv6 address 2001:DB8:203::2/64
!
router ospfv3 1
router-id 0.0.192.3
!
address-family ipv4 unicast
redistribute bgp 192
passive-interface default
no passive-interface GigabitEthernet0/0/1
exit-address-family
!
address-family ipv6 unicast
passive-interface default
no passive-interface GigabitEthernet0/0/1
redistribute bgp 192
exit-address-family
!
router bgp 192
bgp router-id 4.6.192.3
bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor 2001:DB8:201::2 remote-as 172
neighbor 2001:DB8:202::1 remote-as 10
neighbor 2001:DB8:203::1 remote-as 10
neighbor 209.165.201.2 remote-as 172
neighbor 209.165.202.1 remote-as 10
neighbor 209.165.203.1 remote-as 10
!
address-family ipv4
network 192.168.0.0
network 192.168.240.0
network 192.168.241.0
network 192.168.242.0
network 192.168.243.0
neighbor 209.165.201.2 activate
neighbor 209.165.202.1 activate
neighbor 209.165.203.1 activate
exit-address-family
!
address-family ipv6
network 2001:DB8:192::/64
network 2001:DB8:240::/64
network 2001:DB8:241::/64
network 2001:DB8:242::/64
network 2001:DB8:243::/64
neighbor 2001:DB8:201::2 activate

© 2020 - 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 26 of 41 www.netacad.com
ENARSI Skills Assessment - Configuration

neighbor 2001:DB8:202::1 activate


neighbor 2001:DB8:203::1 activate
exit-address-family
!
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
!
control-plane
!
banner motd ^C This is R3, ENARSI SA Part 1 ^C
alias exec reset.now tclsh flash:/enarsi/reset.tcl
!
line con 0
exec-timeout 0 0
logging synchronous
transport input none
stopbits 1
line aux 0
stopbits 1
line vty 0 4
exec-timeout 5 0
login local
transport input telnet
!
end

Switch D1
D1# show run
Building configuration...

Current configuration : 6056 bytes


!
version 16.9
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no platform punt-keepalive disable-kernel-core
!
hostname D1
!
vrf definition Mgmt-vrf
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family

© 2020 - 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 27 of 41 www.netacad.com
ENARSI Skills Assessment - Configuration

!
enable secret 5 $1$h1SX$EP/9YI.JI5Ezo9xqSeFPH0
!
no aaa new-model
switch 1 provision ws-c3650-24td
!
ip routing
!
no ip domain lookup
ip dhcp excluded-address 10.165.250.1 10.165.250.5
!
ip dhcp pool VLAN250DHCP
network 10.165.250.0 255.255.255.0
default-router 10.165.250.1
!
login on-success log
ipv6 unicast-routing
!
license boot level ipservicesk9
!
diagnostic bootup level minimal
!
spanning-tree mode rapid-pvst
spanning-tree extend system-id
!
username admin privilege 15 secret 9
$9$TST/qp2wBgPRPE$0zzcVAgyPgDETLaDsVKxNG2QjvXU/iplLQC8EFInbNc
!
redundancy
mode sso
!
transceiver type all
monitoring
!
class-map match-any system-cpp-police-topology-control
description Topology control
class-map match-any system-cpp-police-sw-forward
description Sw forwarding, L2 LVX data, LOGGING
class-map match-any system-cpp-default
description Inter FED, EWLC control, EWLC data
class-map match-any system-cpp-police-sys-data
description Learning cache ovfl, High Rate App, Exception, EGR Exception,
NFLSAMPLED DATA, RPF Failed
class-map match-any system-cpp-police-punt-webauth
description Punt Webauth
class-map match-any system-cpp-police-l2lvx-control
description L2 LVX control packets
class-map match-any system-cpp-police-forus
description Forus Address resolution and Forus traffic
class-map match-any system-cpp-police-multicast-end-station

© 2020 - 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 28 of 41 www.netacad.com
ENARSI Skills Assessment - Configuration

description MCAST END STATION


class-map match-any system-cpp-police-multicast
description Transit Traffic and MCAST Data
class-map match-any system-cpp-police-l2-control
description L2 control
class-map match-any system-cpp-police-dot1x-auth
description DOT1X Auth
class-map match-any system-cpp-police-data
description ICMP redirect, ICMP_GEN and BROADCAST
class-map match-any system-cpp-police-stackwise-virt-control
description Stackwise Virtual
class-map match-any non-client-nrt-class
class-map match-any system-cpp-police-routing-control
description Routing control and Low Latency
class-map match-any system-cpp-police-protocol-snooping
description Protocol snooping
class-map match-any system-cpp-police-dhcp-snooping
description DHCP snooping
class-map match-any system-cpp-police-system-critical
description System Critical and Gold Pkt
!
policy-map system-cpp-policy
!
interface Port-channel1
switchport mode trunk
!
interface GigabitEthernet0/0
vrf forwarding Mgmt-vrf
no ip address
negotiation auto
!
interface GigabitEthernet1/0/1
switchport mode access
shutdown
!
interface GigabitEthernet1/0/2
switchport mode access
shutdown
!
interface GigabitEthernet1/0/3
switchport mode access
shutdown
!
interface GigabitEthernet1/0/4
switchport mode access
shutdown
!
interface GigabitEthernet1/0/5
switchport mode trunk
channel-group 1 mode active

© 2020 - 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 29 of 41 www.netacad.com
ENARSI Skills Assessment - Configuration

!
interface GigabitEthernet1/0/6
switchport mode trunk
channel-group 1 mode active
!
interface GigabitEthernet1/0/7
switchport mode access
shutdown
!
interface GigabitEthernet1/0/8
switchport mode access
shutdown
!
interface GigabitEthernet1/0/9
switchport mode access
shutdown
!
interface GigabitEthernet1/0/10
switchport mode access
shutdown
!
interface GigabitEthernet1/0/11
no switchport
ip address 10.165.249.2 255.255.255.0
ipv6 address FE80::D1:1 link-local
ipv6 address 2001:DB8:249::2/64
!
interface GigabitEthernet1/0/12
switchport mode access
shutdown
!
interface GigabitEthernet1/0/13
switchport mode access
shutdown
!
interface GigabitEthernet1/0/14
switchport mode access
shutdown
!
interface GigabitEthernet1/0/15
switchport mode access
shutdown
!
interface GigabitEthernet1/0/16
switchport mode access
shutdown
!
interface GigabitEthernet1/0/17
switchport mode access
shutdown

© 2020 - 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 30 of 41 www.netacad.com
ENARSI Skills Assessment - Configuration

!
interface GigabitEthernet1/0/18
switchport mode access
shutdown
!
interface GigabitEthernet1/0/19
switchport mode access
shutdown
!
interface GigabitEthernet1/0/20
switchport mode access
shutdown
!
interface GigabitEthernet1/0/21
switchport mode access
shutdown
!
interface GigabitEthernet1/0/22
switchport mode access
shutdown
!
interface GigabitEthernet1/0/23
switchport access vlan 250
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/24
switchport mode access
shutdown
!
interface GigabitEthernet1/1/1
!
interface GigabitEthernet1/1/2
!
interface TenGigabitEthernet1/1/3
!
interface TenGigabitEthernet1/1/4
!
interface Vlan1
no ip address
!
interface Vlan250
ip address 10.165.250.1 255.255.255.0
ipv6 address FE80::D1:2 link-local
ipv6 address 2001:DB8:24A::1/64
!
interface Vlan251
ip address 10.165.251.1 255.255.255.0
ipv6 address FE80::D1:3 link-local
ipv6 address 2001:DB8:24B::1/64

© 2020 - 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 31 of 41 www.netacad.com
ENARSI Skills Assessment - Configuration

!
router eigrp ENARSI-SA
!
address-family ipv4 unicast autonomous-system 1
!
af-interface Vlan250
passive-interface
exit-af-interface
!
af-interface Vlan251
passive-interface
exit-af-interface
!
topology base
exit-af-topology
network 10.0.0.0
eigrp router-id 0.4.10.2
exit-address-family
!
address-family ipv6 unicast autonomous-system 1
!
af-interface Vlan250
passive-interface
exit-af-interface
!
af-interface Vlan251
passive-interface
exit-af-interface
!
topology base
exit-af-topology
eigrp router-id 0.6.10.2
exit-address-family
!
ip forward-protocol nd
ip http server
ip http secure-server
!
control-plane
service-policy input system-cpp-policy
!
banner motd ^C This is D1, ENARSI SA Part 1 ^C
alias exec reset.now tclsh flash:/enarsi/reset.tcl
!
line con 0
exec-timeout 0 0
logging synchronous
stopbits 1
line aux 0
stopbits 1

© 2020 - 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 32 of 41 www.netacad.com
ENARSI Skills Assessment - Configuration

line vty 0 4
exec-timeout 5 0
login local
transport input telnet
line vty 5 15
login
!
end

Switch D2
D2# show run
Building configuration...

Current configuration : 8537 bytes


!
version 16.9
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
! Call-home is enabled by Smart-Licensing.
service call-home
no platform punt-keepalive disable-kernel-core
!
hostname D2
!
vrf definition Mgmt-vrf
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
!
enable secret 5 $1$3nks$rSkbJF9PTw7PcUVSoXbsh0
!
no aaa new-model
switch 1 provision ws-c3650-24td
!
ip routing
!
no ip domain lookup
ip dhcp excluded-address 192.168.242.1 192.168.242.5
ip dhcp excluded-address 192.168.243.1 192.168.243.5
!
ip dhcp pool VLAN242DHCP
network 192.168.242.0 255.255.255.0
default-router 192.168.242.1
!
ip dhcp pool VLAN243DHCP

© 2020 - 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 33 of 41 www.netacad.com
ENARSI Skills Assessment - Configuration

network 192.168.243.0 255.255.255.0


default-router 192.168.243.1
!
login on-success log
ipv6 unicast-routing
!
license boot level ipservicesk9
!
diagnostic bootup level minimal
!
spanning-tree mode rapid-pvst
spanning-tree extend system-id
!
username admin privilege 15 secret 9
$9$BtIeOeiXAsJMHE$kIykk/3Wal3iCUvdXiJRay1Oh7MAw5nuwRMWuTpBYCg
!
redundancy
mode sso
!
transceiver type all
monitoring
!
class-map match-any system-cpp-police-topology-control
description Topology control
class-map match-any system-cpp-police-sw-forward
description Sw forwarding, L2 LVX data, LOGGING
class-map match-any system-cpp-default
description Inter FED, EWLC control, EWLC data
class-map match-any system-cpp-police-sys-data
description Learning cache ovfl, High Rate App, Exception, EGR Exception,
NFLSAMPLED DATA, RPF Failed
class-map match-any system-cpp-police-punt-webauth
description Punt Webauth
class-map match-any system-cpp-police-l2lvx-control
description L2 LVX control packets
class-map match-any system-cpp-police-forus
description Forus Address resolution and Forus traffic
class-map match-any system-cpp-police-multicast-end-station
description MCAST END STATION
class-map match-any system-cpp-police-multicast
description Transit Traffic and MCAST Data
class-map match-any system-cpp-police-l2-control
description L2 control
class-map match-any system-cpp-police-dot1x-auth
description DOT1X Auth
class-map match-any system-cpp-police-data
description ICMP redirect, ICMP_GEN and BROADCAST
class-map match-any system-cpp-police-stackwise-virt-control
description Stackwise Virtual
class-map match-any non-client-nrt-class

© 2020 - 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 34 of 41 www.netacad.com
ENARSI Skills Assessment - Configuration

class-map match-any system-cpp-police-routing-control


description Routing control and Low Latency
class-map match-any system-cpp-police-protocol-snooping
description Protocol snooping
class-map match-any system-cpp-police-dhcp-snooping
description DHCP snooping
class-map match-any system-cpp-police-system-critical
description System Critical and Gold Pkt
!
policy-map system-cpp-policy
!
interface GigabitEthernet0/0
vrf forwarding Mgmt-vrf
no ip address
negotiation auto
!
interface GigabitEthernet1/0/1
switchport mode access
shutdown
!
interface GigabitEthernet1/0/2
switchport mode access
shutdown
!
interface GigabitEthernet1/0/3
switchport mode access
shutdown
!
interface GigabitEthernet1/0/4
switchport mode access
shutdown
!
interface GigabitEthernet1/0/5
switchport mode access
shutdown
!
interface GigabitEthernet1/0/6
switchport mode access
shutdown
!
interface GigabitEthernet1/0/7
switchport mode access
shutdown
!
interface GigabitEthernet1/0/8
switchport mode access
shutdown
!
interface GigabitEthernet1/0/9
switchport mode access

© 2020 - 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 35 of 41 www.netacad.com
ENARSI Skills Assessment - Configuration

shutdown
!
interface GigabitEthernet1/0/10
switchport mode access
shutdown
!
interface GigabitEthernet1/0/11
no switchport
ip address 209.165.241.2 255.255.255.0
ipv6 address FE80::D2:1 link-local
ipv6 address 2001:DB8:241::2/64
ospfv3 1 ipv6 area 0
ospfv3 1 ipv4 area 0
!
interface GigabitEthernet1/0/12
switchport mode access
shutdown
!
interface GigabitEthernet1/0/13
switchport mode access
shutdown
!
interface GigabitEthernet1/0/14
switchport mode access
shutdown
!
interface GigabitEthernet1/0/15
switchport mode access
shutdown
!
interface GigabitEthernet1/0/16
switchport mode access
shutdown
!
interface GigabitEthernet1/0/17
switchport mode access
shutdown
!
interface GigabitEthernet1/0/18
switchport mode access
shutdown
!
interface GigabitEthernet1/0/19
switchport mode access
shutdown
!
interface GigabitEthernet1/0/20
switchport mode access
shutdown
!

© 2020 - 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 36 of 41 www.netacad.com
ENARSI Skills Assessment - Configuration

interface GigabitEthernet1/0/21
switchport mode access
shutdown
!
interface GigabitEthernet1/0/22
switchport mode access
shutdown
!
interface GigabitEthernet1/0/23
switchport access vlan 242
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/24
switchport access vlan 243
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/1/1
!
interface GigabitEthernet1/1/2
!
interface TenGigabitEthernet1/1/3
!
interface TenGigabitEthernet1/1/4
!
interface Vlan1
no ip address
!
interface Vlan242
ip address 192.168.242.1 255.255.255.0
ipv6 address FE80::D2:2 link-local
ipv6 address 2001:DB8:242::1/64
ospfv3 1 ipv6 area 0
ospfv3 1 ipv4 area 0
!
interface Vlan243
ip address 192.168.243.1 255.255.255.0
ipv6 address FE80::D1:3 link-local
ipv6 address 2001:DB8:243::1/64
ospfv3 1 ipv6 area 0
ospfv3 1 ipv4 area 0
!
router ospfv3 1
router-id 0.0.192.2
!
address-family ipv4 unicast
passive-interface default
no passive-interface GigabitEthernet1/0/11
exit-address-family

© 2020 - 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 37 of 41 www.netacad.com
ENARSI Skills Assessment - Configuration

!
address-family ipv6 unicast
passive-interface default
no passive-interface GigabitEthernet1/0/11
exit-address-family
!
ip forward-protocol nd
ip http server
ip http secure-server
!
control-plane
service-policy input system-cpp-policy
!
banner motd ^C This is D2, ENARSI SA Part 1 ^C
alias exec reset.now tclsh flash:/enarsi/reset.tcl
!
line con 0
exec-timeout 0 0
logging synchronous
stopbits 1
line aux 0
stopbits 1
line vty 0 4
exec-timeout 5 0
login local
transport input telnet
line vty 5 15
login
!
end

Switch A1
A1# show run
Building configuration...

Current configuration : 2913 bytes


!
version 15.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname A1
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$bzXo$MB8eSj50SJX0CYl0asS/X.

© 2020 - 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 38 of 41 www.netacad.com
ENARSI Skills Assessment - Configuration

!
username admin privilege 15 secret 9
$9$0q7QXDhijplHc1$sUT0sCoRPpUoTTIxokrQb3j9VGMiOd/w3RdCLZirVJQ
no aaa new-model
system mtu routing 1500
!
no ip domain-lookup
!
spanning-tree mode rapid-pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
!
interface Port-channel1
switchport mode trunk
!
interface FastEthernet0/1
switchport mode trunk
channel-group 1 mode active
!
interface FastEthernet0/2
switchport mode trunk
channel-group 1 mode active
!
interface FastEthernet0/3
switchport mode trunk
channel-group 1 mode active
!
interface FastEthernet0/4
switchport mode access
shutdown
!
interface FastEthernet0/5
switchport mode access
shutdown
!
interface FastEthernet0/6
switchport mode access
shutdown
!
interface FastEthernet0/7
switchport mode access
shutdown
!
interface FastEthernet0/8
switchport mode access
shutdown
!
interface FastEthernet0/9

© 2020 - 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 39 of 41 www.netacad.com
ENARSI Skills Assessment - Configuration

switchport mode access


shutdown
!
interface FastEthernet0/10
switchport mode access
shutdown
!
interface FastEthernet0/11
switchport mode access
shutdown
!
interface FastEthernet0/12
switchport mode access
shutdown
!
interface FastEthernet0/13
switchport mode access
shutdown
!
interface FastEthernet0/14
switchport mode access
shutdown
!
interface FastEthernet0/15
switchport mode access
shutdown
!
interface FastEthernet0/16
switchport mode access
shutdown
!
interface FastEthernet0/17
switchport mode access
shutdown
!
interface FastEthernet0/18
switchport mode access
shutdown
!
interface FastEthernet0/19
switchport mode access
shutdown
!
interface FastEthernet0/20
switchport mode access
shutdown
!
interface FastEthernet0/21
switchport mode access
shutdown

© 2020 - 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 40 of 41 www.netacad.com
ENARSI Skills Assessment - Configuration

!
interface FastEthernet0/22
switchport mode access
shutdown
!
interface FastEthernet0/23
switchport access vlan 250
switchport mode access
shutdown
spanning-tree portfast edge
!
interface FastEthernet0/24
switchport access vlan 251
switchport mode access
spanning-tree portfast edge
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
no ip address
!
interface Vlan250
ip address 10.165.250.2 255.255.255.0
ipv6 address FE80::A1:1 link-local
ipv6 address 2001:DB8:24A::2/64
!
ip default-gateway 10.165.250.1
ip http server
ip http secure-server
!
banner motd ^C This is A1, ENARSI SA Part 1 ^C
alias exec reset.now tclsh flash:/enarsi/reset.tcl
!
line con 0
exec-timeout 0 0
logging synchronous
line vty 0 4
exec-timeout 5 0
login local
transport input telnet
line vty 5 15
login
!
end

© 2020 - 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 41 of 41 www.netacad.com

You might also like