It's been close to a year since the CCNP Security exams were renewed. There's already some few rants on when the new 300-207 SITCS book will be officially released. Cisco guru Keith Barker also tweeted around late last year that he's just waiting for some updates from folks at Cisco before starting recording his video nuggets for SITCS.
While waiting for the official Cisco press book (by September 2015) and CBT Nugget videos to be released, I've been busy doing ROUTE and SWITCH labs in conjunction with my CCDP studies. This is one of the lab I did for ROUTE regarding policy based routing or PBR.
R1(config)#interface loopback1
*Dec 27 23:49:35.519: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback1,
R1(config-if)#description R1 LAN
R1(config-if)#ip address 192.168.1.1 255.255.255.0
R1(config-if)#interface s0/0/0
R1(config-if)#description R1 --> R2
R1(config-if)#ip address 172.16.12.1 255.255.255.248
R1(config-if)#clock rate 128000
R1(config-if)#bandwidth 128
R1(config-if)#no shutdown
*Dec 27 23:51:05.339: %LINK-3-UPDOWN: Interface Serial0/0/0, changed state to down
R1(config-if)#interface s0/0/1
R1(config-if)#description R1 --> R3
R1(config-if)#ip address 172.16.13.1 255.255.255.248
R1(config-if)#bandwidth 64
R1(config-if)#no shutdown
*Dec 27 23:51:38.891: %LINK-3-UPDOWN: Interface Serial0/0/1, changed state to down
R2(config)#interface loopback2
R2(config-if)#
*Dec 27 22:34:44.835: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback2, changed state to up
R2(config-if)#description R2 LAN
R2(config-if)#ip address 192.168.2.1 255.255.255.0
R2(config-if)#interface s0/0/0
R2(config-if)#description R2 --> R1
R2(config-if)#ip address 172.16.12.2 255.255.255.248
R2(config-if)#bandwidth 128
R2(config-if)#no shutdown
R2(config-if)#
*Dec 27 22:35:32.047: %LINK-3-UPDOWN: Interface Serial0/0/0, changed state to up
*Dec 27 22:35:33.047: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0/0, changed state to up
R2(config-if)#do ping 172.16.12.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.12.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/14/16 ms
R2(config-if)#interface s0/0/1
R2(config-if)#description R2 --> R3
R2(config-if)#ip address 172.16.23.2 255.255.255.248
R2(config-if)#clock rate 128000
R2(config-if)#bandwidth 128
R2(config-if)#no shutdown
R2(config-if)#
*Dec 27 22:36:11.723: %LINK-3-UPDOWN: Interface Serial0/0/1, changed state to down
R3(config)#interface loopback3
R3(config-if)#
*Dec 28 00:00:46.055: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback3, changed state to up
R3(config-if)#description R3 LAN
R3(config-if)#ip address 192.168.3.1 255.255.255.0
R3(config-if)#interface s0/0/0
R3(config-if)#description R3 --> R1
R3(config-if)#ip address 172.16.13.3 255.255.255.248
R3(config-if)#clock rate 64000
R3(config-if)#bandwidth 64
R3(config-if)#no shutdown
R3(config-if)#
*Dec 28 00:01:47.459: %LINK-3-UPDOWN: Interface Serial0/0/0, changed state to up
*Dec 28 00:01:48.459: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0/0, changed state to up
R3(config-if)#do ping 172.16.13.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.13.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/32 ms
R3(config-if)#interface s0/0/1
R3(config-if)#description R3 --> R2
R3(config-if)#ip address 172.16.23.3 255.255.255.248
R3(config-if)#bandwidth 128
R3(config-if)#no shutdown
R3(config-if)#
*Dec 28 00:02:25.503: %LINK-3-UPDOWN: Interface Serial0/0/1, changed state to up
*Dec 28 00:02:26.503: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0/1, changed state to up
R3(config-if)#do ping 172.16.23.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.23.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/14/16 ms
R3(config-if)#interface s0/1/0
R3(config-if)#description R3 --> R4
R3(config-if)#ip address 172.16.34.3 255.255.255.248
R3(config-if)#clock rate 64000
R3(config-if)#bandwidth 64
R3(config-if)#no shutdown
R3(config-if)#
*Dec 28 00:03:16.587: %LINK-3-UPDOWN: Interface Serial0/1/0, changed state to down
R4(config)#interface loopback4
R4(config-if)#
*Dec 27 23:19:15.119: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback4, changed state to up
R4(config-if)#description R4 LAN A
R4(config-if)#ip address 192.168.4.1 255.255.255.128
R4(config-if)#interface loopback5
R4(config-if)#
*Dec 27 23:19:43.931: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback5, changed state to up
R4(config-if)#description R4 LAN B
R4(config-if)#ip address 192.168.4.129 255.255.255.128
R4(config-if)#interface s0/0/0
R4(config-if)#description R4 --> R3
R4(config-if)#ip address 172.16.34.4 255.255.255.248
R4(config-if)#bandwidth 64
R4(config-if)#no shutdown
R4(config-if)#
*Dec 27 23:22:38.507: %LINK-3-UPDOWN: Interface Serial0/0/0, changed state to up
*Dec 27 23:22:39.507: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0/0, changed state to up
R4(config-if)#do ping 172.16.34.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.34.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/28 ms
R3#show ip interface brief | exclude unassigned
Interface IP-Address OK? Method Status Protocol
Serial0/0/0 172.16.13.3 YES manual up up
Serial0/0/1 172.16.23.3 YES manual up up
Serial0/1/0 172.16.34.3 YES manual up up
Loopback3 192.168.3.1 YES manual up up
R3#show protocols | exclude down
Global values:
Internet Protocol routing is enabled
Serial0/0/0 is up, line protocol is up
Internet address is 172.16.13.3/29
Serial0/0/1 is up, line protocol is up
Internet address is 172.16.23.3/29
Serial0/1/0 is up, line protocol is up
Internet address is 172.16.34.3/29
Loopback3 is up, line protocol is up
Internet address is 192.168.3.1/24
R3#show interface description | exclude down
Interface Status Protocol Description
Se0/0/0 up up R3 --> R1
Se0/0/1 up up R3 --> R2
Se0/1/0 up up R3 --> R4
Lo3 up up R3 LAN
R1(config)#router eigrp 1
R1(config-router)#network 192.168.1.0
R1(config-router)#network 172.16.12.0 0.0.0.7
R1(config-router)#network 172.16.13.0 0.0.0.7
R1(config-router)#no auto-summary
R2(config)#router eigrp 1
R2(config-router)#network 192.168.2.0
R2(config-router)#network 172.16.12.0 0.0.0.7
R2(config-router)#
*Dec 27 22:52:07.707: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1: Neighbor 172.16.12.1 (Serial0/0/0) is up: new adjacency
R2(config-router)#network 172.16.23.0 0.0.0.7
R2(config-router)#no auto-summary
R2(config-router)#
*Dec 27 22:52:24.883: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1: Neighbor 172.16.12.1 (Serial0/0/0) is resync: summary configured // PREFER TO ISSUE FIRST THE COMMAND no auto-summary
R3(config)#router eigrp 1
R3(config-router)#no auto-summary
R3(config-router)#network 192.168.3.0
R3(config-router)#network 172.16.13.0 0.0.0.7
R3(config-router)#
*Dec 28 00:15:12.431: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1: Neighbor 172.16.13.1 (Serial0/0/0) is up: new adjacency
R3(config-router)#network 172.16.23.0 0.0.0.7
R3(config-router)#
*Dec 28 00:15:19.771: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1: Neighbor 172.16.23.2 (Serial0/0/1) is up: new adjacency
R3(config-router)#network 172.16.34.0 0.0.0.7
R4(config)#router eigrp 1
R4(config-router)#network 192.168.4.0
R4(config-router)#network 172.16.34.0 0.0.0.7
R4(config-router)#
*Dec 27 23:31:22.139: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1: Neighbor 172.16.34.3 (Serial0/0/0) is up: new adjacency
R4(config-router)#no auto-summary
R4(config-router)#
*Dec 27 23:31:36.979: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1: Neighbor 172.16.34.3 (Serial0/0/0) is resync: summary configured
R1#show ip eigrp neighbors
IP-EIGRP neighbors for process 1
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
1 172.16.13.3 Se0/0/1 14 00:01:56 20 2280 0 24
0 172.16.12.2 Se0/0/0 11 00:03:03 9 1140 0 22
R2#show ip eigrp neighbors
IP-EIGRP neighbors for process 1
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
1 172.16.23.3 Se0/0/1 10 00:04:22 12 1140 0 23
0 172.16.12.1 Se0/0/0 12 00:05:37 10 1140 0 24
R3#show ip eigrp neighbors
IP-EIGRP neighbors for process 1
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
2 172.16.34.4 Se0/1/0 12 00:03:58 24 2280 0 7
1 172.16.23.2 Se0/0/1 10 00:04:43 16 1140 0 23
0 172.16.13.1 Se0/0/0 10 00:04:50 23 2280 0 25
R4#show ip eigrp neighbors
IP-EIGRP neighbors for process 1
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
0 172.16.34.3 Se0/0/0 14 00:00:51 30 2280 0 28
R1#tclsh
R1(tcl)#foreach address {
+>(tcl)#172.16.12.1
+>(tcl)#172.16.12.2
+>(tcl)#172.16.13.1
+>(tcl)#172.16.13.3
+>(tcl)#172.16.23.2
+>(tcl)#172.16.23.3
+>(tcl)#172.16.34.3
+>(tcl)#172.16.34.4
+>(tcl)#192.168.1.1
+>(tcl)#192.168.2.1
+>(tcl)#192.168.3.1
+>(tcl)#192.168.4.1
+>(tcl)#192.168.4.129
+>(tcl)#} { ping $address }
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.12.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/32 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.12.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/14/16 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.13.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 56/56/56 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.13.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/32 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.23.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/15/16 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.23.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/32 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.34.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/28 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.34.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 56/56/56 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.2.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/14/16 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.3.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/28 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.4.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 56/56/56 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.4.129, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 56/56/60 ms
R2#tclsh
R2(tcl)#foreach address {
+>(tcl)#172.16.12.1
+>(tcl)#172.16.12.2
+>(tcl)#172.16.13.1
+>(tcl)#172.16.13.3
+>(tcl)#172.16.23.2
+>(tcl)#172.16.23.3
+>(tcl)#172.16.34.3
+>(tcl)#172.16.34.4
+>(tcl)#192.168.1.1
+>(tcl)#192.168.2.1
+>(tcl)#192.168.3.1
+>(tcl)#192.168.4.1
+>(tcl)#192.168.4.129
+>(tcl)#} { ping $address }
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.12.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/14/16 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.12.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/32 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.13.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/32 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.13.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/15/16 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.23.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/32 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.23.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/14/16 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.34.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/15/16 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.34.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 40/42/44 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/15/16 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.2.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.3.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/15/16 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.4.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 40/42/44 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.4.129, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 40/42/44 ms
R3#tclsh
R3(tcl)#foreach address {
+>(tcl)#172.16.12.1
+>(tcl)#172.16.12.2
+>(tcl)#172.16.13.1
+>(tcl)#172.16.13.3
+>(tcl)#172.16.23.2
+>(tcl)#172.16.23.3
+>(tcl)#172.16.34.3
+>(tcl)#172.16.34.4
+>(tcl)#192.168.1.1
+>(tcl)#192.168.2.1
+>(tcl)#192.168.3.1
+>(tcl)#192.168.4.1
+>(tcl)#192.168.4.129
+>(tcl)#} { ping $address }
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.12.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/32 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.12.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/15/16 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.13.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/28 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.13.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 56/56/60 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.23.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/15/16 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.23.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/32 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.34.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 56/56/56 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.34.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/28 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/28 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.2.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/15/16 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.3.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.4.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/32 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.4.129, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/32 ms
R4#tclsh
R4(tcl)#foreach address {
+>(tcl)#172.16.12.1
+>(tcl)#172.16.12.2
+>(tcl)#172.16.13.1
+>(tcl)#172.16.13.3
+>(tcl)#172.16.23.2
+>(tcl)#172.16.23.3
+>(tcl)#172.16.34.3
+>(tcl)#172.16.34.4
+>(tcl)#192.168.1.1
+>(tcl)#192.168.2.1
+>(tcl)#192.168.3.1
+>(tcl)#192.168.4.1
+>(tcl)#192.168.4.129
+>(tcl)#} { ping $address }
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.12.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 56/56/56 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.12.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 40/42/44 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.13.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 56/56/56 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.13.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/32 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.23.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 40/41/44 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.23.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/29/36 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.34.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/32 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.34.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 56/56/56 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 56/56/60 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.2.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 40/43/44 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.3.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/32 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.4.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.4.129, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms
R1#show ip route // OBSERVE THE NEXT-HOP IP BEFORE PBR
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
172.16.0.0/29 is subnetted, 4 subnets
D 172.16.34.0 [90/41024000] via 172.16.13.3, 00:08:10, Serial0/0/1
D 172.16.23.0 [90/21024000] via 172.16.12.2, 00:08:25, Serial0/0/0
C 172.16.12.0 is directly connected, Serial0/0/0
C 172.16.13.0 is directly connected, Serial0/0/1
192.168.4.0/25 is subnetted, 2 subnets
D 192.168.4.0 [90/41152000] via 172.16.13.3, 00:07:25, Serial0/0/1
D 192.168.4.128 [90/41152000] via 172.16.13.3, 00:07:25, Serial0/0/1
C 192.168.1.0/24 is directly connected, Loopback1
D 192.168.2.0/24 [90/20640000] via 172.16.12.2, 00:08:25, Serial0/0/0
D 192.168.3.0/24 [90/21152000] via 172.16.12.2, 00:08:25, Serial0/0/0
R4#traceroute 192.168.1.1 source 192.168.4.1
Type escape sequence to abort.
Tracing the route to 192.168.1.1
1 172.16.34.3 12 msec 12 msec 16 msec
2 172.16.23.2 20 msec 20 msec 20 msec
3 172.16.12.1 28 msec 24 msec *
R4#traceroute 192.168.1.1 source 192.168.4.129
Type escape sequence to abort.
Tracing the route to 192.168.1.1
1 172.16.34.3 12 msec 12 msec 16 msec
2 172.16.23.2 20 msec 20 msec 20 msec
3 172.16.12.1 28 msec 24 msec *
R3#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
172.16.0.0/29 is subnetted, 4 subnets
C 172.16.34.0 is directly connected, Serial0/1/0
C 172.16.23.0 is directly connected, Serial0/0/1
D 172.16.12.0 [90/21024000] via 172.16.23.2, 00:14:01, Serial0/0/1
C 172.16.13.0 is directly connected, Serial0/0/0
192.168.4.0/25 is subnetted, 2 subnets
D 192.168.4.0 [90/40640000] via 172.16.34.4, 00:13:01, Serial0/1/0
D 192.168.4.128 [90/40640000] via 172.16.34.4, 00:13:01, Serial0/1/0
D 192.168.1.0/24 [90/21152000] via 172.16.23.2, 00:14:02, Serial0/0/1 // R3 PREFERS VIA R2 HOP TO REACH R1 LAN IP SUBNET
D 192.168.2.0/24 [90/20640000] via 172.16.23.2, 00:14:02, Serial0/0/1
C 192.168.3.0/24 is directly connected, Loopback3
R3#show interfaces s0/0/0
Serial0/0/0 is up, line protocol is up
Hardware is GT96K Serial
Description: R3 --> R1
Internet address is 172.16.13.3/29
MTU 1500 bytes, BW 64 Kbit/sec, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation HDLC, loopback not set
Keepalive set (10 sec)
CRC checking enabled
Last input 00:00:01, output 00:00:01, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
525 packets input, 37448 bytes, 0 no buffer
Received 205 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
497 packets output, 36003 bytes, 0 underruns
0 output errors, 0 collisions, 7 interface resets
0 unknown protocol drops
0 output buffer failures, 0 output buffers swapped out
0 carrier transitions
DCD=up DSR=up DTR=up RTS=up CTS=up
R3#show interfaces s0/0/1
Serial0/0/1 is up, line protocol is up
Hardware is GT96K Serial
Description: R3 --> R2
Internet address is 172.16.23.3/29
MTU 1500 bytes, BW 128 Kbit/sec, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation HDLC, loopback not set
Keepalive set (10 sec)
CRC checking enabled
Last input 00:00:02, output 00:00:00, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: weighted fair
Output queue: 0/1000/64/0 (size/max total/threshold/drops)
Conversations 0/1/256 (active/max active/max total)
Reserved Conversations 0/0 (allocated/max allocated)
Available Bandwidth 96 kilobits/sec
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
568 packets input, 41722 bytes, 0 no buffer
Received 208 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
565 packets output, 42025 bytes, 0 underruns
0 output errors, 0 collisions, 7 interface resets
0 unknown protocol drops
0 output buffer failures, 0 output buffers swapped out
0 carrier transitions
DCD=up DSR=up DTR=up RTS=up CTS=up
R3#show ip eigrp topology 192.168.1.0
IP-EIGRP (AS 1): Topology entry for 192.168.1.0/24
State is Passive, Query origin flag is 1, 1 Successor(s), FD is 21152000
Routing Descriptor Blocks:
172.16.23.2 (Serial0/0/1), from 172.16.23.2, Send flag is 0x0
Composite metric is (21152000/20640000), Route is Internal // SUCCESSOR ROUTE, INSALLTED IN ROUTING TABLE
Vector metric:
Minimum bandwidth is 128 Kbit
Total delay is 45000 microseconds
Reliability is 255/255
Load is 1/255
Minimum MTU is 1500
Hop count is 2
172.16.13.1 (Serial0/0/0), from 172.16.13.1, Send flag is 0x0
Composite metric is (40640000/128256), Route is Internal // METRIC FOR R1 LAN IP SUBNET IS HIGHER
Vector metric:
Minimum bandwidth is 64 Kbit
Total delay is 25000 microseconds
Reliability is 255/255
Load is 1/255
Minimum MTU is 1500
Hop count is 1
R3(config)#ip access-list standard PBR_ACL
R3(config-std-nacl)#remark ACL matches R4 LAN B traffic
R3(config-std-nacl)#permit 192.168.4.128 0.0.0.127
R3(config-std-nacl)#exit
R3(config)#route-map ?
WORD Route map tag
R3(config)#route-map R3_TO_R1 ?
<0-65535> Sequence to insert to/delete from existing route-map entry
deny Route map denies set operations
permit Route map permits set operations
<cr>
R3(config)#route-map R3_TO_R1 permit ?
<0-65535> Sequence to insert to/delete from existing route-map entry
<cr>
R3(config)#route-map R3_TO_R1 permit
R3(config-route-map)#?
Route Map configuration commands:
continue Continue on a different entry within the route-map
default Set a command to its defaults
description Route-map comment
exit Exit from route-map configuration mode
help Description of the interactive help system
match Match values from routing table
no Negate a command or set its defaults
set Set values in destination routing protocol
R3(config-route-map)#match ?
as-path Match BGP AS path list
clns CLNS information
community Match BGP community list
extcommunity Match BGP/VPN extended community list
interface Match first hop interface of route
ip IP specific information
ipv6 IPv6 specific information
length Packet length
local-preference Local preference for route
mdt-group Match routes corresponding to MDT group
metric Match metric of route
mpls-label Match routes which have MPLS labels
nlri BGP NLRI type
policy-list Match IP policy list
route-type Match route-type of route
source-protocol Match source-protocol of route
tag Match tag of route
R3(config-route-map)#match ip ?
address Match address of route or match packet
next-hop Match next-hop address of route
route-source Match advertising source address of route
R3(config-route-map)#match ip address ?
<1-199> IP access-list number
<1300-2699> IP access-list number (expanded range)
WORD IP access-list name
prefix-list Match entries of prefix-lists
R3(config-route-map)#match ip address PBR_ACL
R3(config-route-map)#set ?
as-path Prepend string for a BGP AS-path attribute
automatic-tag Automatically compute TAG value
clns OSI summary address
comm-list set BGP community list (for deletion)
community BGP community attribute
dampening Set BGP route flap dampening parameters
default Set default information
extcomm-list Set BGP/VPN extended community list (for deletion)
extcommunity BGP extended community attribute
global Set to global routing table
interface Output interface
ip IP specific information
ipv6 IPv6 specific information
level Where to import route
local-preference BGP local preference path attribute
metric Metric value for destination routing protocol
metric-type Type of metric for destination routing protocol
mpls-label Set MPLS label for prefix
nlri BGP NLRI type
origin BGP origin code
tag Tag value for destination routing protocol
traffic-index BGP traffic classification number for accounting
vrf Define VRF name
weight BGP weight for routing table
R3(config-route-map)#set ip ?
address Specify IP address
default Set default information
df Set DF bit
global global routing table
next-hop Next hop address
precedence Set precedence field
qos-group Set QOS Group ID
tos Set type of service field
vrf VRF name
R3(config-route-map)#set ip next-hop ?
A.B.C.D IP address of next hop
dynamic application dynamically sets next hop
peer-address Use peer address (for BGP only)
recursive Recursive next-hop
verify-availability Verify if nexthop is reachable
R3(config-route-map)#set ip next-hop 172.16.13.1
R3(config-route-map)#exit
R3(config)#interface s0/1/0
R3(config-if)#ip ?
Interface IP configuration subcommands:
access-group Specify access control for packets
accounting Enable IP accounting on this interface
address Set the IP address of an interface
admission Apply Network Admission Control
auth-proxy Apply authentication proxy
authentication authentication subcommands
bandwidth-percent Set EIGRP bandwidth limit
bgp BGP interface commands
broadcast-address Set the broadcast address of an interface
cef Cisco Express Forwarding interface commands
cgmp Enable/disable CGMP
ddns Configure dynamic DNS
dhcp Configure DHCP parameters for this interface
directed-broadcast Enable forwarding of directed broadcasts
dns Configure DNS server
dvmrp DVMRP interface commands
flow NetFlow related commands
header-compression IPHC options
hello-interval Configures IP-EIGRP hello interval
helper-address Specify a destination address for UDP broadcasts
hold-time Configures IP-EIGRP hold time
idle-group Specify interesting packets for idle-timer
igmp IGMP interface commands
information-reply Enable sending ICMP Information Reply messages
inspect Apply inspect name
ips Create IPS rule
irdp ICMP Router Discovery Protocol
load-sharing Style of load sharing
local-proxy-arp Enable local-proxy ARP
mask-reply Enable sending ICMP Mask Reply messages
mobile Mobile IP support
mrm Configure IP Multicast Routing Monitor tester
mroute-cache Enable switching cache for incoming multicast packets
mtu Set IP Maximum Transmission Unit
multicast IP multicast interface commands
nat NAT interface commands
nbar Network-Based Application Recognition
next-hop-self Configures IP-EIGRP next-hop-self
ospf OSPF interface commands
pgm PGM Reliable Transport Protocol
pim PIM interface commands
policy Enable policy routing
proxy-arp Enable proxy ARP
proxy-mobile Enable Proxy Mobile IP services
rarp-server Enable RARP server for static arp entries
rbscp RBSCP subfeatures for this interface
redirects Enable sending ICMP Redirect messages
rgmp Enable/disable RGMP
rip Router Information Protocol
route-cache Enable fast-switching cache for outgoing packets
router IP router interface commands
rsvp RSVP Interface Commands
rtp RTP parameters
sap Session Announcement Protocol interface commands
security DDN IP Security Option
service IP service
split-horizon Perform split horizon
summary-address Perform address summarization
tcp TCP header compression and other parameters
traffic-export Configure this interface for exporting ip traffic
unnumbered Enable IP processing without an explicit address
unreachables Enable sending ICMP Unreachable messages
urd Configure URL Rendezvousing
verify Enable per packet validation
virtual-reassembly Enable Virtual Fragment Reassembly
vrf VPN Routing/Forwarding parameters on the interface
wccp WCCP interface commands
R3(config-if)#ip policy ?
route-map Policy route map
R3(config-if)#ip policy route-map ?
WORD Route map name
R3(config-if)#ip policy route-map R3_TO_R1
R3(config-if)#end
R3#
*Dec 28 00:42:40.059: %SYS-5-CONFIG_I: Configured from console by console
R3#show route-map
route-map R3_TO_R1, permit, sequence 10
Match clauses:
ip address (access-lists): PBR_ACL
Set clauses:
Policy routing matches: 0 packets, 0 bytes // NO PACKETS MATCHING THE ACL YET
R3(config)#access-list 1 permit 192.168.4.0 0.0.0.255 // CREATE STANDARD ACL TO CAPTURE R4 LAN
TRAFFIC
R3(config)#exit
R3#
*Dec 28 00:45:19.615: %SYS-5-CONFIG_I: Configured from console by console
R3#debug ip policy ?
<1-199> Access list
dynamic dynamic PBR
<cr>
R3#debug ip policy 1 // DEBUG PBR
Policy routing debugging is on for access list 1
R3#show debug
Policy Routing:
Policy routing debugging is on for access list 1
R3#
*Dec 28 00:55:39.295: IP: s=192.168.4.1 (Serial0/1/0), d=192.168.1.1, len 28, po
licy rejected -- normal forwarding
*Dec 28 00:55:48.307: IP: s=192.168.4.1 (Serial0/1/0), d=192.168.1.1, len 28, po
licy rejected -- normal forwarding
*Dec 28 00:55:48.323: IP: s=192.168.4.1 (Serial0/1/0), d=192.168.1.1, len 28, po
licy rejected -- normal forwarding
*Dec 28 00:55:48.335: IP: s=192.168.4.1 (Serial0/1/0), d=192.168.1.1, len 28, FI
B policy rejected(no match) - normal forwarding
*Dec 28 00:55:57.355: IP: s=192.168.4.1 (Serial0/1/0), d=192.168.1.1, len 28, FI
B policy rejected(no match) - normal forwarding
*Dec 28 00:55:57.375: IP: s=192.168.4.1 (Serial0/1/0), d=192.168.1.1, len 28, FI
B policy rejected(no match) - normal forwarding
*Dec 28 00:55:57.395: IP: s=192.168.4.1 (Serial0/1/0), d=192.168.1.1, len 28, FI
B policy rejected(no match) - normal forwarding
*Dec 28 00:56:06.423: IP: s=192.168.4.1 (Serial0/1/0), d=192.168.1.1, len 28, FI
B policy rejected(no match) - normal forwarding
*Dec 28 00:56:06.451: IP: s=192.168.4.1 (Serial0/1/0), d=192.168.1.1, len 28, FI
B policy rejected(no match) - normal forwarding
R4#traceroute 192.168.1.1 source 192.168.4.1
Type escape sequence to abort.
Tracing the route to 192.168.1.1
1 172.16.34.3 12 msec 12 msec 16 msec
2 172.16.23.2 20 msec 20 msec 20 msec
3 172.16.12.1 28 msec 24 msec * // R3 > R2 > R1
R3#
*Dec 28 01:00:19.183: IP: s=192.168.4.129 (Serial0/1/0), d=192.168.1.1, len 28,
policy match
*Dec 28 01:00:19.183: IP: route map R3_TO_R1, item 10, permit
*Dec 28 01:00:19.183: IP: s=192.168.4.129 (Serial0/1/0), d=192.168.1.1 (Serial0/
0/0), len 28, policy routed
*Dec 28 01:00:19.183: IP: Serial0/1/0 to Serial0/0/0 172.16.13.1
*Dec 28 01:00:28.199: IP: s=192.168.4.129 (Serial0/1/0), d=192.168.1.1, len 28,
policy match
*Dec 28 01:00:28.199: IP: route map R3_TO_R1, item 10, permit
*Dec 28 01:00:28.199: IP: s=192.168.4.129 (Serial0/1/0), d=192.168.1.1 (Serial0/
0/0), len 28, policy routed
*Dec 28 01:00:28.199: IP: Serial0/1/0 to Serial0/0/0 172.16.13.1
*Dec 28 01:00:28.215: IP: s=192.168.4.129 (Serial0/1/0), d=192.168.1.1, len 28,
policy match
*Dec 28 01:00:28.215: IP: route map R3_TO_R1, item 10, permit
*Dec 28 01:00:28.215: IP: s=192.168.4.129 (Serial0/1/0), d=192.168.1.1 (Serial0/
0/0), len 28, policy routed
*Dec 28 01:00:28.215: IP: Serial0/1/0 to Serial0/0/0 172.16.13.1
*Dec 28 01:00:28.227: IP: s=192.168.4.129 (Serial0/1/0), d=192.168.1.1, len 28,
FIB policy match
*Dec 28 01:00:28.231: IP: s=192.168.4.129 (Serial0/1/0), d=192.168.1.1, len 28,
PBR Counted
*Dec 28 01:00:28.231: IP: s=192.168.4.129 (Serial0/1/0), d=192.168.1.1, g=172.16
.13.1, len 28, FIB policy routed
*Dec 28 01:00:37.255: IP: s=192.168.4.129 (Serial0/1/0), d=192.168.1.1, len 28,
FIB policy match
*Dec 28 01:00:37.255: IP: s=192.168.4.129 (Serial0/1/0), d=192.168.1.1, len 28,
PBR Counted
*Dec 28 01:00:37.255: IP: s=192.168.4.129 (Serial0/1/0), d=192.168.1.1, g=172.16
.13.1, len 28, FIB policy routed
*Dec 28 01:00:37.283: IP: s=192.168.4.129 (Serial0/1/0), d=192.168.1.1, len 28,
FIB policy match
*Dec 28 01:00:37.283: IP: s=192.168.4.129 (Serial0/1/0), d=192.168.1.1, len 28,
PBR Counted
*Dec 28 01:00:37.283: IP: s=192.168.4.129 (Serial0/1/0), d=192.168.1.1, g=172.16
.13.1, len 28, FIB policy routed
R4#traceroute 192.168.1.1 source 192.168.4.129
Type escape sequence to abort.
Tracing the route to 192.168.1.1
1 172.16.34.3 12 msec 12 msec 16 msec
2 172.16.13.1 28 msec 28 msec * // R3 > R1
R3#show route-map
route-map R3_TO_R1, permit, sequence 10
Match clauses:
ip address (access-lists): PBR_ACL
Set clauses:
ip next-hop 172.16.13.1
Policy routing matches: 15 packets, 480 bytes // PACKETS MATCHED PBR ACL
While waiting for the official Cisco press book (by September 2015) and CBT Nugget videos to be released, I've been busy doing ROUTE and SWITCH labs in conjunction with my CCDP studies. This is one of the lab I did for ROUTE regarding policy based routing or PBR.
R1(config)#interface loopback1
*Dec 27 23:49:35.519: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback1,
R1(config-if)#description R1 LAN
R1(config-if)#ip address 192.168.1.1 255.255.255.0
R1(config-if)#interface s0/0/0
R1(config-if)#description R1 --> R2
R1(config-if)#ip address 172.16.12.1 255.255.255.248
R1(config-if)#clock rate 128000
R1(config-if)#bandwidth 128
R1(config-if)#no shutdown
*Dec 27 23:51:05.339: %LINK-3-UPDOWN: Interface Serial0/0/0, changed state to down
R1(config-if)#interface s0/0/1
R1(config-if)#description R1 --> R3
R1(config-if)#ip address 172.16.13.1 255.255.255.248
R1(config-if)#bandwidth 64
R1(config-if)#no shutdown
*Dec 27 23:51:38.891: %LINK-3-UPDOWN: Interface Serial0/0/1, changed state to down
R2(config)#interface loopback2
R2(config-if)#
*Dec 27 22:34:44.835: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback2, changed state to up
R2(config-if)#description R2 LAN
R2(config-if)#ip address 192.168.2.1 255.255.255.0
R2(config-if)#interface s0/0/0
R2(config-if)#description R2 --> R1
R2(config-if)#ip address 172.16.12.2 255.255.255.248
R2(config-if)#bandwidth 128
R2(config-if)#no shutdown
R2(config-if)#
*Dec 27 22:35:32.047: %LINK-3-UPDOWN: Interface Serial0/0/0, changed state to up
*Dec 27 22:35:33.047: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0/0, changed state to up
R2(config-if)#do ping 172.16.12.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.12.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/14/16 ms
R2(config-if)#interface s0/0/1
R2(config-if)#description R2 --> R3
R2(config-if)#ip address 172.16.23.2 255.255.255.248
R2(config-if)#clock rate 128000
R2(config-if)#bandwidth 128
R2(config-if)#no shutdown
R2(config-if)#
*Dec 27 22:36:11.723: %LINK-3-UPDOWN: Interface Serial0/0/1, changed state to down
R3(config)#interface loopback3
R3(config-if)#
*Dec 28 00:00:46.055: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback3, changed state to up
R3(config-if)#description R3 LAN
R3(config-if)#ip address 192.168.3.1 255.255.255.0
R3(config-if)#interface s0/0/0
R3(config-if)#description R3 --> R1
R3(config-if)#ip address 172.16.13.3 255.255.255.248
R3(config-if)#clock rate 64000
R3(config-if)#bandwidth 64
R3(config-if)#no shutdown
R3(config-if)#
*Dec 28 00:01:47.459: %LINK-3-UPDOWN: Interface Serial0/0/0, changed state to up
*Dec 28 00:01:48.459: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0/0, changed state to up
R3(config-if)#do ping 172.16.13.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.13.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/32 ms
R3(config-if)#interface s0/0/1
R3(config-if)#description R3 --> R2
R3(config-if)#ip address 172.16.23.3 255.255.255.248
R3(config-if)#bandwidth 128
R3(config-if)#no shutdown
R3(config-if)#
*Dec 28 00:02:25.503: %LINK-3-UPDOWN: Interface Serial0/0/1, changed state to up
*Dec 28 00:02:26.503: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0/1, changed state to up
R3(config-if)#do ping 172.16.23.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.23.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/14/16 ms
R3(config-if)#interface s0/1/0
R3(config-if)#description R3 --> R4
R3(config-if)#ip address 172.16.34.3 255.255.255.248
R3(config-if)#clock rate 64000
R3(config-if)#bandwidth 64
R3(config-if)#no shutdown
R3(config-if)#
*Dec 28 00:03:16.587: %LINK-3-UPDOWN: Interface Serial0/1/0, changed state to down
R4(config)#interface loopback4
R4(config-if)#
*Dec 27 23:19:15.119: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback4, changed state to up
R4(config-if)#description R4 LAN A
R4(config-if)#ip address 192.168.4.1 255.255.255.128
R4(config-if)#interface loopback5
R4(config-if)#
*Dec 27 23:19:43.931: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback5, changed state to up
R4(config-if)#description R4 LAN B
R4(config-if)#ip address 192.168.4.129 255.255.255.128
R4(config-if)#interface s0/0/0
R4(config-if)#description R4 --> R3
R4(config-if)#ip address 172.16.34.4 255.255.255.248
R4(config-if)#bandwidth 64
R4(config-if)#no shutdown
R4(config-if)#
*Dec 27 23:22:38.507: %LINK-3-UPDOWN: Interface Serial0/0/0, changed state to up
*Dec 27 23:22:39.507: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0/0, changed state to up
R4(config-if)#do ping 172.16.34.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.34.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/28 ms
R3#show ip interface brief | exclude unassigned
Interface IP-Address OK? Method Status Protocol
Serial0/0/0 172.16.13.3 YES manual up up
Serial0/0/1 172.16.23.3 YES manual up up
Serial0/1/0 172.16.34.3 YES manual up up
Loopback3 192.168.3.1 YES manual up up
R3#show protocols | exclude down
Global values:
Internet Protocol routing is enabled
Serial0/0/0 is up, line protocol is up
Internet address is 172.16.13.3/29
Serial0/0/1 is up, line protocol is up
Internet address is 172.16.23.3/29
Serial0/1/0 is up, line protocol is up
Internet address is 172.16.34.3/29
Loopback3 is up, line protocol is up
Internet address is 192.168.3.1/24
R3#show interface description | exclude down
Interface Status Protocol Description
Se0/0/0 up up R3 --> R1
Se0/0/1 up up R3 --> R2
Se0/1/0 up up R3 --> R4
Lo3 up up R3 LAN
R1(config)#router eigrp 1
R1(config-router)#network 192.168.1.0
R1(config-router)#network 172.16.12.0 0.0.0.7
R1(config-router)#network 172.16.13.0 0.0.0.7
R1(config-router)#no auto-summary
R2(config)#router eigrp 1
R2(config-router)#network 192.168.2.0
R2(config-router)#network 172.16.12.0 0.0.0.7
R2(config-router)#
*Dec 27 22:52:07.707: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1: Neighbor 172.16.12.1 (Serial0/0/0) is up: new adjacency
R2(config-router)#network 172.16.23.0 0.0.0.7
R2(config-router)#no auto-summary
R2(config-router)#
*Dec 27 22:52:24.883: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1: Neighbor 172.16.12.1 (Serial0/0/0) is resync: summary configured // PREFER TO ISSUE FIRST THE COMMAND no auto-summary
R3(config)#router eigrp 1
R3(config-router)#no auto-summary
R3(config-router)#network 192.168.3.0
R3(config-router)#network 172.16.13.0 0.0.0.7
R3(config-router)#
*Dec 28 00:15:12.431: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1: Neighbor 172.16.13.1 (Serial0/0/0) is up: new adjacency
R3(config-router)#network 172.16.23.0 0.0.0.7
R3(config-router)#
*Dec 28 00:15:19.771: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1: Neighbor 172.16.23.2 (Serial0/0/1) is up: new adjacency
R3(config-router)#network 172.16.34.0 0.0.0.7
R4(config)#router eigrp 1
R4(config-router)#network 192.168.4.0
R4(config-router)#network 172.16.34.0 0.0.0.7
R4(config-router)#
*Dec 27 23:31:22.139: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1: Neighbor 172.16.34.3 (Serial0/0/0) is up: new adjacency
R4(config-router)#no auto-summary
R4(config-router)#
*Dec 27 23:31:36.979: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1: Neighbor 172.16.34.3 (Serial0/0/0) is resync: summary configured
R1#show ip eigrp neighbors
IP-EIGRP neighbors for process 1
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
1 172.16.13.3 Se0/0/1 14 00:01:56 20 2280 0 24
0 172.16.12.2 Se0/0/0 11 00:03:03 9 1140 0 22
R2#show ip eigrp neighbors
IP-EIGRP neighbors for process 1
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
1 172.16.23.3 Se0/0/1 10 00:04:22 12 1140 0 23
0 172.16.12.1 Se0/0/0 12 00:05:37 10 1140 0 24
R3#show ip eigrp neighbors
IP-EIGRP neighbors for process 1
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
2 172.16.34.4 Se0/1/0 12 00:03:58 24 2280 0 7
1 172.16.23.2 Se0/0/1 10 00:04:43 16 1140 0 23
0 172.16.13.1 Se0/0/0 10 00:04:50 23 2280 0 25
R4#show ip eigrp neighbors
IP-EIGRP neighbors for process 1
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
0 172.16.34.3 Se0/0/0 14 00:00:51 30 2280 0 28
R1#tclsh
R1(tcl)#foreach address {
+>(tcl)#172.16.12.1
+>(tcl)#172.16.12.2
+>(tcl)#172.16.13.1
+>(tcl)#172.16.13.3
+>(tcl)#172.16.23.2
+>(tcl)#172.16.23.3
+>(tcl)#172.16.34.3
+>(tcl)#172.16.34.4
+>(tcl)#192.168.1.1
+>(tcl)#192.168.2.1
+>(tcl)#192.168.3.1
+>(tcl)#192.168.4.1
+>(tcl)#192.168.4.129
+>(tcl)#} { ping $address }
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.12.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/32 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.12.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/14/16 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.13.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 56/56/56 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.13.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/32 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.23.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/15/16 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.23.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/32 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.34.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/28 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.34.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 56/56/56 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.2.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/14/16 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.3.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/28 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.4.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 56/56/56 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.4.129, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 56/56/60 ms
R2#tclsh
R2(tcl)#foreach address {
+>(tcl)#172.16.12.1
+>(tcl)#172.16.12.2
+>(tcl)#172.16.13.1
+>(tcl)#172.16.13.3
+>(tcl)#172.16.23.2
+>(tcl)#172.16.23.3
+>(tcl)#172.16.34.3
+>(tcl)#172.16.34.4
+>(tcl)#192.168.1.1
+>(tcl)#192.168.2.1
+>(tcl)#192.168.3.1
+>(tcl)#192.168.4.1
+>(tcl)#192.168.4.129
+>(tcl)#} { ping $address }
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.12.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/14/16 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.12.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/32 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.13.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/32 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.13.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/15/16 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.23.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/32 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.23.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/14/16 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.34.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/15/16 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.34.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 40/42/44 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/15/16 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.2.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.3.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/15/16 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.4.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 40/42/44 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.4.129, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 40/42/44 ms
R3#tclsh
R3(tcl)#foreach address {
+>(tcl)#172.16.12.1
+>(tcl)#172.16.12.2
+>(tcl)#172.16.13.1
+>(tcl)#172.16.13.3
+>(tcl)#172.16.23.2
+>(tcl)#172.16.23.3
+>(tcl)#172.16.34.3
+>(tcl)#172.16.34.4
+>(tcl)#192.168.1.1
+>(tcl)#192.168.2.1
+>(tcl)#192.168.3.1
+>(tcl)#192.168.4.1
+>(tcl)#192.168.4.129
+>(tcl)#} { ping $address }
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.12.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/32 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.12.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/15/16 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.13.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/28 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.13.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 56/56/60 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.23.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/15/16 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.23.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/32 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.34.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 56/56/56 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.34.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/28 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/28 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.2.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/15/16 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.3.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.4.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/32 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.4.129, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/32 ms
R4#tclsh
R4(tcl)#foreach address {
+>(tcl)#172.16.12.1
+>(tcl)#172.16.12.2
+>(tcl)#172.16.13.1
+>(tcl)#172.16.13.3
+>(tcl)#172.16.23.2
+>(tcl)#172.16.23.3
+>(tcl)#172.16.34.3
+>(tcl)#172.16.34.4
+>(tcl)#192.168.1.1
+>(tcl)#192.168.2.1
+>(tcl)#192.168.3.1
+>(tcl)#192.168.4.1
+>(tcl)#192.168.4.129
+>(tcl)#} { ping $address }
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.12.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 56/56/56 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.12.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 40/42/44 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.13.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 56/56/56 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.13.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/32 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.23.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 40/41/44 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.23.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/29/36 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.34.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/32 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.34.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 56/56/56 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 56/56/60 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.2.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 40/43/44 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.3.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/32 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.4.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.4.129, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms
R1#show ip route // OBSERVE THE NEXT-HOP IP BEFORE PBR
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
172.16.0.0/29 is subnetted, 4 subnets
D 172.16.34.0 [90/41024000] via 172.16.13.3, 00:08:10, Serial0/0/1
D 172.16.23.0 [90/21024000] via 172.16.12.2, 00:08:25, Serial0/0/0
C 172.16.12.0 is directly connected, Serial0/0/0
C 172.16.13.0 is directly connected, Serial0/0/1
192.168.4.0/25 is subnetted, 2 subnets
D 192.168.4.0 [90/41152000] via 172.16.13.3, 00:07:25, Serial0/0/1
D 192.168.4.128 [90/41152000] via 172.16.13.3, 00:07:25, Serial0/0/1
C 192.168.1.0/24 is directly connected, Loopback1
D 192.168.2.0/24 [90/20640000] via 172.16.12.2, 00:08:25, Serial0/0/0
D 192.168.3.0/24 [90/21152000] via 172.16.12.2, 00:08:25, Serial0/0/0
R4#traceroute 192.168.1.1 source 192.168.4.1
Type escape sequence to abort.
Tracing the route to 192.168.1.1
1 172.16.34.3 12 msec 12 msec 16 msec
2 172.16.23.2 20 msec 20 msec 20 msec
3 172.16.12.1 28 msec 24 msec *
R4#traceroute 192.168.1.1 source 192.168.4.129
Type escape sequence to abort.
Tracing the route to 192.168.1.1
1 172.16.34.3 12 msec 12 msec 16 msec
2 172.16.23.2 20 msec 20 msec 20 msec
3 172.16.12.1 28 msec 24 msec *
R3#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
172.16.0.0/29 is subnetted, 4 subnets
C 172.16.34.0 is directly connected, Serial0/1/0
C 172.16.23.0 is directly connected, Serial0/0/1
D 172.16.12.0 [90/21024000] via 172.16.23.2, 00:14:01, Serial0/0/1
C 172.16.13.0 is directly connected, Serial0/0/0
192.168.4.0/25 is subnetted, 2 subnets
D 192.168.4.0 [90/40640000] via 172.16.34.4, 00:13:01, Serial0/1/0
D 192.168.4.128 [90/40640000] via 172.16.34.4, 00:13:01, Serial0/1/0
D 192.168.1.0/24 [90/21152000] via 172.16.23.2, 00:14:02, Serial0/0/1 // R3 PREFERS VIA R2 HOP TO REACH R1 LAN IP SUBNET
D 192.168.2.0/24 [90/20640000] via 172.16.23.2, 00:14:02, Serial0/0/1
C 192.168.3.0/24 is directly connected, Loopback3
R3#show interfaces s0/0/0
Serial0/0/0 is up, line protocol is up
Hardware is GT96K Serial
Description: R3 --> R1
Internet address is 172.16.13.3/29
MTU 1500 bytes, BW 64 Kbit/sec, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation HDLC, loopback not set
Keepalive set (10 sec)
CRC checking enabled
Last input 00:00:01, output 00:00:01, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
525 packets input, 37448 bytes, 0 no buffer
Received 205 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
497 packets output, 36003 bytes, 0 underruns
0 output errors, 0 collisions, 7 interface resets
0 unknown protocol drops
0 output buffer failures, 0 output buffers swapped out
0 carrier transitions
DCD=up DSR=up DTR=up RTS=up CTS=up
R3#show interfaces s0/0/1
Serial0/0/1 is up, line protocol is up
Hardware is GT96K Serial
Description: R3 --> R2
Internet address is 172.16.23.3/29
MTU 1500 bytes, BW 128 Kbit/sec, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation HDLC, loopback not set
Keepalive set (10 sec)
CRC checking enabled
Last input 00:00:02, output 00:00:00, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: weighted fair
Output queue: 0/1000/64/0 (size/max total/threshold/drops)
Conversations 0/1/256 (active/max active/max total)
Reserved Conversations 0/0 (allocated/max allocated)
Available Bandwidth 96 kilobits/sec
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
568 packets input, 41722 bytes, 0 no buffer
Received 208 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
565 packets output, 42025 bytes, 0 underruns
0 output errors, 0 collisions, 7 interface resets
0 unknown protocol drops
0 output buffer failures, 0 output buffers swapped out
0 carrier transitions
DCD=up DSR=up DTR=up RTS=up CTS=up
R3#show ip eigrp topology 192.168.1.0
IP-EIGRP (AS 1): Topology entry for 192.168.1.0/24
State is Passive, Query origin flag is 1, 1 Successor(s), FD is 21152000
Routing Descriptor Blocks:
172.16.23.2 (Serial0/0/1), from 172.16.23.2, Send flag is 0x0
Composite metric is (21152000/20640000), Route is Internal // SUCCESSOR ROUTE, INSALLTED IN ROUTING TABLE
Vector metric:
Minimum bandwidth is 128 Kbit
Total delay is 45000 microseconds
Reliability is 255/255
Load is 1/255
Minimum MTU is 1500
Hop count is 2
172.16.13.1 (Serial0/0/0), from 172.16.13.1, Send flag is 0x0
Composite metric is (40640000/128256), Route is Internal // METRIC FOR R1 LAN IP SUBNET IS HIGHER
Vector metric:
Minimum bandwidth is 64 Kbit
Total delay is 25000 microseconds
Reliability is 255/255
Load is 1/255
Minimum MTU is 1500
Hop count is 1
R3(config)#ip access-list standard PBR_ACL
R3(config-std-nacl)#remark ACL matches R4 LAN B traffic
R3(config-std-nacl)#permit 192.168.4.128 0.0.0.127
R3(config-std-nacl)#exit
R3(config)#route-map ?
WORD Route map tag
R3(config)#route-map R3_TO_R1 ?
<0-65535> Sequence to insert to/delete from existing route-map entry
deny Route map denies set operations
permit Route map permits set operations
<cr>
R3(config)#route-map R3_TO_R1 permit ?
<0-65535> Sequence to insert to/delete from existing route-map entry
<cr>
R3(config)#route-map R3_TO_R1 permit
R3(config-route-map)#?
Route Map configuration commands:
continue Continue on a different entry within the route-map
default Set a command to its defaults
description Route-map comment
exit Exit from route-map configuration mode
help Description of the interactive help system
match Match values from routing table
no Negate a command or set its defaults
set Set values in destination routing protocol
R3(config-route-map)#match ?
as-path Match BGP AS path list
clns CLNS information
community Match BGP community list
extcommunity Match BGP/VPN extended community list
interface Match first hop interface of route
ip IP specific information
ipv6 IPv6 specific information
length Packet length
local-preference Local preference for route
mdt-group Match routes corresponding to MDT group
metric Match metric of route
mpls-label Match routes which have MPLS labels
nlri BGP NLRI type
policy-list Match IP policy list
route-type Match route-type of route
source-protocol Match source-protocol of route
tag Match tag of route
R3(config-route-map)#match ip ?
address Match address of route or match packet
next-hop Match next-hop address of route
route-source Match advertising source address of route
R3(config-route-map)#match ip address ?
<1-199> IP access-list number
<1300-2699> IP access-list number (expanded range)
WORD IP access-list name
prefix-list Match entries of prefix-lists
R3(config-route-map)#match ip address PBR_ACL
R3(config-route-map)#set ?
as-path Prepend string for a BGP AS-path attribute
automatic-tag Automatically compute TAG value
clns OSI summary address
comm-list set BGP community list (for deletion)
community BGP community attribute
dampening Set BGP route flap dampening parameters
default Set default information
extcomm-list Set BGP/VPN extended community list (for deletion)
extcommunity BGP extended community attribute
global Set to global routing table
interface Output interface
ip IP specific information
ipv6 IPv6 specific information
level Where to import route
local-preference BGP local preference path attribute
metric Metric value for destination routing protocol
metric-type Type of metric for destination routing protocol
mpls-label Set MPLS label for prefix
nlri BGP NLRI type
origin BGP origin code
tag Tag value for destination routing protocol
traffic-index BGP traffic classification number for accounting
vrf Define VRF name
weight BGP weight for routing table
R3(config-route-map)#set ip ?
address Specify IP address
default Set default information
df Set DF bit
global global routing table
next-hop Next hop address
precedence Set precedence field
qos-group Set QOS Group ID
tos Set type of service field
vrf VRF name
R3(config-route-map)#set ip next-hop ?
A.B.C.D IP address of next hop
dynamic application dynamically sets next hop
peer-address Use peer address (for BGP only)
recursive Recursive next-hop
verify-availability Verify if nexthop is reachable
R3(config-route-map)#set ip next-hop 172.16.13.1
R3(config-route-map)#exit
R3(config)#interface s0/1/0
R3(config-if)#ip ?
Interface IP configuration subcommands:
access-group Specify access control for packets
accounting Enable IP accounting on this interface
address Set the IP address of an interface
admission Apply Network Admission Control
auth-proxy Apply authentication proxy
authentication authentication subcommands
bandwidth-percent Set EIGRP bandwidth limit
bgp BGP interface commands
broadcast-address Set the broadcast address of an interface
cef Cisco Express Forwarding interface commands
cgmp Enable/disable CGMP
ddns Configure dynamic DNS
dhcp Configure DHCP parameters for this interface
directed-broadcast Enable forwarding of directed broadcasts
dns Configure DNS server
dvmrp DVMRP interface commands
flow NetFlow related commands
header-compression IPHC options
hello-interval Configures IP-EIGRP hello interval
helper-address Specify a destination address for UDP broadcasts
hold-time Configures IP-EIGRP hold time
idle-group Specify interesting packets for idle-timer
igmp IGMP interface commands
information-reply Enable sending ICMP Information Reply messages
inspect Apply inspect name
ips Create IPS rule
irdp ICMP Router Discovery Protocol
load-sharing Style of load sharing
local-proxy-arp Enable local-proxy ARP
mask-reply Enable sending ICMP Mask Reply messages
mobile Mobile IP support
mrm Configure IP Multicast Routing Monitor tester
mroute-cache Enable switching cache for incoming multicast packets
mtu Set IP Maximum Transmission Unit
multicast IP multicast interface commands
nat NAT interface commands
nbar Network-Based Application Recognition
next-hop-self Configures IP-EIGRP next-hop-self
ospf OSPF interface commands
pgm PGM Reliable Transport Protocol
pim PIM interface commands
policy Enable policy routing
proxy-arp Enable proxy ARP
proxy-mobile Enable Proxy Mobile IP services
rarp-server Enable RARP server for static arp entries
rbscp RBSCP subfeatures for this interface
redirects Enable sending ICMP Redirect messages
rgmp Enable/disable RGMP
rip Router Information Protocol
route-cache Enable fast-switching cache for outgoing packets
router IP router interface commands
rsvp RSVP Interface Commands
rtp RTP parameters
sap Session Announcement Protocol interface commands
security DDN IP Security Option
service IP service
split-horizon Perform split horizon
summary-address Perform address summarization
tcp TCP header compression and other parameters
traffic-export Configure this interface for exporting ip traffic
unnumbered Enable IP processing without an explicit address
unreachables Enable sending ICMP Unreachable messages
urd Configure URL Rendezvousing
verify Enable per packet validation
virtual-reassembly Enable Virtual Fragment Reassembly
vrf VPN Routing/Forwarding parameters on the interface
wccp WCCP interface commands
R3(config-if)#ip policy ?
route-map Policy route map
R3(config-if)#ip policy route-map ?
WORD Route map name
R3(config-if)#ip policy route-map R3_TO_R1
R3(config-if)#end
R3#
*Dec 28 00:42:40.059: %SYS-5-CONFIG_I: Configured from console by console
R3#show route-map
route-map R3_TO_R1, permit, sequence 10
Match clauses:
ip address (access-lists): PBR_ACL
Set clauses:
Policy routing matches: 0 packets, 0 bytes // NO PACKETS MATCHING THE ACL YET
R3(config)#access-list 1 permit 192.168.4.0 0.0.0.255 // CREATE STANDARD ACL TO CAPTURE R4 LAN
TRAFFIC
R3(config)#exit
R3#
*Dec 28 00:45:19.615: %SYS-5-CONFIG_I: Configured from console by console
R3#debug ip policy ?
<1-199> Access list
dynamic dynamic PBR
<cr>
R3#debug ip policy 1 // DEBUG PBR
Policy routing debugging is on for access list 1
R3#show debug
Policy Routing:
Policy routing debugging is on for access list 1
R3#
*Dec 28 00:55:39.295: IP: s=192.168.4.1 (Serial0/1/0), d=192.168.1.1, len 28, po
licy rejected -- normal forwarding
*Dec 28 00:55:48.307: IP: s=192.168.4.1 (Serial0/1/0), d=192.168.1.1, len 28, po
licy rejected -- normal forwarding
*Dec 28 00:55:48.323: IP: s=192.168.4.1 (Serial0/1/0), d=192.168.1.1, len 28, po
licy rejected -- normal forwarding
*Dec 28 00:55:48.335: IP: s=192.168.4.1 (Serial0/1/0), d=192.168.1.1, len 28, FI
B policy rejected(no match) - normal forwarding
*Dec 28 00:55:57.355: IP: s=192.168.4.1 (Serial0/1/0), d=192.168.1.1, len 28, FI
B policy rejected(no match) - normal forwarding
*Dec 28 00:55:57.375: IP: s=192.168.4.1 (Serial0/1/0), d=192.168.1.1, len 28, FI
B policy rejected(no match) - normal forwarding
*Dec 28 00:55:57.395: IP: s=192.168.4.1 (Serial0/1/0), d=192.168.1.1, len 28, FI
B policy rejected(no match) - normal forwarding
*Dec 28 00:56:06.423: IP: s=192.168.4.1 (Serial0/1/0), d=192.168.1.1, len 28, FI
B policy rejected(no match) - normal forwarding
*Dec 28 00:56:06.451: IP: s=192.168.4.1 (Serial0/1/0), d=192.168.1.1, len 28, FI
B policy rejected(no match) - normal forwarding
R4#traceroute 192.168.1.1 source 192.168.4.1
Type escape sequence to abort.
Tracing the route to 192.168.1.1
1 172.16.34.3 12 msec 12 msec 16 msec
2 172.16.23.2 20 msec 20 msec 20 msec
3 172.16.12.1 28 msec 24 msec * // R3 > R2 > R1
R3#
*Dec 28 01:00:19.183: IP: s=192.168.4.129 (Serial0/1/0), d=192.168.1.1, len 28,
policy match
*Dec 28 01:00:19.183: IP: route map R3_TO_R1, item 10, permit
*Dec 28 01:00:19.183: IP: s=192.168.4.129 (Serial0/1/0), d=192.168.1.1 (Serial0/
0/0), len 28, policy routed
*Dec 28 01:00:19.183: IP: Serial0/1/0 to Serial0/0/0 172.16.13.1
*Dec 28 01:00:28.199: IP: s=192.168.4.129 (Serial0/1/0), d=192.168.1.1, len 28,
policy match
*Dec 28 01:00:28.199: IP: route map R3_TO_R1, item 10, permit
*Dec 28 01:00:28.199: IP: s=192.168.4.129 (Serial0/1/0), d=192.168.1.1 (Serial0/
0/0), len 28, policy routed
*Dec 28 01:00:28.199: IP: Serial0/1/0 to Serial0/0/0 172.16.13.1
*Dec 28 01:00:28.215: IP: s=192.168.4.129 (Serial0/1/0), d=192.168.1.1, len 28,
policy match
*Dec 28 01:00:28.215: IP: route map R3_TO_R1, item 10, permit
*Dec 28 01:00:28.215: IP: s=192.168.4.129 (Serial0/1/0), d=192.168.1.1 (Serial0/
0/0), len 28, policy routed
*Dec 28 01:00:28.215: IP: Serial0/1/0 to Serial0/0/0 172.16.13.1
*Dec 28 01:00:28.227: IP: s=192.168.4.129 (Serial0/1/0), d=192.168.1.1, len 28,
FIB policy match
*Dec 28 01:00:28.231: IP: s=192.168.4.129 (Serial0/1/0), d=192.168.1.1, len 28,
PBR Counted
*Dec 28 01:00:28.231: IP: s=192.168.4.129 (Serial0/1/0), d=192.168.1.1, g=172.16
.13.1, len 28, FIB policy routed
*Dec 28 01:00:37.255: IP: s=192.168.4.129 (Serial0/1/0), d=192.168.1.1, len 28,
FIB policy match
*Dec 28 01:00:37.255: IP: s=192.168.4.129 (Serial0/1/0), d=192.168.1.1, len 28,
PBR Counted
*Dec 28 01:00:37.255: IP: s=192.168.4.129 (Serial0/1/0), d=192.168.1.1, g=172.16
.13.1, len 28, FIB policy routed
*Dec 28 01:00:37.283: IP: s=192.168.4.129 (Serial0/1/0), d=192.168.1.1, len 28,
FIB policy match
*Dec 28 01:00:37.283: IP: s=192.168.4.129 (Serial0/1/0), d=192.168.1.1, len 28,
PBR Counted
*Dec 28 01:00:37.283: IP: s=192.168.4.129 (Serial0/1/0), d=192.168.1.1, g=172.16
.13.1, len 28, FIB policy routed
R4#traceroute 192.168.1.1 source 192.168.4.129
Type escape sequence to abort.
Tracing the route to 192.168.1.1
1 172.16.34.3 12 msec 12 msec 16 msec
2 172.16.13.1 28 msec 28 msec * // R3 > R1
R3#show route-map
route-map R3_TO_R1, permit, sequence 10
Match clauses:
ip address (access-lists): PBR_ACL
Set clauses:
ip next-hop 172.16.13.1
Policy routing matches: 15 packets, 480 bytes // PACKETS MATCHED PBR ACL
No comments:
Post a Comment