+ Reply to Thread
Page 1 of 4 1 234 Last
Results 1 to 25 of 89

Thread: CCNP Madness

  1. Roaming teh Bytes OfWolfAndMan's Avatar
    Join Date
    Oct 2013
    Location
    Grandma's basement
    Posts
    869

    Certifications
    A/L/P/S+, CCNP R&S, CCDA, CCDP, CCNA R&S/Sec, ACIS ERS 8K & VSP 9K, BS: IT Security
    #1

    Default CCNP Madness

    Well, it's official. I am off to the CCNP journey! I have actually already briefly skimmed some of the material in the previous months when getting bored of the CCNA Security material. I am starting first with ROUTE to knock out the test I have the least knowledge on. My materials are:

    -The Simplified books
    -The Chris Bryant vids (For depth)
    -Cbt Nuggets (For Jeremy's energy)
    -Lab manuals

    I also purchased a a lab, switch exclusive, for around 450 total. It contains a 12U rack, mountable power strip, 3 2950s, a 3550 and a 3750, along with plenty of 3 ft prefab cables.

    As of now, I have gotten through the CBT Nuggets vids on EIGRP AND OSPF. Did the labs, and am done with the EIGRP chapter and a third of OSPF in the Simplified book. I'll go for more labs this weekend. Starting WGU in the beginning of August, so I'm willing to bust out many hours to finish ROUTE before that time.
    Reading: Lab Books, Ansible Documentation Goals: Bash Shell/Python Automation Refinement [], CCIE R&S Written [X], AWS Certified Solutions Architect Associate (Maybe) [] CCIE R&S Counter: Somewhere between zero and infinity
    Reply With Quote Quote  

  2. SS -->
  3. Senior Member MickQ's Avatar
    Join Date
    Mar 2011
    Location
    Ireland
    Posts
    617

    Certifications
    BSc, MCITP:EA, CCN/DP, CCNA Sec, ITILv3, LPIC-1
    #2
    You should probably include the FLG for completeness. Best of luck!
    Reply With Quote Quote  

  4. Senior Member bharvey92's Avatar
    Join Date
    Jun 2013
    Location
    UK
    Posts
    402

    Certifications
    CCNA R+S, CCNA:DC, CCNA Security, CCNP R+S, BEng Computer Networking
    #3
    Hi OfWorldandMan,

    Good luck, I am currently studying Route and its very indepth! The simplified book is awesome! I have read that, a hell of alot of material in there!

    I have also purchased the Bryant videos, and I think they are excellent! Much better than CBT in my opinion. I think he covers the material really well and gives alot of real world examples and lab stuff.

    Good luck, I'm sure your be fine!
    Reply With Quote Quote  

  5. Netzwerksicherheit Master Of Puppets's Avatar
    Join Date
    Jan 2013
    Location
    /dev/null
    Posts
    1,175

    Certifications
    CCNA R&S, CCNA Security, CCNP R&S, CCNP Security
    #4
    Make sure to do a lot of labbing for this one! Good luck!
    Reply With Quote Quote  

  6. Roaming teh Bytes OfWolfAndMan's Avatar
    Join Date
    Oct 2013
    Location
    Grandma's basement
    Posts
    869

    Certifications
    A/L/P/S+, CCNP R&S, CCDA, CCDP, CCNA R&S/Sec, ACIS ERS 8K & VSP 9K, BS: IT Security
    #5
    @MickQ: Thanks for the recommendation! Decided to get the digital version of that FLG!
    @bharvey: Agreed! Gonna have to study for this one much more extensively for sure!
    @MasterofPuppets: Got GNS3 setup with SecureCRT, so I will definitely be using it a lot.

    Finished up the EIGRP and OSPF fundies on Chris Bryant's vids (I skipped over floating static routes, but I'll come back to it once I reach the material in the Simplified book). Did some labbing with single and multi-area ospf over all four network types. Did some EIGRP config over Frame Relay with passive interfaces included and did some manually neighboring in the same network. Will be finishing up labbing for the day after configuring routing protocol authentication (Especially since EIGRP uses a key chain. OSPF is cake to setup for its authentication). I also wanna do a virtual link lab. I am about 200 pages through the Simplified book, learned all about LSA types 1-5, but I'm stuck at the NSSA areas with Type 7 LSAs. I get the concept of Stubby and Totally Stubby, but I'm still a little confused of why NSSAs are used and why an ASBR doesn't just use a Type 5? I have EIGRP down (Just need to practice authentication). OSPF I wanna finish up before Friday, but for now, it's gonna be labbing with stub networks, authentication, and working on default routing with OSPF.
    Reading: Lab Books, Ansible Documentation Goals: Bash Shell/Python Automation Refinement [], CCIE R&S Written [X], AWS Certified Solutions Architect Associate (Maybe) [] CCIE R&S Counter: Somewhere between zero and infinity
    Reply With Quote Quote  

  7. Member
    Join Date
    Apr 2013
    Location
    Florida
    Posts
    33

    Certifications
    CCNA R&S, CCNP R&D
    #6
    ASBRs in stubby areas never flood type 5 LSAs by definition. This is because stub areas do not flood external routes. To get around this the not so stubby areas that flood external routes using Type 7 LSAs.
    Last edited by dmcneil330; 05-21-2014 at 12:09 PM.
    Reply With Quote Quote  

  8. Roaming teh Bytes OfWolfAndMan's Avatar
    Join Date
    Oct 2013
    Location
    Grandma's basement
    Posts
    869

    Certifications
    A/L/P/S+, CCNP R&S, CCDA, CCDP, CCNA R&S/Sec, ACIS ERS 8K & VSP 9K, BS: IT Security
    #7
    Thanks for the insight man! I also learned that you can't have an ASBR on a non-backbone area, so that's another reason for the nssa.

    Finished the chapter on OSPF this morning and finished Chris Bryant's OSPF vids last night. Did a lab with multi-area OSPF with a stub area, a virtual link, some ABR summarization, and redistributed a RIP network with loopbacks attached into the OSPF process. In addition, configured an NBMA network with manual neighbors. Will be finishing up with labbing with the nssa and summarization with the ASBR, and then onto IGP redistribution and route maps chapter! lso got the 101 CCNP labs from the Simplified series for more lab practice.
    Reading: Lab Books, Ansible Documentation Goals: Bash Shell/Python Automation Refinement [], CCIE R&S Written [X], AWS Certified Solutions Architect Associate (Maybe) [] CCIE R&S Counter: Somewhere between zero and infinity
    Reply With Quote Quote  

  9. Senior Member bharvey92's Avatar
    Join Date
    Jun 2013
    Location
    UK
    Posts
    402

    Certifications
    CCNA R+S, CCNA:DC, CCNA Security, CCNP R+S, BEng Computer Networking
    #8
    What do you think of the OSPF Chris Bryant videos? I found them much more informative than CBT or INE! Sound's like your steaming through the content man! Keep up the good work!
    Reply With Quote Quote  

  10. Roaming teh Bytes OfWolfAndMan's Avatar
    Join Date
    Oct 2013
    Location
    Grandma's basement
    Posts
    869

    Certifications
    A/L/P/S+, CCNP R&S, CCDA, CCDP, CCNA R&S/Sec, ACIS ERS 8K & VSP 9K, BS: IT Security
    #9
    Agreed! I think that it is much more informative than the CBT nuggets vids (At least the OSPF ones). Although his explanation of virtual links was somewhat brief (In comparison to how detailed it was explained in the Simplified book). Chris Bryant is my go-to for Cisco exams. I watched the demo vids for INE and I swear I almost fell asleep lol.
    Reading: Lab Books, Ansible Documentation Goals: Bash Shell/Python Automation Refinement [], CCIE R&S Written [X], AWS Certified Solutions Architect Associate (Maybe) [] CCIE R&S Counter: Somewhere between zero and infinity
    Reply With Quote Quote  

  11. Sine Metu jvrlopez's Avatar
    Join Date
    Jul 2013
    Posts
    887

    Certifications
    CISSP, CCNA, CEH v7, Sec+, Net+, LPI Linux Essentials
    #10
    Good luck on your studies and efforts!
    Reply With Quote Quote  

  12. Senior Member bharvey92's Avatar
    Join Date
    Jun 2013
    Location
    UK
    Posts
    402

    Certifications
    CCNA R+S, CCNA:DC, CCNA Security, CCNP R+S, BEng Computer Networking
    #11
    Definitely, I'm not knocking the INE but I did certainly find it a bit dry. Also I think the Bryant videos compliment the overload of info from Route Simplified! I find that if Chris only briefly mentions it a read of the information in the Simplified book gives you more than enough info!
    Reply With Quote Quote  

  13. Grind time, gotta eat MrBrian's Avatar
    Join Date
    Jul 2011
    Location
    Seattle
    Posts
    517

    Certifications
    CCNP, JNCIA, CCNA, Net+, AAS in Networking
    #12
    Good luck on your path, OfWolfAndMan. it is definitely a Mad Mad CCNP world...

    I like your approach though, using several resources is best. Jump in and don't look back!
    Last edited by MrBrian; 05-26-2014 at 12:49 AM. Reason: i dont know how to type
    Reply With Quote Quote  

  14. Roaming teh Bytes OfWolfAndMan's Avatar
    Join Date
    Oct 2013
    Location
    Grandma's basement
    Posts
    869

    Certifications
    A/L/P/S+, CCNP R&S, CCDA, CCDP, CCNA R&S/Sec, ACIS ERS 8K & VSP 9K, BS: IT Security
    #13
    Well, this holiday weekend has been busy with house hunting in the new future residence of Jacksonville. Finished the BGP fundies. Path attributes were by far the thing I had to go over like three times. Watched some of Chris Bryant's vids and one of Jeremy's on it to catch it all. Did some basic BGP implementation via iBGP, eBGP, multihop neighbors, authentication, RID, and loopback-sourced neighbor establishment. Skipped over route maps, redistribution and IGP route filtering/manipulation because I thought it'd be better to know BGP first as route maps seem primarily used by BGP.
    Reading: Lab Books, Ansible Documentation Goals: Bash Shell/Python Automation Refinement [], CCIE R&S Written [X], AWS Certified Solutions Architect Associate (Maybe) [] CCIE R&S Counter: Somewhere between zero and infinity
    Reply With Quote Quote  

  15. Roaming teh Bytes OfWolfAndMan's Avatar
    Join Date
    Oct 2013
    Location
    Grandma's basement
    Posts
    869

    Certifications
    A/L/P/S+, CCNP R&S, CCDA, CCDP, CCNA R&S/Sec, ACIS ERS 8K & VSP 9K, BS: IT Security
    #14
    OK so before I move on, there is something I'm kinda stuck on. Let's say you have one router in ASN 200 (Router 4) and your local ASN, 100, has a border router running ebgp (Router1) and has an ibgp peering with a ibgp neighbor not directly connected (Router 3). The device in between the two is running an IGP (Router 2), and obviously I will have to configure the next-hop-self command on Router 1 to have Router 3 display valid BGP routes. I know if I were to try to get to an external network attached to router 4 from Router 3, it would first send the packet to Router 2. Router 2 has never heard of the external route, so it drops it. My question is, how can I get Router 3 to ping a loopback off of Router 4 without having router 2 blackhole all the packets? I was told synchronization works, but it's supposed to be used in an AS with routers only running iBGP? This is a concept I've been labbing for a day or two and still can't figure out what I'm missing.
    Reading: Lab Books, Ansible Documentation Goals: Bash Shell/Python Automation Refinement [], CCIE R&S Written [X], AWS Certified Solutions Architect Associate (Maybe) [] CCIE R&S Counter: Somewhere between zero and infinity
    Reply With Quote Quote  

  16. Went to the dark side.... Moderator networker050184's Avatar
    Join Date
    Jul 2007
    Posts
    11,649

    Certifications
    CCNA, CCNP, CCIP, JNCIA-JUNOS, JNCIS-SP, JNCIP-SP, MCA200
    #15
    You need a route on the router in the middle. A router can not route to a destination it doesn't know. Another option is to run MPLS and label switch to loopbacks. Synchronization just ensures routes are learned via IGP before passing via BGP.
    An expert is a man who has made all the mistakes which can be made.
    Reply With Quote Quote  

  17. Senior Member chrisone's Avatar
    Join Date
    Nov 2009
    Location
    Los Angeles
    Posts
    1,569

    Certifications
    SilentBreakSecurity - DarkSideOps, CISSP, CCDP, CCNP R/S, CCNP Security (Secure, FW) , C|EH , PA ACE
    #16
    awesome! kick butt my friend!
    2017 Goals: Dark Side OPS: Custom Pentesting (complete), eCPPT (in progress), LFCS (in progress), OSCP (Ah next year...)
    Reply With Quote Quote  

  18. Roaming teh Bytes OfWolfAndMan's Avatar
    Join Date
    Oct 2013
    Location
    Grandma's basement
    Posts
    869

    Certifications
    A/L/P/S+, CCNP R&S, CCDA, CCDP, CCNA R&S/Sec, ACIS ERS 8K & VSP 9K, BS: IT Security
    #17
    Networker, I apologize for not giving more detail, but what if for the iBGP peers I am using loopbacks for the peering while using the ebgp-multihop command and the update-source command? I actually have two paths between the two iBGP peers partially so I have to configure the peers as loopbacks. Since the loopbacks aren't directly connected to the neighboring router, how do I go about having OSPF on the routers in between then? Do I just run a full mesh iBGP topology?
    Reading: Lab Books, Ansible Documentation Goals: Bash Shell/Python Automation Refinement [], CCIE R&S Written [X], AWS Certified Solutions Architect Associate (Maybe) [] CCIE R&S Counter: Somewhere between zero and infinity
    Reply With Quote Quote  

  19. Went to the dark side.... Moderator networker050184's Avatar
    Join Date
    Jul 2007
    Posts
    11,649

    Certifications
    CCNA, CCNP, CCIP, JNCIA-JUNOS, JNCIS-SP, JNCIP-SP, MCA200
    #18
    There is no way getting around the fact that the router in the middle needs to know how to get to the destination (except for MPLS or GRE tunnel etc). You have a few options depending on your topology. A default route possibly? Probably not a good idea though. Full mesh or route reflection to get the routes down?
    An expert is a man who has made all the mistakes which can be made.
    Reply With Quote Quote  

  20. Junior Member Registered Member
    Join Date
    Jun 2014
    Location
    Australia
    Posts
    1

    Certifications
    CCNA, MCTS
    #19
    Hi, Good luck on your CCNP Journey, i myself have decided to take on the CCNP mountain starting today! All The Best!
    Reply With Quote Quote  

  21. Roaming teh Bytes OfWolfAndMan's Avatar
    Join Date
    Oct 2013
    Location
    Grandma's basement
    Posts
    869

    Certifications
    A/L/P/S+, CCNP R&S, CCDA, CCDP, CCNA R&S/Sec, ACIS ERS 8K & VSP 9K, BS: IT Security
    #20
    Hey guys, just checking in. Got a little distracted catching up on episodes of Arrow, but I finally finished BGP in the Simplified book and the Chris Bryant vids. Configured route reflectors, confederations, did some path selection adjustment with route maps, and played with route aggregation. I will definitely be coming back for some more practice, but for now, I'm moving onto IGP route filtering and redistribution (Which I've already partially covered). The hardest thing by far was probably understanding how to configure the attributes properly without blocking/destroying my neighbors. Really wish I would've learned about peer groups earlier though when configuring neighbor statements.
    Reading: Lab Books, Ansible Documentation Goals: Bash Shell/Python Automation Refinement [], CCIE R&S Written [X], AWS Certified Solutions Architect Associate (Maybe) [] CCIE R&S Counter: Somewhere between zero and infinity
    Reply With Quote Quote  

  22. Roaming teh Bytes OfWolfAndMan's Avatar
    Join Date
    Oct 2013
    Location
    Grandma's basement
    Posts
    869

    Certifications
    A/L/P/S+, CCNP R&S, CCDA, CCDP, CCNA R&S/Sec, ACIS ERS 8K & VSP 9K, BS: IT Security
    #21
    Finished up the IGP route filtering and redistribution section. The redistribution seemed pretty straightforward, and I never thought about how having two points of redistribution into another AS could have loops like they explained! Really interesting. The one thing it took me a couple times around to understand was the route tag. I think I will be playing with that one very soon. Distribute list was pretty straightforward, especially after going through a massive section on the route maps. The remaining vids I have with Chris Bryant are the ones on IPv6 and the VPN stuff (Which I believe my CCNA Security knowledge will help me there). I still have a vid on static floating routes as well. I am currently in the Path Control and Route Optimization chapter in Simplified, reading through the IP SLA stuff (Which I don't remember learning about in Chris Bryant's stuff). Once I finish that chapter, I will start the complex labs in the back of the Simplified book. For now, I am doing most of the labs from the lab manual and Chris Bryant's vids.
    Reading: Lab Books, Ansible Documentation Goals: Bash Shell/Python Automation Refinement [], CCIE R&S Written [X], AWS Certified Solutions Architect Associate (Maybe) [] CCIE R&S Counter: Somewhere between zero and infinity
    Reply With Quote Quote  

  23. Roaming teh Bytes OfWolfAndMan's Avatar
    Join Date
    Oct 2013
    Location
    Grandma's basement
    Posts
    869

    Certifications
    A/L/P/S+, CCNP R&S, CCDA, CCDP, CCNA R&S/Sec, ACIS ERS 8K & VSP 9K, BS: IT Security
    #22
    Finished the path control and route optimization section. Went through several labs in the route manual. Then I went through the lab "BGP Peering and prefix advertisement" in the Simplified book. I have a major question, as this has me clueless. Maybe I read over it? So this is the situation: There's four routers connected. Three are running seperate bgp ASs, two are running OSPF (Single area). Each has a 150.X.X.X network on F0/0. So it has me redistribute both ways, and all routes look good. R3 is running both BGP and OSPF, and that's where the redistribution occurs (R1 is connected to R2 and 3, R2 is connected to R1 and 3, R3 is connected to 1, 2, and 3, and R4 is connected to R3). R4 is explicitly running OSPF. 80% of the lab I get, until it has me put in the commands into R3 to allow ping between OSPF router to F0/0 interfaces on the BGP routers using the following commands on R3:

    R3#router bgp 333
    #default-information originate
    #network 0.0.0.0 mask 0.0.0.0
    #ip route 0.0.0.0 0.0.0.0 null0
    #router ospf 1
    #default-information originate

    I understand the purpose of the default-information originate command and how it has to have a default route in the config to work (unless of course you use always at the end). My question is: If the ip default route points to null0, how is it that this command is able to allow pings between bgp routers and F0/0 interface redistributed from OSPF? I thought it was used as a bit bucket to prevent congestion when loops occur? How is it that without this command, I can't ping F0/0 interfaces of BGP routers from the OSPF router? Maybe there is something I've missed about the null0 ip route command?
    Reading: Lab Books, Ansible Documentation Goals: Bash Shell/Python Automation Refinement [], CCIE R&S Written [X], AWS Certified Solutions Architect Associate (Maybe) [] CCIE R&S Counter: Somewhere between zero and infinity
    Reply With Quote Quote  

  24. Senior Member tomtom1's Avatar
    Join Date
    Feb 2014
    Posts
    374

    Certifications
    JNCIP,SP, JNCIS-SP, CCNP, VCAP5-DCA, VCP5, MCITP 2008 SA, CCNA
    #23
    I don't fully understand the topology yet, but the reason you do the default route to null0 is with BGP, a route can only be advertised (via network command) once the same prefix is in the routing table. By first creating a route to null0, you fill the local routing table. You can then advertise this prefix via BGP and since you are all running eBGP sessions, the next hop attribute is changed on outgoing prefix advertisements. And once the traffic comes in from the remote BGP peers, you should have a more specific entry in your routing table for F0/0's interface.

    Perhaps if you could share some pictures and configs, we might be able to elaborate on this further.
    Reply With Quote Quote  

  25. Roaming teh Bytes OfWolfAndMan's Avatar
    Join Date
    Oct 2013
    Location
    Grandma's basement
    Posts
    869

    Certifications
    A/L/P/S+, CCNP R&S, CCDA, CCDP, CCNA R&S/Sec, ACIS ERS 8K & VSP 9K, BS: IT Security
    #24
    Here it is. This is R3's config for some more help:

    BGP_Lab.jpgrouter ospf 1
    log-adjacency-changes
    redistribute bgp 333 subnets
    network 3.3.3.3 0.0.0.0 area 0
    network 10.0.0.13 0.0.0.0 area 0
    default-information originate
    !
    router bgp 333
    no synchronization
    bgp router-id 3.3.3.3
    bgp log-neighbor-changes
    network 0.0.0.0
    network 150.3.3.0 mask 255.255.255.0
    redistribute ospf 1 match external 2
    neighbor PEER_GROUP peer-group
    neighbor PEER_GROUP ebgp-multihop 2
    neighbor PEER_GROUP update-source Loopback0
    neighbor 1.1.1.1 remote-as 111
    neighbor 1.1.1.1 peer-group PEER_GROUP
    neighbor 2.2.2.2 remote-as 222
    neighbor 2.2.2.2 peer-group PEER_GROUP
    default-information originate
    no auto-summary
    !
    ip forward-protocol nd
    ip route 0.0.0.0 0.0.0.0 Null0
    ip route 1.1.1.1 255.255.255.255 Serial1/1
    ip route 2.2.2.2 255.255.255.255 Serial1/2
    Reading: Lab Books, Ansible Documentation Goals: Bash Shell/Python Automation Refinement [], CCIE R&S Written [X], AWS Certified Solutions Architect Associate (Maybe) [] CCIE R&S Counter: Somewhere between zero and infinity
    Reply With Quote Quote  

  26. Senior Member
    Join Date
    Sep 2013
    Location
    Sweden
    Posts
    861

    Certifications
    CCNP
    #25
    One problem with that config is that the BGP default-information-originate requires that you redistribute 0.0.0.0/0 into BGP, and you are not doing that.

    The configuration of the default-information originate command in BGP is similar to the configuration of the network (BGP) command. The default-information originate command, however, requires explicit redistribution of the route 0.0.0.0. The network command requires only that the route 0.0.0.0 is present in the Interior Gateway Protocol (IGP) routing table. For this reason, the network command is preferred.
    However, you are also injecting a default into BGP with the network command, and that should work since you have the static default to null0. So basically you just have a redundant line of config that you could delete.

    PS.
    We could troubleshoot the other problem you're having together, but you need to be a bit more specific.

    PPS.
    My question is: If the ip default route points to null0, how is it that this command is able to allow pings between bgp routers and F0/0 interface redistributed from OSPF? I thought it was used as a bit bucket to prevent congestion when loops occur? How is it that without this command, I can't ping F0/0 interfaces of BGP routers from the OSPF router? Maybe there is something I've missed about the null0 ip route command?
    You shouldn't need a default route in that topology if you advertise the f0/0 networks into BGP and then redistribute these into OSPF on R3. However, looking at the diagram (which is hard, it's kind of small), a potential problem is that when you redistribute BGP into OSPF on R3, the LAN interface of R3 isn't redistributed because it will appear as directly connected in the routing table, not as BGP. Pinging between R3 and R4 will therefore be broken without the default route. If this in fact is the problem you could redistribute connected into OSPF, or just active OSPF on that interface.
    Last edited by fredrikjj; 06-15-2014 at 05:46 PM.
    Reply With Quote Quote  

+ Reply to Thread
Page 1 of 4 1 234 Last

Social Networking & Bookmarks