IPExpert V2 Lab20

1.2 IRB

IP is the same on both vlan -> consider IRB.
Don't forget to active both commands to make the BVI up :

bridge 1 protocol ieeee
bridge 1 route ip

3.4 Default-Route in NSSA

NSSA -> default route is Type7 with area 40 nssa default-originate
Totally NSSA -> default-metric is Type 3

On the first case the metric could be defined adding a metric command after default-originate
On the second the metric used is the defined default-cost for stub/nssa default : 1
Could be changed with

area 40 default-cost X


6.2 Redistribution

Task to redistribute all Loopback to relevant protocol. As there redistribution is not transitive, we have to redistribute loopback on all the protocols used on a given router.

Don't forget when route-map is used on redistribute connected for only redistributing loopback, it will prevent any connected interface activated for a protocol A to be redistributed on protocol B. Route-map should be modified to also accept this interface.

7.3 BGP AS filtering

AS50 permits only directly connected clients of 102 to transit :
Understood that AS102 could use AS50 as transit and othe learned route from 102 could be learned but no used AS50 as transit. Match all other route than coming from 102 and tag as no-export.

Proctor solution was to accept 102 or 102 + 1AS and filter all other. regexp to match 102 + directly 102 connected AS

^102(_[0-9]+)?$

8.4 PBR + Tunnel

The task ask for a certain traffic between 2 BB to transit transparently :

-Create a GRE between egress and ingress tunnel
-Match the traffic
-PBR it to tunnel interface

9.2 Modifying COS to DSCP value.

Default values ares found on the doccd

mls qos map cos-dscp ....

11.2 prevent access to telnet to R2 except from R6. No config R2

I configured ACL on neighbor routers.
Solution guide configured Vlan ACL, wich is wrong as R2 as 2 serials.
Anyway VACL is a good way to think of it in other cases.