Ccnpv6 Tshoot Sba Stud Ans Key

CCNPv6 TSHOOT
Skills-Based Assessment Answer Key

Topology
All contents are Copyright 19922012 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 1 of 62
CCNPv6 TSHOOT
IP Addressing Table
Device R1 Interface/SVI FA0/1 S0/0/0 (DCE) Lo0 R2 S0/0/0 Lo0 Lo1 R3 FA0/0 FA0/1 Lo0 Lo1 ALS1 DLS1 DLS1 DLS1 DLS1 DLS1 DLS1 DLS1 DLS1 DLS2 DLS2 DLS2 DLS2 DLS2 DLS2 DLS2 DLS2 SRV1 PC-B PC-C VLAN 100 Fa0/5 Lo0 VLAN 10 VLAN 20 VLAN 30 VLAN 50 VLAN 100 VLAN 200 Fa0/5 Lo0 VLAN 10 VLAN 20 VLAN 30 VLAN 50 VLAN 100 VLAN 200 NIC NIC NIC IP Address 172.16.2.2 209.165.200.225 192.168.1.1 209.165.200.226 192.168.2.1 172.30.1.1 172.16.80.1 172.16.2.14 172.16.203.1 172.16.80.129 172.16.100.1 172.16.2.1 172.16.211.1 172.16.10.252 172.16.20.252 172.16.30.252 172.16.50.252 172.16.100.252 172.16.200.252 172.16.2.13 172.16.212.1 172.16.10.253 172.16.20.253 172.16.30.253 172.16.50.253 172.16.100.253 172.16.200.253 172.16.50.1 172.16.10.x (DHCP) 172.16.80.x (DHCP) Subnet Mask 255.255.255.252 255.255.255.252 255.255.255.255 255.255.255.252 255.255.255.255 255.255.255.255 255.255.255.128 255.255.255.252 255.255.255.255 255.255.255.128 255.255.255.0 255.255.255.252 255.255.255.255 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.252 255.255.255.255 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.128 Default Gateway N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A 172.16.100.254 172.16.2.1 N/A 172.16.10.254 172.16.20.254 172.16.30.254 172.16.50.254 172.16.100.254 N/A 172.16.2.14 N/A 172.16.10.254 172.16.20.254 172.16.30.254 172.16.50.254 172.16.100.254 N/A 172.16.50.254 172.16.10.254 172.16.80.1
Page 2 of 62
CCNPv6 TSHOOT
Device Interfaces and Links Table

From Device ALS1 ALS1 ALS1 ALS1 ALS1 DLS1 DLS1 DLS1 DLS1 DLS2 R1 R3 Interface Fa0/1 Fa0/2 Fa0/3 Fa0/4 Fa0/18 Fa0/3 Fa0/4 Fa0/5 Fa0/6 Fa0/5 S0/0/0 (DCE) Fa0/0 To Device DLS1 DLS1 DLS2 DLS2 PC-B DLS2 DLS2 R1 SRV1 R3 R2 PC-C Interface Fa0/1 Fa0/2 Fa0/1 Fa0/2 NIC Fa0/3 Fa0/4 Fa0/1 NIC Fa0/1 S0/0/0 NIC WAN link, PPP EtherChannel Po10, 802.1Q EtherChannel Po10, 802.1Q Layer 1 and 2 Features and Protocols Used EtherChannel Po1, 802.1Q EtherChannel Po1, 802.1Q EtherChannel Po2, 802.1Q EtherChannel Po2, 802.1Q
Objectives
Part 1: Erase the startup config and copy the SBA error file from flash to the running config for each device. Part 2: Troubleshoot the errors introduced.
Exam Overview
This skills-based assessment (SBA) is the final practical exam of Academy training for the course CCNPv6 TSHOOT. In Part 1, you erase the base configs and load the error configs. You troubleshoot and resolve the errors in Part 2. In addition to correcting configurations and restoring basic connectivity, network protocols such as Telnet, SSH, and NTP must also be verified. Note: Refer to the Topology diagram, IP Addressing table, and Device Interfaces and Links table in the beginning of the SBA when troubleshooting issues.
Instructor Notes:
To pass the exam, the student is expected to successfully complete the exam in the timeframe allotted. For the Academy student version of this exam, the student is not required to build the topology or copy the SBA error files from the TFTP server into the devices. Prior to the student starting the exam, the appropriate files, both base and error configs, should be pre-loaded in the flash:/tshoot directory of each device.
Page 3 of 62
CCNPv6 TSHOOT Ensure that each device (R1, R2, R3, ALS1, DLS1, and DLS2) has the SBA base and error config files installed in flash. You can download the files from the Academy Connection website or copy and paste them into text files. Instructors can use a TFTP server (PC or router), USB drive, flash memory card, or other method to copy the SBA base and error configuration file into the flash:/tshoot directory for each device in the topology. The procedure for using a TFTP server is described in the instructor notes preceding Part 1 of the SBA.
This lab uses Cisco 1841 routers with Cisco IOS Release 12.4(24)T1 and the Advanced IP Services image c1841-advipservicesk9-mz.124-24.T1.bin. The switches are Cisco WS-C2960-24TT-L with the Cisco IOS image c2960-lanbasek9-mz.122-46.SE.bin and Catalyst 3560-24PS with the Cisco IOS image c3560advipservicesk9-mz.122-46.SE.bin. Other routers (such as a 2801 or 2811), switches (such as a 2950 or 3550), and Cisco IOS Software versions can be used if they have comparable capabilities and features. Depending on the router or switch model and Cisco IOS Software version, the commands available and output produced might vary from what is shown in this lab.
Required Resources
3 routers (Cisco 1841 with Cisco IOS Release 12.4(24)T1 Advanced IP Service or comparable) 1 switch (Cisco 2960 with the Cisco IOS Release 12.2(46)SE C2960-LANBASEK9-M image or comparable) 2 switches (Cisco 3560 with the Cisco IOS Release 12.2(46)SE C3560-ADVIPSERVICESK9-M image or comparable) SRV1 (Windows PC with a static IP address) with TFTP and syslog servers, plus an SSH client (PuTTY or comparable) and WireShark software PC-B (Windows PCDHCP client) with PuTTY and WireShark software PC-C (Windows PCDHCP client) with PuTTY and WireShark software Serial and Ethernet cables
Instructor notes: Copying the SBA Files from the TFTP Server.
You can use a TFTP server (PC or router), USB drive, flash memory card or other method to copy the SBA base and error configuration file into the flash:/tshoot directory for each device in the topology. The procedure for using a TFTP server is described here and assumes IP connectivity with between the device and the server. Suggestion: After the error config file has been copied into flash on each device, you may wish to remove, rename or relocate the base config to make it more difficult for the student to compare the base config with the error config to determine the problem.
Step 1: Verify connectivity with the TFTP server SRV1.

You must be able to access the TFTP server on SRV1 from each network device to copy the error files. From each device (ALS1, DLS1, DLS2, R1, R2, and R3) ping SRV1 at 172.16.50.1. This procedure assumes that the devices are cabled as shown in the topology and the base config is running on each device. The base configs can be copied and pasted from those listed at the end of this SBA. Note: If the pings are not successful, verify physical network cabling and connections and verify that the SBA base config file is loaded as the running config in each device. You can exit from the user EXEC mode prompt to see the MOTD login banner, which indicates the file currently loaded. For example: *** Switch ALS1 SBA Base Config ***
Page 4 of 62
CCNPv6 TSHOOT
Step 2: Verify the TFTP server configuration.

Verify that the TFTP server on SRV1 is running and that the error files are present in the default TFTP directory. The format of these files is TSHOOT-SBA-Stud_xxx-Error-Cfg.txt, where xxx is the name of the device.
Step 3: Copy the TFTP server SBA error file to flash.

Copy the appropriate SBA error file from the TFTP server into the flash:/tshoot directory for each device. The following example shows how to copy the SBA error configuration file for ALS1 from the TFTP server at IP address 172.16.50.1 to the flash:/tshoot directory on ALS1: ALS1#copy tftp://172.16.50.1/TSHOOT-SBA-Stud_ALS1-Error-Cfg.txt flash:/tshoot Note: This assumes that the configuration files are in the TFTP server default directory. Note: You can view the contents of a particular file in flash using the UNIX or Cisco IOS more command. For example: ALS1#more flash:/tshoot/TSHOOT-SBA-Stud_ALS1-Error-Cfg.txt This command displays the contents of the file a page at a time.
Part 1: Load the SBA Error Files from Flash to the Running Config
Step 1: Verify the existence and location of the SBA error configuration files.
The error configuration file should be present in flash under the tshoot directory for a given device. Use the show flash command to verify the presence of this directory. You can also verify the contents of the directory using the dir command. If the directory and files are not present, contact your instructor. ALS1#show flash: Directory of flash:/ 3 -rwx 619 -rwx 6 drwx 46.SE.bin 622 drwx 916 6582 192 128 Mar 1 1993 00:00:29 +00:00 Mar 1 1993 00:10:09 +00:00 Oct 9 2009 13:00:50 +00:00 Oct 9 2009 13:03:05 +00:00 vlan.dat config.text c2960-lanbasek9-mz.122tshoot
ALS1#dir flash:/tshoot Directory of flash:/tshoot/ 5 -rwx Error-Cfg.txt 6515 Jan 16 2010 14:39:42 +00:00 TSHOOT-SBA-Stud_ALS1-
Step 2: Erase the startup config from NVRAM.

ALS1#erase startup-config Erasing the nvram filesystem will remove all configuration files! Continue? [confirm] Enter [OK] Erase of nvram: complete
Step 3: Delete the VLAN database from flash (switches only).

ALS1#delete vlan.dat Delete flash:vlan.dat? [confirm] Enter
Page 5 of 62
CCNPv6 TSHOOT
Step 4: Reload the device, but do not save the system configuration if prompted.
ALS1#reload System configuration has been modified. Save? [yes/no]: no Proceed with reload? [confirm] Enter *Jan 16 00:29:28.704: %SYS-5-RELOAD: Reload requested by console. Reload Reason: Reload command.
Step 5: When the device restarts, do not enter the initial configuration dialog, but terminate autoinstall if prompted.
Press RETURN to get started! --- System Configuration Dialog --Would you like to enter the initial configuration dialog? [yes/no]: no Would you like to terminate autoinstall? [yes]: Enter
Step 6: Copy the SBA device error configuration file from flash to the running config.
The format of these files is TSHOOT-SBA-Stud_xxx-Error-Cfg.txt, where xxx is the name of the device. For example: Switch#copy flash:/tshoot/TSHOOT-SBA-Stud_ALS1-Error-Cfg.txt running-config Destination filename [running-config]? <Enter> ALS1# Note: Although it is possible to copy the file to the startup config and reload the device, the RSA keys for SSH cannot be generated from the startup config.
Step 7: Copy the running config to the startup config.

Even if you see an Autosave message indicating that the running configuration has been saved to NVRAM, copy the running config to the startup config manually. ALS1#copy running-config startup-config Building configuration... [OK] Note: If the device is rebooted at this point, you can log in remotely with the username admin and the password adminpa55. To access privileged EXEC mode, use the enable password ciscoenpa55. Note: Although it is not considered security best practice, you can change the exec-timeout for the console line to 0 (no time out) to facilitate performance of this SBA.
Step 8: Repeat Steps 2 through 7 for all other devices in the network. Step 9: Set the time on the NTP server R2.
Set the correct time on the NTP server R2 using the clock set command. clock set hh:mm:ss Day-of-Month Month Year Example: R2#clock set 14:45:00 16 Jan 2010
Step 10: Configure the PCs.

a. Configure SRV1 with the static IP address 172.16.50.1/24 and the default gateway 172.16.50.254.
Page 6 of 62
CCNPv6 TSHOOT b. Start the syslog server and TFTP server on SRV1. c. Configure PC-B and PC-C as DHCP clients.
d. Release and renew the DHCP leases on PC-B and PC-C. Note: It is important to release and renew the DHCP leases on PC-B and PC-C because the PCs may have obtained a valid IP address previously and this could mask a problem.
Part 2: Troubleshoot the Errors Introduced

The SBA error files introduce various problems, including issues related to STP, NTP, SSH, VLANs, EtherChannel, HSRP, DHCP, EIGRP, OSPF, and BGP. Hint: Two configuration errors are introduced in each device for a total of 12 errors.
Step 1: Perform connectivity tests.

Use connectivity testing tools such as ping, traceroute, tracert (PC), and Cisco Discovery Protocol to determine the extent of connectivity loss. Use the following table to record the results of the connectivity tests. Be sure to ping from each PC to each network device interface and from each network device to every other network device using the various network addresses available, as shown in the IP Addressing table at the beginning of the SBA. Note: You can use the Ping Test table in Step 3 as a starting point.
Network Connectivity Test Table

Command From Device/Interface/IP To Device/Interface/IP Result
Step 2: Document, resolve, and verify the issues discovered.

Using the tools available, such as show and debug commands, discover each problem, correct it, and document the corrective action taken. Use the Problem Resolution and Verification table to document the problem discovered, the affected devices, and the solution to the problem, including the commands used.
All contents are Copyright 19922012 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 7 of 62
CCNPv6 TSHOOT Note: For each device, after issuing corrective commands, copy the running config to the startup config. Tip: If connecting from one device to another via Telnet, issue the terminal monitor command so that console and debug messages generated on the remote device can be viewed on the local console.
Problem Resolution and Verification Table

Device ALS1 Problem or Error Discovered Wrong spanning tree mode (MST) specified. It should be rapid PVST. Trunk links are disabled. VLAN 10 is not allowed on Po1 (Fa0/1 and Fa0/2). (redundancy problem) VLAN 100 (MGMT) has not been defined, so interface VLAN 100 is down. Corrective Action (commands used) spanning-tree mode rapidpvst Verification Commands (more than one command can be used) show spanning-tree show spanning-tree brief show interfaces trunk
ALS1
interface po1 switchport trunk allowed vlan add 10 vlan 100 name MGMT interface vlan 100 no shut
DLS1
show vlan brief show ip interface brief
DLS1
DHCP excluded address range covers all addresses in pool OFFICE. No addresses are assigned.
no ip dhcp excludedaddress 172.16.1.252 172.16.10.254 ip dhcp excluded-address 172.16.10.252 172.16.10.254 interface Vlan200 ip address 172.16.200.253 255.255.255.0
show ip dhcp pool
DLS2
Interface VLAN 200 is assigned the wrong address (172.16.253.200). It should be 172.16.200.253. The DLS1 and DLS2 OSPF neighbor relationship is lost. Trunk encapsulation on Fa0/1 and Fa0/2 is ISL and does not match ALS1 (dot1q). No frames can be sent. (redundancy problem) The interface F0/1 network is in the wrong OSPF area (1), and the wrong subnet is specified. Should be area 0, subnet 172.16.2.0 0.0.0.3. The R1 and DLS1 OSPF neighbor relationship is lost. No remote access protocol is permitted on the vty lines.
show ip interface brief show ip ospf neighbor
DLS2
interface Po2 switchport trunk encapsulation dot1q
show interfaces trunk
R1
router ospf 1 no network 172.16.2.4 0.0.0.3 area 1 network 172.16.2.0 0.0.0.3 area 0
show ip ospf neighbor show ip ospf interface brief
R1
line vty 0 4
show line vty 0
Page 8 of 62
CCNPv6 TSHOOT Both Telnet and SSH should be allowed transport input. R2 Wrong BGP neighbor AS and neighbor ID specified. No peer relationship is formed with R1. transport input telnet ssh router bgp 65502 no neighbor 192.168.1.11 remote-as 65001 neighbor 192.168.1.1 remote-as 65501 neighbor 192.168.1.1 ebgp-multihop 2 neighbor 192.168.1.1 update-source Loopback0 R2 Default static route (0.0.0.0) to null is not present. The default route is not injected into R2 BGP table. ip route 0.0.0.0 0.0.0.0 null0 or neighbor 192.168.1.1 default-originate R3 The PC-C LAN (172.16.80.0/25) is not advertised under EIGRP. No connectivity between PC-C and other parts of the network. IP address referencing the R2 NTP server is incorrect. R3 will not synchronize with the time server. router eigrp 100 network 172.16.80.0 0.0.0.127 show ip protocols show ip route show ip route show ip bgp show ip bgp summary
R3
no ntp server 192.168.1.2 ntp server 192.168.2.1
show ntp associations
Notes __________________________________________________________________________________________ __________________________________________________________________________________________ __________________________________________________________________________________________ __________________________________________________________________________________________ __________________________________________________________________________________________ __________________________________________________________________________________________ __________________________________________________________________________________________
Step 3: Demonstrate basic network connectivity after correcting errors.

With all devices connected and all problems resolved, you should be able to ping from any device in the network to any other device. Perform pings according to the Ping Test table below. Note: All pings in the table must be successful. If not, there are issues that need to be resolved.
Ping Test Table

From Device/Interface/IP PC-B PC-B To Device/Interface/IP PC-C (DHCP 172.16.80.2) HSRP default gateway (172.16.10.254) Successful (Y/N)
Page 9 of 62
CCNPv6 TSHOOT PC-B PC-B PC-B PC-B PC-B PC-B PC-B PC-C PC-C PC-C PC-C PC-C PC-C PC-C PC-C ALS1 mgmt vlan 100 (172.16.100.1) ALS1 mgmt vlan 100 ALS1 mgmt vlan 100 ALS1 mgmt vlan 100 ALS1 mgmt vlan 100 Notes __________________________________________________________________________________________ __________________________________________________________________________________________ __________________________________________________________________________________________ __________________________________________________________________________________________ __________________________________________________________________________________________ __________________________________________________________________________________________ __________________________________________________________________________________________ SRV1 (172.16.50.1) ALS1 mgmt (172.16.100.1) DLS1 mgmt (172.16.100.252) DLS2 mgmt (172.16.100.253) R1 Fa0/1 (172.16.2.2) R2 Lo1 (172.30.1.1) R3 Fa0/1 (172.16.2.14) R3 default gateway (172.16.80.1) SRV1 (172.16.50.1) ALS1 mgmt (172.16.100.1) DLS1 mgmt (172.16.100.252) DLS2 mgmt (172.16.100.253) R1 Fa0/1 (172.16.2.2) R2 Lo1 (172.30.1.1) R3 Fa0/1 (172.16.2.14) DLS1 mgmt (172.16.100.252) DLS2 mgmt (172.16.100.253) R1 Fa0/1 (172.16.2.2) R2 Lo1 (172.30.1.1) R3 Fa0/1 (172.16.2.14)
Step 4: Demonstrate Telnet and SSH connectivity.

From PC-B, connect to each network device using Telnet (from the command prompt) and SSH (from an SSH client such as PuTTY) to verify remote management capability. Note: Connecting to each device via Telnet and SSH must be successful. If not, there are issues that need to be resolved.
Remote Access Test Table

From Device PC-B PC-B PC-B PC-B PC-B PC-B To Device/Interface/IP ALS1 mgmt (172.16.100.1) DLS1 mgmt (172.16.100.252) DLS2 mgmt (172.16.100.253) R1 Fa0/1 (172.16.2.2) R2 S0/0/0 (209.165.200.226) R3 Fa0/1 (172.16.2.14) Telnet (Y/N) SSH (Y/N)
Step 5: Demonstrate NTP functionality.

Check each network device to verify that it has synchronized with the NTP server R2.
CCNPv6 TSHOOT Note: Each device must synchronize with the NTP server R2. If not, there are issues that need to be resolved.
NTP Synchronization Table

Device ALS1 DLS1 DLS2 R1 R2 R3 NTP Status Synched (Y/N)
Step 6: Demonstrate network redundancy for PC-B after correcting errors.

a. Disable (shut down) DLS2 port channel Po2. b. Ping from PC-B to all other devices in the network. Pings from PC-B to each of the other PCs and network devices must be successful. If not, there are issues that need to be resolved. c. Renew and release the PC-B IP address. PC-B should be able to obtain an IP address on subnet 172.16.10.0/24. If not, there are issues that need to be resolved.
STP Redundancy Test Table

From Device/Interface/IP PC-B PC-B PC-B PC-B PC-B PC-B PC-B PC-B PC-B Notes: __________________________________________________________________________________________ __________________________________________________________________________________________ __________________________________________________________________________________________ __________________________________________________________________________________________ __________________________________________________________________________________________ __________________________________________________________________________________________ __________________________________________________________________________________________ To Device/Interface/IP HSRP default gateway (172.16.10.254) PC-C SRV1 (172.16.50.1) ALS1 mgmt (172.16.100.1) DLS1 mgmt (172.16.100.252) DLS2 mgmt (172.16.100.253) R1 Fa0/1 (172.16.2.2) R2 Lo1 (172.30.1.1) R3 Fa0/1 (172.16.2.14) Result
Router Interface Summary Table

Router Interface Summary Router Model 1700 1800 Ethernet Interface #1 Fast Ethernet 0 (FA0) Fast Ethernet 0/0 (FA0/0) Ethernet Interface #2 Fast Ethernet 1 (FA1) Fast Ethernet 0/1 (FA0/1) Serial Interface #1 Serial 0 (S0) Serial 0/0/0 (S0/0/0) Serial Interface #2 Serial 1 (S1) Serial 0/0/1 (S0/0/1)
Page 11 of 62
CCNPv6 TSHOOT Router Interface Summary 2600 2800 Fast Ethernet 0/0 (FA0/0) Fast Ethernet 0/0 (FA0/0) Fast Ethernet 0/1 (FA0/1) Fast Ethernet 0/1 (FA0/1) Serial 0/0 (S0/0) Serial 0/0/0 (S0/0/0) Serial 0/1 (S0/1) Serial 0/0/1 (S0/0/1)
Note: To find out how the router is configured, look at the interfaces to identify the type of router and how many interfaces the router has. There is no way to list all combinations of configurations for each router class. This table includes identifiers for the possible combinations of Ethernet and serial interfaces in the device. The table does not include any other type of interface, even though a specific router might contain one, such as an ISDN BRI interface. The string in parenthesis is the legal abbreviation that can be used in Cisco IOS commands to represent the interface. Note: The first group of configurations is the functioning base set that does not contain errors. The second group of configurations is the error set that does contain errors.
SBA DevicesBase Configurations (instructor version)

Note: This group of configurations is the functioning base set. They do not contain errors.
Switch ALS1SBA Base (no errors)

!Switch ALS1 SBA Base Config ! hostname ALS1 ! service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! logging buffered 16384 enable secret ciscoenpa55 ! username admin secret adminpa55 ! banner motd $*** Switch ALS1 SBA Base Config ***$ ! ip dhcp snooping vlan 10 ip dhcp snooping no ip domain lookup ! aaa new-model aaa authentication login default local aaa authentication login CONSOLE none aaa authorization exec default local ! system mtu routing 1500 ! vtp domain TSHOOT vtp mode transparent ! ip subnet-zero ip domain name tshoot.net ! crypto key zeroize rsa crypto key generate rsa general-keys modulus 1024
CCNPv6 TSHOOT ! archive log config logging size 50 notify syslog hidekeys path tftp://172.16.50.1/$h-archive-config write-memory file prompt quiet spanning-tree mode rapid-pvst spanning-tree portfast default ! interface Vlan1 no ip address shutdown ! vlan 10 name OFFICE ! vlan 20 name VOICE ! vlan 30 name GUEST ! vlan 100 name MGMT ! vlan 900 name NATIVE ! vlan 999 name UNUSED ! ip telnet source-interface Vlan100 ip ssh source-interface Vlan100 ! interface Port-channel1 description Channel to DLS1 no shutdown ! interface Port-channel2 description Channel to DLS2 no shutdown ! interface FastEthernet0/1 description Channel to DLS1 switchport trunk native vlan 900 switchport trunk allowed vlan 10,20,30,100 switchport mode trunk switchport nonegotiate channel-group 1 mode on ip dhcp snooping trust no shutdown ! interface FastEthernet0/2 description Channel to DLS1
CCNPv6 TSHOOT switchport trunk native vlan 900 switchport trunk allowed vlan 10,20,30,100 switchport mode trunk switchport nonegotiate channel-group 1 mode on ip dhcp snooping trust no shutdown
! interface FastEthernet0/3 description Channel to DLS2 switchport trunk native vlan 900 switchport trunk allowed vlan 10,20,30,100 switchport mode trunk switchport nonegotiate channel-group 2 mode on ip dhcp snooping trust no shutdown ! interface FastEthernet0/4 description Channel to DLS2 switchport trunk native vlan 900 switchport trunk allowed vlan 10,20,30,100 switchport mode trunk switchport nonegotiate channel-group 2 mode on ip dhcp snooping trust no shutdown ! interface FastEthernet0/5 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/6 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown interface FastEthernet0/7 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/8 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/9 description Unused
Page 14 of 62
CCNPv6 TSHOOT switchport access vlan 999 switchport mode access switchport nonegotiate shutdown
! interface FastEthernet0/10 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/11 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/12 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/13 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/14 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/15 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/16 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/17 description Unused switchport access vlan 999 switchport mode access
CCNPv6 TSHOOT switchport nonegotiate shutdown
! interface FastEthernet0/18 description To PC-B switchport access vlan 10 switchport mode access switchport voice vlan 20 spanning-tree portfast switchport port-security switchport port-security maximum 2 switchport port-security violation shutdown switchport port-security mac-address sticky no shut ! interface FastEthernet0/19 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/20 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/21 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/22 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/23 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/24 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface gigabitethernet0/1
CCNPv6 TSHOOT description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown
! interface gigabitethernet0/2 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface Vlan100 ip address 172.16.100.1 255.255.255.0 no shutdown ! ip default-gateway 172.16.100.254 ! ip http server ip http secure-server ! logging source-interface Vlan100 logging 172.16.50.1 ! snmp-server community cisco RO snmp-server community san-fran RW snmp-server trap-source Vlan100 snmp-server location TSHOOT Lab Facility snmp-server contact support@tshoot.net snmp-server host 172.16.50.1 version 2c cisco snmp-server enable traps vtp snmp-server enable traps vlancreate snmp-server enable traps vlandelete snmp-server enable traps port-security snmp-server enable traps vlan-membership ! line con 0 exec-timeout 60 0 login authentication CONSOLE logging synchronous line vty 0 4 exec-timeout 60 0 transport input telnet ssh line vty 5 15 no transport input ! ntp source Vlan100 ntp server 192.168.2.1 end
Switch DLS1SBA Base (no errors)

!Switch DLS1 SBA Base Config ! hostname DLS1 !
CCNPv6 TSHOOT service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! logging buffered 16384 enable secret ciscoenpa55 ! username admin secret adminpa55 banner motd $*** Switch DLS1 SBA Base Config ***$ ! ip dhcp relay information trust-all ! no ip domain lookup ! aaa new-model aaa authentication login default local aaa authentication login CONSOLE none aaa authorization exec default local ! system mtu routing 1500 ! vtp domain TSHOOT vtp mode transparent ! ip subnet-zero ip routing ! ip domain name tshoot.net ! ip dhcp excluded-address 172.16.10.252 172.16.10.254 ip dhcp excluded-address 172.16.20.252 172.16.20.254 ip dhcp excluded-address 172.16.30.252 172.16.30.254 ! ip dhcp pool OFFICE network 172.16.10.0 255.255.255.0 default-router 172.16.10.254 domain-name tshoot.net ! ip dhcp pool VOICE network 172.16.20.0 255.255.255.0 default-router 172.16.20.254 domain-name tshoot.net ! ip dhcp pool GUEST network 172.16.30.0 255.255.255.0 default-router 172.16.30.254 domain-name tshoot.net ! crypto key zeroize rsa crypto key generate rsa general-keys modulus 1024 ! errdisable recovery cause bpduguard ! archive log config logging size 50 notify syslog
CCNPv6 TSHOOT hidekeys path tftp://172.16.50.1/$h-archive-config write-memory file prompt quiet ! spanning-tree mode rapid-pvst ! spanning-tree vlan 10,30,100 priority 24576 spanning-tree vlan 20,50 priority 28672 ! vlan 10 name OFFICE ! vlan 20 name VOICE ! vlan 30 name GUEST ! vlan 50 name SERVERS ! vlan 100 name MGMT ! vlan 200 name TRANS ! vlan 900 name NATIVE ! vlan 999 name UNUSED ! ip telnet source-interface Vlan100 ip ssh source-interface Vlan100 ! interface Loopback0 description OSPF router ID ip address 172.16.211.1 255.255.255.255 ip ospf network point-to-point ! interface Port-channel1 description Channel to ALS1 no shut ! interface Port-channel10 description Channel to DLS2 no shut ! interface FastEthernet0/1 description Channel to ALS1 switchport trunk encapsulation dot1q switchport trunk native vlan 900 switchport trunk allowed vlan 10,20,30,100 switchport mode trunk switchport nonegotiate
CCNPv6 TSHOOT channel-group 1 mode on no shut
! interface FastEthernet0/2 description Channel to ALS1 switchport trunk encapsulation dot1q switchport trunk native vlan 900 switchport trunk allowed vlan 10,20,30,100 switchport mode trunk switchport nonegotiate channel-group 1 mode on no shut ! interface FastEthernet0/3 description Channel to DLS2 switchport trunk encapsulation dot1q switchport trunk native vlan 900 switchport trunk allowed vlan 10,20,30,50,100,200 switchport mode trunk switchport nonegotiate channel-group 10 mode on no shut ! interface FastEthernet0/4 description Channel to DLS2 switchport trunk encapsulation dot1q switchport trunk native vlan 900 switchport trunk allowed vlan 10,20,30,50,100,200 switchport mode trunk switchport nonegotiate channel-group 10 mode on no shut ! interface FastEthernet0/5 description FE to R1 no switchport ip address 172.16.2.1 255.255.255.252 speed 100 duplex full no shut ! interface FastEthernet0/6 description FE to SRV1 switchport access vlan 50 switchport mode access switchport nonegotiate spanning-tree portfast no shut ! interface FastEthernet0/7 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/8 description Unused
! interface FastEthernet0/17 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/18 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/19 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/20 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/21 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/22 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/23 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/24 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown
CCNPv6 TSHOOT ! interface gigabitethernet0/1 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface gigabitethernet0/2 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface Vlan1 no ip address shutdown ! interface Vlan10 ip address 172.16.10.252 255.255.255.0 standby 10 ip 172.16.10.254 standby 10 priority 110 standby 10 preempt ! interface Vlan20 ip address 172.16.20.252 255.255.255.0 standby 20 ip 172.16.20.254 standby 20 preempt ! interface Vlan30 ip address 172.16.30.252 255.255.255.0 standby 30 ip 172.16.30.254 standby 30 priority 110 standby 30 preempt ! interface Vlan50 ip address 172.16.50.252 255.255.255.0 standby 50 ip 172.16.50.254 standby 50 preempt ! interface Vlan100 ip address 172.16.100.252 255.255.255.0 standby 100 ip 172.16.100.254 standby 100 priority 110 standby 100 preempt ! interface Vlan200 ip address 172.16.200.252 255.255.255.0 ! router ospf 1 log-adjacency-changes passive-interface default no passive-interface Vlan200 no passive-interface FastEthernet0/5 network 172.16.2.0 0.0.0.3 area 0 network 172.16.10.0 0.0.0.255 area 1 network 172.16.20.0 0.0.0.255 area 1
CCNPv6 TSHOOT network network network network network 172.16.30.0 0.0.0.255 area 1 172.16.50.0 0.0.0.255 area 1 172.16.100.0 0.0.0.255 area 1 172.16.200.0 0.0.0.255 area 0 172.16.211.1 0.0.0.0 area 0
! ip classless ip http server ip http secure-server ! logging source-interface Vlan100 logging 172.16.50.1 ! snmp-server community cisco RO snmp-server community san-fran RW snmp-server trap-source Vlan100 snmp-server location TSHOOT Lab Facility snmp-server contact support@tshoot.net snmp-server host 172.16.50.1 version 2c cisco snmp-server enable traps ospf state-change snmp-server enable traps vtp snmp-server enable traps vlancreate snmp-server enable traps vlandelete snmp-server enable traps port-security snmp-server enable traps config snmp-server enable traps hsrp snmp-server enable traps vlan-membership snmp-server enable traps errdisable ! line con 0 exec-timeout 60 0 login authentication CONSOLE logging synchronous line vty 0 4 exec-timeout 60 0 transport input telnet ssh line vty 5 15 no transport input ! ntp source Vlan100 ntp server 192.168.2.1 end
Switch DLS2SBA Base (no errors)

!Switch DLS2 SBA Base Config ! hostname DLS2 ! service timestamps debug datetime msec service timestamps log datetime service password-encryption ! logging buffered 16384 enable secret ciscoenpa55 !
CCNPv6 TSHOOT username admin secret adminpa55 ! banner motd $*** Switch DLS2 SBA Base Config ***$ ! ip dhcp relay information trust-all ! no ip domain lookup ! aaa new-model aaa authentication login default local aaa authentication login CONSOLE none aaa authorization exec default local ! system mtu routing 1500 ! vtp domain TSHOOT vtp mode transparent ! ip subnet-zero ip routing ip domain name tshoot.net ! crypto key zeroize rsa crypto key generate rsa general-keys modulus 1024 ! ! archive log config logging size 50 notify syslog hidekeys path tftp://172.16.50.1/$h-archive-config write-memory file prompt quiet ! spanning-tree mode rapid-pvst ! spanning-tree vlan 10,30,100 priority 28672 spanning-tree vlan 20,50 priority 24576 ! vlan 10 name OFFICE ! vlan 20 name VOICE ! vlan 30 name GUEST ! vlan 50 name SERVERS ! vlan 100 name MGMT ! vlan 200 name TRANS !
CCNPv6 TSHOOT vlan 900 name NATIVE ! vlan 999 name UNUSED ! ip telnet source-interface Vlan100 ip ssh source-interface Vlan100 ! interface Loopback0 description OSPF router ID ip address 172.16.212.1 255.255.255.255 ip ospf network point-to-point ! interface Port-channel2 description Channel to ALS1 no shut interface Port-channel10 description Channel to DLS1 no shut ! interface FastEthernet0/1 description Channel to ALS1 switchport trunk encapsulation dot1q switchport trunk native vlan 900 switchport trunk allowed vlan 10,20,30,100 switchport mode trunk switchport nonegotiate channel-group 2 mode on no shut ! interface FastEthernet0/2 description Channel to ALS1 switchport trunk encapsulation dot1q switchport trunk native vlan 900 switchport trunk allowed vlan 10,20,30,100 switchport mode trunk switchport nonegotiate channel-group 2 mode on no shut ! interface FastEthernet0/3 description Channel to DLS1 switchport trunk encapsulation dot1q switchport trunk native vlan 900 switchport trunk allowed vlan 10,20,30,50,100,200 switchport mode trunk switchport nonegotiate channel-group 10 mode on no shut ! interface FastEthernet0/4 description Channel to DLS1 switchport trunk encapsulation dot1q switchport trunk native vlan 900 switchport trunk allowed vlan 10,20,30,50,100,200 switchport mode trunk
CCNPv6 TSHOOT switchport nonegotiate channel-group 10 mode on no shut
! interface FastEthernet0/5 description FE to R3 no switchport ip address 172.16.2.13 255.255.255.252 speed 100 duplex full spanning-tree bpduguard enable no shutdown ! interface FastEthernet0/6 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/7 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/8 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/9 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/10 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/11 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/12 description Unused switchport access vlan 999
CCNPv6 TSHOOT switchport mode access switchport nonegotiate shutdown
! interface FastEthernet0/13 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/14 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/15 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/16 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/17 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/18 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/19 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/20 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate
CCNPv6 TSHOOT shutdown ! interface FastEthernet0/21 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/22 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/23 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/24 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface GigabitEthernet0/1 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface GigabitEthernet0/2 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface Vlan1 no ip address shutdown ! interface Vlan10 ip address 172.16.10.253 255.255.255.0 standby 10 ip 172.16.10.254 standby 10 preempt ! interface Vlan20 ip address 172.16.20.253 255.255.255.0 standby 20 ip 172.16.20.254 standby 20 priority 110 standby 20 preempt
CCNPv6 TSHOOT ! interface Vlan30 ip address 172.16.30.253 255.255.255.0 standby 30 ip 172.16.30.254 standby 30 preempt ! interface Vlan50 ip address 172.16.50.253 255.255.255.0 standby 50 ip 172.16.50.254 standby 50 priority 110 standby 50 preempt ! interface Vlan100 ip address 172.16.100.253 255.255.255.0 standby 100 ip 172.16.100.254 standby 100 preempt ! interface Vlan200 ip address 172.16.200.253 255.255.255.0 ! router ospf 1 log-adjacency-changes passive-interface default no passive-interface Vlan200 no passive-interface FastEthernet0/5 network 172.16.2.12 0.0.0.3 area 0 network 172.16.10.0 0.0.0.255 area 1 network 172.16.20.0 0.0.0.255 area 1 network 172.16.30.0 0.0.0.255 area 1 network 172.16.50.0 0.0.0.255 area 1 network 172.16.100.0 0.0.0.255 area 1 network 172.16.200.0 0.0.0.255 area 0 network 172.16.212.1 0.0.0.0 area 0 ! ip classless ip http server ip http secure-server ! ! logging source-interface Vlan100 logging 172.16.50.1 ! snmp-server community cisco RO snmp-server community san-fran RW snmp-server trap-source Vlan100 snmp-server location TSHOOT Lab Facility snmp-server contact support@tshoot.net snmp-server enable traps ospf state-change snmp-server enable traps vtp snmp-server enable traps vlancreate snmp-server enable traps vlandelete snmp-server enable traps port-security snmp-server enable traps hsrp snmp-server enable traps vlan-membership snmp-server enable traps errdisable snmp-server host 172.16.50.1 version 2c cisco ! line con 0
CCNPv6 TSHOOT exec-timeout 60 0 login authentication CONSOLE logging synchronous line vty 0 4 exec-timeout 60 0 transport input telnet ssh line vty 5 15 no transport input ! ntp source Vlan100 ntp server 192.168.2.1 end
Router R1SBA Base (no errors)

!Router R1 SBA Base Config ! hostname R1 ! service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! logging buffered 16384 debugging enable secret ciscoenpa55 ! username admin secret adminpa55 ! banner motd $*** Router R1 SBA Base Config ***$ ! no ip domain lookup ! aaa new-model aaa authentication login default local aaa authentication login CONSOLE none aaa authorization exec default local ! ip domain name tshoot.net ! crypto key zeroize rsa crypto key generate rsa general-keys modulus 1024 ! file prompt quiet archive log config logging size 50 notify syslog hidekeys path tftp://172.16.50.1/$h-archive-config write-memory ! ip telnet source-interface Loopback0 ip ssh source-interface Loopback0 ! interface Loopback0 description OSPF router ID ip address 192.168.1.1 255.255.255.255
CCNPv6 TSHOOT ip ospf network point-to-point ! interface FastEthernet0/0 no ip address shutdown ! interface FastEthernet0/1 description FE to DLS1 ip address 172.16.2.2 255.255.255.252 ip flow ingress speed 100 full-duplex no shutdown ! interface Serial0/0/0 description WAN link to ISP R2 ip address 209.165.200.225 255.255.255.252 ip flow ingress encapsulation ppp clock rate 128000 no shutdown ! interface Serial0/0/1 shutdown ! router ospf 1 log-adjacency-changes passive-interface default no passive-interface FastEthernet0/1 no passive-interface Loopback0 network 172.16.2.0 0.0.0.3 area 0 network 192.168.1.1 0.0.0.0 area 0 default-information originate always ! router bgp 65501 no synchronization bgp log-neighbor-changes neighbor 192.168.2.1 remote-as 65502 neighbor 192.168.2.1 ebgp-multihop 2 neighbor 192.168.2.1 update-source Loopback0 no auto-summary ! ip route 192.168.2.1 255.255.255.255 209.165.200.226 ! ip http server no ip http secure-server ! ip flow-export source Loopback0 ip flow-export version 5 ip flow-export destination 172.16.50.1 9996 ! logging source-interface Loopback0 logging 172.16.50.1 ! snmp-server community cisco RO snmp-server community san-fran RW snmp-server trap-source Loopback0 snmp-server location TSHOOT Lab Facility
CCNPv6 TSHOOT snmp-server contact support@tshoot.net snmp-server enable traps ospf state-change snmp-server enable traps flash insertion removal snmp-server enable traps config snmp-server enable traps cpu threshold snmp-server host 172.16.50.1 version 2c cisco ! line con 0 exec-timeout 60 0 login authentication CONSOLE logging synchronous line vty 0 4 exec-timeout 60 0 transport input telnet ssh ! ntp source Loopback0 ntp update-calendar ntp server 192.168.2.1 end

!Router R2 SBA Base Config ! service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! Hostname R2 ! logging buffered 16384 debugging enable secret ciscoenpa55 ! username admin secret adminpa55 ! banner motd $*** Router R2 SBA Base Config ***$ ! no ip domain lookup ! aaa new-model aaa authentication login default local aaa authentication login CONSOLE none aaa authorization exec default local ! ip domain name tshoot.net ! crypto key zeroize rsa crypto key generate rsa general-keys modulus 1024 ! file prompt quiet archive log config logging size 50 notify syslog hidekeys path tftp://172.16.50.1/$h-archive-config write-memory
CCNPv6 TSHOOT ! ip telnet source-interface Loopback0 ip ssh source-interface Loopback0 ! interface Loopback0 description BGP router ID ip address 192.168.2.1 255.255.255.255 ! interface Loopback1 description Simulated Internet address ip address 172.30.1.1 255.255.255.255 ! interface FastEthernet0/0 shutdown ! interface FastEthernet0/1 shutdown ! interface Serial0/0/0 description WAN link to R1 T1 leased line ip address 209.165.200.226 255.255.255.252 encapsulation ppp no shutdown ! interface Serial0/0/1 shutdown router bgp 65502 no synchronization bgp log-neighbor-changes network 0.0.0.0 neighbor 192.168.1.1 remote-as 65501 neighbor 192.168.1.1 ebgp-multihop 2 neighbor 192.168.1.1 update-source Loopback0 no auto-summary ! ip route 0.0.0.0 0.0.0.0 null0 ip route 192.168.1.1 255.255.255.255 209.165.200.225 ip route 172.16.0.0 255.255.0.0 209.165.200.225 ! ip http server no ip http secure-server ! logging source-interface Loopback0 logging 172.16.50.1 snmp-server community cisco RO snmp-server community san-fran RW snmp-server trap-source Loopback0 snmp-server location TSHOOT Lab Facility snmp-server contact support@tshoot.net snmp-server enable traps flash insertion removal snmp-server enable traps config snmp-server enable traps cpu threshold snmp-server host 172.16.50.1 version 2c cisco ! line con 0 exec-timeout 60 0 logging synchronous
CCNPv6 TSHOOT login authentication CONSOLE line vty 0 4 exec-timeout 60 0 transport input telnet ssh ! ntp master 3 end

!Router R3 SBA Base Config ! service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! hostname R3 ! logging buffered 16384 debugging enable secret ciscoenpa55 ! username admin secret adminpa55 ! banner motd $*** Router R3 SBA Base Config ***$ ! aaa new-model aaa authentication login default local aaa authentication login CONSOLE none aaa authorization exec default local ! no ip domain lookup ip domain name tshoot.net ! crypto key zeroize rsa crypto key generate rsa general-keys modulus 1024 ! ip dhcp excluded-address 172.16.80.1 ip dhcp excluded-address 172.16.80.129 ! ip dhcp pool R3-B1 network 172.16.80.0 255.255.255.128 default-router 172.16.80.1 domain-name tshoot.net ! ip dhcp pool R3-B2 network 172.16.80.128 255.255.255.128 default-router 172.16.80.129 domain-name tshoot.net ! file prompt quiet archive log config logging size 50 notify syslog hidekeys path tftp://172.16.50.1/$h-archive-config write-memory
CCNPv6 TSHOOT ! ip telnet source-interface Loopback0 ip ssh source-interface Loopback0 ! interface Loopback0 description OSPF router ID ip address 172.16.203.1 255.255.255.255 ip ospf network point-to-point ! interface Loopback1 description simulated R3 Branch 2 LAN subnet ip address 172.16.80.129 255.255.255.128 ! interface FastEthernet0/0 description FE to R3 Branch 1 LAN ip address 172.16.80.1 255.255.255.128 ip flow ingress speed 100 full-duplex no shutdown ! interface FastEthernet0/1 description FE to DLS2 ip address 172.16.2.14 255.255.255.252 ip flow ingress speed 100 full-duplex no shutdown ! interface Serial0/0/0 shutdown ! interface Serial0/0/1 shutdown ! router eigrp 100 redistribute ospf 1 metric 1544 2000 255 1 1500 passive-interface default no passive-interface FastEthernet0/0 no passive-interface loopback1 network 172.16.80.0 0.0.0.127 network 172.16.80.128 0.0.0.127 no auto-summary ! router ospf 1 log-adjacency-changes redistribute eigrp 100 metric 100 subnets passive-interface default no passive-interface FastEthernet0/1 network 172.16.2.12 0.0.0.3 area 0 network 172.16.203.1 0.0.0.0 area 0 ! ip http server no ip http secure-server ! ip flow-export source Loopback0 ip flow-export version 5 ip flow-export destination 172.16.50.1 9996
CCNPv6 TSHOOT ! logging source-interface Loopback0 logging 172.16.50.1 ! snmp-server community cisco RO snmp-server community san-fran RW snmp-server trap-source Loopback0 snmp-server location TSHOOT Lab Facility snmp-server contact support@tshoot.net snmp-server enable traps eigrp snmp-server enable traps flash insertion removal snmp-server enable traps config snmp-server enable traps cpu threshold snmp-server host 172.16.50.1 version 2c cisco ! line con 0 exec-timeout 60 0 login authentication CONSOLE line vty 0 4 exec-timeout 60 0 transport input telnet ssh ! ntp source Loopback0 ntp update-calendar ntp server 192.168.2.1 end
SBA DevicesError Configurations

Note: The errors in the configurations are commented and highlighted as red text.
Switch ALS1SBA Error Config

!Switch ALS1 SBA Error Config ! hostname ALS1 ! service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! logging buffered 16384 enable secret ciscoenpa55 ! username admin secret adminpa55 ! banner motd $*** Switch ALS1 SBA Error Config ***$ ! ip dhcp snooping vlan 10 ip dhcp snooping no ip domain lookup ! aaa new-model aaa authentication login default local aaa authentication login CONSOLE none aaa authorization exec default local ! system mtu routing 1500
CCNPv6 TSHOOT ! vtp domain TSHOOT vtp mode transparent ! ip subnet-zero ip domain name tshoot.net ! crypto key zeroize rsa crypto key generate rsa general-keys modulus 1024 ! archive log config logging size 50 notify syslog hidekeys path tftp://172.16.50.1/$h-archive-config write-memory file prompt quiet spanning-tree mode mst spanning-tree portfast default ! interface Vlan1 no ip address shutdown ! vlan 10 name OFFICE ! vlan 20 name VOICE ! vlan 30 name GUEST ! vlan 100 name MGMT ! vlan 900 name NATIVE ! vlan 999 name UNUSED ! ip telnet source-interface Vlan100 ip ssh source-interface Vlan100 ! interface Port-channel1 description Channel to DLS1 no shutdown ! interface Port-channel2 description Channel to DLS2 no shutdown ! interface FastEthernet0/1 description Channel to DLS1 switchport trunk native vlan 900 Error: Incorrect spanning tree mode (MST) is configured and does not match DLS1 and DLS2 (RPVST). spanning-tree mode rapid-pvst
Page 38 of 62
CCNPv6 TSHOOT switchport trunk allowed vlan 20,30,100 switchport mode trunk switchport nonegotiate channel-group 1 mode on ip dhcp snooping trust no shutdown
Error: Trunk ports Fa0/1 and Fa0/2 (Po1) do not allow VLAN 10 (PC-B Office VLAN). interface po1 switchport trunk allowed vlan add 10
! interface FastEthernet0/2 description Channel to DLS1 switchport trunk native vlan 900 switchport trunk allowed vlan 20,30,100 switchport mode trunk switchport nonegotiate channel-group 1 mode on ip dhcp snooping trust no shutdown ! interface FastEthernet0/3 description Channel to DLS2 switchport trunk native vlan 900 switchport trunk allowed vlan 10,20,30,100 switchport mode trunk switchport nonegotiate channel-group 2 mode on ip dhcp snooping trust no shutdown ! interface FastEthernet0/4 description Channel to DLS2 switchport trunk native vlan 900 switchport trunk allowed vlan 10,20,30,100 switchport mode trunk switchport nonegotiate channel-group 2 mode on ip dhcp snooping trust no shutdown ! interface FastEthernet0/5 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/6 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown interface FastEthernet0/7 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown !
Page 39 of 62
CCNPv6 TSHOOT interface FastEthernet0/8 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/9 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/10 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/11 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/12 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/13 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/14 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/15 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/16 description Unused
! interface FastEthernet0/17 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/18 description To PC-B switchport access vlan 10 switchport mode access switchport voice vlan 20 spanning-tree portfast switchport port-security switchport port-security maximum 2 switchport port-security violation shutdown switchport port-security mac-address sticky no shut ! interface FastEthernet0/19 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/20 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/21 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/22 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/23 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown
CCNPv6 TSHOOT ! interface FastEthernet0/24 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface gigabitethernet0/1 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface gigabitethernet0/2 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface Vlan100 ip address 172.16.100.1 255.255.255.0 no shutdown ! ip default-gateway 172.16.100.254 ! ip http server ip http secure-server ! logging source-interface Vlan100 logging 172.16.50.1 ! snmp-server community cisco RO snmp-server community san-fran RW snmp-server trap-source Vlan100 snmp-server location TSHOOT Lab Facility snmp-server contact support@tshoot.net snmp-server host 172.16.50.1 version 2c cisco snmp-server enable traps vtp snmp-server enable traps vlancreate snmp-server enable traps vlandelete snmp-server enable traps port-security snmp-server enable traps vlan-membership ! line con 0 exec-timeout 60 0 login authentication CONSOLE logging synchronous line vty 0 4 exec-timeout 60 0 transport input telnet ssh line vty 5 15 no transport input ! ntp source Vlan100 ntp server 192.168.2.1
CCNPv6 TSHOOT end
Switch DLS1SBA Error Config

!Switch DLS1 SBA Error Config ! hostname DLS1 ! service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! logging buffered 16384 enable secret ciscoenpa55 ! username admin secret adminpa55 banner motd $*** Switch DLS1 SBA Error Config ***$ ! ip dhcp relay information trust-all ! no ip domain lookup ! aaa new-model aaa authentication login default local aaa authentication login CONSOLE none aaa authorization exec default local ! system mtu routing 1500 ! vtp domain TSHOOT vtp mode transparent ! ip subnet-zero ip routing ! ip domain name tshoot.net ! ip dhcp excluded-address 172.16.1.252 172.16.10.254 ip dhcp excluded-address 172.16.20.252 172.16.20.254 ip dhcp excluded-address 172.16.30.252 172.16.30.254 ! ip dhcp pool OFFICE network 172.16.10.0 255.255.255.0 default-router 172.16.10.254 domain-name tshoot.net ! ip dhcp pool VOICE network 172.16.20.0 255.255.255.0 default-router 172.16.20.254 domain-name tshoot.net ! ip dhcp pool GUEST network 172.16.30.0 255.255.255.0 default-router 172.16.30.254 domain-name tshoot.net !
Error: DHCP excluded range overlaps with OFFICE pool. no ip dhcp excluded-address 172.16.1.252 172.16.10.254 ip dhcp excluded-address 172.16.10.252 172.16.10.254
Page 43 of 62
CCNPv6 TSHOOT crypto key zeroize rsa crypto key generate rsa general-keys modulus 1024 ! errdisable recovery cause bpduguard ! archive log config logging size 50 notify syslog hidekeys path tftp://172.16.50.1/$h-archive-config write-memory file prompt quiet ! spanning-tree mode rapid-pvst ! spanning-tree vlan 10,30,100 priority 24576 spanning-tree vlan 20,50 priority 28672 ! vlan 10 name OFFICE ! vlan 20 name VOICE ! vlan 30 name GUEST ! vlan 50 name SERVERS ! ! Error: Management VLAN 100 is not ! defined. vlan 200 name TRANS vlan 100 ! name MGMT vlan 900 name NATIVE ! vlan 999 name UNUSED ! ip telnet source-interface Vlan100 ip ssh source-interface Vlan100 ! interface Loopback0 description OSPF router ID ip address 172.16.211.1 255.255.255.255 ip ospf network point-to-point ! interface Port-channel1 description Channel to ALS1 no shut ! interface Port-channel10 description Channel to DLS2 no shut !
CCNPv6 TSHOOT interface FastEthernet0/1 description Channel to ALS1 switchport trunk encapsulation dot1q switchport trunk native vlan 900 switchport trunk allowed vlan 10,20,30,100 switchport mode trunk switchport nonegotiate channel-group 1 mode on no shut ! interface FastEthernet0/2 description Channel to ALS1 switchport trunk encapsulation dot1q switchport trunk native vlan 900 switchport trunk allowed vlan 10,20,30,100 switchport mode trunk switchport nonegotiate channel-group 1 mode on no shut ! interface FastEthernet0/3 description Channel to DLS2 switchport trunk encapsulation dot1q switchport trunk native vlan 900 switchport trunk allowed vlan 10,20,30,50,100,200 switchport mode trunk switchport nonegotiate channel-group 10 mode on no shut ! interface FastEthernet0/4 description Channel to DLS2 switchport trunk encapsulation dot1q switchport trunk native vlan 900 switchport trunk allowed vlan 10,20,30,50,100,200 switchport mode trunk switchport nonegotiate channel-group 10 mode on no shut ! interface FastEthernet0/5 description FE to R1 no switchport ip address 172.16.2.1 255.255.255.252 speed 100 duplex full no shut ! interface FastEthernet0/6 description FE to SRV1 switchport access vlan 50 switchport mode access switchport nonegotiate spanning-tree portfast no shut ! interface FastEthernet0/7 description Unused
CCNPv6 TSHOOT ! interface FastEthernet0/24 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface gigabitethernet0/1 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface gigabitethernet0/2 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface Vlan1 no ip address shutdown ! interface Vlan10 ip address 172.16.10.252 255.255.255.0 standby 10 ip 172.16.10.254 standby 10 priority 110 standby 10 preempt ! interface Vlan20 ip address 172.16.20.252 255.255.255.0 standby 20 ip 172.16.20.254 standby 20 preempt ! interface Vlan30 ip address 172.16.30.252 255.255.255.0 standby 30 ip 172.16.30.254 standby 30 priority 110 standby 30 preempt ! interface Vlan50 ip address 172.16.50.252 255.255.255.0 standby 50 ip 172.16.50.254 standby 50 preempt ! interface Vlan100 ip address 172.16.100.252 255.255.255.0 standby 100 ip 172.16.100.254 standby 100 priority 110 standby 100 preempt ! interface Vlan200 ip address 172.16.200.252 255.255.255.0 ! router ospf 1
CCNPv6 TSHOOT log-adjacency-changes passive-interface default no passive-interface Vlan200 no passive-interface FastEthernet0/5 network 172.16.2.0 0.0.0.3 area 0 network 172.16.10.0 0.0.0.255 area 1 network 172.16.20.0 0.0.0.255 area 1 network 172.16.30.0 0.0.0.255 area 1 network 172.16.50.0 0.0.0.255 area 1 network 172.16.100.0 0.0.0.255 area 1 network 172.16.200.0 0.0.0.255 area 0 network 172.16.211.1 0.0.0.0 area 0
! ip classless ip http server ip http secure-server ! logging source-interface Vlan100 logging 172.16.50.1 ! snmp-server community cisco RO snmp-server community san-fran RW snmp-server trap-source Vlan100 snmp-server location TSHOOT Lab Facility snmp-server contact support@tshoot.net snmp-server host 172.16.50.1 version 2c cisco snmp-server enable traps ospf state-change snmp-server enable traps vtp snmp-server enable traps vlancreate snmp-server enable traps vlandelete snmp-server enable traps port-security snmp-server enable traps config snmp-server enable traps hsrp snmp-server enable traps vlan-membership snmp-server enable traps errdisable ! line con 0 exec-timeout 60 0 login authentication CONSOLE logging synchronous line vty 0 4 exec-timeout 60 0 transport input telnet ssh line vty 5 15 no transport input ! ntp source Vlan100 ntp server 192.168.2.1 end
Switch DLS2SBA Error Config

!Switch DLS2 SBA Error Config ! hostname DLS2 ! service timestamps debug datetime msec
CCNPv6 TSHOOT service timestamps log datetime service password-encryption ! logging buffered 16384 enable secret ciscoenpa55 ! username admin secret adminpa55 ! banner motd $*** Switch DLS2 SBA Error Config ***$ ! ip dhcp relay information trust-all ! no ip domain lookup ! aaa new-model aaa authentication login default local aaa authentication login CONSOLE none aaa authorization exec default local ! system mtu routing 1500 ! vtp domain TSHOOT vtp mode transparent ! ip subnet-zero ip routing ip domain name tshoot.net ! crypto key zeroize rsa crypto key generate rsa general-keys modulus 1024 ! ! archive log config logging size 50 notify syslog hidekeys path tftp://172.16.50.1/$h-archive-config write-memory file prompt quiet ! spanning-tree mode rapid-pvst ! spanning-tree vlan 10,30,100 priority 28672 spanning-tree vlan 20,50 priority 24576 ! vlan 10 name OFFICE ! vlan 20 name VOICE ! vlan 30 name GUEST ! vlan 50 name SERVERS !
CCNPv6 TSHOOT vlan 100 name MGMT ! vlan 200 name TRANS ! vlan 900 name NATIVE ! vlan 999 name UNUSED ! ip telnet source-interface Vlan100 ip ssh source-interface Vlan100 ! interface Loopback0 description OSPF router ID ip address 172.16.212.1 255.255.255.255 ip ospf network point-to-point ! interface Port-channel2 description Channel to ALS1 no shut interface Port-channel10 description Channel to DLS1 no shut ! interface FastEthernet0/1 description Channel to ALS1 switchport trunk encapsulation isl switchport trunk native vlan 900 switchport trunk allowed vlan 10,20,30,100 switchport mode trunk switchport nonegotiate channel-group 2 mode on no shut ! interface FastEthernet0/2 description Channel to ALS1 switchport trunk encapsulation isl switchport trunk native vlan 900 switchport trunk allowed vlan 10,20,30,100 switchport mode trunk switchport nonegotiate channel-group 2 mode on no shut ! interface FastEthernet0/3 description Channel to DLS1 switchport trunk encapsulation dot1q switchport trunk native vlan 900 switchport trunk allowed vlan 10,20,30,50,100,200 switchport mode trunk switchport nonegotiate channel-group 10 mode on no shut !
Error: Trunk encapsulation on Fa0/1 and Fa0/2 is ISL and does not match ALS1 (dot1q). interface range fa0/1 - 2 switchport trunk encapsulation dot1q
Page 51 of 62
CCNPv6 TSHOOT interface FastEthernet0/4 description Channel to DLS1 switchport trunk encapsulation dot1q switchport trunk native vlan 900 switchport trunk allowed vlan 10,20,30,50,100,200 switchport mode trunk switchport nonegotiate channel-group 10 mode on no shut ! interface FastEthernet0/5 description FE to R3 no switchport ip address 172.16.2.13 255.255.255.252 speed 100 duplex full spanning-tree bpduguard enable no shutdown ! interface FastEthernet0/6 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/7 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/8 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/9 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/10 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/11 description Unused switchport access vlan 999 switchport mode access
CCNPv6 TSHOOT ! interface FastEthernet0/20 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/21 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/22 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/23 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/24 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface GigabitEthernet0/1 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface GigabitEthernet0/2 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface Vlan1 no ip address shutdown ! interface Vlan10 ip address 172.16.10.253 255.255.255.0 standby 10 ip 172.16.10.254 standby 10 preempt
CCNPv6 TSHOOT ! interface Vlan20 ip address 172.16.20.253 255.255.255.0 standby 20 ip 172.16.20.254 standby 20 priority 110 standby 20 preempt ! interface Vlan30 ip address 172.16.30.253 255.255.255.0 standby 30 ip 172.16.30.254 standby 30 preempt ! interface Vlan50 ip address 172.16.50.253 255.255.255.0 standby 50 ip 172.16.50.254 standby 50 priority 110 standby 50 preempt ! interface Vlan100 ip address 172.16.100.253 255.255.255.0 standby 100 ip 172.16.100.254 standby 100 preempt ! interface Vlan200 ip address 172.16.253.200 255.255.255.0 ! router ospf 1 log-adjacency-changes passive-interface default no passive-interface Vlan200 no passive-interface FastEthernet0/5 network 172.16.2.12 0.0.0.3 area 0 network 172.16.10.0 0.0.0.255 area 1 network 172.16.20.0 0.0.0.255 area 1 network 172.16.30.0 0.0.0.255 area 1 network 172.16.50.0 0.0.0.255 area 1 network 172.16.100.0 0.0.0.255 area 1 network 172.16.200.0 0.0.0.255 area 0 network 172.16.212.1 0.0.0.0 area 0 ! ip classless ip http server ip http secure-server ! ! logging source-interface Vlan100 logging 172.16.50.1 ! snmp-server community cisco RO snmp-server community san-fran RW snmp-server trap-source Vlan100 snmp-server location TSHOOT Lab Facility snmp-server contact support@tshoot.net snmp-server enable traps ospf state-change snmp-server enable traps vtp snmp-server enable traps vlancreate snmp-server enable traps vlandelete snmp-server enable traps port-security
Error: Interface VLAN 200 is assigned the wrong address. interface Vlan200 ip address 172.16.200.253 255.255.255.0
Page 55 of 62
CCNPv6 TSHOOT snmp-server enable traps hsrp snmp-server enable traps vlan-membership snmp-server enable traps errdisable snmp-server host 172.16.50.1 version 2c cisco ! line con 0 exec-timeout 60 0 login authentication CONSOLE logging synchronous line vty 0 4 exec-timeout 60 0 transport input telnet ssh line vty 5 15 no transport input ! ntp source Vlan100 ntp server 192.168.2.1 end
Router R1SBA Error Config

!Router R1 SBA Error Config ! hostname R1 ! service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! logging buffered 16384 debugging enable secret ciscoenpa55 ! username admin secret adminpa55 ! banner motd $*** Router R1 SBA Error Config ***$ ! no ip domain lookup ! aaa new-model aaa authentication login default local aaa authentication login CONSOLE none aaa authorization exec default local ! ip domain name tshoot.net ! crypto key zeroize rsa crypto key generate rsa general-keys modulus 1024 ! file prompt quiet archive log config logging size 50 notify syslog hidekeys path tftp://172.16.50.1/$h-archive-config write-memory !
CCNPv6 TSHOOT ip telnet source-interface Loopback0 ip ssh source-interface Loopback0 ! interface Loopback0 description OSPF router ID ip address 192.168.1.1 255.255.255.255 ip ospf network point-to-point ! interface FastEthernet0/0 no ip address shutdown ! interface FastEthernet0/1 description FE to DLS1 ip address 172.16.2.2 255.255.255.252 ip flow ingress speed 100 full-duplex no shutdown ! interface Serial0/0/0 description WAN link to ISP R2 ip address 209.165.200.225 255.255.255.252 ip flow ingress encapsulation ppp clock rate 128000 no shutdown ! interface Serial0/0/1 Error: Interface Fa0/1 network is in wrong OSPF shutdown area, and the wrong subnet is specified. ! router ospf 1 router ospf 1 log-adjacency-changes no network 172.16.2.4 0.0.0.3 area 1 passive-interface default network 172.16.2.0 0.0.0.3 area 0 no passive-interface FastEthernet0/1 no passive-interface Loopback0 network 172.16.2.4 0.0.0.3 area 1 network 192.168.1.1 0.0.0.0 area 0 ! router bgp 65501 no synchronization bgp log-neighbor-changes neighbor 192.168.2.1 remote-as 65502 neighbor 192.168.2.1 ebgp-multihop 2 neighbor 192.168.2.1 update-source Loopback0 no auto-summary ! ip route 192.168.2.1 255.255.255.255 209.165.200.226 ! ip http server no ip http secure-server ! ip flow-export source Loopback0 ip flow-export version 5 ip flow-export destination 172.16.50.1 9996 ! logging source-interface Loopback0 logging 172.16.50.1
CCNPv6 TSHOOT ! snmp-server community cisco RO snmp-server community san-fran RW snmp-server trap-source Loopback0 snmp-server location TSHOOT Lab Facility snmp-server contact support@tshoot.net snmp-server enable traps ospf state-change snmp-server enable traps flash insertion removal snmp-server enable traps config snmp-server enable traps cpu threshold snmp-server host 172.16.50.1 version 2c cisco ! line con 0 exec-timeout 60 0 login authentication CONSOLE logging synchronous line vty 0 4 exec-timeout 60 0 Error: No remote access protocol is permitted on no transport input the vty lines. ! ntp source Loopback0 line vty 0 4 ntp update-calendar transport input telnet ssh ntp server 192.168.2.1 end
Router R2 SBA Error Config

!Router R2 SBA Error Config ! service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! Hostname R2 ! logging buffered 16384 debugging enable secret ciscoenpa55 ! username admin secret adminpa55 ! banner motd $*** Router R2 SBA Error Config ***$ ! no ip domain lookup ! aaa new-model aaa authentication login default local aaa authentication login CONSOLE none aaa authorization exec default local ! ip domain name tshoot.net ! crypto key zeroize rsa crypto key generate rsa general-keys modulus 1024 ! file prompt quiet archive log config
CCNPv6 TSHOOT logging size 50 notify syslog hidekeys path tftp://172.16.50.1/$h-archive-config write-memory
! ip telnet source-interface Loopback0 ip ssh source-interface Loopback0 ! interface Loopback0 description BGP router ID ip address 192.168.2.1 255.255.255.255 ! interface Loopback1 description simulated Internet address ip address 172.30.1.1 255.255.255.255 ! interface FastEthernet0/0 shutdown ! interface FastEthernet0/1 shutdown ! interface Serial0/0/0 description WAN link to R1 T1 leased line ip address 209.165.200.226 255.255.255.252 encapsulation ppp no shutdown ! interface Serial0/0/1 shutdown
Error: Wrong BGP neighbor AS and IP address is specified and R2 not peering with R1. router bgp 65502 no neighbor 192.168.1.11 remote-as 65001
router bgp 65502 neighbor 192.168.1.1 remote-as 65501 no synchronization neighbor 192.168.1.1 ebgp-multihop 2 bgp log-neighbor-changes neighbor 192.168.1.1 update-source network 0.0.0.0 Loopback0 neighbor 192.168.1.11 remote-as 65001 neighbor 192.168.1.11 ebgp-multihop 2 neighbor 192.168.1.11 update-source Loopback0 no auto-summary ! ip route 192.168.1.1 255.255.255.255 209.165.200.225 ip route 172.16.0.0 255.255.0.0 209.165.200.225 ! ip http server Error: Default static route (0.0.0.0) to null is no ip http secure-server not present. ! logging source-interface Loopback0 ip route 0.0.0.0 0.0.0.0 null0 logging 172.16.50.1 snmp-server community cisco RO snmp-server community san-fran RW snmp-server trap-source Loopback0 snmp-server location TSHOOT Lab Facility snmp-server contact support@tshoot.net snmp-server enable traps flash insertion removal snmp-server enable traps config snmp-server enable traps cpu threshold snmp-server host 172.16.50.1 version 2c cisco
CCNPv6 TSHOOT ! line con 0 exec-timeout 60 0 logging synchronous login authentication CONSOLE line vty 0 4 exec-timeout 60 0 transport input telnet ssh ! ntp master 3 end
Router R3SBA Error Config

!Router R3 SBA Error Config ! service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! hostname R3 ! ! logging buffered 16384 debugging enable secret ciscoenpa55 ! username admin secret adminpa55 ! banner motd $*** Router R3 SBA Error Config ***$ ! aaa new-model aaa authentication login default local aaa authentication login CONSOLE none aaa authorization exec default local ! no ip domain lookup ip domain name tshoot.net ! crypto key zeroize rsa crypto key generate rsa general-keys modulus 1024 ! ip dhcp excluded-address 172.16.80.1 ip dhcp excluded-address 172.16.80.129 ! ip dhcp pool R3-B1 network 172.16.80.0 255.255.255.128 default-router 172.16.80.1 domain-name tshoot.net ! ip dhcp pool R3-B2 network 172.16.80.128 255.255.255.128 default-router 172.16.80.129 domain-name tshoot.net ! file prompt quiet archive log config
CCNPv6 TSHOOT logging size 50 notify syslog hidekeys path tftp://172.16.50.1/$h-archive-config write-memory
! ip telnet source-interface Loopback0 ip ssh source-interface Loopback0 ! interface Loopback0 description OSPF router ID ip address 172.16.203.1 255.255.255.255 ip ospf network point-to-point ! interface Loopback1 description simulated R3 Branch LAN ip address 172.16.80.129 255.255.255.128 ! interface FastEthernet0/0 description FE to R3 Branch LAN ip address 172.16.80.1 255.255.255.128 ip flow ingress speed 100 full-duplex no shutdown ! interface FastEthernet0/1 description FE to DLS2 ip address 172.16.2.14 255.255.255.252 ip flow ingress speed 100 full-duplex no shutdown ! interface Serial0/0/0 shutdown ! interface Serial0/0/1 shutdown ! router eigrp 100 redistribute ospf 1 metric 1544 2000 255 1 1500 passive-interface default no passive-interface FastEthernet0/1 no passive-interface loopback1 network 172.16.80.128 0.0.0.127 no auto-summary ! Error: The PC-C LAN (172.16.80.0/25) is not router ospf 1 advertised under EIGRP. log-adjacency-changes router eigrp 100 redistribute eigrp 100 metric 100 subnets network 172.16.80.0 0.0.0.127 passive-interface default no passive-interface FastEthernet0/1 network 172.16.2.12 0.0.0.3 area 0 network 172.16.203.1 0.0.0.0 area 0 ! ip http server no ip http secure-server
CCNPv6 TSHOOT ! ip flow-export source Loopback0 ip flow-export version 5 ip flow-export destination 172.16.50.1 9996 ! logging source-interface Loopback0 logging 172.16.50.1 ! snmp-server community cisco RO snmp-server community san-fran RW snmp-server trap-source Loopback0 snmp-server location TSHOOT Lab Facility snmp-server contact support@tshoot.net snmp-server enable traps eigrp snmp-server enable traps flash insertion removal snmp-server enable traps config snmp-server enable traps cpu threshold snmp-server host 172.16.50.1 version 2c cisco ! line con 0 exec-timeout 60 0 login authentication CONSOLE line vty 0 4 exec-timeout 60 0 transport input telnet ssh ! ntp source Loopback0 ntp update-calendar ntp server 192.168.1.2 end Error: IP address referencing the R2 NTP server is incorrect. ntp server 192.168.2.1
Page 62 of 62

Ccnpv6 Tshoot Sba Stud Ans Key

Uploaded by

Document Information

Original Description:

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Ccnpv6 Tshoot Sba Stud Ans Key

Uploaded by

Copyright:

Available Formats

CCNPv6 TSHOOT

Skills-Based Assessment Answer Key

Device Interfaces and Links Table

Step 1: Verify connectivity with the TFTP server SRV1.

Step 2: Verify the TFTP server configuration.

Step 3: Copy the TFTP server SBA error file to flash.

Step 2: Erase the startup config from NVRAM.

Step 3: Delete the VLAN database from flash (switches only).

Step 7: Copy the running config to the startup config.

Step 10: Configure the PCs.

Part 2: Troubleshoot the Errors Introduced

Step 1: Perform connectivity tests.

Network Connectivity Test Table

Step 2: Document, resolve, and verify the issues discovered.

Problem Resolution and Verification Table

show vlan brief show ip interface brief

show ip dhcp pool

show ip interface brief show ip ospf neighbor

interface Po2 switchport trunk encapsulation dot1q

show interfaces trunk

show ip ospf neighbor show ip ospf interface brief

show line vty 0

no ntp server 192.168.1.2 ntp server 192.168.2.1

show ntp associations

Step 3: Demonstrate basic network connectivity after correcting errors.

Ping Test Table

Step 4: Demonstrate Telnet and SSH connectivity.

Remote Access Test Table

Step 5: Demonstrate NTP functionality.

NTP Synchronization Table

Step 6: Demonstrate network redundancy for PC-B after correcting errors.

STP Redundancy Test Table

Router Interface Summary Table

SBA DevicesBase Configurations (instructor version)

Switch ALS1SBA Base (no errors)

CCNPv6 TSHOOT switchport nonegotiate shutdown

Switch DLS1SBA Base (no errors)

CCNPv6 TSHOOT channel-group 1 mode on no shut

CCNPv6 TSHOOT switchport nonegotiate shutdown

Switch DLS2SBA Base (no errors)

CCNPv6 TSHOOT switchport nonegotiate channel-group 10 mode on no shut

CCNPv6 TSHOOT switchport mode access switchport nonegotiate shutdown

Router R1SBA Base (no errors)

Router R2SBA Base (no errors)

Router R3SBA Base (no errors)

SBA DevicesError Configurations

Switch ALS1SBA Error Config

CCNPv6 TSHOOT end

Switch DLS1SBA Error Config

CCNPv6 TSHOOT switchport nonegotiate shutdown

Switch DLS2SBA Error Config

CCNPv6 TSHOOT switchport nonegotiate shutdown

Router R1SBA Error Config

Router R2 SBA Error Config

Router R3SBA Error Config

You might also like