Hacking Cisco OSPF Lab1 2 Breakdown

8/13/2019 Hacking Cisco OSPF Lab1 2 Breakdown

http://slidepdf.com/reader/full/hacking-cisco-ospf-lab1-2-breakdown 1/12

DisclaimerThe author will not assume any liability or responsibility to any person or entity with respect to loss or damagesincurred from information contained in this document. Any resemblance to other training materials and/or CCIEexam is completely coincidental.

Lab 1 – OSPF Point-to-Point Mode

Cisco IOS OSPF modes of operation:1. Point-to-point (Cisco)2. Broadcast (Cisco)3. Non-broadcast ( FC 232!)". Point-to-m#$tipoint ( FC 232!)%. Point-to-m#$tipoint non-broadcast (Cisco)

Pic. 1 & OSPF Point-to-Point 'opo$o .

Task 1Confi #re IP addresses on R1 and R2 accordin to t*e topo$o (pic. 1). +se defa#$tencaps#$ation on Seria$ Interfaces and ens#re t*e point-to-point connecti,it bet een ro#ters.

Task 2nab$e OSPF area / on R1 and R2 in order to pro,ide connecti,it bet een t*e ro#ter0soopbac / interfaces. $$ IP addresses s*o#$d be ad,ertised into OSPF it* t*eir ori ina$

net or mas s (42").

1Cop ri *t 5 6are e 2/11




Lab 1 – OSPF Point-to-Point Mode - Solution

Task 1Configure IP addresses on R1 and R2 according to the topology (pic. !. "se defaultencapsulation on #erial Interfaces and ensure the point$to$point connecti%ity between routers.

R1 Confi #ration:

!interface Loopback0

ip address 10.1.1.1 255.255.255.0!interface Serial0/0

ip address 10.1.12.1 255.255.255.07

R2 Confi #ration:


ip address 10.1.2.2 255.255.255.0!interface Serial0/0

ip address 10.1.12.2 255.255.255.07

Verification:

Pic. 2 & Pin 'est.

Note'*e defa#$t encaps#$ation on Seria$ interfaces is 89 C. Since t*is $ab #ses t*e ro#ter em#$ator9 namips t*e c$oc rate is not necessar to confi #re.

9 namips can be do n$oaded at:*ttp:44d na en.or


http://dynagen.org/

http://dynagen.org/




Task 2

Enable &#P' area on R1 and R2 in order to pro%ide connecti%ity between the router)s*oopbac+ interfaces. All IP addresses should be ad%ertised into &#P' with their originalnetwor+ mas+s (/,-!.

R1 Confi #ration:


ip address 10.1.1.1 255.255.255.0ip ospf network point-to-point

!router ospf 1

log-adjacency-changesnetwork 10.1.1.1 0.0.0.0 area 0network 10.1.12.1 0.0.0.0 area 0

7

R2 Confi #ration:



7router ospf 1

log-adjacency-changesnetwork 10.1.2.2 0.0.0.0 area 0network 10.1.12.2 0.0.0.0 area 0

7

Noteoopbac interfaces are considered st#b net or s and are ad,ertised into OSPF it* 432

net or mas b defa#$t. In order to ad,erise t*em it* t*eir confi #red net or mas$en t* t*e 0 ip ospf network point-to-point 0 e ord is #sed.

Verification:

Pic. 3 & OSPF nab$ed Interfaces on 1.





Bot* Seria$/4/ and oopbac / are OSPF enab$ed. One nei *bor *as been disco,ered on

Seria$/4/ and is no ad;acent.

'*e ne<t command s*o s t*e state of t*e nei *bor ad;acenc bet een R1 and R2 . Note t*enei *bor0s I9 and t*e full state accomp$is*ed bet een bot* ro#ters.

Pic. " & OSPF d;acenc State.

F#$$ state indicates t*at t*e S9Bs bet een R1 and R2 are s nc*roni=ed. In order to ,erift*is ta e a $oo at t*e topo$o and iss#e t*e fo$$o in command:

Pic. % & OSPF 9atabase in 1.

eca$$ t*at in OSPF protoco$ point-to-point interfaces co#nt as t o $in s ($in >interface). '*eo#tp#t s*o s t*ree $in s bein ad,ertised b bot* R1 and R2 (Seria$/4/>2 $in s ?

oopbac />1 $in ).

Bot* ro#ters are members of t*e same OSPF area /. So t*ese $in s are ad,ertised as S 1( Router in State).

S ad,ertisements create in State 9atabase ( S9B) in OSPF. '*e 9i; stra0s S*ortest Pat*first a$ orit*m r#ns t ice t*ro# * t*is database (branc* ca$c#$ation and fina$ destinationca$c#$ation) in order to determine t*e best pat* to ards eac* and e,er $in ad,ertised b t*ero#ters. '*e metric #ses t*e concept of t*e cost and accordin to t*e form#$a:

!ost " 1#$% & band'idt()of)t(e)link *in b+s,

"Cop ri *t 5 6are e 2/11




oo at t*e o#tp#t be$o .

Pic. @ & OSPF Band idt* of Seria$/4/ Interface.

'*e parameter *i *$i *ted (BA) pro,ides information abo#t t*e contro$$er band idt* (#n$ess

c*an ed man#a$$ ). OSPF #ses t*is n#mber to ca$c#$ate t*e cost of t*e interface *ic* i$$ bead,ertised to OSPF nei *bors. '*e defa#$t band idt* of t*e interface can be c*an ed man#a$$#sin t*e 0 bandwidth 0 statement in t*e interface confi #ration conte<t.

+sin t*e band idt* presented (pic. @) t*e cost of t*is $in is ca$c#$ated as fo$$o s:

!ost " 1##.###.### & 1./00.### " 0.

'*e ro#nded #p res#$t assi ns t*e cost of 0 to Seria$/4/.

Pic. & OSPF Cost of Seria$/4/.

'*ere are t*ree ma;or a s of inf$#encin t*e OSPF cost of t*e interface:

1. +se 0 bandwidth 0 command in t*e interface confi #ration conte<t.2. C*an e t*e reference band idt* (01/ !0 parameter) *ic* b defa#$t #ses 1//Dbps

(t*e ,a$#e 1// is #sed). '*e command c*an in t*e reference band idt* 0 auto-costreference-bandwidth 0 or s in OSPF ro#ter confi #ration .

3. +se t*e 0 ip ospf cost 0 command in t*e interface confi #ration conte<t.

%Cop ri *t 5 6are e 2/11




t*oro# * S9B inspection s*o s a$$ S s (ro#ter S s) ad,ertised b R2 :

Pic. ! & o#tin 'ab$e and Pin 'est in 1.

Note

S9B #ses t*e best (t*e $east cost) pat*s and pop#$ates t*em in t*e o#tin InformationBase ( IB) common$ referred to as t*e ro#tin tab$e.

@Cop ri *t 5 6are e 2/11




'*e ro#tin tab$e $oo s as s*o n be$o :

Pic. E & OSPF o#tin 'ab$e in 1.

OSPF Dodes of operation detai$s in a n#ts*e$$:

3nterface T4+e 5efault OSPF6ode

Nei7(bor5isco8er4

5R&95Rlection

MulticastSu++ort

*220 # # /,

;ello & 5ead3nter8als *sec ,

t*ernet4Fastt*ernet Broadcast D#$ticast (*e$$o) es es 1/s 4 "/s

Seria$/4/ (P2PProtoco$s) Point-to-Point D#$ticast (*e$$o) No es 1/s 4 "/s

Seria$/4/ (Frame-e$a ) NBD Dan#a$

(Nei *bor) es No 3/s 4 12/s

S/4/.1 D#$tipoint(Frame- e$a ) NBD Dan#a$

(Nei *bor) es No 3/s 4 12/s

S/4/.1 point-to-point Point D#$ticast (*e$$o) No es 1/s 4 "/s

OSPF D#$ticast ddresses:• 220 # # / & OSPF o#ter ddress• 220 # # & 9 4B9 ddress

Cop ri *t 5 6are e 2/11




Lab 2 – OSPF Point-to-Point Mode

Cisco IOS OSPF modes of operation:1. Point-to-point (Cisco)2. Broadcast (Cisco)3. Non-broadcast ( FC 232!)". Point-to-m#$tipoint ( FC 232!)%. Point-to-m#$tipoint non-broadcast (Cisco)

Pic. 1 & OSPF Point-to-Point 'opo$o .

Task 1+sin t*e IP addressin s*o n in t*e topo$o dia ram (pic.1) confi #re OSPF on a$$

interfaces of t*e ro#ters pict#red. Da e s#re t*at t*e oopbac interfaces are ad,ertised it*t*eir confi #red net or mas (42") and t*at t*e OSPF ro#ter I9s fo$$o t*e dia ram. R1s*o#$d be e$ected as 9 and R2 as t*e B9 on t*e s#bnet 1/.1.1./42". +se t*e defa#$t OSPFmode of operation.

!Cop ri *t 5 6are e 2/11




Lab 2 – OSPF Point-to-Point Mode - Solution

Task 1"sing the IP addressing shown in the topology diagram (pic. ! configure &#P' on allinterfaces of the routers pictured. a+e sure that the *oopbac+ interfaces are ad%ertised withtheir configured networ+ mas+ (/,-! and that the &#P' router I0s follow the diagram. R1should be elected as 01 and R2 as the 201 on the subnet . . . /,-. "se the default &#P'mode of operation.

R1 Confi #ration:


ip address 172.16.101.1 255.255.255.0ip ospf network point-to-point!interface Ethernet0/0

ip address 10.1.1.1 255.255.255.0ip ospf priority 10

!router ospf 1

router-id 1.1.1.1log-adjacency-changesnetwork 10.1.1.1 0.0.0.0 area 0network 172.16.101.1 0.0.0.0 area 0

!

R2 Confi #ration:



!interface Ethernet0/0

ip address 10.1.1.2 255.255.255.0 ip ospf priority 5!router ospf 1


!

ECop ri *t 5 6are e 2/11




R< Confi #ration:




ip address 10.1.1.3 255.255.255.0!router ospf 1


!

R0 Confi #ration:




ip address 10.1.1.4 255.255.255.0!router ospf 1


7

Verification:

Pic. 2 & 10s OSPF Nei *bors.

ccordin t*e t*e o#tp#t (pic. 2) R2 is B9 R< and R0 are 9 O'8 s. '*is $eads #s tobe$ie,e t*at R1 m#st be t*e 9 on 1/.1.1./42" s#bnet. G#ic c*ec can pro,e t*at:

1/Cop ri *t 5 6are e 2/11




Pic. 3 & 9 on 1/.1.1./42" S#bnet.

n OSPF state t*at e e<pect to see is 0F#$$0. 8o e,er on broadcast and NBD net or sro#ters reac* t*e 0F#$$0 state it* 9 and B9 on$ . So in o#r case R< and R0 (bot*

9 O'8 ) i$$ end #p at 2 a state *ic* is e<pected. oot at t*e o#tp#t be$o :

Pic. " & "0s OSPF Nei *bor d;acencies.

Since t*e tas stip#$ated t*at oopbac addresses s*o#$d be ad,ertised it* t*eir ori ina$net or mas $en t* (42") t*e $ast step i$$ be a G#ic pee at t*e ro#tin tab$e.

Pic. % & 10s o#tin 'ab$e.





NoteIf t*e OSPF ro#ter I9 is not confi #red man#a$$ t*e I9 is c*osen based on t*e fo$$o inorder:

1. '*e *i *est IP address of t*e oopbac interface.2. In case t*ere is no oopbac interface confi #red t*e *i *est IP address of t*e

p* sica$ interface becomes t*e OSPF ro#ter I9.

Once t*e OSPF ro#ter pic s its I9 it is not eas to c*an e it. '*ere are t o ma;or a s ofc*an in t*e OSPF I9:

1. Confi #re oopbac address t*at is s#pposed to be t*e OSPF I9. '*en for t*is c*an eto ta e effect a re$oad of t*e ro#ter is reG#ired.

2. Dan#a$$ confi #re an OSPF ro#ter I9 and 0 clear ip ospf process' .

NoteIf a broadcast or NBD s#bnet4net or does not *a,e a 9 e$ected t*e interface it* t*e*i *est OSPF priorit is e$ected a 9 and t*e second *i *est priorit is e$ected B9 on t*isse ment (ran e /-2%%). OSPF +riorit4 # on t*e interface ma es t*is ro#ter ine$i ib$e and t*einterface cannot participate in t*e e$ection. '*e priorit n#mber is oin to inf$#ence t*ee$ection if t*ere is no 9 or B9 on t*e se ment. Once 9 4B9 are e$ected t*ese ro$es arenot preempti,e. '*is means t*at if o# introd#ce anot*er ro#ter on t*e same broadcast orNBD se ment it* t*e *i *est priorit t*is ne de,ice sti$$ becomes 9 O'8 . In case t*ec#rrent 9 is inaccessib$e t*e B9 is promoted to 9 ro$e and t*e e$ection of B9 isperformed. '*e *i *est OSPF priorit on t*e interface i$$ ma e t*is ro#ter a ne B9 .

=ut(or>s NoteI recei%ed a few emails as+ing me if I had my blog in a pdf format. "nfortunately I write my blog usingthe interface pro%ided by 3oogle (big fan of your wor+ guys4! and do not ha%e a copy of the blog. Andyou must ha%e noticed that http5//hac+ingcisco.blogspot.com is not a teaching tool or wor+boo+ per se.This is more of a systematic way of chec+ing my s+ills I ha%e obtained o%er the years. And also it is agood way of +eeping short notes which I)m happy to share with others. I hope at least some of you findthis techno$babble informati%e.

Currently I do not ha%e enough time to write more labs the way I presented them in this document. Thisis due to the fact that I wor+ (need to pay rent and pro%ide for my family! study (because I lo%e it4! andtry to ha%e a little social life at the same time. 2ut a 6ourney of a thousand miles begins with a singlestep.

If I were to create a real wor+boo+ I wonder if the approach of these two labs you ha%e 6ust read seemappropriate for the candidates who want to become true professionals. This document assumes you)re atleast CC7P and is not intended to teach things from scratch.

If you got your hands on this document and found this intriguing I would appreciate your feedbac+. Anycomments regarding this document are %ery welcome. 8ou can shoot)em at5

linuxed.jr at g m a i l dot com

Than+ you.

9are+ 1e+


http://hackingcisco.blogspot.com/

http://hackingcisco.blogspot.com/

Hacking Cisco OSPF Lab1 2 Breakdown

Documents

Transcript of Hacking Cisco OSPF Lab1 2 Breakdown