1.1.3 Lab – Troubleshoot IPv4 and IPv6 Static Routing (Answers)

1.1.3 Lab – Troubleshoot IPv4 and IPv6 Static Routing (Answers)

Instructor Note: Red font color or gray highlights indicate text that appears in the instructor copy only

Topology

1.1.3 Lab - Troubleshoot IPv4 and IPv6 Static Routing (Answers) 2

Addressing Table

Device Interface IPv4 Address/Mask IPv6 Address/Prefix IPv6 Link Local Default Gateway
R1 G0/0/0 10.10.12.1/24 2001:db8:0:12::1/64 fe80::1:1 N/A
G0/0/1 10.10.1.1/24 2001:db8:0:1::1/64 fe80::1:2
S0/1/0 N/A 2001:db8:0:13::1/64 fe80::1:3
R2 G0/0/0 10.10.12.2/24 2001:db8:0:12::2/64 fe80::2:1 N/A
G0/0/1 10.10.23.1/24 2001:db8:0:23::1/64 fe80::2:2
R3 G0/0/0 10.10.23.2/24 2001:db8:0:23::2/64 fe80::3:1 N/A
G0/0/1 10.10.3.1/24 2001:db8:0:3::1/64 fe80::3:2
S0/1/0 2001:db8:0:13::2/64 fe80::3:3
D1 VLAN 10 10.10.1.2/24 N/A N/A 10.10.1.1
D2 VLAN 10 10.10.3.2/24 N/A N/A 10.10.3.1
PC1 NIC 10.10.1.10/24 2001:db8:0:1::10/64 EUI-64/CGA 10.10.1.1   2001:db8:0:1::1
PC2 NIC 10.10.1.20/24 2001:db8:0:1::20/64 EUI-64/CGA 10.10.1.1   2001:db8:0:1::1
Web Server NIC 10.10.3.5/24 2001:db8:0:3::5/64 EUI-64/CGA 10.10.3.1   2001:db8:0:3::1
FTP Server NIC 10.10.3.20/24 2001:db8:0:3::20/64 EUI-64/CGA 10.10.3.1   2001:db8:0:3::1

Objectives

Troubleshoot network issues related to IPv4 and IPv6 static routing.

Background / Scenario

In this topology, routers R1, R2, and R3 are configured for static routing. Switches D1 and D2 provide LAN connectivity for VLAN 10 for the respective locations. You will be loading configurations with intentional errors onto the network. Your tasks are to FIND the error(s), document your findings and the command(s) or method(s) used to fix them, FIX the issue(s) presented here and then test the network to ensure both of the following conditions are met:

1) the complaint received in the ticket is resolved
2) full reachability is restored

Note: The routers used with CCNA hands-on labs are Cisco 4221 with Cisco IOS XE Release 16.9.4 (universalk9 image). The switches used in the labs are Cisco Catalyst 3560 with Cisco IOS XE Release 16.9.4 (universalk9 image). Other routers, switches, and Cisco IOS versions can be used. Depending on the model and Cisco IOS version, the commands available and the output produced might vary from what is shown in the labs. Refer to the Router Interface Summary Table at the end of the lab for the correct interface identifiers.

Note: Make sure that the switches have been erased and have no startup configurations. If you are unsure, contact your instructor.

Instructor Note: Refer to the Instructor Lab Manual for the procedures to initialize and reload devices.

Required Resources

• 3 Routers (Cisco 4221 with Cisco IOS XE Release 16.9.4 universal image or comparable)
• 2 Switches (Cisco 3650 with Cisco IOS XE Release 16.9.4 universalk9 image or comparable)
• 4 PCs (Choice of operating system with terminal emulation program installed)
• Console cables to configure the Cisco IOS devices via the console ports
• Ethernet cables as shown in the topology

Instructions

Part 1: Trouble Ticket 1.1.3.1

Scenario:

An FTP Server was recently added to the HQ network. The FTP Server is accessible from all devices in the HQ network. Branch network hosts PC1 and PC2 are able to connect to the Web Server but are unable to connect to the FTP Server using IPv4.

Note: Web or FTP services are not required on the PCs.

Use the commands listed below to load the configuration files for both trouble tickets:

Instructor Note: Commands for uploading the configuration are provided at the end of this document.

Device Command
R1 copy flash:/enarsi/1.1.3.1-r1-config.txt run
R2 copy flash:/enarsi/1.1.3.1-r2-config.txt run
R3 copy flash:/enarsi/1.1.3.1-r3-config.txt run
D1 copy flash:/enarsi/1.1.3.1-d1-config.txt run
D2 copy flash:/enarsi/1.1.3.1-d2-config.txt run

• PC 1, PC 2, FTP Server, and Web Server should be configured with the addressing listed in the Addressing Table.
• Passwords on all devices are cisco12345. If a username is required, use admin.
• After you have fixed the ticket, change the MOTD on EACH DEVICE using the following command:

banner motd # This is $(hostname) FIXED from ticket <ticket number> #

• Then save the configuration by issuing the wri command (on each device).
• Inform your instructor that you are ready for the next ticket.
• After the instructor approves your solution for this ticket, issue the reset.now privileged exec command. This script will clear your configurations and reload the devices.

Instructor Notes:

This trouble ticket contains 1 intentional error. R1 has an incorrect netmask on the IPv4 static route.

The commands used to fix these errors should be:

R1(config)# no ip route 10.10.3.0 255.255.255.240 10.10.12.2
R1(config)# ip route 10.10.3.0 255.255.255.0 10.10.12.2
R1(config-router)# end

Part 2: Trouble Ticket 1.1.3.2

Scenario:

A WAN connection through R2 was recently added to increase the bandwidth that is available between the branch and HQ. It was decided to keep the dedicated T1 connection from R1 to R3 as a backup link for IPv6 traffic. Users at the branch have been complaining that data transfer speeds to PCs at HQ seem to be slow; however, downloads seem to be fine.

Use the commands listed below to load the configuration files for both trouble tickets:

Instructor Note: Commands for uploading the configuration are provided at the end of this document.

Device Command
R1 copy flash:/enarsi/1.1.3.2-r1-config.txt run
R2 copy flash:/enarsi/1.1.3.2-r2-config.txt run
R3 copy flash:/enarsi/1.1.3.2-r3-config.txt run
D1 copy flash:/enarsi/1.1.3.2-d1-config.txt run
D2 copy flash:/enarsi/1.1.3.2-d2-config.txt run

• PC 1, PC 2, FTPServer, and WebServer should be configured with the IPv6 addressing listed in the Addressing Table. It is not necessary to configure the IPv4 addresses.
• Passwords on all devices are cisco12345. If a username is required, use admin.
• After you have fixed the ticket, change the MOTD on EACH DEVICE using the following command:

banner motd # This is $(hostname) FIXED from ticket <ticket number> #

• Then save the configuration by issuing the wri command (on each device).
• Inform your instructor that you are ready for the next ticket.
• After the instructor approves your solution for this ticket, issue the reset.now privileged EXEC command. This script will clear your configurations and reload the devices.

Instructor Notes:

This trouble ticket contains 1 intentional error. R1 has an incorrect administrative distance assigned to the primary and backup routes.

The commands used to fix these errors should be:

R1(config)# no ipv6 route 2001:DB8:0:3::/64 2001:DB8:0:13::2 10
R1(config)# ipv6 route 2001:DB8:0:3::/64 2001:DB8:0:13::2 15
R1(config)# end

Router Interface Summary Table

Router Model Ethernet Interface #1 Ethernet Interface #2 Serial Interface #1 Serial Interface #2
1800 Fast Ethernet 0/0 (F0/0) Fast Ethernet 0/1 (F0/1) Serial 0/0/0 (S0/0/0) Serial 0/0/1 (S0/0/1)
1900 Gigabit Ethernet 0/0 (G0/0) Gigabit Ethernet 0/1 (G0/1) Serial 0/0/0 (S0/0/0) Serial 0/0/1 (S0/0/1)
2801 Fast Ethernet 0/0 (F0/0) Fast Ethernet 0/1 (F0/1) Serial 0/1/0 (S0/1/0) Serial 0/1/1 (S0/1/1)
2811 Fast Ethernet 0/0 (F0/0) Fast Ethernet 0/1 (F0/1) Serial 0/0/0 (S0/0/0) Serial 0/0/1 (S0/0/1)
2900 Gigabit Ethernet 0/0 (G0/0) Gigabit Ethernet 0/1 (G0/1) Serial 0/0/0 (S0/0/0) Serial 0/0/1 (S0/0/1)
4221 Gigabit Ethernet 0/0/0 (G0/0/0) Gigabit Ethernet 0/0/1 (G0/0/1) Serial 0/1/0 (S0/1/0) Serial 0/1/1 (S0/1/1)
4300 Gigabit Ethernet 0/0/0 (G0/0/0) Gigabit Ethernet 0/0/1 (G0/0/1) Serial 0/1/0 (S0/1/0) Serial 0/1/1 (S0/1/1)

Note: To find out how the router is configured, look at the interfaces to identify the type of router and how many interfaces the router has. There is no way to effectively list all the combinations of configurations for each router class. This table includes identifiers for the possible combinations of Ethernet and Serial interfaces in the device. The table does not include any other type of interface, even though a specific router may contain one. An example of this might be an ISDN BRI interface. The string in parenthesis is the legal abbreviation that can be used in Cisco IOS commands to represent the interface.

Uploading Configuration Files

Use the commands below to create the configuration files on the lab devices for each trouble ticket in this lab. The TCL script commands help create and copy the configurations. However, the configuration commands could also be copied and pasted directly into global config mode on each device. Simply remove the TCL script commands, enter the enable and configure t commands on the device, and copy and paste the configuration commands.

Important: The device requires a folder in flash named enarsi. Use the dir command to verify. If the folder is missing, then create it using the mkdir flash:/enarsi privileged EXEC command. For all switches, make sure the vlan.dat file is set to the default. Use the delete vlan.dat privileged EXEC command, if necessary.

Reset scripts

These TCL scripts will completely clear and reload the device in preparation for the next ticket. Copy and paste the appropriate script to the appropriate device.

Router Reset Script

tclsh
puts [ open "flash:/enarsi/reset.tcl" w+ ] {
typeahead "\n"
copy running-config startup-config
typeahead "\n"
erase startup-config
puts "Reloading the router"
typeahead "\n"
reload
}
tclquit

D1/D2 (Cisco 3650) Reset Script – The default 3650 SDM template supports IPv6, so it is not set by this script.

tclsh
puts [ open "flash:/enarsi/reset.tcl" w+ ] {
typeahead "\n"
copy running-config startup-config
typeahead "\n"
erase startup-config
delete /force vlan.dat
puts "Reloading the switch"
typeahead "\n"
reload
}
tclquit

A1 (Cisco 2960 Script) – The default 2960 SDM template does not support IPv6, so this script includes that setting.

tclsh
puts [ open "flash:/enarsi/reset.tcl" w+ ] {
typeahead "\n"
copy running-config startup-config
typeahead "\n"
erase startup-config
delete /force vlan.dat
delete /force multiple-fs
ios_config "sdm prefer lanbase-routing"
typeahead "\n"
puts "Reloading the switch"
typeahead "\n"
reload
}
tclquit

R1 Configuration File Scripts

!R1 – Trouble Ticket # 1

tclsh
puts [ open "flash:/enarsi/1.1.3.1-r1-config.txt" w+ ] {
hostname R1
banner motd # This is R1, Trouble Ticket 1.1.3.1 #
enable secret cisco12345
username admin privilege 15 algorithm-type scrypt secret cisco12345
interface GigabitEthernet0/0/0
 ip address 10.10.12.1 255.255.255.0
 no shutdown
interface GigabitEthernet0/0/1
 ip address 10.10.1.1 255.255.255.0
 no shutdown
ip route 10.10.23.0 255.255.255.252 10.10.12.2 
ip route 10.10.3.0 255.255.255.240 10.10.12.2 
line con 0
 exec-timeout 0 0
 logging synchronous
 exit
line vty 0 4
 login local
 transport input telnet
 exit
alias exec reset.now tclsh flash:/enarsi/reset.tcl
end
}
tclquit

!R1 – Trouble Ticket # 2

tclsh
puts [ open "flash:/enarsi/1.1.3.2-r1-config.txt" w+ ] {
hostname R1
banner motd # This is R1, Trouble Ticket 1.1.3.2 #
enable secret cisco12345
username admin privilege 15 algorithm-type scrypt secret cisco12345
ipv6 unicast-routing
interface GigabitEthernet0/0/0
 ipv6 address FE80::1:1 link-local
 ipv6 address 2001:DB8:0:12::1/64
 no shutdown
interface GigabitEthernet0/0/1
 ipv6 address FE80::1:2 link-local
 ipv6 address 2001:DB8:0:1::1/64
 no shutdown
interface Serial0/1/0
 ipv6 address FE80::1:3 link-local
 ipv6 address 2001:DB8:0:13::1/64
 no shutdown
ipv6 route 2001:DB8:0:3::/64 2001:DB8:0:13::2 10
ipv6 route 2001:DB8:0:3::/64 2001:DB8:0:12::2 12
line con 0
 exec-timeout 0 0
 logging synchronous
 exit
line vty 0 4
 login local
 transport input telnet
 exit
alias exec reset.now tclsh flash:/enarsi/reset.tcl
end
}
tclquit

R2 Configuration File Scripts

!R2 – Trouble Ticket # 1

tclsh
puts [ open "flash:/enarsi/1.1.3.1-r2-config.txt" w+ ] {
hostname R2
banner motd # This is R2, Trouble Ticket 1.1.3.1 #
enable secret cisco12345
username admin privilege 15 algorithm-type scrypt secret cisco12345
interface GigabitEthernet0/0/0
 ip address 10.10.12.2 255.255.255.252
 no shutdown
interface GigabitEthernet0/0/1
 ip address 10.10.23.1 255.255.255.252
 no shutdown
ip route 10.10.1.0 255.255.255.0 10.10.12.1 
ip route 10.10.3.0 255.255.255.0 10.10.23.2 
line con 0
 exec-timeout 0 0
 logging synchronous
 exit
line vty 0 4
 login local
 transport input telnet
 exit
alias exec reset.now tclsh flash:/enarsi/reset.tcl
end
}
tclquit

!R2 – Trouble Ticket #2

tclsh
puts [ open "flash:/enarsi/1.1.3.2-r2-config.txt" w+ ] {
hostname R2
banner motd # This is R2, Trouble Ticket 1.1.3.2 #
enable secret cisco12345
username admin privilege 15 algorithm-type scrypt secret cisco12345
ipv6 unicast-routing
interface GigabitEthernet0/0/0
 ipv6 address FE80::2:1 link-local
 ipv6 address 2001:DB8:0:12::2/64
 no shutdown
interface GigabitEthernet0/0/1
 ipv6 address FE80::2:2 link-local
 ipv6 address 2001:DB8:0:23::1/64
 no shutdown
ipv6 route 2001:DB8:0:1::/64 2001:DB8:0:12::1
ipv6 route 2001:DB8:0:3::/64 2001:DB8:0:23::2
line con 0
 exec-timeout 0 0
 logging synchronous
 exit
line vty 0 4
 login local
 transport input telnet
 exit
alias exec reset.now tclsh flash:/enarsi/reset.tcl
end
}
tclquit

R3 Configuration File Scripts

!R3 – Trouble Ticket #1

tclsh
puts [ open "flash:/enarsi/1.1.3.1-r3-config.txt" w+ ] {
hostname R3
banner motd # This is R3, Trouble Ticket 1.1.3.1 #
enable secret cisco12345
username admin privilege 15 algorithm-type scrypt secret cisco12345
interface GigabitEthernet0/0/0
 ip address 10.10.23.2 255.255.255.252
 no shutdown
interface GigabitEthernet0/0/1
 ip address 10.10.3.1 255.255.255.0
 no shutdown
ip route 0.0.0.0 0.0.0.0 10.10.23.1 
line con 0
 exec-timeout 0 0
 logging synchronous
 exit
line vty 0 4
 login local
 transport input telnet
 exit
alias exec reset.now tclsh flash:/enarsi/reset.tcl
end
}
tclquit

!R3 – Trouble Ticket #2

tclsh
puts [ open "flash:/enarsi/1.1.3.2-r3-config.txt" w+ ] {
hostname R3
banner motd # This is R3, Trouble Ticket 1.1.3.2 #
enable secret cisco12345
username admin privilege 15 algorithm-type scrypt secret cisco12345
ipv6 unicast-routing
interface GigabitEthernet0/0/0
 ipv6 address FE80::3:1 link-local
 ipv6 address 2001:DB8:0:23::2/64
 no shutdown
interface GigabitEthernet0/0/1
 ipv6 address FE80::3:2 link-local
 ipv6 address 2001:DB8:0:3::1/64
 no shutdown
interface Serial0/1/0
 ipv6 address FE80::3:3 link-local
 ipv6 address 2001:DB8:0:13::2/64
 no shutdown
ipv6 route 2001:DB8:0:1::/64 2001:DB8:0:13::1 12
ipv6 route 2001:DB8:0:1::/64 2001:DB8:0:23::1 10
line con 0
 exec-timeout 0 0
 logging synchronous
 exit
line vty 0 4
 login local
 transport input telnet
 exit
alias exec reset.now tclsh flash:/enarsi/reset.tcl
end
}
tclquit

D1 Configuration File Scripts

!D1 – Trouble Ticket #1

tclsh
puts [ open "flash:/enarsi/1.1.3.1-d1-config.txt" w+ ] {
hostname D1
vlan 10
name Data
banner motd # This is D1, Trouble Ticket 1.1.3.1 #
enable secret cisco12345
username admin privilege 15 algorithm-type scrypt secret cisco12345
interface range g1/0/1 - 24
 switchport mode access
 shutdown
 exit
interface g1/0/11
 switchport mode access
 switchport access vlan 10
 no shutdown
 exit
interface range g1/0/23-24
 switchport mode access
 switchport access vlan 10
 no shutdown
 exit
interface vlan 10
 ip address 10.10.1.2 255.255.255.0
 no shutdown
 exit
ip default-gateway 10.10.1.1
line con 0
 exec-timeout 0 0
 logging synchronous
 exit
line vty 0 15
 login local
 transport input telnet
 exit
alias exec reset.now tclsh flash:/enarsi/reset.tcl
end
}
tclquit

!D1 – Trouble Ticket #2

tclsh
puts [ open "flash:/enarsi/1.1.3.2-d1-config.txt" w+ ] {
hostname D1
vlan 10
name Data
banner motd # This is D1, Trouble Ticket 1.1.3.2 #
enable secret cisco12345
username admin privilege 15 algorithm-type scrypt secret cisco12345
interface range g1/0/1 - 24
 switchport mode access
 shutdown
 exit
interface g1/0/11
 switchport mode access
 switchport access vlan 10
 no shutdown
 exit
interface range g1/0/23-24
 switchport mode access
 switchport access vlan 10
 no shutdown
 exit
interface vlan 10
 ip address 10.10.1.2 255.255.255.0
 no shutdown
 exit
ip default-gateway 10.10.1.1
line con 0
 exec-timeout 0 0
 logging synchronous
 exit
line vty 0 15
 login local
 transport input telnet
 exit
alias exec reset.now tclsh flash:/enarsi/reset.tcl
end
}
tclquit

D2 Configuration File Scripts

!D2 – Trouble Ticket #1

tclsh
puts [ open "flash:/enarsi/1.1.3.1-d2-config.txt" w+ ] {
hostname D2
banner motd # This is D2, Trouble Ticket 1.1.3.1 #
enable secret cisco12345
username admin privilege 15 algorithm-type scrypt secret cisco12345
interface range g1/0/1 - 24
 switchport mode access
 shutdown
 exit
interface g1/0/11
 switchport mode access
 switchport access vlan 10
 no shutdown
 exit
interface range g1/0/23-24
 switchport mode access
 switchport access vlan 10
 no shutdown
 exit
interface vlan 10
 ip address 10.10.3.2 255.255.255.0
 no shutdown
 exit
ip default-gateway 10.10.3.1
line con 0
 exec-timeout 0 0
 logging synchronous
 exit
line vty 0 15
 login local
 transport input telnet
 exit
alias exec reset.now tclsh flash:/enarsi/reset.tcl
end
}
tclquit

!D2 – Trouble Ticket #2

tclsh
puts [ open "flash:/enarsi/1.1.3.2-d2-config.txt" w+ ] {
hostname D2
vlan 10
name Data
banner motd # This is D2, Trouble Ticket 1.1.3.2 #
enable secret cisco12345
username admin privilege 15 algorithm-type scrypt secret cisco12345
interface range g1/0/1 - 24
 switchport mode access
 shutdown
 exit
interface g1/0/11
 switchport mode access
 switchport access vlan 10
 no shutdown
 exit
interface range g1/0/23-24
 switchport mode access
 switchport access vlan 10
 no shutdown
 exit
interface vlan 10
 ip address 10.10.3.2 255.255.255.0
 no shutdown
 exit
ip default-gateway 10.10.3.1
line con 0
 exec-timeout 0 0
 logging synchronous
 exit
line vty 0 15
 login local
 transport input telnet
 exit
alias exec reset.now tclsh flash:/enarsi/reset.tcl
end
}
tclquit

A1 Configuration File Scripts – Not Used In This Lab

Download 1.1.3 Lab – Troubleshoot IPv4 and IPv6 Static Routing .PDF file:


Related Articles

guest
0 Comments
Inline Feedbacks
View all comments