CCNP Madness

OfWolfAndManOfWolfAndMan Member Posts: 923 ■■■□□□□□□□
Well, it's official. I am off to the CCNP journey! I have actually already briefly skimmed some of the material in the previous months when getting bored of the CCNA Security material. I am starting first with ROUTE to knock out the test I have the least knowledge on. My materials are:

-The Simplified books
-The Chris Bryant vids (For depth)
-Cbt Nuggets (For Jeremy's energy)
-Lab manuals

I also purchased a a lab, switch exclusive, for around 450 total. It contains a 12U rack, mountable power strip, 3 2950s, a 3550 and a 3750, along with plenty of 3 ft prefab cables.

As of now, I have gotten through the CBT Nuggets vids on EIGRP AND OSPF. Did the labs, and am done with the EIGRP chapter and a third of OSPF in the Simplified book. I'll go for more labs this weekend. Starting WGU in the beginning of August, so I'm willing to bust out many hours to finish ROUTE before that time.
:study:Reading: Lab Books, Ansible Documentation, Python Cookbook 2018 Goals: More Ansible/Python work for Automation, IPSpace Automation Course [X], Build Jenkins Framework for Network Automation []
«13

Comments

  • MickQMickQ Member Posts: 628 ■■■■□□□□□□
    You should probably include the FLG for completeness. Best of luck!
  • bharvey92bharvey92 Member Posts: 419
    Hi OfWorldandMan,

    Good luck, I am currently studying Route and its very indepth! The simplified book is awesome! I have read that, a hell of alot of material in there!

    I have also purchased the Bryant videos, and I think they are excellent! Much better than CBT in my opinion. I think he covers the material really well and gives alot of real world examples and lab stuff.

    Good luck, I'm sure your be fine!
    2018 Goal: CCIE Written [ ]
  • Master Of PuppetsMaster Of Puppets Member Posts: 1,210
    Make sure to do a lot of labbing for this one! Good luck!
    Yes, I am a criminal. My crime is that of curiosity. My crime is that of judging people by what they say and think, not what they look like. My crime is that of outsmarting you, something that you will never forgive me for.
  • OfWolfAndManOfWolfAndMan Member Posts: 923 ■■■□□□□□□□
    @MickQ: Thanks for the recommendation! Decided to get the digital version of that FLG!
    @bharvey: Agreed! Gonna have to study for this one much more extensively for sure!
    @MasterofPuppets: Got GNS3 setup with SecureCRT, so I will definitely be using it a lot.

    Finished up the EIGRP and OSPF fundies on Chris Bryant's vids (I skipped over floating static routes, but I'll come back to it once I reach the material in the Simplified book). Did some labbing with single and multi-area ospf over all four network types. Did some EIGRP config over Frame Relay with passive interfaces included and did some manually neighboring in the same network. Will be finishing up labbing for the day after configuring routing protocol authentication (Especially since EIGRP uses a key chain. OSPF is cake to setup for its authentication). I also wanna do a virtual link lab. I am about 200 pages through the Simplified book, learned all about LSA types 1-5, but I'm stuck at the NSSA areas with Type 7 LSAs. I get the concept of Stubby and Totally Stubby, but I'm still a little confused of why NSSAs are used and why an ASBR doesn't just use a Type 5? I have EIGRP down (Just need to practice authentication). OSPF I wanna finish up before Friday, but for now, it's gonna be labbing with stub networks, authentication, and working on default routing with OSPF.
    :study:Reading: Lab Books, Ansible Documentation, Python Cookbook 2018 Goals: More Ansible/Python work for Automation, IPSpace Automation Course [X], Build Jenkins Framework for Network Automation []
  • dmcneil330dmcneil330 Users Awaiting Email Confirmation Posts: 33 ■■□□□□□□□□
    ASBRs in stubby areas never flood type 5 LSAs by definition. This is because stub areas do not flood external routes. To get around this the not so stubby areas that flood external routes using Type 7 LSAs.
    CCNP: SWITCH[X] ROUTE[] TSHOOT[]
  • OfWolfAndManOfWolfAndMan Member Posts: 923 ■■■□□□□□□□
    Thanks for the insight man! I also learned that you can't have an ASBR on a non-backbone area, so that's another reason for the nssa.

    Finished the chapter on OSPF this morning and finished Chris Bryant's OSPF vids last night. Did a lab with multi-area OSPF with a stub area, a virtual link, some ABR summarization, and redistributed a RIP network with loopbacks attached into the OSPF process. In addition, configured an NBMA network with manual neighbors. Will be finishing up with labbing with the nssa and summarization with the ASBR, and then onto IGP redistribution and route maps chapter! lso got the 101 CCNP labs from the Simplified series for more lab practice.
    :study:Reading: Lab Books, Ansible Documentation, Python Cookbook 2018 Goals: More Ansible/Python work for Automation, IPSpace Automation Course [X], Build Jenkins Framework for Network Automation []
  • bharvey92bharvey92 Member Posts: 419
    What do you think of the OSPF Chris Bryant videos? I found them much more informative than CBT or INE! Sound's like your steaming through the content man! Keep up the good work! :)
    2018 Goal: CCIE Written [ ]
  • OfWolfAndManOfWolfAndMan Member Posts: 923 ■■■□□□□□□□
    Agreed! I think that it is much more informative than the CBT nuggets vids (At least the OSPF ones). Although his explanation of virtual links was somewhat brief (In comparison to how detailed it was explained in the Simplified book). Chris Bryant is my go-to for Cisco exams. I watched the demo vids for INE and I swear I almost fell asleep lol.
    :study:Reading: Lab Books, Ansible Documentation, Python Cookbook 2018 Goals: More Ansible/Python work for Automation, IPSpace Automation Course [X], Build Jenkins Framework for Network Automation []
  • jvrlopezjvrlopez Member Posts: 911 ■■■■□□□□□□
    Good luck on your studies and efforts!
    And so you touch this limit, something happens and you suddenly can go a little bit further. With your mind power, your determination, your instinct, and the experience as well, you can fly very high. ~Ayrton Senna
  • bharvey92bharvey92 Member Posts: 419
    Definitely, I'm not knocking the INE but I did certainly find it a bit dry. Also I think the Bryant videos compliment the overload of info from Route Simplified! I find that if Chris only briefly mentions it a read of the information in the Simplified book gives you more than enough info!
    2018 Goal: CCIE Written [ ]
  • MrBrianMrBrian Member Posts: 520
    Good luck on your path, OfWolfAndMan. it is definitely a Mad Mad CCNP world...

    I like your approach though, using several resources is best. Jump in and don't look back!
    Currently reading: Internet Routing Architectures by Halabi
  • OfWolfAndManOfWolfAndMan Member Posts: 923 ■■■□□□□□□□
    Well, this holiday weekend has been busy with house hunting in the new future residence of Jacksonville. Finished the BGP fundies. Path attributes were by far the thing I had to go over like three times. Watched some of Chris Bryant's vids and one of Jeremy's on it to catch it all. Did some basic BGP implementation via iBGP, eBGP, multihop neighbors, authentication, RID, and loopback-sourced neighbor establishment. Skipped over route maps, redistribution and IGP route filtering/manipulation because I thought it'd be better to know BGP first as route maps seem primarily used by BGP.
    :study:Reading: Lab Books, Ansible Documentation, Python Cookbook 2018 Goals: More Ansible/Python work for Automation, IPSpace Automation Course [X], Build Jenkins Framework for Network Automation []
  • OfWolfAndManOfWolfAndMan Member Posts: 923 ■■■□□□□□□□
    OK so before I move on, there is something I'm kinda stuck on. Let's say you have one router in ASN 200 (Router 4) and your local ASN, 100, has a border router running ebgp (Router1) and has an ibgp peering with a ibgp neighbor not directly connected (Router 3). The device in between the two is running an IGP (Router 2), and obviously I will have to configure the next-hop-self command on Router 1 to have Router 3 display valid BGP routes. I know if I were to try to get to an external network attached to router 4 from Router 3, it would first send the packet to Router 2. Router 2 has never heard of the external route, so it drops it. My question is, how can I get Router 3 to ping a loopback off of Router 4 without having router 2 blackhole all the packets? I was told synchronization works, but it's supposed to be used in an AS with routers only running iBGP? This is a concept I've been labbing for a day or two and still can't figure out what I'm missing.
    :study:Reading: Lab Books, Ansible Documentation, Python Cookbook 2018 Goals: More Ansible/Python work for Automation, IPSpace Automation Course [X], Build Jenkins Framework for Network Automation []
  • networker050184networker050184 Mod Posts: 11,962 Mod
    You need a route on the router in the middle. A router can not route to a destination it doesn't know. Another option is to run MPLS and label switch to loopbacks. Synchronization just ensures routes are learned via IGP before passing via BGP.
    An expert is a man who has made all the mistakes which can be made.
  • chrisonechrisone Senior Member Member Posts: 1,961 ■■■■■■■■□□
    awesome! kick butt my friend!
    Certs: CISSP, CRTP, eCPPT, LFCS, CEH, AZ-900, Retired Cisco CCNP/SP/DP
    2020 Goals:
    Courses: VHL (completed), CQURE: Windows Security Crash Course (in-progress), PTRACE : Advanced Software Exploitation, Corelan: Advanced Exploit Development
    Certs: VHL: Advanced+ (completed), OSCP (in-progress), SLAE32, OSCE, PTRACE: CSED, AZ-500
  • OfWolfAndManOfWolfAndMan Member Posts: 923 ■■■□□□□□□□
    Networker, I apologize for not giving more detail, but what if for the iBGP peers I am using loopbacks for the peering while using the ebgp-multihop command and the update-source command? I actually have two paths between the two iBGP peers partially so I have to configure the peers as loopbacks. Since the loopbacks aren't directly connected to the neighboring router, how do I go about having OSPF on the routers in between then? Do I just run a full mesh iBGP topology?
    :study:Reading: Lab Books, Ansible Documentation, Python Cookbook 2018 Goals: More Ansible/Python work for Automation, IPSpace Automation Course [X], Build Jenkins Framework for Network Automation []
  • networker050184networker050184 Mod Posts: 11,962 Mod
    There is no way getting around the fact that the router in the middle needs to know how to get to the destination (except for MPLS or GRE tunnel etc). You have a few options depending on your topology. A default route possibly? Probably not a good idea though. Full mesh or route reflection to get the routes down?
    An expert is a man who has made all the mistakes which can be made.
  • TheRuTheRu Registered Users Posts: 1 ■□□□□□□□□□
    Hi, Good luck on your CCNP Journey, i myself have decided to take on the CCNP mountain starting today! All The Best!
  • OfWolfAndManOfWolfAndMan Member Posts: 923 ■■■□□□□□□□
    Hey guys, just checking in. Got a little distracted catching up on episodes of Arrow, but I finally finished BGP in the Simplified book and the Chris Bryant vids. Configured route reflectors, confederations, did some path selection adjustment with route maps, and played with route aggregation. I will definitely be coming back for some more practice, but for now, I'm moving onto IGP route filtering and redistribution (Which I've already partially covered). The hardest thing by far was probably understanding how to configure the attributes properly without blocking/destroying my neighbors. Really wish I would've learned about peer groups earlier though when configuring neighbor statements.
    :study:Reading: Lab Books, Ansible Documentation, Python Cookbook 2018 Goals: More Ansible/Python work for Automation, IPSpace Automation Course [X], Build Jenkins Framework for Network Automation []
  • OfWolfAndManOfWolfAndMan Member Posts: 923 ■■■□□□□□□□
    Finished up the IGP route filtering and redistribution section. The redistribution seemed pretty straightforward, and I never thought about how having two points of redistribution into another AS could have loops like they explained! Really interesting. The one thing it took me a couple times around to understand was the route tag. I think I will be playing with that one very soon. Distribute list was pretty straightforward, especially after going through a massive section on the route maps. The remaining vids I have with Chris Bryant are the ones on IPv6 and the VPN stuff (Which I believe my CCNA Security knowledge will help me there). I still have a vid on static floating routes as well. I am currently in the Path Control and Route Optimization chapter in Simplified, reading through the IP SLA stuff (Which I don't remember learning about in Chris Bryant's stuff). Once I finish that chapter, I will start the complex labs in the back of the Simplified book. For now, I am doing most of the labs from the lab manual and Chris Bryant's vids.
    :study:Reading: Lab Books, Ansible Documentation, Python Cookbook 2018 Goals: More Ansible/Python work for Automation, IPSpace Automation Course [X], Build Jenkins Framework for Network Automation []
  • OfWolfAndManOfWolfAndMan Member Posts: 923 ■■■□□□□□□□
    Finished the path control and route optimization section. Went through several labs in the route manual. Then I went through the lab "BGP Peering and prefix advertisement" in the Simplified book. I have a major question, as this has me clueless. Maybe I read over it? So this is the situation: There's four routers connected. Three are running seperate bgp ASs, two are running OSPF (Single area). Each has a 150.X.X.X network on F0/0. So it has me redistribute both ways, and all routes look good. R3 is running both BGP and OSPF, and that's where the redistribution occurs (R1 is connected to R2 and 3, R2 is connected to R1 and 3, R3 is connected to 1, 2, and 3, and R4 is connected to R3). R4 is explicitly running OSPF. 80% of the lab I get, until it has me put in the commands into R3 to allow ping between OSPF router to F0/0 interfaces on the BGP routers using the following commands on R3:

    R3#router bgp 333
    #default-information originate
    #network 0.0.0.0 mask 0.0.0.0
    #ip route 0.0.0.0 0.0.0.0 null0
    #router ospf 1
    #default-information originate

    I understand the purpose of the default-information originate command and how it has to have a default route in the config to work (unless of course you use always at the end). My question is: If the ip default route points to null0, how is it that this command is able to allow pings between bgp routers and F0/0 interface redistributed from OSPF? I thought it was used as a bit bucket to prevent congestion when loops occur? How is it that without this command, I can't ping F0/0 interfaces of BGP routers from the OSPF router? Maybe there is something I've missed about the null0 ip route command?
    :study:Reading: Lab Books, Ansible Documentation, Python Cookbook 2018 Goals: More Ansible/Python work for Automation, IPSpace Automation Course [X], Build Jenkins Framework for Network Automation []
  • tomtom1tomtom1 Member Posts: 375
    I don't fully understand the topology yet, but the reason you do the default route to null0 is with BGP, a route can only be advertised (via network command) once the same prefix is in the routing table. By first creating a route to null0, you fill the local routing table. You can then advertise this prefix via BGP and since you are all running eBGP sessions, the next hop attribute is changed on outgoing prefix advertisements. And once the traffic comes in from the remote BGP peers, you should have a more specific entry in your routing table for F0/0's interface.

    Perhaps if you could share some pictures and configs, we might be able to elaborate on this further.
  • OfWolfAndManOfWolfAndMan Member Posts: 923 ■■■□□□□□□□
    Here it is. This is R3's config for some more help:

    router ospf 1
    log-adjacency-changes
    redistribute bgp 333 subnets
    network 3.3.3.3 0.0.0.0 area 0
    network 10.0.0.13 0.0.0.0 area 0
    default-information originate
    !
    router bgp 333
    no synchronization
    bgp router-id 3.3.3.3
    bgp log-neighbor-changes
    network 0.0.0.0
    network 150.3.3.0 mask 255.255.255.0
    redistribute ospf 1 match external 2
    neighbor PEER_GROUP peer-group
    neighbor PEER_GROUP ebgp-multihop 2
    neighbor PEER_GROUP update-source Loopback0
    neighbor 1.1.1.1 remote-as 111
    neighbor 1.1.1.1 peer-group PEER_GROUP
    neighbor 2.2.2.2 remote-as 222
    neighbor 2.2.2.2 peer-group PEER_GROUP
    default-information originate
    no auto-summary
    !
    ip forward-protocol nd
    ip route 0.0.0.0 0.0.0.0 Null0
    ip route 1.1.1.1 255.255.255.255 Serial1/1
    ip route 2.2.2.2 255.255.255.255 Serial1/2
    :study:Reading: Lab Books, Ansible Documentation, Python Cookbook 2018 Goals: More Ansible/Python work for Automation, IPSpace Automation Course [X], Build Jenkins Framework for Network Automation []
  • fredrikjjfredrikjj Member Posts: 879
    One problem with that config is that the BGP default-information-originate requires that you redistribute 0.0.0.0/0 into BGP, and you are not doing that.
    The configuration of the default-information originate command in BGP is similar to the configuration of the network (BGP) command. The default-information originate command, however, requires explicit redistribution of the route 0.0.0.0. The network command requires only that the route 0.0.0.0 is present in the Interior Gateway Protocol (IGP) routing table. For this reason, the network command is preferred.

    However, you are also injecting a default into BGP with the network command, and that should work since you have the static default to null0. So basically you just have a redundant line of config that you could delete.

    PS.
    We could troubleshoot the other problem you're having together, but you need to be a bit more specific.

    PPS.
    My question is: If the ip default route points to null0, how is it that this command is able to allow pings between bgp routers and F0/0 interface redistributed from OSPF? I thought it was used as a bit bucket to prevent congestion when loops occur? How is it that without this command, I can't ping F0/0 interfaces of BGP routers from the OSPF router? Maybe there is something I've missed about the null0 ip route command?

    You shouldn't need a default route in that topology if you advertise the f0/0 networks into BGP and then redistribute these into OSPF on R3. However, looking at the diagram (which is hard, it's kind of small), a potential problem is that when you redistribute BGP into OSPF on R3, the LAN interface of R3 isn't redistributed because it will appear as directly connected in the routing table, not as BGP. Pinging between R3 and R4 will therefore be broken without the default route. If this in fact is the problem you could redistribute connected into OSPF, or just active OSPF on that interface.
  • tomtom1tomtom1 Member Posts: 375
    fredrikjj wrote: »
    However, you are also injecting a default into BGP with the network command, and that should work since you have the static default to null0. So basically you just have a redundant line of config that you could delete.

    My thoughts exactly.
    fredrikjj wrote: »
    You shouldn't need a default route in that topology if you advertise the f0/0 networks into BGP and then redistribute these into OSPF on R3. However, looking at the diagram (which is hard, it's kind of small), a potential problem is that when you redistribute BGP into OSPF on R3, the LAN interface of R3 isn't redistributed because it will appear as directly connected in the routing table, not as BGP. Pinging between R3 and R4 will therefore be broken without the default route. If this in fact is the problem you could redistribute connected into OSPF, or just active OSPF on that interface.

    But judging by the configuration (unless I'm missing something) he has the default route, so it should work.
  • OfWolfAndManOfWolfAndMan Member Posts: 923 ■■■□□□□□□□
    OK yes I'll take the line of config out as I see what you're saying. My thing was about the default route to null0 though. From R3, I couldn't ping R1's 150.x.x.x LAN unless I added in that default route to null0. Since the null0 route is supposed to be a catch all route, why is it that I can't ping the 150.x.x.x network from R3 without the null0 default route? The network was advertised via OSPF and I redistributed the ospf routes. Maybe I should have specified metric in the redistribution of OSPF into BGP?
    :study:Reading: Lab Books, Ansible Documentation, Python Cookbook 2018 Goals: More Ansible/Python work for Automation, IPSpace Automation Course [X], Build Jenkins Framework for Network Automation []
  • tomtom1tomtom1 Member Posts: 375
    According to this Cisco document, you shouldn't need any additional metrics as the origin BGP attribute will be a ?.
    Understanding Redistribution of OSPF Routes into BGP - Cisco

    Is the 150.3.3.0/24 subnet an OSPF E2 route? Since you're only redistributing those into BGP AS 333?
  • fredrikjjfredrikjj Member Posts: 879
    OK yes I'll take the line of config out as I see what you're saying. My thing was about the default route to null0 though. From R3, I couldn't ping R1's 150.x.x.x LAN unless I added in that default route to null0. Since the null0 route is supposed to be a catch all route, why is it that I can't ping the 150.x.x.x network from R3 without the null0 default route? The network was advertised via OSPF and I redistributed the ospf routes. Maybe I should have specified metric in the redistribution of OSPF into BGP?

    It's likely that the issue is with the return path in that case. As you point out, adding a default route to null0 shouldn't affect reachability from R3's perspective. However, when you add that null0 default, BGP advertises a default. That default route could make it possible for other routers to reach R3 without having a specific route to 150.3.3.0/24. These are just educated guesses from my side though without really knowing what's going on.
  • OfWolfAndManOfWolfAndMan Member Posts: 923 ■■■□□□□□□□
    Here's a more detailed config:

    R1: #interface lo0
    ip add 1.1.1.1 255.255.255.255
    !
    int lo1
    ip add 190.1.1.1 255.255.255.0
    !
    int f0/0
    ip add 150.1.1.1 255.255.255.0
    !
    int S1/0
    ip add 10.0.0.1 255.255.255.252
    !
    int S1/1
    ip add 10.0.0.5 255.255.255.252
    !
    router bgp 111
    bgp router-id 1.1.1.1
    network 150.1.1.0 mask 255.255.255.0
    network 190.1.1.0 mask 255.255.255.0
    neighbor 3.3.3.3 remote-as 333
    neighbor 3.3.3.3 ebgp-multihop 2
    neighbor 3.3.3.3 update-source lo0
    neighbor 10.0.0.2 remote-as 222
    !
    ip route 3.3.3.3 255.255.255.255 S1/1

    R2: #int lo0
    ip add 2.2.2.2 255.255.255.255
    !
    int lo1
    ip add 190.2.2.2 255.255.255.0
    !
    int f0/0
    ip add 150.2.2.2 255.255.255.0
    !
    int s1/0
    ip add 10.0.0.2 255.255.255.252
    clock rate 64000
    !
    int s1/1
    ip add 10.0.0.9 255.255.255.252
    !
    router bgp 222
    bgp router-id 2.2.2.2
    network 150.2.2.0 mask 255.255.255.0
    network 190.2.2.0 mask 255.255.255.0
    neighbor 3.3.3.3 remote-as 333
    neighbor 3.3.3.3 ebgp-multihop 2
    neighbor 3.3.3.3 update-source lo0
    neighbor 10.0.0.1 remote-as 111
    !
    ip route 3.3.3.3 255.255.255.255 S1/1

    R4: #int lo0
    ip add 4.4.4.4 255.255.255.255
    !
    int f0/0
    ip add 150.4.4.4 255.255.255.0
    !
    int s0/0
    ip add 10.0.0.14 255.255.255.252
    !
    router ospf 1
    router-id 4.4.4.4
    network 10.0.0.14 0.0.0.0 area 0
    network 4.4.4.4 0.0.0.0 area 0
    redistribute connected subnets
    :study:Reading: Lab Books, Ansible Documentation, Python Cookbook 2018 Goals: More Ansible/Python work for Automation, IPSpace Automation Course [X], Build Jenkins Framework for Network Automation []
  • OfWolfAndManOfWolfAndMan Member Posts: 923 ■■■□□□□□□□
    So did the same lab today, and as I said before, the null0 static route is so magical! Anyway, finished up all IPv6 content, and got to configure a static IPv6 tunnel! :D It was quite exciting, I'm not gonna lie. I want to setup a GRE tunnel for the remote connectivity chapter already! IPv6 routing is MUCH simpler than IPv4 dynamic routing IMO (No more increased BGP complexity with the exception of the word activate after manual neighbor commands). Did some OSPF IPv6 setup. Took like 5 minutes. This weekend will entail LOTS of labbing with route maps, PBR, etc. I gotta say: Route tags will make life A LOT easier in a commercial network.
    :study:Reading: Lab Books, Ansible Documentation, Python Cookbook 2018 Goals: More Ansible/Python work for Automation, IPSpace Automation Course [X], Build Jenkins Framework for Network Automation []
Sign In or Register to comment.