61. a NTA Lab
Let us perform the lab task. R1 is the router in this lab. So let me show you that I have a router that is connected to a switch that is 10 five.The router interface is the switch interface, and over these interfaces I’m going to enable the entity.
First of all, we’ll go and check the time. As you can see, the time for router one is now. Then I can go and make this the NTP master. My router is now an NTP master. Then I can go to the switch, then to the NTP, and finally to the server IP, which is 101, and that’s it. So I created a master, and then I have this client who knows how to reach the server; what’s the IP of the server? Then we can go and verify this. So we have two main verification commands. One is showing entity association, and the other is showing entity status. These are the two commands that we use to verify. Suppose you want to do the authentication. So for authentication, I can go ahead and use the NTP authentication key. Say, for example, MD.5 and Cisco. Now, on the other hand, you must go and authenticate this entity first, then generate the entity authentication key, and that’s it. So these are the commands that we should go and use.
So here you can see that you should use a trusted key as well. Key numbers for trusted sources say trusted keys. I can go and give one. And if you go to NTP, the options that you can see here are that you have the authenticated authentication key, and then you can go and use this trusted key as well. So this is the way we can go and check whether we can put the authentication in between the client and the server or in between the master and the server. Other options are now clearly visible: authentication, maximum associations, peer command, several commands, source command, and so on. So now I can go and check show NTP association, and in the arm you can also go and check show NTP association and show NTP status as well. Alright, so that’s the way that we can go and run and verify the commands related to MDB.
62. b NTA Lab
We have done the lab work for the entity. That lab I did on the virus was successful, but we have yet to see the expected results. So then I have created this topology. Obviously, this topology was created for HSRP in another lab. But here I want to show you the entity configuration. This R2 is now an entity master. And this router four and this router five, although I have changed the display, mean this is the router, although I have changed the symbol. It appears to be a PC or end machine. Anyway, I’m going to use these devices as end machines as well. But R Four, R Five, and R Two are part of one land segment. Even our third is also part of the land segment. I completed the NTP configuration for these devices on ports 4, 5, and 2. So, for example, if I go to router number two and show you the show run section NTP, you’ll know I’m here.
So you’ll see that here is the master. And what time is this? 18 2020. If I go to R Three, and if I go and check Show NTP Status, you can see that it is synchronized with this IP, and show NTP what other options we have for association. So here you can see the association as well. We can go and check Show clock. The master is giving it time from the master. Likewise, I haven’t done any configuration for R3, so let me go. And this is the R-3. So we finished R three. Let me see that. If I do the configuration for R Four and R Five, and then go to Four and section NTP, that’s the configuration. And if I go and check the Show and Section NTP server and some clocks, it’s okay. So everywhere you look, you can see that. This way, you can do the lab, go and check the association, and go and check the status to synchronize. Alright, so let’s stop here.
63. NAT & PAT theory
In chapters three and four, we have to learn about network address translation and port address translation. When we talk about that, we simply mean that you are translating one IP to another. Actually, if you read the textbook, given that you are translating private to public addresses, it’s not 100% correct. We can translate any IP to any IP, and that’s the network address translation. But mainly, we used to translate private addresses to public addresses just to save private address space. And even in this way, we are getting a first level of security as well. So now we are doing the translation. At that time, you will find that we may have three models. We may translate, for example, “many to few.” So for example, many to few means you have many private addresses and a smaller number of public addresses. Or you can do one-to-one translation or a static net. So that means you may have a dynamic network, you may have a static network, and then finally, there is a chance that you are translating to one IP with multiple ports. So that is nothing but port address translation. So these are the variations in the Nat, and then we’ll learn about the various types of terminologies used on the Internet. Obviously, what are the things that can be used before that in Cisco? We know that we have a public address, which is the internet or a Ruble number.
We have private addresses for classes A, B, and C. When we want to do it, our aim is to do the private to public address translation. Somewhere it is written that you’re translating an unregistered address to a registered address. So that’s also true. Then what type of net do we have? We have a static network, we have a dynamic network that is not overloading, and we have port address translation. Now, as I previously stated, Nat has some jargon. So what terminologies are there? You have inside local, inside global, outside global, and outside local. Wow. So what does it mean? How can I understand that? What is “inside local”? What is inside global? Outside the local, outside the global So here in the diagram, you can understand. Suppose this is the Nat router I have where I’m enabling the Nat. I have my inside IP, and then I have my inside global. This is outside IP, but technically it is as per the NAND document. This is your inside, obviously local; that is your private address; and then this is your inside, global; that is the outside.
Then, when you are reaching towards host B, that’s your destination. So from that perspective, the natural address So you can see, we are doing the net at this particular address. This is the public address from the other side. So that will be the global outside. You’ll also discover that your outside local address This address is actually represented by 991-11-2. So that is also the outside local address. So, on one hand, you have local and global, and on the other, you have local and global. Most of the time, we’ll find that the local and global addresses are the same. What happens if you look at the packet flow while sending the packet, doing the net, and then sending to the destination? So you know where you’re coming from and where you’re going. Now this is the destination host because I can’t send a packet to a private address, correct? I should send this to this particular destination. Obviously, you can see at the destination that the net will happen and the packet will get delivered to the destination.
So you have a source and a destination when it arrived at the Nat router. So Nat will change the source IP. So you can see that the source IP has been changed to this IP plus port, but your destination address will be the same. Finally, when it reaches the destination where you have the 99 address, obviously this 99 address will get converted to 1-5, and what he will think is that my source is 55. The same will happen with the reverse route from A to B, and then again from B to A in the reverse direction. So you can think that because the net exists, Nat will change the source at each hop, and when you arrive at the destination, if you send the return package again, the source will be changed correctly. So what is your source here? Whatever the destination for A is, that will be the source for B, so that means the B destination. So what will be the destination of B? That is correct, but it should be delivered to the correct 55 address. As you can see, destiny will be reversed. So the source is 192-1681-5, the destination is 55-1-1, and finally the port number. How can we go and enable on the Cisco devices?
Assume you have your Cisco router here and you’re enabling the internet, this is your inside and obviously this is your outside. So you have to go and give the commands IP inside, IP note inside, and IP not outside to these interfaces. Then we have an option; we can create the pool of, for example, public addresses where I want to do the translation, then I can create the access list where I can put the private address, and then I have to go and give them a statement. This is more for dynamic net than for static net because I don’t have the pool of addresses, for example, because I’m doing the overload over the interface. So I’ll show you the load and static net statement. Let’s check and say static net will be very easy one to one, then you haven’t, for example, overloaded the desire to do the translation with respect to the interface with various port numbers. Then there’s the dynamic network, where there are either too many or too few translations. So here we can see that this case is dynamic, not that I have a pool of public addresses like this; then I’ll go and create the source like this. Then I have to go make one Nat statement. So what will be the NAT statement? Let me show you the Nat statement on the next slide.
All right, so let me go to the next slide. Here you can see that this is your example, this is your access list, this is my private address, and they should be first in. Then this should be the second place that you define your public address. And then you have this NAT statement. So what you’re doing is basically IP, not inside sourcing. So this will call this IP, and you will then translate to this IP. That makes two. So from inside to outside, one to two. Now, how do we handle overload? So for that, let me show you that as well. And obviously we are going to do the lab, so it will be much more clear. Here you can see that in this case you have an interface; you don’t have this pool, but you have the interface over the interface, and you are doing the overload. How can we be sure? We have shown IP net translation and iPad stats. We can go and debug the IP network if you want. If you want to clear the translation table, then we can go and do the IPN and translation. Okay? So let’s stop here, and in the next section, we will perform the lab.
64. NAT & PAT Lab
Let us perform the lab task. So in this lab, we have the small network and IP that I’m going to use. Here’s a ten. That’s the gateway. This is dot three; this is dot four. These routers will serve as my host machines. They’re not doing the routing, but they’re working as a host. And for outside, I’m going to use 201, where at this point I have dot one, and at this point I have dot two. Okay, so it’s a very simple topology, and this device is going to work as a NAT device. All right, so let’s do that. I have already assigned the IP address. I haven’t enabled the NAT on any of the devices. So let’s do this. So, according to the diagram, the gig one will become outside, and the gig two will become inside. So I’ll go to router number one. And now I should go and do the configuration. So let me do interface gig two, which should work as an IP network inside; I’m running this configuration, this lab, over the virtual machine. So let’s say you are getting some sort of CPU-hogging hog errors.
That’s okay. So I have two interfaces assigned, one on the outside and one on the inside. Then I should go and do the configuration for Net. First of all, I want to do the dynamic network configuration. So what we need to do is set up the ACL. So I can go and create an IP access list, and then I can give it a name. So for example, my host has an IP range of 10. And let’s do it like this: I can give a standard as well because I know that I have the ACL where I want to use the IP addresses. And then I can go and give the name, say, for example, “host.” Then I can go ahead and issue permits for ten one-one-three and ten one-one-four. These are the two IPs I have here. Ten, one, three You can see the gateway, and after that I have ten one one four. Gateway is eleven like that. And we are using no IP routing. That is, if you run show IProute, you will discover that your routing is disabled. They’re working as a host machine. All right, so I have my ACL created the way I want. Now next I want to create pool of IP addresses. We have an IP address. For example, at this point, this external interface is number 201 one.But suppose I wanted to use 201 (1-5) to (10-). So this is the pool of addresses I want to use.
What we can do is establish an IP network. And then here we can see that we have a pool. So let’s create that. I can add the pool’s name, for example, Nat pool. What will be the address then? So, let’s go ahead and dial 201 1 5 You can see the start address it is asking, and then it is asking the end address. Then I can go and give thenet mask 252-5525, five dot anything.Assume that two four eight should fall within two forty. As a result, that will be the 16th or 14th valid address. All right, so once we have this, then what is the final thing that we need to do? Say IP net, and then you have to use the statement, so what is that here? You can see that IP net; what is your source? That will be the ACL, and what is the ACL? That was host 10, and then what is the pool name?
We have the pool named Net Pool, and that’s it. So, let’s check to see if my access list name is correct, so the host is correct, and then we can go check the NAT configuration. So I can go check on Natpool. All right, so now we have the correct Nat configuration. I can go here to host number three and then host number four. So if I ping, say, 202, it should be reachable, and if I go and check 2, this is the inside. First of all, let me check that from here I’m able to pin to my gateway or not, and if this is working, then let me go and check that from here I am able to pin to my router outside interface or not, and that is also correct. Then, from here, I can pin to the Ncrods, which are 201, 1-5, and it has some issues. So let’s see one. Here I can see that I have this address and this subnet mask.
If I go and check my host section, everything looks right, so I’ll go and try to change this ACL, but you can see that we are using the correct methodology to do this. For example, let me see if I can obtain a file card. I’m going to take the entire range here and see what happens, so I should go ahead and remove a few statements from here. Let me go ahead and use IP Access List Standard Host, and then I’ll remove 1020 30all right, so let’s take a look at that quickly. What does the configuration nd remove a This file can be, so please allow me to repeat myself. What I want here is to permit ten (10, 00:25), five, and then if you go and check your IP test list, you can understand why this is coming because the wild card that I gave was incorrect; otherwise, it will obviously behave like this. So I’ll go ahead and remove this line that is 40, and then we can go and verify that finally our access list is this, and then we can go here and try to reach the destination. Say, for example, that this is okay and they should be reachable at 201, but what about 202? Assuming it works, we should have netentry over the router with one show IP net translation, so what are the verification commands?
We’ve shown IP translation and then IP statistics; now tell us what it’s telling us about you. Let’s see that I have interface 0-2 that is inside, 0-1 that is outside, then we have the ACL, and what’s that? Ten pool NAT pool, then you have this NAT pool where you have this start IP and this end IP now, my IP that I’m using here is not routed at this time. It’s not reachable. I don’t have a reachable IP address. So, in order for this scenario to work, I’ll go ahead and use the net overload configuration. So what does it mean? I should go and use IPnet, and we have it; let’s see what we have: we have IP network source, and source is the list. What did that source list have to say about hosting? Then I’ll use the path to the interface, which interface do we have? We have the gigabit ethernet interface, and that interface is nothing but zero slash 10 slash one overload. Now we can go and check the denied configuration. So we can go and check sure and section that, let’s see, so now we have two statements here, one related to Danim Net and one related to that, so if the first statement fails, it will check the second statement.
So, if you go to 201, 1 and 2, it is still not working, and if you go to show IP net translations and stats, the net translation is not working, and then we’ll go to the stats, so you can see that the stat is also not working. What’s wrong with what we’ve done here? If you look at the syntax, you’ll notice that let me remove this statement first, and then I’ll use the IP, even if it lets me remove the upper statement as well. Why is it not working? When I use this IP network, I should use the source list — that’s a complete statement — followed by the host, and finally the pool — the pool is nothing more than the net pull — that’s all. So this is a valid configuration now; you should go and check, or at least it should start translating the packets correctly. If you go ahead and do the ping for now, if you go check translation, it will show IP net stat translations.
65. NAT & PAT Lab Continue GNS3
I have built a lab over the viral and invalid ones. We are seeing some issues that are not working properly. Although we have done the configuration, it is the same configuration I have done in GNS. Here’s my laptop, which is the same type of device; the only difference is the interface; the IPA schema is the same; everything else is the same, including the configuration and all of the rules that I’ve created. Now here, you can see that we have IPnet inside and IP Nat outside. So let me show you that I have a serial interface, and then I have a fascinating interface, and then I have this net configuration, and then I have the access list 10 configuration. So we have all these configurations that we studied in the previous recording. I just wanted to show you the verification command. So if you go and check “show IProute,” this is working as a host machine. I can ping my gateway, which is ten one one, and here you can see that this interface, f zero zero, is ten one one.
Then there’s 211, and finally the outside IP, which is 201, 1&2. So let’s do the verification. If I go and ping 201, you can see I’m able to reach, and if I go ahead and check the IP network translations, So here is the translation. I have an entry coming from this, and the protocol is ICMP. If I go here to this device, which is the outside device, and if I go and enable, say, linewithdy 24 loginlocal, and then if I give the username and the password, Cisco, and if I go ahead and do the 201-dot-one-dot connection, it will be refused by the host. But if I go and check the translation history, you can see that it tried to convert the IP, and on top of that, you can see that I have global insight into local. So inside local to inside global and then outside local to outside global are almost the same, correct? So in the same way, we can go and create the path as well. So what was the command for that? Show IP network, and we can go and give the source, and then we can go and give the interface; we know that the interface exists. I have zero slash zero overload that I can use. We have show IP, not translation, and show IP stats as verification commands. So these are the better commands and verifications. We can do the lab over GNS 3.
66. Hot Standby Router Protocol (HSRP)
We must learn about FHRP, understand the theory, and then perform the laptop in three dots, four C. The hot standby redundancy protocol (HSRP) and the virtual redundancy protocol (VRP) are both related to the first-off redundancy protocol. Alright? So let’s start with Chesapea. First of all, why do we need the first hop redundancy protocol? We need a first-hop redundancy protocol because, as you can see in this diagram, I can go and reach the switch, and then I can go out or do anything, right? The issue here is that if this link fails, what can we do? Obviously, all of the network’s devices will lose control. Why? Because you have only one path, you have only one dependency. So you don’t have triangles in a network, you don’t have loops in the network, and you don’t have redundancy. Assume you have this type of connection, and these devices can function as active, standby, or primary, or if this link fails, you still have a way to reach outside, correct?
So that is the concept or need that drove the development of the first hub redundancy protocol. Now, doing so presents one other problem. Suppose you want to use this path via the switch; what will be the gateway address to the host? because generally we hard code the gateway address. So either the switch physical interface, this interface, or maybe this interface will be the gateway address. Assume your company can’t change the gateway dynamically if they shut down this end host machine. So, rather than the strategy described here, you should use some sort of virtual gateway or virtual router in between these physical devices connected to the same network, and we will assign that virtual IP address to the client as a gateway address. So either first or maybe second, it will go down. There is no effect on the network. So we have the label of redundancy. Now we have multiple protocols. We are going to discuss the hot standby redundancy protocol. You can see that you switched one and switched it so that one is an active list and the other is a standby list. Other devices, in order of priority, are listening routers.
So there is priority. As an example, 200 versus 10, where higher is better. As for the highest priority, one of the devices will work as an active device, and the rest of them will work as standby devices. As a group, we can go ahead and put in 16 devices. So here you can see that you have priority from zero to 255, and the default is 100. Higher is preferable. So what does it mean? It means that even though you have the virtual IP and assume this priority is 200 and this priority is reading 100 and 150, let it be 100. So the traffic will go in this direction. Now, what will be the fallback if you have a land interface? Obviously, they will do some sort of replacement with this device because one is unavailable. So you have another path that you can take in this direction. But, once again, there is one question: what happens if your network interface fails? Okay, so there may be a chance that your switch will go and reboot, your disinterface will go down, and your RAN interface will go down. What will happen with the active traffic?
What will happen with the flow of the traffic? How will it converge? Okay, so we can discuss that, never mind one by one. First of all, when we have two routers in a group or two switches in a group, we can go ahead and create the group or we can do the HSRP configuration. Then they will go and elect who is active and who is on standby. And the message that they are going to send across between devices is “initial,” “learn,” “listen,” “speak,” “stand,” “by,” and “active.” So in an active estate, we have these devices that are actively forming the HSRP neighbour relationship. That neighbour relationship cannot be determined, but they will form the HSRP between them, and one of them will be the HSRP. The active one will be on standby. So here you can see that in the activist state, an interface in an active state is the live gateway and will forward traffic sent to the virtual IP addresses. Hosts will use the virtual IP as their gateway. The active router will respond to the app’s request for the virtual IP and the virtual Mac. So far, we’ve talked about virtual IP, but there’s another concept to consider: the VirtualMac. Now, for the hello packet exchange for HSRP, we have speak, standby, and active. Okay? All right, so let’s quickly discuss the Virtual Mac. And once you’ve completed the basic configuration, I’ll show you the Virtual Mac in the following slide. So you can go to the interface or you can go to the interface VLAN.
You can use this command standby now. You can define the priority, and you can go and define the virtual app. We will see all these things in the lab. Then here, you can see that this is the diagram. Although our lab diagram is different, I’ll show you the lab diagram. So these things I’m going to configure in the lab instead of on the interface. And I’m going to use any Ethernet interface or any physical interface. So you can go and do the configuration. The important thing here is that you can see that the ARP response will come from the virtual Mac. So for this particular Virtual Mac, what is the format? So you can see that this is the format for seven AC. and then the group number. This xx is in the hex that will represent the group number. So, suppose I go ahead and assign a value of ten to the HSRP group; ten converted to hex equals zero eight. So that’s why the final Mac address is seven eight.We have this if you want, and we can do the Mac address manual configuration as well. If you want, we can do the authentication configuration as well. Then we have the concept of print. So what does “print” mean by print?Suppose this is active and this is in standby, and it will go and reboot. So this will become active. But suppose it comes back online.
So if you enable the print feature, that means when the active comes up, the system will detect that he has the highest priority. So he has a priority of 200 and a priority of 100, for example. So this guy has the highest priority. That means he’ll be active again, and he’ll be on standby. If we print and enable the permission, active will remain active and standby will remain standby. Following the failure, standby will be activated, and he will be the active. So now that we have the command, we can go ahead and print a backup one. If you want, you can disable the print as well. Apart from that, we know that we have the timers for HSRP set by default to be three seconds and ten seconds. Three seconds of hello Timer. 10 seconds of dead time means you are sending three packets. Fourth packet, you are not getting a response. You’ll make sure that your HSRP group partner is not active. Maybe you have a problem, maybe you have a split-brain problem, and so on. They are using the multicast address 24002 and the UDP address 41984 for this particular hello exchange. If you want, we can give the time in milliseconds as well.
So if you want an aggressive timer or if you want fast conversions, you can go and change the hello timer. We have a few of the verification commands that we can go and check to show a standby. We can go and check on a standby brief. All right, so we have a few more slides related to failure as well. So let’s complete these slides, and in this session anyway, we have to do the lap. So I’ll go and discuss more and more of that. Now here you can see that tracking—for example, this link is down. Suppose his priority is 150 and this guy’s priority is 130. So, in essence, he is both active and on standby. Now, what you can do is track the interface that is going to van 223, and then you can decrement the priority, for example, to 60. So if you decrease the priority and this link is down, what will happen? This priority will become 90, and this is what? One, 30, 130. So that means the traffic will go in this direction, and that’s the use of the live tracking, or that’s the use of the tracking that you can track the interface and decrease the priority, and the standby will become the active, and the traffic will go in that direction. All right, so these are the points you have at this point in time. You can think of ways we can check this link. Obviously, this link is tracked. If this link is down automatically, it will go in this direction. If this device goes, obviously, it will go in this direction. If this is down, you should go back and decelerate some sort of priority. So this traffic will go in this direction. Alright, so these are the concepts related to HSRP. Let’s stop here and perform the lap task.
67. Hot Standby Router Protocol (HSRP) Lab
Alright, let’s do the lab. I created this topology in GNS 3; you can see that I have two routers, two routers, and one router; I changed the display, which means I changed the appearance of these devices. It’s router. It’s showing you as a cloud. Then there’s routers four and five. But it looks like they are the host or end machines. I have assigned the IP addresses as follows: The schema is 10 1 0. This is obviously the land segment that you can see behind R 2 and behind R 3. And then you have a static route going or reaching towards R One from R Two. And there were three. So, let’s go ahead and enable the HSRP over R 2 and R 3. Obviously, I’m going to use F zero zero for these interfaces, and then I’ll go and assign the default gateway for R four. And I’m five. So let’s do this. If I am inside R-five, let me check. That is the gateway I have given to these devices. This IP address serves as the default gateway. Is that not correct? That means I should change this. I will go and change this because I want to use the default gateway as the virtual IP. So, before we make any changes to these devices, let’s go ahead and configure the HSRP hot standby redundancy protocol. So we can go to f zero zero, and then you can use the keyword “standby.” There, you can see that you have options. Authentication delay, IP, Mac print, priority, redirect timerstrack use, BIA burned in address, and version are all variables to consider. Okay, so we want to give the group an IP address, and then I want to give the virtual IP, say, ten 11250. I don’t want to make this secondary, so leave it.
So, now that I’ve assigned the virtual IP address, I’ll go ahead and assign the priority, because this is the first of two that I want to make the active one at the master, as you can imagine, and the other will be the backup or standby. So, what configuration did we come up with? We have done only two configurations: the standby IP and the priority. I’ll go to Room 3. You can see that they try to move from “standby” to “standby active,” and if I go and check “show a standby brief,” he doesn’t know who is the standby but the state is active. Great, so let’s go and do a configuration for R Three.We have R2 and R3 connected by the line interface. I can go and do the debugging as well, so we can see some of the packets. I can go to the first Ethernet interface and prioritise 100. Now you can see that the state disabled in-plant redundancy. This is the group disable init, and now you can see the other messages. I’ll pause here. You can have a look. You must actively and passively listen to the group. This becomes the backup because it has a lower priority. Then it tells you who is active, what the VIP IP is, and what the router ID is. Then you can see all these messages. Now it is sending the hello packet every 3 seconds. So since the debug is on this device, I’ll go back here and we can check the standby. If I can get the details, So what I can do here is enter, and you can see what the virtual IP or C Mac is, which we discussed because we used group ten. So six equals zero eight. By default, the “hello” ended timer is running. The active router is local.
If you go and check the brief, then you can see who is active and who is on standby. So, at this point, it’s very simple to configure what we want. I want to go to these devices, and I want to use the IP default gateway of 11250. So these devices should have the proper gateway. All right. Now that we can do that, we can go and test it. So I’ll go ping the R one. R has one loopback interface. What does it mean if I go from R to N? If I can say, for example, “ping one one one,” let’s see if it is reachable; otherwise, I’ll go and create a static route from R two to R one. Sure. Let me look over the routing section in R 2. I can’t see that I have any static routes. So I’ll do one thing: I’ll go and create the static default route for the device 201 1 2 And if I can go here to R 3, let me undebug all of the runsection IP routes if we have any routing no. And what IP do we have here? So we have this 201, and I can go and create IP route zero zero and then the gateway 20112. And if I ping each other, if I can find it as reachable, So, if I go to this guy here, who is one of the clients, I should give him the client rather than the R 4. So suppose this is client four, and if I ping one one one, that’s the outside. Let’s see if I’m able to ping. And if I do the trace route for just one, let’s see how it is going.So first, it is going to the gateway that I have. This is the router from where I’m going, and then I’m going outside. Correct. So what we can do here is theping and then shut down one of the interfaces. So I’m going to power down the R2F0 interface. So I’ll go to the R2 interface and shut it down, which will cause the HSRP to change and you to see standby on both sides. As you can see, it is currently unknown, but if you go to Room 3 and check Show Stand by Brief, So he’s the active one, and all those other priorities are secondary.
Now, we haven’t done the printing at this point in time. So if I go here and interface zero, and you can see that this is still active despite his lower priority, and this guy here is the full output, Just let me say this: Because we haven’t enabled the print command, it’s still in speak mode. So it’s still in standby, as you can see, although the priority is high. So for that reason, what we can do is go to 0 and stand by, or we can go and enable the print command. I don’t want to use delay and other things, but if I print here, you can see the selection has been changed. I should go print here so that I can go to R three and enable printing there as well. Now, if you go and check the output, he’s active because of the print command. Similarly, if you want to go and check this interface up and down so that we can also track in this current scenario. So what does it mean? My priority is 200, and this guy has a priority of 100. I will decrease the priority by one 10.So what I can do is go to interface 0 and strand by 10. We can start tracking the serial interface at zero slash zero and then decrement the priority by one. Correct. Now, if I go ahead and take this interface down so you can see that it is no longer reachable, the traffic should redirect and go. So let’s see what actually happened actually.So, quick, standby. Now, this is still active, but if I go here to R-3, and you check Stand By Brief, what is the priority? One 10. And this guy, what’s the priority? 90. So that means the traffic should go, and here you can see that this link is down. So that means now this is the active one. So the traffic should go from here, and then it should go and reach her. Although we have a different IP on the subnet, it’s okay.
But if you go and let me stop the pingnow, if I do the rest route for one on one, you’ll be able to see how it’s going. It’s tried to restore its fixed gateway. Let me look at the gateway that has been displayed in the section interface, which is brief. So, when I do the trace route, what should be the order in which it should try to check one three means? So it should go by this: But actually, the problem is to announce the network at the bottom. So, if we go check the R 3 from R 3, I should go ping one one and source. Let me look into it. It has an idea. I’d like to show you that this guy, who is the router number one, has become active, even though his prior was 90. And this guy is tracking the interface, and he is the active one. Now that it says “showing a standby,” let’s see the configuration standby, and then we’ll do the troubleshooting. So what is this? There will be no configuration, and we will see if we can run interface f 0 0 where we have completed all of the configuration. So we haven’t done much configuration on R3, and probably that’s the reason that it’s not showing you the result. So even we are seeing the troubleshooting as well. We can go ahead and give the command “stand by 10,” and your priority by default will be 100. We know that. And then stand by 10 to see if the speed is changing, and then you can go and check now to see if something is happening here. If I go and do the first route, now you can see that it is going by that path, right? So that means if I do the ping, it is happening, and if I go and do the interface, there will be no shutdown because printing is enabled, so this link will become active. We’ll get the message and do a brief standby, and now if I do the shutdown, it will be down for some time. It is unreachable now, but now it is coming from the other side. So now it is in speaker state, and if you go and check the standby configuration, this is active. All right, so this is the way that we can go and do the configuration. There are a few configurations as well, like if you want to change the timers or use authentication, but this is the main thing that we used to do or perform with respect to HSRP.
