Pass Cisco CCIE Data Center Certification Exams in First Attempt Easily

Cisco CCIE Data Center Certification Practice Test Questions, Cisco CCIE Data Center Exam Practice Test Questions

Want to prepare by using Cisco CCIE Data Center certification exam practice test questions efficiently. 100% actual Cisco CCIE Data Center practice test questions and answers, study guide and training course from Exam-Labs provide a complete solution to pass. Cisco CCIE Data Center exam practice test questions and answers in VCE Format make it convenient to experience the actual test before you take the real exam. Pass with Cisco CCIE Data Center certification practice test questions and answers with Exam-Labs VCE files.

Introduction

7. OSPF Network Types Metric Passive interface Lab

Let's do the lab. Here you can see the topology. We have router one, router three, and switch 10 one.I'm using in between switch 10 five as L two switch. So that means having area zero. So this big blue circle is area zero, and the network is 1001 100:24. Then I have switches 10 one and 10 two connected that are inside area two zero twenty, and the network is ten110-2010, where 10 one is one and 10 two is two. I have already assigned the IP address. So what we'll do is go and enable the OSPF process. Then we'll go and check the default network type, and then I will make any of the interfaces a passive interface inside the area, and then again we'll verify the OSPF neighbour relationship. So let's do this. I can go to the router OSPFone, and even if we are here, we have the option of running this script as well. So, if you're doing the configuration over an empty party, you can tell the script to say "conft router OSPFone" and then advertise the network. You can select the devices, and then I can send the script. Once OSPF is configured, I should go and advertise the network, or I can use the network command. So what you can do here is go and check the IP route, your connected interface, and in the network command, actually, you can go and use it with the wildcard bit, and we should check that this one, 10, is part of area zero. So we know that this is correct according to policy. Then we have one loop back here that will bestepping in which area you want to put this. Also, I'll put it inside area zero, and then I'll have this guy here connected to area 20 network commands. Likewise, I can go to switch number two, and I can go and check the connected routes. I can use my network command. First and foremost, I'll advertise my loop back inside area 20, and then I'll have my network connected, which is also inside area 20 because the bottom switch places everything inside area 20. So that's why Area 20 is in Area 20. So, when we run this card, you'll notice that both interfaces are now part of area 20, they'll run the OSPF, and we can see that the OSPF loading to full means that all the states have been completed. So I can go check the show IPOs PF neighbour you can see the full BDR as well as the interface. Then we can investigate show IPOs, PFP routes, and OSPF. So here, you can see that you have the metric value and you have the ad value. A is ten plus one, so that's why it is eleven. We know that one is for the ethernet interface, and the other is for loopback. So that's why it is showing like this. All right here, you can see the Ethernet. So for that we have ten and thenonly one it is using for you back. All right, next thing that I want to check here isthat is your Iposps interface and that is E zero. Now here you can see the interface, where the network type is broadcast. So, because the switch is connected via E zero, I can go to the interface and create a point-to-point IP PF network. You can now see that you broadcasted non-broadcast multipoint to point. And if you go to point to multipoint and type question mark point to multipoint, it will be broadcast by default, and then you have the non-broadcast option. So I'm interested in making this point-to-point, and on both sides I should do it like this. So other side also I should go zero to point. Now you can see that the SPF process is running again. It is going from full to down, and the SPF algorithm is running one more time. Then we have the new SPF tree, and from there we have new routing updates or routing tables showing IPOs PF, and you can see that this network is now point-to-point. You can see this cost as well. There is other information as well related to timers, knowledge of forwarding, etcetera. All right, so we have done this task with these two switches here. Likewise, I will go and initiate the OSPF process, and I will advertise the network for R1 and R2, and only R1 and R two.We don't have any R three.So, let me quickly check here in switch 10-1: what is the total OSPF configuration that we have completed? So these three network one network is belonging to thenetwork that we have connected with r one and Rtwo that is nothing but the area zero. And then these guys have one more loop at this. Likewise, I'll go ahead, and then I will use 2 2 2 if I go ahead and check the show IPOs PF network. Here we have three devices that form the OSPF relationship. If I go and check, basically I want to check the interface. So here I can see that the network type is again "broadcast." Now, in our topology, I can use network type as a point-to-point or broadcast, but as we can see from the chart, if you are working with or dealing with frame rate, you can use NBM, and then you have the mode for NBM. I don't want to make this a non-broadcast if you make it non-broadcast, so suppose if I go to the interface and make this IPO's PF network a non-broadcast, then I need to add the neighbour command manually. So, check with your neighbour now. You can say it's a down because, in this case, you have to use the neighbour command. You have to go to Router One. Use the neighbour command. Who is your neighbor? So this guy is your neighbor. Then you use the neighbour command—this guy is your neighbor. So manually, we are adding the neighbour now. And here, too, it is detached. These are my neighbors. I'll go into interface zeroIP's nonbroadcast USPF network. The router is then PF one at a time and the neighbour is added. This time and again, I'll go and add one more neighbor. Then you can see if Show IPOsPF Neighbor still displays the IPOsPF interface. And then so now it become non broadcast. But we are seeing here that the network is down because we are using the wrong type of network here. If we have the NBM type of network or a nonvertical type of network, then we should go and use this again. and that time is changing. Okay, so what I'll do here is that I'll go and make this interface again. backup interfaces network is for example broadcast. So one side is broadcast and other sideis non broadcast at this point of time. And now you can see it is forming the relationship with her, so if I go and check, I would say it is forming this. Likewise I'll go ahead and again interfacezero USPS network is broadcast and thenwe can go and check IPOs Pfnew. All right, so now we have to test the final piece, which is the passive interface. So, let's go ahead and make one of the interfaces over R one as a passive. I can go to the route for OSPF 1. You can see that we have thiscommand passive interface default and then youcan go and make no passive interface. So once you do this command, all the interfaces become passive, meaning your neighbour is down. So no passive interface is allowed here, and that is the interface I want to make again if I go check the neighbor, which was a lab related to whatever we studied in the previous recording. You can refer to this particular lab.

8. OSPF Authentication & Virtual Link Theory

Next we have OSP for authentication and a virtual link. So start with OSP for authentication. Now, actually, it's very easy to configure, and it's different than RIP and EIGRP. What we can do, first of all, is go to the area. So you can see that I'm over OSPF, in the minside area, and using area zero authentication. Then I can go to the interface level, and then I can go and give the authentication key. So we have two things: we have the plaintext or clear text, and then we have MDF. Now same way we can go andconfigure the MD five as well. So again, you have to go to Area Zero. You can see that I'm over area zero here, and the authentication message is, so I'll go to the interface and assign the message there. I just saw. So it's very easy and straightforward. I'm going to show you in the lab section about the message digest key for this authentication, so we can discuss more in the lab. The next thing here is, what about a virtual link? Virtual linking is again one of the use cases we have in OSPF. For example, due to any reason, the customer network is not able to directly connect with area zero. We know that all the areas should be connected with area zero. Suppose you have areas one, two, and three, for example. Later, due to some reason, you are connecting area four with area three, not with area zero. So in that case, we can create the tunnel in between area zero and area four. So the router inside area four will think that I am part of area zero or am directly connected to area zero, and that's the concept of a virtual link. Again, you will see the configuration here. The configuration you'll find is very much like how we are creating the tunnel. So router area one is working as a transit, and then I have to tell you in between, say, area zero and another area, so let me go back here. So here you can see that this is a classical example where you have area zero, area one, and area two, and then you are creating the virtual link in between those. Okay, now there is a possibility that you may have area zero, and in between, you have area one. Unless, once again, the likelihood is low. But still, you can create a virtual link between them. Once we create the virtual link then over thearea zero we have put the message digest. So we can use the same key over the virtual link as well. Okay, so we have seen all these shifts, and let's perform the same task in the lab set-up so we'll understand more about the authentication and the virtual link.

9. OSPF Authentication & Virtual Link Lab

Let us perform the lab-related steps of authentication in VirtualLink. I have made the change to my setup. Here you can see that now we have R one, R two, and that's R two. But switch 105 one and then switch 10 two. So R one switch and then again switchand then the switch 10 two in thebottom subsequent network IP addresses I have changed. So we have network ten, one thousand, two hundred, and then we have respective areas like area zero, area one, and area two. Now, in lab number one, we'll go and create or run the OSPF in area zero. And then we'll do the MD-5 authentication in the same lab. Later on, we have to create the virtual link, and we have to make Area 1 a transit. All right, so let me show you this IP address assignment. Here you can see that we have created and assigned IP addresses only so far, as per the diagram. So these are the IP address assignments related to R1, R2 related to R1, and all the switches. So now let's start with area zero, that is, R 1, and switch 10 five.I'll go here and enable the router OSPF one. Then I have network say one one one, one, and then I put this inside area zero. So let me do that. Then I've got network 10, 1, 10. Also, I'll put this inside area zero. All right. Now we'll go to the switch, which is switch 10five, and we can go and check the network. First of all, we'll go and initiate the OSPF process. Then we have one network, which is the as well.So, for example, let me quickly zero, and then we have the rest of the network. So now you can see I've enabled this or I've run this command. But it's still I can't see thatOSPF is coming up and running. So I should go and check the IP over ezero zero, and we should have this IP reachability. So I think it is correct if I go and check the interface configuration for this switch. So let me try to check. So we have this command configured, and protocol is up. So if I do the ping so let me do the ping fromhere, that's the router IP and I can see that ping is working. If we could go check show Iposure and section OSPF, that would be great. So here you can see that I have this network inside ARZillow, and then I have my own network that's the loop back. But still, I can see that they are not forming a neighbour relationship. So now what I'll do is go here and make this network a 10 1 10, and then I'll remove this network statement. You can see that the problem here we have thenagain I'll go back and delete this and add this. So let me try to do bothat a time in router number one. Okay, let's try to check the IP USB number. Now they are in a two-way dryer state; they are stuck in it. All right. And if I check in here because we haven't removed OSPF yet, it will show IPOs PF neighbor. Okay, so the reason may be the network type that we haven't changed, but now it is showing it is up and running. So that's okay. Now we have the OSPF relationship for area zero. What I want to do now is run the authentication so I can go to router OSPF one and then area zero authentication. You can see here that you can do plain text authentication if you want, or you can do the more secure MD5 authentication. Then you can go and use this. Now that I have done this, you can see that the neighbour is up. But we are having one problem here: that authentication key. You don't have any valid keys. So now I'm going to and then using IPOSP for authentication. You can see that you have authentication and message digest options. So I can go and add the key as a CCNP. You can see here that you can go to authentication and key, and then you can see here that you have the option to say unencrypted. This is not that I'm looking for. So I can go and give the message digest, but I want to put the key in as well. Let's see IPOSS authentication, and we can give the authentication if it is a plain text and authentication key. And suppose I'm using authentication, then I have this option for message and digest. Actually, that is quite a confusing option that Cisco is giving to you. So, because obviously natural thing is thatwe'll go and check IPOs of authenticationand then whatever authentication will be there. But in the case of message digest, you should go and check IPOs PF, and then you have this option of message digest key if you want to put your key. So I'll put key as the CNP, but let's see MD Five, and then this is the long command that we need to put here. Now if we go and check our OSPF neighbor, we can see that our neighbour is down because of a mismatch of keys or because we don't have the key configured on the other side. So here also we can go to routerOSPF 1, area 0, and then the authentication message digest, and then we'll go to the interface. Now we are getting this error. So now you can see that the neighbour is coming back up. This is the way that we can go and do the authentication inside area zero. Now, what I want to do here that I should goto the I should first of all do the OSP restof the configuration and then we'll create the virtual link. So let me say that R one is okay in R two. Let me look at the show IP route what network that we have so far configured. So we have router OSPF one. We should have one more network, and that is ten. Let's see the network, and that is inside area one. Correct. So this network is in area one. Now we have switch number one. So let's do the configuration for switch number one and see what network we have. We have network 10 dot, which is in area number 2. Then we have a network, say 10 110 110 1101. Say for example, I put this in area one and then finallyI have ten one 20 that is inside area number one. All right. So we are very much done with this configuration. Finally, we have switch number 10-2, where we have a 10/1-30 network. So I'll go here as well and enable OSPF. And then we have networks. Say, for example, first of all, I'll advertise the loop back, and this is inside area two. And finally we have network ten one 30,that is again inside area number two. Now, after running all of these commands, go ahead and check "show Iposp of neighbor." So he has neighbors. That is, if you proceed to switch 10-5, you will find show IPOs PF Neighbor. So he should also have two neighbors. But if you go and check Show IP Route for OSPF, we'll find that he's not getting 10210-2, because it's never getting tunnelled or passed through area 1. So in this case, we should go and create the virtual link. Okay, so let's create the virtual go and createthe virtual link here inside area number one. So first of all, 10-5, and then already we are here and the router is PF-1, area 1, and then the virtual link, what is the ID? So we know that whenever ID is this, we have an option for message digest keyas well that I'll put later on, but that's it. area virtual link and then the peer device router ID. Now I'll go here and router USBF one. Area one virtual link is the router ID you need to create a PENET. That's not this one. I'll go and remove this, and that's it. So, if you go ahead and check the OSPF, you'll notice that you've started letting the route. Now, since you don't have the key configured, so inside area 0, we have the key configured, you should go here and give the key so it works properly, and it should give the key, say CCNP. And now you will see that they will start getting the message. So, if I check USBF neighbouring show IP route, you should get 102-10-2102. That will be the final valid verification for this. So after running this command, I can't see that anything is happening, so let me go and check here as well. You can see this configuration is 100% correct. You're forming a virtual link with this and Router one, along with the configuration key; everything is correct, but they're still not forming this. So what we can do here that we can goto router OSPF one more time, say for example theauthentication is message digest, this belongs to area one andhere also we have area one as well. Let's see the final configuration now that invalidkey is set to 100, which we can verify. So, what exactly is going on here? If you look at the configuration, you'll notice that once you put the key here over the virtual link, This is now his domain number one. These are the interfaces where you have to putthe authentication key for example as an empty file. But when we are creating the virtual link, actually, in that case, it is going to propagate only to area zero only.So it's not required to put the key there. But just for the security purpose, I'll go and put thekey over 100 and e one last two as well. So IP five CCNT correct and then finally Ican go here and enter for C two. So this much configuration we have done and now if yougo and check show IPOs PF neighbor, first of all youshould have the neighbour and if I go to R oneand if I go and check show IP route. So here you can see that it is getting the route, as it is directly connected with area zero. And we don't need to actually put authentication over the area of interfaces that I have done. But, for the sake of security, we want to put the authentication key everywhere. So you can go and put the authentication keys at all these places. All right, so this was the authentication, then?

10. OSPF Summary Area Types & Default Route 01

Next in this important section, we have an OSPF summary of different types of areas and the default route concept. So let's start and understand the summarization. Now clearly, you can see in the diagram that you have area zero separated by areas one and two. And, for example, if you get routes from three to seven, you can see on the other side that it is 89 to fifteen. Now we are sending all these routes to the core router. Here you can see all the individual routes, and hence the database or the topology table inside area zero will increase. Rather than what we can do, we can summarise Area Two as Area One, which is 21. So in that case, we are sending only one update, and our routing table will be efficiently utilized. Doing so, we can reduce the load on the router's CPU. So this is one of the interesting use cases we have with inter-area OSPF summarization. Now what's the command? command is very easy and straightforward. We can go to the router, and over the router, you can go to the area, and then you have to use the keyword called range, and then you can use the address and the subnet mask, and then this will be done. Now, there is one important point to mention: suppose you have some of the routes in between that are not part of a subnet. For example, if I don't have 1516, I'm still using this summarization, which is ten at 00:21. So in that case, what we can do is use the concept of static route null zero and point out this summary route towards null zero. So that means that anything that is not matching will be garbage; it will be in the bit bucket. Correct? Now you can see that we are now running the modern or advanced version of the operating system after twelve. Even this command is not required. It was required for the earlier version of iOS. Now the second point related to summarization that we have is that if the summarization is coming from the external system, it's not related to inter-area routing but it is coming from outside. Now, at this point in time, we should go to the ASPR. Suppose router B is an ASPR that is connected to a non-OSPF domain or non-OSPF routing protocol. So in that case, you can do the summarization, but the syntax will be a little bit different. So in this case, instead of doing area, the command's summary address and then the network and the subnetmass means whatever network we want to summarize. Correct? So this concept is similar to when we do aggregation, and we have two types of borders: AVR and Asvr. And like that, we can easily do the summarization. Now here you can see that we have one use case in the case of ASB or summarization: if you don't want to advertise certain prefixes. So in that case, you can go specifically to that particular network, and you can use the keyword "not advertise." If you do not advertise, obviously these networks will not be advertised inside the USPF. OK, so this is the concept related to summarization. The next important concept we have is the OSPF type. Now I have one summary chart as well where we can go and summarise the OSPF type after a few slides. So here you can see that you have area types called "backbone," "non-backbone stub area," totally astubby area," and "not so stubby area." That is NSSA. In short, So let's learn about and discuss the area type. Now starting with the basic area, that is, the normal or standard area, We know inside that area we have LSA types 1 and LSA type two.So here you can see that we have all the LSS inside the standard area, the type 1, type 2, type 3, and type 4 generated by a R. Then we have type five as well. That is generated by the ACR. so it is able to understand all the LSA. That's the standard area. Now, the second thing here is that when you're making a stub, you will make the area a stub. The stub will not accept types three and five. But remember, they will automatically inject the default route. While doing so, you can think like this. While doing so, we are cutting off the SPF calculation. And who is doing the SPF calculation? My CPU, my process So that means that we are cutting off the intensive CPU cycles, and hence we are providing a good type of optimization in terms of CPU and memory correct.Now, what's the command? Again, the CLI command is very easy and straightforward. You can go to the network. So here you can see the router process. First, go to the router process, and then you can go to area one stab.When you complete the stub, it will begin searching for types 4 and 5. Despite this, it will receive routernetwork and ABR-generated LSA. That is type one, type two, and type three. And another thing is that it is generating the default route. Now, the third concept we have is the totally stubby area. Now what totally stubby area will do? That will accept only types one and two. It will not accept types three, four, and five LS, although it will go and generate a default route for types three, four, and five LSS. Again, the use case is that we are saving bandwidth; we are saving CPU, core, process cycles, et cetera. Now, the command here is interesting in that we have used it in a stub area. We have used one stub. You must add one more keyword, "no summary," for a completely stub area. So the command is "area one stub." No summary. It will stop LSA three, four, fiveand it will generate the default route. Okay. Now the fourth one is not so stubby area.Why do we need a not-so-stubby area? We can see that you may have a chance that area zero is connected with an external network, or you may have a chance that area one is connected with an external network. Correct. So in that case, we'll see that when you have area one connected with an external network and you want to filter some sort of LSA, you are going to use the "not so stubby area," which means it's a stubby area but it's not a fully stubby area. What it will do And we'll see that, like standard stub area NSSA area routers, they'll share type one and type two LSS. Okay, they are not blocking type 1 and type 2 NSS and will also accept type 3 LSS. So they are going to accept type one, type two, and type three. But NSSA will not accept types four and five. Okay, now we are going to introduce one new LSA, namely LSA type seven, that we haven't discussed so far, but which is not so stubbornly linked with LSA type seven. And what's the use of LSA Type Seven? Now we'll see. So if an Asbr exists within the NSSA area, this Asbi will generate Type 7 LSA. Again, NSSA areas are almost identical to a stub area. If area one was configured as NSSA, it would not accept any external route originating from Router G, ASB, or outside area one. As you can see, they are not accepting any type 4 or type 5 LSA, only our type 7 LSA. So here you can see that it will not accept this router, G. It will not accept any external networks. external non-OSPF domain network. Correct. Great. Area one, on the other hand, has an as. We are within area A of router A. Those external routes will be flooded into area one as type seven. So here you can see that you have inside area one, you have router one, and you have external routes that will flood inside area one. Now, these external routes will not be forwarded to other areas as type seven LSA. Instead, they will convert it to type five. And that's the key that I'm going to summarise for the five LSA by area one of the ABR router. So what is happening here when you are creatingnot so established area, in that case, you aregetting type seven LSA and router C. What he will do He will convert type seven LSA to type five LSA, and then it will flood into the other area or the other area will calculate as per the type five LSA update. The configuration is very simple. What you have to do is have one keyword, go to the route process, and then select area one NSSA. Okay? All right. And the final concept we have is totally not in the stub area. So let me stop here and discuss the remaining concepts in the next recording. But here you can see the summary. And in this summary, let me try to highlight Backbone LSA 1234 and 5. They're not getting LSA-7, non-back ones like area one, area two, et cetera. They're also getting all the stubby LSAs—one, two, and three. Only LSA ones and two are available. Remember, they are going to generate the default routes in the northwest of the area. type one, type two, type three, and type seven. This type seven will be converted to type five, and then it will reach area zero. That's the overall summary we have with this recording. So let's stop here, and the next section will continue from here.

11. SPF Summary Area Types & Default Route 02

So let us continue where we left off. Now, next concept we have is totallynot so stubby area, that is Tnssa. So what is the main difference between a stub and a totally stub area? The same difference you'll find between not-so-stubby areas and totally not-stubby areas A totally not-so-stubby area will allow LSA types one and two, and he's going to filter types three, four, and five. Here, you can see the configuration is very straightforward. You can go to the OSPF area, and then you can give area one NSSA. The keyword is "no summary," and here we have the summary just for your reference. Now the next topic we have is OSPF and its relation to the default route. We know that when we are generating stub areas and a totally stubby area at that time in the OSP process, they are generating the default route. But in the case of APR and ESPN inside the standard area, we don't have a default route. Now, suppose you are sending LSA type three from router C and you are expecting to receive LSA type five from router 1. So you're getting LSA five from router 1, and it will go to router C and then other areas. Likewise Elicit type three will go to B and A, and actually B and then A and then the external network. At that time, suppose for the external network you want to create the gateway as router A, so we can go and create the default route. So you can see that forcerouter A is also generating a default route with itself as the next hop for the external network and injecting it into this inside area one. What is the command? The router is told to go to routerprocess, where default information will originate. So this will inject the default route. But in case suppose you want to force it. So for example, if a default route does not exist in its routing table, the router can still be forced to advertise a default route using the always command. So in that case, if I want to force the default route.

So when looking for preparing, you need Cisco CCIE Data Center certification practice test questions and answers, study guide and complete training course to study. Open in Avanset VCE Player & study in real exam environment. However, Cisco CCIE Data Center exam practice test questions in VCE format are updated and checked by experts so that you can download Cisco CCIE Data Center certification exam practice test questions and answers files in VCE format.