CCIE考試考點之一：

1、畫圖、接線

2、幀中繼（做IP MAP, no inverarp）

3、IP ADDRESSING（VLSM） 使用一個B類地址段132.y.0.0/16，backbone 1的地址為150.100.1.0/24，backbone 2的地址為150.100.2.0/24

4、RIP（IGRP Default route, RIP, redistribution）

R1從BACKBONE 1上學(xué)習(xí)一個路由，做filter 只允許199.199.y.0發(fā)到路由表中，在所有的路由器上面都能夠看到這個路由。將132.y.0.0地址段發(fā)送到backbone上。

5、OSPF（area, point-to-multipoint, virtual-link）

FR上使用地址段/27，其余為/24

AREA 5配置成NSSA，在R5上配置一個loop端口，地址為192.192.1.0，該地址需要廣播到所有的路由器上，不能將該地址放到某個area中。在R3和R1上看到METRIC不一樣。在R2、R5上配置，在R5上產(chǎn)生一個缺省路由。

由于R3很忙，因此希望OSPF PROCESS間隔時間不少于30秒鐘。

6、ISDN（DDR）

配置R3和R5作為備份，使用靜態(tài)路由，在R5到R2的連接不通的時候，該路由起作用。

配置CALLBACK。R3為server，r5為client.

備份啟用以后，R5上的路由器需要連通backbone1上的路由器和其余的路由器。其余的路由器上仍舊可以看到R5上激活端口的路由并可以連通，并且192.192.1.0/24路由在R1和R3上的metric不一樣。

7、NETWORK PERFORMANCE

在R1、R3和R4上配置CIR、BC、BE、MINCIR，使用MAP-CLASS，當(dāng)帶寬超過48000時候開始設(shè)置DE值，超過64000時丟包。采樣時間間隔為125ms。在收到becn信息的時候減少為16kbps。應(yīng)用到所有的PVC上。

8、BGP

R1為AS 1031，R4為AS 1034，R2/R3/R5為AS1099，R1與r4之間，R4與R3之間實現(xiàn)ebgp peer，R2/R3/R5實現(xiàn)IBGP PEER，r4與150.100.2.254(as 254)實現(xiàn)EBGP PEER。本網(wǎng)絡(luò)在BACKBONE2的路由器上統(tǒng)一表現(xiàn)為一個AS 2。

BACKBONE 2上的路由器向R4送197.68.1/4/5/22.0路由，需要將前三條路由總結(jié)，盡量少總結(jié)路由。其余路由不能夠見到。

在R5上新建一個LOOP，使用地址192.192.2.0，該路由在所有的路由器上都能夠看到，并且發(fā)送到BACKBONE 2的路由器上，僅能將該路由發(fā)送到BACKBONE 2上。

9、DLSW

在R3和R2之間做一個PEER，使R3上的VLAN A和RING 1/VLAN B可以通信。

R4加入該DLSW NETWORK，使得R4上的RING 2可以和VLAN A/VLAN B通信。只能配置一個PEER，不能使用BORD PEER。

Ring 1 上面有客戶機(jī)啟動session，發(fā)送很多EXPLORER，使得TR端口丟包，配置R2的TR端口，使得每次可以處理100個包。

配置R4，使得只能通過SNA數(shù)據(jù)包，包括TEST，SAP為04/08/0C的包和他們的回應(yīng)，filter要使用最少的命令行。

10、IPX

在所有的端口除了ISDN和LOOPBACK以外配置IPX路由。幀中繼上只能用EIGRP。

在BACKBONE 2上能夠傳過來IPX路由，只能接收AA00路由。

在R2上配置，使得R5上只能有網(wǎng)絡(luò)號為AA00名字為FSERV1的文件服務(wù)器 SAP項。

配置，使得VLAN B上的客戶不能訪問FSERV1，但是R5上還需要有該項。

10、APPLETALK（RTMP/EIGRP）

在所有的端口除了ISDN以外配置APPLETALK路由。幀中繼上只能用EIGRP。

VLAN A和VLAN B上的zone為ether。R1不能看到VLAN A的路由，但是能夠看到VLAN B的路由。

Disable ISDN上的IP功能。可以使用靜態(tài)路由。在R2和R3之間的連接斷的時候，ISDN能夠啟動，平時不能啟動。CALLBACK還是起作用。兩端都能夠發(fā)起呼叫。

11、IOS FEATURES

在R3上有一些用戶，只有普通權(quán)限。現(xiàn)在要做更多的限制，擁有ccie口令的用戶只可以使用show命令。

擁有ccie口令的用戶可以使用show和其他命令，其他的用戶不能夠使用show。

配置R1，使得VLAN A上的用戶可以通過WEB BROWSER上輸入路由器的命令，只允許IP為150.100.1.75的用戶訪問。

在R3和R4上配置，使得幀中繼端口上的廣播包限制在每秒160個包，240000個字節(jié)，QUEUE的長度為80。

12、MOBILE

在R1、R2和R3上配置。VLAN A上的用戶可以在BACKBONE 1和VLAN B上工作而不需要修改IP地址，可以連通所有的活動端口。

13、SWITCH

設(shè)置2/12可以監(jiān)聽VLAN A上的流量。

VLAN 200的MAXAGE是30秒。

CCIE考試考點之二：

Version 6.1b information

O. general information

在Address沒有特指的條件下，establish 135.x.y.y/24(x= RACK number， y是任意數(shù))。

在整個router 上建立loopback interface.  Address 為135.x.y.y(x== RACK number, y是router 號)

VLANA是/22；VLANB是/26；FRAME RELAY是/28；BRI是/30。

Backbone1是150.100.1.x、backbone2是150.100.2.x (x=RACK number?)

Token ring is 16Mbps.

用enable mode 使得telnet access all router。

使所有的routers 和所有的routers 的interface之間的ping 成為可能。

1.Configuration figure（config 圖）

Lab config reference. 以上述條件為依據(jù)完成config 圖，并寫出interface number, address and subnet.mask.

2.Config the communication Server

從R1到R6，以及Catalyst， 都與各自的Communication Server的ASYNC PORT1~7相連接。Config communication server by accessing communication server console.port to 各自的router console at the same time.

Set up communication server so that you can be connected by only inputting each machine’s name (R1-R6, Cat5).

3.Config Catalyst

Set up VLANA (VLAN number=50), VLANB (VLAN number=75).

After config of routing.protocol is finished, please set up catalyst console by using address 135.x.30.30 (x = rack number) so that it can be pinged from all routers.

4.config frame relay

參考圖（標(biāo)有各interface的DLCI圖和源于CISCO ROUTER的frame relay config 定義的部分提示）。根據(jù)ANSI，LMI-TYPE set up frame relay.

對R1、R2不設(shè)定subinterface.

5.Routing.Protocol (OSPF) config

如config fig. 一樣，config OSPF.

VLANA is backbone, frame relay is area1, TRN1is area2, VLANB is area5, ISDN is area6。Router’s loopback.interface should be advertised in any area.

Set up interface cost of Ethernet as 90. But don’t use IP OSPF COST command.

6.RIP config

Config RIP in R1, confirm routing information sent from backbone1 by RIP. In wnich only 192.x.x.x can be taken in.

Summary 192.x.1.0 and 192.x.3.0 as one network to show up to OSPF, redistribute 192.x.12.0 as a network  into OSPF system.

From R1 to backbone1 only 135.x.0.0 network can be seen.

7.Config default gateway

There is a IRDP client in VLANA. By the IRDP client, not config default.gateway static, but  access it to 135.x.o.o network. Meanwhile give R6 priority as default.gateway and put R3 as last.

8.ISDN config

Call from R5 and access to all area when R5’s PVC is disconnect.

You can’t call from R3.

CHALLENGE’s CHAP can only send from R3

From R5, use userx as user ID instead of host name(R5)

9.IGRP config

Use IGRP between R3 and R4. Meanwhile use ruck number as Asnumber.

Redistribute between OSPF and IGRP

R3 appears as default route on R4,. Note: the commands address summary, static route, addition network can’t be used.

10.VPN config

Configure ATM interface on R6. Its end router has address 192.1.x.254. Set up PVC(VPI=0, VCI=32).

There is a client group in VLANB with their own IP address, CIDR BLOCK is 192.1.0.0/18. The network from the BLOCK which has not been used is available. The client is default.gateway and use address 192.1.32.175. The client in VLANB need to connect to other VPN client group which is at the end of ATM interface on R6, the address is 192.1.6.x. These clients at the end of ATM interface is routing.protocol using EIGRP. Please set up that client in VLANB can be connected with client.group at the end of ATM interface on R6. 135.x.0.0 network and CIDR group’s network are completely independent. It is not necessary for the networks to see each other.

Set up R5, R6. Make sure client group in VLANB must go through router at the end of ATM interface once, than communicate with all network.

Communication should be continued by ISDN even though frame.relay is down.

11.IPX

Configure IPX address on all interface, not including loopback, ISDN, ATM, backbone. Any two interfaces of all routers can be connected, optional use RIP and/or EIGRP.

In VLANA R3 and R6 can’t be in the same network.

In VLANA sap traffic is increasing. Make sap updates transmit only when server changes happen.In VLANA there is no IPX server.

12.DLSw

Set up connection between TRN1 R2 and TRN2 R4, VLANB R5 and VLANA R2 by DLSw. Don’t connect token ring and VLANA/B.

Explorer frame on R4 destinating to the MAC address 4000.2200.xxxx on R2 is not permitted forwarded. Data frame is permitted to go through.

CCIE考試考點之三：

Sencond Day

1.BGP (question nomi??)

Configure BGP on all routers.

Set up AS100x on R2,R3,R6; AS300x on R1; AS 200x on R5; AS x on R4. x=ruck number.

R1, R5 建立與AS100x 共有的peer(??)

2.BGP set up, summary route set up

Set up router 150.100.2.254 and BGP peer on backbone2. AS of 150.100.2.254 is 254.

Summary received route from AS254 at BGP and tell AS100x. At AS 100x, other route (except summaried route) can also be seen. BGP information should be seen on all routers.

Tell R5 all of summaried address. But get that route from AS x.

3.BGP default .route

Define loopback interface of 192.192.x.0 network on R4 and advertise BGP’s(??) route.

Pass 192.192.x.o’s(??) to AS 254.

BGP’s default route can be seen by R1 when it is possible to reach 192.192.x.o network from R2.(nomi??)

4.AppleTalk

Set up AppleTalk on all interface except backbone1/2, ATM, ISDN, loopback.

On FR routing.protocol use EIGRP. On others anything can be used.

Network of TRN2 can only be seen on R4 router. But all networks must be seen on R4. And filter can’t be used.

VLANA can’t be seen from R5.

5.Accesslist

Set up access list to meet following demand on output interface of Serial 0 on R2.

POP in VLANB is not permitted to access from TRN1 to SMtp server.

SNMP traffic is not permitted.

About UDP traffic from client in TRN2 to VLANB, client port from 6000to 7000 are permitted.

Don’t put PING from R1 to R3. But PING from R3 to R1.

Backbone1 can not access to Tacacs+ server in VLANB.

Other traffic are permitted.

6.Broadcast Control

Set up Catalyst Switch. Broadcast in VLANB is undre 20% of range.

The average length of Broadcast frame, include Preamble, is 740 bite.

7.Traffic control

Set up www traffic under 1.5Mbps on output of tokenring interface of R4.

8.NetBOIS filter

Set up a filter on output of tokenring interface of R4, which access to server NBxSRV is not permitted through. x is any one character. But access to other server is permitted.

9.IP multicast routing (1)

Set up IP Multicast on R1, R2, R3, R6.

Get R1 enrolled in 224.0.5.5 Multicast Group. PING from R2, R3, R6 to 224.0.5.5.

10.IP multicast routing (2)

Set up Catalyst Switch so that it can receive Multicast Group information from R2, R6.

R3 can receive Multicast pocket(?).

CCIE考試考點之四：

V7.1

Loopback 137.y.x.x rack number , x router number

1.ospf area as diagram. After completed , all interface should be seen on all router.

2.rip

1)configure rip on r1 (e0,s1) and r5(s1)

2)r1 s1& r5 s1 unicast to backbone 1

3)config r1 so that only allow one rute from ri enter into bb1

4)r1 can connect to all other router , but not allowed using summary/static/default route

3.VLAN AND ISL and catalyst

1)catalyst 5000 上設(shè)置vlana(20), vlanb(30),vlanc(50),vland(80),vlane(70)

2)trunk 上不允許走vlan80

3)vlana(r2 e0),vlanb(r3 e0),vlanc(r5 e0),vlane(cat 5 sc0)trunk to r6

4.irb

1)config irb on r6 so that routing packet vlan a, b , c ,e

2)只允許r2,r3,r5,r6之間建立ospf鄰接關(guān)系

5．Ospf

1)area 4 中可能有內(nèi)存比較少的路由器，配置area 4 解決問題。

2)其他所有端口不能夠進(jìn)入任何一個area

6．isdn

1）basic

r5 initiate call r3 only

configure pap authentication and r3 , r5 using different password

when the error rate of r3 bir more than 10%,auto disconnect isdn link

3)pf on demand circuit to backup Ethernet

7．Hsrp & dhcp

1)configure hsrp on the token ring interface of r2 and r6 so that r6 is prefer than r2

2)when either the token ring interface of r6 fail ,r2 become active

3)there have some hosts on ring 1 of 6 ,configure r6 as dhcp server.

8．ATM LANE

1）cofigure on r6 as lecs using the atm address xxxxxxxxxxxx

2）configure r6 as les ,and lec of lane

3）configure eigrp 100 on r2 ring 1 ,r6 ring 1 and atm cloud

4）configure route redistribution from eigrp 100 to ospf , but not allowed from ospf to eigrp 100 . 在ATMcloud 上有路由器195.3.2.254

9．BGP BASIC

1)configure ibgp on r3 , r4 ,r5 , r6

2)r4 與bb2 上面的路由器（as254）建立peer ,bgp 不能建立full mesh.

3)Either r4 and inter to r1 ,so that all router can learn this route

4)Add a loopback inter to r1 ,so that all router can learn this route

5)Add a loopback inter to r3 , so that r1 cann’t learn the route.不能是由路由filter 實現(xiàn)。

10．Voip

1)configure voip on r6 so that the telphone on fxs can call to xxx sussessful

2)configure auto ring down on r6

11．Ipx

1)在r2,r3,r4,r5上配置ipx , 只允許使用eigrp , as=rack no .

2)r4與bb2路由器之間運(yùn)行rip , r1 與 r5 之間運(yùn)行 rip

3)在isdn上配置ipx撥號路由，使用snapshot ,只有在r5的以太端口down的時候，ddr才能夠啟動，只允許r5call r3 , 活動時間為5min, 安靜時間為2hour.

4)在r5上做filter , r1上只看見AA00路由。

12．IP MULTICASTING

1)在R2 , R3,R4的局域網(wǎng)端口上配置PIM SPARSE-MODE ,BB2上不要設(shè)置

2)R4,R2的局域網(wǎng)端口參加224.1.2.3組，R2作為RP且只為該組的RP

13．DLSW

1)R4與R2,R6之間建立peer , r2 為r6的備份，只有在r6的peer down時才起作用。R2,r6上不能使用remote peer

14．IOS FEATURE , CAT 5000

1)VLAN 80 沒有外接的橋和交換機(jī)，不要讓它發(fā)送BPDU

2)2/4上面有只允許某個MAC

3)2/6上面有一個MAC,設(shè)置靜態(tài)，關(guān)機(jī)仍舊在。

4)fr上面一個路由器使用dlci 101 ,在bb2上有一個tftp服務(wù)器，150.100.1.137, 該路由器在啟動時使用autoinstall

【編輯推薦】

1. CCIE認(rèn)證考試終極攻略寶典
2. 順利通過CCIE認(rèn)證考試五步經(jīng)驗之談
3. 體驗思科CCIE實驗室考試