IEWB-SP Vol2 Lab1 System Mgt & IP Services
System Management:
Q. Logging:- Configure logging messages to be generated on two routers when their MPLS-TE tunnels are established or torn down. These messages should be sent to a syslog server with add 131.x.26.100.
Solution:- Configure mpls traffic-eng logging lsp setups & mpls traffic-eng logging lsp teardowns in global configuration mode along with logging 131.x.26.100 on both routers. Remember that standard system logging is enabled by default. If logging is disabled on your system (using the no logging on command), you must enter the logging on command to reenable logging before you can use the commands [Might be worth noting as part of troubleshooting!] The MPLS commands above are available in both configuration guide and command reference formats but the logging command is only available in command reference format on CCO.
Q. NTP – Network Time Protocol – Configure a router as time source for network with stratum = 3, all other devices in AS100 get time from this router. The NTP messages should be authenticated with MD5 hash of password CISCO
Solution:- Again, NTP can be found in Network Mgt Cmd Ref – for the source time server use ntp master 3 -> remember what a stratum is? – well a stratum one server is an NTP Server that is directly connected to radio receivers or atomic clocks; a stratum two server gets its time from a stratum one and so on => the greater the stratum the less accurate the source. Stratum range on Cisco IOS is 1-15. Default value for master stratum is 8. For authentication use the ntp authentication-key 1 md5 CISCO on the master and combine that command with ntp authenticate, ntp trusted-key 1 and ntp server 131.1.3.3 key 1 on the client routers where 131.1.3.3 is the master NTP router. Verification includes sh ntp stat and sh ntp assoc det.
- Systems Management = 6 Points.
IP Services:
Q. Service Provider Transparency – Configure the network such that if MPLS VPN users send traceroute packets they do not see intermediary next-hop values.
Solution:- Okay, the key here is traceroute so we focus on TTL and also specifying users, not other SP routers makes us think about forwarding. By default, the mpls ip propagate-ttl command is enabled and the IP TTL value is copied to the MPLS TTL field during label imposition. To disable TTL propagation for all packets, use the no mpls ip propagate-ttl command. To disable TTL propagation for only forwarded packets, use the no mpls ip propagate forwarded command. Disabling TTL propagation of forwarded packets allows the structure of the MPLS network to be hidden from customers, but not the provider. Therefore Router(config)# no mpls ip propagate-ttl forwarded is required. But we have to decide on which routers – the ones that our MPLS VPN users can see -> where is MPLS configured, which routers touch the backbone, which routers are isolated? Once these questions are answered then it’s obvious which 6 [in this case] the above command is required on in global configuration mode.
- IP Services = 3 Points.
