img img
Practice Exams:
View All
  • Home
  • Cisco CCNP Enterprise 300-415 ENSDWI – Router Deployment Part 4

Cisco CCNP Enterprise 300-415 ENSDWI – Router Deployment Part 4

  1. VRRP Configuration

Let us do the VRRP configuration. So what I will do here that in this section I will go and log into the V manage from Manage I will go and edit the interface configurations. Because inside the interface we have the VRRP configuration. So we have say for example VR RP ten related to VPN 1020 and 40 we have different Verses. So let’s go here and we are inside the branch one. Say for example VPN ten interface. Here I’ll go, I have option, I can go and click edit.

So I will go and click edit. The best thing about this configuration, otherwise multiple times it will go and replicate the edit. So I should go back here and I can detach this template. So I’ll go and detach this device with this particular template. I’ll do all the changes in the template because I need to do the changes with respect to VPN ten interface 20 and VPN 40 interfaces. So better I’ll do changes now because now it will not ask all the time okay, you want to attach and it will spin up. So where we are, let’s go and see all the feature one by one VPN branch one, VPN ten interface. I’ll go here and I’ll click, say for example Edit.

Now you can see that we have VRRP here I can go and click VRRP and new VRRP. It’s very straightforward at the moment. Why? Because I know that VRRP group is ten priorities. I want to make the first switch. So how it is connected? The connection is like this, that you have one switch, you have other switch in the branch and these switches are connected. Say for example VPN ten having gig e zero slash three. Then we have say for example VPN 20 having gig e zero slash four and then we have VPN 40 that having gig zero slash five.

Gig e zero slash five that is VPN 40. Like that we have the connectivity for all those. Say for example, for all those VPN I’ll make this as an active and master and this as a backup. So this I will leave this as a default for this device. I’m not going to do configuration. It is running the CLI template. Here we have converted as a feature template. So here it is running as a default.

Say priority as 100 and this I will give 200. For example, for VPN 40 I will give priority as a 50 to branch one. So for VPN ten and 20 branch one will be active and for VPN 40 branch two. So branch two will be active. So let’s see, let’s go and do all the changes timers I don’t want to change track OMP. I want to track the OMP but I don’t have any prefix. What’s the virtual IP? Virtual IP I’ll make as a variable so I’ll leave it.

Virtual IP is the variable. I’ll click add update this since it is not attached so it will not push at the moment because I want to do three changes. So this is branch one and then VPN 20 interface. Here it is. I’ll go here and then edit and then we’ll go to the VRRP. Click. VRRP. New VRRP. Yes, VRRP. And here this time this is 20. This time also I will take the priority as a 200 track OMP. Yes, I want to track the OMP. I don’t have any prefix list here. So see what is happening here.

If you go and click default say if you track any prefix list automatically OMP is tracked. Now if you go and track the OMP, that means you are tracking the OMP overlay management protocol. It’s like that. Then the IP address what I want for this particular IP address, I should put some name here. Otherwise later on we can have some confusion. For VPN 20, this is for 21 was for ten click Add, click Update. Now I will go to the say for example branch one, the 40 interface and here also I’ll go and click Edit.

And then we’ll go to the VRP and inside this VRRP click new VRRP. And then this is 40 and this I’ll make as little less than 100. So for example 50 and then the track OMP on and this is the devices specific. So this is for VPN 40. You can give any logical name.

All right, so let me click Update and then I will go back to the template. I have the devices here and then I will reattach this template. So let me click here, attach the devices branch one. Now it will ask me all the VRRP IP addresses because all those things are the variable. So I should know what is the whip IP for all these interfaces. I’ll go and take help from my branch. Branch one vs two. So one IP is 10030 one, the second IP is ten 321. And then what about the 40 interface gigi? So interface gigi zero five one is 41.

So likewise I’ll quickly go and verify the VPN ten as well. That’s true. So let’s go and put all this value one by one. So I’ll go ahead and put the first value, that is the that should be ten and then you can see 20 and the 40. So what about the you can see the IP here is 41 related to this 40. And then here I have 21. So what you can do at this point of time, if you want to edit your CSV file again, you can download with all the variables. You can upload with all the variables and then you can push.

So while this template is pushing, what I’ll do, I’ll go and I’ll check what was the VRRP status earlier? So what is the status? You can see everything is showing backup. Let’s see so backup master means that configuration has been pushed. So for 20 you can see that now this is the master rest of two of the VRF. He is the primary, means branch one VH one is the primary.

So if I go ahead and show VRRP interfaces tab it’s a master backup. So it is running with our configuration. So what options we have with the verification you can see, you can check the VRRP VPN, say ten this type of output if you want to see all those you can use the tab. This is the best option we have where we can easily see the IPS and the master and the backup and the priority and the timer all everything in a single shot. So this is the way that we can go and push the template and then we can verify the various parameters related to VRP.

  1. VRRP Verification

Now let’s do the VRRP verification. So what I can do here that I can go to one of the branch, say for example branch number two and inside this particular branch I will shut down the OMP. So if I shut down the OMP, what will happen? We know that for VRRP 40 he is the he is the master one. That means at the moment you shut down the OMP at the branch number two he will become the master.

So let’s do that and before that let’s go to the monitor and the network, we’ll go to branch number one VH one we can go to the real time, inside real time we can go and check the VRRP information. So you have this VRRP information, it is telling that who is the master, who is the backup. So for this 40 if I go to the branch number two you can see that for 40 is the master or the active one. So now what I want to do that I just wanted to go to the template and inside branch one VH two template inside the OMP.

So if I scroll down I have the OMP CLI configuration here this shutdown I will do no shutdown, no shutdown, I’ll make shutdown in reverse direction and let me push this configuration. So now you are telling that your OMP is down and if I go back to the network and inside branch one VH one I am very much looking for the VRRP configuration and I’m expecting that this time that the VPN 40 he will become master. So although the priority is 50 but still you can see that he is the master. And the same thing if you go now and check you’ll find that all those things are in any tested because you are tracking the OMP, correct. So now if I go to the troubleshooting section and we have the device bring up connection, health ping, trace router, et cetera, tunnel hinge app route, simulate flow.

Here I don’t have anything that I can do the packet capture, but here we have the option in the CLI itself that I can go and enable some sort of debugs and do some sort of other stuff. Like I can do TCP dump as well. So let me increase the font size first. So here I can go to the admin and if you want to debug the VRRP related packets and events you can go and enable it for VPN for example ten. And now if you want to see over the screen so let me show you the full command. You can go and type, say monitor start and then what’s the location word log and dub. So we can see this show debug what debugs are on at the moment. So low priority debug is on.

Apart from that you can go and check other stuff as well. Like here you can go and do TCP dump for VPN ten because what is happening that this VRP, they should send their multitask addresses to the next shop because they are in the Microstate. So you can go and capture those packets with these commands. Okay, let me do the same thing from the CLI, from the SSH and the CLI I’m doing this at the moment from the we manage SSH.

So I am here in branch one vs two, you can see that they are down and in it. And if I go here and check that, first of all show debug and we have enabled the monitor session as well. So what you can do here, you can go to the shell, you can go to VAR log and Vdpug and you can see that are you getting any debugs related to VRRP? So at the moment I’m not getting anything, and if I go and debug VRRP for packets for VPN ten, and even I can go and debug the VRRP for events and label high for VPN ten. Now, if I go to the shell and let me see, but these are the methods that we can go and check the debugs. If I have any which is not showing at the moment, I’ll go back and attach the template means I will improve this template. Template is already attached, so I will go ahead and the OMP, I will make OMP as a no shutdown.

So let’s go back so we can restore the issue. And if I go ahead and if I type no shut down, that means this will bring up this next great. So let’s go back and say we get anything in the debug. We’re not getting anything in the Debug. And if you go and check what other debugs we have, but we have the syslog’s as well, even I can go and try the syslog as well.

So in the syslog message, so many messages are there. All right, so here if I go and check if I have any log messages related to VRRP, we have some gateway related message related to Cloud Express, but I don’t have any message related to the Debug. Apart from that, if we go and see other debugs, so I have only one Debug and rest of the debugs are related to other events. Still, this cloud device is not generating Debug. Never mind, we’ll go back and if I can go and check the TCP dump with respect to say VPN ten, with respect to interface gigi zero slash three, if you want, you can give the options now you can see that you can at least see this TCP VR RRP messages. So this is the way that you can collect some of the information’s and then you can further use for your verification and maybe later on you can use for the tissue purposes.

  1. OSPF Part 01

Let us understand that how we can go and configure OSPF in the VH devices or the SD one viptella we have the topology diagram and we have DC one and DC two. In both the DC one and DC two we have almost same type of topology or architecture. So here you can see that I have DC one VH one whose service side interface connected here and this infra here is running OSPF. So what I will do I’ll go and I will log into the device and then I’ll show you the configuration. Now what I’m going to do next that I will go and create one loop back interface and that loopback interface I will put inside OSPF area zero and we’ll see that will be propagated. So what will happen that OSPF will send those advertisements to the OMP where we have the Vsmart and OMP will again reflect back those routes to the other branches because OMP with help of Vsmart or Vsmart with help of OMP is working as a route reflector and he will reflect the routes to the other end.

So let me go and log into the devices and let me show you the configuration. All right so I log in into the device and if we go and check the VPN Ten configuration here you can see that I have my OSPF running. The configuration although is very straightforward. You can go to VPN and you can enable the OSPF. You can continue like this say area zero and then if you have the interfaces you can go and put the interfaces. All right so now we are in the interface then all other stuff related to interface level OSPF configuration we can do like the authentication either it’s simple or empty five the intervals hello and date intervals then network type different type of network type supported in OSPF. So you can go and check these options as well as a broadcast point to point.

If you are there in broadcast, then again you can go and check the other stuff as well. If I go inside the authentication you can see that you have the authentication key message digest and authentication type is message digest same light. We can do this type of configuration in Cisco as well. Same type of configuration you can see here as well. All right so once you are inside the area here you can see that you can go and give the NSSA range or you can make a stub as well.

Suppose if I go inside the interface label then over the interface label once you define say for example the cost and the priority et cetera then we have option I can go back to the router label and over the router label I can do the redistribution. So here you can see that you have the redistribute route policy. Now if I go inside to redistribute you can see that I can redistribute OMP and we have various other protocols as well that we can redistribute very much Cisco type of thing.

And there is no new type of configuration that we need to learn. Now, what’s new here is that we should understand that how we are going to do this configuration via the GUI. So suppose if I’m using the feature template then how I can go and create the template related to OSPF for my data center, correct? So let me log into the we manage and I’ll walk you through the GUI template. And we have one task that I should go here and create one loop back.

So for example loop back hundred and then I should advertise that loop back 100 inside the OSPF. So that task I want to do once I advertise then I can go ahead and check show IP OSPF or you can check show OSPF and then the routes say for example 100 it should come here. At the moment it is not showing up. But after creating the network it should come because we are going to create one loop back inside DC, one inside VRF or VPN ten. And once we do that here you can see the configuration is such that OMP is advertising OSPF. So it will do the authentication and after the authentication we can check this.

We should know at this point of time that how we are going to do the two-way authentication means that anything is coming from SDWAN domain, how it will go and reach to non SDWAN domain and vice versa. So what is happening here in this case? Suppose that I have my edge device and suppose I have my VPN ten. Now inside VPN ten I have my subnets.

Suppose if I go and enable one loop back 100 et cetera, what will happen that you can reach to Vsmart and here you can send this traffic. So we can go and do the redistribution. That means the OMP and the advertise keyword will take these prefixes sent to Vsmart which is working route reflected. It will reflect to other places. Likewise, here if you have any router and where you peered with OSPF, then you should go inside OSPF and redistribute OMP. That means whatever routes that you are getting from your OMP that will go to the OSPF domain. All right? So this way we can go and do this redistribution.

Now task here we have is that we should perform this task via the GUI. So let me log into the we manage dashboard and from there we will do this configuration. So here we are. Let me go here and enable that feature. So what we’ll do, we’ll go to the configuration and template. Here we have the configuration. So let’s create first of all I want to create one template for loop back 100. So I’ll go ahead and create click feature then add the template.

Then I will go and search the cloud. I want to create one VPN interface. So here you can see that you have the VPN interface ethernet I can go and use this. I will go and give the name as say for example loop back 100 and then shut down is no, the interface name is loop back back 100. I want to assign the static IP to this. So let’s do that static IP I want to assign is 100 100 say for example 132 that’s it, I can save this. Next we’ll go and check the template that is attached with the data center. So I have this DC Vs template attached with data center.

What I’ll do that I’ll create one copy and I’ll make this that this is say for example for DC one v edge one because I’m going to use this copy template. So now we have this template. We want to edit this template. Let’s go and check edit let’s figure out that where is OSPF template. You should go to service VPN. Inside that you can see that you have DC with filtering option OSPF template.

Now what we’ll do that we’ll go and modify this template. So again I can go to the features. You can go and search with OSPF. You’ll get that Ospft see with filtering this template also I want to create copy remember, whenever you are doing anything, any change, please create one copy. Do the changes on that copy so your running configuration will not tampered or any problem with that running configuration correct. So I have this copy of this template and then this copy this guy here will go and edit this because we want to add one of the interface in this.

So now here you can see in the GUI that router ID is user defined as well as sentinel the internal and external distance, the inter area distance then we are redistributing OMP here you can see then again if I scroll down if you have any LSA related configuration we haven’t put what is the area? Area zero. Here we can go and add the interface.

Here you can see that interface added is gigi zero. But what we want want we to add one new interface. So you can go and add one new interface. Let me try to add one more interface. It’s asking about add area range that I don’t want actually I want to add the interface. So click to the interface and if you have this option here to edit let me see if I can add even you can see the interface related command you have here I have this interface option and the interface I want to add is say for example loop back 100. Now already, remember already we have created feature template for loop back 100 correct?

And that feature template loop back hundred I want to add here now we’ll see that how we can do that. But I have added this loop back handed safe changes, and now you can see that we have two interfaces inside area zero. This is done. I’ll click update, rest of the things I’m not changing. But if you go to the OSPF and you can understand that whatever configuration that you can do in the OSPF or any OSPF, either Cisco or non Cisco devices, all the features are supported here. You can see the advanced option as well, where if you want, if you have any route policy, you can go and put here the hold on timer, the initial SFP calculation, et cetera.

So each and everything is supported here. Now, what happened in this point of time that we have created this template? Now let’s go back to the template. We haven’t attached anything we have created inside the service template. But inside VPN Ten we should go and add the loop back zero. So that’s why that’s the reason we have created.

This loop back 100. And this is in alphabetical order. So you can go and find this loop back hundred. Now you can click update. Now we have up and ready OSPF template. What we can do here that we should go ahead and attach the device now. This time I want to attach only DC one vs. One because I’m interested with this device only once. We’ll go and attach and click next if you want to see the differences you can go and check the differences of the configuration but now this is scheduled let’s go and check show interface description so it will show you the new interface if the template has been pushed successfully.

So inside VPN Ten you will see that you have one new loopback address. And if you have given loopback hundred no shirt, it will show you up and running. If any problem with the attached template, if it is not working, if it is not attached, then it will go and throw an error.

So now it is throwing an error. What error we have? Let’s see so we have an error its error is telling that loop back hundred invalid name so it is telling that he is not able to understand loop back 100 inside VPN ten and that’s why this got failed. So what does it mean if you go back to the template now? This edit and the validation process is important this is actually this problem with the Vitelli devices are that they are very much case sensitive. Suppose if you go and give the interface, say for example in Caps I have given the interface name in capital L, so it may be not able to understand that. Okay, so let’s change the name. And again I should go to OSPF and again I should go to the copy template.

And that’s the one of the main reason that we are copying the template before doing anything. So if you are doing anything, there may be chances that error may come. So you just do the copy method. If you do that, then the chance of error will be if chance of error will be there, you still have the option you can go and correct it. So loop back hundred I have corrected both the places let’s.

Save the change. Let’s click update and once this is updated, go back to the template. And we have the template. We’ll go here and attach one of the device that is GC one, VH one and then we’ll log. Into the CLI and we will verify it. Click next and I’ll log into the CLI for GC one VH one and let’s see. It will take some time to push this configuration. If everything is okay and correct again it will throw an error. Then we need to go and check it at why it is keep throwing the error.

Related posts:

  1. 10 Classy Cloud Storage Services You Can Use for Free
  2. 2018’s Top 10 Certification Exams In IT
  3. 25 Important Project Management Terms That Will Lead You to Success
  4. 98-381 Microsoft Introduction to Python – Arrays
  5. Best Paying TECH Careers In IT
  6. Boost Your Career With Cisco Certifications (Part 2)
  7. Dive into the World of Microsoft MCSE Certifications!
  8. Explore the Best Computer Jobs to Take Your First Step into the Future
  9. Tips To Write A Perfect CV
  10. Top 5 Networking Certifications: Do You Want to Boost Your Career Potential in 2020?

Popular posts

Top Vendors On The IT Certification Market

Top 5 Agile Certifications You Should Pursue in 2020

Case Study Hillary’s HillRaisers raising cash for Obama inauguration

SY0-501 Section 1.1- Implement security configuration parameters on network devices and other technologies.

Your Best Career Path With EC-Council Certification

Job Opportunities For MCSE Certification

Reasons To Get Microsoft MCSA Certification

SY0-501 Section 3.2- Summarize various types of attacks.

SY0-501 Section 6.2- Given a scenario, use appropriate cryptographic methods.

What Should You Know About New Amazon AWS Certified Database – Specialty Exam?

Recent Posts

img