ROUTE 642-902 Training » Policy Based Routing Sim.pdf
-
Upload
mailbanwari -
Category
Documents
-
view
223 -
download
0
Transcript of ROUTE 642-902 Training » Policy Based Routing Sim.pdf
-
8/10/2019 ROUTE 642-902 Training Policy Based Routing Sim.pdf
1/24
Home> Policy Based Routing Sim
Policy Based Routing Sim
May 8th, 2014 in LabSimGo to comments
Question
Company Acan has two links which can take it to the Internet. The company policy demands that you use
web traffic to be forwarded only to Frame Relay link if available and other traffic can go through any links.
No static or default routing is allowed.
Answer and Explanation:
Notice: The answer and explanation below are fromPeterPan and Helper.Please say thank to them!
All the HTTP traffic from the EIGRP Network should go through Frame Relay link if available and all the
other traffic should go through either link.
The only router you are able to administrate is the Border Router, from the EIGRP Network you may only
send HTTP traffic. As the other people mentioned, actually it is not a BGP lab. You are not able to execute
the command router bgp 65001
TE 642-902 Training Policy Based Routing Sim http://www.digitaltut.com/route-policy-based-ro
4 9/5/2014 1
http://www.digitaltut.com/route-policy-based-routing-simhttp://www.digitaltut.com/route-policy-based-routing-sim -
8/10/2019 ROUTE 642-902 Training Policy Based Routing Sim.pdf
2/24
1) Access list that catches the HTTP traffic:
BorderRouter(config)#access-list 101 permit tcp any any eq www
Note that the server was not directly connected to the Border Router. There were a lot of EIGRP routes on it.
In the real exam you do not know the exact IP address of the server in the EIGRP network so we have to use
the source as any to catch all the source addresses.
2) Route map that sets the next hop address to be ISP1 and permits the rest of the traffic:
BorderRouter(config)#route-map pbr permit 10
BorderRouter(config-route-map)#match ip address 101
BorderRouter(config-route-map)#set ip next-hop 10.1.101.1
BorderRouter(config-route-map)#exit
(Update: We dont need the last command route-map pbr permit 20to permit other traffic according to
Cisco:
If the packets do not meet any of the defined match criteria (that is, if the packets fall off the end of a route
map), then those packets are routed through the normal destination-based routing process. If it is desired not
to revert to normal forwarding and to drop the packets that do not match the specified criteria, then interfaceNull 0 should be specified as the last interface in the list by using the set clause.
Reference: http://www.cisco.com/en/US/products/ps6599/products_white_paper09186a00800a4409.shtml)
3) Apply the route-map on the interface to the server in the EIGRP Network:
BorderRouter(config-route-map)#exit
BorderRouter(config)#int fa0/0
BorderRouter(config-if)#ip policy route-map pbr
BorderRouter(config-if)#exit
BorderRouter(config)#exit
4) There is a Host for Testing, click on this host to open a box in which there is a button named Generate
HTTP traffic. Click on this button to generate some packets for HTTP traffic. Jump back to the
BorderRouter and type the command show route-map.
BorderRouter#show route-map
In the output you will see the line Policy routing matches: 9 packets. It means that the route-map we
configured is working properly.
Note:We have posted a Policy Based Routing lab on GNS3 similar to this sim with detailed explanation, you
can read it here.
Other lab-sims on this site:
EIGRP Stub Sim
OSPF Sim
EIGRP OSPF Redistribution Sim
IPv6 OSPF Virtual Link Sim
TE 642-902 Training Policy Based Routing Sim http://www.digitaltut.com/route-policy-based-ro
4 9/5/2014 1
http://www.cisco.com/en/US/products/ps6599/products_white_paper09186a00800a4409.shtml)http://www.cisco.com/en/US/products/ps6599/products_white_paper09186a00800a4409.shtml)http://www.digitaltut.com/route-policy-based-routing-simhttp://www.digitaltut.com/route-policy-based-routing-simhttp://www.cisco.com/en/US/products/ps6599/products_white_paper09186a00800a4409.shtml) -
8/10/2019 ROUTE 642-902 Training Policy Based Routing Sim.pdf
3/24
EIGRP Simlet
Comments
Comment pages
Previous1 789 28
Farmer
November 8th, 2013
@Dev,
No, it is not. What your route-map statements dont catch, your routing table will forward unless you
have some kind of explicit deny in a route-map statement.
route-map pbr permit 20 is not in the answer above for a good reason, it seems like everyone that
listens to CBT Nuggets comes out with route-map pbr permit 20 statement, the only reason why you
would want to add this route-map to the above answer, is if the question asks you for a preferred route
for all other traffic which is not HTTP, meaning, everything else should go out another ISP, which is
not that of HTTP but if you do this preferred route, you are contradicting what the question might ask
you other wise, and that is all other traffic MUST still use any ISP meaning, if you allow route-map
20 as a preferred route, you are not failing over any more. All your other traffic which is not HTTP
only goes to one ISP, and if that ISP is down, all your other traffic which is not HTTP is also down.
Your preconfigured routing table in your exam is setup correctly as it is, all you need to do is, forward
HTTP traffic to ISP 2, and leave it at that, otherwise you dont have failover.
F
1.
Haigazous
November 8th, 2013
Dear digitaltut
1) Access list that catches the HTTP traffic:
BorderRouter#access-list 101 permit tcp any any eq www
This command must be in global configuration mode..
2.
Ali Donia
November 12th, 2013
get this sim in my exam exactly no any problem (route-map pbr permit 20) working so
i got 1000
3.
Mohammad Dasdarnejad
November 15th, 2013
You dont have any route for all other traffic in your routing table so you need second statement,
also the scenario says send the http traffic if the frame-relay link is available if not you have to use the
other link.
I think the correct configuration is:
4.
TE 642-902 Training Policy Based Routing Sim http://www.digitaltut.com/route-policy-based-ro
4 9/5/2014 1
http://www.digitaltut.com/route-policy-based-routing-simhttp://www.digitaltut.com/route-policy-based-routing-sim -
8/10/2019 ROUTE 642-902 Training Policy Based Routing Sim.pdf
4/24
access-list 100 permit tcp any any eq www
route-map internal-traffic permit 10
match ip address 100
set ip next-hop 10.1.101.1 10.1.102.1
route-map internal-traffic permit 20
set ip next-hop 10.1.102.1
int fa0/0
ip policy route-map internal-traffic
sameboatasyou
November 15th, 2013
what is the password for the routers? cisco does not work..
5.
digitaltut
November 16th, 2013
@sameboatasyou: The password is shawn.
6.
Teekash
November 19th, 2013
Hi guys when i log onto the Host for testing it requests for a password, what is the workaround to that
as i am stuck!!!!
7.
Teekash
November 19th, 2013
How do i generate traffic that will be caught by the route-map statements created??
8.
Bayo
November 22nd, 2013
The second statement is just used to match other generated traffic. you can choose to use it if you want
to see evidience that the other traffics passing through the route map. when training with the sims you
should use the www instead of echo in your access list. From the host for testing router
telnet 10.1.101.1 www
this would generate http traffic dat would be caught in your routemap line 10.
ping either ISP1 or ISP2 to generate traffic that would match routemap line 20 ( no harm if you choose
to use it, but it lets you know that other traffic which are not http are still being forwarded by other
means. its not compulsory but I think its necessary for verification purposes in the exam).
9.
Bayo
November 22nd, 2013
also telnet isp 2 on port 80
telnet 10.1.102.1 www
this connection would not be successful since all http traffic are forwarded through the frame relay and
10.
TE 642-902 Training Policy Based Routing Sim http://www.digitaltut.com/route-policy-based-ro
4 9/5/2014 1
http://www.digitaltut.com/route-policy-based-routing-simhttp://www.digitaltut.com/route-policy-based-routing-sim -
8/10/2019 ROUTE 642-902 Training Policy Based Routing Sim.pdf
5/24
has been caught by the route map line 10. this is also a proof that all http traffic are forwarded through
the frame relay as required.
Bayo
November 22nd, 2013
but intrestingly ISP 2 telnet 10.1.102.1 www still connects despite being caught by the route map
line 10.
11.
Bayo
November 22nd, 2013
I jst got something. there is a defaul route forwarding every traffic out both isp1and isp2 so if the traffic
escape through the routemap it is then fowarded by any available link ISP1 or ISP2.
that was why telnet 10.1.102.1 www could still connect.
to force all http traffic through the frame relay, all the interfaces serial 0/0 and fa 0/1 should have the
policy on them. Someone please confirm
12.
paracyte
November 22nd, 2013
hi
passed today with 988, few new questions (around 4), new 1 drag n drop, the rest the same as in the
igor file, distance eigrp 90 105 worked for me, also in policy based lab I have added route-map pbr
permit 20 and it still worked so unsure if this is needed but I guess it does not hurt. had no issues with
any commands whatsoever during the labs. Areas and IP addresses change in the labs but no problem
just adapt to the scenario. All 5 labs included, no hotspots.
goodluck.
13.
Midget
November 25th, 2013
@Bayo, The reason you can still connect to ISP2 is due to both the connected interfaces on the
BorderRouter that are part of AS 65000. If you issue the command sho ip eigrp topology 65000 on
ISP1, you will see that it knows about the 10.1.102.0/24 subnet via 10.1.101.254. This will cause the
ISP1 router to route that traffic back out interface S0/0 to the BoarderRouters interface S0/0.
BoarderRouters interface S0/0 does not take part in the policy based routing that was set on its
interface F0/0. This will create asymmetric routing for your ingress and egress web traffic that is
destined for 10.1.102.1.
Long story short the traffic flow goes like this:
Host > Transit_router > BoarderRouter > ISP1 > BoarderRouter > ISP2.
Return traffic will be like:
ISP2 > BoarderRouter > Transit_router > Host.
14.
MooseMeat
November 27th, 2013
15.
TE 642-902 Training Policy Based Routing Sim http://www.digitaltut.com/route-policy-based-ro
4 9/5/2014 1
http://www.digitaltut.com/route-policy-based-routing-simhttp://www.digitaltut.com/route-policy-based-routing-sim -
8/10/2019 ROUTE 642-902 Training Policy Based Routing Sim.pdf
6/24
Gents as i follow the able step by step and try the echo instead of www it doesnt work, when i check
the PBR table nothing is being picked up pardon my ignorance and lack of experience, as read some
of the comments with explanation i seem to be getting further confused. anyone can shine some easy
DUM explanation please.
Haki
November 28th, 2013
Notice :
BorderRouter#access-list 101 permit tcp any any eq www (X)
BorderRoute(config)r#access-list 101 permit tcp any any eq www (O)
16.
Haki
November 28th, 2013
BorderRouter#access-list 101 permit tcp any any eq www (X)
BorderRouter(config)#access-list 101 permit tcp any any eq www (O)
17.
PT
December 3rd, 2013
@ Farmer
Good explanation, thx for the clarification!
18.
Dave
December 3rd, 2013
please use:
route-map pbr permit 20
This came in my exam today and I got full marks (I think)
19.
rockercya
December 4th, 2013
Hi Guys
do we have to use IP SLA for the policy based routing lab in the exam?
20.
Dave
December 4th, 2013
Hi Rockercya, you dont have to use ip sla in this lab. use the solution that is give by digitaltut but just
add:
route-map pbr permit 20
and you will be fine
21.
jt
December 4th, 2013
in GNS to generate traffic try telneting to the network it wont connect but your route map should
22.
TE 642-902 Training Policy Based Routing Sim http://www.digitaltut.com/route-policy-based-ro
4 9/5/2014 1
http://www.digitaltut.com/route-policy-based-routing-simhttp://www.digitaltut.com/route-policy-based-routing-sim -
8/10/2019 ROUTE 642-902 Training Policy Based Routing Sim.pdf
7/24
capture enough traffic either for both route-map pbr permit 10 or 20. to generate hhtp traffic try
Host_For_Testing>telnet 10.1.101.0 80 and for other traffic try Host_For_Testing>telnet 10.1.101.0
443
patrick
December 5th, 2013
Mohammad Dasdarnejad : tottaly agree thks !
23.
rockercya
December 5th, 2013
Thanks Dave
24.
junaid
December 9th, 2013
can any one tell me how can i download this sim for practice????????????????? plz help me
25.
AnonymousDecember 13th, 2013
Hello All! Where can I download the specifed Cisco image? thanks
26.
Ruban
December 14th, 2013
Hi Please Clear my doubt
route-map pbr permit 20 is must or not ?
if we add route-map pbr permit 20 means any match ip and set criteria want to be assing ?
27.
sepp
December 17th, 2013
@Ruban,
Most people say they got full marks when they used it..so I guess you should use it to avoid any doubts
28.
garrincha33
January 7th, 2014
im setting up a website to stream all the CCNP videos (from Ipad ect aswell)
if you want to pre register for an account email me at [email protected]
just put CCNP in the mail either subject or body. I ll email you once up and running vids should be
online in the next 2 weeks. They helped me pass all my exams so defiantely worth watching
29.
psarr10
January 8th, 2014
To PeterPan and Helper
30.
TE 642-902 Training Policy Based Routing Sim http://www.digitaltut.com/route-policy-based-ro
4 9/5/2014 1
mailto:[email protected]://www.digitaltut.com/route-policy-based-routing-simhttp://www.digitaltut.com/route-policy-based-routing-simmailto:[email protected] -
8/10/2019 ROUTE 642-902 Training Policy Based Routing Sim.pdf
8/24
Thank you very much!!!
If you need me
January 14th, 2014
passed today with 987 thanks
I also used study guides and http://www.sendmeanything.comfor the vids (great site)
lets you stream the videos so pretty essential in order to acheive a good mark
good luck people
31.
badsanta
January 24th, 2014
In my exam the fa 0/0 interface had an valid ip address
32.
tabdig
January 27th, 2014
I agree with digitaltut here, I dont think you need route-map pbr permit 20 on the end.
See this document, its very helpful around route maps, prefix lists and distribute lists:
http://www.routeralley.com/ra/docs/route_maps.pdf
Quote:
If using a route-map for policy-based routing or adjusting attributes, any routes/traffic not specifically
matched will REMAIN UNCHANGED.
If using a route-map for redistribution, any routes not specifically matched (and permitted) will not be
redistributed.
33.
Fadil
January 28th, 2014
hi all
can any one send me the last dump? examcollection is not updated
please if you have the last dump of pass4sure send a copy
my e-mail is fadil.44 @ hotmail
34.
IRK
January 28th, 2014
Hey guys, I see that for this LAB HTTP traffic generator is needed.
IP SLA can be very helpful in this case.
IP SLA should be configured on Host_for_testing using this configuration:
!HTTP GET Traffic
ip sla monitor 5
type http operation get url http://10.1.101.1
35.
TE 642-902 Training Policy Based Routing Sim http://www.digitaltut.com/route-policy-based-ro
4 9/5/2014 1
http://www.sendmeanything.com/http://www.routeralley.com/ra/docs/route_maps.pdfhttp://10.1.101.1/http://www.digitaltut.com/route-policy-based-routing-simhttp://www.digitaltut.com/route-policy-based-routing-simhttp://10.1.101.1/http://www.routeralley.com/ra/docs/route_maps.pdfhttp://www.sendmeanything.com/ -
8/10/2019 ROUTE 642-902 Training Policy Based Routing Sim.pdf
9/24
frequency 60
exit
ip sla monitor schedule 5 start-time now life forever
end
jafari
January 31st, 2014
Hi, I need a CCNP techie in japan and korea for an urgent contract position, kindly let me know ASAP
if you are free to handle it or can refer me to any one. ([email protected])
Urgent!!!
Thanks.
36.
Anonymous
February 1st, 2014
anyone have latest pass4sure or certleak dumps? I need ROUTE/SWITCH/TSHOOT/DESIGN please!
thanks in advance. please send to:[email protected]
37.
StillDign
February 2nd, 2014
If you have the GNS3.
Host_For_Testing#config t
Host_For_Testing(config)#ip route 0.0.0.0 0.0.0.0 10.1.101.1
Host_For_Testing#telnet 1.1.1.1 www
Trying 1.1.1.1, 80
% Destination unreachable; gateway or host down
BorderRouter#sh route-map
38.
dhl123
February 18th, 2014
hye guys.i also have same problem with @stilldign.idownload this lab and i try to follow all command
same with this lab.then got error.
Host_For_Testing#config t
Host_For_Testing(config)#ip route 0.0.0.0 0.0.0.0 10.1.101.1
Host_For_Testing#telnet 10.1.101.1 80
Trying 1.1.1.1, 80
% Destination unreachable; gateway or host down
please help me guys
39.
TE 642-902 Training Policy Based Routing Sim http://www.digitaltut.com/route-policy-based-ro
4 9/5/2014 1
mailto:([email protected])mailto:[email protected]:[email protected]:@stilldign.ihttp://www.digitaltut.com/route-policy-based-routing-simhttp://www.digitaltut.com/route-policy-based-routing-simmailto:@stilldign.imailto:[email protected]:[email protected]:([email protected]) -
8/10/2019 ROUTE 642-902 Training Policy Based Routing Sim.pdf
10/24
dhl123
February 18th, 2014
hye guys.i also have same problem with @stilldign.idownload this lab and i try to follow all command
same with this lab.then got error.
Host_For_Testing#config t
Host_For_Testing(config)#ip route 0.0.0.0 0.0.0.0 10.1.101.1
Host_For_Testing#telnet 10.1.101.1 80
Trying 10.1.101.1, 80
% Destination unreachable; gateway or host down
please help me guys
40.
Anonymous
February 24th, 2014
anyone help mie m using these labs bt m nt getting the actual results and on the engines which one
comes please m sitting on the 28 the help send to [email protected]
41.
AnonymousFebruary 24th, 2014
multiple choice which engine is coming plese help
42.
naved
March 4th, 2014
Hii guyscould you guys pls tell me in this lab routing will be pre-configured or we have to
configureis it possible to confiugure frame relay without frame relay switch
43.
DavidMarch 8th, 2014
The route-map clause uses a permit action, which tell IOS to indeed apply PBR logic to these matched
packets. (Had the route-map command listed a deny action, IOS would simply route the packet as
normal-it would not filter the packet). In conclusion, route-map pbr permit 20 is not neccesary.
44.
LABs Valid?
March 14th, 2014
Are this LABs still valid? Some folks say they changed today :(
45.
Tai
March 17th, 2014
I cant use the route-map command on packet tracer- gives error message (like unknown command)-
anybody knows about it pls?
46.
Anonymous
March 27th, 2014
People, stop confusing yourselves. The point of the Lab is to divert traffic on port 80 (WWW), NOT to
47.
TE 642-902 Training Policy Based Routing Sim http://www.digitaltut.com/route-policy-based-ro
24 9/5/2014 1
mailto:@stilldign.imailto:[email protected]://www.digitaltut.com/route-policy-based-routing-simhttp://www.digitaltut.com/route-policy-based-routing-simmailto:[email protected]:@stilldign.i -
8/10/2019 ROUTE 642-902 Training Policy Based Routing Sim.pdf
11/24
block or deny traffic. I hope this explanation helps you to understand it better. you should complete the
lab as it is above
From the Host for testing;
Telnet 10.1.101.1 80 This will match the route map and you will see port 80 open on ISP1
Telnet 10.1.102.1 80 This will also match the route map and you will see port 80 open on ISP2. you
will see the port open on ISP2 because when the traffic arrives at the border router it matches the route
policy on fa0/0. the traffic is then sent to ISP1 (10.1.101.1). ISP1 has a route to ISP2 so it sends the
traffic back to the border router. this time the traffic arrives on S0/0/0. This interface has no routing
policy so it forward the traffic to ISP2.
If you look closely enough you will see that the border router has two default routes.
so if you shut down s0/0/0 on the border router and telnet 10.1.102.1 80 you will see the port open. this
is because when the border router route map sets the next hop to 10.1.101.1 and tries to forward the
traffic it notices that 10.1.101.0/24 is no longer in the routing table so it forwards the traffic out the
default route of 0.0.0.0 0.0.0.0 10.1.102.1
hope this helps
omer
March 29th, 2014
can i use eq 80 instead of eq www
48.
Anonymous
March 30th, 2014
can somebody who already have the dumps downloaded into their computer send me in attached
e-mail, because now when i try to download it, it asks for the newer version of visual manager, it will
be a big help, i am using 3.4.2 version so if you have this also and your file opens on it please attachthat and send me i have CCNP switch Dumps lf you want it
49.
jim
April 3rd, 2014
@omer, yes you can use either way
50.
KF
April 8th, 2014
Need clarification . Why are we applying the policy on Int fa 0/0 . Dont you guys think that we should
apply on S0/0 interface ? Instead of fa0/0
Have exam tomorrow . Please let me know
BorderRouter(config)#route-map pbr permit 10
BorderRouter(config-route-map)#match ip address 101
BorderRouter(config-route-map)#set ip next-hop 10.1.101.1
51.
TE 642-902 Training Policy Based Routing Sim http://www.digitaltut.com/route-policy-based-ro
24 9/5/2014 1
mailto:[email protected]://www.digitaltut.com/route-policy-based-routing-simhttp://www.digitaltut.com/route-policy-based-routing-simmailto:[email protected] -
8/10/2019 ROUTE 642-902 Training Policy Based Routing Sim.pdf
12/24
BorderRouter(config-route-map)#exit
BorderRouter(config-route-map)#exit
BorderRouter(config)#int fa0/0
BorderRouter(config-if)#ip policy route-map pbr
BorderRouter(config-if)#exit
KF
April 8th, 2014
In above comment . We are set ip next-hop 10.1.101.1 is S0/0 address but on the interface we are
applying on fa0/0 . Is that correct ?
52.
ITJ
April 8th, 2014
@KF you set it on fa0/0 cuz it is the ingress interface.
53.
hey every one
April 8th, 2014
can you please send the latest dump pdf please on [email protected]
54.
Hakcy
April 9th, 2014
I m doing same configuration as it says above none of my packets are matching when i see show route
map. i am confused . need help.
55.
Jim
April 9th, 2014
@Hacky, have you applied route-map on inside interface? i thin you didnt
56.
omer
April 10th, 2014
there is no need of route-map pbr permit 20
i got these lan today and i got 1000
57.
Mian
April 12th, 2014
@omer . I agree with you ..
I have tried the same scenario in GNS 3 without route-map pbr permit 20
and also in exam I did not use route-map pbr permit 20 ..and got 1000/1000
58.
Ehsan
April 12th, 2014
59.
TE 642-902 Training Policy Based Routing Sim http://www.digitaltut.com/route-policy-based-ro
24 9/5/2014 1
mailto:[email protected]://www.digitaltut.com/route-policy-based-routing-simhttp://www.digitaltut.com/route-policy-based-routing-simmailto:[email protected] -
8/10/2019 ROUTE 642-902 Training Policy Based Routing Sim.pdf
13/24
Dears
The questions says The company policy demands that you use web traffic to be forwarded only to
Frame Relay link if available, I thinks if available keyword means using IP SLA, because without
using IP SLA we cant monitor availability
Ehsan
April 12th, 2014
Another question,
I did mentioned configuration on GNS3 but after enabling pbr, i still could telnet on port 80 on both
ISP1 and ISP2 :
BorderRouter#sho route-map PBR
route-map PBR, permit, sequence 10
Match clauses:
ip address (access-lists): 100
Set clauses:
ip next-hop 10.1.101.1
Policy routing matches: 21 packets, 1155 bytes
BorderRouter#
60.
Jim
April 13th, 2014
@Ehsan, you will be able to connect other ISP on port 80 because when traffic for ISP 2 goes to ISP1,
ISP1 has routes for ISP2 in its routing table which it learnt from Border Router via BGP. so in this case
the request for telnet ISP2 on port 80 goes to ISP1 and ISP1 checks its routing table and see it can
reach ISP2 via BorderRouter. it sends packets to BorderRouter. BorderRouter then forward them toISP2. the point is in either case, the match hits should increase if the traffic is for port 80.
61.
Jim
April 13th, 2014
@everyone, had this lab. it is exactly the same as digitaltut says. we dont need to add:
route-map PBR permit 20.
62.
Ehsan
April 13th, 2014
@Jim, Thanks dear, you are right, i test it by change the policy to icmp traffic. but in the real work
gateway route should not act as transit router. and about my first question, I think for availability check
we should configure IP SLA
63.
Santanu
April 20th, 2014
Peter, Helper and all contributors, Thanks a lot for explaining the SIMs
64.
TE 642-902 Training Policy Based Routing Sim http://www.digitaltut.com/route-policy-based-ro
24 9/5/2014 1
http://www.digitaltut.com/route-policy-based-routing-simhttp://www.digitaltut.com/route-policy-based-routing-sim -
8/10/2019 ROUTE 642-902 Training Policy Based Routing Sim.pdf
14/24
SASA
April 23rd, 2014
Here what I done.
First I change HTTP to TELNET, which I can initiate from Host_For_Testing router.
Of course, I enabled telnet to the routers ISP1 and ISP2.
Then create condition list to match:
ip access-list extended TELNET
permit tcp any any eq telnet
and a route-map:
route-map POLICY permit 10
match ip address TELNET
set ip next-hop 10.1.101.1
!
route-map POLICY permit 20
(seq.20 is important to match all other traffic that is not match in seq.10 and not to SET anything (leave
as it is)).
On Fa0/0 apply policy:
ip policy route-map POLICY
So far, we have SET the next hop address for any telnet traffic to the ISP1.
All other traffic may go where ever
Verification:
For this purpose, we must make the changes on ISP routers as they are routing traffic to each other so
test cannot be valid.
On ISP1 create:
ip route 10.1.102.1 255.255.255.255 Null0
and on ISP2 create:
ip route 10.1.101.1 255.255.255.255 Null0
Both are /32 networks, so keep that in the mind.
On ISP1/2
modify eigrp:
router eigrp 65000
no auto-summary
// remove present network statement
// add interface exact network statement, i.e.
network 10.1.101.1 0.0.0.0 // on ISP1
network 10.1.102.1 0.0.0.0 // on ISP2
65.
TE 642-902 Training Policy Based Routing Sim http://www.digitaltut.com/route-policy-based-ro
24 9/5/2014 1
http://www.digitaltut.com/route-policy-based-routing-simhttp://www.digitaltut.com/route-policy-based-routing-sim -
8/10/2019 ROUTE 642-902 Training Policy Based Routing Sim.pdf
15/24
with this modification, we cut the mutual ISP to ISP routing and with the are not advertise any of those
Null0 routes to the BorderRouter.
All is clear.
Now Policy verification from Host_For_Testing router:
test first any traffic;
ping 10.1.101.1 successfull, seq.20 show countersping 10.1.102.1 successfull, seq.20 show counters
test the telnet traffic:
telnet 10.1.101.1 successfull, seq.10 show counters
telnet 10.1.102.1 not pass, seq.10 show counters
-
8/10/2019 ROUTE 642-902 Training Policy Based Routing Sim.pdf
16/24
KB-LOVE-CCNP-ROUTE
April 26th, 2014
Comrades i like all whts on Digitaltut
67.
certinless
May 1st, 2014
dear allcontact for
CCNA
CCNA SECURITY
CCNP
guides online training updated valid dumps & discounted vouchers for exams.
skype:certcry
68.
Anonymous
May 2nd, 2014
Just wrote, same lab with different IPs
Did commands as lab suggested but my route-map policy didnt math any packets and no idea where I
went wrong
69.
mone901
May 6th, 2014
@Everyone
Hello!!! For test lab in GNS3 I configured with:
_I have changed the access list 101 permit icmp any any echo
_I config a static route on ISP1 ip route 10.1.102.1 255.255.255.255 null0 so I cancel the route in
routing table and now from ISP1 dont ping the ISP2
In normal condition from BorderRouter I can ping ISP1 but no ISP2 (because the icmp echo traffic
should go always to ISP1) while the counters in route-map increase in both cases.
ping 10.1.102.1
Sending 5, 100-byte ICMP Echos to 10.1.102.1, timeout is 2 seconds:
U.U.U (the echo arrived in ISP1 but is eliminated from the static so its respond with U.U.U)
If shut the serial0/0 on BorderRouter now I can ping ISP2 (because link to ISP1 is down and the icmp
echo traffic goes now to ISP2) and the counters of route-map always increase.
I think it is a good test
hope this help
70.
TE 642-902 Training Policy Based Routing Sim http://www.digitaltut.com/route-policy-based-ro
24 9/5/2014 1
mailto:[email protected]://www.digitaltut.com/route-policy-based-routing-simhttp://www.digitaltut.com/route-policy-based-routing-simmailto:[email protected] -
8/10/2019 ROUTE 642-902 Training Policy Based Routing Sim.pdf
17/24
sylvios
May 22nd, 2014
@all
Hi! I am wondering if the following will be considered valid response and give all the marks.
I noticed that BorderRouter should police traffic coming from 192.168.0.0/16. So is it OK if I add:
access-list 101 permit tcp 192.168.0.0 0.0.255.255 any eq www
!
route-map PBR permit 10
match ip address 101
set ip next-hop 10.1.101.1
!
route-map PBR permit 20
set ip next-hop 10.1.101.1 10.1.102.1
and then apply it in the BorderRouter Fa0/0 interface?
I did it in GNS3 and it works as the lab wants. Web traffic (telnet 10.1.101.1 www) increases matches
on the 1st route-map entry (permit 10) and all other traffic (pings) increase matches on the 2nd
route-map entry (permit 20).
Isntt this what the lab asks?
Will this be considered valid?
Thanks guys
71.
Anoymous
May 27th, 2014
Hi guys! please can someone help me with a valid dump? Will be writing in few days. Kindly send to
72.
Calling.Dr.Howard.Dr.Fine.Dr.Howard
May 30th, 2014
The lab stated that all the other traffic should go through either link.
Your config does not allow for that.
73.
Alhasan
May 31st, 2014
really thanks for everything :) @sylvios
74.
meteor
June 2nd, 2014
Guys, if your are bored with cisco preps then get on this site and have some humor laden snack time.
http://geekzoneunlimited.blogspot.in/?m=1I know it gets a bit hectic to ram on the same stuff over and
75.
TE 642-902 Training Policy Based Routing Sim http://www.digitaltut.com/route-policy-based-ro
24 9/5/2014 1
mailto:[email protected]://geekzoneunlimited.blogspot.in/?m=1http://www.digitaltut.com/route-policy-based-routing-simhttp://www.digitaltut.com/route-policy-based-routing-simhttp://geekzoneunlimited.blogspot.in/?m=1mailto:[email protected] -
8/10/2019 ROUTE 642-902 Training Policy Based Routing Sim.pdf
18/24
over again while thinking breaking yourself with burden of exam day. Go through that link and ease
out a bit.
anonymous
June 7th, 2014
passed route same simulators
76.
BrianJune 8th, 2014
the answer above is correct, if theres 2 separate ip route 0.0.0.0 0.0.0.0 pointing both links.
Does any passers here who can confirm if theres any static routes defined in the boarder router?
If theres none, then we need a route-map pbr 20 with match statement pointing to both links.
77.
unstrunghero
June 8th, 2014
Can we use ?/help on the simulation?
78.
Anand
June 14th, 2014
Is there password for host for testing
79.
killer
June 16th, 2014
GUYS who pass exam , can u confirm me if below command works during exam lab plz ??
clear ip route *
clear ip ospf proc
clear ip eigrp neigh
thx in advance
80.
Mohsan
June 18th, 2014
pass today igor and digitalut are valid but extra thing in redistribution is telnet so i lose 65 got 935 allother are good
81.
kamui
June 19th, 2014
passed exam today with success , beware to apply ip policy on fa0/1 on exam and not on fa0/0 , u could
not save conf on this lab to validate generate traffic on host for testing and do sh route-map to see
matches packet increasing.
82.
TE 642-902 Training Policy Based Routing Sim http://www.digitaltut.com/route-policy-based-ro
24 9/5/2014 1
http://www.digitaltut.com/route-policy-based-routing-simhttp://www.digitaltut.com/route-policy-based-routing-sim -
8/10/2019 ROUTE 642-902 Training Policy Based Routing Sim.pdf
19/24
Material Used
-CCNP MAster Route Rene Molenaar ,amazing pdf and labs
-VCE Player 1.02
-GNS v0.86
-Cisco.Passguide.642-902.ROUTE.v2013-06-17.by.Igor.397q.vce
-Digital Tut
No drag and drop or EIGRP/OSPF hotspot , all labs and igor 397q still valid , thanks God and all of u
here for ur feedback !!! nxt move is to go for TSHOOT to finish my CCNP Journey !!
I got heavy IPV6 question,GRE, OSPF and Eigrp redistribution multichoice, acl ,route map, no bgp
question I was surprised ?
kamui
June 19th, 2014
I also put route-map pbr permit 20 , and I did not lose points for this labs
83.
INTERNETWORKING
June 21st, 2014
Passed CCNP route yesterday with 1000 marks
all the questions here are absolutely valid
All the simulations are valid as well.
There is a slight change in the ip addresses and given statements.
i strongly recommend everyone to do practice on GNS3.
Thanks Digitaltut and other people over here.
84.
AnonymousJune 22nd, 2014
Passed CCNP route
85.
Subrata Bangladesh
June 22nd, 2014
Passed CCNP route
86.
Anonymous
June 27th, 2014
Hey Guys,
I passed my 642-902 IP Routing exam this week and here are my comments.
1- All LABs from TUT9 are still Valid
2- LABs are coming in no order and in mix with other questions. Watch the time as one of the LAB
could be your last question. You dont wanna miss any LAB (they are high score)
3- A lot of IPV6 questions. I Mean about 20 out of 50 were IPV6 and about 5 questions about GRE
Tunnel & IPSec. the rest were mix of EIGRP, OSPF, IBGP, etc.
4- No Drag and Drop
87.
TE 642-902 Training Policy Based Routing Sim http://www.digitaltut.com/route-policy-based-ro
24 9/5/2014 1
http://www.digitaltut.com/route-policy-based-routing-simhttp://www.digitaltut.com/route-policy-based-routing-sim -
8/10/2019 ROUTE 642-902 Training Policy Based Routing Sim.pdf
20/24
5- I recommend Igors test (372 questions), they give you an idea what you could expect in the exam.
6- Telnet is not active (for OSPF & EIGRP redistribution), you cannot change the line vty 0 4 either.
7- copy running-config startup-config doesnt work. Except one LAB, I couldnt save the settings and I
am not sure If I lost any score for that
8- CTRL+Z (Apply the command line and exit from config mode) doesnt work in any LAB
9- write memory doesnt work
emma
July 2nd, 2014
Pls i need the new VCE 3.4 setup. I have an exam very soon. help send the setup to
88.
SUCCESS 2014
July 15th, 2014
Hello friends, what is the latest dump for routing?
89.
lilou
July 18th, 2014
Hello all !
We should add the :
route-map internal-traffic permit 20
set ip next-hop 10.1.102.1
or not please ?
thx .
90.
victor
August 10th, 2014
Hi Guys.
anyone can say to me if i need to add the the command route-map pbr permit 20?
If, however, I added the command Is it bad?
91.
Anonymous
August 11th, 2014
Hey guys, there is another way to pratice this lab:
http://cafecomredes.blogspot.com.br/2014/06/boson-netsim-melhor-simulador-labs.html
There are many labs on Boson Netsimulator (crack)
92.
AGC
August 14th, 2014
Use debug ip policy on Border Router and direct different traffic.See the result for yourself.
93.
TE 642-902 Training Policy Based Routing Sim http://www.digitaltut.com/route-policy-based-ro
24 9/5/2014 1
mailto:[email protected]://cafecomredes.blogspot.com.br/2014/06/boson-netsim-melhor-simulador-labs.htmlhttp://www.digitaltut.com/route-policy-based-routing-simhttp://www.digitaltut.com/route-policy-based-routing-simhttp://cafecomredes.blogspot.com.br/2014/06/boson-netsim-melhor-simulador-labs.htmlmailto:[email protected] -
8/10/2019 ROUTE 642-902 Training Policy Based Routing Sim.pdf
21/24
Anonymous
August 16th, 2014
I DIDNT USE route-map pbr permit 20 in the exam
(GOT 1000/1000)
94.
angelic
August 18th, 2014
is the choices rambled in real exam?thanks in advance. my exam is on Friday please
95.
young
August 27th, 2014
did my route exam yesterday passed thanks digital tut now move on to tshoot and switch..anyone with
switch materials to help me with them mail me [email protected]
96.
yelzmani
August 29th, 2014
yo @young, are the labs the same.. same 5 labs?
97.
Cest DIEU qui est FORT
August 31st, 2014
Hi guys,
Ive passed my routing yesterday. Thanks a lot to Digitaltut.
No Drag and Drop. All the Labs are reliable, but for the Lab EIGRP OSPF Redistribution Sim, R2 to
R3 was Fast Ethernet so I had to add distance eigrp 90 105. There is enough time so you can also do it.
Good Luck
98.
neilg
September 4th, 2014
@ AGC
thank you and much appreciated , answers all the questions
99.
Comment pages
Previous1 789 28
No trackbacks yet.1.
Add a Comment
Name
TE 642-902 Training Policy Based Routing Sim http://www.digitaltut.com/route-policy-based-ro
24 9/5/2014 1
mailto:[email protected]://www.digitaltut.com/route-policy-based-routing-simhttp://www.digitaltut.com/route-policy-based-routing-simmailto:[email protected] -
8/10/2019 ROUTE 642-902 Training Policy Based Routing Sim.pdf
22/24
Subscribe to comments feed
EIGRP OSPF Redistribution SimIPv6 OSPF Virtual Link Sim
Premium Membership
Become a member to interact with all questions and practice labs!
Find out moreor Sign In
ROUTE 642-902
LabSimDrag and Drop Questions
Drag and Drop 2
Drag and Drop 3
DHCP Questions
OSPF Hotspot
OSPF Questions
OSPF Questions 2
OSPF Questions 3
OSPF Questions 4
OSPF Questions 5OSPF Questions 6
OSPF Questions 7
OSPF Questions 8
OSPF Questions 9
OSPF Questions 10
EIGRP Questions
EIGRP Questions 2
EIGRP Questions 3
EIGRP Questions 4
TE 642-902 Training Policy Based Routing Sim http://www.digitaltut.com/route-policy-based-ro
24 9/5/2014 1
http://www.digitaltut.com/route-policy-based-routing-simhttp://www.digitaltut.com/route-policy-based-routing-sim -
8/10/2019 ROUTE 642-902 Training Policy Based Routing Sim.pdf
23/24
EIGRP Questions 5
EIGRP Questions 6
EIGRP Questions 7
EIGRP Questions 8
EIGRP Questions 9
EIGRP Questions 10
EIGRP Simlet
BGP QuestionsBGP Questions 2
BGP Questions 3
BGP Questions 4
BGP Questions 5
BGP Questions 6
Redistribute Questions
Redistribute Questions 2
Redistribute Questions 3
Redistribute Questions 4
Policy Based Routing Questions
IPv6 Questions
IPv6 Questions 2
IPv6 Questions 3
IPv6 Questions 4
IPv6 Questions 5
Operations Questions
Operations Questions 2
Distribute List Questions
IPSec and GRE
6to4 Tunnel
Multicast Questions
ROUTE FAQs & Tips
Share your ROUTE Experience
ROUTE Self-Study
Basic Labs
ROUTE Knowledge
Network Resources
CCNA Website
ROUTE Website
TE 642-902 Training Policy Based Routing Sim http://www.digitaltut.com/route-policy-based-ro
24 9/5/2014 1
http://www.digitaltut.com/route-policy-based-routing-simhttp://www.digitaltut.com/route-policy-based-routing-sim -
8/10/2019 ROUTE 642-902 Training Policy Based Routing Sim.pdf
24/24
SWITCH Website
TSHOOT Website
CCNA Voice Website
CCNA Security Website
CCIP Website
CCDA Website
CCIE Website
Support Digitaltut
Your contribution will help keep this site updated!
Top
Copyright 2011-2014 ROUTE 642-902 Training
Privacy Policy. Valid XHTML 1.1 and CSS 3.UH
TE 642-902 Training Policy Based Routing Sim http://www.digitaltut.com/route-policy-based-ro
http://www.digitaltut.com/route-policy-based-routing-simhttp://www.digitaltut.com/route-policy-based-routing-sim