Hands-on Lab 21.2: Configuring and Monitoring HDLC
There really is no configuration required for HDLC (as it is the default configuration on Cisco serial interfaces), but if you completed Lab 21.1, then the PPP encapsulation would be set on both routers. This is why I put the PPP lab first. This lab allows you to actually configure HDLC encapsulation on a router.
For this second lab, you will use the same configuration you
used for Lab 21.1.
1. Set the encapsulation for each serial interface by using the encapsulation hdlc command.
RouterA# config t
RouterA(config)# int s0
RouterA(config-if)# encapsulation hdlc
RouterB# config t
RouterB(config)# int s0
RouterB(config-if)# encapsulation hdlc
2. Verify the HDLC encapsulation by using the show interface s0 command on each router.
Hands-on Lab 21.3: Configuring a GRE Tunnel
In this lab you will configure two point-to-point routers with a simple
IP GRE tunnel. You can use a real router or Packet Tracer to do this
lab.
1. First, configure the logical tunnel with the interface tunnel number command.
Corp(config)# int s0/0/0
Corp(config-if)# ip address 63.1.1.2 255.255.255.252
Corp(config)# int tunnel ?
<0-2147483647> Tunnel interface number
Corp(config)# int tunnel 0
*Jan 5 16:58:22.719: %LINEPROTO-5-UPDOWN: Line protocol
on Interface Tunnel0, changed state to down
2. Once you have configured your interface and created the logical tunnel, you need to configure the mode and then the transport protocol.
Corp(config-if)# tunnel mode ?
aurp AURP TunnelTalk AppleTalk encapsulation
cayman Cayman TunnelTalk AppleTalk encapsulation
dvmrp DVMRP multicast tunnel
eon EON compatible CLNS tunnel
gre generic route encapsulation protocol
ipip IP over IP encapsulation
ipsec IPSec tunnel encapsulation
iptalk Apple IPTalk encapsulation
ipv6 Generic packet tunneling in IPv6
ipv6ip IPv6 over IP encapsulation
nos IP over IP encapsulation (KA9Q/NOS compatible)
rbscp RBSCP in IP tunnel
Corp(config-if)# tunnel mode gre ?
ip over IP
ipv6 over IPv6
multipoint over IP (multipoint)
Corp(config-if)# tunnel mode gre ip
3. Now that you have created the tunnel interface, the type, and the transport protocol, you need to configure your IP addresses. Of course, you need to use your actual interface IP for the tunnel, but you also need to configure the tunnel source and tunnel destination addresses.
Corp(config-if)# int t0
Corp(config-if)# ip address 192.168.10.1 255.255.255.0
Corp(config-if)# tunnel source 63.1.1.1
Corp(config-if)# tunnel destination 63.1.1.2
Corp# sho run interface tunnel 0
Building configuration...
Current configuration : 117 bytes
!
interface Tunnel0
ip address 192.168.10.1 255.255.255.0
tunnel source 63.1.1.1
tunnel destination 63.1.1.2
end
4. Now configure the other end of the serial link and watch the tunnel pop up!
SF(config)# int s0/0/0
SF(config-if)# ip address 63.1.1.2 255.255.255.252
SF(config-if)# int t0
SF(config-if)# ip address 192.168.10.2 255.255.255.0
SF(config-if)# tunnel source 63.1.1.2
SF(config-if)# tun destination 63.1.1.1
*May 19 22:46:37.099: %LINEPROTO-5-UPDOWN: Line protocol on
Interface Tunnel0, changed state to up
Remember, you don’t need to configure your tunnel mode and transport protocol because GRE and IP are the defaults. It’s really important that you remember to configure the tunnel interface with the actual source and destination IP addresses to use or the tunnel won’t come up. In my example, 63.1.1.2 was the source and 63.1.1.1 was the destination.
5. Verify with the following commands:
Corp# sh ip int brief
You should see that the tunnel interface is now showing as an interface on your router. The IP address of the tunnel interface and the physical and data link status shows as up/up.
Corp# sh int tun 0
The show interfaces command shows the configuration settings and the interface status as well as the IP address and tunnel source and destination address.
Corp# sh ip route
The tunnel0 interface shows up as a directly connected interface,
and although it’s a logical interface, the router treats it as a physical interface just like serial0/0 in the routing table.
Review Questions
You can find the answers to these questions in Appendix B, “Answers to Review Questions.”
1. Which command will display the CHAP authentication process as it occurs between two routers in the network?
A. show chap authentication
B. show interface serial 0
C. debug ppp authentication
D. debug chap authentication
2. Which of the following are true regarding the following command? (Choose two.)
R1(config-router)# neighbor 10.10.200.1 remote-as 6200
A. The local router R1 uses AS 6200.
B. The remote router uses AS 6200.
C. The local interface of R1 is 10.10.200.1.
D. The neighbor IP address is 10.10.200.1.
E. The neighbor’s loopback interface is 10.10.200.1.
3. BGP uses which Transport layer protocol and port number?
A. UDP/123
B. TCP/123
C. UDP/179
D. TCP/179
E. UDP/169
F. TCP/169
4. Which command can you use to know the hold time on the two BGP peers?
A. show ip bgp
B. show ip bgp summary
C. show ip bgp all
D. show ip bgp neighbor
5. What does a next hop of 0.0.0.0 mean in the show ip bgp command output?
Network Next Hop Metric LocPrf
Weight Path
*> 10.1.1.0/24 0.0.0.0 0
32768 ?
*> 10.13.13.0/24 0.0.0.0 0
32768 ?
A. The router does not know the next hop.
B. The network is locally originated via the network comma nd in BGP.
C. It is not a valid network.
D. The next hop is not reachable.
6. Which two of the following are GRE characteristics? (Choose two.)
A. GRE encapsulation uses a protocol-type field in the GRE header to support the encapsulation of any OSI layer 3 protocol.
B. GRE itself is stateful. It includes flow-control mechanisms, by default.
C. GRE includes strong security mechanisms to protect its payload.
D. The GRE header, together with the tunneling IP header, creates at least 24 bytes of additional overhead for tunneled packets.
7. A GRE tunnel is flapping with the following error message:
07:11:49: %LINEPROTO-5-UPDOWN:
Line protocol on Interface Tunnel0, changed state
to up
07:11:55: %TUN-5-RECURDOWN:
Tunnel0 temporarily disabled due to recursive
routing
07:11:59: %LINEPROTO-5-UPDOWN:
Line protocol on Interface Tunnel0, changed state
to down
07:12:59: %LINEPROTO-5-UPDOWN:
What could be the reason for the tunnel flapping?
A. IP routing has not been enabled on tunnel interface.
B. There’s an MTU issue on the tunnel interface.
C. The router is trying to route to the tunnel destination address using the tunnel interface itself.
D. An access list is blocking traffic on the tunnel interface.
8. Which of the following commands will not tell you if the GRE tunnel 0 is in up/up state?
A. show ip interface brief
B. show interface tunnel 0
C. show ip interface tunnel 0
D. show run interface tunnel 0
9. Which of the following PPP authentication protocols
authenticates a device on the other end of a link with an encrypted password?
A. MD5
B. PAP
C. CHAP
D. DES
10. Which of the following encapsulates PPP frames in Ethernet frames and uses common PPP features like authentication, encryption, and compression?
A. PPP
B. PPPoA
C. PPPoE
D. Token Ring
11. Shown is the output of a show interfaces command on an interface that is configured to use PPP. A ping of the IP address on
the other end of the link fails. Which two of the f ollowing could be the reason for the problem? (Choose two.)
R1# show interfaces serial 0/0/1
Serial0/0/0 is up, line protocol is down
Hardware is GT96K Serial
Internet address is 10.0.1.1/30
A. The CSU/DSU connected to the other router is not powered on.
B. The IP address on the router at the other end of the link is not in subnet 192.168.2.0/24.
C. CHAP authentication failed.
D. The router on the other end of the link has been configured t o use HDLC.
12. You have configured a serial interface with GRE IP commands on a corporate router with a point-to-point link to a remote office. What command will show you the IP addresses and tunnel source and destination addresses of the interfaces?
A. show int serial 0/0
B. show ip int brief
C. show interface tunnel 0
D. show tunnel ip status
E. debug ip interface tunnel
13. Which of the following is true regarding WAN technologies? (Choose three.)
A. You must use PPP on a link connecting two routers using a point-to-point lease line.
B. You can use a T1 to connect a customer site to the ISP.
C. You can use a T1 to connect a Frame Relay connection to the ISP.
D. You can use Ethernet as a WAN service by using EoMPLS.
E. When using an Ethernet WAN, you must configure the DLCI.
14. You want to allow remote users to send protected packets to the corporate site, but you don’t want to install software on the remote client machines. What is the best solution that you could implement?
A. GRE tunnel
B. Web VPN
C. VPN Anywhere
D. IPsec
15. Why won’t the serial link between the Corp router and the Remote router come up?
Corp# sh int s0/0
Serial0/0 is up, line protocol is down
Hardware is PowerQUICC Serial
Internet address is 10.0.1.1/24
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 254/255, txload 1/255, rxload 1/255
Encapsulation PPP, loopback not set
Remote# sh int s0/0
Serial0/0 is up, line protocol is down
Hardware is PowerQUICC Serial
Internet address is 10.0.1.2/24
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 254/255, txload 1/255, rxload 1/255
Encapsulation HDLC, loopback not set
A. The serial cable is faulty.
B. The IP addresses are not in the same subnet.
C. The subnet masks are not correct.
D. The keepalive settings are not correct.
E. The layer 2 frame types are not compatible.
16. Which of the following are benefits of using a VPN in your internetwork? (Choose three.)
A. Security
B. Private high-bandwidth links
C. Cost savings
D. Incompatibility with broadband technologies
E. Scalability
17. Which two technologies are examples of layer 2 MPLS VPN technologies? (Choose two.)
A. VPLS
B. DMVPM
C. GETVPN
D. VPWS
18. Which of the following is an industry-wide standard suite of protocols and algorithms that allows for secure data transmission over an IP-based network that functions at the layer 3 (Network layer) of the OSI model?
A. HDLC
B. Cable
C. VPN
D. IPsec
E. xDSL
19. Which of the following describes the creation of private networks across the Internet, enabling privacy and tunneling of non- TCP/IP protocols?
A. HDLC
B. Cable
C. VPN
D. IPsec
E. xDSL
20. Which two VPNs are examples of service provider–managed VPNs? (Choose two.)
A. Remote-access VPN
B. Layer 2 MPLS VPN
C. Layer 3 MPLS VPN
D. DMVPN