Lab -Troubleshoot IP SLA and Netflow

Topology

Addressing Table
Device Interface IPv4 Address/Mask IPv6 Address/Prefix Length Link-Local Address

R1 G0/0/0 209.165.200.1/24 2001:db8:200::1/64 fe80::1:1

R1
G0/0/1 172.16.0.1/24 2001:db8:acad::1/64 fe80::1:2
R2 G0/0/0 209.165.200.2/24 2001:db8:200::2/64 fe80::2:1

R2
G0/0/1 209.165.201.2/24 2001:db8:201::2/64 fe80::2:3

R2
Loopback 0 209.165.224.1/32 2001:db8:224::1/64 fe80::2:4
R3 G0/0/0 209.165.201.1/24 2001:db8:201::1/64 fe80::3:1

R3
G0/0/1 172.16.1.1/24 2001:db8:acad:1::1/64 fe80::3:2

 2020 - 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 1 of 5 www.netacad.com
Lab -Troubleshoot IP SLA and Netflow

Device Interface IPv4 Address/Mask IPv6 Address/Prefix Length Link-Local Address

D1 G1/0/11 172.16.0.2/24 2001:db8:acad::2/64 fe80::d1:1

D1
VLAN 3 172.16.3.1/24 2001:db8:acad:3::1/64 fe80::d1:2

D1
VLAN 8 172.16.8.1/24 2001:db8:acad:8::1/64 fe80::d1:3

D1
VLAN 13 172.16.13.1/24 2001:db8:acad:13::1/64 fe80::d1:4
D2 G1/0/11 172.16.1.2/24 2001:db8:acad:1::2/64 fe80::d2:1

D2
VLAN 3 172.16.3.2/24 2001:db8:acad:3::2/64 fe80::d2:2

D2
VLAN 8 172.16.8.2/24 2001:db8:acad:8::2/64 fe80::d2:3

D2
VLAN 13 172.16.13.2/24 2001:db8:acad:13::2/64 fe80::d2:4
A1 VLAN 3 172.16.3.3/24 2001:db8:acad:3::3/64 fe80::a1:1
PC1 NIC 172.16.3.10/24 2001:db8:acad:3::10/64 N/A
PC2 NIC DHCP SLAAC
PC3 NIC DHCP SLAAC

Objectives
Troubleshoot network issues related to the configuration and operation of IP SLAs and Netflow.

Background / Scenario
In this topology, R1 and R3 are boundary routers for BGP AS 138. They are both connected to R2. R2 is a
boundary router for BGP AS 77. R1 and R3 are adjacent with D1 and D2 via OSPFv3 Address Families for
both IPv4 and IPv6. R1 and R3 are both providing default routes to the OSPF network. The default routes are
configured to be OSPF External Type 1 routes. Switches D1 and D2 are performing inter-VLAN routing for
VLANs 3, 8, and 13. Switches D1 and D2 are providing gateway redundancy using HSRP version 2. The
virtual router for each VLAN uses the host address .254. Switches D1 and D2 are also providing DHCP
services for IPv4 clients. IPv6 clients use SLAAC. You will be loading configurations with intentional errors
onto the network. Your tasks are to FIND the error(s), document your findings and the command(s) or
method(s) used to fix them, FIX the issue(s) presented here and then test the network to ensure both of the
following conditions are met:
1) the complaint received in the ticket is resolved
2) full reachability is restored
Note: The routers used with CCNP hands-on labs are Cisco 4221 with Cisco IOS XE Release 16.9.4
(universalk9 image). The switches used in the labs are Cisco Catalyst 3650 with Cisco IOS XE Release
16.9.4 (universalk9 image) and Cisco Catalyst 2960 with Cisco IOS Release 15.2(2) (lanbasek9 image).
Other routers, switches, and Cisco IOS versions can be used. Depending on the model and Cisco IOS
version, the commands available and the output produced might vary from what is shown in the labs. Refer to
the Router Interface Summary Table at the end of the lab for the correct interface identifiers.
Note: Make sure that the devices have been erased and have no startup configurations. If you are unsure,
contact your instructor.
Note: The default Switch Database Manager (SDM) template on a Catalyst 2960 does not support IPv6. You
must change the default SDM template to the dual-ipv4-and-ipv6 default template using the sdm prefer dual-
ipv4-and-ipv6 default global configuration command. Changing the template will require a reboot.

 2020 - 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 2 of 5 www.netacad.com
Lab -Troubleshoot IP SLA and Netflow

Required Resources
 3 Routers (Cisco 4221 with Cisco IOS XE Release 16.9.4 universal image or comparable)
 2 Switches (Cisco 3560 with Cisco IOS XE Release 16.9.4 universal image or comparable)
 1 Switch (Cisco 2960 with Cisco IOS Release 15.2(2) lanbasek9 image or comparable)
 3 PCs (Choice of operating system with terminal emulation program and a packet capturing utility
installed)
 Console cables to configure the Cisco IOS devices via the console ports
 Ethernet cables as shown in the topology

Instructions

Part 1: Trouble Ticket 23.1.4.1

Scenario:
You tasked the junior network administrators working over the weekend to deploy and test IP SLAs on
switches D1 and D2 so that they would relinquish the HSRP Active Role if an upstream interface were to go
down. The reports you receive on Monday morning state that the SLAs are in place, but HSRP is not
behaving as expected. They need your expertise to figure out what is wrong.
Use the commands listed below to load the configuration files for this trouble ticket:

Device Command

R1 copy flash:/enarsi/23.1.4.1-r1-config.txt run

R2 copy flash:/enarsi/23.1.4.1-r2-config.txt run
R3 copy flash:/enarsi/23.1.4.1-r3-config.txt run
D1 copy flash:/enarsi/23.1.4.1-d1-config.txt run
D2 copy flash:/enarsi/23.1.3.1-d2-config.txt run
A1 copy flash:/enarsi/23.1.4.1-a1-config.txt run

 PC1 must have the addresses shown in the topology diagram statically assigned. PC2 and PC3 will
receive their addresses dynamically.
 Passwords on all devices are cisco12345. If a username is required, use admin.
 When you have fixed the ticket, change the MOTD on EACH DEVICE using the following command:
banner motd # This is $(hostname) FIXED from ticket <ticket number> #
 Save the configuration by issuing the wri command (on each device).
 Inform your instructor that you are ready for the next ticket.
 After the instructor approves your solution for this ticket, issue the reset.now privileged EXEC
command. This script will clear your configurations and reload the devices.

Part 2: Trouble Ticket 23.1.4.2

Note: This ticket only works on 4000-series routers. If the routers in use are ISR G2 series (29/39xx series),
use trouble ticket 23.1.4.3 instead.

 2020 - 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 3 of 5 www.netacad.com
Lab -Troubleshoot IP SLA and Netflow

Scenario:
Management is asking for detailed information on traffic flowing in and out of the network. They want this
information to help shape updates to the organizational security policy, as well as get an idea about
bandwidth utilization. Your intention is to configure Flexible Netflow to gather information on traffic entering
and exiting the OSPF interfaces on R1 and R3. After a lot of work sorting out how to configure the technology,
you thought you had it configured, but the collector at PC1 is still not receiving any data.
Use the commands listed below to load the configuration files for this trouble ticket:

Device Command

R1 copy flash:/enarsi/23.1.4.2-r1-config.txt run

R2 copy flash:/enarsi/23.1.4.2-r2-config.txt run
R3 copy flash:/enarsi/23.1.4.2-r3-config.txt run
D1 copy flash:/enarsi/23.1.4.2-d1-config.txt run
D2 copy flash:/enarsi/23.1.4.2-d2-config.txt run
A1 copy flash:/enarsi/23.1.4.2-a1-config.txt run

 PC1 must have the addresses shown in the topology diagram statically assigned. PC2 and PC3 will
receive their addresses dynamically.
 Passwords on all devices are cisco12345. If a username is required, use admin.
 When you have fixed the ticket, change the MOTD on EACH DEVICE using the following command:
banner motd # This is $(hostname) FIXED from ticket <ticket number> #
 Save the configuration by issuing the wri command (on each device).
 Inform your instructor that you are ready for the next ticket.
 After the instructor approves your solution for this ticket, issue the reset.now privileged EXEC
command. This script will clear your configurations and reload the devices.

Part 3: Trouble Ticket 23.1.4.3

Note: This ticket only works on ISR G2 series (29/39xx series) routers. If the routers in use are from the 4000-
series, use trouble ticket 23.1.4.2 instead.
Scenario:
Management is asking for detailed information on traffic flowing out of the network. They want this information
to help shape updates to the organizational security policy, as well as get an idea about bandwidth utilization.
Your job is to configure Netflow to gather information on traffic entering and exiting the OSPF interfaces on
R1 and R3. This is a new technology for you, but you think you have worked out how to configure it,
unfortunately the collector at PC1 is still not receiving any data.
Use the commands listed below to load the configuration files for this trouble ticket:

Device Command

R1 copy flash:/enarsi/23.1.5.3-r1-config.txt run

R2 copy flash:/enarsi/23.1.5.3-r2-config.txt run
R3 copy flash:/enarsi/23.1.4.3-r3-config.txt run

 2020 - 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 4 of 5 www.netacad.com
Lab -Troubleshoot IP SLA and Netflow

D1 copy flash:/enarsi/23.1.4.3-d1-config.txt run

D2 copy flash:/enarsi/23.1.4.3-d2-config.txt run
A1 copy flash:/enarsi/23.1.3.3-a1-config.txt run

 PC1 must have the addresses shown in the topology diagram statically assigned. PC2 and PC3 will
receive their addresses dynamically.
 Passwords on all devices are cisco12345. If a username is required, use admin.
 When you have fixed the ticket, change the MOTD on EACH DEVICE using the following command:
banner motd # This is $(hostname) FIXED from ticket <ticket number> #
 Then save the configuration by issuing the wri command (on each device).
 Inform your instructor that you are ready for the next ticket.
 After the instructor approves your solution for this ticket, issue the reset.now privileged EXEC
command. This script will clear your configurations and reload the devices.

Router Interface Summary Table

Router Model Ethernet Interface #1 Ethernet Interface #2 Serial Interface #1 Serial Interface #2

Fast Ethernet 0/0 Fast Ethernet 0/1

1800 (F0/0) (F0/1) Serial 0/0/0 (S0/0/0) Serial 0/0/1 (S0/0/1)
Gigabit Ethernet 0/0 Gigabit Ethernet 0/1
1900 (G0/0) (G0/1) Serial 0/0/0 (S0/0/0) Serial 0/0/1 (S0/0/1)
Fast Ethernet 0/0 Fast Ethernet 0/1
2801 (F0/0) (F0/1) Serial 0/1/0 (S0/1/0) Serial 0/1/1 (S0/1/1)
Fast Ethernet 0/0 Fast Ethernet 0/1
2811 (F0/0) (F0/1) Serial 0/0/0 (S0/0/0) Serial 0/0/1 (S0/0/1)
Gigabit Ethernet 0/0 Gigabit Ethernet 0/1
2900 (G0/0) (G0/1) Serial 0/0/0 (S0/0/0) Serial 0/0/1 (S0/0/1)
Gigabit Ethernet 0/0/0 Gigabit Ethernet 0/0/1
4221 (G0/0/0) (G0/0/1) Serial 0/1/0 (S0/1/0) Serial 0/1/1 (S0/1/1)
Gigabit Ethernet 0/0/0 Gigabit Ethernet 0/0/1
4300 (G0/0/0) (G0/0/1) Serial 0/1/0 (S0/1/0) Serial 0/1/1 (S0/1/1)

Note: To find out how the router is configured, look at the interfaces to identify the type of router and how many
interfaces the router has. There is no way to effectively list all the combinations of configurations for each router
class. This table includes identifiers for the possible combinations of Ethernet and Serial interfaces in the device.
The table does not include any other type of interface, even though a specific router may contain one. An example
of this might be an ISDN BRI interface. The string in parenthesis is the legal abbreviation that can be used in
Cisco IOS commands to represent the interface.
End of document

 2020 - 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 5 of 5 www.netacad.com