Docs
Powered by

# Lab 9 - Multiarea OSPF & GRE

Shrimp Co. is opening remote offices in Milwaukee and New Orleans. Implement multi-area OSPF for scalable routing and configure GRE tunnels to connect all locations over the internet.

Tip: Individual topology files are available in the diagrams folder on my Github

# Configuration Tasks

# 1. Access Layer Configuration:

  • Host access ports
    • Configure according to diagram
    • Add descriptions
  • Management SVIs
    • Configure VLAN 99 SVIs according to diagram
  • VLANs, Trunks & Port-channels
    • Ensure VLAN databases are matching and VLANs are allowed across all links

# 2. Distribution Layer Configuration:

  • Routed Ports & Loopback0
    • Configure routed ports and Loopback0 according to diagram
  • VLANs, Trunks & Port-channels
    • Ensure VLAN databases are matching and VLANs are allowed across all links
  • VRRP Configuration
    • Configure VIPs according to diagram
    • Load balance active gateways using priority
    • Implement MD5 authentication
  • OSPF
    • Configure OSPF process 1 with passive-interface default
    • Advertise all host subnets with a single summary network statement
    • Advertise Loopback0
    • Form adjacencies on Eth5-6 in Area 0
    • Utilize MD5 neighbor authentication

# 3. Router Configuration:

  • Routed Ports & Loopback0
    • Configure routed ports, Loopback0, and Tunnel0 according to diagram
  • OSPF
    • Configure OSPF process 1 with passive-interface default
    • Form adjacencies on Eth0/1-2 in Area 0
    • Form adjacency on Tunnel0 in Area 1 on sea-mdf-r1
    • Form adjacency on Tunnel0 in Area 2 on sea-mdf-r1
    • Originate a default route
    • Advertise Loopback0
  • BGP
    • Peer BGP using a neighbor statement targeting your public next-hop
  • NAT
    • Allow internet access for only host subnets by configuring NAT overload
  • DHCP
  • Configure DHCP Pools on both routers for all host subnets so that routers cannot provide overlapping IP addresses

# 4. Remote Site Configuration:

  • Switch
    • Ensure VLAN 10 is stretched up to router subinterface
  • Router
    • Configure router subinterface and Loopback0 according to diagram
    • Configure static default route to public next-hop
    • Configure OSPF process 1 with passive-interface default
    • Form adjacency on Tunnel0 in Area 1 on sea-mdf-r1
    • Form adjacency on Tunnel0 in Area 2 on sea-mdf-r1
    • Configure static NAT for local host for internet reachability

# Success Criteria

  • Hosts at HQ have ping reachability to remote sites
  • Hosts at HQ can curl http://seamart.com
  • Pings to the internet fail for Loopbacks but not hosts
  • Encrypt WAN traffic on your GRE tunnels using IPsec tunnel protection
  • Configure Area 1 and Area 2 as totally stub areas
  • Configure a route-map that matches a prefix-list inbound to your BGP peers which allows you to learn ONLY the default route

# Verification Commands 

show ip ospf neighbor
show ip route ospf
show interfaces tunnel0
 
show ip bgp summary
show ip bgp

# Questions to Explore

Cisco Press - BGP Fundamentals IP Routing: OSPF Configuration Guide EOS OSPF Guide How to configure GRE Tunnel in CISCO Router How to configure GRE over IPSec in Cisco IOS and Cisco IOS-XE devices