NMC DOiT Vol.2 Scenario 10 – IRB + OSPF Flood Reduction + BGP Maximum-Prefix + NTP Broadcast + VRRP


I did this scenario in one shot today, working on it about 8 hours, plus a break for lunch in the middle. My idea was to make it more like the actual lab. Doing the scenario in one day was a good exercise by itself. It takes a lot of mental energy to stay focused for that long.

This particular lab was a real pain in the backside for me. Reason being: IRB. I’m comfortable with the basics of integrated routing and bridging. Take an interface, throw it in a bridge-group, turn in IEEE STP and IP routing on the bridge-group, configure a BVI interface. Off and running. IRB is a lot like a layer 3 switch, where you throw a port into a VLAN, then make a VLAN SVI interface. But on a router, you can take any interface you want and throw it in a bridge-group. In this scenario, we had multipoint frame-relay and ethernet interfaces from multiple VLANs all thrown together into one nasty IRB stew. It was horrible. I had all kinds of connectivity problems, which made the rest of scenario miserable. I got through most of the problems, but in hindsight, I forgot one really important thing that would have helped me troubleshoot. In this particular IRB design, there were Cat3550 switches providing uplink service. Therefore the 3550’s were participating in the IRB spanning-tree(s). Had I remembered that, and then created a layer 2 diagram, I would have saved myself a lot of hair-pulling. I was SO frustrated. I was 2 hours into the scenario, still fumbling around with basic IP connectivity – absolutely maddening.

So, how did I “forget” that I had 3550 switches participating in the IRB spanning tree instances? Because I was staring at the layer 3 diagram provided with the scenario. The switches aren’t on that diagram, unless they are acting as routers. My brain was all wrapped up just with getting IRB working to begin with – then I got flustered when the connectivity problems came up and my brain quit working like it should have. If this had been the actual lab, I would have been dead, dead, dead. But that’s why we practice, right?

Other notable things from this scenario:

  • Configuring logical bandwidth on a router interface that participates in IRB will be used by spanning-tree as a cost calculation.
  • ip ospf flood-reduction” will “suppress the unnecessary flooding of link-state advertisements (LSAs) in stable topologies” according to cisco.com.
  • A wording trick on the labs: if you’re given a list of things you CAN’T do meet a particular requirement, that probably means there’s something left that you CAN do. So think through all the options and grab whatever they didn’t take off the table.
  • Another wording trick that I guess is obvious, but has thrown me a couple of times: when the lab says “make the console operator aware” of something-or-other, you’re being asked to configure a command that will log a message to the console port under a certain condition. I was thinking of “console operator” as some guy on the Starship Enterprise or something, making it way harder than I needed to.
  • neighbor maximum-prefix 3 warning-only” would log a message to the console if 3 or more BGP prefixes are received from neighbor Take a look:

    R5(config)#router bgp 1
    R5(config-router)#neighbor maximum-prefix 3 warning-only
    *May 20 02:33:30.069: %BGP-5-ADJCHANGE: neighbor Down Maximum-Prefix restart timeout
    *May 20 02:33:56.869: %BGP-5-ADJCHANGE: neighbor Up
    *May 20 02:33:56.869: %BGP-4-MAXPFX: No. of prefix received from (afi 0) reaches 3, max 3
    *May 20 02:33:56.873: %BGP-3-MAXPFXEXCEED: No. of prefix received from (afi 0): 4 exceed limit 3

  • If you’re asked to configure NTP, but you aren’t allowed to use “peer” or “server” directives, remember that on an interface (instead of global config), you can configure “ntp broadcast” and “ntp broadcast client” to get 2 routers talking NTP.
  • The first-hop redundancy protocol that is standards-based is VRRP. It’s very similar to HSRP – the biggest difference I noticed is the keyword “vrrp” instead of “standby”, and the fact that preemption is enabled by default. (On HSRP, preemption is disabled by default.)

About the author

Ethan Banks

Most people know me because I write & podcast about IT on the Packet Pushers network. I also co-authored "Computer Networks Problems & Solutions" with Russ White.

Find out more on my about page.

1 comment


Most people know me because I write & podcast about IT on the Packet Pushers network. I also co-authored "Computer Networks Problems & Solutions" with Russ White.

Find out more on my about page.

Subscribe via Email

Receive complete, ad-free posts in your inbox as I publish them here.