in

IEOC - Internetwork Expert's Online Community

Welcome to Internetwork Expert's Online Community - IEOC - a place for CCIE and CCENT candidates to connect, share, and learn. Our Online Community features CCIE forums and discussions for all tracks including Routing & Switching, Voice, Security, Service Provider, and Storage. Through these online communities you can discuss your questions with thousands of your peers, hundreds of CCIE's and Internetwork Expert's own team of world renowned CCIE instructors and authors, Brian Dennis - Quintuple CCIE #2210, Scott Morris - Quad CCIE #4713, Brian McGahan – Triple CCIE #8593, Petr Lapukhov - Quad CCIE #16379, Anthony Sequeira - CCIE #15626, Keith Barker - Dual CCIE #6783, and Marvin Greenlee - Triple CCIE #12237.
Forums » Internetwork Expert Products » CCIE Service Provider Lab Workbook Volume II Version 1.0 » IEWB-SP Volume 2 Version 1.0 Lab 4 » Task 5.7 wording
Latest post 07-18-2010 8:50 AM by nickc. 2 replies.
Page 1 of 1 (3 items)
Sort Posts: Previous Next

  • 02-04-2009 1:50 AM

    Task 5.7 wording

    Reply Contact

    Hi all,

    I have  a wording question to this task:

    As I understand, all traffic from R8 to the internet should be nated. This does not include the traffic to R8 and behind.  So the accesslist on R6 should change to:

    ip access-list extended R8
     permit ip 10.1.8.0 0.0.0.255 222.22.2.0 0.0.0.255
     permit ip 10.1.8.0 0.0.0.255 222.20.3.0 0.0.0.255
     permit ip 10.1.8.0 0.0.0.255 192.10.1.0 0.0.0.255
     permit ip 10.1.8.0 0.0.0.255 205.90.31.0 0.0.0.255
     permit ip 10.1.8.0 0.0.0.255 10.1.17.0 0.0.0.255
     permit ip 10.1.68.0 0.0.0.255 222.22.2.0 0.0.0.255
     permit ip 10.1.68.0 0.0.0.255 222.20.3.0 0.0.0.255
     permit ip 10.1.68.0 0.0.0.255 192.10.1.0 0.0.0.255
     permit ip 10.1.68.0 0.0.0.255 205.90.31.0 0.0.0.255
     permit ip 10.1.68.0 0.0.0.255 10.1.17.0 0.0.0.255
    !
    route-map R8_NAT deny 10
     match ip address R8
    !
    route-map R8_NAT permit 100
    !
    ! (I preffer to do Nat with route-maps)
    ip nat inside source route-map R8_NAT pool R8_PUBLIC vrf VPN_A overload
    !

    If you not exclude the addresses from R7 you couln'd reach those addresses from R8 anymore cause the adresses from R8 to R7 would be nated and R7 does not know a route back to the public 34.X.100.0/24 net - as requierd by the lst point of this task.

    Or did I understand something wrong?

     

    Än Gruess
    Ueli

     

     
    • Post Points: 20

  • 06-12-2009 2:57 AM In reply to

    Re: Task 5.7 wording

    Reply Contact

    I agree with your point. But you miss one acess-list for 10.X.7.0/24 which advertis into VPN_A in task 5.2. Big Smile
    • Post Points: 20

  • 07-18-2010 8:50 AM In reply to

    Re: Task 5.7 wording

    Reply Contact

    I agree, although I really do hate questions like this. You spend more time searching for all the various configured IP addresses than you do demonstrating an understanding of the technology. I'm really hoping Cisco don't put questions like this into the real lab.
    • Post Points: 5
Page 1 of 1 (3 items)
IEOC CCIE Forums Internetwork Expert CCIE Training
About IEOC | Terms of Use | RSS | Privacy Policy
© 2010 Internetwork Expert, Inc. All Rights Reserved