Ticket #5
R5 and R7 aren’t forming an OSPF3 adjacency with R1 and R4 on the 2001:1457::/64 segment.
R5 and R7 are also not forming an adjacency with each other over this segment
Ensure that all four routers form an adjacency
#### Verify the problem and current config
R4#show ipv6 ospf neighbor
R1(config-if)#do show ipv int gx/x
R1#ping 2001:1457::5
R1#ping 2001:1457::7
R1#ping 2001:1457::4
#### Ping test failure must be L1 or L2 problem#### Investigate the SW
SW4#show int gi0/1 switchport
SW4#show spanning-tree vlan 4094
#### Root Port leads to SW2
SW2#show spanning-tree vlan 4094
#### Discovered SW2 is Root Bridge (all ports in vlan 4094 are forwarding)
#### No issues found in SW2#### Continue troubleshooting
#### SW1 thinks it is also Root Bridge
#### This is definitely Layer 2 problem#### Investigate L2 trouble and fix
SW#show int status
SW#show int gix/x switchport
#### Discovered Operational Mode: down suspended member of bundle Po12
SW#show etherchannel summary
SW#show etherchannel 12 port
#### Check the int member of Po12
SW#show int gix/1
SW#show int gix/2
#### Check if there is any auto error recovery
SW#show errdisable recovery
#### Test what's causing the err-disabled
SW(config)#int g0/1
SW(config-if)#shut
SW(config-if)#no shut
#### Go to the other end of switch to investigate
SW#show etherchannel summary
SW#show etherchannel port
SW#show int status
#### Discovered no etherchannel ports
SW#show run int g1/x
SW#show run int g2/x
#### Configure etherchannel po12
SW(config)#int range gi1/x, gi2/x
SW(config-if-range)#channel-group 12 mode on
#### Verify etherchannel fix
SW1#show etherchannel port
SW2#show etherchannel port
#### No shutdown to bring back the err-disabled interfaces
SW1(config)#int range g0/1,g2/1
SW(config-if-range)#shut
SW(config-if-range)#no shut
#### Check the current situation
SW1#show spanning-tree vlan 4094
SW2#show spanning-tree vlan 4094
#### SW2 has Po12 participating in spanning tree for vlan 4094
#### Investigate another switch (SW3) for vlan 4094
SW3#show spanning-tree vlan 4094
SW#show spanning-tree vlan 4094 root
#### Investigate another switch (SW4) for vlan 4094
SW4#show spanning-tree vlan 4094
SW4#show spanning-tree vlan 4094 root
SW#show cdp neighbors#### SW3 thinks SW2 is the Root Bridge
#### Check if spanning-tree is enabled on this interface
SW3#show spanning-tree vlan 4094 interface gi1/2
#### Check why no spanning tree running on this port
SW#show int g1/2 switchport
SW#show int trunk
SW#show interfaces gi1/2 trunk
#### Fix by allowing vlan 4094 on this trunk
SW(config)#int g1/x
SW(config-if)#switchport trunk allowed vlan add 4094#### Verify fix
SW#show spanning-tree vlan 4094
SW#show spanning-tree vlan 4094 int g1/2
#### Bring up the err-disabled Po12
SW1(config)#int po12
SW1(config-if)#shut
SW1(config-if)#no shut
SW1#show spanning-tree vlan 4094
Fixing the static MAC address entry
#### Perform Ping test after etherchannel fix
R4#ping 2001:1457::5
R4#ping 2001:1457::5 repeat 2
#### Still Layer 2 trouble. Find out R5 MAC address
R4#show ipv6 neighbors
#### Look for R5 MAC address on switch and its L2 path
SW4#show mac address-table | i 5555
SW4#show int status
SW4#show cdp neighbors
#### Discovered there is SW2 in between
SW2#show mac address-table | i 5555
SW2#show int status
SW#show cdp neighbors
#### Fix by removing the static mac address entry
SW(config)#no mac address-table static fa16.3e55.5555 vlan 4094 int gix/x
#### Verify fix
R4#ping 2001:1457::5
#### Finally able to ping R5
#### Check adjacency
R4#show ipv6 ospf neighbor
#### Still no OSPF neighbor adjacency #### Jump to target router R5 for troubleshooting
R5#show ipv6 ospf neighbor
R5#show ipv6 ospf neighbor g0/0
#### Discovered R5 has no adjacency to R4 or R7.
#### Discovered R5 has 1 neighbor to R1
#### Check the adjacency with R1
R1#show ipv6 int gix/x
#### Verify that R5 is DR or BDR
R5#show ipv6 ospf int g0/x
R5#show ipv6 protocols
#### Check R7 configuration
R7#show ipv6 ospf neighbor
R7#show ipv6 ospf neighbor g0/x
#### Discovered 0 adjacency
R7#show ipv6 protocols
R7#show run | sec routerThings to check if OSPF adjacency does not form:
– Area ID
– Area Type
– Authentication
– Network type (e.g. Broadcast)
– OSPF timer
Note:
OSPFv3 uses IPsec for authentication
#### Discovered R7 is in wrong Area
R7(config)#router ospfv3 1
R7(config-router)#address-family ipv6 unicast
R7(config-router-af)#no area 15 stub no-summary
R7(config-router-af)#area 15 nssa default-information-originate
#### Verify fix
R5#show ipv6 ospf neighbor#### R5 has adjacency with everyone except R4
R4#show ipv6 int g0/x
R4#show ipv6 int brief g0/x
R4#show ipv6 protocols
#### Ensure that correct interface is running ospf 1 area 15
R4(config)#int g0/x
R4(config-if)#ipv6 ospf 1 area 15
#### Check reachability to its own address/network 2001:1457::4
R4#show ipv6 route
R4#show ipv6 route connected
R4#show ipv6 route 2001:1457::4
Instead it’s shown known via “eigrp”?
#### Mind blown. Investigate why router doesn't know its own route/address
R4#show ipv6 int g0/x
#### IPv6 is stalled due to link-local duplicate address
#### Find out who has the duplicated address
R5#show ipv6 int br
R5#show ipv6 int br | i FE80::4
#### Change on R5 duplicated link-local address
R5(config)#int g0/x
R5(config-if)#ipv6 address FE80::5 link-local
#### Bring out the stalled IPv6 from R4 interface
R4(config)#int g0/x
R4(config-if)#shut
R4(config-if)#no shut
#### Verify the fix
R4#show ipv6 ospf neighborTicket #6
All OSPF routers except R1 and R4 are missing a route to the 2001:13::/64 prefix
Ensure that R1 and R4 redistribute this prefix into OSPF area 15
#### Check the Router responsible for redistributing
R1#show ipv6 route 2001:13::
R1#show ipv6 protocols
R1#show ipv6 protocols | sec ospf
R1#show ipv6 ospf
R1#show ipv6 ospf database
R1#show ipv6 ospf database nssa-external
R1#show ipv6 ospf database nssa-external 2001:13::/64
#### No Route-Map configured, no filtering
#### No summarization,
#### No distribute-listOSPFv3 does not redistribute connected route by default. Must be explicitly configured.
#### Explicitly configure connected route 2001:13::
R1(config)#router ospfv3 1
R1(config-router)#address-family ipv6 unicast
R1(config-router-af)#redistribute connected
#### Verify new change
R5#show ipv6 route 2001:13::
#### Ticket requirement is for R4 to redistribute 2001:13:: too
R4#show ipv6 route 2001:13::
R4#show ipv6 protocols
#### R4 is not redistributing 2001:13:: (due to ROUTE-MAP)
R4#show ipv6 protocols | sec ospf
#### Check out the route-map
R4#show route-map
R4#show route-map RM-R4
#### Check out the prefix-list being used by the route-map
R4#show ipv6 prefix-list
R4#show ipv6 prefix-list LOOPBACKS
#### Remove the seq 10
R4(config)#no ipv6 prefix-list LOOPBACKS seq 10 permit 2001:13::/64
#### Verify the fix
R4#show ipv6 route 2001:13::#### Verify reachability from R1 to rest of neighbors
R1#ping 2002::4 source 2001:13::1
R1#ping 2002::5 source 2001:13::1
R1#ping 2002::6 source 2001:13::1
R1#ping 2002::7 source 2001:13::1
R1#ping 2002::8 source 2001:13::1
#### Check why R8 is not reachable
R8#show ipv6 ospf neighbor
#### Configure router-id for R8
R8(config)#router ospfv3 1
R8(config-router)#address-family ipv6 unicast
R8(config-router-af)#router-id 8.8.8.8
#### Verify fix
R8#show ipv6 route 2002::4
Routing entry for 2001:13::/64
R8#show ipv6 route 2001:13::
R8#traceroute 2001:13::1Ticket #7
R1 and R4 are not receiving specific routes to the following transit networks in OSPF area 0:
-2001:56::/64
-2001:57::/64
-2001:57::/64
Ensure that R1 and R4 receive the most optimal routes to these prefixes
#### Verify and understand the problem
R1#show ipv6 route 2001:56::
R1#show ipv6 route 2001:56::/64 longer-prefixes
#### Check ospf database
R1#show ipv6 ospf database
R1#show ipv6 ospf database | i 2001:5
#### Check EIGRP topology
R1#show ipv6 eigrp topology
R1#show ipv6 eigrp topology | i 2001:5
#### Check ABR/ASBR#### Check another ASBR router R4
R4#show ipv6 route 2001:56::/64
R4#show ipv6 route 2001:56::/64 longer-prefixes
#### Check ospf database
R4#show ipv6 ospf database
R4#show ipv6 ospf database | i 2001:5
#### Check ABR/ASBR
R4#show ipv6 ospf border-routers#### Check the routes from ABR/ASBR
R7#show ipv6 route 2001:56::
R7#show ipv6 route 2001:56::/27 longer-prefixes
#### Check ospf database
R7#show ipv6 ospf database
R7#show ipv6 ospf database | i 2001:5
#### Discovered R7 is not advertising known 2001:56::
#### Check why not advertising
R7#show ipv6 ospf
#### Check the router config
R7#show run | sec router
#### Need to Remove the range for summerization which injects to another area 15
#### Remove the range
R7(config)#router ospfv3 1
R7(config-router)#address-family ipv6 unicast
R7(config-router-af)#no area 0 range 2001::/16
#### Verify the fix
R7#show ipv6 ospf database
R7#show ipv6 ospf database | i 2001:5
#### Verify the fix on R1 too
R1#show ipv6 route
R1#show ipv6 route ospf
R1#show ipv6 route 2001:56::/27
R1#show ipv6 route 2001:56::/27 longer-prefixes#### R5 also has summary route with range preventing optimal route
R5#show ipv6 ospf
#### Remove range (summary route)
R5(config)#router ospfv3 1
R5(config-router)#address-family ipv6 unicast
R5(config-router-af)#area 0 range 2001::/16
#### Verify fix
R5#show ipv6 ospf database | i 2001:5
#### Discovered that R5 is not distributing connected route
R5(config)#router ospfv3 1
R5(config-router)#address-family ipv6 unicast
R5(config-router-af)#redistribute connected
#### Check if R5 is advertising any Type 3 summary LSA into area 15
R5#show ipv6 ospf database inter-area prefix adv-router 5.5.5.5
R5#show ipv6 ospf database inter-area prefix adv-router 5.5.5.5 | b 15
#### Discovered that R5 is advertising nothing but :: (default route)
#### Need to advertise Type 3 Summary LSA
R5(config)#router ospfv3 1
R5(config-router)#no area 15 nssa default-information-originate no-summary
R5(config-router)#area 15 nssa default-information-originate
#### Verify fix
R5#show ipv6 ospf database | i 2001:5
#### Verify fix on R1
R1#show ipv6 ospf database | i 2001:5
(Come back and study again in future)Ticket #8
Ensure that R2 takes the most optimal routes to the following prefixes
2001:56::/64
2001:57::/64
2001:58::/64
#### Check existing config
R2#show ipv6 route 2001:56::/27 longer-prefixes
#### Discovered R2 can't reach those prefix#### Check if ABR/ASBR R1 is redistributing
R1(config)#router eigrp PS
R1(config-router)#address-family ipv6 autonomous-system 10
R1(config-router-af)#topology base
R1(config-router-af-topology)#redistribute ospf 1 include-connected
#### ASBR R4 is not advertising the prefix
R4#show ipv6 route ospf
R4#show ipv6 route 2001:56::
R4#show ipv6 route 2001:56::/27 longer-prefixes
#### Discovered that R4 is using BGP
#### Check if ASBR R4 has ospf routes to those prefix
R4#show ipv6 ospf database | i 2001:5
#### Increase value of BGP AD
R4(config)#router bgp 50000
R4(config-router)#address-family ipv6 unicast
R4(config-router-af)#distance bgp 180 200 200
#### Default values
#### EIGRP 90
#### OSPF 110
#### GBP 20
#### Verify fix
R4#show ipv6 route 2001:56::/27
R4#show ipv6 route 2001:56::/27 longer-prefixes
R4#show ipv6 route ospfTicket #9
The web server isn’t getting an IPv6 address from R9. The web server’s eth1 interface is connected to R9 and is configured to use SLAAC.
Ensure that the web server obtains an IPv6 address from R9 using SLAAC.
Use the ip -6 a command to verify your solution
#### Understand the config
R9#show cdp neighbors
R9#show ipv6 int g0/0
#### IF ND RAs are suppressed, SLAAC does not work
#### Check the int
R9#show run int g0/x
#### Remove ND RA suppression
R9(config)#int g0/x
R9(config-if)#no ipv6 nd ra suppress all
#### Verify fix
R9#show int gi0/xTicket #10
The web server cannot ping R3’s loopback address 2002::3
Diagnose and resolve
Use the command ping6 2002::3 to verify our solutoin
#### Investigate the nearest router R9
R9#show ipv6 route 2002::3
#### Investigate the target R3
R3#show ipv6 int br
R3#show ipv6 int br | sec Loop
R3#show ipv6 protocols
#### Discovered Loopback is not enabled for EIGRP nor redistributing
R3(config)#int loopback 0
R3(config-if)#ipv6 eigrp 10
#### Check the R3's neighbor
R1#show ipv6 route 2002::3
#### Discovered no specific route from R3
#### Check if there is any filter
R1#show ipv6 protocols
#### There is Incoming Filter. Let's check the filter
R1#show ipv6 prefix-list
R1#show ipv6 prefix-list INFILTER
#### Discovered there is seq 5 deny on the prefix-list INFILTER
#### Allow R3 loopback address
R1(config)#ipv6 prefix-list INFILTER seq 3 permit 2002::3/128
#### Check the routing path
R8#show ipv6 route 2002::3
R8#show ipv6 route 2002::4
#### Double check the cause of routing loop. Coming from BGP R4
R8#show ip bgp ipv6 unicast 2002::3/128
#### Investigate R4
R4#show ipv6 route 2002::3
#### Static route is not the cause of routing loop but need to remove
R4(config)#no ipv6 route 2002::3/128 null0
#### Check for cause of routing loop
R4#show run | sec router bgp
#### Verify the 2002::3/128 advertisement on BGP
R4#show ip bgp ipv6 unicast
R4#show ip bgp ipv6 unicast 2002::3/128
#### Time to remove the routing loop
R4(config)#router bgp 50000
R4(config-router)#address-family ipv6 unicast
R4(config-router-af)#no network 2002::3/128
#### Verify removal
R4#show ip bgp ipv6 unicast
R4#show ip bgp ipv6 unicast 2002::3/128
#### Check new routing path on R8
R8#show ipv6 route 2002::3
R8#traceroute 2002::3#### Check R1 topology table
R1#show ipv6 eigrp topology
#### Discovered R1 has EIGRP path to R3 but prefers OSPF
R1#show ipv6 eigrp topology 2002::3/128
#### Check the routing table
R1#show ipv6 route 2002::3
#### Fix the routing loop on R1 by changing AD for OSPF
R1#show run | sec router
R1(config)#router ospfv3 1
R1(config-router)#address-family ipv6 unicast
R1(config-router-af)#no distance 89
#### Verify fix by checking the route via EIGRP
R1#show ipv6 route 2002::3