Hi Terry, I had the same question and got the following answer from IPExpert:
"As far as the password is concerned there is no difference between version 1 and version 2. The consistency check is misrepresented in the PG. The difference between version 1 and version 2 is that the consistency check is only done with version 2 when you enter the information thru the CLI or from SNMP set command. Consistency checks are not performed when it is received via a VTP advertisement. Whereas VTP version 1 does it in all the above cases. The task does not require version 2." Cheers, On Fri, Jul 10, 2009 at 11:58 AM, <[email protected]>wrote: > Send CCIE_RS mailing list submissions to > [email protected] > > To subscribe or unsubscribe via the World Wide Web, visit > http://onlinestudylist.com/mailman/listinfo/ccie_rs > or, via email, send a message with subject or body 'help' to > [email protected] > > You can reach the person managing the list at > [email protected] > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of CCIE_RS digest..." > > > Today's Topics: > > 1. Re: Vol 3, Lab 2, Task 5.1 (Multicast) (prakash patel) > 2. Question Regarding Ver 11 WB 1 task 2.2 (Terry Vinson) > 3. Re: Question Regarding Ver 11 WB 1 task 2.2 (prakash patel) > 4. Re: BGP ttl-security side effect? (Bryan Bartik) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Fri, 10 Jul 2009 11:20:49 -0400 > From: prakash patel <[email protected]> > Subject: Re: [OSL | CCIE_RS] Vol 3, Lab 2, Task 5.1 (Multicast) > To: <[email protected]>, <[email protected]>, > <[email protected]>, <[email protected]> > Message-ID: <[email protected]> > Content-Type: text/plain; charset="windows-1252" > > > Hello All > > > > > > Kidding purpose email to get some smile > > > > So lessons learned. > > > > (1) Basic knowledge like (highest or lowest priority) > > (2) Configuration typo error > > (3) Prematured decision > > > > Additional, I may add, > > > > (4) Interactive effect checking. > > > > Just relax > > > > Regards > > > > > > > > Date: Fri, 10 Jul 2009 11:16:45 -0400 > From: [email protected] > To: [email protected]; [email protected]; > [email protected]; [email protected] > Subject: Re: [OSL | CCIE_RS] Vol 3, Lab 2, Task 5.1 (Multicast) > > OK, seems like I jumped in a little prematurely here. The ACL is fine and > the priority doesn?t need swapping in your solution below, Carlos (but your > question has a typo). Anyhow, the Solution Guide is being updated correctly > and will be in the members section on our next update cycle. > > Cheers, > > Jared Scrivener CCIE3 #16983 (R&S, Security, SP), CISSP > Sr. Technical Instructor - IPexpert, Inc. > URL: http://www.IPexpert.com > Telephone: +1.810.326.1444 > Fax: +1.810.454.0130 > Mailto: [email protected] > > > > > From: Jared Scrivener <[email protected]> > Date: Fri, 10 Jul 2009 11:12:48 -0400 > To: Carlos Valero <[email protected]>, <[email protected]>, > Joe Astorino <[email protected]> > Subject: Re: [OSL | CCIE_RS] Vol 3, Lab 2, Task 5.1 (Multicast) > > The ACL is fine. The priority value should be swapped so that it uses 10 on > R2 and 20 on R7. This is just another lesson in how CCIE?s can make typo?s. > I?m fixing it up in our Proctor Guide now. > > Cheers, > > Jared Scrivener CCIE3 #16983 (R&S, Security, SP), CISSP > Sr. Technical Instructor - IPexpert, Inc. > URL: http://www.IPexpert.com > Telephone: +1.810.326.1444 > Fax: +1.810.454.0130 > Mailto: [email protected] > > > > > From: Carlos Valero <[email protected]> > Date: Thu, 9 Jul 2009 17:19:29 -0700 (PDT) > To: <[email protected]>, Joe Astorino <[email protected]> > Subject: Re: [OSL | CCIE_RS] Vol 3, Lab 2, Task 5.1 (Multicast) > > Made a little mistake on the requirements section. > The second part should be like this: > > Configure R7 to announce candidacy as an RP for Groups: > - First octet = 225 or 227 > - Second octet less than 128 > - Priority = 20 > > Originally I wrote Priority = 10 > > But the solution it is being configured with Priority = 10 > > - ip pim rp-candidate l1 group-list 51 prio 10 > > That's exactly the source of my confusion. > > Why is R7 configuration based on R2's requirements and vice-versa? > > > --- On Thu, 7/9/09, Carlos Valero <[email protected]> wrote: > > > From: Carlos Valero <[email protected]> > Subject: Re: [OSL | CCIE_RS] Vol 3, Lab 2, Task 5.1 (Multicast) > To: [email protected], "Joe Astorino" <[email protected]> > Date: Thursday, July 9, 2009, 7:26 PM > > Hello, > > I think I need some help with this task. > It seems to be quite simple, but to me the solution seems to be backwards > and I'm very confused and stock! > > Requirements: > > Configure R2 to announce candidacy as an RP for Groups: > - First octet = 225 or 227 > - Priority = 10 > > Configure R7 to announce candidacy as an RP for Groups: > - First octet = 225 or 227 > - Second octet less than 128 > - Priority = 10 > > Solution: > > R2: > > access-list 51 permit 225.0.0.0 0.255.255.255 > access-list 51 permit 227.0.0.0 0.255.255.255 > > ip pim rp-candidate l1 group-list 51 prio 20 > ip pim bsr-candidate l1 > > R7: > > access-list 51 permit 225.0.0.0 0.127.255.255 > access-list 51 permit 227.0.0.0 0.127.255.255 > access-list 51 permit 225.0.0.0 0.127.255.255 > access-list 51 permit 227.0.0.0 0.127.255.255 > > ip pim rp-candidate l1 group-list 51 prio 10 > ip pim bsr-candidate l1 > > This seems to be backwards to me! > > That is, the requirements state that R2 should have a Priority = 10 and > R7 should have a Priority = 20 > > But it is configured backwards! R2 = 20 and R7 = 10! > > Needless to say, the ACL also seem to be backwards to me! > > Obviously, there is something that I'm missing here. > And frankly I don't know what it is. > > I hope somebody can help. > > Did I mention that Multicast is my less favorite topic? > Actually I should say that I almost hate it :-( > > > > > > > > > --- On Wed, 7/8/09, Joe Astorino <[email protected]> wrote: > > > > > > > -----Inline Attachment Follows----- > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > > > > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > > > _________________________________________________________________ > Insert movie times and more without leaving Hotmail?. > > http://windowslive.com/Tutorial/Hotmail/QuickAdd?ocid=TXT_TAGLM_WL_HM_Tutorial_QuickAdd_062009 > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: > http://onlinestudylist.com/pipermail/ccie_rs/attachments/20090710/d1bd7a57/attachment-0001.htm > > ------------------------------ > > Message: 2 > Date: Fri, 10 Jul 2009 11:50:16 -0400 > From: Terry Vinson <[email protected]> > Subject: [OSL | CCIE_RS] Question Regarding Ver 11 WB 1 task 2.2 > To: [email protected] > Message-ID: <[email protected]> > Content-Type: text/plain; charset=ISO-8859-1; format=flowed > > Hi guys, > > I have a question regarding this specific part of task 2.2: > > The task is Cat1 should send VLAN updates with an MD5 one-way hash > value. Other switches should not be able to process these updates > unless they have the same MD5 value. > > My question is in regards to the solution, where we are told to use VTP > Version 2 to require this matching of hash values. > > It was my understanding the both V1 and V2 use consistency checks, and > furthermore V1 checks more values than V2. Further more my > understanding was the if V2 is used and the Hash's match the VTPv2 will > forward it (on that criteria alone), thus reducing the overhead > incumbent in VTPv1. > > Reading the question initially seems to imply (based on the solution) > that VTPv1 would not check the hash, where VTPv2 would. > > Just asking for clarifications sake. > > Warmest Regards, > Terry > > > > ------------------------------ > > Message: 3 > Date: Fri, 10 Jul 2009 11:52:50 -0400 > From: prakash patel <[email protected]> > Subject: Re: [OSL | CCIE_RS] Question Regarding Ver 11 WB 1 task 2.2 > To: <[email protected]>, <[email protected]> > Message-ID: <[email protected]> > Content-Type: text/plain; charset="windows-1252" > > > try using both versions > > > > and do show vtp status ( word message digest) > > > > that should answer ur question > > > Date: Fri, 10 Jul 2009 11:50:16 -0400 > > From: [email protected] > > To: [email protected] > > Subject: [OSL | CCIE_RS] Question Regarding Ver 11 WB 1 task 2.2 > > > > Hi guys, > > > > I have a question regarding this specific part of task 2.2: > > > > The task is Cat1 should send VLAN updates with an MD5 one-way hash > > value. Other switches should not be able to process these updates > > unless they have the same MD5 value. > > > > My question is in regards to the solution, where we are told to use VTP > > Version 2 to require this matching of hash values. > > > > It was my understanding the both V1 and V2 use consistency checks, and > > furthermore V1 checks more values than V2. Further more my > > understanding was the if V2 is used and the Hash's match the VTPv2 will > > forward it (on that criteria alone), thus reducing the overhead > > incumbent in VTPv1. > > > > Reading the question initially seems to imply (based on the solution) > > that VTPv1 would not check the hash, where VTPv2 would. > > > > Just asking for clarifications sake. > > > > Warmest Regards, > > Terry > > > > _______________________________________________ > > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > > _________________________________________________________________ > Hotmail? has ever-growing storage! Don?t worry about storage limits. > > http://windowslive.com/Tutorial/Hotmail/Storage?ocid=TXT_TAGLM_WL_HM_Tutorial_Storage_062009 > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: > http://onlinestudylist.com/pipermail/ccie_rs/attachments/20090710/62c35c6f/attachment-0001.htm > > ------------------------------ > > Message: 4 > Date: Fri, 10 Jul 2009 09:58:53 -0600 > From: Bryan Bartik <[email protected]> > Subject: Re: [OSL | CCIE_RS] BGP ttl-security side effect? > To: jmangawang <[email protected]> > Cc: [email protected] > Message-ID: > <[email protected]> > Content-Type: text/plain; charset="iso-8859-1" > > I see, I thought maybe it if was dynagen, that could be the issue. My home > lab has 3640s and I did not run into the issue. Strange indeed... > > On Fri, Jul 10, 2009 at 8:28 AM, jmangawang <[email protected]> wrote: > > > This was on a ProctorLabs pod, 109, to be specific. I was working > > IPExpert Vol3, Lab9 at the time. The actual scenario occurs between > > R1 and BB1 with RIP as the IGP. I know that R9 is running 12.4(3), > > but I didn't check R7, R1, or the BB1 routers. I did reboot, several > > times, and they all come up the same way. And, I've rebooted both > > sides, even though the side with ebgp-multihop sees everything fine. > > > > I'll try it again on Dynagen this AM and see if there's any difference. > > > > On Thu, Jul 9, 2009 at 9:01 PM, Bryan Bartik<[email protected]> > wrote: > > > Hmmmm. Is this real lab or dynagen? Have you rebooted? What version of > > code? > > > I just set up two routers back to back and I do not get this behavior. > > For > > > kicks, can you disable all other connections (only leave the connected > > > interfaces enabled) and we can try and narrow it down? > > > > > > On Thu, Jul 9, 2009 at 7:37 PM, jmangawang <[email protected]> > wrote: > > >> > > >> Yeah, it started flapping not long after I posted the first message. > > >> So, I stopped advertising the loop0 interface, and created a totally > > >> new Loop2 interface assigning them IPs of 7.7.7.7/32 and 9.9.9.9/32 > > >> for each respective router. > > >> > > >> Unfortunately, I'm still getting the same issue, and there's no > > >> flapping this time around. Here's R9's config: > > >> > > >> R9(config-router)#do sh ip bgp > > >> BGP table version is 4, local router ID is 50.51.0.9 > > >> Status codes: s suppressed, d damped, h history, * valid, > best, i - > > >> internal, > > >> r RIB-failure, S Stale > > >> Origin codes: i - IGP, e - EGP, ? - incomplete > > >> > > >> Network Next Hop Metric LocPrf Weight Path > > >> * 7.7.7.7/32 50.51.0.7 0 0 9 i > > >> *> 9.9.9.9/32 0.0.0.0 0 32768 i > > >> > > >> R9(config-router)#do sh run | s bgp > > >> router bgp 7 > > >> no synchronization > > >> bgp log-neighbor-changes > > >> network 9.9.9.9 mask 255.255.255.255 > > >> neighbor 50.51.0.7 remote-as 9 > > >> neighbor 50.51.0.7 ttl-security hops 2 > > >> neighbor 50.51.0.7 update-source Loopback0 > > >> no auto-summary > > >> R9(config-router)#do sh ip bgp > > >> BGP table version is 4, local router ID is 50.51.0.9 > > >> Status codes: s suppressed, d damped, h history, * valid, > best, i - > > >> internal, > > >> r RIB-failure, S Stale > > >> Origin codes: i - IGP, e - EGP, ? - incomplete > > >> > > >> Network Next Hop Metric LocPrf Weight Path > > >> * 7.7.7.7/32 50.51.0.7 0 0 9 i > > >> *> 9.9.9.9/32 0.0.0.0 0 32768 i > > >> > > >> R9(config-router)#do sh ip bgp 7.7.7.7/32 > > >> BGP routing table entry for 7.7.7.7/32, version 0 > > >> Paths: (1 available, no best path) > > >> Not advertised to any peer > > >> 9 > > >> 50.51.0.7 (inaccessible) from 50.51.0.7 (50.51.0.7) > > >> Origin IGP, metric 0, localpref 100, valid, external > > >> > > >> R7, which is set up with ebgp-multihop, sees both routes with best > > paths. > > >> > > >> I finally was able to get it show up properly if I enabled the > > >> 'neighbor 50.51.0.7 disable-connected-check' option. > > >> > > >> R9(config-router)#do sh ip bgp 7.7.7.7/32 > > >> BGP routing table entry for 7.7.7.7/32, version 3 > > >> Paths: (1 available, best #1, table Default-IP-Routing-Table) > > >> Flag: 0x820 > > >> Not advertised to any peer > > >> 9 > > >> 50.51.0.7 (metric 2) from 50.51.0.7 (50.51.0.7) > > >> Origin IGP, metric 0, localpref 100, valid, external, best > > >> > > >> But I couldn't figure out from the description of this option if it > > >> broke the ttl-security check. Thoughts? > > >> > > >> On Thu, Jul 9, 2009 at 8:12 PM, Bryan Bartik<[email protected]> > > wrote: > > >> > Try "debug ip routing". Are you getting recursion errors? It looks > > like > > >> > you > > >> > are advertising the loopbacks in BGP which will cause the peers to > > learn > > >> > the > > >> > loopback via the loopback. This will cause recursion and removal of > > the > > >> > route from the BGP table and route table. Then the OSPF route is > > chosen, > > >> > BGP > > >> > comes up and the whole process starts agaon. > > >> > > > >> > Don't advertise the loopback in BGP unless required or alter the > > >> > administrative distances so OSPF is preferred over BGP. > > >> > > > > > > > > > > > > > -- > > > Bryan Bartik > > > CCIE #23707 (R&S), CCNP > > > Sr. Support Engineer - IPexpert, Inc. > > > URL: http://www.IPexpert.com > > > > > > > > > -- > Bryan Bartik > CCIE #23707 (R&S), CCNP > Sr. Support Engineer - IPexpert, Inc. > URL: http://www.IPexpert.com > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: > http://onlinestudylist.com/pipermail/ccie_rs/attachments/20090710/f6894cba/attachment.htm > > End of CCIE_RS Digest, Vol 42, Issue 61 > *************************************** >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
