Thursday, 21 October 2021

What is DHCP Snooping? What is Man in the Middle attack? How to configure DHCP Snooping security?


DHCP (Dynamic Host Configuration Protocol) servers are providing all the basic information that the client wants to operate on the network like DNS address, Default Gateway, IP addresses, subnet. masks and many more.


Imagine a bad guy (attacker) comes up and brings a  fake DHCP server machine and runs the exact same subnet as other PC on the network running. now what will happen? the PC broadcast for DHCP request and our attacker servers maybe send DHCP reply from its fake DHCP machine with its own IP address to pretend as the default gateway.   





Now when our client receives the reply from attacker machine. client using the spoofed gateway address and our packets going through attacker machine first. Yes maybe attacker forward our packets to the correct destination but in the mean time attacker examine all our packets and now this scenario become man in the middle attack and our innocent client does not even realize. 





Cisco switch use the DHCP snooping feature to prevent this types of attacks. when DHCP server is connected to the switch. switch ports our switch have option trusted or untrusted. legal reliable DHCP server can be found on trusted port and rest of the ports are untrusted for DHCP server. when the DHCP server request coming from the untrusted port our switch prevent all the DHCP request before its flood the VLAN and discard the request and also put that untrusted port in to err disable state automatically. DHCP snooping keeps the track of the complete DHCP binding.


lets see the configuration of DHCP snooping attack and how to prevent from attack.


Topology:-

 cisco packet tracer 

Goal:

  • configure the topology as per the diagram on cisco packet tracer
  • configure IP address on router 1 
  • configure DHCP server on router 1
  • make sure all our client get all the basic information IP addresses, subnet mask, default gateway and DNS address.
  • configure attacker machine with DHCP server 
  • Restart our client (PC) with STATIC to DHCP and verify the basic information has been changed or not (IP CONFIG /ALL)
  • now configure our switch to prevent attacker with DHCP SNOOPING 
  • after prevent the attack restart our PC with static to DHCP.



Router(config)#interface gigabitEthernet 0/0

Router(config-if)#ip address 10.0.0.1 255.255.255.0

Router(config-if)#no shutdown

Router(config-if)#exit


Router(config)#ip dhcp pool SERVER

Router(dhcp-config)#network 10.0.0.0 255.255.255.0

Router(dhcp-config)#default-router 10.0.0.1

Router(dhcp-config)#dns-server 10.0.0.80

Router(dhcp-config)#exit


Router(config)#ip dhcp excluded-address 10.0.0.1

Router(config)#ip dhcp excluded-address 10.0.0.80

Router(config)#exit



make sure all our client get all the basic information IP addresses, subnet mask, default gateway and DNS address





(FROM PC 1)



Packet Tracer PC Command Line 1.0

C:\>ipconfig /all


FastEthernet0 Connection:(default port)


Connection-specific DNS Suffix..:

Physical Address................: 000B.BE81.0DD7

Link-local IPv6 Address.........: FE80::20B:BEFF:FE81:DD7

IP Address......................: 10.0.0.2

Subnet Mask.....................: 255.255.255.0

Default Gateway.................: 10.0.0.1

DNS Servers.....................: 10.0.0.80

DHCP Servers....................: 10.0.0.1

DHCPv6 Client DUID..............: 00-01-00-01-D6-19-05-C4-00-0B-BE-81-0D-D7


Bluetooth Connection:



(FROM PC 2)



Packet Tracer PC Command Line 1.0

C:\>ipconfig /all


FastEthernet0 Connection:(default port)


Connection-specific DNS Suffix..:

Physical Address................: 000B.BE81.0DD7

Link-local IPv6 Address.........: FE80::20B:BEFF:FE81:DD7

IP Address......................: 10.0.0.2

Subnet Mask.....................: 255.255.255.0

Default Gateway.................: 10.0.0.1

DNS Servers.....................: 10.0.0.80

DHCP Servers....................: 10.0.0.1

DHCPv6 Client DUID..............: 00-01-00-01-D6-19-05-C4-00-0B-BE-81-0D-D7


Bluetooth Connection:





(FROM PC 3)



:\>ipconfig /all


FastEthernet0 Connection:(default port)


Connection-specific DNS Suffix..:

Physical Address................: 0060.472C.94D8

Link-local IPv6 Address.........: FE80::260:47FF:FE2C:94D8

IP Address......................: 10.0.0.4

Subnet Mask.....................: 255.255.255.0

Default Gateway.................: 10.0.0.1

DNS Servers.....................: 10.0.0.80

DHCP Servers....................: 10.0.0.1

DHCPv6 Client DUID..............: 00-01-00-01-D9-76-38-6D-00-60-47-2C-94-D8





  • configure attacker machine with DHCP server 


ATTACKER(config)#interface gigabitEthernet 0/0

ATTACKER(config-if)#ip address 192.168.10.1 255.255.255.0

ATTACKER(config-if)#no shutdown

ATTACKER(config-if)#exit


ATTACKER(config)#ip dhcp pool MIB

ATTACKER(dhcp-config)#network 192.168.10.0 255.255.255.0

ATTACKER(dhcp-config)#default-router 192.168.10.1

ATTACKER(dhcp-config)#dns-server 192.168.10.80

ATTACKER(dhcp-config)#exit


ATTACKER(config)#ip dhcp excluded-address 192.168.10.1

ATTACKER(config)#ip dhcp excluded-address 192.168.10.80

ATTACKER(config)#exit



  • Restart our client (PC) with STATIC to DHCP and verify the basic information has been changed or not (IP CONFIG /ALL)


(verify the basic information has been changed or not (IP CONFIG /ALL)


FROM PC 1

ATTACKER GOT PC 1


FROM PC 2


ATTACKER GOT PC 2 TOO

                                      

FROM PC 3


ATTACKER GOT ALL OUR PCs


  • now configure our switch to prevent attacker with DHCP SNOOPING 

Switch(config)#ip dhcp snooping

Switch(config)#ip dhcp snooping vlan 1


Switch(config)#interface fastEthernet 0/1

Switch(config-if)#ip dhcp snooping trust

Switch(config-if)#exit



Router(config)#ip dhcp relay information trust-all 

Router(config)#exit



  • after prevent the attack restart our PC with static to DHCP.
from router 1 








from router 2








from router 3









Switch#show ip dhcp snooping

Switch DHCP snooping is enabled

DHCP snooping is configured on following VLANs:

1

Insertion of option 82 is enabled

Option 82 on untrusted port is not allowed

Verification of hwaddr field is enabled

Interface Trusted Rate limit (pps)

----------------------- ------- ----------------

FastEthernet1/1 no unlimited

FastEthernet2/1 no unlimited

FastEthernet3/1 no unlimited

FastEthernet0/1 yes unlimited



 

Switch#show ip dhcp snooping binding

MacAddress IpAddress Lease(sec) Type VLAN Interface

------------------ --------------- ---------- ------------- ---- -----------------

00:0B:BE:81:0D:D7 10.0.0.5 86400 dhcp-snooping 1 FastEthernet1/1

00:D0:97:B1:1E:E3 10.0.0.3 86400 dhcp-snooping 1 FastEthernet2/1

00:60:47:2C:94:D8 10.0.0.4 86400 dhcp-snooping 1 FastEthernet3/1

Total number of bindings: 3



Wednesday, 25 August 2021

How to configure OSPF Stub NSSA and Totally NSSA?

 we already discuss what is OSPF Stub? Why do we need Stub? please visit the previous lecture before this.

The stub area is an isolated area that does not receive External LSA. Routers in Stub areas do not receive type 4 and type 5 LSAs it is replaced by a default route to an external autonomous system advertised by the area border router (ABR) Stub area can have type 1, 2, and 3 OSPF LSAs.
  
 Totally stubby area External LSAs are stopped (E1 and E2) and summary LSAs are stopped (OIA routes). Replaced by a default route to other areas advertised by the ABR. Totally stubs are reduced the routing table to a minimum. This is a Cisco proprietary feature.


NSSA breaks stub area rules. NSSA area creates a special type of link-state advertisement (LSA) known as type 7, type 7 LSAs only exist in the NSSA area. An NSSA autonomous system boundary router (ASBR) generates this LSA and an NSSA area border router (ABR) translates it into a type 5 LSA, ABR sends default routes into NSSA instead of external routes from other ASBR.

Totally NSSAs are similar to totally stubby areas, with the exception that the routers that are internal to the totally NSSAs need to have no knowledge of subnets outside of the area (with the exception of the routes injected by the NSSA ASBR)


let see the configuration for a better understanding:-
Topology  




  • configure OSPF RIP EIGRP as per the topology 
  • redistribute EIGRP and RIPv2 into OSPF as per the topology 
  • configure area 1 as Stub just to understand the basic 
  • remove stub on area 1 
  • configure area 1 to have a default route (stop LSA 5)
  • configure area 1 (NSSA) to allow external route (192.168.10.0 network) to pass through area 1 and can be seen on router 4
  • delete previous command ( no area 1 NSSA) 
  • configure area 1 to generate a default route (LSA 3 and LSA 5) 
  • now configure Totally NSSA




R1(config)#interface serial 4/0

R1(config-if)#ip address 1.1.1.1 255.0.0.0

R1(config-if)#no shutdown

R1(config-if)#exit


R1(config)#interface fastethernet 0/0

R1(config-if)#ip address 10.1.1.1 255.0.0.0

R1(config-if)#no keepalive

R1(config-if)#no shutdown

R1(config-if)#exit



R1(config)#interface loopback 0

R1(config-if)#ip address 192.168.10.1 255.255.255.0

R1(config-if)#interface loopback 1

R1(config-if)#ip address 192.168.10.1 255.255.255.0

R1(config-if)#ip address 192.168.11.1 255.255.255.0

R1(config-if)#interface loopback 2

R1(config-if)#ip address 192.168.11.1 255.255.255.0

R1(config-if)#ip address 192.168.12.1 255.255.255.0

R1(config-if)#interface loopback 3

R1(config-if)#ip address 192.168.12.1 255.255.255.0

R1(config-if)#ip address 192.168.13.1 255.255.255.0

R1(config-if)#exit


R2(config)#interface serial 4/0

R2(config-if)#ip address 1.1.1.2 255.0.0.0

R2(config-if)#exit


R2(config)#interface fastEthernet 0/0

R2(config-if)#ip address 20.1.1.1 255.0.0.0

R2(config-if)#no shutdown

R2(config-if)#no keepalive

R2(config-if)#exit


R2(config)#interface serial 4/1

R2(config-if)#ip address 2.2.2.1 255.0.0.0

R2(config-if)#no shutdown

R2(config-if)#exit



R3(config)#interface serial 4/1
R3(config-if)#ip address 2.2.2.2 255.0.0.0
R3(config-if)#no shutdown
R3(config-if)#exit

R3(config)#interface serial 4/2
R3(config-if)#ip address 3.3.3.1 255.0.0.0
R3(config-if)#no shutdown
R3(config-if)#exit

R3(config)#interface fastEthernet 0/0
R3(config-if)#ip address 30.1.1.1 255.0.0.0
R3(config-if)#no shutdown
R3(config-if)#no keepalive


R3(config)#interface loopback 0
R3(config-if)#ip address 192.168.30.1 255.255.255.0

R3(config-if)#interface loopback 1
R3(config-if)#ip address 192.168.31.1 255.255.255.0

R3(config-if)#interface loopback 2
R3(config-if)#ip address 192.168.32.1 255.255.255.0

R3(config-if)#interface loopback 3
R3(config-if)#ip address 192.168.33.1 255.255.255.0
R3(config-if)#exit

R4(config)#interface serial 4/1
R4(config-if)#exit

R4(config)#interface serial 4/2
R4(config-if)#ip address 3.3.3.2 255.0.0.0
R4(config-if)#no shutdown
R4(config-if)#exit

R4(config)#interface fastEthernet 0/0
R4(config-if)#ip address 40.1.1.1 255.0.0.0
R4(config-if)#no keepalive
R4(config-if)#no shutdown
R4(config-if)#exit

R4(config)#interface serial 4/3
R4(config-if)#ip address 4.4.4.1 255.0.0.0
R4(config-if)#no shutdown
R4(config-if)#exit

R4(config)#interface loopback 0
R4(config-if)#ip address 192.168.40.1 255.255.255.0
R4(config-if)#interface loopback 1
R4(config-if)#ip address 192.168.41.1 255.255.255.0
R4(config-if)#interface loopback 2
R4(config-if)#ip address 192.168.42.1 255.255.255.0
R4(config-if)#interface loopback 3
R4(config-if)#ip address 192.168.43.1 255.255.255.0
R4(config-if)#exit


R5(config)#interface serial 4/3
R5(config-if)#ip address 4.4.4.2 255.0.0.0
R5(config-if)#no shutdown
R5(config-if)#exit

R5(config)#interface fastEthernet 0/0
R5(config-if)# ip address 50.1.1.1 255.0.0.0
R5(config-if)#no keepalive
R5(config-if)#no shutdown
R5(config-if)#exit

R5(config)#interface loopback 0
R5(config-if)#ip address 192.168.50.1 255.255.255.0
R5(config-if)#interface loopback 1
R5(config-if)#ip address 192.168.51.1 255.255.255.0
R5(config-if)#interface loopback 2
R5(config-if)#ip address 192.168.52.1 255.255.255.0
R5(config-if)#interface loopback 3
R5(config-if)#ip address 192.168.53.1 255.255.255.0
R5(config-if)#exit

R1(config)#do show ip int br
Interface              IP-Address      OK? Method Status                Protocol
FastEthernet0/0        10.1.1.1        YES manual up                    up
Serial4/0                   1.1.1.1         YES manual up                    up
Loopback0              192.168.10.1    YES manual up                    up
Loopback1              192.168.11.1    YES manual up                    up
Loopback2              192.168.12.1    YES manual up                    up
Loopback3              192.168.13.1    YES manual up                    up

R2(config)#do show ip int br
Interface              IP-Address      OK? Method Status                Protocol
FastEthernet0/0        20.1.1.1        YES manual up                    up
Serial4/0              1.1.1.2         YES manual up                    up
Serial4/1              2.2.2.1         YES manual up                    up

R3(config)#do show ip int br
Interface              IP-Address      OK? Method Status                Protocol
FastEthernet0/0        30.1.1.1        YES manual up                    up
Serial4/1              2.2.2.2         YES manual up                    up
Serial4/2              3.3.3.1         YES manual up                    up
Loopback0              192.168.30.1    YES manual up                    up
Loopback1              192.168.31.1    YES manual up                    up
Loopback2              192.168.32.1    YES manual up                    up
Loopback3              192.168.33.1    YES manual up                    up

R4(config)#do show ip int br
Interface              IP-Address      OK? Method Status                Protocol
FastEthernet0/0        40.1.1.1        YES manual up                    up
Serial4/2              3.3.3.2         YES manual up                    up
Serial4/3              4.4.4.1         YES manual up                    up
Loopback0              192.168.40.1    YES manual up                    up
Loopback1              192.168.41.1    YES manual up                    up
Loopback2              192.168.42.1    YES manual up                    up
Loopback3              192.168.43.1    YES manual up                    up


R5(config)#do show ip int br
Interface              IP-Address      OK? Method Status                Protocol
FastEthernet0/0        50.1.1.1        YES manual up                    up
Serial4/3                     4.4.4.2         YES manual up                    up
Loopback0              192.168.50.1    YES manual up                    up
Loopback1              192.168.51.1    YES manual up                    up
Loopback2              192.168.52.1    YES manual up                    up
Loopback3              192.168.53.1    YES manual up                    up


R1(config)#router eigrp 65100
R1(config-router)#network 192.168.10.0
R1(config-router)#network 192.168.11.0
R1(config-router)#network 192.168.12.0
R1(config-router)#network 192.168.13.0
R1(config-router)#no auto-summary
R1(config-router)#exit

R1(config)#router ospf 1
R1(config-router)#network 1.0.0.0 0.255.255.255 area 1
R1(config-router)#network 10.0.0.0 0.255.255.255 area 1
R1(config-router)#exit


R2(config)#router ospf 1
R2(config-router)#network 1.0.0.0 0.255.255.255 area 1

*Aug 25 13:12:23.675: %OSPF-5-ADJCHG: Process 1, Nbr 192.168.13.1 on Serial4/0 from LOADING to FULL, Loading Done

R2(config-router)#network 20.0.0.0 0.255.255.255 area 1
R2(config-router)#network 2.0.0.0 0.255.255.255 area 1
R2(config-router)#exit

*Aug 25 13:14:15.911: %OSPF-5-ADJCHG: Process 1, Nbr 192.168.33.1 on Serial4/1 from LOADING to FULL, Loading Done


R3(config)#router eigrp 65300
R3(config-router)#network 192.168.30.0
R3(config-router)#network 192.168.31.0
R3(config-router)#network 192.168.32.0
R3(config-router)#network 192.168.33.0
R3(config-router)#no auto-summary
R3(config-router)#exit

R3(config)#router ospf 1
R3(config-router)#network 2.0.0.0 0.255.255.255 area 1
R3(config-router)#network 2.0.0.0 0.255.255.255 area 1

*Aug 25 13:13:25.599: %OSPF-5-ADJCHG: Process 1, Nbr 20.1.1.1 on Serial4/1 from LOADING to FULL, Loading Done

R3(config-router)#network 3.0.0.0 0.255.255.255 area 0
R3(config-router)#network 30.0.0.0 0.255.255.255 area 0
R3(config-router)#exit

*Aug 25 13:14:52.315: %OSPF-5-ADJCHG: Process 1, Nbr 192.168.43.1 on Serial4/2 from LOADING to FULL, Loading Done

R4(config)#router rip
R4(config-router)#ver 2
R4(config-router)#network 192.168.40.0
R4(config-router)#network 192.168.41.0
R4(config-router)#network 192.168.42.0
R4(config-router)#network 192.168.43.0
R4(config-router)#no auto-summary
R4(config-router)#exit

R4(config)#router ospf 1
R4(config-router)#network 3.0.0.0 0.255.255.255 area 0

*Aug 25 13:17:02.211: %OSPF-5-ADJCHG: Process 1, Nbr 192.168.33.1 on Serial4/2 from LOADING to FULL, Loading Done

R4(config-router)#network 40.0.0.0 0.255.255.255 area 0
R4(config-router)#network 4.0.0.0 0.255.255.255 area 0
R4(config-router)#exit


R5(config)#router ospf 1
R5(config-router)#network 4.0.0.0 0.255.255.255 area 0
R5(config-router)#network 4.0.0.0 0.255.255.255 area 0

*Aug 25 13:26:49.383: %OSPF-5-ADJCHG: Process 1, Nbr 192.168.43.1 on Serial4/3 from LOADING to FULL, Loading Done

R5(config-router)#network 50.0.0.0 0.255.255.255 area 0
R5(config-router)#exit

R5(config)#router eigrp 100
R5(config-router)#network 192.168.50.0
R5(config-router)#network 192.168.51.0
R5(config-router)#network 192.168.52.0
R5(config-router)#network 192.168.53.0
R5(config-router)#no auto-summary
R5(config-router)#exit


R1(config)#router ospf 1
R1(config-router)#redistribute eigrp 65100 subnets
R1(config-router)#exit


R3(config)#router ospf 1
R3(config-router)#redistribute eigrp 65300 subnets
R3(config-router)#exit


R4(config)#router ospf 1
R4(config-router)#redistribute rip subnets
R4(config-router)#exit


R5(config)#router ospf 1
R5(config-router)#redistribute eigrp 100 subnets
R5(config-router)#exit





R1(config-router)#do show ip route ospf

Gateway of last resort is not set

O     2.0.0.0/8 [110/128] via 1.1.1.2, 00:00:21, Serial4/0
O IA  3.0.0.0/8 [110/192] via 1.1.1.2, 00:00:04, Serial4/0
O IA  4.0.0.0/8 [110/256] via 1.1.1.2, 00:00:04, Serial4/0
O     20.0.0.0/8 [110/65] via 1.1.1.2, 00:00:21, Serial4/0
O IA  30.0.0.0/8 [110/129] via 1.1.1.2, 00:00:04, Serial4/0
O IA  40.0.0.0/8 [110/193] via 1.1.1.2, 00:00:04, Serial4/0
O IA  50.0.0.0/8 [110/257] via 1.1.1.2, 00:00:04, Serial4/0
O E2  192.168.30.0/24 [110/20] via 1.1.1.2, 00:00:04, Serial4/0
O E2  192.168.31.0/24 [110/20] via 1.1.1.2, 00:00:04, Serial4/0
O E2  192.168.32.0/24 [110/20] via 1.1.1.2, 00:00:04, Serial4/0
O E2  192.168.33.0/24 [110/20] via 1.1.1.2, 00:00:04, Serial4/0
O E2  192.168.40.0/24 [110/20] via 1.1.1.2, 00:00:04, Serial4/0
O E2  192.168.41.0/24 [110/20] via 1.1.1.2, 00:00:04, Serial4/0
O E2  192.168.42.0/24 [110/20] via 1.1.1.2, 00:00:04, Serial4/0
O E2  192.168.43.0/24 [110/20] via 1.1.1.2, 00:00:04, Serial4/0
O E2  192.168.50.0/24 [110/20] via 1.1.1.2, 00:00:04, Serial4/0
O E2  192.168.51.0/24 [110/20] via 1.1.1.2, 00:00:04, Serial4/0
O E2  192.168.52.0/24 [110/20] via 1.1.1.2, 00:00:04, Serial4/0
O E2  192.168.53.0/24 [110/20] via 1.1.1.2, 00:00:04, Serial4/0


R2(config-router)#do show ip route ospf
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       + - replicated route, % - next hop override

Gateway of last resort is not set

O IA  3.0.0.0/8 [110/128] via 2.2.2.2, 00:00:11, Serial4/1
O IA  4.0.0.0/8 [110/192] via 2.2.2.2, 00:00:11, Serial4/1
O     10.0.0.0/8 [110/65] via 1.1.1.1, 00:00:26, Serial4/0
O IA  30.0.0.0/8 [110/65] via 2.2.2.2, 00:00:11, Serial4/1
O IA  40.0.0.0/8 [110/129] via 2.2.2.2, 00:00:11, Serial4/1
O IA  50.0.0.0/8 [110/193] via 2.2.2.2, 00:00:11, Serial4/1
O E2  192.168.10.0/24 [110/20] via 1.1.1.1, 00:00:26, Serial4/0
O E2  192.168.11.0/24 [110/20] via 1.1.1.1, 00:00:26, Serial4/0
O E2  192.168.12.0/24 [110/20] via 1.1.1.1, 00:00:26, Serial4/0
O E2  192.168.13.0/24 [110/20] via 1.1.1.1, 00:00:26, Serial4/0
O E2  192.168.30.0/24 [110/20] via 2.2.2.2, 00:00:11, Serial4/1
O E2  192.168.31.0/24 [110/20] via 2.2.2.2, 00:00:11, Serial4/1
O E2  192.168.32.0/24 [110/20] via 2.2.2.2, 00:00:11, Serial4/1
O E2  192.168.33.0/24 [110/20] via 2.2.2.2, 00:00:11, Serial4/1
O E2  192.168.40.0/24 [110/20] via 2.2.2.2, 00:00:11, Serial4/1
O E2  192.168.41.0/24 [110/20] via 2.2.2.2, 00:00:11, Serial4/1
O E2  192.168.42.0/24 [110/20] via 2.2.2.2, 00:00:11, Serial4/1
O E2  192.168.43.0/24 [110/20] via 2.2.2.2, 00:00:11, Serial4/1
O E2  192.168.50.0/24 [110/20] via 2.2.2.2, 00:00:11, Serial4/1
O E2  192.168.51.0/24 [110/20] via 2.2.2.2, 00:00:11, Serial4/1
O E2  192.168.52.0/24 [110/20] via 2.2.2.2, 00:00:11, Serial4/1
O E2  192.168.53.0/24 [110/20] via 2.2.2.2, 00:00:11, Serial4/1

R3(config)#do show ip route ospf


Gateway of last resort is not set

O     1.0.0.0/8 [110/128] via 2.2.2.1, 00:18:48, Serial4/1
O     4.0.0.0/8 [110/128] via 3.3.3.2, 00:17:18, Serial4/2
O     10.0.0.0/8 [110/129] via 2.2.2.1, 00:18:48, Serial4/1
O     20.0.0.0/8 [110/65] via 2.2.2.1, 00:18:48, Serial4/1
O     40.0.0.0/8 [110/65] via 3.3.3.2, 00:17:18, Serial4/2
O     50.0.0.0/8 [110/129] via 3.3.3.2, 00:03:02, Serial4/2
O E2  192.168.10.0/24 [110/20] via 2.2.2.1, 00:12:34, Serial4/1
O E2  192.168.11.0/24 [110/20] via 2.2.2.1, 00:12:34, Serial4/1
O E2  192.168.12.0/24 [110/20] via 2.2.2.1, 00:12:34, Serial4/1
O E2  192.168.13.0/24 [110/20] via 2.2.2.1, 00:12:34, Serial4/1
O E2  192.168.40.0/24 [110/20] via 3.3.3.2, 00:10:43, Serial4/2
O E2  192.168.41.0/24 [110/20] via 3.3.3.2, 00:10:43, Serial4/2
O E2  192.168.42.0/24 [110/20] via 3.3.3.2, 00:10:43, Serial4/2
O E2  192.168.43.0/24 [110/20] via 3.3.3.2, 00:10:43, Serial4/2
O E2  192.168.50.0/24 [110/20] via 3.3.3.2, 00:02:16, Serial4/2
O E2  192.168.51.0/24 [110/20] via 3.3.3.2, 00:02:16, Serial4/2
O E2  192.168.52.0/24 [110/20] via 3.3.3.2, 00:02:16, Serial4/2
O E2  192.168.53.0/24 [110/20] via 3.3.3.2, 00:02:16, Serial4/2


R4(config)#do show ip route ospf


Gateway of last resort is not set

O IA  1.0.0.0/8 [110/192] via 3.3.3.1, 00:02:50, Serial4/2
O IA  2.0.0.0/8 [110/128] via 3.3.3.1, 00:24:46, Serial4/2
O IA  10.0.0.0/8 [110/193] via 3.3.3.1, 00:02:50, Serial4/2
O IA  20.0.0.0/8 [110/129] via 3.3.3.1, 00:02:50, Serial4/2
O     30.0.0.0/8 [110/65] via 3.3.3.1, 00:24:46, Serial4/2
O     50.0.0.0/8 [110/65] via 4.4.4.2, 00:16:42, Serial4/3
O E2  192.168.10.0/24 [110/20] via 3.3.3.1, 00:02:49, Serial4/2
O E2  192.168.11.0/24 [110/20] via 3.3.3.1, 00:02:49, Serial4/2
O E2  192.168.12.0/24 [110/20] via 3.3.3.1, 00:02:49, Serial4/2
O E2  192.168.13.0/24 [110/20] via 3.3.3.1, 00:02:49, Serial4/2
O E2  192.168.30.0/24 [110/20] via 3.3.3.1, 00:24:46, Serial4/2
O E2  192.168.31.0/24 [110/20] via 3.3.3.1, 00:24:46, Serial4/2
O E2  192.168.32.0/24 [110/20] via 3.3.3.1, 00:24:46, Serial4/2
O E2  192.168.33.0/24 [110/20] via 3.3.3.1, 00:24:46, Serial4/2
O E2  192.168.50.0/24 [110/20] via 4.4.4.2, 00:15:57, Serial4/3
O E2  192.168.51.0/24 [110/20] via 4.4.4.2, 00:15:57, Serial4/3
O E2  192.168.52.0/24 [110/20] via 4.4.4.2, 00:15:57, Serial4/3
O E2  192.168.53.0/24 [110/20] via 4.4.4.2, 00:15:57, Serial4/3


R5(config)#do show ip route ospf


Gateway of last resort is not set

O IA  1.0.0.0/8 [110/256] via 4.4.4.1, 00:03:25, Serial4/3
O IA  2.0.0.0/8 [110/192] via 4.4.4.1, 00:03:25, Serial4/3
O     3.0.0.0/8 [110/128] via 4.4.4.1, 00:03:25, Serial4/3
O IA  10.0.0.0/8 [110/257] via 4.4.4.1, 00:03:25, Serial4/3
O IA  20.0.0.0/8 [110/193] via 4.4.4.1, 00:03:25, Serial4/3
O     30.0.0.0/8 [110/129] via 4.4.4.1, 00:03:25, Serial4/3
O     40.0.0.0/8 [110/65] via 4.4.4.1, 00:03:25, Serial4/3
O E2  192.168.10.0/24 [110/20] via 4.4.4.1, 00:03:25, Serial4/3
O E2  192.168.11.0/24 [110/20] via 4.4.4.1, 00:03:25, Serial4/3
O E2  192.168.12.0/24 [110/20] via 4.4.4.1, 00:03:25, Serial4/3
O E2  192.168.13.0/24 [110/20] via 4.4.4.1, 00:03:25, Serial4/3
O E2  192.168.30.0/24 [110/20] via 4.4.4.1, 00:03:25, Serial4/3
O E2  192.168.31.0/24 [110/20] via 4.4.4.1, 00:03:25, Serial4/3
O E2  192.168.32.0/24 [110/20] via 4.4.4.1, 00:03:25, Serial4/3
O E2  192.168.33.0/24 [110/20] via 4.4.4.1, 00:03:25, Serial4/3
O E2  192.168.40.0/24 [110/20] via 4.4.4.1, 00:03:25, Serial4/3
O E2  192.168.41.0/24 [110/20] via 4.4.4.1, 00:03:25, Serial4/3
O E2  192.168.42.0/24 [110/20] via 4.4.4.1, 00:03:25, Serial4/3
O E2  192.168.43.0/24 [110/20] via 4.4.4.1, 00:03:25, Serial4/3


R1(config)#router ospf 1
R1(config-router)#area 1 stub
R1(config-router)#exit

*Aug 25 13:34:51.171: %OSPF-4-ASBR_WITHOUT_VALID_AREA: Router is currently an ASBR while having only one area which is a stub area

*Aug 25 13:34:51.179: %OSPF-5-ADJCHG: Process 1, Nbr 20.1.1.1 on Serial4/0 from FULL to DOWN, Neighbor Down: Adjacency forced to reset

*Aug 25 13:35:11.031: %OSPF-5-ADJCHG: Process 1, Nbr 20.1.1.1 on Serial4/0 from LOADING to FULL, Loading Done

R1(config)#do show ip route ospf
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       + - replicated route, % - next hop override

Gateway of last resort is 1.1.1.2 to network 0.0.0.0

O*IA  0.0.0.0/0 [110/129] via 1.1.1.2, 00:00:22, Serial4/0
O     2.0.0.0/8 [110/128] via 1.1.1.2, 00:00:46, Serial4/0
O IA  3.0.0.0/8 [110/192] via 1.1.1.2, 00:00:22, Serial4/0
O IA  4.0.0.0/8 [110/256] via 1.1.1.2, 00:00:22, Serial4/0
O     20.0.0.0/8 [110/65] via 1.1.1.2, 00:00:46, Serial4/0
O IA  30.0.0.0/8 [110/129] via 1.1.1.2, 00:00:22, Serial4/0
O IA  40.0.0.0/8 [110/193] via 1.1.1.2, 00:00:22, Serial4/0
O IA  50.0.0.0/8 [110/257] via 1.1.1.2, 00:00:22, Serial4/0



R2(config)#router ospf 1
R2(config-router)#area 1 stub
R2(config-router)#exit

*Aug 25 13:34:19.551: %OSPF-5-ADJCHG: Process 1, Nbr 192.168.33.1 on Serial4/1 from FULL to DOWN, Neighbor Down: Adjacency forced to reset

*Aug 25 13:34:19.551: %OSPF-5-ADJCHG: Process 1, Nbr 192.168.13.1 on Serial4/0 from FULL to DOWN, Neighbor Down: Adjacency forced to reset

*Aug 25 13:34:20.991: %OSPF-5-ADJCHG: Process 1, Nbr 192.168.13.1 on Serial4/0 from LOADING to FULL, Loading Done

*Aug 25 13:34:45.231: %OSPF-5-ADJCHG: Process 1, Nbr 192.168.33.1 on Serial4/1 from LOADING to FULL, Loading Done

R2(config)#do show ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       + - replicated route, % - next hop override

Gateway of last resort is 2.2.2.2 to network 0.0.0.0

O*IA  0.0.0.0/0 [110/65] via 2.2.2.2, 00:00:28, Serial4/1
      1.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C        1.0.0.0/8 is directly connected, Serial4/0
L        1.1.1.2/32 is directly connected, Serial4/0
      2.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C        2.0.0.0/8 is directly connected, Serial4/1
L        2.2.2.1/32 is directly connected, Serial4/1
O IA  3.0.0.0/8 [110/128] via 2.2.2.2, 00:00:28, Serial4/1
O IA  4.0.0.0/8 [110/192] via 2.2.2.2, 00:00:28, Serial4/1
O     10.0.0.0/8 [110/65] via 1.1.1.1, 00:00:43, Serial4/0
      20.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C        20.0.0.0/8 is directly connected, FastEthernet0/0
L        20.1.1.1/32 is directly connected, FastEthernet0/0
O IA  30.0.0.0/8 [110/65] via 2.2.2.2, 00:00:28, Serial4/1
O IA  40.0.0.0/8 [110/129] via 2.2.2.2, 00:00:28, Serial4/1
O IA  50.0.0.0/8 [110/193] via 2.2.2.2, 00:00:28, Serial4/1

                                { ROUTER 3 IS OUR ABR }


R3(config)#router ospf 1
R3(config-router)#area 1 stub
R3(config-router)#exit

*Aug 25 13:33:53.771: %OSPF-5-ADJCHG: Process 1, Nbr 20.1.1.1 on Serial4/1 from FULL to DOWN, Neighbor Down: Adjacency forced to reset

*Aug 25 13:33:54.903: %OSPF-5-ADJCHG: Process 1, Nbr 20.1.1.1 on Serial4/1 from LOADING to FULL, Loading Done
                  


R3(config)#do show ip route ospf
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       + - replicated route, % - next hop override

Gateway of last resort is not set

O     1.0.0.0/8 [110/128] via 2.2.2.1, 00:00:38, Serial4/1
O     4.0.0.0/8 [110/128] via 3.3.3.2, 00:00:53, Serial4/2
O     10.0.0.0/8 [110/129] via 2.2.2.1, 00:00:38, Serial4/1
O     20.0.0.0/8 [110/65] via 2.2.2.1, 00:00:38, Serial4/1
O     40.0.0.0/8 [110/65] via 3.3.3.2, 00:00:53, Serial4/2
O     50.0.0.0/8 [110/129] via 3.3.3.2, 00:00:53, Serial4/2
O E2  192.168.40.0/24 [110/20] via 3.3.3.2, 00:00:53, Serial4/2
O E2  192.168.41.0/24 [110/20] via 3.3.3.2, 00:00:53, Serial4/2
O E2  192.168.42.0/24 [110/20] via 3.3.3.2, 00:00:53, Serial4/2
O E2  192.168.43.0/24 [110/20] via 3.3.3.2, 00:00:53, Serial4/2
O E2  192.168.50.0/24 [110/20] via 3.3.3.2, 00:00:53, Serial4/2
O E2  192.168.51.0/24 [110/20] via 3.3.3.2, 00:00:53, Serial4/2
O E2  192.168.52.0/24 [110/20] via 3.3.3.2, 00:00:53, Serial4/2
O E2  192.168.53.0/24 [110/20] via 3.3.3.2, 00:00:53, Serial4/2


R1(config-router)#area 1 nssa

*Aug 25 13:41:03.815: %OSPF-5-ADJCHG: Process 1, Nbr 20.1.1.1 on Serial4/0 from FULL to DOWN, Neighbor Down: Adjacency forced to reset

*Aug 25 13:41:12.375: %OSPF-5-ADJCHG: Process 1, Nbr 20.1.1.1 on Serial4/0 from LOADING to FULL, Loading Done

R1(config-router)#do show ip route ospf
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       + - replicated route, % - next hop override

Gateway of last resort is not set

O     2.0.0.0/8 [110/128] via 1.1.1.2, 00:00:11, Serial4/0
O IA  3.0.0.0/8 [110/192] via 1.1.1.2, 00:00:01, Serial4/0
O IA  4.0.0.0/8 [110/256] via 1.1.1.2, 00:00:01, Serial4/0
O     20.0.0.0/8 [110/65] via 1.1.1.2, 00:00:11, Serial4/0
O IA  30.0.0.0/8 [110/129] via 1.1.1.2, 00:00:01, Serial4/0
O IA  40.0.0.0/8 [110/193] via 1.1.1.2, 00:00:01, Serial4/0
O IA  50.0.0.0/8 [110/257] via 1.1.1.2, 00:00:01, Serial4/0
O N2  192.168.30.0/24 [110/20] via 1.1.1.2, 00:00:01, Serial4/0
O N2  192.168.31.0/24 [110/20] via 1.1.1.2, 00:00:01, Serial4/0
O N2  192.168.32.0/24 [110/20] via 1.1.1.2, 00:00:01, Serial4/0
O N2  192.168.33.0/24 [110/20] via 1.1.1.2, 00:00:01, Serial4/0




R2(config-router)#area 1 nssa

*Aug 25 13:40:20.523: %OSPF-5-ADJCHG: Process 1, Nbr 192.168.33.1 on Serial4/1 from FULL to DOWN, Neighbor Down: Adjacency forced to reset

*Aug 25 13:40:20.527: %OSPF-5-ADJCHG: Process 1, Nbr 192.168.13.1 on Serial4/0 from FULL to DOWN, Neighbor Down: Adjacency forced to reset

*Aug 25 13:40:22.343: %OSPF-5-ADJCHG: Process 1, Nbr 192.168.13.1 on Serial4/0 from LOADING to FULL, Loading Done

*Aug 25 13:40:27.427: %OSPF-5-ADJCHG: Process 1, Nbr 192.168.33.1 on Serial4/1 from LOADING to FULL, Loading Done

R2(config-router)#do show ip route ospf
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       + - replicated route, % - next hop override

Gateway of last resort is not set

O IA  3.0.0.0/8 [110/128] via 2.2.2.2, 00:00:19, Serial4/1
O IA  4.0.0.0/8 [110/192] via 2.2.2.2, 00:00:19, Serial4/1
O     10.0.0.0/8 [110/65] via 1.1.1.1, 00:00:19, Serial4/0
O IA  30.0.0.0/8 [110/65] via 2.2.2.2, 00:00:19, Serial4/1
O IA  40.0.0.0/8 [110/129] via 2.2.2.2, 00:00:19, Serial4/1
O IA  50.0.0.0/8 [110/193] via 2.2.2.2, 00:00:19, Serial4/1
O N2  192.168.10.0/24 [110/20] via 1.1.1.1, 00:00:19, Serial4/0
O N2  192.168.11.0/24 [110/20] via 1.1.1.1, 00:00:19, Serial4/0
O N2  192.168.12.0/24 [110/20] via 1.1.1.1, 00:00:19, Serial4/0
O N2  192.168.13.0/24 [110/20] via 1.1.1.1, 00:00:19, Serial4/0
O N2  192.168.30.0/24 [110/20] via 2.2.2.2, 00:00:19, Serial4/1
O N2  192.168.31.0/24 [110/20] via 2.2.2.2, 00:00:19, Serial4/1
O N2  192.168.32.0/24 [110/20] via 2.2.2.2, 00:00:19, Serial4/1
O N2  192.168.33.0/24 [110/20] via 2.2.2.2, 00:00:19, Serial4/1



R3(config-router)#area 1 nssa

*Aug 25 13:39:35.863: %OSPF-5-ADJCHG: Process 1, Nbr 20.1.1.1 on Serial4/1 from FULL to DOWN, Neighbor Down: Adjacency forced to reset

*Aug 25 13:39:37.099: %OSPF-5-ADJCHG: Process 1, Nbr 20.1.1.1 on Serial4/1 from LOADING to FULL, Loading Done

R3(config-router)#do show ip route ospf
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       + - replicated route, % - next hop override

Gateway of last resort is not set

O     1.0.0.0/8 [110/128] via 2.2.2.1, 00:00:26, Serial4/1
O     4.0.0.0/8 [110/128] via 3.3.3.2, 00:00:41, Serial4/2
O     10.0.0.0/8 [110/129] via 2.2.2.1, 00:00:26, Serial4/1
O     20.0.0.0/8 [110/65] via 2.2.2.1, 00:00:26, Serial4/1
O     40.0.0.0/8 [110/65] via 3.3.3.2, 00:00:41, Serial4/2
O     50.0.0.0/8 [110/129] via 3.3.3.2, 00:00:41, Serial4/2
O N2  192.168.10.0/24 [110/20] via 2.2.2.1, 00:00:26, Serial4/1
O N2  192.168.11.0/24 [110/20] via 2.2.2.1, 00:00:26, Serial4/1
O N2  192.168.12.0/24 [110/20] via 2.2.2.1, 00:00:26, Serial4/1
O N2  192.168.13.0/24 [110/20] via 2.2.2.1, 00:00:26, Serial4/1
O E2  192.168.40.0/24 [110/20] via 3.3.3.2, 00:00:41, Serial4/2
O E2  192.168.41.0/24 [110/20] via 3.3.3.2, 00:00:41, Serial4/2
O E2  192.168.42.0/24 [110/20] via 3.3.3.2, 00:00:41, Serial4/2
O E2  192.168.43.0/24 [110/20] via 3.3.3.2, 00:00:41, Serial4/2
O E2  192.168.50.0/24 [110/20] via 3.3.3.2, 00:00:41, Serial4/2
O E2  192.168.51.0/24 [110/20] via 3.3.3.2, 00:00:41, Serial4/2
O E2  192.168.52.0/24 [110/20] via 3.3.3.2, 00:00:41, Serial4/2
O E2  192.168.53.0/24 [110/20] via 3.3.3.2, 00:00:41, Serial4/2


R3(config)#router ospf 1
R3(config-router)#area 1 nssa default-information-originate
R3(config-router)#exit

*Aug 25 13:43:05.275: %OSPF-5-ADJCHG: Process 1, Nbr 20.1.1.1 on Serial4/1 from DOWN to DOWN, Neighbor Down: Adjacency forced to reset

*Aug 25 13:43:10.927: %OSPF-5-ADJCHG: Process 1, Nbr 20.1.1.1 on Serial4/1 from LOADING to FULL, Loading Done

R1(config)#do show ip route ospf
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       + - replicated route, % - next hop override

Gateway of last resort is 1.1.1.2 to network 0.0.0.0

O*N2  0.0.0.0/0 [110/1] via 1.1.1.2, 00:00:08, Serial4/0
O     2.0.0.0/8 [110/128] via 1.1.1.2, 00:03:50, Serial4/0
O IA  3.0.0.0/8 [110/192] via 1.1.1.2, 00:00:08, Serial4/0
O IA  4.0.0.0/8 [110/256] via 1.1.1.2, 00:00:08, Serial4/0
O     20.0.0.0/8 [110/65] via 1.1.1.2, 00:03:50, Serial4/0
O IA  30.0.0.0/8 [110/129] via 1.1.1.2, 00:00:08, Serial4/0
O IA  40.0.0.0/8 [110/193] via 1.1.1.2, 00:00:08, Serial4/0
O IA  50.0.0.0/8 [110/257] via 1.1.1.2, 00:00:08, Serial4/0
O N2  192.168.30.0/24 [110/20] via 1.1.1.2, 00:00:08, Serial4/0
O N2  192.168.31.0/24 [110/20] via 1.1.1.2, 00:00:08, Serial4/0
O N2  192.168.32.0/24 [110/20] via 1.1.1.2, 00:00:08, Serial4/0
O N2  192.168.33.0/24 [110/20] via 1.1.1.2, 00:00:08, Serial4/0


R2(config-router)#do show ip route ospf
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       + - replicated route, % - next hop override

Gateway of last resort is 2.2.2.2 to network 0.0.0.0

O*N2  0.0.0.0/0 [110/1] via 2.2.2.2, 00:00:22, Serial4/1
O IA  3.0.0.0/8 [110/128] via 2.2.2.2, 00:03:52, Serial4/1
O IA  4.0.0.0/8 [110/192] via 2.2.2.2, 00:03:52, Serial4/1
O     10.0.0.0/8 [110/65] via 1.1.1.1, 00:03:52, Serial4/0
O IA  30.0.0.0/8 [110/65] via 2.2.2.2, 00:03:52, Serial4/1
O IA  40.0.0.0/8 [110/129] via 2.2.2.2, 00:03:52, Serial4/1
O IA  50.0.0.0/8 [110/193] via 2.2.2.2, 00:03:52, Serial4/1
O N2  192.168.10.0/24 [110/20] via 1.1.1.1, 00:03:52, Serial4/0
O N2  192.168.11.0/24 [110/20] via 1.1.1.1, 00:03:52, Serial4/0
O N2  192.168.12.0/24 [110/20] via 1.1.1.1, 00:03:52, Serial4/0
O N2  192.168.13.0/24 [110/20] via 1.1.1.1, 00:03:52, Serial4/0
O N2  192.168.30.0/24 [110/20] via 2.2.2.2, 00:03:52, Serial4/1
O N2  192.168.31.0/24 [110/20] via 2.2.2.2, 00:03:52, Serial4/1
O N2  192.168.32.0/24 [110/20] via 2.2.2.2, 00:03:52, Serial4/1
O N2  192.168.33.0/24 [110/20] via 2.2.2.2, 00:03:52, Serial4/1

R3(config)#router ospf 1
R3(config-router)#no area 1 nssa default-information-originate

R3(config-router)#area 1 nssa no-summary

R1(config)#do show ip route ospf
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       + - replicated route, % - next hop override

Gateway of last resort is 1.1.1.2 to network 0.0.0.0

O*IA  0.0.0.0/0 [110/129] via 1.1.1.2, 00:00:22, Serial4/0
O     2.0.0.0/8 [110/128] via 1.1.1.2, 00:05:42, Serial4/0
O     20.0.0.0/8 [110/65] via 1.1.1.2, 00:05:42, Serial4/0
O N2  192.168.30.0/24 [110/20] via 1.1.1.2, 00:02:00, Serial4/0
O N2  192.168.31.0/24 [110/20] via 1.1.1.2, 00:02:00, Serial4/0
O N2  192.168.32.0/24 [110/20] via 1.1.1.2, 00:02:00, Serial4/0
O N2  192.168.33.0/24 [110/20] via 1.1.1.2, 00:02:00, Serial4/0

R2(config-router)#do show ip route ospf
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       + - replicated route, % - next hop override

Gateway of last resort is 2.2.2.2 to network 0.0.0.0

O*IA  0.0.0.0/0 [110/65] via 2.2.2.2, 00:00:29, Serial4/1
O     10.0.0.0/8 [110/65] via 1.1.1.1, 00:05:42, Serial4/0
O N2  192.168.10.0/24 [110/20] via 1.1.1.1, 00:05:42, Serial4/0
O N2  192.168.11.0/24 [110/20] via 1.1.1.1, 00:05:42, Serial4/0
O N2  192.168.12.0/24 [110/20] via 1.1.1.1, 00:05:42, Serial4/0
O N2  192.168.13.0/24 [110/20] via 1.1.1.1, 00:05:42, Serial4/0
O N2  192.168.30.0/24 [110/20] via 2.2.2.2, 00:05:42, Serial4/1
O N2  192.168.31.0/24 [110/20] via 2.2.2.2, 00:05:42, Serial4/1
O N2  192.168.32.0/24 [110/20] via 2.2.2.2, 00:05:42, Serial4/1
O N2  192.168.33.0/24 [110/20] via 2.2.2.2, 00:05:42, Serial4/1

R1#traceroute 50.1.1.1
Type escape sequence to abort.
Tracing the route to 50.1.1.1
VRF info: (vrf in name/id, vrf out name/id)
  1 1.1.1.2 20 msec 16 msec 16 msec
  2 2.2.2.2 16 msec 16 msec 16 msec
  3 3.3.3.2 20 msec 24 msec 36 msec
  4 4.4.4.2 72 msec 52 msec 52 msec

R1#traceroute 40.1.1.1
Type escape sequence to abort.
Tracing the route to 40.1.1.1
VRF info: (vrf in name/id, vrf out name/id)
  1 1.1.1.2 16 msec 16 msec 16 msec
  2 2.2.2.2 16 msec 40 msec 24 msec
  3 3.3.3.2 28 msec 44 msec 28 msec

R1#traceroute 30.1.1.1
Type escape sequence to abort.
Tracing the route to 30.1.1.1
VRF info: (vrf in name/id, vrf out name/id)
  1 1.1.1.2 8 msec 24 msec 24 msec
  2 2.2.2.2 16 msec 28 msec 28 msec

R1#traceroute 20.1.1.1
Type escape sequence to abort.
Tracing the route to 20.1.1.1
VRF info: (vrf in name/id, vrf out name/id)
  1 1.1.1.2 8 msec 16 msec 20 msec

R1#traceroute 10.1.1.1
Type escape sequence to abort.
Tracing the route to 10.1.1.1
VRF info: (vrf in name/id, vrf out name/id)
  1 10.1.1.1 8 msec 4 msec 4 msec






What is DHCP Snooping? What is Man in the Middle attack? How to configure DHCP Snooping security?

DHCP (Dynamic Host Configuration Protocol) servers are providing all the basic information that the client wants to operate on the network l...