This is something I had in mind for quite some time but today I finally created the CCNP TSHOOT topology for GNS3. The topology that is used for the exam has been released by Cisco so it's not a secret or anything. This is pretty cool because it means you can start troubleshooting the same network you will face for your exam! To save you the trouble I have rebuilt the whole topology in GNS3 which is 95% the same as the Cisco example, there are some minor differences:
- It's impossible to use all CCNP switching commands in GNS3. I have used the NM16-SW module so we do have trunks and portchannels. We can't play with different trunk types (dynamic desirable, dynamic auto and such) or play with PAGP or LACP. Make sure you practice on this before you take on the exam!
- Don't forget if you want to see vlans on the NM16-SW modules you need to use the show vlan-switch command!
- If you download the official Cisco PDF with the topology you will see that the interface + port channel numbers might be different. Not a big problem but something you should keep in mind.
- I had to manually change some IPv6 link-local addresses because they were the same on all serial interfaces.
- There are 13 routers to run so make sure your IDLEPC value is correct. I'm using the 3725 routers (because of the NM16-SW modules).
The complete topology has been preconfigured for you. All routing protocols, redistribution, vlans etc are 100% configured. This is the topology the way it is meant to be. I highly recommend you to study this topology to ensure you know what is going on and how things are connected. Download the GNS3 file and the Cisco TSHOOT Exam Topology PDF and look at them thoroughly. It's a good idea to draw your own network diagram.
Having said that, let me explain the topology a little:
- Client1, Client2, FTP Server and Web Server are routers with "IP routing" disabled. This turns them into hosts with a default gateway.
- Client1 and Client2 receive their IP address through DHCP. They are in VLAN 10.
- ASW1 and ASW2 are access layer switches with trunks (etherchannels) to DSW1 and DSW2.
- DSW1 and DSW2 are distribution layer switches. HSRP has been configured to act as a gateway for Client1 and Client2 in VLAN 10.
- EIGRP AS 10 has been configured on DSW1, DSW2 and R4.
- R1,R2,R3 and R4 are running OSPF. They are connected by using frame-relay point-to-point subinterfaces. I recommend to take a look at the different DLCI numbers that are in use.
- R4 is also the DHCP server for VLAN 10. DSW1 and DSW2 have been configured to relay DCHP discover messages.
- R1 has been configured with BGP AS 65001 and peers with the ISP router that uses BGP AS 65002.
- R1 has been configured for NAT so all hosts within the private ranges 10.0.0.0/8 and 192.168.0.0/16 are able to access AS 65002.
- The ISP router advertises network 220.127.116.11 /29 through BGP to AS 65001.
- You might notice Client1 and Client2 are unable to reach the Web Server. This is because OSPF AREA 34 is blocking the external LSAs (BGP is redistributed into OSPF on R1). I left it this way but keep it in mind.
It's a very good idea to start this topology and play around a bit. Check how and why things are working. I will be releasing new labs with troubleshooting tickets that are based on this topology very soon.
Have fun! If you have any questions please leave a comment or drop a message in the forum.