The Online

CCNP ROUTE

642-902 Exam Guide
No filler.
No hype.
Exam-focused.
“A portable, comprehensive guide with everything you need to get up to
speed and pass the ROUTE Exam - the first time.”
www.ccnpguide.com
1|Page


Introduction
I started www.ccnpguide.com as a way for me to capture technical notes as I prepared for the three major CCNP Exams – SWITCH, ROUTE,
& TSHOOT. As I began sharing my notes with the world, I immediately started to receive feedback on the SWITCH exam’s focus areas and
how difficult it was. What I realized was that the exam prep resources available (read: Cisco Press Books) were not even covering all of the
exam topics, including some that you were required to configure in live simulation scenarios. First-time fail rates seemed normal and a big
part of that was because the some of the simulation scenarios required you to know some extremely specific protocol configuration details
that most network professionals just wouldn’t know off the top of their heads.
I began to tailor my notes to include topics that were not being covered in “official” exam guides and trimmed down those that just were
not necessary. The feedback was overwhelmingly positive from the online community! The problem is, of course, that the notes were not
formatted well for off-line consumption and didn’t include enough lab/scenario-based examples.
This guide is an answer to the countless requests to create a portable, comprehensive, and exam-focused ROUTE prep guide. I’ve refined
the online notes even more to focus exclusively on exactly what you Cisco expects you to know on exam day. I have also included a
Simulation Scenarios section at the end. Lastly, Exam Takeaway notes are scattered throughout the guide to help connect you with the
most important topics and study suggestions.
Here’s my recommendation. Read through this manual a few times and make sure you understand each chapter. Pay close attention to the
Exam Takeaway notes and take them seriously. After you feel comfortable with the details in each chapter, go to the Simulation Scenarios
section and run through the three scenarios until you can solve them off the top of your head. That may mean running through them ten

times each, but trust me – you’ll thank me when you sit for the test.
If you have questions, exam feedback, or want to reach out to me directly - shoot me an email at I promise
you’ll get a response.

Best of luck.
Aaron
2|Page


Routing Basics

4

EIGRP

12

OSPF

38

Route Redistribution & Filtering

65

BGP

73

VPNs & IPSec


89

IPv6

94

Simulation Scenarios

108

ROUTE
Shortcuts
3|Page


Routing
Basics.
4|Page


Static Routes
In order for routers to forward packets to remote networks, they must know how to reach them. There are two options: static or dynamic
routes.
Static routes are manually configured on each router. They are used for a couple of reasons:
•
•

where there is only a single path to a network (a.k.a. stub network)
when connecting to an ISP and configuring it as a default (static) route


There are a number of problems with implementing static routes network-wide. Some include:
•
•
•

failure to scale well
does not automatically react/recover to changes in the network
tedious to configure for large networks (see point 1)

To configure a static route:
R1(conf)# ip route prefix mask address|interface [distance]

The prefix and mask is the destination network and subnet mask. You can use address to define the IP address of the next hop towards
the destination network or specify a local router interface that the router will use to send traffic out to the destination network. The
optional distance descriptive can be used to manually define the administrative distance for the route.

5|Page


Static Default Routes
One of the most common uses of static routes is for creating a default route. There are often cases when you want to forward packets that
is not defined in a specific route out an interface or towards another router. A common example is when connecting to an ISP. If traffic is
destined for an address range not defined within your organization (i.e. your coworker’s Facebook updates), then it makes sense to
configure a default route towards your ISP or other organization.

To configure a static default route:
R1(conf)# ip route 0.0.0.0 0.0.0.0 address|interface

Floating Static Routes

There are some circumstances when it makes sense to use a static route as a backup to a dynamic routing protocol. In order for this to
work, however, the default administrative distance value on the static route must be raised so it will have a lower priority than the dynamic
routing protocol (see administrative distance section below).

Dynamic Routing
Dynamic routing protocols can dynamically respond to changes in the network. The routing protocol is configured on each router and the
routers learn about both each other and remote networks.

Examples of modern dynamic routing protocols include:
6|Page


•
•
•
•
•

RIP v1,2 (ok, maybe this isn’t very “modern”)
EIGRP
IS-IS
OSPF
BGP

Distance Vector vs. Link-State
Distance Vector
When routers run a distance vector dynamic routing protocol, they periodically send information about their known routes to their
connected neighbors. This is how the router knows whether changes have been made to the network. They compare their routing table
against the information they receive from their neighbors – if it matches, their good. If not, they update their routing tables to reflect the
changes.

RIP is an example of a distance vector routing protocol.

Link State
Link state routing protocols operate differently. Routers send information about the state of their links to the entire network (or area) that
they are a part of. In this way, each router understands the entire network topology and must run an algorithm every time a network
change is announced to recalculate the best routes throughout the network. This makes link state routing protocols much more processor
intensive.
The second major difference in link state routing protocols is that updates are only sent is a change on a router’s link occurs. This helps
keep bandwidth utilization low, unlike distance vector protocols which send out reoccurring updates regardless if a change has occurred.

7|Page


OSPF and IS-IS are examples of a distance vector routing protocols.

Advanced Distance Vector
This is the tile Cisco gives to EIGRP, which borrows the best attributes of both distance vector and link state designs. EIGRP does not send
periodic route information, instead it sends updates only when changes occur (like link state protocols). Also, EIGRP forms neighbor
relationships with its directly connected peers and only updates them – not the entire network (like distance vector protocols).

Classful Concepts
IP routing protocols are either classful or classless and that determines how they present route information.

Classful
Classful routing protocols (like RIPv1) do not include the subnet mask in routing updates. When an update is sent, the packet contains only
the major network information depending on whether it is a class A,B, or C address.
For example, a route to network 172.16.10.0/24 would be advertised as 172.16.0.0/16 because its classful boundary is a class B address.
Obviously if you have broken your major network boundaries up into smaller subnets that are more granular than the major classful
boundaries, this will not work well and that’s the reason almost all modern routing protocols are classless.


8|Page


Classeless
Classless routing protocols (like RIPv2, EIGRP, OSPF, IS-IS, and BGP) include the subnet mask in routing updates allowing for VLSM support
and supernetting.

Administrative Distance
Routers need a way of determining which path to use to a destination network if two or more routing protocols are in use and both
advertise a route. Administrative distance is Cisco’s answer. Cisco has assigned an administrative distance (AD) to each routing protocol
that outlines which protocol a router will prefer. The AD values can be between 0 and 255 with the lowest values being used for routing.

Default AD values :

9|Page


For example, if router R1 receives a route to network 10.10.10.200.0 from both EIGRP and a OSPF, the router will compare the
administrative distance of the EIGRP learned route (90), to that of OSPF (110). The router will then add EIGRP’s route to the routing table
because its AD is lower (90 < 110).

Summary
10 | P a g e


11 | P a g e


Enhanced


Interior Gateway Routing Protocol

12 | P a g e


Enhanced Interior Gateway Routing Protocol, or EIGRP, is a Cisco proprietary, advanced distance vector dynamic routing protocol.

EIGRP Characteristics
Fast Convergence
EIGRP uses the DUAL algorithm to converge very quickly. It does this by knowing neighbor router’s routing tables and predefining primary
and secondary routes to every destination network.

Triggered Updates
EIGRP uses partial triggered updates to its directly connected neighbors rather than periodically sharing its entire routing table. This saves
link bandwidth because updates are only sent if a change is incurred, only the changes are sent in the update, and lastly – the updates are
only sent to a routers’s affected neighbors. Very efficient!

Protocol Independent
Enhanced Interior Gateway Routing Protocol supports more than just IPv4. It supports IPv4, IPv6, IPX, and AppleTalk.

Multicast
EIGRP sends route updates, hellos, and queries to its neighbors using the multicast address 224.0.0.10 so end hosts are not affected.
Hellos are sent out every 5 seconds by default to learn about new neighbors and make sure existing neighbors are still available.

VLSM
13 | P a g e


Variable length subnet masking is supported by EIGRP because it is a classless routing protocol. That means subnet masks are included in
route updates.


Terminology
Feasible and advertised distance
EIGRP’s DUAL algorithm determines the best route to a particular network by using distance information, known as cost or metric. DUAL
determines the lowest cost path by adding up the cost to the destination network. Neighbors exchange the cost to every route they know
of when a neighbor adjacency is formed. A router then uses that information to calculate their own cost to the same network by adding the
cost between themselves and their neighbor, then adding that to the neighbor’s advertised cost.

So, (the cost between neighbors) + (the neighbor’s cost to the destination network) = the total cost to the network, or the feasible
distance. The cost the neighbor advertised to the remote network is know as the advertised distance.

See the diagram below.

14 | P a g e


15 | P a g e


Successor
Think of the successor as the active, or primary, route to a destination for EIGRP. The successor is actually the neighbor router that has the
least-cost path to a destination network (a.k.a. has the lowest feasible distance). Successor routes are added directly to the routing table.
You should also know that if multiple successors can exists if they have identical feasible distance values.

Feasible Successor
This is more like the backup route EIGRP chooses to a destination network. This is what makes EIGRP convergence so unique and so fast.
It always tries to find a backup route to that in the even that the successor fails, it can immediately switch over to the feasible successor
(backup) route with very little delay. To qualify as a feasible successor, the AD must be less than the successor’s FD. This helps ensure a
loop-free layer 3 path.


Tables
Neighbor Table
EIGRP discovers neighbors by sending out hellos every 5 seconds. When a routers receives a hello with the same AS number defined, it
forms an adjacency and adds the local interface it used to reach it as well as the neighbor’s IP address to the EIGRP neighbor table.

16 | P a g e


Topology Table
When routers form an adjacency, they exchange route information. That
information is transferred to the EIGRP topology table, which contains all
the destinations advertised by a router’s neighbors.
There are two different types of entries in the topology table, active and
passive. Now you may think that the active entry is the preferred or
“actively-in-use” route, but surprisingly, the opposite is true. The route in
the topology table that is in the active state signifies that it is “actively”
looking for an alternative path to a destination because the successor has
failed and no FS exists. Obviously this is not an ideal scenario.

If a router’s successor becomes unavailable, but has a feasible successor –
the FS will immediately become the successor and there is almost no delay
incurred. This is the primary reason EIGRP convergence times tend to be
some of the fastest of all the dynamic routing protocols.
If, however, a router’s successor becomes unavailable and does not have a
FS to the destination, it will send query messages to all of its neighbors
asking if they know of a path to the destination. The neighbors will either
respond with a path or forward the query to all of their neighbor routers
until a path is identified and relayed back to the original requester or no
more neighbor routers exist. During the time the router is waiting back for
a response, it is unable to forward traffic to the destination network, which

can hurt EIGRP’s convergence time.

17 | P a g e


Passive entries represent routes that have at least a single successor and perhaps a feasible successor. They are what you should see in a
normal, stable topology. Notice the “P’s” in the output from the show eigrp topology command below. They indicate that the entries in the
EIGRP topology table are in the passive (read: normal) state.

——————————————–

R1#sh ip eigrp topology
IP-EIGRP Topology Table for AS(1)/ID(10.1.1.1)
Codes: P – Passive, A – Active, U – Update, Q – Query, R – Reply, r – reply
Status, s – sia Status
P 10.1.3.0/24, 1 successors, FD is 156160
via 10.1.100.3 (156160/128256), FastEthernet0/0
P 10.1.2.0/24, 1 successors, FD is 156160
via 10.1.100.2 (156160/128256), FastEthernet0/0
via 10.1.200.2 (2297856/128256), Serial1/0
P 10.1.1.0/24, 1 successors, FD is 128256
via Connected, Loopback1
P 192.168.100.0/24, 1 successors, FD is 156160
via 10.1.100.3 (156160/128256), FastEthernet0/0
P 10.1.100.0/24, 1 successors, FD is 28160
via Connected, FastEthernet0/0
P 10.1.200.0/24, 1 successors, FD is 2169856
via Connected, Serial1/0
——————————————–


18 | P a g e


EIGRP Messages
Hello
EIGRP hello packets are sent out every 5 seconds by default using multicast address 224.0.0.10 to maintain and discover neighbor
relationships. On slower (T1 and below) and NBMA links, hellos are sent every 30 seconds to conserve bandwidth.
EIGRP hello packets also contains a hello timer which lets the router know if a neighbor is down. The hello timer is set to 15 seconds
normally (~3 unresponsive hellos), and 90 seconds for slower WAN links. When a router receives a hellos packet from another router with
the same AS (Autonomous System) number, it automatically forms a neighbor relationship (also known as an adjacency).

Update
During the EIGRP start-up process on a router, an update message is sent out to its neighbors containing the contents of the router’s
routing table. The only other time an update packet is sent is when network changes occur on a router and it then sends out an update
message to its neighbors who the route change would affect.

Query
When EIGRP looses its successor route and does not have a FS, it sends out a query message to all of its neighbors asking if they know a
path. (See topology section above)

Ack
Acknowledgement packets are sent in response to update, query, and reply packets.

19 | P a g e


Reply
When a router responds to a neighbor router looking for a route (query), it sends it in the form of a reply.

Graceful Shutdown

When an EIGRP process is shut down, the router sends out “goodbye” messages to its neighbors (ironically in the form of hello packets).
The neighbors can then immediately begin recalculating paths to destinations that went through the shutdown router without having to wait
for the hold timer to expire.

EIGRP Metrics
There are 5 descriptives EIGRP uses to calculate its metric, although Cisco generally does not recommend tuning these metrics unless you
have a very specific purpose. You should be aware that only the bandwidth and delay numbers factor into the default formula.

•
•
•
•
•

Bandwidth – the lowest bandwidth value between the source and destination
Delay – the cumulative delay along a series of links
Reliability
Load
MTU

EIGRP Configuration
20 | P a g e


Step 1.
Define EIGRP as the routing protocol with a predefined Autonomous System ID. Routers will not form a neighbor relationship if their AS
numbers do not match.

Example:
R3(config)# router eigrp 1


Step 2.
Define the attached networks you want to participate in EIGRP
Add each network to the EIGRP process with the network prefix mask command for each network. The mask is an inverted mask, like ACLs
use. Example, a /24 mask would be 0.0.0.255.
The network prefix mask command tells the router which local interfaces will then participate in EIGRP. This can be very useful if you do
not want specific interfaces to participate in EIGRP.
Using the mask statement will define how you want the routes summarized if you turn off auto summarization. If you choose not to use the
mask, EIGRP will assume the networks are part of the major networks (class A,B,C boundaries) and could cause potential problems.

21 | P a g e


Example:
R3(config-router)#router eigrp 1
R3(config-router)# network 10.1.100.0 0.0.0.225
R3(config-router)# network 192.168.100.0 0.0.0.3
22 | P a g e


R3(config-router)# network 192.168.100.4 0.0.0.3
R3(config-router)# no auto-summary

The output of R3′s running configuration can be seen below.

R3#sh run | begin router eigrp 1
router eigrp 1
network 10.0.0.0
network 192.168.100.0 0.0.0.3
network 192.168.100.4 0.0.0.3

no auto-summary
!

EIGRP Verification
show ip eigrp neighbors
Displays EIGRP neighbors a router has discovered.
——————————————–

R3#sh ip eigrp neighbors
IP-EIGRP neighbors for process 1
H
Address
Interface

Hold Uptime

SRTT

RTO

Q

Seq
23 | P a g e


1
0

10.1.100.2

10.1.100.1

Fa0/0
Fa0/0

(sec)
(ms)
13 00:12:23 737
14 00:12:29 535

Cnt Num
4422 0 21
3210 0 22

show ip eigrp topology
Displays the output of the EIGRP topology tables including successor and feasible successor routes.
——————————————–

R3#sh ip
IP-EIGRP
Codes: P
r

eigrp topology
Topology Table for AS(1)/ID(192.168.100.5)
– Passive, A – Active, U – Update, Q – Query, R – Reply,
– reply Status, s – sia Status

P 192.168.100.4/30, 1 successors, FD is 128256
via Connected, Loopback15

P 10.1.3.0/24, 1 successors, FD is 128256
via Connected, Loopback3
P 10.1.2.0/24, 1 successors, FD is 156160
via 10.1.100.2 (156160/128256), FastEthernet0/0
P 10.1.1.0/24, 1 successors, FD is 156160
via 10.1.100.1 (156160/128256), FastEthernet0/0
P 192.168.100.0/30, 1 successors, FD is 128256
via Connected, Loopback11
24 | P a g e


P 10.1.100.0/24, 1 successors, FD is 28160
via Connected, FastEthernet0/0
P 10.1.200.0/24, 2 successors, FD is 2172416
via 10.1.100.1 (2172416/2169856), FastEthernet0/0
via 10.1.100.2 (2172416/2169856), FastEthernet0/0

show ip route
Shows the ip routing table entries for all routing protocols.
——————————————–

R3#sh ip route
Codes: C – connected, S – static, R – RIP, M – mobile, B – BGP
D – EIGRP, EX – EIGRP external, O – OSPF, IA – OSPF inter area
N1 – OSPF NSSA external type 1, N2 – OSPF NSSA external type 2
E1 – OSPF external type 1, E2 – OSPF external type 2
i – IS-IS, su – IS-IS summary, L1 – IS-IS level-1, L2 – IS-IS level-2
ia – IS-IS inter area, * – candidate default, U – per-user static route
o – ODR, P – periodic downloaded static route
Gateway of last resort is not set

10.0.0.0/24 is subnetted, 5 subnets
C
10.1.3.0 is directly connected, Loopback3
D
10.1.2.0 [90/156160] via 10.1.100.2, 00:14:46, FastEthernet0/0
D
10.1.1.0 [90/156160] via 10.1.100.1, 00:14:55, FastEthernet0/0
C
10.1.100.0 is directly connected, FastEthernet0/0
25 | P a g e