119
BGP & MPLS WALKTHROUGH 1 Topics covered related to BGP: 1. What BGP ASNs Values? 2. What is iBGP & eBGP ? 3. How BGP form iBGP relationship ,which port it uses for transport ? 4. What are bgp Packets & bgp States ? 5. What is EBGP vs iBGP Peering rules ? 6. How to Configure EBGP relationship ? 7. Use of network command in BGP ? 8. How to advertise network with redistribute command in BGP ? 9. While using redistribution use ip-prefix list ? 10. Use automatic-aggregation & manual summarization ? 11. What is BGP Default Path Selection ? 12. What is route-map ? 13. Configure NL Fast ISP routers to use OSPF as an IGP. - Configure network statements as a specific as possible. - only advertise internal (private) networks. - Use a hello interval of one second & dead of three seconds. 14. Configure full-mess iBGP peers between all routers within NLFast (due to BGP Split Horizon) - Peers should fail over based on the IGP if any key internal links fail (create loopbacks as necessary) - Disable BGP Synchronization (if necessary) . 15.Configure eBGP peers between NLFAst ISP & Uplink ISP1 , UPlink ISP2 & Cust1 routers. - For additional practice , you will be configure the NL Fast ISP, Uplink ISP2 and Cust1 routers. - On Connections where link redundancy is possible , peer using loopback interface (create static route if required) - The Cust1 router should advertise its assigned network via BGP. - Configure authentication between all eBGP peers using a password of your choice. - Set logical descriptions for each neighbor in the BGP Process. - Cust1 is private-as.(64512-65535) 16.Announce networks into BGP appropriately - ISP1 & ISP2 routers should use filtered redistribution to announce their networks . Only advertiese loopbacks network. - The Cust1 router should annonce its network with network command. - The NL Fast ISP routers R1 & R2 should advertise the WAN link subnet (currently 150.1.0.0/24) using a class C subnet mask. 17. Verification: - Verify all expected neighbors are forming (show ip bgp summary) Topics covered related to BGP:

BGP & MPLS WALKTHROUGH - Amazon S3s3-ap-southeast-1.amazonaws.com/tv-prod/documents/10-MPLS...BGP & MPLS WALKTHROUGH 2 - Verify all expected routes appear (show ip bgp/show ip route)

  • Upload
    others

  • View
    55

  • Download
    1

Embed Size (px)

Citation preview

BGP & MPLS WALKTHROUGH

1

Topics covered related to BGP:

1. What BGP ASNs Values?

2. What is iBGP & eBGP ?

3. How BGP form iBGP relationship ,which port it uses for transport ?

4. What are bgp Packets & bgp States ?

5. What is EBGP vs iBGP Peering rules ?

6. How to Configure EBGP relationship ?

7. Use of network command in BGP ?

8. How to advertise network with redistribute command in BGP ?

9. While using redistribution use ip-prefix list ?

10. Use automatic-aggregation & manual summarization ?

11. What is BGP Default Path Selection ?

12. What is route-map ?

13. Configure NL Fast ISP routers to use OSPF as an IGP.

- Configure network statements as a specific as possible.

- only advertise internal (private) networks.

- Use a hello interval of one second & dead of three seconds.

14. Configure full-mess iBGP peers between all routers within NLFast

(due to BGP Split Horizon)

- Peers should fail over based on the IGP if any key internal links fail

(create loopbacks as necessary)

- Disable BGP Synchronization (if necessary) .

15.Configure eBGP peers between NLFAst ISP & Uplink ISP1 , UPlink ISP2 & Cust1 routers.

- For additional practice , you will be configure the NL Fast ISP, Uplink ISP2

and Cust1 routers.

- On Connections where link redundancy is possible , peer using loopback

interface (create static route if required)

- The Cust1 router should advertise its assigned network via BGP.

- Configure authentication between all eBGP peers using a password of your choice.

- Set logical descriptions for each neighbor in the BGP Process.

- Cust1 is private-as.(64512-65535)

16.Announce networks into BGP appropriately

- ISP1 & ISP2 routers should use filtered redistribution to announce

their networks . Only advertiese loopbacks network.

- The Cust1 router should annonce its network with network command.

- The NL Fast ISP routers R1 & R2 should advertise the WAN link

subnet (currently 150.1.0.0/24) using a class C subnet mask.

17. Verification:

- Verify all expected neighbors are forming (show ip bgp summary)

Topics covered related to BGP:

BGP & MPLS WALKTHROUGH

2

- Verify all expected routes appear (show ip bgp/show ip route)

- ISP1/ISP2 should see and be able to ping:

. Cust1 routes

. NL Fast ISP WAN subnet (150.1.0.0/24)

- Cust1 should see & able to ping :

. ISP1/ISP2 loopback networks

18. Short notes on regular-expressions .

19. lab:for ISP1 it will not accept AS300 prefix, for ISP2 it will not accept AS200 prefix.

20. lab: back-to-back connection between ISP1-ISP2, but ISP1 it will learn 150.1.0.0/24

prefixes via NLFAST ISP to ISP2 to ISP1.(use reg-exp to perform these tasks)

21. Task:

According to Diagram:

- use private AS for client(Cust1).

- Send network 172.16.1.1 as primary to ISP1 & secondary to ISP2

- Send network 192.168.1.1 as primary to ISP2 & secondary to ISP1

- Use as-prepend for this task.

- Remove private-as while sending cust1 network to ISP's.

22. What is prefix-list ?

23. What is BGP Community ?

24: What is BGP Community Syntax ?

25a: What are different types of BGP Communities ?

26. What is Confederation ?

27. How to Design Confederation ?

28. What is BGP Process ?

29. How to improve BGP ?

30. What is peer-groups in BGP ?

31. What is BGP route Dampening ?

BGP & MPLS WALKTHROUGH

3

BGP CHAPTER 1

QUESTIONS:

1. What BGP ASNs Values?

2. What is iBGP & eBGP ?

3. How BGP form iBGP relationship ,which port it uses for transport ?

4. What are bgp Packets & bgp States ?

Solution:

1. What BGP ASNs Values?

-->

BGP ASN VALUES

. Originally 2-byte field

- Values 0-65535

- Public ASNs 1 - 64511

- Private ASNs 64512 - 65535

4-Byte BGP ASNs

. 0.0 - 65535.65535 notation

- 0.[0-65535] denote original 2byte ASNs

. Requires backwards compatibility with old code

- 4 Byte ASN support negotiated during capability excha

- "old" BGP speakers are sent ASdot numbers encoded as

ASN "23456"

- Real AS-path encoded with optional transitive

attributes AS4_AGGREGATOR and AS4_PATH

2. What is iBGP & eBGP ?

--->

BGP Peering Types:

. External BGP (EBGP) Peers

- Neighbours outside my Autonomous System

. Internal BGP (iBGP) Peers

-Neighbours inside my Autonomous System

. Update and path selection rules change depending

on what type of peer a route is being sent to/received from

BGP & MPLS WALKTHROUGH

4

3. How BGP form iBGP relationship ,which port it uses for transport ?

--->

Diagram 1: (three BGP AS’s ) in AS 123 we have ibgp relationship

refer the diagram create iBGP relationship between R1 & R2

!

router bgp 123

no synchronization

bgp log-neighbor-changes

neighbor 2.2.2.2 remote-as 123

neighbor 2.2.2.2 update-source Loopback1

!

R2#sh run | se bgp

router bgp 123

no synchronization

bgp log-neighbor-changes

neighbor 1.1.1.1 remote-as 123

neighbor 1.1.1.1 update-source Loopback1

!

Debug ip bgp all

R2#debu ip bgp all

BGP debugging is on for all address families

R2#

*Mar 1 00:31:55.143: BGP: 1.1.1.1 remote close, state CLOSEWAIT

*Mar 1 00:31:55.143: BGP: 1.1.1.1 -reset the session

*Mar 1 00:31:55.147: BGPNSF state: 1.1.1.1 went from nsf_not_active to nsf_not_active

*Mar 1 00:31:55.147: BGP: 1.1.1.1 went from Established to Idle

*Mar 1 00:31:55.147: %BGP-5-ADJCHANGE: neighbor 1.1.1.1 Down Peer closed the session

R2#

*Mar 1 00:31:55.147: BGP: 1.1.1.1 closing

*Mar 1 00:31:55.923: BGP: 1.1.1.1 passive open to 2.2.2.2

BGP & MPLS WALKTHROUGH

5

*Mar 1 00:31:55.923: BGP: 1.1.1.1 went from Idle to Connect

*Mar 1 00:31:55.931: BGP: 1.1.1.1 rcv message type 1, length (excl. header) 26

*Mar 1 00:31:55.931: BGP: 1.1.1.1 rcv OPEN, version 4, holdtime 180 seconds

*Mar 1 00:31:55.931: BGP: 1.1.1.1 went from Connect to OpenSent

*Mar 1 00:31:55.931: BGP: 1.1.1.1 sending OPEN, version 4, my as: 123, holdtime 180 seconds

*Mar 1 00:31:55.931: BGP: 1.1.1.1 rcv OPEN w/ OPTION parameter len: 16

*Mar 1 00:31:55.931: BGP: 1.1.1.1 rcvd OPEN w/ optional parameter type 2 (Capability) len 6

*Mar 1 00:31:55.935: BGP: 1.1.1.1 OPEN has CAPABILITY code: 1, length 4

*Mar 1 00:31:55.935: BGP: 1.1.1.1 OPEN has MP_EXT CAP for afi/safi: 1/1

*Mar 1 00:31:55.935: BGP: 1.1.1.1 rcvd OPEN w/ optional parameter type 2 (Capability) len 2

*Mar 1 00:31:55.935: BGP: 1.1.1.1 OPEN has CAPABILITY code: 128, length 0

*Mar 1 00:31:55.935: BGP: 1.1.1.1 OPEN has ROUTE-REFRESH capability(old) for all address-

families

*Mar 1 00:31:55.939: BGP: 1.1.1.1 rcvd OPEN w/ optional parameter type 2 (Capability) len 2

*Mar 1 00:31:55.939: BGP: 1.1.1.1 OPEN has CAPABILITY code: 2, length 0

*Mar 1 00:31:55.939: BGP: 1.1.1.1 OPEN has ROUTE-REFRESH capability(new) for all address-

families

BGP: 1.1.1.1 rcvd OPEN w/ remote AS 123

*Mar 1 00:31:55.939: BGP: 1.1.1.1 went from OpenSent to OpenConfirm

*Mar 1 00:31:55.939: BGP: 1.1.1.1 send message type 1, length (incl. header) 45

*Mar 1 00:31:56.011: BGP: 1.1.1.1 went from OpenConfirm to Established

*Mar 1 00:31:56.015: %BGP-5-ADJCHANGE: neighbor 1.1.1.1 Up

R2#

R1#sh tcp brief

TCB Local Address Foreign Address (state)

65C5AFFC 1.1.1.1.54578 2.2.2.2.179 TIMEWAIT

65C5B78C 1.1.1.1.61545 2.2.2.2.179 ESTAB

R2#sh tcp brief

TCB Local Address Foreign Address (state)

64DD3C24 2.2.2.2.179 1.1.1.1.61545 ESTAB

R2 is bgp-server because it uses port nos 179.

4. What are bgp Packets & bgp States ?

BGP Packets

> OPEN

> UPDATE

> KEEPALIVE

> NOTIFICATION

BGP STATES:

> IDLE

> ACTIVE

> OPEN SENT

> OPEN CONFIRM

> ESTABLISHED

BGP & MPLS WALKTHROUGH

6

BGP CHAPTER 2

QUESTIONS:

5. What is EBGP vs iBGP Peering rules ?

6. How to Configure EBGP relationship ?

7. Use of network command in BGP ? Solution:

5. What is EBGP vs iBGP Peering rules ?

iBGP Peering Rules:

. iBGP packets default to TTL 255

- implies neighbours do not have to be connected as long

as IGP reachability exists

. Loop prevention via route filtering

- iBGP learned routes cannot be advertised on to another

iBGP neighbor.

- implies need for either....

. Fully meshed iBGP peerings

. Route reflection

. Confederation

EBGP Peering Rules:

. EBGP packets default to TTL 1

- Can be modified if neighbors are multiple hops away

. neighbor ebgp-multihop [ttl]

. neighbor ttl-security hops [ttl]

. Non multi-hop peers must be directly connected by

default

- can be modified if connected neighbours via loopbacks

. neighbor disable-connected-check

. Loop prevention via AS-PATH

- Local ASN is "prepended" to outbound updates

- inbound updates containing local ASN are discarded

- can be modified with neighbor allows-in

EBGP Peering Rules:

. Next-hop processing:

- outbound EBGP updates have local update-source for

neighbor set as next-hop

.E.g if update-source is Loopback0 , next-hop is Loopb0

- Can be modifed with route-map action set ip next-hop but

typically shoudn't

. E.g "Third Party" next-hop

6. How to Configure EBGP neighbour relationship ? . EBGP packets default to TTL 1

- can be modified if connected neighbours via loopbacks

. neighbor disable-connected-check

- Can be modified if neighbors are multiple hops away

. neighbor ebgp-multihop [ttl]

BGP & MPLS WALKTHROUGH

7

. neighbor ttl-security hops [ttl]

in our case make bgp relationship with ISP1 with its loopback

----->

Diagram 2: Creating Neighbour relationship between ISP1 & R2, with their loopbacks

First i am using neighbor disable-connected-check

then using neighbor ebgp-multihop [ttl]

R2#sh run | se bgp

router bgp 123

no synchronization

bgp log-neighbor-changes

neighbor 1.1.1.1 remote-as 123

neighbor 1.1.1.1 update-source Loopback1

neighbor 3.3.3.3 remote-as 123

neighbor 3.3.3.3 update-source Loopback1

neighbor 4.4.4.4 remote-as 444

neighbor 4.4.4.4 disable-connected-check

neighbor 4.4.4.4 update-source Loopback1

no auto-summary

R2#sh run | se ip route

ip route 4.4.4.4 255.255.255.255 10.1.24.4

ISP1#sh run | se bgp

router bgp 444

no synchronization

bgp log-neighbor-changes

neighbor 2.2.2.2 remote-as 123

neighbor 2.2.2.2 disable-connected-check

neighbor 2.2.2.2 update-source Loopback4

no auto-summary

ISP1#

*Mar 1 00:30:46.959: %BGP-5-ADJCHANGE: neighbor 2.2.2.2 Up

BGP & MPLS WALKTHROUGH

8

----------- now using neighbor ebgp-multihop -----

R2(config-router)#do sh run | se bgp

router bgp 123

no synchronization

bgp log-neighbor-changes

neighbor 1.1.1.1 remote-as 123

neighbor 1.1.1.1 update-source Loopback1

neighbor 3.3.3.3 remote-as 123

neighbor 3.3.3.3 update-source Loopback1

neighbor 4.4.4.4 remote-as 444

neighbor 4.4.4.4 ebgp-multihop 3

neighbor 4.4.4.4 update-source Loopback1

no auto-summary

R2(config-router)#

*Mar 1 00:32:53.127: %BGP-5-ADJCHANGE: neighbor 4.4.4.4 Up

ISP1#sh run | se bgp

router bgp 444

no synchronization

bgp log-neighbor-changes

neighbor 2.2.2.2 remote-as 123

neighbor 2.2.2.2 ebgp-multihop 3

neighbor 2.2.2.2 update-source Loopback4

no auto-summary

ISP1#sh ip bgp su

BGP router identifier 4.4.4.4, local AS number 444

BGP table version is 1, main routing table version 1

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd

2.2.2.2 4 123 17 17 1 0 0 00:00:16 0

7. Use of network command in BGP ? --->

Network command of bgp takes routes of your routing table and

advertise it via bgp.

Here advertising 4.4.4.1-4 of ISP1 ot AS 123

ISP1#sh ip bgp

BGP table version is 5, local router ID is 4.4.4.4

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path

*> 4.4.4.1/32 0.0.0.0 0 32768 i

*> 4.4.4.2/32 0.0.0.0 0 32768 i

*> 4.4.4.3/32 0.0.0.0 0 32768 i

*> 4.4.4.4/32 0.0.0.0 0 32768 i

BGP & MPLS WALKTHROUGH

9

ISP1#sh run | se bgp

router bgp 444

no synchronization

bgp log-neighbor-changes

network 4.4.4.1 mask 255.255.255.255

network 4.4.4.2 mask 255.255.255.255

network 4.4.4.3 mask 255.255.255.255

network 4.4.4.4 mask 255.255.255.255

neighbor 2.2.2.2 remote-as 123

neighbor 2.2.2.2 ebgp-multihop 3

neighbor 2.2.2.2 update-source Loopback4

no auto-summary

!

check this route on R2 & R1 also

!

R2#sh ip bgp

BGP table version is 6, local router ID is 2.2.2.2

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path

*> 4.4.4.1/32 4.4.4.4 0 0 444 i

*> 4.4.4.2/32 4.4.4.4 0 0 444 i

*> 4.4.4.3/32 4.4.4.4 0 0 444 i

r> 4.4.4.4/32 4.4.4.4 0 0 444 i

R1#sh ip bgp

BGP table version is 1, local router ID is 1.1.1.4

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path

* i4.4.4.1/32 4.4.4.4 0 100 0 444 i

* i4.4.4.2/32 4.4.4.4 0 100 0 444 i

* i4.4.4.3/32 4.4.4.4 0 100 0 444 i

* i4.4.4.4/32 4.4.4.4 0 100 0 444 i

R1#

BGP & MPLS WALKTHROUGH

10

BGP CHAPTER 3

QUESTIONS:

8. How to advertise network with redistribute command in BGP ?

9. While using redistribution use ip-prefix list ?

10. Use automatic-aggregation & manual summarization ? Solution:

8. How to advertise network with redistribute command in BGP ?

9. While using redistribution use ip-prefix list ?

diag:--<>

Diagram 3: ( bgp advertisement )

Advertise 1.1.1.1-4 out of 1.1.1.1-6 from AS 123 to AS 444 using

redistribution.

Strategy:

from R1 : send networks 1.1.1.1-6/32 & filter these routes at R2

on R2 make route-map , send network 1.1.1.1-4 via redistribute keyword

& rest of network via IGP option.

on R1

router bgp 123

redistribute connected

on R2

!

R2#sh run | se ip prefix

ip prefix-list LOOPBACK_OF_R1 seq 10 permit 1.1.1.1/32

ip prefix-list LOOPBACK_OF_R1 seq 20 permit 1.1.1.2/32

ip prefix-list LOOPBACK_OF_R1 seq 30 permit 1.1.1.3/32

ip prefix-list LOOPBACK_OF_R1 seq 40 permit 1.1.1.4/32

R2#sh run | se route-map

neighbor 4.4.4.4 route-map FILTER out

route-map FILTER permit 10

match ip address prefix-list LOOPBACK_OF_R1

route-map FILTER permit 20

set origin igp

!

BGP & MPLS WALKTHROUGH

11

R2#sh run | se bgp

router bgp 123

neighbor 4.4.4.4 update-source Loopback1

neighbor 4.4.4.4 route-map FILTER out

no auto-summary

!

check output on ISP1

!

ISP1#sh ip bgp

BGP table version is 13, local router ID is 4.4.4.4

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path

*> 1.1.1.1/32 2.2.2.2 0 123 ?

*> 1.1.1.2/32 2.2.2.2 0 123 ?

*> 1.1.1.3/32 2.2.2.2 0 123 ?

*> 1.1.1.4/32 2.2.2.2 0 123 ?

*> 1.1.1.5/32 2.2.2.2 0 123 i

*> 1.1.1.6/32 2.2.2.2 0 123 i

*> 4.4.4.1/32 0.0.0.0 0 32768 i

*> 4.4.4.2/32 0.0.0.0 0 32768 i

*> 4.4.4.3/32 0.0.0.0 0 32768 i

*> 4.4.4.4/32 0.0.0.0 0 32768 i

*> 10.1.12.0/24 2.2.2.2 0 123 i

*> 10.1.13.0/24 2.2.2.2 0 123 i

!

10. Use automatic-aggregation & manual summarization ?

Same diagram as above:

While sending 1.1.1.1-6/32 network from R2 to ISP1 first do the

automatic summarization then manual-summarization with null0 options.

---->

Diagram 4( aggregation of AS 123 network)

BGP & MPLS WALKTHROUGH

12

on R2

R2(config-router)#aggregate-address 1.1.1.0 255.255.255.248

on ISP1

ISP1#sh ip bgp

BGP table version is 14, local router ID is 4.4.4.4

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path

*> 1.1.1.0/29 2.2.2.2 0 0 123 i

*> 1.1.1.1/32 2.2.2.2 0 123 ?

*> 1.1.1.2/32 2.2.2.2 0 123 ?

*> 1.1.1.3/32 2.2.2.2 0 123 ?

*> 1.1.1.4/32 2.2.2.2 0 123 ?

*> 1.1.1.5/32 2.2.2.2 0 123 i

*> 1.1.1.6/32 2.2.2.2 0 123 i

*> 4.4.4.1/32 0.0.0.0 0 32768 i

*> 4.4.4.2/32 0.0.0.0 0 32768 i

*> 4.4.4.3/32 0.0.0.0 0 32768 i

*> 4.4.4.4/32 0.0.0.0 0 32768 i

*> 10.1.12.0/24 2.2.2.2 0 123 i

*> 10.1.13.0/24 2.2.2.2 0 123 i

u will get summary but all other routes are shown , if we use the

R2(config-router)#aggregate-address 1.1.1.0 255.255.255.248 summary-only

then what will happen let us see:

ISP1#sh ip bgp

BGP table version is 8, local router ID is 4.4.4.4

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path

*> 1.1.1.0/29 2.2.2.2 0 0 123 i

*> 4.4.4.1/32 0.0.0.0 0 32768 i

*> 4.4.4.2/32 0.0.0.0 0 32768 i

*> 4.4.4.3/32 0.0.0.0 0 32768 i

*> 4.4.4.4/32 0.0.0.0 0 32768 i

*> 10.1.12.0/24 2.2.2.2 0 123 i

*> 10.1.13.0/24 2.2.2.2 0 123 i

it suppress all the 1.1.1.0 network.

------> but this is not the way in production network in production

we are using manual summarization .

!

R2(config-router)#do sh run | se ip route

ip route 1.1.1.0 255.255.255.248 Null0

ip route 4.4.4.4 255.255.255.255 10.1.24.4

BGP & MPLS WALKTHROUGH

13

!

R2(config-router)#do sh run | se bgp

router bgp 123

redistribute static

!

ISP1#sh ip bgp

BGP table version is 6, local router ID is 4.4.4.4

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path

*> 1.1.1.0/29 2.2.2.2 0 0 123 ?

*> 4.4.4.1/32 0.0.0.0 0 32768 i

*> 4.4.4.2/32 0.0.0.0 0 32768 i

*> 4.4.4.3/32 0.0.0.0 0 32768 i

* 4.4.4.4/32 2.2.2.2 0 0 123 ?

*> 0.0.0.0 0 32768 i

BGP & MPLS WALKTHROUGH

14

BGP CHAPTER 4

QUESTIONS:

11. What is BGP Default Path Selection ?

12. What is route-map ?

Solution:

11.What is BGP Default Path Selection ?

Prefer the route with the highest weight (a local, Cisco-proprietary parameter).

Prefer the route with the highest local preference.

Prefer locally-originated routes over those learned from a neighbor.

Prefer the route with the shortest AS path.

Prefer IGP-learned routes over those with an unknown origin.

Prefer the route with the lowest MED (per AS).

Prefer EBGP-learned routes over IBGP-learned routes.

Prefer the route whose next-hop address has the lowest IGP metric.

Multipath determination

If a best path exists, prefer it over newer routes.

Prefer the route from the router with the lowest router ID.

If the router IDs match, prefer the lowest neighbor IP address.

12. What is route-map ?

An ordered list of statements processed similar to an access-list.

Perform a series of if > then statements (match /set)

Typically used for :

Modifying BGP attributes

Policy Routing

Route Filtering

BGP & MPLS WALKTHROUGH

15

BGP CHAPTER 5 (LAB)

QUESTIONS:

ACCORDING TO DIAGRAM:

13. Configure NL Fast ISP routers to use OSPF as an IGP.

- Configure network statements as a specific as possible.

- only advertise internal (private) networks.

- Use a hello interval of one second & dead of three seconds.

14. Configure full-mess iBGP peers between all routers within NLFast

(due to BGP Split Horizon)

- Peers should fail over based on the IGP if any key internal links fail

(create loopbacks as necessary)

- Disable BGP Synchronization (if necessary) .

SOLUTION:

13. Configure NL Fast ISP routers to use OSPF as an IGP.

- Configure network statements as a specific as possible.

- only advertise internal (private) networks.

- Use a hello interval of one second & dead of three seconds. ------>

Diagram 5( setup the network according to point 13)

R1:config:

R1#sh run | se ospf

router ospf 1

log-adjacency-changes

network 1.1.1.1 0.0.0.0 area 0

network 10.1.1.0 0.0.0.3 area 0

network 10.1.1.4 0.0.0.3 area 0

!

BGP & MPLS WALKTHROUGH

16

interface Serial0/2

ip address 10.1.1.1 255.255.255.252

ip ospf dead-interval minimal hello-multiplier 3

clock rate 2000000

end

R1#sh run int s0/3

Building configuration...

Current configuration : 134 bytes

!

interface Serial0/3

ip address 10.1.1.5 255.255.255.252

ip ospf dead-interval minimal hello-multiplier 3

clock rate 2000000

end

!

R2:config :

!

router ospf 1

network 2.2.2.2 0.0.0.0 area 0

network 10.1.1.4 0.0.0.3 area 0

network 10.1.1.8 0.0.0.3 area 0

!

!

interface Serial0/2

ip address 10.1.1.9 255.255.255.252

ip ospf dead-interval minimal hello-multiplier 3

clock rate 2000000

end

R2#sh run int s0/3

Building configuration...

Current configuration : 134 bytes

!

interface Serial0/3

ip address 10.1.1.6 255.255.255.252

ip ospf dead-interval minimal hello-multiplier 3

clock rate 2000000

end

!

R3 config :

!

R3#sh run | se ospf

!

router ospf 1

log-adjacency-changes

network 3.3.3.3 0.0.0.0 area 0

network 10.1.1.0 0.0.0.3 area 0

BGP & MPLS WALKTHROUGH

17

network 10.1.1.12 0.0.0.3 area 0

!

!

interface Serial0/2

ip address 10.1.1.2 255.255.255.252

ip ospf dead-interval minimal hello-multiplier 3

clock rate 2000000

end

!

interface Serial0/1

ip address 10.1.1.13 255.255.255.252

ip ospf dead-interval minimal hello-multiplier 3

clock rate 2000000

end

!

R4: config:

!

R4(config-router)#do sh run | se ospf

router ospf 1

log-adjacency-changes

network 4.4.4.4 0.0.0.0 area 0

network 10.1.1.8 0.0.0.3 area 0

network 10.1.1.12 0.0.0.3 area 0

!

!

interface Serial0/2

ip address 10.1.1.10 255.255.255.252

ip ospf dead-interval minimal hello-multiplier 3

clock rate 2000000

end

!

interface Serial0/1

ip address 10.1.1.14 255.255.255.252

ip ospf dead-interval minimal hello-multiplier 3

clock rate 2000000

end

14. Configure full-mess iBGP peers between all routers within NLFast

(due to BGP Split Horizon)

- Peers should fail over based on the IGP if any key internal links fail

(create loopbacks as necessary)

- Disable BGP Synchronization (if necessary) .

------->

BGP & MPLS WALKTHROUGH

18

Diagram 6:

R1: Config :

R1#sh run | se bgp

!

router bgp 1234

no synchronization

bgp log-neighbor-changes

neighbor 2.2.2.2 remote-as 1234

neighbor 2.2.2.2 update-source Loopback1

neighbor 3.3.3.3 remote-as 1234

neighbor 3.3.3.3 update-source Loopback1

neighbor 4.4.4.4 remote-as 1234

neighbor 4.4.4.4 update-source Loopback1

no auto-summary

!

R1#sh ip bgp su

BGP router identifier 1.1.1.1, local AS number 1234

BGP table version is 1, main routing table version 1

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd

2.2.2.2 4 1234 13 14 1 0 0 00:10:17 0

3.3.3.3 4 1234 12 13 1 0 0 00:09:40 0

4.4.4.4 4 1234 13 13 1 0 0 00:09:04 0

!

R2: config :

R2#sh run | se bgp

router bgp 1234

no synchronization

bgp log-neighbor-changes

neighbor 1.1.1.1 remote-as 1234

neighbor 1.1.1.1 update-source Loopback1

neighbor 3.3.3.3 remote-as 1234

BGP & MPLS WALKTHROUGH

19

neighbor 3.3.3.3 update-source Loopback1

neighbor 4.4.4.4 remote-as 1234

neighbor 4.4.4.4 update-source Loopback1

no auto-summary

!

!

R2#sh ip bgp summary

BGP router identifier 2.2.2.2, local AS number 1234

BGP table version is 1, main routing table version 1

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd

1.1.1.1 4 1234 14 13 1 0 0 00:10:55 0

3.3.3.3 4 1234 13 13 1 0 0 00:09:53 0

4.4.4.4 4 1234 13 13 1 0 0 00:09:13 0

!

R3: config:

!

R3#sh run | se bgp

router bgp 1234

no synchronization

bgp log-neighbor-changes

neighbor 1.1.1.1 remote-as 1234

neighbor 1.1.1.1 update-source Loopback1

neighbor 2.2.2.2 remote-as 1234

neighbor 2.2.2.2 update-source Loopback1

neighbor 4.4.4.4 remote-as 1234

neighbor 4.4.4.4 update-source Loopback1

no auto-summary

!

R3#sh ip bgp su

BGP router identifier 3.3.3.3, local AS number 1234

BGP table version is 1, main routing table version 1

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd

1.1.1.1 4 1234 15 14 1 0 0 00:11:22 0

2.2.2.2 4 1234 14 14 1 0 0 00:10:58 0

4.4.4.4 4 1234 14 14 1 0 0 00:10:07 0

!

BGP & MPLS WALKTHROUGH

20

R4 config:

R4(config-router)#do sh run | se bgp

router bgp 1234

no synchronization

bgp log-neighbor-changes

neighbor 1.1.1.1 remote-as 1234

neighbor 1.1.1.1 update-source Loopback1

neighbor 2.2.2.2 remote-as 1234

neighbor 2.2.2.2 update-source Loopback1

neighbor 3.3.3.3 remote-as 1234

neighbor 3.3.3.3 update-source Loopback1

no auto-summary

!

R4(config-router)#do sh ip bgp summary

BGP router identifier 4.4.4.4, local AS number 1234

BGP table version is 1, main routing table version 1

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd

1.1.1.1 4 1234 15 15 1 0 0 00:11:30 0

2.2.2.2 4 1234 15 15 1 0 0 00:11:01 0

3.3.3.3 4 1234 14 14 1 0 0 00:10:50 0

!

BGP & MPLS WALKTHROUGH

21

BGP CHAPTER 6:(LAB-CONTINUE)

QUESTIONS:

15.Configure eBGP peers between NLFAst ISP & Uplink ISP1 , UPlink ISP2 & Cust1 routers.

- For additional practice , you will be configure the NL Fast ISP, Uplink ISP2

and Cust1 routers.

- On Connections where link redundancy is possible , peer using loopback

interface (create static route if required)

- The Cust1 router should advertise its assigned network via BGP.

- Configure authentication between all eBGP peers using a password of your choice.

- Set logical descriptions for each neighbor in the BGP Process.

- Cust1 is private-as.(64512-65535)

Solution:

---->

Diagram 7:

R1:config:

!

router bgp 1234

neighbor 11.1.1.1 remote-as 200

neighbor 11.1.1.1 description "link to ISP1"

neighbor 11.1.1.1 password cisco

neighbor 11.1.1.1 ebgp-multihop 2

neighbor 11.1.1.1 update-source Loopback1

!

R1(config-router)#do sh run | se ip route

ip route 11.1.1.1 255.255.255.255 17.9.1.1

ip route 11.1.1.1 255.255.255.255 17.9.1.5

BGP & MPLS WALKTHROUGH

22

!

R2: config:

!

router bgp 1234

neighbor 22.1.1.1 remote-as 300

neighbor 22.1.1.1 description "link to ISP2"

neighbor 22.1.1.1 password cisco

neighbor 22.1.1.1 ebgp-multihop 2

neighbor 22.1.1.1 update-source Loopback1

no auto-summary

!

R2(config-router)#do sh run | se ip route

ip route 22.1.1.1 255.255.255.255 180.1.5.1

ip route 22.1.1.1 255.255.255.255 180.1.5.5

!

R3: config:

!

router bgp 1234

neighbor 150.1.0.2 remote-as 64512

neighbor 150.1.0.2 description "Cust1 link"

no auto-summary

!

Cust1:config:

router bgp 64512

neighbor 150.1.0.1 remote-as 1234

neighbor 150.1.0.1 description "link to R3"

no auto-summary

!

ISP1:config:

!

router bgp 200

no synchronization

bgp log-neighbor-changes

neighbor 1.1.1.1 remote-as 1234

neighbor 1.1.1.1 description "link to R1"

neighbor 1.1.1.1 password cisco

neighbor 1.1.1.1 ebgp-multihop 2

neighbor 1.1.1.1 update-source Loopback1

!

BGP & MPLS WALKTHROUGH

23

ISP1#sh run | se ip route

ip route 1.1.1.1 255.255.255.255 17.9.1.2

ip route 1.1.1.1 255.255.255.255 17.9.1.6

!

ISP2:config:

!

ISP2#sh run | se bgp

router bgp 300

no synchronization

bgp log-neighbor-changes

neighbor 2.2.2.2 remote-as 1234

neighbor 2.2.2.2 description "link to R2"

neighbor 2.2.2.2 password cisco

neighbor 2.2.2.2 ebgp-multihop 2

neighbor 2.2.2.2 update-source Loopback1

no auto-summary

ISP2#sh run | se ip route

ip route 2.2.2.2 255.255.255.255 180.1.5.2

ip route 2.2.2.2 255.255.255.255 180.1.5.6

!

Output on R1:

R1(config-router)#do sh ip bgp summary

BGP router identifier 1.1.1.1, local AS number 1234

BGP table version is 1, main routing table version 1

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd

2.2.2.2 4 1234 62 63 1 0 0 00:59:14 0

3.3.3.3 4 1234 61 62 1 0 0 00:58:37 0

4.4.4.4 4 1234 62 62 1 0 0 00:58:01 0

11.1.1.1 4 200 37 37 1 0 0 00:33:08 0

BGP & MPLS WALKTHROUGH

24

BGP CHAPTER 7 (LAB-CONTINUE)

QUESTIONS:

16.Announce networks into BGP appropriately

- ISP1 & ISP2 routers should use filtered redistribution to announce

their networks . Only advertiese loopbacks network.

- The Cust1 router should annonce its network with network command.

- The NL Fast ISP routers R1 & R2 should advertise the WAN link

subnet (currently 150.1.0.0/24) using a class C subnet mask.

17. Verification:

- Verify all expected neighbors are forming (show ip bgp summary)

- Verify all expected routes appear (show ip bgp/show ip route)

- ISP1/ISP2 should see and be able to ping:

. Cust1 routes

. NL Fast ISP WAN subnet (150.1.0.0/24)

- Cust1 should see & able to ping :

. ISP1/ISP2 loopback networks

SOLUTION: ---->

16.Announce networks into BGP appropriately

- ISP1 & ISP2 routers should use filtered redistribution to announce

their networks . Only advertiese loopbacks network.

- The Cust1 router should annonce its network with network command.

- The NL Fast ISP routers R1 & R2 should advertise the WAN link

subnet (currently 150.1.0.0/24) using a class C subnet mask. !

Diagram 8:

!

ISP1:config:

ISP1#sh run | se ip prefix

!

BGP & MPLS WALKTHROUGH

25

ip prefix-list LOOP seq 10 permit 11.1.1.1/32

ip prefix-list LOOP seq 20 permit 11.1.1.2/32

ip prefix-list LOOP seq 30 permit 11.1.1.3/32

!

ISP1#sh run | se route-map

redistribute connected route-map RLOOP

route-map RLOOP permit 10

match ip address prefix-list LOOP

!

ISP1#sh run | se bgp

router bgp 200

redistribute connected route-map RLOOP

!

ISP2:config:

ISP2#sh run | se ip prefix

ip prefix-list LOOP seq 10 permit 22.1.1.1/32

ip prefix-list LOOP seq 20 permit 22.1.1.2/32

ip prefix-list LOOP seq 30 permit 22.1.1.3/32

ISP2#sh run | se route-map

redistribute connected route-map RLOOP

route-map RLOOP permit 10

match ip address prefix-list LOOP

ISP2#sh run | se bgp | redistri

router bgp 300

redistribute connected route-map RLOOP

!

- The Cust1 router should annonce its network with network command. Cust1: config:

!

Cust1#sh run | se bgp

router bgp 64512

network 150.1.1.0 mask 255.255.255.0

!

R1:

! Peer ISP1 with this config so that ISP's network learnt by internal

! protocol.

ip prefix-list LOOP1 seq 10 permit 11.1.1.1/32

route-map OSPF_REDIS

mat ip address prefix LOOP1

router ospf 1

redistribut static route-map OSPF_REDIS metric 50 subnets

!

R2:

! Peer ISP2 with this config so that ISP's network learnt by internal

! protocol.

ip prefix-list LOOP1 seq 10 permit 22.1.1.1/32

route-map OSPF_REDIS

mat ip address prefix LOOP1

router ospf 1

redistribut static route-map OSPF_REDIS metric 50 subnets

BGP & MPLS WALKTHROUGH

26

!

on R3: config:

router ospf 1

passive-interface Serial0/0

network 150.1.0.1 0.0.0.0 area 0

!

giving customer the default route:

router bgp 1234

neighbor 150.1.0.2 default-originate

!

so R1 can ping to Cust1

!

While R1,R2 advertise Cust1 network it removes the private as nos:

so on R1, R2 do this:

!on R1

neighbor 11.1.1.1 remove-private-as

!on R2

neighbor 22.1.1.1 remove-private-as

!

Advertise 150.1.0.0 from NLfast datacentre to ISP1 & ISP2:

on R1, R2

!

ip route 150.1.0.0 255.255.255.0 null0

router bgp 1234

net 150.1.0.0 mask 255.255.255.0

!

17. Verification:

- Verify all expected neighbors are forming (show ip bgp summary)

- Verify all expected routes appear (show ip bgp/show ip route)

- ISP1/ISP2 should see and be able to ping:

. Cust1 routes

. NL Fast ISP WAN subnet (150.1.0.0/24)

- Cust1 should see & able to ping :

. ISP1/ISP2 loopback networks

--> R1#sh ip bgp su

BGP router identifier 1.1.1.1, local AS number 1234

BGP table version is 80, main routing table version 80

8 network entries using 936 bytes of memory

9 path entries using 468 bytes of memory

6/4 BGP path/bestpath attribute entries using 744 bytes of memory

3 BGP AS-PATH entries using 72 bytes of memory

0 BGP route-map cache entries using 0 bytes of memory

0 BGP filter-list cache entries using 0 bytes of memory

BGP using 2220 total bytes of memory

BGP activity 20/12 prefixes, 34/25 paths, scan interval 60 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd

2.2.2.2 4 1234 252 248 80 0 0 02:16:12 4

3.3.3.3 4 1234 237 245 80 0 0 01:51:24 1

BGP & MPLS WALKTHROUGH

27

4.4.4.4 4 1234 236 246 80 0 0 01:51:15 0

11.1.1.1 4 200 216 248 80 0 0 01:53:04 3

R1#sh ip bgp

BGP table version is 80, local router ID is 1.1.1.1

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path

r> 11.1.1.1/32 11.1.1.1 0 0 200 ?

*> 11.1.1.2/32 11.1.1.1 0 0 200 ?

*> 11.1.1.3/32 11.1.1.1 0 0 200 ?

r>i22.1.1.1/32 22.1.1.1 0 100 0 300 ?

*>i22.1.1.2/32 22.1.1.1 0 100 0 300 ?

*>i22.1.1.3/32 22.1.1.1 0 100 0 300 ?

* i150.1.0.0/24 2.2.2.2 0 100 0 i

*> 0.0.0.0 0 32768 i

*>i150.1.1.0/24 150.1.0.2 0 100 0 64512 i

R1#

!

R2#sh ip bgp

BGP table version is 105, local router ID is 2.2.2.2

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path

r>i11.1.1.1/32 11.1.1.1 0 100 0 200 ?

*>i11.1.1.2/32 11.1.1.1 0 100 0 200 ?

*>i11.1.1.3/32 11.1.1.1 0 100 0 200 ?

r> 22.1.1.1/32 22.1.1.1 0 0 300 ?

*> 22.1.1.2/32 22.1.1.1 0 0 300 ?

*> 22.1.1.3/32 22.1.1.1 0 0 300 ?

*> 150.1.0.0/24 0.0.0.0 0 32768 i

* i 1.1.1.1 0 100 0 i

*>i150.1.1.0/24 150.1.0.2 0 100 0 64512 i

R2#

*Mar 1 04:05:34.506: %SYS-5-CONFIG_I: Configured from console by console

BGP & MPLS WALKTHROUGH

28

R2#sh ip bgp

BGP table version is 105, local router ID is 2.2.2.2

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path

r>i11.1.1.1/32 11.1.1.1 0 100 0 200 ?

*>i11.1.1.2/32 11.1.1.1 0 100 0 200 ?

*>i11.1.1.3/32 11.1.1.1 0 100 0 200 ?

r> 22.1.1.1/32 22.1.1.1 0 0 300 ?

*> 22.1.1.2/32 22.1.1.1 0 0 300 ?

*> 22.1.1.3/32 22.1.1.1 0 0 300 ?

*> 150.1.0.0/24 0.0.0.0 0 32768 i

* i 1.1.1.1 0 100 0 i

*>i150.1.1.0/24 150.1.0.2 0 100 0 64512 i

!

!

- ISP1/ISP2 should see and be able to ping:

. Cust1 routes

. NL Fast ISP WAN subnet (150.1.0.0/24)

- Cust1 should see & able to ping :

. ISP1/ISP2 loopback networks

!

on R2 & R1: !Cisco best practise , use IGP to advertise next-hop address

!

router ospf 1

net 180.1.5.0 0.0.0.255 ar 0

passive-interface se0/1

passive-interface s0/0

!

!

router ospf 1

net 17.9.1.0 0.0.0.255 ar 0

passive-interface se0/1

passive-interface s0/0

!

ISP1#traceroute 150.1.1.2

Type escape sequence to abort.

Tracing the route to 150.1.1.2

1 17.9.1.6 8 msec

17.9.1.2 0 msec

17.9.1.6 0 msec

2 10.1.1.2 4 msec 208 msec 96 msec

3 150.1.0.2 [AS 1234] 208 msec * 92 msec

BGP & MPLS WALKTHROUGH

29

ISP1#ping 150.1.1.2

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 150.1.1.2, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 104/161/224 ms

!

ISP2#traceroute 150.1.0.2

Type escape sequence to abort.

Tracing the route to 150.1.0.2

1 180.1.5.6 216 msec

180.1.5.2 104 msec

180.1.5.6 100 msec

2 10.1.1.10 192 msec 48 msec 0 msec

3 10.1.1.13 44 msec 228 msec 180 msec

4 150.1.0.2 [AS 1234] 156 msec * 300 msec

ISP2#ping 150.1.0.2

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 150.1.0.2, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 68/123/172 ms

!

BGP & MPLS WALKTHROUGH

30

BGP CHAPTER 8 (includes chap 5,6,7) FULL LAB:

13. Configure NL Fast ISP routers to use OSPF as an IGP.

- Configure network statements as a specific as possible.

- only advertise internal (private) networks.

- Use a hello interval of one second & dead of three seconds.

14. Configure full-mess iBGP peers between all routers within NLFast

(due to BGP Split Horizon)

- Peers should fail over based on the IGP if any key internal links fail

(create loopbacks as necessary)

- Disable BGP Synchronization (if necessary) .

15.Configure eBGP peers between NLFAst ISP & Uplink ISP1 , UPlink ISP2 & Cust1 routers.

- For additional practice , you will be configure the NL Fast ISP, Uplink ISP2

and Cust1 routers.

- On Connections where link redundancy is possible , peer using loopback

interface (create static route if required)

- The Cust1 router should advertise its assigned network via BGP.

- Configure authentication between all eBGP peers using a password of your choice.

- Set logical descriptions for each neighbor in the BGP Process.

- Cust1 is private-as.(64512-65535)

16.Announce networks into BGP appropriately

- ISP1 & ISP2 routers should use filtered redistribution to announce

their networks . Only advertiese loopbacks network.

- The Cust1 router should annonce its network with network command.

- The NL Fast ISP routers R1 & R2 should advertise the WAN link

subnet (currently 150.1.0.0/24) using a class C subnet mask.

17. Verification:

- Verify all expected neighbors are forming (show ip bgp summary)

- Verify all expected routes appear (show ip bgp/show ip route)

- ISP1/ISP2 should see and be able to ping:

. Cust1 routes

. NL Fast ISP WAN subnet (150.1.0.0/24)

- Cust1 should see & able to ping :

. ISP1/ISP2 loopback networks

BGP & MPLS WALKTHROUGH

31

Diagram 9:

hostname R1

!

interface Loopback1

ip address 1.1.1.1 255.255.255.255

!

interface Serial0/0

ip address 17.9.1.2 255.255.255.252

clock rate 2000000

!

interface Serial0/1

ip address 17.9.1.6 255.255.255.252

clock rate 2000000

!

interface Serial0/2

ip address 10.1.1.1 255.255.255.252

ip ospf dead-interval minimal hello-multiplier 3

clock rate 2000000

!

interface Serial0/3

ip address 10.1.1.5 255.255.255.252

ip ospf dead-interval minimal hello-multiplier 3

clock rate 2000000

!

router ospf 1

log-adjacency-changes

redistribute static metric 50 subnets route-map OSPF_REDIS

passive-interface Serial0/0

passive-interface Serial0/1

BGP & MPLS WALKTHROUGH

32

network 1.1.1.1 0.0.0.0 area 0

network 10.1.1.0 0.0.0.3 area 0

network 10.1.1.4 0.0.0.3 area 0

network 17.9.1.0 0.0.0.255 area 0

network 180.1.5.0 0.0.0.255 area 0

!

router bgp 1234

no synchronization

bgp log-neighbor-changes

network 150.1.0.0 mask 255.255.255.0

neighbor 2.2.2.2 remote-as 1234

neighbor 2.2.2.2 update-source Loopback1

neighbor 3.3.3.3 remote-as 1234

neighbor 3.3.3.3 update-source Loopback1

neighbor 4.4.4.4 remote-as 1234

neighbor 4.4.4.4 update-source Loopback1

neighbor 11.1.1.1 remote-as 200

neighbor 11.1.1.1 description "link to ISP1"

neighbor 11.1.1.1 password cisco

neighbor 11.1.1.1 ebgp-multihop 2

neighbor 11.1.1.1 update-source Loopback1

neighbor 11.1.1.1 remove-private-as

no auto-summary

!

ip forward-protocol nd

ip route 11.1.1.1 255.255.255.255 17.9.1.1

ip route 11.1.1.1 255.255.255.255 17.9.1.5

ip route 150.1.0.0 255.255.255.0 Null0

!

!

no ip http server

no ip http secure-server

!

!

ip prefix-list LOOP1 seq 10 permit 11.1.1.1/32

!

route-map OSPF_REDIS permit 10

match ip address prefix-list LOOP1

!

!

end

hostname R2

!

interface Loopback1

ip address 2.2.2.2 255.255.255.252

!

interface Serial0/0

ip address 180.1.5.2 255.255.255.252

clock rate 2000000

!

BGP & MPLS WALKTHROUGH

33

interface Serial0/1

ip address 180.1.5.6 255.255.255.252

clock rate 2000000

!

interface Serial0/2

ip address 10.1.1.9 255.255.255.252

ip ospf dead-interval minimal hello-multiplier 3

clock rate 2000000

!

interface Serial0/3

ip address 10.1.1.6 255.255.255.252

ip ospf dead-interval minimal hello-multiplier 3

clock rate 2000000

!

router ospf 1

log-adjacency-changes

redistribute static metric 50 subnets route-map OSPF_REDIS

passive-interface Serial0/0

passive-interface Serial0/1

network 2.2.2.2 0.0.0.0 area 0

network 10.1.1.4 0.0.0.3 area 0

network 10.1.1.8 0.0.0.3 area 0

network 17.9.1.0 0.0.0.255 area 0

network 180.1.5.0 0.0.0.255 area 0

!

router bgp 1234

no synchronization

bgp log-neighbor-changes

network 150.1.0.0 mask 255.255.255.0

neighbor 1.1.1.1 remote-as 1234

neighbor 1.1.1.1 update-source Loopback1

neighbor 3.3.3.3 remote-as 1234

neighbor 3.3.3.3 update-source Loopback1

neighbor 4.4.4.4 remote-as 1234

neighbor 4.4.4.4 update-source Loopback1

neighbor 22.1.1.1 remote-as 300

neighbor 22.1.1.1 description "link to ISP2"

neighbor 22.1.1.1 password cisco

neighbor 22.1.1.1 ebgp-multihop 2

neighbor 22.1.1.1 update-source Loopback1

neighbor 22.1.1.1 remove-private-as

no auto-summary

!

ip forward-protocol nd

ip route 22.1.1.1 255.255.255.255 180.1.5.1

ip route 22.1.1.1 255.255.255.255 180.1.5.5

ip route 150.1.0.0 255.255.255.0 Null0

!

!

no ip http server

no ip http secure-server

BGP & MPLS WALKTHROUGH

34

!

!

ip prefix-list LOOP1 seq 10 permit 22.1.1.1/32

!

route-map OSPF_REDIS permit 10

match ip address prefix-list LOOP1

!

!

end

hostname R3

!

interface Loopback1

ip address 3.3.3.3 255.255.255.255

!

interface Serial0/0

ip address 150.1.0.1 255.255.255.252

clock rate 2000000

!

interface Serial0/1

ip address 10.1.1.13 255.255.255.252

ip ospf dead-interval minimal hello-multiplier 3

clock rate 2000000

!

interface Serial0/2

ip address 10.1.1.2 255.255.255.252

ip ospf dead-interval minimal hello-multiplier 3

clock rate 2000000

!

router ospf 1

log-adjacency-changes

passive-interface Serial0/0

network 3.3.3.3 0.0.0.0 area 0

network 10.1.1.0 0.0.0.3 area 0

network 10.1.1.12 0.0.0.3 area 0

network 150.1.0.1 0.0.0.0 area 0

!

router bgp 1234

no synchronization

bgp log-neighbor-changes

neighbor 1.1.1.1 remote-as 1234

neighbor 1.1.1.1 update-source Loopback1

neighbor 2.2.2.2 remote-as 1234

neighbor 2.2.2.2 update-source Loopback1

neighbor 4.4.4.4 remote-as 1234

neighbor 4.4.4.4 update-source Loopback1

neighbor 150.1.0.2 remote-as 64512

neighbor 150.1.0.2 description "Cust1 link"

neighbor 150.1.0.2 default-originate

no auto-summary

!

BGP & MPLS WALKTHROUGH

35

end

!

hostname R4

!

interface Loopback1

ip address 4.4.4.4 255.255.255.255

!

interface Serial0/1

ip address 10.1.1.14 255.255.255.252

ip ospf dead-interval minimal hello-multiplier 3

clock rate 2000000

!

interface Serial0/2

ip address 10.1.1.10 255.255.255.252

ip ospf dead-interval minimal hello-multiplier 3

clock rate 2000000

!

interface Serial0/3

no ip address

shutdown

clock rate 2000000

!

router ospf 1

log-adjacency-changes

network 4.4.4.4 0.0.0.0 area 0

network 10.1.1.8 0.0.0.3 area 0

network 10.1.1.12 0.0.0.3 area 0

!

router bgp 1234

no synchronization

bgp log-neighbor-changes

neighbor 1.1.1.1 remote-as 1234

neighbor 1.1.1.1 update-source Loopback1

neighbor 2.2.2.2 remote-as 1234

neighbor 2.2.2.2 update-source Loopback1

neighbor 3.3.3.3 remote-as 1234

neighbor 3.3.3.3 update-source Loopback1

no auto-summary

!

end

BGP & MPLS WALKTHROUGH

36

!

hostname ISP1

!

interface Loopback1

ip address 11.1.1.1 255.255.255.255

!

interface Loopback2

ip address 11.1.1.2 255.255.255.255

!

interface Loopback3

ip address 11.1.1.3 255.255.255.255

!

interface Serial0/0

ip address 17.9.1.1 255.255.255.252

clock rate 2000000

!

interface Serial0/1

ip address 17.9.1.5 255.255.255.252

clock rate 2000000

!

router bgp 200

no synchronization

bgp log-neighbor-changes

redistribute connected route-map RLOOP

neighbor 1.1.1.1 remote-as 1234

neighbor 1.1.1.1 description "link to R1"

neighbor 1.1.1.1 password cisco

neighbor 1.1.1.1 ebgp-multihop 2

neighbor 1.1.1.1 update-source Loopback1

no auto-summary

!

ip forward-protocol nd

ip route 1.1.1.1 255.255.255.255 17.9.1.2

ip route 1.1.1.1 255.255.255.255 17.9.1.6

!

!

ip prefix-list LOOP seq 10 permit 11.1.1.1/32

ip prefix-list LOOP seq 20 permit 11.1.1.2/32

ip prefix-list LOOP seq 30 permit 11.1.1.3/32

!

route-map RLOOP permit 10

match ip address prefix-list LOOP

!

end

BGP & MPLS WALKTHROUGH

37

hostname ISP2

!

!

interface Loopback1

ip address 22.1.1.1 255.255.255.255

!

interface Loopback2

ip address 22.1.1.2 255.255.255.255

!

interface Loopback3

ip address 22.1.1.3 255.255.255.255

!

interface Serial0/0

ip address 180.1.5.1 255.255.255.252

clock rate 2000000

!

interface Serial0/1

ip address 180.1.5.5 255.255.255.252

clock rate 2000000

!

router bgp 300

no synchronization

bgp log-neighbor-changes

redistribute connected route-map RLOOP

neighbor 2.2.2.2 remote-as 1234

neighbor 2.2.2.2 description "link to R2"

neighbor 2.2.2.2 password cisco

neighbor 2.2.2.2 ebgp-multihop 2

neighbor 2.2.2.2 update-source Loopback1

no auto-summary

!

ip forward-protocol nd

ip route 2.2.2.2 255.255.255.255 180.1.5.2

ip route 2.2.2.2 255.255.255.255 180.1.5.6

!

!

no ip http server

no ip http secure-server

!

!

ip prefix-list LOOP seq 10 permit 22.1.1.1/32

ip prefix-list LOOP seq 20 permit 22.1.1.2/32

ip prefix-list LOOP seq 30 permit 22.1.1.3/32

!

route-map RLOOP permit 10

match ip address prefix-list LOOP

!

end

BGP & MPLS WALKTHROUGH

38

hostname Cust1

!

interface FastEthernet0/0

ip address 150.1.1.2 255.255.255.0

duplex auto

speed auto

!

interface Serial0/0

ip address 150.1.0.2 255.255.255.252

clock rate 2000000

!

router bgp 64512

no synchronization

bgp log-neighbor-changes

network 150.1.1.0 mask 255.255.255.0

neighbor 150.1.0.1 remote-as 1234

neighbor 150.1.0.1 description "link to R3"

no auto-summary

!

end

BGP & MPLS WALKTHROUGH

39

BGP CHAPTER 9 (REG-EX)

QUESTIONS:

18. Short notes on regular-expressions .

19. lab:for ISP1 it will not accept AS300 prefix, for ISP2 it will not accept AS200 prefix.

20. lab: back-to-back connection between ISP1-ISP2, but ISP1 it will learn 150.1.0.0/24

prefixes via NLFAST ISP to ISP2 to ISP1.(use reg-exp to perform these tasks)

Solution:

18. Short notes on regular-expressions .

Regular expression:

commonly in BGP for matching items in as-path.

^ Maches the beginning of input

$ matches end

| or

. Matches a single character

+ Matches the character to the left or more times

* Matches the character to the left 0 or more times

? Mathes the character to the left 0 or 1 times

\ Removes special meanings

() Affects order of operations

[] Creates a group of characters

_ white space

19. lab:for ISP1 it will not accept AS300 prefix, for ISP2 it will not accept AS200 prefix ---->

Diagram 10:

BGP & MPLS WALKTHROUGH

40

refer the diagram:

initially ISP1 learning the prefixes: from R1

ISP1(config-if)#do sh ip bgp

-----output cut

Network Next Hop Metric LocPrf Weight Path

*> 11.1.1.1/32 0.0.0.0 0 32768 ?

*> 11.1.1.2/32 0.0.0.0 0 32768 ?

*> 11.1.1.3/32 0.0.0.0 0 32768 ?

*> 22.1.1.1/32 1.1.1.1 0 1234 300 ?

*> 22.1.1.2/32 1.1.1.1 0 1234 300 ?

*> 22.1.1.3/32 1.1.1.1 0 1234 300 ?

*> 150.1.0.0/24 1.1.1.1 0 0 1234 i

*> 150.1.1.0/24 1.1.1.1 0 1234 i

after applying policy on R1 in outward direction :

R1(config-router)#do sh run | se ip as-path

!

ip as-path access-list 1 deny _300_

ip as-path access-list 1 permit .*

!

sh run | se route-map DAS300

route-map DAS300 permit 10

match as-path 1

!

router bgp 1234

neighbor 11.1.1.1 route-map DAS300 out

!

output at ISP1

!

ISP1(config-if)#do sh ip bgp

BGP table version is 16, local router ID is 11.1.1.3

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path

*> 11.1.1.1/32 0.0.0.0 0 32768 ?

*> 11.1.1.2/32 0.0.0.0 0 32768 ?

*> 11.1.1.3/32 0.0.0.0 0 32768 ?

*> 150.1.0.0/24 1.1.1.1 0 0 1234 i

*> 150.1.1.0/24 1.1.1.1 0 1234 i

because we have filtered AS300.

apply same policy to R2 for AS200.

R1(config-router)#do sh run | se ip as-path

!

ip as-path access-list 1 deny _200_

ip as-path access-list 1 permit .*

!

!sh run | se route-map DAS200

BGP & MPLS WALKTHROUGH

41

route-map DAS300 permit 10

match as-path 1

!

router bgp 1234

neighbor 22.1.1.1 route-map DAS300 out

!

output at ISP2

!

ISP2#sh ip bgp

BGP table version is 22, local router ID is 22.1.1.3

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path

*> 22.1.1.1/32 0.0.0.0 0 32768 ?

*> 22.1.1.2/32 0.0.0.0 0 32768 ?

*> 22.1.1.3/32 0.0.0.0 0 32768 ?

*> 150.1.0.0/24 2.2.2.2 0 0 1234 i

*> 150.1.1.0/24 2.2.2.2 0 1234 i

not receiving routes from ISP1.

20. lab: back-to-back connection between ISP1-ISP2, but ISP1 it will learn 150.1.0.0/24

prefixes via NLFAST ISP to ISP2 to ISP1.(use reg-exp to perform these tasks)

---> refer diagram:

Diagram 11:

create ebgp relationship between ISP1 & ISP2 back2back link.

for ISP1:

ISP1# sh ip bgp

BGP & MPLS WALKTHROUGH

42

--- output cut ---- it is learning 150.1.0.0 prefix via R1 , but i want it learn

via 199.9.9.2???

* 150.1.0.0/24 199.9.9.2 0 300 1234 i

*> 1.1.1.1 0 0 1234 i

* 150.1.1.0/24 199.9.9.2 0 300 1234 i

*> 1.1.1.1 0 1234 i

we can increase the weight on ISP1 while it receive the prefix from ISP2.

ISP1(config-router)#do sh run | se ip as-path

ip as-path access-list 100 permit _1234_

!

ISP1(config-router)#do sh run | se route-map

!

route-map VIAISP2 permit 10

match as-path 100

set weight 2000

route-map VIAISP2 permit 20

!

ISP1(config-router)#do sh run | se bgp

router bgp 200

neighbor 199.9.9.2 route-map VIAISP2 in

!

ISP1(config-router)#do sh ip bgp

BGP table version is 27, local router ID is 11.1.1.3

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path

*> 11.1.1.1/32 0.0.0.0 0 32768 ?

*> 11.1.1.2/32 0.0.0.0 0 32768 ?

*> 11.1.1.3/32 0.0.0.0 0 32768 ?

*> 22.1.1.1/32 199.9.9.2 0 0 300 ?

*> 22.1.1.2/32 199.9.9.2 0 0 300 ?

*> 22.1.1.3/32 199.9.9.2 0 0 300 ?

*> 150.1.0.0/24 199.9.9.2 2000 300 1234 i

* 1.1.1.1 0 0 1234 i

*> 150.1.1.0/24 199.9.9.2 2000 300 1234 i

* 1.1.1.1 0 1234 i

now we can see ISP2 prefers 150.1.0.0 network . WoW !!!!!

BGP & MPLS WALKTHROUGH

43

BGP CHAPTER 10(Lab on AS-PREPEND)

21. Task:

According to Diagram:

- use private AS for client(Cust1).

- Send network 172.16.1.1 as primary to ISP1 & secondary to ISP2

- Send network 192.168.1.1 as primary to ISP2 & secondary to ISP1

- Use as-prepend for this task.

- Remove private-as while sending cust1 network to ISP's.

NOte: Look carefully the configuration of R2. ----> diag:

Diagram 12:

Solution:

Configuration on devices:

!

hostname R1

!

interface Loopback1

ip address 172.16.1.1 255.255.255.255

!

interface Loopback2

ip address 192.168.1.1 255.255.255.255

BGP & MPLS WALKTHROUGH

44

!

interface FastEthernet0/0

no ip address

shutdown

duplex auto

speed auto

!

interface FastEthernet0/1

ip address 10.1.12.1 255.255.255.0

duplex auto

speed auto

!

router bgp 65500

no synchronization

bgp log-neighbor-changes

network 172.16.1.1 mask 255.255.255.255

network 192.168.1.1 mask 255.255.255.255

neighbor 10.1.12.2 remote-as 23

no auto-summary

!

!

end

!

hostname R2

!

!

interface Loopback1

ip address 2.2.2.2 255.255.255.255

!

interface FastEthernet0/0

ip address 10.1.23.2 255.255.255.0

duplex auto

speed auto

!

interface Serial0/0

no ip address

shutdown

clock rate 2000000

!

interface FastEthernet0/1

ip address 10.1.12.2 255.255.255.0

duplex auto

speed auto

!

interface Serial0/1

no ip address

shutdown

clock rate 2000000

!

router ospf 1

BGP & MPLS WALKTHROUGH

45

log-adjacency-changes

passive-interface FastEthernet0/1

network 2.2.2.2 0.0.0.0 area 0

network 10.1.12.0 0.0.0.255 area 0

network 10.1.23.0 0.0.0.255 area 0

!

router bgp 23

no synchronization

bgp log-neighbor-changes

neighbor 3.3.3.3 remote-as 23

neighbor 3.3.3.3 update-source Loopback1

neighbor 10.1.12.1 remote-as 65500

no auto-summary

!

end

!

hostname R3

!

!

interface Loopback1

ip address 3.3.3.3 255.255.255.255

!

interface FastEthernet0/0

ip address 10.1.23.3 255.255.255.0

duplex auto

speed auto

!

interface Serial0/0

ip address 10.1.34.3 255.255.255.0

clock rate 2000000

!

interface FastEthernet0/1

no ip address

shutdown

duplex auto

speed auto

!

interface Serial0/1

ip address 10.1.35.3 255.255.255.0

clock rate 2000000

!

interface Serial0/2

no ip address

shutdown

clock rate 2000000

!

interface Serial0/3

no ip address

shutdown

clock rate 2000000

!

BGP & MPLS WALKTHROUGH

46

router ospf 1

log-adjacency-changes

network 3.3.3.3 0.0.0.0 area 0

network 10.1.23.0 0.0.0.255 area 0

!

router bgp 23

no synchronization

bgp log-neighbor-changes

neighbor 2.2.2.2 remote-as 23

neighbor 2.2.2.2 update-source Loopback1

neighbor 10.1.34.4 remote-as 400

neighbor 10.1.34.4 remove-private-as

neighbor 10.1.34.4 route-map PREPEND out

neighbor 10.1.35.5 remote-as 500

neighbor 10.1.35.5 remove-private-as

neighbor 10.1.35.5 route-map PREPEND2 out

no auto-summary

!

ip forward-protocol nd

!

!

no ip http server

no ip http secure-server

!

!

ip prefix-list M172 seq 10 permit 172.16.1.1/32

!

ip prefix-list M192 seq 10 permit 192.168.1.1/32

!

route-map PREPEND permit 10

match ip address prefix-list M172

!

route-map PREPEND permit 20

match ip address prefix-list M192

set as-path prepend 23 23 23 23

!

route-map PREPEND2 permit 10

match ip address prefix-list M192

!

route-map PREPEND2 permit 20

set as-path prepend 23 23 23 23

!

end

!

hostname R4

!

!

interface Loopback1

ip address 4.4.4.4 255.255.255.255

!

interface FastEthernet0/0

BGP & MPLS WALKTHROUGH

47

no ip address

shutdown

duplex auto

speed auto

!

interface Serial0/0

ip address 10.1.34.4 255.255.255.0

clock rate 2000000

!

interface FastEthernet0/1

no ip address

shutdown

duplex auto

speed auto

!

interface Serial0/1

no ip address

shutdown

clock rate 2000000

!

router bgp 400

no synchronization

bgp log-neighbor-changes

neighbor 10.1.34.3 remote-as 23

no auto-summary

!

end

!

hostname R5

!

!

interface Loopback1

ip address 5.5.5.5 255.255.255.255

!

interface FastEthernet0/0

no ip address

shutdown

duplex auto

speed auto

!

interface Serial0/0

no ip address

shutdown

clock rate 2000000

!

interface FastEthernet0/1

no ip address

shutdown

duplex auto

speed auto

!

BGP & MPLS WALKTHROUGH

48

interface Serial0/1

ip address 10.1.35.5 255.255.255.0

clock rate 2000000

!

router bgp 500

no synchronization

bgp log-neighbor-changes

neighbor 10.1.35.3 remote-as 23

no auto-summary

!

end

----------------------------------------------------------------

OUTPUT on ISP1 & ISP2

R4(config-router)#do sh ip bgp

BGP table version is 15, local router ID is 4.4.4.4

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path

*> 172.16.1.1/32 10.1.34.3 0 23 i

*> 192.168.1.1/32 10.1.34.3 0 23 23 23 23 23 i

R5(config-router)#do sh ip bgp

BGP table version is 19, local router ID is 5.5.5.5

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path

*> 172.16.1.1/32 10.1.35.3 0 23 23 23 23 23 i

*> 192.168.1.1/32 10.1.35.3 0 23 i

BGP & MPLS WALKTHROUGH

49

BGP CHAPTER 11 (IP PREFIX-LIST)

QUESTION:

22. What is prefix-list ?

23. What is BGP Community ?

24: What is BGP Community Syntax ?

25a: What are different types of BGP Communities ?

SOLUTION:

22. What is prefix-list ? . An improvement on Access lists for matching routes

- improved processor utilization

- better subnet mask matching abilities

. Two stage matching system : network + mask

Some examples:

ip prefix-list ONE permit 0.0.0.0/0 (permit default route)

ip prefix-list TWO permit 0.0.0.0/0 le 32 (permit any)

ip prefix-list THREE permit 0.0.0.0/0 ge 32 (permit all host routes)

ip prefix-list FOUR permit 0.0.0.0/1 ge 24 le 24 ( matches any class A

address with class C subnet mask)

ip prefix-list FIVE permit 128.0.0.0/2 ge 16 (match any class B with subnet

mask >= 16)

We can use prefix-list with neighbour command or with route-map to tune

attributes of BGP.

23. What is BGP Community ?

. It is BGP Route tagging method.

. Coupled with BGP policy.

New Format vs Old format:

. BGP community attribute is a 32-bit value.

- 4,294,967,295 valures

RFC 1977 took the 32 bit value and split it into two 655536 values

<AS>:<Community>

examples 500:18 or 500:99

24: What is BGP Community Syntax ?

. Use the new 16bit:16bit Community format.

router(config)# ip bgp-community new-format

. Send Communities to a neighbor (Stripped by default)

router(config-router)# neighbor <ip> send-community

. Set A community value in a route map

router(config-route-map)# ip community-list <standard|extended> <name>

BGP & MPLS WALKTHROUGH

50

Simple Community-list:

router(config)# ip community-list <1-99>

extended community-list

router(config)# ip community-list <100-199>

extended community list matches on the basis of regular expressions.

Named Community-list

router(config)# ip community-list <standard|extended> <name>

25a: What are different types of BGP Communities ? -->

Internet(default) : all BGP routes have this community 0 (this is std bgp tag)

Local-AS : It does not advertised the routes outside the local-as.

No-export : It will not advertise outside EBGP peer , but it will communicate

on cofederation.

No-advertise: It will not advertise outside its neighbour.

None:

BGP & MPLS WALKTHROUGH

51

BGP CHAPTER 12 (ROUTE-REFLECTION)

QUESTIONS:

25b. What is Route-Reflection ?

-->Perform Lab for Route-reflection .

25b. What is Route-Reflection ? Solution:

--> RRs Bend the BGP Split Horizon rules.

. RRs Process updates as follows:

- eBGP Peer --> All iBGP / eBGP peers.

- iBGP (non-client) Peer --> eBGP and Clients

- iBGP (client) Peer --> All Peers (Non-sender)

. RR Groups add a cluster-id attribute to routes

. RR clients are oblivious to everything .

-->Perform Lab for Route-reflection . According to diagram:

-->

Diagram 13:

The updates for BB3 via eBGP go to the R4, R4 will forward updates via

iBGP to R1, but due to split horizon R1 will not forward updates to the R3.

Now we can make R1, BGP route-reflector then it forward the updates to

the non-client also.

R1,R4,R3, BB3 config:

!

hostname R1

!

interface Loopback1

ip address 1.1.1.1 255.255.255.255

BGP & MPLS WALKTHROUGH

52

!

interface FastEthernet0/0

ip address 10.1.14.1 255.255.255.0

duplex auto

speed auto

!

interface Serial0/0

ip address 10.1.13.1 255.255.255.0

clock rate 2000000

!

interface FastEthernet0/1

no ip address

shutdown

duplex auto

speed auto

!

interface Serial0/1

no ip address

shutdown

clock rate 2000000

!

router ospf 1

log-adjacency-changes

network 1.1.1.1 0.0.0.0 area 0

network 10.1.13.0 0.0.0.255 area 0

network 10.1.14.0 0.0.0.255 area 0

!

router bgp 100

no synchronization

bgp log-neighbor-changes

neighbor 3.3.3.3 remote-as 100

neighbor 3.3.3.3 update-source Loopback1

neighbor 3.3.3.3 route-reflector-client

neighbor 4.4.4.4 remote-as 100

neighbor 4.4.4.4 update-source Loopback1

no auto-summary

!

ip forward-protocol nd

!

end

!

hostname R3

!

!

interface Loopback1

ip address 3.3.3.3 255.255.255.255

!

interface FastEthernet0/0

no ip address

shutdown

BGP & MPLS WALKTHROUGH

53

duplex auto

speed auto

!

interface Serial0/0

ip address 10.1.13.3 255.255.255.0

clock rate 2000000

!

interface FastEthernet0/1

no ip address

shutdown

duplex auto

speed auto

!

interface Serial0/1

no ip address

shutdown

clock rate 2000000

!

router ospf 1

log-adjacency-changes

network 3.3.3.3 0.0.0.0 area 0

network 10.1.13.0 0.0.0.255 area 0

!

router bgp 100

no synchronization

bgp log-neighbor-changes

neighbor 1.1.1.1 remote-as 100

neighbor 1.1.1.1 update-source Loopback1

no auto-summary

!

end

!

hostname R4

!

interface Loopback1

ip address 4.4.4.4 255.255.255.255

!

interface FastEthernet0/0

ip address 10.1.14.4 255.255.255.0

duplex auto

speed auto

!

interface FastEthernet0/1

ip address 204.12.1.4 255.255.255.0

duplex auto

speed auto

!

router ospf 1

log-adjacency-changes

passive-interface FastEthernet0/1

BGP & MPLS WALKTHROUGH

54

network 4.4.4.4 0.0.0.0 area 0

network 10.1.14.0 0.0.0.255 area 0

network 204.12.1.0 0.0.0.255 area 0

!

router bgp 100

no synchronization

bgp log-neighbor-changes

neighbor 1.1.1.1 remote-as 100

neighbor 1.1.1.1 update-source Loopback1

neighbor 3.3.3.3 remote-as 100

neighbor 3.3.3.3 update-source Loopback1

neighbor 204.12.1.254 remote-as 54

no auto-summary

!

end

hostname BB3

!

interface Loopback1

ip address 33.1.1.1 255.255.255.255

!

interface FastEthernet0/0

ip address 204.12.1.254 255.255.255.0

duplex auto

speed auto

!

interface FastEthernet0/1

no ip address

shutdown

duplex auto

speed auto

!

router bgp 54

no synchronization

bgp log-neighbor-changes

network 33.1.1.1 mask 255.255.255.255

neighbor 204.12.1.4 remote-as 100

no auto-summary

!

end

output at R3:

R3 getting routes from R1.........WoW !!!!!!

R3#sh ip bg

BGP table version is 2, local router ID is 3.3.3.3

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path

*>i33.1.1.1/32 204.12.1.254 0 100 0 54 i

BGP & MPLS WALKTHROUGH

55

BGP CHAPTER 13 (CONFEDERATION)

QUESTIONS:

26. What is Confederation ?

27. How to Design Confederation ?

--> Lab on Confederation .

Solution:

26. What is Confederation ? -->

. An AS inside an AS

. Alternative to route reflections

. uses intra-as numbers , which are stripped before sending updates via EBGP.

. Inter-confederation peers are treated as EBGP to establish, but IBGP relating to

attributes.

. Still on IGP for the entire system

27. How to Design Confederation ?

-->

. Complete BGP rewrite.

. Break AS into smaller autonomous systems

. use private AS numbers (64512-65535)

. full ibgp mesh required within confederation AS (Route reflectors an option)

--> Lab on Confederation .

--> Diagram:

Diagram 14:

Create sub-as on R1,R2,R3 as in diagram.

Config:

R1:

!

hostname R2

!

BGP & MPLS WALKTHROUGH

56

interface Loopback1

ip address 2.2.2.2 255.255.255.255

!

interface FastEthernet0/0

ip address 10.1.23.2 255.255.255.0

duplex auto

speed auto

!

interface FastEthernet0/1

ip address 10.1.12.2 255.255.255.0

duplex auto

speed auto

!

router ospf 1

log-adjacency-changes

network 2.2.2.2 0.0.0.0 area 0

network 10.1.12.0 0.0.0.255 area 0

network 10.1.23.0 0.0.0.255 area 0

!

router bgp 65002

no synchronization

bgp log-neighbor-changes

bgp confederation identifier 123

bgp confederation peers 65001 65003

neighbor 1.1.1.1 remote-as 65001

neighbor 1.1.1.1 ebgp-multihop 2

neighbor 1.1.1.1 update-source Loopback1

neighbor 3.3.3.3 remote-as 65003

neighbor 3.3.3.3 ebgp-multihop 2

neighbor 3.3.3.3 update-source Loopback1

no auto-summary

!

!

end

!

BGP & MPLS WALKTHROUGH

57

hostname R2

!

interface Loopback1

ip address 2.2.2.2 255.255.255.255

!

interface FastEthernet0/0

ip address 10.1.23.2 255.255.255.0

duplex auto

speed auto

!

interface FastEthernet0/1

ip address 10.1.12.2 255.255.255.0

duplex auto

speed auto

!

router ospf 1

log-adjacency-changes

network 2.2.2.2 0.0.0.0 area 0

network 10.1.12.0 0.0.0.255 area 0

network 10.1.23.0 0.0.0.255 area 0

!

router bgp 65002

no synchronization

bgp log-neighbor-changes

bgp confederation identifier 123

bgp confederation peers 65001 65003

neighbor 1.1.1.1 remote-as 65001

neighbor 1.1.1.1 ebgp-multihop 2

neighbor 1.1.1.1 update-source Loopback1

neighbor 3.3.3.3 remote-as 65003

neighbor 3.3.3.3 ebgp-multihop 2

neighbor 3.3.3.3 update-source Loopback1

no auto-summary

!

!

end

!

hostname R3

!

!

!

interface Loopback1

ip address 3.3.3.3 255.255.255.255

!

interface FastEthernet0/0

BGP & MPLS WALKTHROUGH

58

ip address 10.1.23.3 255.255.255.0

duplex auto

speed auto

!

interface FastEthernet0/1

no ip address

shutdown

duplex auto

speed auto

!

router ospf 1

log-adjacency-changes

network 3.3.3.3 0.0.0.0 area 0

network 10.1.23.0 0.0.0.255 area 0

!

router bgp 65003

no synchronization

bgp log-neighbor-changes

bgp confederation identifier 123

bgp confederation peers 65002

neighbor 2.2.2.2 remote-as 65002

neighbor 2.2.2.2 ebgp-multihop 2

neighbor 2.2.2.2 update-source Loopback1

no auto-summary

!

!

end

!

hostname R4

!

!

interface Loopback1

ip address 4.4.4.4 255.255.255.255

!

interface FastEthernet0/0

ip address 10.1.14.4 255.255.255.0

duplex auto

speed auto

!

interface FastEthernet0/1

no ip address

shutdown

duplex auto

speed auto

!

router bgp 54

no synchronization

bgp log-neighbor-changes

BGP & MPLS WALKTHROUGH

59

network 4.4.4.4 mask 255.255.255.255

neighbor 10.1.14.1 remote-as 123

no auto-summary

!

end

--------- output ---- on R2, R3 ----------

R2#sh ip bgp

BGP table version is 2, local router ID is 2.2.2.2

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path

*> 4.4.4.4/32 10.1.14.4 0 100 0 (65001) 54 i

R3#sh ip bgp

BGP table version is 2, local router ID is 3.3.3.3

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path

*> 4.4.4.4/32 10.1.14.4 0 100 0 (65002 65001) 54 i

BGP & MPLS WALKTHROUGH

60

BGP CHAPTER 14 (BGP TWEAKING)

QUESTIONS:

28. What is BGP Process ?

29. How to improve BGP ?

Solution:

28. What is BGP Process ?

--> BGP Open - Starts peers up.

- BGP I/O - Prepares / Process Updates , Keepalives

- BGP Scanner - Checks next hops , determines routes to advertise

- BGP Router - Calculates best path , Process route changes

29. How to improve BGP ?

-->

. Use the IP TCP PATH-MTU-DISCOVERY (BGP defaults to 536 bytes)

(show ip bgp neighbors | in max)

. Use BGP peer groups

. Increase input queues (HOLD-QUEUE in )

cisco default is 1000 .

. Tune BGP scanner time / Adveritsement interval (per neighbor)

config-router)# bgp scan-time <5-60>

router)# neighbor 1.1.1.1 advertisement-interval <0-600>

. Set a maximum prefix limit

router)# neighbor 1.1.1.1 maximum-prefix 8000

BGP & MPLS WALKTHROUGH

61

BGP CHAPTER 15(Peer_groups_lab)

30. What is peer-groups in BGP ?

--> Lab on BGP Peer-groups .

31. What is BGP route Dampening ?

-->

Solution: 30. What is peer-groups in BGP ?

--> Lab on BGP Peer-groups .

. Efficient way of neighbour configuration.

. Separate peer for IBGP & EBGP

. Generates a single outbound update for all the peers.

. Individual configuration supported for inbound updates.

. Handled dynamically in IOS 12.0 (show ip bgp update-gorup)

Lab:

diagram--->

Diagram 15:

R1-R5 configs:

hostname R1

!

!

interface Loopback1

ip address 1.1.1.1 255.255.255.255

!

interface FastEthernet0/0

ip address 10.1.12.1 255.255.255.0

duplex auto

speed auto

!

BGP & MPLS WALKTHROUGH

62

interface FastEthernet0/1

ip address 10.1.13.1 255.255.255.0

duplex auto

speed auto

!

router ospf 1

log-adjacency-changes

network 1.1.1.1 0.0.0.0 area 0

network 10.1.12.0 0.0.0.255 area 0

network 10.1.13.0 0.0.0.255 area 0

!

router bgp 1234

no synchronization

bgp log-neighbor-changes

neighbor IBGP_PEERS peer-group

neighbor IBGP_PEERS remote-as 1234

neighbor IBGP_PEERS update-source Loopback1

neighbor 2.2.2.2 peer-group IBGP_PEERS

neighbor 3.3.3.3 peer-group IBGP_PEERS

neighbor 4.4.4.4 peer-group IBGP_PEERS

no auto-summary

!

end

!

hostname R2

!

!

interface Loopback1

ip address 2.2.2.2 255.255.255.255

!

interface FastEthernet0/0

ip address 10.1.12.2 255.255.255.0

duplex auto

speed auto

!

interface FastEthernet0/1

ip address 10.1.24.2 255.255.255.0

duplex auto

speed auto

!

router ospf 1

log-adjacency-changes

network 2.2.2.2 0.0.0.0 area 0

network 10.1.12.0 0.0.0.255 area 0

network 10.1.24.0 0.0.0.255 area 0

!

router bgp 1234

no synchronization

bgp log-neighbor-changes

neighbor IBGP_PEERS peer-group

BGP & MPLS WALKTHROUGH

63

neighbor IBGP_PEERS remote-as 1234

neighbor IBGP_PEERS update-source Loopback1

neighbor 1.1.1.1 peer-group IBGP_PEERS

neighbor 3.3.3.3 peer-group IBGP_PEERS

neighbor 4.4.4.4 peer-group IBGP_PEERS

no auto-summary

!

!

end

!

hostname R3

!

interface Loopback1

ip address 3.3.3.3 255.255.255.255

!

interface FastEthernet0/0

ip address 10.1.34.3 255.255.255.0

duplex auto

speed auto

!

interface FastEthernet0/1

ip address 10.1.13.3 255.255.255.0

duplex auto

speed auto

!

router ospf 1

log-adjacency-changes

network 3.3.3.3 0.0.0.0 area 0

network 10.1.13.0 0.0.0.255 area 0

network 10.1.34.0 0.0.0.255 area 0

!

router bgp 1234

no synchronization

bgp log-neighbor-changes

neighbor IBGP_PEERS peer-group

neighbor IBGP_PEERS remote-as 1234

neighbor IBGP_PEERS update-source Loopback1

neighbor 1.1.1.1 peer-group IBGP_PEERS

neighbor 2.2.2.2 peer-group IBGP_PEERS

neighbor 4.4.4.4 peer-group IBGP_PEERS

no auto-summary

!

end

hostname R4

!

interface Loopback1

ip address 4.4.4.4 255.255.255.255

!

interface FastEthernet0/0

BGP & MPLS WALKTHROUGH

64

ip address 10.1.34.4 255.255.255.0

duplex auto

speed auto

!

interface Serial0/0

ip address 10.1.45.4 255.255.255.0

clock rate 2000000

!

interface FastEthernet0/1

ip address 10.1.24.4 255.255.255.0

duplex auto

speed auto

!

interface Serial0/1

no ip address

shutdown

clock rate 2000000

!

router ospf 1

log-adjacency-changes

passive-interface Serial0/0

network 4.4.4.4 0.0.0.0 area 0

network 10.1.24.0 0.0.0.255 area 0

network 10.1.34.0 0.0.0.255 area 0

network 10.1.45.0 0.0.0.255 area 0

!

router bgp 1234

no synchronization

bgp log-neighbor-changes

neighbor IBGP_PEERS peer-group

neighbor IBGP_PEERS remote-as 1234

neighbor IBGP_PEERS update-source Loopback1

neighbor 1.1.1.1 peer-group IBGP_PEERS

neighbor 2.2.2.2 peer-group IBGP_PEERS

neighbor 3.3.3.3 peer-group IBGP_PEERS

neighbor 10.1.45.5 remote-as 555

no auto-summary

!

end

!

hostname R5

!

!

interface Loopback1

ip address 5.5.5.5 255.255.255.255

!

interface FastEthernet0/0

no ip address

shutdown

BGP & MPLS WALKTHROUGH

65

duplex auto

speed auto

!

interface Serial0/0

ip address 10.1.45.5 255.255.255.0

clock rate 2000000

!

interface FastEthernet0/1

no ip address

shutdown

duplex auto

speed auto

!

interface Serial0/1

no ip address

shutdown

clock rate 2000000

!

router bgp 555

no synchronization

bgp log-neighbor-changes

network 5.5.5.5 mask 255.255.255.255

neighbor 10.1.45.4 remote-as 1234

no auto-summary

!

end

-------------------------------------------------

31. What is BGP route Dampening ?

-->

.Suppress the impact of flapping routes without impacting better routes.

.Default mechanish: 5 seconds 'wait' for iBGP & 30 second 'wait' for eBGP.

.Works like a water beaker:

- penalty - 1000

- Suppress limit - 2000

- Reuse limit - 750

- Decay algorithm (half-life) - 15 min

BGP & MPLS WALKTHROUGH

66

Topics covered related to MPLS:

1. What are the commands to enable MPLS and where are the commands used ?

2. How do you verify the local label a router has chosen for a given network ?

3. How do you verify which label a router will impose

4. What protocol(s)/Port(s) are used for LDP Hellos & Sessions ?

5. How does R3 know what R2's local label is for a specific network ?

6. When MPLS is enabled, what would prevent an LDP neighborship ?

7. Why would you use an ACL in combination with an MPLS debug ?

8. How does the IGP next hop affect the LSP?

9. Why does LDP advertiese all local IPv4 address to a neighbor ?

10. By default , does the LSP path match the IPv4 path to a network ?

11. What is Liberal Label Retention ?

12a. LSRs that get a packet with an unknown label what it will do ?

12b. What is PHP ?

13. What is relationsip between RIB/FIB , LIB/LFIB CEF ?

14. Which is preferred by CEF: MPLS or IPv4 forwarding ?

15. What are different type of labels used in MPLS ?

16. How do you view the advertised transport address ?

17. What command changes the LDP router-id ?

18. When & how would you change the advertised transport address ?

19. What is MPLS label format ?

20. In MPLS L3VPN how do the customer & provider share routes ?

21. Why does a PE have a VRF for each customer ? What is VRF ?

22. Which protocol is used between PE's to advertise VPNv4 routes ?

23. What command is used to enter the "VPNv4 Section" of BGP ?

24. What is use of Extended Community ?

25. Why would you activate VPNv4 capability with an iBGP peer ?

26. What are to commands to activate VPNv4 feature ?

27. What keeps your customers routes unique from each other in mBGP ?

28. How do you assign a PE interface to a VRF ?

29. Which command shows you the routes inside the VRF ?

30. What does 'address-family ipv4' mean within EIGRP & RIP ?

31. How do you link an OSPF process to a specific VRF ?

33. Why is redistribution needed in MPLS L3VPN ?

34. When is a RD, RT and VPN label added to a route ?

35. In BGP configuration are you causing an Import or Export ?

36. Full Lab on MPLS.

BGP & MPLS WALKTHROUGH

67

MPLS CHAPTER 1

QUESTIONS

1. What are the commands to enable MPLS and where are the commands used ?

2. How do you verify the local label a router has chosen for a given network ?

3. How do you verify which label a router will impose

SOLUTION :

1. What are the commands to enable MPLS and where are the commands used ?

if we enable mpls ip at global config mode it will enable mpls on all the interfaces.

so enable mpls ip on per interface basis.

Diagram 16:

in this diagram enable mpls ip on the interface within the square box , R1 fa0/0

R2 f0/0-f0/1 & R3 f0/1.

2. How do you verify the local label a router has chosen for a given network ?

For LIB table:

R2#sh mpls ldp bindings 1.1.1.1 32

tib entry: 1.1.1.1/32, rev 2

local binding: tag: 16

remote binding: tsr: 1.1.1.1:0, tag: imp-null

remote binding: tsr: 3.3.3.3:0, tag: 16

BGP & MPLS WALKTHROUGH

68

R2#sh mpls ldp bindings 3.3.3.3 32

tib entry: 3.3.3.3/32, rev 6

local binding: tag: 17

remote binding: tsr: 1.1.1.1:0, tag: 501

remote binding: tsr: 3.3.3.3:0, tag: imp-null

for LFIB table:

R2#sh mpls forwarding-table 1.1.1.1

Local Outgoing Prefix Bytes tag Outgoing Next Hop

tag tag or VC or Tunnel Id switched interface

16 Pop tag 1.1.1.1/32 0 Fa0/0 10.1.12.1

R2#sh mpls forwarding-table 3.3.3.3

Local Outgoing Prefix Bytes tag Outgoing Next Hop

tag tag or VC or Tunnel Id switched interface

17 Pop tag 3.3.3.3/32 0 Fa0/1 10.1.23.3

3. How do you verify which label a router will impose

R1#sh ip cef 3.3.3.3

3.3.3.3/32, version 13, epoch 0, cached adjacency 10.1.12.2

0 packets, 0 bytes

tag information set

local tag: 501

fast tag rewrite with Fa0/0, 10.1.12.2, tags imposed: {17}

via 10.1.12.2, FastEthernet0/0, 0 dependencies

next hop 10.1.12.2, FastEthernet0/0

valid cached adjacency

tag rewrite with Fa0/0, 10.1.12.2, tags imposed: {17}

BGP & MPLS WALKTHROUGH

69

MPLS CHAPTER 2

QUESTION:

4. What protocol(s)/Port(s) are used for LDP Hellos & Sessions ?

5. How does R3 know what R2's local label is for a specific network ?

6. When MPLS is enabled, what would prevent an LDP neighborship ?

7. Why would you use an ACL in combination with an MPLS debug ?

SOLUTION :

4. What protocol(s)/Port(s) are used for LDP Hellos & Sessions ?

5. How does R3 know what R2's local label is for a specific network ?

7. Why would you use an ACL in combination with an MPLS debug ?

1. first they send hello pkts to discover the lsp routers with udp multicast 646 224.0.0.2

2. then the establish tcp relationship with tcp 646 224.0.0.2 , higher rid will act like

active router lower rid will act like passive router.

3. then they send & recieve ldp lables

Diagram 17:

in the diagram given from the last lab , disable & enable mpls & find the neighbor relationship .

configure on R2 for the relationship with R3

conf)# access-list 1 permit 3.3.3.3

exit

# debug mpls ldp bindings prefix-list 1

BGP & MPLS WALKTHROUGH

70

R2(config)#access-list 1 permit 3.3.3.3

R2(config)#end

R2#debug mpls ldp bindings prefix-acl 1

LDP Label Information Base (LIB) changes debugging is on for prefix ACL 1

R2#conf t

Enter configuration commands, one per line. End with CNTL/Z.

R2(config)#no mpls ip

*Mar 1 00:06:42.475: tagcon: tibent(3.3.3.3/32): deleted

R2(config)#mpls ip

R2(config)#

-----output cut -----------

*Mar 1 00:06:44.827: tib: find route tags: 3.3.3.3/32, Fa0/1, nh 10.1.23.3, res nh 10.1.23.3

*Mar 1 00:06:44.827: tagcon: announce labels for: 3.3.3.3/32; nh 10.1.23.3, Fa0/1, inlabel 19, outlabel

unknown (from 0.0.0.0:0), find route tags

R2(config)#

*Mar 1 00:06:49.907: tagcon: (Default-IP-Routing-Table) Assign peer id; 3.3.3.3:0: id 0

*Mar 1 00:06:49.911: %LDP-5-NBRCHG: LDP Neighbor 3.3.3.3:0 (1) is UP

*Mar 1 00:06:49.927: tagcon: 3.3.3.3:0: 10.1.23.3 added to addr<->ldp ident map

*Mar 1 00:06:49.931: tagcon: 3.3.3.3:0: 3.3.3.3 added to addr<->ldp ident map

*Mar 1 00:06:49.931: tagcon: tibent(3.3.3.3/32): label imp-null from 3.3.3.3:0 added

*Mar 1 00:06:49.935: tagcon: announce labels for: 3.3.3.3/32; nh 10.1.23.3, Fa0/1, inlabel 19, outlabel

imp-null (from 3.3.3.3:0), add rem binding

*Mar 1 00:06:50.367: tagcon: (Default-IP-Routing-Table) Assign peer id; 1.1.1.1:0: id 1

*Mar 1 00:06:50.371: %LDP-5-NBRCHG: LDP Neighbor 1.1.1.1:0 (2) is UP

R2(config)#

*Mar 1 00:06:50.479: tagcon: 1.1.1.1:0: 10.1.12.1 added to addr<->ldp ident map

*Mar 1 00:06:50.483: tagcon: 1.1.1.1:0: 1.1.1.1 added to addr<->ldp ident map

*Mar 1 00:06:50.491: tagcon: tibent(3.3.3.3/32): label 502 from 1.1.1.1:0 added

*Mar 1 00:06:50.491: tib: Not OK to announce label; nh 10.1.23.3 not bound to 1.1.1.1:0

*Mar 1 00:06:50.495: tagcon: omit announce labels for: 3.3.3.3/32; nh 10.1.23.3, Fa0/1, from 1.1.1.1:0:

add rem binding: next hop = 10.1.23.3

R2#undebug all

6. When MPLS is enabled, what would prevent an LDP neighborship ?

# sh mpls ldp neighbour

if transport address in not reachable they will not form ldp relationships

R2#sh mpls ldp neighbor

Peer LDP Ident: 1.1.1.1:0; Local LDP Ident 2.2.2.2:0

TCP connection: 1.1.1.1.646 - 2.2.2.2.38184

BGP & MPLS WALKTHROUGH

71

State: Oper; Msgs sent/rcvd: 19/19; Downstream

Up time: 00:10:11

LDP discovery sources:

FastEthernet0/0, Src IP addr: 10.1.12.1

Addresses bound to peer LDP Ident:

10.1.12.1 1.1.1.1

Peer LDP Ident: 3.3.3.3:0; Local LDP Ident 2.2.2.2:0

TCP connection: 3.3.3.3.43683 - 2.2.2.2.646

State: Oper; Msgs sent/rcvd: 13/13; Downstream

Up time: 00:04:38

LDP discovery sources:

FastEthernet0/1, Src IP addr: 10.1.23.3

Addresses bound to peer LDP Ident:

10.1.23.3 3.3.3.3

R2#sh mpls ldp bindings local

tib entry: 1.1.1.1/32, rev 2

local binding: tag: 18

tib entry: 2.2.2.2/32, rev 4

local binding: tag: imp-null

tib entry: 3.3.3.3/32, rev 6

local binding: tag: 19

tib entry: 10.1.12.0/24, rev 8

local binding: tag: imp-null

tib entry: 10.1.23.0/24, rev 10

local binding: tag: imp-null

R2#sh ip cef 3.3.3.3

3.3.3.3/32, version 21, epoch 0, cached adjacency 10.1.23.3

0 packets, 0 bytes

tag information set

local tag: 19

via 10.1.23.3, FastEthernet0/1, 0 dependencies

next hop 10.1.23.3, FastEthernet0/1

valid cached adjacency

tag rewrite with Fa0/1, 10.1.23.3, tags imposed: {}

R2#sh ip route 3.3.3.3

Routing entry for 3.3.3.3/32

Known via "ospf 1", distance 110, metric 11, type intra area

Last update from 10.1.23.3 on FastEthernet0/1, 00:17:24 ago

Routing Descriptor Blocks:

* 10.1.23.3, from 3.3.3.3, 00:17:24 ago, via FastEthernet0/1

Route metric is 11, traffic share count is 1

BGP & MPLS WALKTHROUGH

72

++++>> let us change the next hop of R2 for loopback address 3.3.3.3

R2(config)#ip route 3.3.3.3 255.255.255.255 10.1.12.1

R2(config)#end

*Mar 1 00:20:15.535: %SYS-5-CONFIG_I: Configured from console by consol

R2# sh ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2

i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

ia - IS-IS inter area, * - candidate default, U - per-user static route

o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

1.0.0.0/32 is subnetted, 1 subnets

O 1.1.1.1 [110/11] via 10.1.12.1, 00:19:09, FastEthernet0/0

2.0.0.0/32 is subnetted, 1 subnets

C 2.2.2.2 is directly connected, Loopback1

3.0.0.0/32 is subnetted, 1 subnets

S 3.3.3.3 [1/0] via 10.1.12.1

10.0.0.0/24 is subnetted, 2 subnets

C 10.1.12.0 is directly connected, FastEthernet0/0

C 10.1.23.0 is directly connected, FastEthernet0/1

R2#traceroute 3.3.3.3 source 2.2.2.2

Type escape sequence to abort.

Tracing the route to 3.3.3.3

1 * * *

2 * * *

3 * * *

4 * * *

5 * * *

you can see it is unreachable plus the bytes tag switched is very high 846612 ???

means packet is looping in the network.

BGP & MPLS WALKTHROUGH

73

R2#sh mpls forwarding-table 3.3.3.3

Local Outgoing Prefix Bytes tag Outgoing Next Hop

tag tag or VC or Tunnel Id switched interface

19 502 3.3.3.3/32 846612 Fa0/0 10.1.12.1

but reachable next hop is 10.1.23.3

so it will not form neighbour:

redo the static route and it will work:

on R2 : no ip route 3.3.3.3 255.255.255.255 10.1.12.1

it will form neighbour

R2(config)#no ip route 3.3.3.3 255.255.255.255 10.1.12.1

R2(config)#end

R2#ping

*Mar 1 00:23:25.963: %SYS-5-CONFIG_I: Configured from console by console

R2#ping 3.3.3.3 so 2.2.2.2

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 3.3.3.3, timeout is 2 seconds:

Packet sent with a source address of 2.2.2.2

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 20/29/48 ms

R2#

*Mar 1 00:23:35.419: %LDP-5-NBRCHG: LDP Neighbor 3.3.3.3:0 (1) is UP

BGP & MPLS WALKTHROUGH

74

MPLS CHAPTER 3

QUESTIONS :

8. How does the IGP next hop affect the LSP?

9. Why does LDP advertiese all local IPv4 address to a neighbor ?

10. By default , does the LSP path match the IPv4 path to a network ?

11. What is Liberal Label Retention ?

Solution:

8. How does the IGP next hop affect the LSP?

9. Why does LDP advertiese all local IPv4 address to a neighbor ?

Follow the same diagram with same address scheme >

Diagram 18:

--->> IPv4 contorl plan build ospf RIB that is used by MPLS control plan

protocol LDP to build their Lable table (LIB) but data plan is quit different.

let us check RIB and binding tabel (LIB) of R2

R2#sh ip route ospf

1.0.0.0/32 is subnetted, 1 subnets

O 1.1.1.1 [110/11] via 10.1.12.1, 00:29:55, FastEthernet0/0

3.0.0.0/32 is subnetted, 1 subnets

O 3.3.3.3 [110/11] via 10.1.23.3, 00:07:39, FastEthernet0/1

R2#sh mpls ldp bin

R2#sh mpls ldp bindings 3.3.3.3

% Incomplete command.

R2#sh mpls ldp bindings 3.3.3.3 32

tib entry: 3.3.3.3/32, rev 6

local binding: tag: 19

remote binding: tsr: 1.1.1.1:0, tag: 502

BGP & MPLS WALKTHROUGH

75

remote binding: tsr: 3.3.3.3:0, tag: imp-null

R2#

you can see the RIB & LIB of route 3.3.3.3 of R2.

10. By default , does the LSP path match the IPv4 path to a network ?

11. What is Liberal Label Retention ?

LSP is driven by the IGP , We can manipulate with the MPLS-TE.

For a given router the upstream and downstream labeling is liberal label

retention.

R2#sh mpls ldp neighbor

Peer LDP Ident: 1.1.1.1:0; Local LDP Ident 2.2.2.2:0

TCP connection: 1.1.1.1.646 - 2.2.2.2.38184

State: Oper; Msgs sent/rcvd: 40/40; Downstream

Up time: 00:28:33

LDP discovery sources:

FastEthernet0/0, Src IP addr: 10.1.12.1

Addresses bound to peer LDP Ident:

10.1.12.1 1.1.1.1

Peer LDP Ident: 3.3.3.3:0; Local LDP Ident 2.2.2.2:0

TCP connection: 3.3.3.3.25942 - 2.2.2.2.646

State: Oper; Msgs sent/rcvd: 21/21; Downstream

Up time: 00:11:48

LDP discovery sources:

FastEthernet0/1, Src IP addr: 10.1.23.3

Addresses bound to peer LDP Ident:

10.1.23.3 3.3.3.3

R2#sh mpls ldp bindings 1.1.1.1 32

tib entry: 1.1.1.1/32, rev 2

local binding: tag: 18

remote binding: tsr: 1.1.1.1:0, tag: imp-null

remote binding: tsr: 3.3.3.3:0, tag: 22

R2#sh mpls ldp bindings 3.3.3.3 32

tib entry: 3.3.3.3/32, rev 6

local binding: tag: 19

remote binding: tsr: 1.1.1.1:0, tag: 502

remote binding: tsr: 3.3.3.3:0, tag: imp-null

R2#sh mpls forwarding-table 1.1.1.1

Local Outgoing Prefix Bytes tag Outgoing Next Hop

tag tag or VC or Tunnel Id switched interface

18 Pop tag 1.1.1.1/32 0 Fa0/0 10.1.12.1

R2#sh mpls forwarding-table 3.3.3.3

Local Outgoing Prefix Bytes tag Outgoing Next Hop

tag tag or VC or Tunnel Id switched interface

19 Pop tag 3.3.3.3/32 0 Fa0/1 10.1.23.3

BGP & MPLS WALKTHROUGH

76

MPLS CHAPTER 4

QUESTIONS:

12a. LSRs that get a packet with an unknown label what it will do ?

12b. What is PHP ?

13. What is relationsip between RIB/FIB , LIB/LFIB CEF ?

14. Which is preferred by CEF: MPLS or IPv4 forwarding ?

15. What are different type of labels used in MPLS ?

Solution:

------->(LSR_ROUTER)------>

12a. LSRs that get a packet with an unknown label what it will do ?

12b. What is PHP ?

14. Which is preferred by CEF: MPLS or IPv4 forwarding ?

When pkt arrieves to router according to its label it forward pkt to next-hop

if it don't have label information it will process according to IGP reachability.

incoming_pkt outgoing_decision(data plan)

IPv4 IPv4 (FIB)

IPv4 MPLS (LFIB)

MPLS MPLS (LFIB)

MPLS IPv4 (FIB)

Penultimate Hop popping (PHP)

. Penultimate means netxt to last

. Normally last hop must ....

- Lookup MPLS Label

- Pop MPLS Label

- Lookup IPv4 destination

. PHP avoids extra lookup on last hop

. Accomplished through implicit NULL label

advertisement for connected prefixes.

13. What is relationsip between RIB/FIB , LIB/LFIB CEF ?

Check the diagram for : RIB/FIB & LIB/LFIB

BGP & MPLS WALKTHROUGH

77

Diagram 19: (LIB/LFIB)

either it is label/unlabelled packet forwarding decision taken place with cef entry.

Diagram 20:

let us check some output on R2 on the given diagram:

for RIB: sh ip ospf 1 rib

BGP & MPLS WALKTHROUGH

78

for FIB

R2#sh ip route ospf 1

1.0.0.0/32 is subnetted, 1 subnets

O 1.1.1.1 [110/11] via 10.1.12.1, 00:45:34, FastEthernet0/0

3.0.0.0/32 is subnetted, 1 subnets

O 3.3.3.3 [110/11] via 10.1.23.3, 00:23:18, FastEthernet0/1

for LIB

R2#sh mpls ldp bindings

tib entry: 1.1.1.1/32, rev 2

local binding: tag: 18

remote binding: tsr: 1.1.1.1:0, tag: imp-null

remote binding: tsr: 3.3.3.3:0, tag: 22

tib entry: 2.2.2.2/32, rev 4

local binding: tag: imp-null

remote binding: tsr: 1.1.1.1:0, tag: 500

remote binding: tsr: 3.3.3.3:0, tag: 23

tib entry: 3.3.3.3/32, rev 6

local binding: tag: 19

remote binding: tsr: 1.1.1.1:0, tag: 502

remote binding: tsr: 3.3.3.3:0, tag: imp-null

tib entry: 10.1.12.0/24, rev 8

local binding: tag: imp-null

remote binding: tsr: 1.1.1.1:0, tag: imp-null

remote binding: tsr: 3.3.3.3:0, tag: 24

tib entry: 10.1.23.0/24, rev 10

local binding: tag: imp-null

remote binding: tsr: 1.1.1.1:0, tag: 501

remote binding: tsr: 3.3.3.3:0, tag: imp-null

for LFIB

R2#sh mpls forwarding-table

Local Outgoing Prefix Bytes tag Outgoing Next Hop

tag tag or VC or Tunnel Id switched interface

18 Pop tag 1.1.1.1/32 0 Fa0/0 10.1.12.1

19 Pop tag 3.3.3.3/32 0 Fa0/1 10.1.23.3

for particular CEF entry:

BGP & MPLS WALKTHROUGH

79

R2#sh ip cef 1.1.1.1 detail

1.1.1.1/32, version 20, epoch 0, cached adjacency 10.1.12.1

0 packets, 0 bytes

tag information set

local tag: 18

via 10.1.12.1, FastEthernet0/0, 0 dependencies

next hop 10.1.12.1, FastEthernet0/0

valid cached adjacency

tag rewrite with Fa0/0, 10.1.12.1, tags imposed: {}

15. What are different type of labels used in MPLS ?

Pop—The top label is removed. The packet is forwarded with the remaining label stack or as an unlabeled

packet.

Swap—The top label is removed and replaced with a new label.

Push—The top label is replaced with a new label (swapped), and one or more labels are added (pushed)

on top of the swapped label.

Untagged/No Label—The stack is removed, and the packet is forwarded unlabeled.

Aggregate—The label stack is removed, and an IP lookup is done on the IP packet.

BGP & MPLS WALKTHROUGH

80

MPLS CHAPTER 5

QUESIONS :

16. How do you view the advertised transport address ?

17. What command changes the LDP router-id ?

18. When & how would you change the advertised transport address ?

19. What is MPLS label format ?

SOLUTIONS :

16. How do you view the advertised transport address ?

17. What command changes the LDP router-id ?

18. When & how would you change the advertised transport address ?

follow our diagram:

Diagram 21:

FOR ROUTER -ID

1. configured

2. highest loopback interface

3. highest physical interface

R2#sh mpls ldp discovery detail

Local LDP Identifier:

2.2.2.2:0

Discovery Sources:

Interfaces:

FastEthernet0/0 (ldp): xmit/recv

Enabled: Interface config

Hello interval: 5000 ms; Transport IP addr: 2.2.2.2

LDP Id: 1.1.1.1:0

Src IP addr: 10.1.12.1; Transport IP addr: 1.1.1.1

BGP & MPLS WALKTHROUGH

81

Hold time: 15 sec; Proposed local/peer: 15/15 sec

Reachable via 1.1.1.1/32

FastEthernet0/1 (ldp): xmit/recv

Enabled: Interface config

Hello interval: 5000 ms; Transport IP addr: 2.2.2.2

LDP Id: 3.3.3.3:0

Src IP addr: 10.1.23.3; Transport IP addr: 3.3.3.3

Hold time: 15 sec; Proposed local/peer: 15/15 sec

Reachable via 3.3.3.3/32

R2#sh ip route ospf

1.0.0.0/32 is subnetted, 1 subnets

O 1.1.1.1 [110/11] via 10.1.12.1, 00:07:49, FastEthernet0/0

3.0.0.0/32 is subnetted, 1 subnets

O 3.3.3.3 [110/11] via 10.1.23.3, 00:07:49, FastEthernet0/1

For R2 local label is 2.2.2.2 remot labels are 1.1.1.1 & 2.2.2.2 which has IGP routes.

for f0/0 transport address 1.1.1.1

for f0/1 transport address 2.2.2.2

Let us traceroute from R1 to R3 loopback :

R1#traceroute 3.3.3.3 source 1.1.1.1

Type escape sequence to abort.

Tracing the route to 3.3.3.3

1 10.1.12.2 [MPLS: Label 17 Exp 0] 44 msec 60 msec 36 msec

2 10.1.23.3 40 msec * 64 msec

if follow the LSP path :

now create new loopback on R2 make this router-id for MPLS path, and do not advertise

into the IGP domain.

Enter configuration commands, one per line. End with CNTL/Z.

R2(config)#int l2

R2(config-if)#ip add 22.2.2.2 255.255.255.255

R2(config-if)#exit

R2(config)#mpls ldp router-id loopback 2 force

and then check the transport-address :

R2#sh mpls ldp discovery detail

Local LDP Identifier:

22.2.2.2:0

Discovery Sources:

Interfaces:

FastEthernet0/0 (ldp): xmit/recv

Enabled: Interface config

Hello interval: 5000 ms; Transport IP addr: 22.2.2.2

LDP Id: 1.1.1.1:0

Src IP addr: 10.1.12.1; Transport IP addr: 1.1.1.1

Hold time: 15 sec; Proposed local/peer: 15/15 sec

Reachable via 1.1.1.1/32

BGP & MPLS WALKTHROUGH

82

FastEthernet0/1 (ldp): xmit/recv

Enabled: Interface config

Hello interval: 5000 ms; Transport IP addr: 22.2.2.2

LDP Id: 3.3.3.3:0

Src IP addr: 10.1.23.3; Transport IP addr: 3.3.3.3

Hold time: 15 sec; Proposed local/peer: 15/15 sec

Reachable via 3.3.3.3/32

So R-ID and transport address has been changed do the tracerout from the R1-R3 loopback

now you can see it does not follow the LSP(mpls) path. ?????

now advertise loopback into ospf on R2

R2(config)#router ospf 1

R2(config-router)#net 22.2.2.2 0.0.0.0 ar 0

R2(config-router)#

*Mar 1 01:13:55.683: %LDP-5-NBRCHG: LDP Neighbor 3.3.3.3:0 (1) is UP

R2(config-router)#

*Mar 1 01:13:56.951: %LDP-5-NBRCHG: LDP Neighbor 1.1.1.1:0 (2) is UP

R1#

*Mar 1 01:13:47.903: %LDP-5-NBRCHG: LDP Neighbor 22.2.2.2:0 (1) is UP

R1#traceroute 3.3.3.3 source 1.1.1.1

Type escape sequence to abort.

Tracing the route to 3.3.3.3

1 10.1.12.2 [MPLS: Label 17 Exp 0] 60 msec 40 msec 44 msec

2 10.1.23.3 56 msec * 48 msec

now it follow the LSP(mpls path) WoW !!!!

19. What is MPLS label format ?

mpls label format:

20 bit label : locally significant to router

3 bit Exp = class of service

S bit = defines last label in the label stack

8 bit TTL

BGP & MPLS WALKTHROUGH

83

MPLS CHAPTER 6

QUUESTIONS :

20. In MPLS L3VPN how do the customer & provider share routes ?

21. Why does a PE have a VRF for each customer ? What is VRF ?

22. Which protocol is used between PE's to advertise VPNv4 routes ?

Solution :

20. In MPLS L3VPN how do the customer & provider share routes ?

21. Why does a PE have a VRF for each customer ? What is VRF ?

HOW MPLS L3VPNs Work

. MPLS L3VPNs have two basic components

. Separation of Customer routing information

-Virtual Routing & Forwarding VRF instance

- Customers have different "virtual" routing tables

. Exchange of customer routing information

- MP-BGP over the MPLS network

- Traffic is label switched towards BGP next-hops

VRF

. each VRF has its own routing table

- show ip route vrf [name | * ]

. Interfaes not in a VRF are in the global table

- show ip route

. VRF and global routes are separate

- implies addressing can overlap in different VRFs

- implies VRFs cant talk to each other because they have no

routes to each other

. VRFs without MPLS is considered "VRF Lite"

PE routers stores routing table of all the customers:

as shown in diagram:

BGP & MPLS WALKTHROUGH

84

Diagram 22:

22. Which protocol is used between PE's to advertise VPNv4 routes ?

Multiprotocol BGP

. RFC 4364 "BGP/MPLS IP Virtual Private Networks (VPNs) "

- MP-BGP define AFI & SAFI 128 as VPN-iPv4 or VPNv4

BGP & MPLS WALKTHROUGH

85

MPLS CHAPTER 7

QUESTIONS :

23. What command is used to enter the "VPNv4 Section" of BGP ?

24. What is use of Extended Community ?

25. Why would you activate VPNv4 capability with an iBGP peer ?

26. What are to commands to activate VPNv4 feature ?

Solution:

23. What command is used to enter the "VPNv4 Section" of BGP ?

24. What is use of Extended Community ?

- VPNv4 Route

. RD + Prefix makes VPN routes globally unique

- MPLS VPN label

. PE routers exchange label for each customer route via VPNv4

- Transport Label

. Label towards PE's BGP next-hop

VPNv4 bgp has two jobs to get the label information , remote label

information.

payload information:

|transport lable|vpn label|IP | TCP | WWW |

(which PE) (which cust)

Route distinguiser (RD)

- ASN:nn or IP-addres:nn

vrf rd are locally significant to give them globally significance

we are using route-targets.

VPNv4 Route Target:

. 8 byte field per RFC 4360 "BGP Extended Communities Attribute"

. Format Similar to route distinguisher

- ASN:nn or IP-addres:nn

. VPNv4 speakers only accept VPNv4 routes with a route-target matching

a local VRF

- Route reflection exception

- no bgp default route-target filter

Controlling VPNv4 Routes:

. Route distinguisher used solely to make route unique

. New BGP extended Community "route-target" used to control

what enters/exits VRF table

. "export" route-target vrf ----> bgp

. "import" vrf <----- bgp

. Allows granular control over what sites have what routes

- import map & export map allow control on a per prefix basis

BGP & MPLS WALKTHROUGH

86

26. What are to commands to activate VPNv4 feature ?

In diagram let us enable VPNv4 on both PE's

Diagram:23

on PE-R1

PE0R1#sh run | se bgp

!

router bgp 100

no synchronization

bgp log-neighbor-changes

neighbor 3.3.3.3 remote-as 100

neighbor 3.3.3.3 update-source Loopback1

no auto-summary

!

address-family vpnv4

neighbor 3.3.3.3 activate

neighbor 3.3.3.3 send-community extended

exit-address-family

!

BGP & MPLS WALKTHROUGH

87

on PE-R3

PE0R3#sh run | se bgp

!

router bgp 100

no synchronization

bgp log-neighbor-changes

neighbor 1.1.1.1 remote-as 100

neighbor 1.1.1.1 update-source Loopback1

no auto-summary

!

address-family vpnv4

neighbor 1.1.1.1 activate

neighbor 1.1.1.1 send-community extended

exit-address-family

some more verification commands:

PE0R1#sh ip bgp neighbors | se capabilities

Neighbor capabilities:

Route refresh: advertised and received(old & new)

Address family IPv4 Unicast: advertised and received

Address family VPNv4 Unicast: advertised and received

# sh control-plan host open-ports

BGP & MPLS WALKTHROUGH

88

MPLS CHAPTER 8

Questions:

27. What keeps your customers routes unique from each other in mBGP ?

28. How do you assign a PE interface to a VRF ?

Solution:

VRF Name R1-PE R3-PE

Cust_site1 101:Cust_site1 101:Cust_site1

Cust_site2 102:Cust_site2 102:Cust_site2

Route Distinguisher

Cust_site1 1.1.1.1:1 3.3.3.3:1

Cust_site2 1.1.1.1:2 3.3.3.3:2

Route Targets

Cust_site1 export 1.1.1.1:101 3.3.3.3:101

Cust_site1 import 3.3.3.3:101 1.1.1.1:101

Cust_site2 export 1.1.1.1:102 3.3.3.3:102

Cust_site2 import 3.3.3.3:102 1.1.1.1:102

Attached interface :

Attached interfaces:

Cust_site1 fa0/1 s0/0

Cust_site2 s0/0 f0/0

Flow of traffic: CE-CE

CE Advertised route -> ipv4 route sent from CE to PE ->Recieved on VRF->

-> Exported to BGP as VPNv4 route with RD/RT -> send PE to PE ->

Imported into VRF based on RT -> IPv4 Route sent from PE to CE -> CE learnd route

BGP & MPLS WALKTHROUGH

89

Let us start the Lab:

How to enable vrf & assign to particular interface:

With our Diagram:

Diagram 24:

PE0R1(config)#ip vrf Cust_site1

PE0R1(config-vrf)#rd 1.1.1.1:1

PE0R1(config-vrf)#route-target export 1.1.1.1:101

PE0R1(config-vrf)#route-target import 3.3.3.3:101

PE0R1(config)#ip vrf Cust_site2

PE0R1(config-vrf)#rd 1.1.1.1:2

PE0R1(config-vrf)#route-target export 1.1.1.1:102

PE0R1(config-vrf)#route-target import 3.3.3.3:102

PE0R1#sh ip vrf

Name Default RD Interfaces

Cust_site1 1.1.1.1:1

Cust_site2 1.1.1.1:2

PE0R1#sh run | se ip vrf

!

ip vrf Cust_site1

rd 1.1.1.1:1

route-target export 1.1.1.1:101

route-target import 3.3.3.3:101

!

ip vrf Cust_site2

rd 1.1.1.1:2

route-target export 1.1.1.1:102

route-target import 3.3.3.3:102

PE0R1#! Assign to particular interface

BGP & MPLS WALKTHROUGH

90

PE0R1#conf t

Enter configuration commands, one per line. End with CNTL/Z.

PE0R1(config)#int fa0/1

PE0R1(config-if)#ip vrf forwarding Cust_site1

% Interface FastEthernet0/1 IP address 10.1.14.1 removed due to enabling VRF Cust_site1

PE0R1(config-if)#ip add 10.1.14.1 255.255.255.0

PE0R1(config-if)#int s0/0

PE0R1(config-if)#ip vrf forwarding Cust_site2

% Interface Serial0/0 IP address 10.1.15.1 removed due to enabling VRF Cust_site2

PE0R1(config-if)#ip add 10.1.15.1 255.255.255.0

PE0R1(config-if)#do sh ip vrf

Name Default RD Interfaces

Cust_site1 1.1.1.1:1 Fa0/1

Cust_site2 1.1.1.1:2 Se0/0

PE0R3(config)#ip vrf Cust_site1

PE0R3(config-vrf)#rd 3.3.3.3:1

PE0R3(config-vrf)#route-target import 1.1.1.1:101

PE0R3(config-vrf)#route-target export 3.3.3.3:101

PE0R3(config-vrf)#ip vrf Cust_site2

PE0R3(config-vrf)#rd 3.3.3.3:2

PE0R3(config-vrf)#route-target import 1.1.1.1:102

PE0R3(config-vrf)#route-target export 3.3.3.3:102

PE0R3(config-vrf)#int s0/0

PE0R3(config-if)#ip vrf forwarding Cust_site1

% Interface Serial0/0 IP address 10.1.36.3 removed due to enabling VRF Cust_site1

PE0R3(config-if)#ip add 10.1.36.3 255.255.255.0

PE0R3(config-if)#int fa0/0

PE0R3(config-if)#ip vrf forwarding Cust_site2

% Interface FastEthernet0/0 IP address 10.1.37.3 removed due to enabling VRF Cust_site2

PE0R3(config-if)#ip add 10.1.37.3 255.255.255.0

PE0R3(config-if)#no sh

PE0R3(config-if)#do sh ip vrf

Name Default RD Interfaces

Cust_site1 3.3.3.3:1 Se0/0

Cust_site2 3.3.3.3:2 Fa0/0

BGP & MPLS WALKTHROUGH

91

PE0R3#sh ip vrf detail

VRF Cust_site1; default RD 3.3.3.3:1; default VPNID <not set>

Interfaces:

Se0/0

Connected addresses are not in global routing table

Export VPN route-target communities

RT:3.3.3.3:101

Import VPN route-target communities

RT:1.1.1.1:101

No import route-map

No export route-map

VRF label distribution protocol: not configured

VRF Cust_site2; default RD 3.3.3.3:2; default VPNID <not set>

Interfaces:

Fa0/0

Connected addresses are not in global routing table

Export VPN route-target communities

RT:3.3.3.3:102

Import VPN route-target communities

RT:1.1.1.1:102

No import route-map

No export route-map

VRF label distribution protocol: not configured

BGP & MPLS WALKTHROUGH

92

MPLS CHAPTER 9

QUESTIONS :

29. Which command shows you the routes inside the VRF ?

30. What does 'address-family ipv4' mean within EIGRP & RIP ?

31. How do you link an OSPF process to a specific VRF ?

Solutions:

Refer the diagram below:

Diagram 25:

29. Which command shows you the routes inside the VRF ?

PE0R1#sh ip route vrf Cust_site1

Routing Table: Cust_site1

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2

i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

ia - IS-IS inter area, * - candidate default, U - per-user static route

o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

4.0.0.0/32 is subnetted, 1 subnets

O 4.4.4.1 [110/11] via 10.1.14.4, 00:13:56, FastEthernet0/1

10.0.0.0/24 is subnetted, 1 subnets

C 10.1.14.0 is directly connected, FastEthernet0/1

BGP & MPLS WALKTHROUGH

93

PE0R1#sh ip route vrf Cust_site2

Routing Table: Cust_site2

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2

i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

ia - IS-IS inter area, * - candidate default, U - per-user static route

o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

5.0.0.0/32 is subnetted, 1 subnets

D 5.5.5.1 [90/2297856] via 10.1.15.5, 00:07:50, Serial0/0

7.0.0.0/32 is subnetted, 1 subnets

B 7.7.7.1 [200/0] via 3.3.3.3, 00:04:47

10.0.0.0/24 is subnetted, 2 subnets

C 10.1.15.0 is directly connected, Serial0/0

B 10.1.37.0 [200/0] via 3.3.3.3, 00:04:47

30. What does 'address-family ipv4' mean within EIGRP & RIP ?

PE0R1#sh run | se eigrp

router eigrp 1

auto-summary

!

address-family ipv4 vrf Cust_site2

network 10.0.0.0

no auto-summary

autonomous-system 15

exit-address-family

PE0R3#sh run | se rip

router rip

version 2

!

address-family ipv4 vrf Cust_site1

network 10.0.0.0

no auto-summary

exit-address-family

BGP & MPLS WALKTHROUGH

94

31. How do you link an OSPF process to a specific VRF ?

32. How to enable BGP within address-family ?

router ospf 101 vrf Cust_site1

log-adjacency-changes

network 10.1.14.0 0.0.0.255 area 0

32. How to enable BGP within address-family ?

PE0R3#sh run | se bgp

router bgp 100

no synchronization

bgp log-neighbor-changes

neighbor 1.1.1.1 remote-as 100

neighbor 1.1.1.1 update-source Loopback1

no auto-summary

!

address-family vpnv4

neighbor 1.1.1.1 activate

neighbor 1.1.1.1 send-community extended

neighbor 1.1.1.1 next-hop-self

exit-address-family

!

address-family ipv4 vrf Cust_site2

neighbor 10.1.37.7 remote-as 200

neighbor 10.1.37.7 activate

no synchronization

exit-address-family

!

BGP & MPLS WALKTHROUGH

95

MPLS CHAPTER 10

QUESTIONS:

33. Why is redistribution needed in MPLS L3VPN ?

34. When is a RD, RT and VPN label added to a route ?

35. In BGP configuration are you causing an Import or Export ?

Solution :

33. Why is redistribution needed in MPLS L3VPN ?

--> For the Communication of VRF aware routes of PE to global routes of

CE we are doing redistribution.

34. When is a RD, RT and VPN label added to a route ?

CE Advertised route -> ipv4 route sent from CE to PE ->Recieved on VRF->

-> Exported to BGP as VPNv4 route with RD/RT -> send PE to PE ->

Imported into VRF based on RT -> IPv4 Route sent from PE to CE -> CE learnd route

--> when routes Reaches from CE to PE , PE export routes to MPBGP with

Local RD , RT(export) and send to other PE router.

35. In BGP configuration are you causing an Import or Export ?

--> It depends upon which MPLS topology we are using :

VPNv4 routes can have more than one route target

allows for complex VPN topologies

full mesh

import and export same everywhere

hub and spoke

spokes import only hubs routes

Central services

Multiple VPNs can import from a central site or from a central serv

Managment VPNs

Management Loopback on CE routers can be exported into special

management VPN.

Let us do it with our example:

BGP & MPLS WALKTHROUGH

96

Diagram 26:

PE0R1 CONFIG :

PE0R1#sh run | se ospf

router ospf 101 vrf Cust_site1

log-adjacency-changes

redistribute bgp 100 metric 555 subnets

network 10.1.14.0 0.0.0.255 area 0

router ospf 1

log-adjacency-changes

network 0.0.0.0 255.255.255.255 area 0

redistribute ospf 101 vrf Cust_site1

PE0R1#sh run | se eigrp

router eigrp 1

auto-summary

!

address-family ipv4 vrf Cust_site2

redistribute bgp 100 metric 1 1 1 1 1

network 10.0.0.0

no auto-summary

autonomous-system 15

exit-address-family

router eigrp 15

auto-summary

redistribute eigrp 15

PE0R1#sh run | se bgp

redistribute bgp 100 metric 1 1 1 1 1

redistribute bgp 100 metric 555 subnets

router bgp 100

no synchronization

BGP & MPLS WALKTHROUGH

97

bgp log-neighbor-changes

neighbor 3.3.3.3 remote-as 100

neighbor 3.3.3.3 update-source Loopback1

no auto-summary

!

address-family vpnv4

neighbor 3.3.3.3 activate

neighbor 3.3.3.3 send-community extended

exit-address-family

!

address-family ipv4 vrf Cust_site2

redistribute eigrp 15

no synchronization

exit-address-family

!

address-family ipv4 vrf Cust_site1

redistribute ospf 101 vrf Cust_site1

no synchronization

exit-address-family

PE0R1#sh bgp vpnv4 unicast vrf Cust_site1

BGP table version is 17, local router ID is 1.1.1.1

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path

Route Distinguisher: 1.1.1.1:1 (default for vrf Cust_site1)

*> 4.4.4.1/32 10.1.14.4 11 32768 ?

*>i6.6.6.1/32 3.3.3.3 1 100 0 ?

*> 10.1.14.0/24 0.0.0.0 0 32768 ?

*>i10.1.36.0/24 3.3.3.3 0 100 0 ?

PE0R1#sh bgp vpnv4 unicast vrf Cust_site1 4.4.4.1/32

BGP routing table entry for 1.1.1.1:1:4.4.4.1/32, version 8

Paths: (1 available, best #1, table Cust_site1)

Advertised to update-groups:

1

Local

10.1.14.4 from 0.0.0.0 (1.1.1.1)

Origin incomplete, metric 11, localpref 100, weight 32768, valid, sourced, best

Extended Community: OSPF DOMAIN ID:0x0005:0x000000650200 RT:1.1.1.1:101

OSPF RT:0.0.0.0:2:0 OSPF ROUTER ID:10.1.14.1:0

mpls labels in/out 503/nolabel

PE0R1#sh bgp vpnv4 unicast vrf Cust_site1 6.6.6.1/32

BGP routing table entry for 1.1.1.1:1:6.6.6.1/32, version 16

Paths: (1 available, best #1, table Cust_site1)

Not advertised to any peer

Local, imported path from 3.3.3.3:1:6.6.6.1/32

3.3.3.3 (metric 21) from 3.3.3.3 (3.3.3.3)

Origin incomplete, metric 1, localpref 100, valid, internal, best

Extended Community: RT:3.3.3.3:101

BGP & MPLS WALKTHROUGH

98

mpls labels in/out nolabel/21

FOR ROUTER PE0R3:

PE0R3#sh run | se rip

router rip

version 2

!

address-family ipv4 vrf Cust_site1

redistribute bgp 100 metric 3

network 10.0.0.0

no auto-summary

exit-address-family

redistribute rip

PE0R3#sh run | se bgp

redistribute bgp 100 metric 3

router bgp 100

no synchronization

bgp log-neighbor-changes

neighbor 1.1.1.1 remote-as 100

neighbor 1.1.1.1 update-source Loopback1

no auto-summary

!

address-family vpnv4

neighbor 1.1.1.1 activate

neighbor 1.1.1.1 send-community extended

neighbor 1.1.1.1 next-hop-self

exit-address-family

!

address-family ipv4 vrf Cust_site2

neighbor 10.1.37.7 remote-as 200

neighbor 10.1.37.7 activate

no synchronization

exit-address-family

!

address-family ipv4 vrf Cust_site1

redistribute rip

no synchronization

exit-address-family

PE0R3#sh bgp vpnv4 unicast vrf Cust_site1

BGP table version is 16, local router ID is 3.3.3.3

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path

Route Distinguisher: 3.3.3.3:1 (default for vrf Cust_site1)

*>i4.4.4.1/32 1.1.1.1 11 100 0 ?

*> 6.6.6.1/32 10.1.36.6 1 32768 ?

*>i10.1.14.0/24 1.1.1.1 0 100 0 ?

BGP & MPLS WALKTHROUGH

99

*> 10.1.36.0/24 0.0.0.0 0 32768 ?

PE0R3#sh bgp vpnv4 unicast vrf Cust_site2

BGP table version is 16, local router ID is 3.3.3.3

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path

Route Distinguisher: 3.3.3.3:2 (default for vrf Cust_site2)

*>i5.5.5.1/32 1.1.1.1 2297856 100 0 ?

*> 7.7.7.1/32 10.1.37.7 0 0 200 ?

*>i10.1.15.0/24 1.1.1.1 0 100 0 ?

r> 10.1.37.0/24 10.1.37.7 0 0 200 ?

PE0R3#sh bgp vpnv4 unicast vrf Cust_site2 5.5.5.1/32

BGP routing table entry for 3.3.3.3:2:5.5.5.1/32, version 11

Paths: (1 available, best #1, table Cust_site2)

Advertised to update-groups:

1

Local, imported path from 1.1.1.1:2:5.5.5.1/32

1.1.1.1 (metric 21) from 1.1.1.1 (1.1.1.1)

Origin incomplete, metric 2297856, localpref 100, valid, internal, best

Extended Community: RT:1.1.1.1:102

Cost:pre-bestpath:128:2297856 (default-2145185791) 0x8800:32768:0

0x8801:15:640000 0x8802:65281:1657856 0x8803:65281:1500

mpls labels in/out nolabel/505

PE0R3#sh bgp vpnv4 unicast vrf Cust_site2 7.7.7.1/32

BGP routing table entry for 3.3.3.3:2:7.7.7.1/32, version 2

Paths: (1 available, best #1, table Cust_site2)

Advertised to update-groups:

2

200

10.1.37.7 from 10.1.37.7 (7.7.7.1)

Origin incomplete, metric 0, localpref 100, valid, external, best

Extended Community: RT:3.3.3.3:102

mpls labels in/out 19/nolabel

BGP & MPLS WALKTHROUGH

100

MPLS CHAPTER 11 (TROUBLESHOOTING & FULL CONFIG )

In this blog you will get full config & troubleshooting steps:

Points:

1. VRF ( RD , RT import -- RT export )

2. Assign VRF

3. Enable VRF aware Routing Process

4. VPNv4 Peers ( PE routers redistibuted routes)

5. Redistribution

Troubleshooting of mpls vpn

we check the control plan & data plan

sh ip vrf

sh ip vrf detail

- we can check the import and export

sh ip route vrf Cust_site1

- checking routes are coming or not

sh bgp vpnv4 unicast vrf Cust_site2

- it is redistributed on bgp or not

sh bgp vpnv4 unicast vrf Cust_site1 4.4.4.1/32

attributes of vrf

debug mpls packates

sh bgp vpnv4 unicast all

sh bgp vpnv4 unicast all 4.4.4.1/32

sh mpls interfaces

To check the mpls labels :

trasport label| vpnv4 label| payload

which PE which Customer

26|25|icmp

25 is vpnv4 label not changed . it will changed at PE router.

sh ip bgp vpnv4 rd 1.1.1.1:1 labels

sh ip bgp vpnv4 rd 1.1.1.1:2 labels

sh bgp vpnv4 unicast vrf Cust_site1 labels

sh bgp vpnv4 unicast vrf Cust_site2 labels

sh ip cef vrf Cust_site1 4.4.4.1

sh ip cef vrf Cust_site1 6.6.6.1

PE0R1#sh ip cef vrf Cust_site1 6.6.6.1

6.6.6.1/32, version 22, epoch 0, cached adjacency 10.1.12.2

0 packets, 0 bytes

tag information set

local tag: VPN-route-head

fast tag rewrite with Fa0/0, 10.1.12.2, tags imposed: {16 21}

via 3.3.3.3, 0 dependencies, recursive

next hop 10.1.12.2, FastEthernet0/0 via 3.3.3.3/32

BGP & MPLS WALKTHROUGH

101

valid cached adjacency

tag rewrite with Fa0/0, 10.1.12.2, tags imposed: {16 21}

{16 21} here : 16 is top label and 21 is vpn label .

===============================================================

config file of this lab:

Diagram 27:

----- Config----

!

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname PE0R1

!

boot-start-marker

boot-end-marker

!

!

no aaa new-model

memory-size iomem 5

ip cef

BGP & MPLS WALKTHROUGH

102

!

!

!

!

ip vrf Cust_site1

rd 1.1.1.1:1

route-target export 1.1.1.1:101

route-target import 3.3.3.3:101

!

ip vrf Cust_site2

rd 1.1.1.1:2

route-target export 1.1.1.1:102

route-target import 3.3.3.3:102

!

no ip domain lookup

ip auth-proxy max-nodata-conns 3

ip admission max-nodata-conns 3

!

mpls label range 500 599

!

!

interface Loopback1

ip address 1.1.1.1 255.255.255.255

!

interface FastEthernet0/0

ip address 10.1.12.1 255.255.255.0

duplex auto

speed auto

mpls ip

!

interface Serial0/0

ip vrf forwarding Cust_site2

ip address 10.1.15.1 255.255.255.0

clock rate 2000000

!

interface FastEthernet0/1

ip vrf forwarding Cust_site1

ip address 10.1.14.1 255.255.255.0

duplex auto

speed auto

!

interface Serial0/1

no ip address

shutdown

BGP & MPLS WALKTHROUGH

103

clock rate 2000000

!

router eigrp 1

auto-summary

!

address-family ipv4 vrf Cust_site2

redistribute bgp 100 metric 1 1 1 1 1

network 10.0.0.0

no auto-summary

autonomous-system 15

exit-address-family

!

router eigrp 15

auto-summary

!

router ospf 101 vrf Cust_site1

log-adjacency-changes

redistribute bgp 100 metric 555 subnets

network 10.1.14.0 0.0.0.255 area 0

!

router ospf 1

log-adjacency-changes

network 0.0.0.0 255.255.255.255 area 0

!

router bgp 100

no synchronization

bgp log-neighbor-changes

neighbor 3.3.3.3 remote-as 100

neighbor 3.3.3.3 update-source Loopback1

no auto-summary

!

address-family vpnv4

neighbor 3.3.3.3 activate

neighbor 3.3.3.3 send-community extended

exit-address-family

!

address-family ipv4 vrf Cust_site2

redistribute eigrp 15

no synchronization

exit-address-family

!

address-family ipv4 vrf Cust_site1

redistribute ospf 101 vrf Cust_site1

no synchronization

BGP & MPLS WALKTHROUGH

104

exit-address-family

!

ip forward-protocol nd

!

!

line con 0

exec-timeout 0 0

logging synchronous

line aux 0

line vty 0 4

login

!

!

end

============================================

!

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname P0R2

!

boot-start-marker

boot-end-marker

!

!

no aaa new-model

memory-size iomem 5

ip cef

!

!

!

!

interface Loopback1

ip address 2.2.2.2 255.255.255.255

!

interface FastEthernet0/0

ip address 10.1.12.2 255.255.255.0

duplex auto

speed auto

mpls ip

!

BGP & MPLS WALKTHROUGH

105

interface FastEthernet0/1

ip address 10.1.23.2 255.255.255.0

duplex auto

speed auto

mpls ip

!

router ospf 1

log-adjacency-changes

network 0.0.0.0 255.255.255.255 area 0

!

ip forward-protocol nd

!

!

no ip http server

no ip http secure-server

!

line con 0

exec-timeout 0 0

logging synchronous

line aux 0

line vty 0 4

login

!

!

end

==================================================

!

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname PE0R3

!

boot-start-marker

boot-end-marker

!

!

no aaa new-model

memory-size iomem 5

ip cef

!

!

BGP & MPLS WALKTHROUGH

106

!

!

ip vrf Cust_site1

rd 3.3.3.3:1

route-target export 3.3.3.3:101

route-target import 1.1.1.1:101

!

ip vrf Cust_site2

rd 3.3.3.3:2

route-target export 3.3.3.3:102

route-target import 1.1.1.1:102

!

no ip domain lookup

ip auth-proxy max-nodata-conns 3

ip admission max-nodata-conns 3

!

!

interface Loopback1

ip address 3.3.3.3 255.255.255.255

!

interface FastEthernet0/0

ip vrf forwarding Cust_site2

ip address 10.1.37.3 255.255.255.0

duplex auto

speed auto

!

interface Serial0/0

ip vrf forwarding Cust_site1

ip address 10.1.36.3 255.255.255.0

clock rate 2000000

!

interface FastEthernet0/1

ip address 10.1.23.3 255.255.255.0

duplex auto

speed auto

mpls ip

!

interface Serial0/1

no ip address

shutdown

clock rate 2000000

!

router ospf 1

log-adjacency-changes

BGP & MPLS WALKTHROUGH

107

network 0.0.0.0 255.255.255.255 area 0

!

router rip

version 2

!

address-family ipv4 vrf Cust_site1

redistribute bgp 100 metric 3

network 10.0.0.0

no auto-summary

exit-address-family

!

router bgp 100

no synchronization

bgp log-neighbor-changes

neighbor 1.1.1.1 remote-as 100

neighbor 1.1.1.1 update-source Loopback1

no auto-summary

!

address-family vpnv4

neighbor 1.1.1.1 activate

neighbor 1.1.1.1 send-community extended

neighbor 1.1.1.1 next-hop-self

exit-address-family

!

address-family ipv4 vrf Cust_site2

neighbor 10.1.37.7 remote-as 200

neighbor 10.1.37.7 activate

no synchronization

exit-address-family

!

address-family ipv4 vrf Cust_site1

redistribute rip

no synchronization

exit-address-family

!

ip forward-protocol nd

!

!

line con 0

exec-timeout 0 0

logging synchronous

line aux 0

line vty 0 4

login

BGP & MPLS WALKTHROUGH

108

!

!

end

====================================================

!

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname R4

!

boot-start-marker

boot-end-marker

!

!

no aaa new-model

memory-size iomem 5

ip cef

!

!

interface Loopback1

ip address 4.4.4.1 255.255.255.255

!

interface FastEthernet0/0

no ip address

shutdown

duplex auto

speed auto

!

interface FastEthernet0/1

ip address 10.1.14.4 255.255.255.0

duplex auto

speed auto

!

router ospf 1

log-adjacency-changes

network 4.4.4.1 0.0.0.0 area 0

network 10.1.14.0 0.0.0.255 area 0

!

ip forward-protocol nd

!

!

BGP & MPLS WALKTHROUGH

109

line con 0

exec-timeout 0 0

logging synchronous

line aux 0

line vty 0 4

login

!

!

end

==================================================

!

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname R5

!

boot-start-marker

boot-end-marker

!

!

no aaa new-model

memory-size iomem 5

ip cef

!

!

interface Loopback1

ip address 5.5.5.1 255.255.255.255

!

interface FastEthernet0/0

no ip address

shutdown

duplex auto

speed auto

!

interface Serial0/0

ip address 10.1.15.5 255.255.255.0

clock rate 2000000

!

interface FastEthernet0/1

no ip address

shutdown

BGP & MPLS WALKTHROUGH

110

duplex auto

speed auto

!

interface Serial0/1

no ip address

shutdown

clock rate 2000000

!

router eigrp 15

network 5.0.0.0

network 10.0.0.0

no auto-summary

!

line con 0

exec-timeout 0 0

logging synchronous

line aux 0

line vty 0 4

login

!

!

end

================================================

!

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname R6

!

boot-start-marker

boot-end-marker

!

!

no aaa new-model

memory-size iomem 5

ip cef

!

!

interface Loopback1

ip address 6.6.6.1 255.255.255.255

!

BGP & MPLS WALKTHROUGH

111

interface FastEthernet0/0

no ip address

shutdown

duplex auto

speed auto

!

interface Serial0/0

ip address 10.1.36.6 255.255.255.0

clock rate 2000000

!

interface FastEthernet0/1

no ip address

shutdown

duplex auto

speed auto

!

interface Serial0/1

no ip address

shutdown

clock rate 2000000

!

router rip

version 2

network 6.0.0.0

network 10.0.0.0

no auto-summary

!

ip forward-protocol nd

!

line con 0

exec-timeout 0 0

logging synchronous

line aux 0

line vty 0 4

login

!

!

end

==============================================

!

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

BGP & MPLS WALKTHROUGH

112

no service password-encryption

!

hostname R7

!

boot-start-marker

boot-end-marker

!

!

no aaa new-model

memory-size iomem 5

ip cef

!

!

interface Loopback1

ip address 7.7.7.1 255.255.255.255

!

interface FastEthernet0/0

ip address 10.1.37.7 255.255.255.0

duplex auto

speed auto

!

interface Serial0/0

no ip address

shutdown

clock rate 2000000

!

router bgp 200

no synchronization

bgp log-neighbor-changes

redistribute connected

neighbor 10.1.37.3 remote-as 100

no auto-summary

!

line con 0

exec-timeout 0 0

logging synchronous

line aux 0

line vty 0 4

login

!

!

end

================================================

BGP & MPLS WALKTHROUGH

113

Acronyms and Abbreviations

This appendix identifies abbreviations, acronyms, and initialisms used in this book and in the

internetworking industry.

Acronym Expanded Term

3DES Triple DES

6-to-4 IPv6-to-IPv4

AAA Authentication, authorization, accounting

ABR Area Border Router

ACL access control list

ACS Access Control Server

AD advertised distance

ADSL asymmetric DSL

AES Advanced Encryption Standard

AfriNIC African Network Information Centre

AH Authentication Header

ALG application layer gateway

ANSI American National Standards Institute

AON Application-Oriented Networking

API application programming interface

APNIC Asia Pacific Network Information Center

ARCNET Attached Resource Comp. Net. Acronym Expanded Term

ARIN American Registry for Internet Numbers

ARP Address Resolution Protocol

AS autonomous system

ASA Adaptive Security Appliance

ASBR Autonomous System Boundary Router

ATM Asynchronous Transfer Mode

AToM Any Transport over MPLS

BDR Backup Designated Router

BGP Border Gateway Protocol

BGPv4 or BGP-4 BGP Version 4

BIS Bump-in-the-Stack

BPDU bridge protocol data unit

bps bits per second

BRI Basic Rate Interface

BSCI Building Scalable Cisco Internetworks

CATV community antenna television

CBAC context-based access control

CCDP Cisco Certified Design Professional

CCNA Cisco Certified Network Associate

CCNP Cisco Certified Network Professional

CCSP Cisco Certified Security Professional

BGP & MPLS WALKTHROUGH

114

CDP Cisco Discovery Protocol

CE Customer Edge

CEF Cisco Express Forwarding

CEFv6 Cisco Express Forwarding for IPv6

CIDR classless interdomain routing

CIR committed information rate

CMTS Cable modem termination system

CO Central office

CoS class of service

CPE customer provider edge customer premise equipment

CPU central processing unit

CSM Cisco Security Manager

CSMA/CD carrier sense multiple access collision detect

DAD Duplicate address detection Acronym Expanded Term

DBD database description packets

DDP database description packets

DES Data Encryption Standard

DESGN Designing for Cisco Internetwork Solutions

DHCP Dynamic Host Configuration Protocol

DHCPv6 DHCP for IPv6

DiffServ Differentiated Services

DLCI data-link connection identifier

DMVPN Dynamic multipoint VPN

DNA DoNotAge

DNS Domain Name Service or Domain Name System

DoD Department of Defense

DR designated router

DSL digital subscriber line

DSLAM DSL access multiplexer

DUAL Diffusing Update Algorithm

E1 External Type 1

E2 External Type 2

EAP Extensible Authentication Protocol

EBGP External BGP

e-bit external bit

EGP Exterior Gateway Protocol

EIGRP Enhanced Interior Gateway Routing Protocol

EoMPLS Ethernet over MPLS

ESP Encapsulating Security Payload

EUI-64 extended universal identifier 64-bit

FD feasible distance

FCAPS Fault, Configuration, Accounting, Performance, and

Security

FDDI Fiber Distributed Data Interface

BGP & MPLS WALKTHROUGH

115

FEC forwarding equivalence class

FIB Forwarding Information Base

FLSM fixed-length subnet mask

FS feasible successor

FTP File Transfer Protocol

Gbps gigabits per second

GET Group encrypted transport

GRE Generic Routing Encapsulation

HDLC High-Level Data Link Control

HFC hybrid fiber-coaxial

HSRP Hot Standby Router Protocol

HTTP Hypertext Transfer Protocol

Hz hertz

IANA Internet Assigned Numbers Authority

IBGP Internal BGP

ICMP Internet Control Message Protocol

ID identifier

IDP initial domain part

IDRP Interdomain Routing Protocol

IEEE Institute of Electrical and Electronics Engineers

IETF Internet Engineering Task Force

IGMP Internet Group Management Protocol

IGP Interior Gateway Protocol

IGRP Interior Gateway Routing Protocol

IIN Intelligent Information Network

IKE Internet Key Exchange

IntServ Integrated Services

IOS Internet Operating System

IP Internet Protocol

IPCP Internet Protocol Control Protocol

IPM Internetwork Performance Monitor

IPsec IP security

IPv4 IP Version 4

IPv6 IP Version 6

IPX Internetwork Packet Exchange

IS 1. information systems

2. intermediate system

ISAKMP Internet Security Association and Key

Management Protocol

ISATAP Intra-Site Automatic Tunnel Addressing

IS-IS Intermediate System-to-Intermediate System

IS-ISv6 IS-IS for IPv6

ISDN Integrated Services Digital Network

ISO International Organization for Standardization

BGP & MPLS WALKTHROUGH

116

ISP Internet service provider

ISR integrated services router

ITIL IT Infrastructure Library

ITU-T International Telecommunication Union

Telecommunication Standardization Sector kbps kilobits per second

L3 Level 3

LACNIC Latin American and Caribbean IP Address Regional

Registry

LAN local-area network

LANE LAN Emulation

LS link state

LSA link-state advertisement

LSAck link-state acknowledgment

LSDB link-state database

LSP link-state packet

LSR link-state request

LSU link-state update

M metric

MAC Media Access Control

MAN metropolitan-area network

MB megabyte

MBGP Multiprotocol BGP

Mbps megabits per second

MD5 message digest algorithm 5

MED Multi-Exit-Discriminator

MIB Management Information Base

MLD Multicast Listener Discovery

MOSPF Multicast OSPF

MP-BGP4 Multiprotocol Border Gateway Protocol Version 4

MPLS Multiprotocol Label Switching

MTU maximum transmission unit

NA Neighbor advertisement

NAC Network Admission Control

NAT Network Address Translation

NAT-T NAT Traversal

NAT-PT NAT-Protocol Translation

NBMA nonbroadcast multiaccess

NCP Network control protocol

ND Neighbor discovery

NLRI Network Layer Reachability Information

NMS Network Management System

NS Neighbor solicitation

NSSA not-so-stubby area

NTP Network Time Protocol

BGP & MPLS WALKTHROUGH

117

ODR on-demand routing

OER Optimized Edge Routing

OS operating system

OSI Open System Interconnection

OSPF Open Shortest Path First

OSPFv2 OSPF Version 2

OSPFv3 OSPF Version 3

OUI organizationally unique identifier

P2P Point-to-point

PAT Port Address Translation

PBR policy-based routing

PBX Private Branch Exchange

PDM protocol-dependent module

PDU protocol data unit

PE Provider Edge

POP point of presence

POTS plain old telephone service

PPDIOO Prepare, Plan, Design, Implement, Operate,

Optimize

PPP Point-to-Point Protocol

PPPoA PPP over ATM

PPPoE PPP over Ethernet

pps packets per second

PPTP Point-to-Point Tunneling Protocol

PRI Primary Rate Interface

PSTN public switched telephone network

PVC permanent virtual circuit

QoS quality of service

RA Router advertisement

RF Radio frequency

RFC Request For Comments

RIB Routing Information Base

RIP Routing Information Protocol

RIPE-NCC Réseaux IP Européens-Network Coordination

Center

RIPng Routing Information Protocol new generation

RIPv1 Routing Information Protocol Version 1

RIPv2 Routing Information Protocol Version 2

RIR Regional Internet registries

RPF Reverse Path Forwarding

RR route reflector

RRI reverse route injection

RS Router solicitation

RSVP Resource Reservation Protocol

BGP & MPLS WALKTHROUGH

118

RTO retransmit timeout

RTP Reliable Transport Protocol

RTT round-trip time

RTTMON Round-Trip Time Monitor

SA security association

SDSL Symmetric DSL

SHA Secure hash

SHDSL single-pair high-speed DSL

SIA stuck in active

SIN ships in the night

SLAs Service level agreements

SM source metric

SMTP Simple Mail Transfer Protocol

SNAP Subnetwork Access Protocol

SNMP Simple Network Management Protocol

SOHO small office/home office

SONA Service-Oriented Network Architecture

SP Service Provider

SPF shortest path first

SPT shortest path tree

SPX Sequenced Packet Exchange

SRTT smooth round-trip time

ssh secure shell

SSL Secure socket layer

STP 1. shielded twisted-pair

2. Spanning Tree Protocol

SVC switched virtual circuit

SYN Synchronize

TCP Transmission Control Protocol

TCP/IP Transmission Control Protocol/Internet

Protocol

TFTP Trivial File Transfer Protocol

TLV Type, Length, Value

TMN Telecommunications Management

Network

ToS type of service

TTL Time To Live

UDP User Datagram Protocol

U/L Universal/Local

URL Uniform Resource Locator

UTP unshielded twisted-pair

VC virtual circuit

VDSL very high bitrate DSL

VLAN virtual LAN

BGP & MPLS WALKTHROUGH

119

VLSM variable-length subnet mask

VoD video on demand

VoIP Voice over IP

VPN virtual private network

VRF VPN routing and forwarding

VT video telephony

VTI Virtual tunnel interface

VTP VLAN Trunking Protocol

vty virtual terminal

WAN wide-area network

WAAS Wide Area Application Services

WCCP Web Cache Communications Protocol

WFQ weighted fair queuing

WiMAX Worldwide Interoperability for Microwave Access

WLAN wireless LAN

WRED weighted random early detection

WWW World Wide Web

ZBF zone-based firewall