BGP & MPLS WALKTHROUGH
1
Topics covered related to BGP:
1. What BGP ASNs Values?
2. What is iBGP & eBGP ?
3. How BGP form iBGP relationship ,which port it uses for transport ?
4. What are bgp Packets & bgp States ?
5. What is EBGP vs iBGP Peering rules ?
6. How to Configure EBGP relationship ?
7. Use of network command in BGP ?
8. How to advertise network with redistribute command in BGP ?
9. While using redistribution use ip-prefix list ?
10. Use automatic-aggregation & manual summarization ?
11. What is BGP Default Path Selection ?
12. What is route-map ?
13. Configure NL Fast ISP routers to use OSPF as an IGP.
- Configure network statements as a specific as possible.
- only advertise internal (private) networks.
- Use a hello interval of one second & dead of three seconds.
14. Configure full-mess iBGP peers between all routers within NLFast
(due to BGP Split Horizon)
- Peers should fail over based on the IGP if any key internal links fail
(create loopbacks as necessary)
- Disable BGP Synchronization (if necessary) .
15.Configure eBGP peers between NLFAst ISP & Uplink ISP1 , UPlink ISP2 & Cust1 routers.
- For additional practice , you will be configure the NL Fast ISP, Uplink ISP2
and Cust1 routers.
- On Connections where link redundancy is possible , peer using loopback
interface (create static route if required)
- The Cust1 router should advertise its assigned network via BGP.
- Configure authentication between all eBGP peers using a password of your choice.
- Set logical descriptions for each neighbor in the BGP Process.
- Cust1 is private-as.(64512-65535)
16.Announce networks into BGP appropriately
- ISP1 & ISP2 routers should use filtered redistribution to announce
their networks . Only advertiese loopbacks network.
- The Cust1 router should annonce its network with network command.
- The NL Fast ISP routers R1 & R2 should advertise the WAN link
subnet (currently 150.1.0.0/24) using a class C subnet mask.
17. Verification:
- Verify all expected neighbors are forming (show ip bgp summary)
Topics covered related to BGP:
BGP & MPLS WALKTHROUGH
2
- Verify all expected routes appear (show ip bgp/show ip route)
- ISP1/ISP2 should see and be able to ping:
. Cust1 routes
. NL Fast ISP WAN subnet (150.1.0.0/24)
- Cust1 should see & able to ping :
. ISP1/ISP2 loopback networks
18. Short notes on regular-expressions .
19. lab:for ISP1 it will not accept AS300 prefix, for ISP2 it will not accept AS200 prefix.
20. lab: back-to-back connection between ISP1-ISP2, but ISP1 it will learn 150.1.0.0/24
prefixes via NLFAST ISP to ISP2 to ISP1.(use reg-exp to perform these tasks)
21. Task:
According to Diagram:
- use private AS for client(Cust1).
- Send network 172.16.1.1 as primary to ISP1 & secondary to ISP2
- Send network 192.168.1.1 as primary to ISP2 & secondary to ISP1
- Use as-prepend for this task.
- Remove private-as while sending cust1 network to ISP's.
22. What is prefix-list ?
23. What is BGP Community ?
24: What is BGP Community Syntax ?
25a: What are different types of BGP Communities ?
26. What is Confederation ?
27. How to Design Confederation ?
28. What is BGP Process ?
29. How to improve BGP ?
30. What is peer-groups in BGP ?
31. What is BGP route Dampening ?
BGP & MPLS WALKTHROUGH
3
BGP CHAPTER 1
QUESTIONS:
1. What BGP ASNs Values?
2. What is iBGP & eBGP ?
3. How BGP form iBGP relationship ,which port it uses for transport ?
4. What are bgp Packets & bgp States ?
Solution:
1. What BGP ASNs Values?
-->
BGP ASN VALUES
. Originally 2-byte field
- Values 0-65535
- Public ASNs 1 - 64511
- Private ASNs 64512 - 65535
4-Byte BGP ASNs
. 0.0 - 65535.65535 notation
- 0.[0-65535] denote original 2byte ASNs
. Requires backwards compatibility with old code
- 4 Byte ASN support negotiated during capability excha
- "old" BGP speakers are sent ASdot numbers encoded as
ASN "23456"
- Real AS-path encoded with optional transitive
attributes AS4_AGGREGATOR and AS4_PATH
2. What is iBGP & eBGP ?
--->
BGP Peering Types:
. External BGP (EBGP) Peers
- Neighbours outside my Autonomous System
. Internal BGP (iBGP) Peers
-Neighbours inside my Autonomous System
. Update and path selection rules change depending
on what type of peer a route is being sent to/received from
BGP & MPLS WALKTHROUGH
4
3. How BGP form iBGP relationship ,which port it uses for transport ?
--->
Diagram 1: (three BGP AS’s ) in AS 123 we have ibgp relationship
refer the diagram create iBGP relationship between R1 & R2
!
router bgp 123
no synchronization
bgp log-neighbor-changes
neighbor 2.2.2.2 remote-as 123
neighbor 2.2.2.2 update-source Loopback1
!
R2#sh run | se bgp
router bgp 123
no synchronization
bgp log-neighbor-changes
neighbor 1.1.1.1 remote-as 123
neighbor 1.1.1.1 update-source Loopback1
!
Debug ip bgp all
R2#debu ip bgp all
BGP debugging is on for all address families
R2#
*Mar 1 00:31:55.143: BGP: 1.1.1.1 remote close, state CLOSEWAIT
*Mar 1 00:31:55.143: BGP: 1.1.1.1 -reset the session
*Mar 1 00:31:55.147: BGPNSF state: 1.1.1.1 went from nsf_not_active to nsf_not_active
*Mar 1 00:31:55.147: BGP: 1.1.1.1 went from Established to Idle
*Mar 1 00:31:55.147: %BGP-5-ADJCHANGE: neighbor 1.1.1.1 Down Peer closed the session
R2#
*Mar 1 00:31:55.147: BGP: 1.1.1.1 closing
*Mar 1 00:31:55.923: BGP: 1.1.1.1 passive open to 2.2.2.2
BGP & MPLS WALKTHROUGH
5
*Mar 1 00:31:55.923: BGP: 1.1.1.1 went from Idle to Connect
*Mar 1 00:31:55.931: BGP: 1.1.1.1 rcv message type 1, length (excl. header) 26
*Mar 1 00:31:55.931: BGP: 1.1.1.1 rcv OPEN, version 4, holdtime 180 seconds
*Mar 1 00:31:55.931: BGP: 1.1.1.1 went from Connect to OpenSent
*Mar 1 00:31:55.931: BGP: 1.1.1.1 sending OPEN, version 4, my as: 123, holdtime 180 seconds
*Mar 1 00:31:55.931: BGP: 1.1.1.1 rcv OPEN w/ OPTION parameter len: 16
*Mar 1 00:31:55.931: BGP: 1.1.1.1 rcvd OPEN w/ optional parameter type 2 (Capability) len 6
*Mar 1 00:31:55.935: BGP: 1.1.1.1 OPEN has CAPABILITY code: 1, length 4
*Mar 1 00:31:55.935: BGP: 1.1.1.1 OPEN has MP_EXT CAP for afi/safi: 1/1
*Mar 1 00:31:55.935: BGP: 1.1.1.1 rcvd OPEN w/ optional parameter type 2 (Capability) len 2
*Mar 1 00:31:55.935: BGP: 1.1.1.1 OPEN has CAPABILITY code: 128, length 0
*Mar 1 00:31:55.935: BGP: 1.1.1.1 OPEN has ROUTE-REFRESH capability(old) for all address-
families
*Mar 1 00:31:55.939: BGP: 1.1.1.1 rcvd OPEN w/ optional parameter type 2 (Capability) len 2
*Mar 1 00:31:55.939: BGP: 1.1.1.1 OPEN has CAPABILITY code: 2, length 0
*Mar 1 00:31:55.939: BGP: 1.1.1.1 OPEN has ROUTE-REFRESH capability(new) for all address-
families
BGP: 1.1.1.1 rcvd OPEN w/ remote AS 123
*Mar 1 00:31:55.939: BGP: 1.1.1.1 went from OpenSent to OpenConfirm
*Mar 1 00:31:55.939: BGP: 1.1.1.1 send message type 1, length (incl. header) 45
*Mar 1 00:31:56.011: BGP: 1.1.1.1 went from OpenConfirm to Established
*Mar 1 00:31:56.015: %BGP-5-ADJCHANGE: neighbor 1.1.1.1 Up
R2#
R1#sh tcp brief
TCB Local Address Foreign Address (state)
65C5AFFC 1.1.1.1.54578 2.2.2.2.179 TIMEWAIT
65C5B78C 1.1.1.1.61545 2.2.2.2.179 ESTAB
R2#sh tcp brief
TCB Local Address Foreign Address (state)
64DD3C24 2.2.2.2.179 1.1.1.1.61545 ESTAB
R2 is bgp-server because it uses port nos 179.
4. What are bgp Packets & bgp States ?
BGP Packets
> OPEN
> UPDATE
> KEEPALIVE
> NOTIFICATION
BGP STATES:
> IDLE
> ACTIVE
> OPEN SENT
> OPEN CONFIRM
> ESTABLISHED
BGP & MPLS WALKTHROUGH
6
BGP CHAPTER 2
QUESTIONS:
5. What is EBGP vs iBGP Peering rules ?
6. How to Configure EBGP relationship ?
7. Use of network command in BGP ? Solution:
5. What is EBGP vs iBGP Peering rules ?
iBGP Peering Rules:
. iBGP packets default to TTL 255
- implies neighbours do not have to be connected as long
as IGP reachability exists
. Loop prevention via route filtering
- iBGP learned routes cannot be advertised on to another
iBGP neighbor.
- implies need for either....
. Fully meshed iBGP peerings
. Route reflection
. Confederation
EBGP Peering Rules:
. EBGP packets default to TTL 1
- Can be modified if neighbors are multiple hops away
. neighbor ebgp-multihop [ttl]
. neighbor ttl-security hops [ttl]
. Non multi-hop peers must be directly connected by
default
- can be modified if connected neighbours via loopbacks
. neighbor disable-connected-check
. Loop prevention via AS-PATH
- Local ASN is "prepended" to outbound updates
- inbound updates containing local ASN are discarded
- can be modified with neighbor allows-in
EBGP Peering Rules:
. Next-hop processing:
- outbound EBGP updates have local update-source for
neighbor set as next-hop
.E.g if update-source is Loopback0 , next-hop is Loopb0
- Can be modifed with route-map action set ip next-hop but
typically shoudn't
. E.g "Third Party" next-hop
6. How to Configure EBGP neighbour relationship ? . EBGP packets default to TTL 1
- can be modified if connected neighbours via loopbacks
. neighbor disable-connected-check
- Can be modified if neighbors are multiple hops away
. neighbor ebgp-multihop [ttl]
BGP & MPLS WALKTHROUGH
7
. neighbor ttl-security hops [ttl]
in our case make bgp relationship with ISP1 with its loopback
----->
Diagram 2: Creating Neighbour relationship between ISP1 & R2, with their loopbacks
First i am using neighbor disable-connected-check
then using neighbor ebgp-multihop [ttl]
R2#sh run | se bgp
router bgp 123
no synchronization
bgp log-neighbor-changes
neighbor 1.1.1.1 remote-as 123
neighbor 1.1.1.1 update-source Loopback1
neighbor 3.3.3.3 remote-as 123
neighbor 3.3.3.3 update-source Loopback1
neighbor 4.4.4.4 remote-as 444
neighbor 4.4.4.4 disable-connected-check
neighbor 4.4.4.4 update-source Loopback1
no auto-summary
R2#sh run | se ip route
ip route 4.4.4.4 255.255.255.255 10.1.24.4
ISP1#sh run | se bgp
router bgp 444
no synchronization
bgp log-neighbor-changes
neighbor 2.2.2.2 remote-as 123
neighbor 2.2.2.2 disable-connected-check
neighbor 2.2.2.2 update-source Loopback4
no auto-summary
ISP1#
*Mar 1 00:30:46.959: %BGP-5-ADJCHANGE: neighbor 2.2.2.2 Up
BGP & MPLS WALKTHROUGH
8
----------- now using neighbor ebgp-multihop -----
R2(config-router)#do sh run | se bgp
router bgp 123
no synchronization
bgp log-neighbor-changes
neighbor 1.1.1.1 remote-as 123
neighbor 1.1.1.1 update-source Loopback1
neighbor 3.3.3.3 remote-as 123
neighbor 3.3.3.3 update-source Loopback1
neighbor 4.4.4.4 remote-as 444
neighbor 4.4.4.4 ebgp-multihop 3
neighbor 4.4.4.4 update-source Loopback1
no auto-summary
R2(config-router)#
*Mar 1 00:32:53.127: %BGP-5-ADJCHANGE: neighbor 4.4.4.4 Up
ISP1#sh run | se bgp
router bgp 444
no synchronization
bgp log-neighbor-changes
neighbor 2.2.2.2 remote-as 123
neighbor 2.2.2.2 ebgp-multihop 3
neighbor 2.2.2.2 update-source Loopback4
no auto-summary
ISP1#sh ip bgp su
BGP router identifier 4.4.4.4, local AS number 444
BGP table version is 1, main routing table version 1
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
2.2.2.2 4 123 17 17 1 0 0 00:00:16 0
7. Use of network command in BGP ? --->
Network command of bgp takes routes of your routing table and
advertise it via bgp.
Here advertising 4.4.4.1-4 of ISP1 ot AS 123
ISP1#sh ip bgp
BGP table version is 5, local router ID is 4.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 4.4.4.1/32 0.0.0.0 0 32768 i
*> 4.4.4.2/32 0.0.0.0 0 32768 i
*> 4.4.4.3/32 0.0.0.0 0 32768 i
*> 4.4.4.4/32 0.0.0.0 0 32768 i
BGP & MPLS WALKTHROUGH
9
ISP1#sh run | se bgp
router bgp 444
no synchronization
bgp log-neighbor-changes
network 4.4.4.1 mask 255.255.255.255
network 4.4.4.2 mask 255.255.255.255
network 4.4.4.3 mask 255.255.255.255
network 4.4.4.4 mask 255.255.255.255
neighbor 2.2.2.2 remote-as 123
neighbor 2.2.2.2 ebgp-multihop 3
neighbor 2.2.2.2 update-source Loopback4
no auto-summary
!
check this route on R2 & R1 also
!
R2#sh ip bgp
BGP table version is 6, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 4.4.4.1/32 4.4.4.4 0 0 444 i
*> 4.4.4.2/32 4.4.4.4 0 0 444 i
*> 4.4.4.3/32 4.4.4.4 0 0 444 i
r> 4.4.4.4/32 4.4.4.4 0 0 444 i
R1#sh ip bgp
BGP table version is 1, local router ID is 1.1.1.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
* i4.4.4.1/32 4.4.4.4 0 100 0 444 i
* i4.4.4.2/32 4.4.4.4 0 100 0 444 i
* i4.4.4.3/32 4.4.4.4 0 100 0 444 i
* i4.4.4.4/32 4.4.4.4 0 100 0 444 i
R1#
BGP & MPLS WALKTHROUGH
10
BGP CHAPTER 3
QUESTIONS:
8. How to advertise network with redistribute command in BGP ?
9. While using redistribution use ip-prefix list ?
10. Use automatic-aggregation & manual summarization ? Solution:
8. How to advertise network with redistribute command in BGP ?
9. While using redistribution use ip-prefix list ?
diag:--<>
Diagram 3: ( bgp advertisement )
Advertise 1.1.1.1-4 out of 1.1.1.1-6 from AS 123 to AS 444 using
redistribution.
Strategy:
from R1 : send networks 1.1.1.1-6/32 & filter these routes at R2
on R2 make route-map , send network 1.1.1.1-4 via redistribute keyword
& rest of network via IGP option.
on R1
router bgp 123
redistribute connected
on R2
!
R2#sh run | se ip prefix
ip prefix-list LOOPBACK_OF_R1 seq 10 permit 1.1.1.1/32
ip prefix-list LOOPBACK_OF_R1 seq 20 permit 1.1.1.2/32
ip prefix-list LOOPBACK_OF_R1 seq 30 permit 1.1.1.3/32
ip prefix-list LOOPBACK_OF_R1 seq 40 permit 1.1.1.4/32
R2#sh run | se route-map
neighbor 4.4.4.4 route-map FILTER out
route-map FILTER permit 10
match ip address prefix-list LOOPBACK_OF_R1
route-map FILTER permit 20
set origin igp
!
BGP & MPLS WALKTHROUGH
11
R2#sh run | se bgp
router bgp 123
neighbor 4.4.4.4 update-source Loopback1
neighbor 4.4.4.4 route-map FILTER out
no auto-summary
!
check output on ISP1
!
ISP1#sh ip bgp
BGP table version is 13, local router ID is 4.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.1/32 2.2.2.2 0 123 ?
*> 1.1.1.2/32 2.2.2.2 0 123 ?
*> 1.1.1.3/32 2.2.2.2 0 123 ?
*> 1.1.1.4/32 2.2.2.2 0 123 ?
*> 1.1.1.5/32 2.2.2.2 0 123 i
*> 1.1.1.6/32 2.2.2.2 0 123 i
*> 4.4.4.1/32 0.0.0.0 0 32768 i
*> 4.4.4.2/32 0.0.0.0 0 32768 i
*> 4.4.4.3/32 0.0.0.0 0 32768 i
*> 4.4.4.4/32 0.0.0.0 0 32768 i
*> 10.1.12.0/24 2.2.2.2 0 123 i
*> 10.1.13.0/24 2.2.2.2 0 123 i
!
10. Use automatic-aggregation & manual summarization ?
Same diagram as above:
While sending 1.1.1.1-6/32 network from R2 to ISP1 first do the
automatic summarization then manual-summarization with null0 options.
---->
Diagram 4( aggregation of AS 123 network)
BGP & MPLS WALKTHROUGH
12
on R2
R2(config-router)#aggregate-address 1.1.1.0 255.255.255.248
on ISP1
ISP1#sh ip bgp
BGP table version is 14, local router ID is 4.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.0/29 2.2.2.2 0 0 123 i
*> 1.1.1.1/32 2.2.2.2 0 123 ?
*> 1.1.1.2/32 2.2.2.2 0 123 ?
*> 1.1.1.3/32 2.2.2.2 0 123 ?
*> 1.1.1.4/32 2.2.2.2 0 123 ?
*> 1.1.1.5/32 2.2.2.2 0 123 i
*> 1.1.1.6/32 2.2.2.2 0 123 i
*> 4.4.4.1/32 0.0.0.0 0 32768 i
*> 4.4.4.2/32 0.0.0.0 0 32768 i
*> 4.4.4.3/32 0.0.0.0 0 32768 i
*> 4.4.4.4/32 0.0.0.0 0 32768 i
*> 10.1.12.0/24 2.2.2.2 0 123 i
*> 10.1.13.0/24 2.2.2.2 0 123 i
u will get summary but all other routes are shown , if we use the
R2(config-router)#aggregate-address 1.1.1.0 255.255.255.248 summary-only
then what will happen let us see:
ISP1#sh ip bgp
BGP table version is 8, local router ID is 4.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.0/29 2.2.2.2 0 0 123 i
*> 4.4.4.1/32 0.0.0.0 0 32768 i
*> 4.4.4.2/32 0.0.0.0 0 32768 i
*> 4.4.4.3/32 0.0.0.0 0 32768 i
*> 4.4.4.4/32 0.0.0.0 0 32768 i
*> 10.1.12.0/24 2.2.2.2 0 123 i
*> 10.1.13.0/24 2.2.2.2 0 123 i
it suppress all the 1.1.1.0 network.
------> but this is not the way in production network in production
we are using manual summarization .
!
R2(config-router)#do sh run | se ip route
ip route 1.1.1.0 255.255.255.248 Null0
ip route 4.4.4.4 255.255.255.255 10.1.24.4
BGP & MPLS WALKTHROUGH
13
!
R2(config-router)#do sh run | se bgp
router bgp 123
redistribute static
!
ISP1#sh ip bgp
BGP table version is 6, local router ID is 4.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.0/29 2.2.2.2 0 0 123 ?
*> 4.4.4.1/32 0.0.0.0 0 32768 i
*> 4.4.4.2/32 0.0.0.0 0 32768 i
*> 4.4.4.3/32 0.0.0.0 0 32768 i
* 4.4.4.4/32 2.2.2.2 0 0 123 ?
*> 0.0.0.0 0 32768 i
BGP & MPLS WALKTHROUGH
14
BGP CHAPTER 4
QUESTIONS:
11. What is BGP Default Path Selection ?
12. What is route-map ?
Solution:
11.What is BGP Default Path Selection ?
Prefer the route with the highest weight (a local, Cisco-proprietary parameter).
Prefer the route with the highest local preference.
Prefer locally-originated routes over those learned from a neighbor.
Prefer the route with the shortest AS path.
Prefer IGP-learned routes over those with an unknown origin.
Prefer the route with the lowest MED (per AS).
Prefer EBGP-learned routes over IBGP-learned routes.
Prefer the route whose next-hop address has the lowest IGP metric.
Multipath determination
If a best path exists, prefer it over newer routes.
Prefer the route from the router with the lowest router ID.
If the router IDs match, prefer the lowest neighbor IP address.
12. What is route-map ?
An ordered list of statements processed similar to an access-list.
Perform a series of if > then statements (match /set)
Typically used for :
Modifying BGP attributes
Policy Routing
Route Filtering
BGP & MPLS WALKTHROUGH
15
BGP CHAPTER 5 (LAB)
QUESTIONS:
ACCORDING TO DIAGRAM:
13. Configure NL Fast ISP routers to use OSPF as an IGP.
- Configure network statements as a specific as possible.
- only advertise internal (private) networks.
- Use a hello interval of one second & dead of three seconds.
14. Configure full-mess iBGP peers between all routers within NLFast
(due to BGP Split Horizon)
- Peers should fail over based on the IGP if any key internal links fail
(create loopbacks as necessary)
- Disable BGP Synchronization (if necessary) .
SOLUTION:
13. Configure NL Fast ISP routers to use OSPF as an IGP.
- Configure network statements as a specific as possible.
- only advertise internal (private) networks.
- Use a hello interval of one second & dead of three seconds. ------>
Diagram 5( setup the network according to point 13)
R1:config:
R1#sh run | se ospf
router ospf 1
log-adjacency-changes
network 1.1.1.1 0.0.0.0 area 0
network 10.1.1.0 0.0.0.3 area 0
network 10.1.1.4 0.0.0.3 area 0
!
BGP & MPLS WALKTHROUGH
16
interface Serial0/2
ip address 10.1.1.1 255.255.255.252
ip ospf dead-interval minimal hello-multiplier 3
clock rate 2000000
end
R1#sh run int s0/3
Building configuration...
Current configuration : 134 bytes
!
interface Serial0/3
ip address 10.1.1.5 255.255.255.252
ip ospf dead-interval minimal hello-multiplier 3
clock rate 2000000
end
!
R2:config :
!
router ospf 1
network 2.2.2.2 0.0.0.0 area 0
network 10.1.1.4 0.0.0.3 area 0
network 10.1.1.8 0.0.0.3 area 0
!
!
interface Serial0/2
ip address 10.1.1.9 255.255.255.252
ip ospf dead-interval minimal hello-multiplier 3
clock rate 2000000
end
R2#sh run int s0/3
Building configuration...
Current configuration : 134 bytes
!
interface Serial0/3
ip address 10.1.1.6 255.255.255.252
ip ospf dead-interval minimal hello-multiplier 3
clock rate 2000000
end
!
R3 config :
!
R3#sh run | se ospf
!
router ospf 1
log-adjacency-changes
network 3.3.3.3 0.0.0.0 area 0
network 10.1.1.0 0.0.0.3 area 0
BGP & MPLS WALKTHROUGH
17
network 10.1.1.12 0.0.0.3 area 0
!
!
interface Serial0/2
ip address 10.1.1.2 255.255.255.252
ip ospf dead-interval minimal hello-multiplier 3
clock rate 2000000
end
!
interface Serial0/1
ip address 10.1.1.13 255.255.255.252
ip ospf dead-interval minimal hello-multiplier 3
clock rate 2000000
end
!
R4: config:
!
R4(config-router)#do sh run | se ospf
router ospf 1
log-adjacency-changes
network 4.4.4.4 0.0.0.0 area 0
network 10.1.1.8 0.0.0.3 area 0
network 10.1.1.12 0.0.0.3 area 0
!
!
interface Serial0/2
ip address 10.1.1.10 255.255.255.252
ip ospf dead-interval minimal hello-multiplier 3
clock rate 2000000
end
!
interface Serial0/1
ip address 10.1.1.14 255.255.255.252
ip ospf dead-interval minimal hello-multiplier 3
clock rate 2000000
end
14. Configure full-mess iBGP peers between all routers within NLFast
(due to BGP Split Horizon)
- Peers should fail over based on the IGP if any key internal links fail
(create loopbacks as necessary)
- Disable BGP Synchronization (if necessary) .
------->
BGP & MPLS WALKTHROUGH
18
Diagram 6:
R1: Config :
R1#sh run | se bgp
!
router bgp 1234
no synchronization
bgp log-neighbor-changes
neighbor 2.2.2.2 remote-as 1234
neighbor 2.2.2.2 update-source Loopback1
neighbor 3.3.3.3 remote-as 1234
neighbor 3.3.3.3 update-source Loopback1
neighbor 4.4.4.4 remote-as 1234
neighbor 4.4.4.4 update-source Loopback1
no auto-summary
!
R1#sh ip bgp su
BGP router identifier 1.1.1.1, local AS number 1234
BGP table version is 1, main routing table version 1
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
2.2.2.2 4 1234 13 14 1 0 0 00:10:17 0
3.3.3.3 4 1234 12 13 1 0 0 00:09:40 0
4.4.4.4 4 1234 13 13 1 0 0 00:09:04 0
!
R2: config :
R2#sh run | se bgp
router bgp 1234
no synchronization
bgp log-neighbor-changes
neighbor 1.1.1.1 remote-as 1234
neighbor 1.1.1.1 update-source Loopback1
neighbor 3.3.3.3 remote-as 1234
BGP & MPLS WALKTHROUGH
19
neighbor 3.3.3.3 update-source Loopback1
neighbor 4.4.4.4 remote-as 1234
neighbor 4.4.4.4 update-source Loopback1
no auto-summary
!
!
R2#sh ip bgp summary
BGP router identifier 2.2.2.2, local AS number 1234
BGP table version is 1, main routing table version 1
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
1.1.1.1 4 1234 14 13 1 0 0 00:10:55 0
3.3.3.3 4 1234 13 13 1 0 0 00:09:53 0
4.4.4.4 4 1234 13 13 1 0 0 00:09:13 0
!
R3: config:
!
R3#sh run | se bgp
router bgp 1234
no synchronization
bgp log-neighbor-changes
neighbor 1.1.1.1 remote-as 1234
neighbor 1.1.1.1 update-source Loopback1
neighbor 2.2.2.2 remote-as 1234
neighbor 2.2.2.2 update-source Loopback1
neighbor 4.4.4.4 remote-as 1234
neighbor 4.4.4.4 update-source Loopback1
no auto-summary
!
R3#sh ip bgp su
BGP router identifier 3.3.3.3, local AS number 1234
BGP table version is 1, main routing table version 1
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
1.1.1.1 4 1234 15 14 1 0 0 00:11:22 0
2.2.2.2 4 1234 14 14 1 0 0 00:10:58 0
4.4.4.4 4 1234 14 14 1 0 0 00:10:07 0
!
BGP & MPLS WALKTHROUGH
20
R4 config:
R4(config-router)#do sh run | se bgp
router bgp 1234
no synchronization
bgp log-neighbor-changes
neighbor 1.1.1.1 remote-as 1234
neighbor 1.1.1.1 update-source Loopback1
neighbor 2.2.2.2 remote-as 1234
neighbor 2.2.2.2 update-source Loopback1
neighbor 3.3.3.3 remote-as 1234
neighbor 3.3.3.3 update-source Loopback1
no auto-summary
!
R4(config-router)#do sh ip bgp summary
BGP router identifier 4.4.4.4, local AS number 1234
BGP table version is 1, main routing table version 1
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
1.1.1.1 4 1234 15 15 1 0 0 00:11:30 0
2.2.2.2 4 1234 15 15 1 0 0 00:11:01 0
3.3.3.3 4 1234 14 14 1 0 0 00:10:50 0
!
BGP & MPLS WALKTHROUGH
21
BGP CHAPTER 6:(LAB-CONTINUE)
QUESTIONS:
15.Configure eBGP peers between NLFAst ISP & Uplink ISP1 , UPlink ISP2 & Cust1 routers.
- For additional practice , you will be configure the NL Fast ISP, Uplink ISP2
and Cust1 routers.
- On Connections where link redundancy is possible , peer using loopback
interface (create static route if required)
- The Cust1 router should advertise its assigned network via BGP.
- Configure authentication between all eBGP peers using a password of your choice.
- Set logical descriptions for each neighbor in the BGP Process.
- Cust1 is private-as.(64512-65535)
Solution:
---->
Diagram 7:
R1:config:
!
router bgp 1234
neighbor 11.1.1.1 remote-as 200
neighbor 11.1.1.1 description "link to ISP1"
neighbor 11.1.1.1 password cisco
neighbor 11.1.1.1 ebgp-multihop 2
neighbor 11.1.1.1 update-source Loopback1
!
R1(config-router)#do sh run | se ip route
ip route 11.1.1.1 255.255.255.255 17.9.1.1
ip route 11.1.1.1 255.255.255.255 17.9.1.5
BGP & MPLS WALKTHROUGH
22
!
R2: config:
!
router bgp 1234
neighbor 22.1.1.1 remote-as 300
neighbor 22.1.1.1 description "link to ISP2"
neighbor 22.1.1.1 password cisco
neighbor 22.1.1.1 ebgp-multihop 2
neighbor 22.1.1.1 update-source Loopback1
no auto-summary
!
R2(config-router)#do sh run | se ip route
ip route 22.1.1.1 255.255.255.255 180.1.5.1
ip route 22.1.1.1 255.255.255.255 180.1.5.5
!
R3: config:
!
router bgp 1234
neighbor 150.1.0.2 remote-as 64512
neighbor 150.1.0.2 description "Cust1 link"
no auto-summary
!
Cust1:config:
router bgp 64512
neighbor 150.1.0.1 remote-as 1234
neighbor 150.1.0.1 description "link to R3"
no auto-summary
!
ISP1:config:
!
router bgp 200
no synchronization
bgp log-neighbor-changes
neighbor 1.1.1.1 remote-as 1234
neighbor 1.1.1.1 description "link to R1"
neighbor 1.1.1.1 password cisco
neighbor 1.1.1.1 ebgp-multihop 2
neighbor 1.1.1.1 update-source Loopback1
!
BGP & MPLS WALKTHROUGH
23
ISP1#sh run | se ip route
ip route 1.1.1.1 255.255.255.255 17.9.1.2
ip route 1.1.1.1 255.255.255.255 17.9.1.6
!
ISP2:config:
!
ISP2#sh run | se bgp
router bgp 300
no synchronization
bgp log-neighbor-changes
neighbor 2.2.2.2 remote-as 1234
neighbor 2.2.2.2 description "link to R2"
neighbor 2.2.2.2 password cisco
neighbor 2.2.2.2 ebgp-multihop 2
neighbor 2.2.2.2 update-source Loopback1
no auto-summary
ISP2#sh run | se ip route
ip route 2.2.2.2 255.255.255.255 180.1.5.2
ip route 2.2.2.2 255.255.255.255 180.1.5.6
!
Output on R1:
R1(config-router)#do sh ip bgp summary
BGP router identifier 1.1.1.1, local AS number 1234
BGP table version is 1, main routing table version 1
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
2.2.2.2 4 1234 62 63 1 0 0 00:59:14 0
3.3.3.3 4 1234 61 62 1 0 0 00:58:37 0
4.4.4.4 4 1234 62 62 1 0 0 00:58:01 0
11.1.1.1 4 200 37 37 1 0 0 00:33:08 0
BGP & MPLS WALKTHROUGH
24
BGP CHAPTER 7 (LAB-CONTINUE)
QUESTIONS:
16.Announce networks into BGP appropriately
- ISP1 & ISP2 routers should use filtered redistribution to announce
their networks . Only advertiese loopbacks network.
- The Cust1 router should annonce its network with network command.
- The NL Fast ISP routers R1 & R2 should advertise the WAN link
subnet (currently 150.1.0.0/24) using a class C subnet mask.
17. Verification:
- Verify all expected neighbors are forming (show ip bgp summary)
- Verify all expected routes appear (show ip bgp/show ip route)
- ISP1/ISP2 should see and be able to ping:
. Cust1 routes
. NL Fast ISP WAN subnet (150.1.0.0/24)
- Cust1 should see & able to ping :
. ISP1/ISP2 loopback networks
SOLUTION: ---->
16.Announce networks into BGP appropriately
- ISP1 & ISP2 routers should use filtered redistribution to announce
their networks . Only advertiese loopbacks network.
- The Cust1 router should annonce its network with network command.
- The NL Fast ISP routers R1 & R2 should advertise the WAN link
subnet (currently 150.1.0.0/24) using a class C subnet mask. !
Diagram 8:
!
ISP1:config:
ISP1#sh run | se ip prefix
!
BGP & MPLS WALKTHROUGH
25
ip prefix-list LOOP seq 10 permit 11.1.1.1/32
ip prefix-list LOOP seq 20 permit 11.1.1.2/32
ip prefix-list LOOP seq 30 permit 11.1.1.3/32
!
ISP1#sh run | se route-map
redistribute connected route-map RLOOP
route-map RLOOP permit 10
match ip address prefix-list LOOP
!
ISP1#sh run | se bgp
router bgp 200
redistribute connected route-map RLOOP
!
ISP2:config:
ISP2#sh run | se ip prefix
ip prefix-list LOOP seq 10 permit 22.1.1.1/32
ip prefix-list LOOP seq 20 permit 22.1.1.2/32
ip prefix-list LOOP seq 30 permit 22.1.1.3/32
ISP2#sh run | se route-map
redistribute connected route-map RLOOP
route-map RLOOP permit 10
match ip address prefix-list LOOP
ISP2#sh run | se bgp | redistri
router bgp 300
redistribute connected route-map RLOOP
!
- The Cust1 router should annonce its network with network command. Cust1: config:
!
Cust1#sh run | se bgp
router bgp 64512
network 150.1.1.0 mask 255.255.255.0
!
R1:
! Peer ISP1 with this config so that ISP's network learnt by internal
! protocol.
ip prefix-list LOOP1 seq 10 permit 11.1.1.1/32
route-map OSPF_REDIS
mat ip address prefix LOOP1
router ospf 1
redistribut static route-map OSPF_REDIS metric 50 subnets
!
R2:
! Peer ISP2 with this config so that ISP's network learnt by internal
! protocol.
ip prefix-list LOOP1 seq 10 permit 22.1.1.1/32
route-map OSPF_REDIS
mat ip address prefix LOOP1
router ospf 1
redistribut static route-map OSPF_REDIS metric 50 subnets
BGP & MPLS WALKTHROUGH
26
!
on R3: config:
router ospf 1
passive-interface Serial0/0
network 150.1.0.1 0.0.0.0 area 0
!
giving customer the default route:
router bgp 1234
neighbor 150.1.0.2 default-originate
!
so R1 can ping to Cust1
!
While R1,R2 advertise Cust1 network it removes the private as nos:
so on R1, R2 do this:
!on R1
neighbor 11.1.1.1 remove-private-as
!on R2
neighbor 22.1.1.1 remove-private-as
!
Advertise 150.1.0.0 from NLfast datacentre to ISP1 & ISP2:
on R1, R2
!
ip route 150.1.0.0 255.255.255.0 null0
router bgp 1234
net 150.1.0.0 mask 255.255.255.0
!
17. Verification:
- Verify all expected neighbors are forming (show ip bgp summary)
- Verify all expected routes appear (show ip bgp/show ip route)
- ISP1/ISP2 should see and be able to ping:
. Cust1 routes
. NL Fast ISP WAN subnet (150.1.0.0/24)
- Cust1 should see & able to ping :
. ISP1/ISP2 loopback networks
--> R1#sh ip bgp su
BGP router identifier 1.1.1.1, local AS number 1234
BGP table version is 80, main routing table version 80
8 network entries using 936 bytes of memory
9 path entries using 468 bytes of memory
6/4 BGP path/bestpath attribute entries using 744 bytes of memory
3 BGP AS-PATH entries using 72 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 2220 total bytes of memory
BGP activity 20/12 prefixes, 34/25 paths, scan interval 60 secs
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
2.2.2.2 4 1234 252 248 80 0 0 02:16:12 4
3.3.3.3 4 1234 237 245 80 0 0 01:51:24 1
BGP & MPLS WALKTHROUGH
27
4.4.4.4 4 1234 236 246 80 0 0 01:51:15 0
11.1.1.1 4 200 216 248 80 0 0 01:53:04 3
R1#sh ip bgp
BGP table version is 80, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
r> 11.1.1.1/32 11.1.1.1 0 0 200 ?
*> 11.1.1.2/32 11.1.1.1 0 0 200 ?
*> 11.1.1.3/32 11.1.1.1 0 0 200 ?
r>i22.1.1.1/32 22.1.1.1 0 100 0 300 ?
*>i22.1.1.2/32 22.1.1.1 0 100 0 300 ?
*>i22.1.1.3/32 22.1.1.1 0 100 0 300 ?
* i150.1.0.0/24 2.2.2.2 0 100 0 i
*> 0.0.0.0 0 32768 i
*>i150.1.1.0/24 150.1.0.2 0 100 0 64512 i
R1#
!
R2#sh ip bgp
BGP table version is 105, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
r>i11.1.1.1/32 11.1.1.1 0 100 0 200 ?
*>i11.1.1.2/32 11.1.1.1 0 100 0 200 ?
*>i11.1.1.3/32 11.1.1.1 0 100 0 200 ?
r> 22.1.1.1/32 22.1.1.1 0 0 300 ?
*> 22.1.1.2/32 22.1.1.1 0 0 300 ?
*> 22.1.1.3/32 22.1.1.1 0 0 300 ?
*> 150.1.0.0/24 0.0.0.0 0 32768 i
* i 1.1.1.1 0 100 0 i
*>i150.1.1.0/24 150.1.0.2 0 100 0 64512 i
R2#
*Mar 1 04:05:34.506: %SYS-5-CONFIG_I: Configured from console by console
BGP & MPLS WALKTHROUGH
28
R2#sh ip bgp
BGP table version is 105, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
r>i11.1.1.1/32 11.1.1.1 0 100 0 200 ?
*>i11.1.1.2/32 11.1.1.1 0 100 0 200 ?
*>i11.1.1.3/32 11.1.1.1 0 100 0 200 ?
r> 22.1.1.1/32 22.1.1.1 0 0 300 ?
*> 22.1.1.2/32 22.1.1.1 0 0 300 ?
*> 22.1.1.3/32 22.1.1.1 0 0 300 ?
*> 150.1.0.0/24 0.0.0.0 0 32768 i
* i 1.1.1.1 0 100 0 i
*>i150.1.1.0/24 150.1.0.2 0 100 0 64512 i
!
!
- ISP1/ISP2 should see and be able to ping:
. Cust1 routes
. NL Fast ISP WAN subnet (150.1.0.0/24)
- Cust1 should see & able to ping :
. ISP1/ISP2 loopback networks
!
on R2 & R1: !Cisco best practise , use IGP to advertise next-hop address
!
router ospf 1
net 180.1.5.0 0.0.0.255 ar 0
passive-interface se0/1
passive-interface s0/0
!
!
router ospf 1
net 17.9.1.0 0.0.0.255 ar 0
passive-interface se0/1
passive-interface s0/0
!
ISP1#traceroute 150.1.1.2
Type escape sequence to abort.
Tracing the route to 150.1.1.2
1 17.9.1.6 8 msec
17.9.1.2 0 msec
17.9.1.6 0 msec
2 10.1.1.2 4 msec 208 msec 96 msec
3 150.1.0.2 [AS 1234] 208 msec * 92 msec
BGP & MPLS WALKTHROUGH
29
ISP1#ping 150.1.1.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 150.1.1.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 104/161/224 ms
!
ISP2#traceroute 150.1.0.2
Type escape sequence to abort.
Tracing the route to 150.1.0.2
1 180.1.5.6 216 msec
180.1.5.2 104 msec
180.1.5.6 100 msec
2 10.1.1.10 192 msec 48 msec 0 msec
3 10.1.1.13 44 msec 228 msec 180 msec
4 150.1.0.2 [AS 1234] 156 msec * 300 msec
ISP2#ping 150.1.0.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 150.1.0.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 68/123/172 ms
!
BGP & MPLS WALKTHROUGH
30
BGP CHAPTER 8 (includes chap 5,6,7) FULL LAB:
13. Configure NL Fast ISP routers to use OSPF as an IGP.
- Configure network statements as a specific as possible.
- only advertise internal (private) networks.
- Use a hello interval of one second & dead of three seconds.
14. Configure full-mess iBGP peers between all routers within NLFast
(due to BGP Split Horizon)
- Peers should fail over based on the IGP if any key internal links fail
(create loopbacks as necessary)
- Disable BGP Synchronization (if necessary) .
15.Configure eBGP peers between NLFAst ISP & Uplink ISP1 , UPlink ISP2 & Cust1 routers.
- For additional practice , you will be configure the NL Fast ISP, Uplink ISP2
and Cust1 routers.
- On Connections where link redundancy is possible , peer using loopback
interface (create static route if required)
- The Cust1 router should advertise its assigned network via BGP.
- Configure authentication between all eBGP peers using a password of your choice.
- Set logical descriptions for each neighbor in the BGP Process.
- Cust1 is private-as.(64512-65535)
16.Announce networks into BGP appropriately
- ISP1 & ISP2 routers should use filtered redistribution to announce
their networks . Only advertiese loopbacks network.
- The Cust1 router should annonce its network with network command.
- The NL Fast ISP routers R1 & R2 should advertise the WAN link
subnet (currently 150.1.0.0/24) using a class C subnet mask.
17. Verification:
- Verify all expected neighbors are forming (show ip bgp summary)
- Verify all expected routes appear (show ip bgp/show ip route)
- ISP1/ISP2 should see and be able to ping:
. Cust1 routes
. NL Fast ISP WAN subnet (150.1.0.0/24)
- Cust1 should see & able to ping :
. ISP1/ISP2 loopback networks
BGP & MPLS WALKTHROUGH
31
Diagram 9:
hostname R1
!
interface Loopback1
ip address 1.1.1.1 255.255.255.255
!
interface Serial0/0
ip address 17.9.1.2 255.255.255.252
clock rate 2000000
!
interface Serial0/1
ip address 17.9.1.6 255.255.255.252
clock rate 2000000
!
interface Serial0/2
ip address 10.1.1.1 255.255.255.252
ip ospf dead-interval minimal hello-multiplier 3
clock rate 2000000
!
interface Serial0/3
ip address 10.1.1.5 255.255.255.252
ip ospf dead-interval minimal hello-multiplier 3
clock rate 2000000
!
router ospf 1
log-adjacency-changes
redistribute static metric 50 subnets route-map OSPF_REDIS
passive-interface Serial0/0
passive-interface Serial0/1
BGP & MPLS WALKTHROUGH
32
network 1.1.1.1 0.0.0.0 area 0
network 10.1.1.0 0.0.0.3 area 0
network 10.1.1.4 0.0.0.3 area 0
network 17.9.1.0 0.0.0.255 area 0
network 180.1.5.0 0.0.0.255 area 0
!
router bgp 1234
no synchronization
bgp log-neighbor-changes
network 150.1.0.0 mask 255.255.255.0
neighbor 2.2.2.2 remote-as 1234
neighbor 2.2.2.2 update-source Loopback1
neighbor 3.3.3.3 remote-as 1234
neighbor 3.3.3.3 update-source Loopback1
neighbor 4.4.4.4 remote-as 1234
neighbor 4.4.4.4 update-source Loopback1
neighbor 11.1.1.1 remote-as 200
neighbor 11.1.1.1 description "link to ISP1"
neighbor 11.1.1.1 password cisco
neighbor 11.1.1.1 ebgp-multihop 2
neighbor 11.1.1.1 update-source Loopback1
neighbor 11.1.1.1 remove-private-as
no auto-summary
!
ip forward-protocol nd
ip route 11.1.1.1 255.255.255.255 17.9.1.1
ip route 11.1.1.1 255.255.255.255 17.9.1.5
ip route 150.1.0.0 255.255.255.0 Null0
!
!
no ip http server
no ip http secure-server
!
!
ip prefix-list LOOP1 seq 10 permit 11.1.1.1/32
!
route-map OSPF_REDIS permit 10
match ip address prefix-list LOOP1
!
!
end
hostname R2
!
interface Loopback1
ip address 2.2.2.2 255.255.255.252
!
interface Serial0/0
ip address 180.1.5.2 255.255.255.252
clock rate 2000000
!
BGP & MPLS WALKTHROUGH
33
interface Serial0/1
ip address 180.1.5.6 255.255.255.252
clock rate 2000000
!
interface Serial0/2
ip address 10.1.1.9 255.255.255.252
ip ospf dead-interval minimal hello-multiplier 3
clock rate 2000000
!
interface Serial0/3
ip address 10.1.1.6 255.255.255.252
ip ospf dead-interval minimal hello-multiplier 3
clock rate 2000000
!
router ospf 1
log-adjacency-changes
redistribute static metric 50 subnets route-map OSPF_REDIS
passive-interface Serial0/0
passive-interface Serial0/1
network 2.2.2.2 0.0.0.0 area 0
network 10.1.1.4 0.0.0.3 area 0
network 10.1.1.8 0.0.0.3 area 0
network 17.9.1.0 0.0.0.255 area 0
network 180.1.5.0 0.0.0.255 area 0
!
router bgp 1234
no synchronization
bgp log-neighbor-changes
network 150.1.0.0 mask 255.255.255.0
neighbor 1.1.1.1 remote-as 1234
neighbor 1.1.1.1 update-source Loopback1
neighbor 3.3.3.3 remote-as 1234
neighbor 3.3.3.3 update-source Loopback1
neighbor 4.4.4.4 remote-as 1234
neighbor 4.4.4.4 update-source Loopback1
neighbor 22.1.1.1 remote-as 300
neighbor 22.1.1.1 description "link to ISP2"
neighbor 22.1.1.1 password cisco
neighbor 22.1.1.1 ebgp-multihop 2
neighbor 22.1.1.1 update-source Loopback1
neighbor 22.1.1.1 remove-private-as
no auto-summary
!
ip forward-protocol nd
ip route 22.1.1.1 255.255.255.255 180.1.5.1
ip route 22.1.1.1 255.255.255.255 180.1.5.5
ip route 150.1.0.0 255.255.255.0 Null0
!
!
no ip http server
no ip http secure-server
BGP & MPLS WALKTHROUGH
34
!
!
ip prefix-list LOOP1 seq 10 permit 22.1.1.1/32
!
route-map OSPF_REDIS permit 10
match ip address prefix-list LOOP1
!
!
end
hostname R3
!
interface Loopback1
ip address 3.3.3.3 255.255.255.255
!
interface Serial0/0
ip address 150.1.0.1 255.255.255.252
clock rate 2000000
!
interface Serial0/1
ip address 10.1.1.13 255.255.255.252
ip ospf dead-interval minimal hello-multiplier 3
clock rate 2000000
!
interface Serial0/2
ip address 10.1.1.2 255.255.255.252
ip ospf dead-interval minimal hello-multiplier 3
clock rate 2000000
!
router ospf 1
log-adjacency-changes
passive-interface Serial0/0
network 3.3.3.3 0.0.0.0 area 0
network 10.1.1.0 0.0.0.3 area 0
network 10.1.1.12 0.0.0.3 area 0
network 150.1.0.1 0.0.0.0 area 0
!
router bgp 1234
no synchronization
bgp log-neighbor-changes
neighbor 1.1.1.1 remote-as 1234
neighbor 1.1.1.1 update-source Loopback1
neighbor 2.2.2.2 remote-as 1234
neighbor 2.2.2.2 update-source Loopback1
neighbor 4.4.4.4 remote-as 1234
neighbor 4.4.4.4 update-source Loopback1
neighbor 150.1.0.2 remote-as 64512
neighbor 150.1.0.2 description "Cust1 link"
neighbor 150.1.0.2 default-originate
no auto-summary
!
BGP & MPLS WALKTHROUGH
35
end
!
hostname R4
!
interface Loopback1
ip address 4.4.4.4 255.255.255.255
!
interface Serial0/1
ip address 10.1.1.14 255.255.255.252
ip ospf dead-interval minimal hello-multiplier 3
clock rate 2000000
!
interface Serial0/2
ip address 10.1.1.10 255.255.255.252
ip ospf dead-interval minimal hello-multiplier 3
clock rate 2000000
!
interface Serial0/3
no ip address
shutdown
clock rate 2000000
!
router ospf 1
log-adjacency-changes
network 4.4.4.4 0.0.0.0 area 0
network 10.1.1.8 0.0.0.3 area 0
network 10.1.1.12 0.0.0.3 area 0
!
router bgp 1234
no synchronization
bgp log-neighbor-changes
neighbor 1.1.1.1 remote-as 1234
neighbor 1.1.1.1 update-source Loopback1
neighbor 2.2.2.2 remote-as 1234
neighbor 2.2.2.2 update-source Loopback1
neighbor 3.3.3.3 remote-as 1234
neighbor 3.3.3.3 update-source Loopback1
no auto-summary
!
end
BGP & MPLS WALKTHROUGH
36
!
hostname ISP1
!
interface Loopback1
ip address 11.1.1.1 255.255.255.255
!
interface Loopback2
ip address 11.1.1.2 255.255.255.255
!
interface Loopback3
ip address 11.1.1.3 255.255.255.255
!
interface Serial0/0
ip address 17.9.1.1 255.255.255.252
clock rate 2000000
!
interface Serial0/1
ip address 17.9.1.5 255.255.255.252
clock rate 2000000
!
router bgp 200
no synchronization
bgp log-neighbor-changes
redistribute connected route-map RLOOP
neighbor 1.1.1.1 remote-as 1234
neighbor 1.1.1.1 description "link to R1"
neighbor 1.1.1.1 password cisco
neighbor 1.1.1.1 ebgp-multihop 2
neighbor 1.1.1.1 update-source Loopback1
no auto-summary
!
ip forward-protocol nd
ip route 1.1.1.1 255.255.255.255 17.9.1.2
ip route 1.1.1.1 255.255.255.255 17.9.1.6
!
!
ip prefix-list LOOP seq 10 permit 11.1.1.1/32
ip prefix-list LOOP seq 20 permit 11.1.1.2/32
ip prefix-list LOOP seq 30 permit 11.1.1.3/32
!
route-map RLOOP permit 10
match ip address prefix-list LOOP
!
end
BGP & MPLS WALKTHROUGH
37
hostname ISP2
!
!
interface Loopback1
ip address 22.1.1.1 255.255.255.255
!
interface Loopback2
ip address 22.1.1.2 255.255.255.255
!
interface Loopback3
ip address 22.1.1.3 255.255.255.255
!
interface Serial0/0
ip address 180.1.5.1 255.255.255.252
clock rate 2000000
!
interface Serial0/1
ip address 180.1.5.5 255.255.255.252
clock rate 2000000
!
router bgp 300
no synchronization
bgp log-neighbor-changes
redistribute connected route-map RLOOP
neighbor 2.2.2.2 remote-as 1234
neighbor 2.2.2.2 description "link to R2"
neighbor 2.2.2.2 password cisco
neighbor 2.2.2.2 ebgp-multihop 2
neighbor 2.2.2.2 update-source Loopback1
no auto-summary
!
ip forward-protocol nd
ip route 2.2.2.2 255.255.255.255 180.1.5.2
ip route 2.2.2.2 255.255.255.255 180.1.5.6
!
!
no ip http server
no ip http secure-server
!
!
ip prefix-list LOOP seq 10 permit 22.1.1.1/32
ip prefix-list LOOP seq 20 permit 22.1.1.2/32
ip prefix-list LOOP seq 30 permit 22.1.1.3/32
!
route-map RLOOP permit 10
match ip address prefix-list LOOP
!
end
BGP & MPLS WALKTHROUGH
38
hostname Cust1
!
interface FastEthernet0/0
ip address 150.1.1.2 255.255.255.0
duplex auto
speed auto
!
interface Serial0/0
ip address 150.1.0.2 255.255.255.252
clock rate 2000000
!
router bgp 64512
no synchronization
bgp log-neighbor-changes
network 150.1.1.0 mask 255.255.255.0
neighbor 150.1.0.1 remote-as 1234
neighbor 150.1.0.1 description "link to R3"
no auto-summary
!
end
BGP & MPLS WALKTHROUGH
39
BGP CHAPTER 9 (REG-EX)
QUESTIONS:
18. Short notes on regular-expressions .
19. lab:for ISP1 it will not accept AS300 prefix, for ISP2 it will not accept AS200 prefix.
20. lab: back-to-back connection between ISP1-ISP2, but ISP1 it will learn 150.1.0.0/24
prefixes via NLFAST ISP to ISP2 to ISP1.(use reg-exp to perform these tasks)
Solution:
18. Short notes on regular-expressions .
Regular expression:
commonly in BGP for matching items in as-path.
^ Maches the beginning of input
$ matches end
| or
. Matches a single character
+ Matches the character to the left or more times
* Matches the character to the left 0 or more times
? Mathes the character to the left 0 or 1 times
\ Removes special meanings
() Affects order of operations
[] Creates a group of characters
_ white space
19. lab:for ISP1 it will not accept AS300 prefix, for ISP2 it will not accept AS200 prefix ---->
Diagram 10:
BGP & MPLS WALKTHROUGH
40
refer the diagram:
initially ISP1 learning the prefixes: from R1
ISP1(config-if)#do sh ip bgp
-----output cut
Network Next Hop Metric LocPrf Weight Path
*> 11.1.1.1/32 0.0.0.0 0 32768 ?
*> 11.1.1.2/32 0.0.0.0 0 32768 ?
*> 11.1.1.3/32 0.0.0.0 0 32768 ?
*> 22.1.1.1/32 1.1.1.1 0 1234 300 ?
*> 22.1.1.2/32 1.1.1.1 0 1234 300 ?
*> 22.1.1.3/32 1.1.1.1 0 1234 300 ?
*> 150.1.0.0/24 1.1.1.1 0 0 1234 i
*> 150.1.1.0/24 1.1.1.1 0 1234 i
after applying policy on R1 in outward direction :
R1(config-router)#do sh run | se ip as-path
!
ip as-path access-list 1 deny _300_
ip as-path access-list 1 permit .*
!
sh run | se route-map DAS300
route-map DAS300 permit 10
match as-path 1
!
router bgp 1234
neighbor 11.1.1.1 route-map DAS300 out
!
output at ISP1
!
ISP1(config-if)#do sh ip bgp
BGP table version is 16, local router ID is 11.1.1.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 11.1.1.1/32 0.0.0.0 0 32768 ?
*> 11.1.1.2/32 0.0.0.0 0 32768 ?
*> 11.1.1.3/32 0.0.0.0 0 32768 ?
*> 150.1.0.0/24 1.1.1.1 0 0 1234 i
*> 150.1.1.0/24 1.1.1.1 0 1234 i
because we have filtered AS300.
apply same policy to R2 for AS200.
R1(config-router)#do sh run | se ip as-path
!
ip as-path access-list 1 deny _200_
ip as-path access-list 1 permit .*
!
!sh run | se route-map DAS200
BGP & MPLS WALKTHROUGH
41
route-map DAS300 permit 10
match as-path 1
!
router bgp 1234
neighbor 22.1.1.1 route-map DAS300 out
!
output at ISP2
!
ISP2#sh ip bgp
BGP table version is 22, local router ID is 22.1.1.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 22.1.1.1/32 0.0.0.0 0 32768 ?
*> 22.1.1.2/32 0.0.0.0 0 32768 ?
*> 22.1.1.3/32 0.0.0.0 0 32768 ?
*> 150.1.0.0/24 2.2.2.2 0 0 1234 i
*> 150.1.1.0/24 2.2.2.2 0 1234 i
not receiving routes from ISP1.
20. lab: back-to-back connection between ISP1-ISP2, but ISP1 it will learn 150.1.0.0/24
prefixes via NLFAST ISP to ISP2 to ISP1.(use reg-exp to perform these tasks)
---> refer diagram:
Diagram 11:
create ebgp relationship between ISP1 & ISP2 back2back link.
for ISP1:
ISP1# sh ip bgp
BGP & MPLS WALKTHROUGH
42
--- output cut ---- it is learning 150.1.0.0 prefix via R1 , but i want it learn
via 199.9.9.2???
* 150.1.0.0/24 199.9.9.2 0 300 1234 i
*> 1.1.1.1 0 0 1234 i
* 150.1.1.0/24 199.9.9.2 0 300 1234 i
*> 1.1.1.1 0 1234 i
we can increase the weight on ISP1 while it receive the prefix from ISP2.
ISP1(config-router)#do sh run | se ip as-path
ip as-path access-list 100 permit _1234_
!
ISP1(config-router)#do sh run | se route-map
!
route-map VIAISP2 permit 10
match as-path 100
set weight 2000
route-map VIAISP2 permit 20
!
ISP1(config-router)#do sh run | se bgp
router bgp 200
neighbor 199.9.9.2 route-map VIAISP2 in
!
ISP1(config-router)#do sh ip bgp
BGP table version is 27, local router ID is 11.1.1.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 11.1.1.1/32 0.0.0.0 0 32768 ?
*> 11.1.1.2/32 0.0.0.0 0 32768 ?
*> 11.1.1.3/32 0.0.0.0 0 32768 ?
*> 22.1.1.1/32 199.9.9.2 0 0 300 ?
*> 22.1.1.2/32 199.9.9.2 0 0 300 ?
*> 22.1.1.3/32 199.9.9.2 0 0 300 ?
*> 150.1.0.0/24 199.9.9.2 2000 300 1234 i
* 1.1.1.1 0 0 1234 i
*> 150.1.1.0/24 199.9.9.2 2000 300 1234 i
* 1.1.1.1 0 1234 i
now we can see ISP2 prefers 150.1.0.0 network . WoW !!!!!
BGP & MPLS WALKTHROUGH
43
BGP CHAPTER 10(Lab on AS-PREPEND)
21. Task:
According to Diagram:
- use private AS for client(Cust1).
- Send network 172.16.1.1 as primary to ISP1 & secondary to ISP2
- Send network 192.168.1.1 as primary to ISP2 & secondary to ISP1
- Use as-prepend for this task.
- Remove private-as while sending cust1 network to ISP's.
NOte: Look carefully the configuration of R2. ----> diag:
Diagram 12:
Solution:
Configuration on devices:
!
hostname R1
!
interface Loopback1
ip address 172.16.1.1 255.255.255.255
!
interface Loopback2
ip address 192.168.1.1 255.255.255.255
BGP & MPLS WALKTHROUGH
44
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 10.1.12.1 255.255.255.0
duplex auto
speed auto
!
router bgp 65500
no synchronization
bgp log-neighbor-changes
network 172.16.1.1 mask 255.255.255.255
network 192.168.1.1 mask 255.255.255.255
neighbor 10.1.12.2 remote-as 23
no auto-summary
!
!
end
!
hostname R2
!
!
interface Loopback1
ip address 2.2.2.2 255.255.255.255
!
interface FastEthernet0/0
ip address 10.1.23.2 255.255.255.0
duplex auto
speed auto
!
interface Serial0/0
no ip address
shutdown
clock rate 2000000
!
interface FastEthernet0/1
ip address 10.1.12.2 255.255.255.0
duplex auto
speed auto
!
interface Serial0/1
no ip address
shutdown
clock rate 2000000
!
router ospf 1
BGP & MPLS WALKTHROUGH
45
log-adjacency-changes
passive-interface FastEthernet0/1
network 2.2.2.2 0.0.0.0 area 0
network 10.1.12.0 0.0.0.255 area 0
network 10.1.23.0 0.0.0.255 area 0
!
router bgp 23
no synchronization
bgp log-neighbor-changes
neighbor 3.3.3.3 remote-as 23
neighbor 3.3.3.3 update-source Loopback1
neighbor 10.1.12.1 remote-as 65500
no auto-summary
!
end
!
hostname R3
!
!
interface Loopback1
ip address 3.3.3.3 255.255.255.255
!
interface FastEthernet0/0
ip address 10.1.23.3 255.255.255.0
duplex auto
speed auto
!
interface Serial0/0
ip address 10.1.34.3 255.255.255.0
clock rate 2000000
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/1
ip address 10.1.35.3 255.255.255.0
clock rate 2000000
!
interface Serial0/2
no ip address
shutdown
clock rate 2000000
!
interface Serial0/3
no ip address
shutdown
clock rate 2000000
!
BGP & MPLS WALKTHROUGH
46
router ospf 1
log-adjacency-changes
network 3.3.3.3 0.0.0.0 area 0
network 10.1.23.0 0.0.0.255 area 0
!
router bgp 23
no synchronization
bgp log-neighbor-changes
neighbor 2.2.2.2 remote-as 23
neighbor 2.2.2.2 update-source Loopback1
neighbor 10.1.34.4 remote-as 400
neighbor 10.1.34.4 remove-private-as
neighbor 10.1.34.4 route-map PREPEND out
neighbor 10.1.35.5 remote-as 500
neighbor 10.1.35.5 remove-private-as
neighbor 10.1.35.5 route-map PREPEND2 out
no auto-summary
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
!
!
ip prefix-list M172 seq 10 permit 172.16.1.1/32
!
ip prefix-list M192 seq 10 permit 192.168.1.1/32
!
route-map PREPEND permit 10
match ip address prefix-list M172
!
route-map PREPEND permit 20
match ip address prefix-list M192
set as-path prepend 23 23 23 23
!
route-map PREPEND2 permit 10
match ip address prefix-list M192
!
route-map PREPEND2 permit 20
set as-path prepend 23 23 23 23
!
end
!
hostname R4
!
!
interface Loopback1
ip address 4.4.4.4 255.255.255.255
!
interface FastEthernet0/0
BGP & MPLS WALKTHROUGH
47
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/0
ip address 10.1.34.4 255.255.255.0
clock rate 2000000
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/1
no ip address
shutdown
clock rate 2000000
!
router bgp 400
no synchronization
bgp log-neighbor-changes
neighbor 10.1.34.3 remote-as 23
no auto-summary
!
end
!
hostname R5
!
!
interface Loopback1
ip address 5.5.5.5 255.255.255.255
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/0
no ip address
shutdown
clock rate 2000000
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
BGP & MPLS WALKTHROUGH
48
interface Serial0/1
ip address 10.1.35.5 255.255.255.0
clock rate 2000000
!
router bgp 500
no synchronization
bgp log-neighbor-changes
neighbor 10.1.35.3 remote-as 23
no auto-summary
!
end
----------------------------------------------------------------
OUTPUT on ISP1 & ISP2
R4(config-router)#do sh ip bgp
BGP table version is 15, local router ID is 4.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 172.16.1.1/32 10.1.34.3 0 23 i
*> 192.168.1.1/32 10.1.34.3 0 23 23 23 23 23 i
R5(config-router)#do sh ip bgp
BGP table version is 19, local router ID is 5.5.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 172.16.1.1/32 10.1.35.3 0 23 23 23 23 23 i
*> 192.168.1.1/32 10.1.35.3 0 23 i
BGP & MPLS WALKTHROUGH
49
BGP CHAPTER 11 (IP PREFIX-LIST)
QUESTION:
22. What is prefix-list ?
23. What is BGP Community ?
24: What is BGP Community Syntax ?
25a: What are different types of BGP Communities ?
SOLUTION:
22. What is prefix-list ? . An improvement on Access lists for matching routes
- improved processor utilization
- better subnet mask matching abilities
. Two stage matching system : network + mask
Some examples:
ip prefix-list ONE permit 0.0.0.0/0 (permit default route)
ip prefix-list TWO permit 0.0.0.0/0 le 32 (permit any)
ip prefix-list THREE permit 0.0.0.0/0 ge 32 (permit all host routes)
ip prefix-list FOUR permit 0.0.0.0/1 ge 24 le 24 ( matches any class A
address with class C subnet mask)
ip prefix-list FIVE permit 128.0.0.0/2 ge 16 (match any class B with subnet
mask >= 16)
We can use prefix-list with neighbour command or with route-map to tune
attributes of BGP.
23. What is BGP Community ?
. It is BGP Route tagging method.
. Coupled with BGP policy.
New Format vs Old format:
. BGP community attribute is a 32-bit value.
- 4,294,967,295 valures
RFC 1977 took the 32 bit value and split it into two 655536 values
<AS>:<Community>
examples 500:18 or 500:99
24: What is BGP Community Syntax ?
. Use the new 16bit:16bit Community format.
router(config)# ip bgp-community new-format
. Send Communities to a neighbor (Stripped by default)
router(config-router)# neighbor <ip> send-community
. Set A community value in a route map
router(config-route-map)# ip community-list <standard|extended> <name>
BGP & MPLS WALKTHROUGH
50
Simple Community-list:
router(config)# ip community-list <1-99>
extended community-list
router(config)# ip community-list <100-199>
extended community list matches on the basis of regular expressions.
Named Community-list
router(config)# ip community-list <standard|extended> <name>
25a: What are different types of BGP Communities ? -->
Internet(default) : all BGP routes have this community 0 (this is std bgp tag)
Local-AS : It does not advertised the routes outside the local-as.
No-export : It will not advertise outside EBGP peer , but it will communicate
on cofederation.
No-advertise: It will not advertise outside its neighbour.
None:
BGP & MPLS WALKTHROUGH
51
BGP CHAPTER 12 (ROUTE-REFLECTION)
QUESTIONS:
25b. What is Route-Reflection ?
-->Perform Lab for Route-reflection .
25b. What is Route-Reflection ? Solution:
--> RRs Bend the BGP Split Horizon rules.
. RRs Process updates as follows:
- eBGP Peer --> All iBGP / eBGP peers.
- iBGP (non-client) Peer --> eBGP and Clients
- iBGP (client) Peer --> All Peers (Non-sender)
. RR Groups add a cluster-id attribute to routes
. RR clients are oblivious to everything .
-->Perform Lab for Route-reflection . According to diagram:
-->
Diagram 13:
The updates for BB3 via eBGP go to the R4, R4 will forward updates via
iBGP to R1, but due to split horizon R1 will not forward updates to the R3.
Now we can make R1, BGP route-reflector then it forward the updates to
the non-client also.
R1,R4,R3, BB3 config:
!
hostname R1
!
interface Loopback1
ip address 1.1.1.1 255.255.255.255
BGP & MPLS WALKTHROUGH
52
!
interface FastEthernet0/0
ip address 10.1.14.1 255.255.255.0
duplex auto
speed auto
!
interface Serial0/0
ip address 10.1.13.1 255.255.255.0
clock rate 2000000
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/1
no ip address
shutdown
clock rate 2000000
!
router ospf 1
log-adjacency-changes
network 1.1.1.1 0.0.0.0 area 0
network 10.1.13.0 0.0.0.255 area 0
network 10.1.14.0 0.0.0.255 area 0
!
router bgp 100
no synchronization
bgp log-neighbor-changes
neighbor 3.3.3.3 remote-as 100
neighbor 3.3.3.3 update-source Loopback1
neighbor 3.3.3.3 route-reflector-client
neighbor 4.4.4.4 remote-as 100
neighbor 4.4.4.4 update-source Loopback1
no auto-summary
!
ip forward-protocol nd
!
end
!
hostname R3
!
!
interface Loopback1
ip address 3.3.3.3 255.255.255.255
!
interface FastEthernet0/0
no ip address
shutdown
BGP & MPLS WALKTHROUGH
53
duplex auto
speed auto
!
interface Serial0/0
ip address 10.1.13.3 255.255.255.0
clock rate 2000000
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/1
no ip address
shutdown
clock rate 2000000
!
router ospf 1
log-adjacency-changes
network 3.3.3.3 0.0.0.0 area 0
network 10.1.13.0 0.0.0.255 area 0
!
router bgp 100
no synchronization
bgp log-neighbor-changes
neighbor 1.1.1.1 remote-as 100
neighbor 1.1.1.1 update-source Loopback1
no auto-summary
!
end
!
hostname R4
!
interface Loopback1
ip address 4.4.4.4 255.255.255.255
!
interface FastEthernet0/0
ip address 10.1.14.4 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 204.12.1.4 255.255.255.0
duplex auto
speed auto
!
router ospf 1
log-adjacency-changes
passive-interface FastEthernet0/1
BGP & MPLS WALKTHROUGH
54
network 4.4.4.4 0.0.0.0 area 0
network 10.1.14.0 0.0.0.255 area 0
network 204.12.1.0 0.0.0.255 area 0
!
router bgp 100
no synchronization
bgp log-neighbor-changes
neighbor 1.1.1.1 remote-as 100
neighbor 1.1.1.1 update-source Loopback1
neighbor 3.3.3.3 remote-as 100
neighbor 3.3.3.3 update-source Loopback1
neighbor 204.12.1.254 remote-as 54
no auto-summary
!
end
hostname BB3
!
interface Loopback1
ip address 33.1.1.1 255.255.255.255
!
interface FastEthernet0/0
ip address 204.12.1.254 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
router bgp 54
no synchronization
bgp log-neighbor-changes
network 33.1.1.1 mask 255.255.255.255
neighbor 204.12.1.4 remote-as 100
no auto-summary
!
end
output at R3:
R3 getting routes from R1.........WoW !!!!!!
R3#sh ip bg
BGP table version is 2, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*>i33.1.1.1/32 204.12.1.254 0 100 0 54 i
BGP & MPLS WALKTHROUGH
55
BGP CHAPTER 13 (CONFEDERATION)
QUESTIONS:
26. What is Confederation ?
27. How to Design Confederation ?
--> Lab on Confederation .
Solution:
26. What is Confederation ? -->
. An AS inside an AS
. Alternative to route reflections
. uses intra-as numbers , which are stripped before sending updates via EBGP.
. Inter-confederation peers are treated as EBGP to establish, but IBGP relating to
attributes.
. Still on IGP for the entire system
27. How to Design Confederation ?
-->
. Complete BGP rewrite.
. Break AS into smaller autonomous systems
. use private AS numbers (64512-65535)
. full ibgp mesh required within confederation AS (Route reflectors an option)
--> Lab on Confederation .
--> Diagram:
Diagram 14:
Create sub-as on R1,R2,R3 as in diagram.
Config:
R1:
!
hostname R2
!
BGP & MPLS WALKTHROUGH
56
interface Loopback1
ip address 2.2.2.2 255.255.255.255
!
interface FastEthernet0/0
ip address 10.1.23.2 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 10.1.12.2 255.255.255.0
duplex auto
speed auto
!
router ospf 1
log-adjacency-changes
network 2.2.2.2 0.0.0.0 area 0
network 10.1.12.0 0.0.0.255 area 0
network 10.1.23.0 0.0.0.255 area 0
!
router bgp 65002
no synchronization
bgp log-neighbor-changes
bgp confederation identifier 123
bgp confederation peers 65001 65003
neighbor 1.1.1.1 remote-as 65001
neighbor 1.1.1.1 ebgp-multihop 2
neighbor 1.1.1.1 update-source Loopback1
neighbor 3.3.3.3 remote-as 65003
neighbor 3.3.3.3 ebgp-multihop 2
neighbor 3.3.3.3 update-source Loopback1
no auto-summary
!
!
end
!
BGP & MPLS WALKTHROUGH
57
hostname R2
!
interface Loopback1
ip address 2.2.2.2 255.255.255.255
!
interface FastEthernet0/0
ip address 10.1.23.2 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 10.1.12.2 255.255.255.0
duplex auto
speed auto
!
router ospf 1
log-adjacency-changes
network 2.2.2.2 0.0.0.0 area 0
network 10.1.12.0 0.0.0.255 area 0
network 10.1.23.0 0.0.0.255 area 0
!
router bgp 65002
no synchronization
bgp log-neighbor-changes
bgp confederation identifier 123
bgp confederation peers 65001 65003
neighbor 1.1.1.1 remote-as 65001
neighbor 1.1.1.1 ebgp-multihop 2
neighbor 1.1.1.1 update-source Loopback1
neighbor 3.3.3.3 remote-as 65003
neighbor 3.3.3.3 ebgp-multihop 2
neighbor 3.3.3.3 update-source Loopback1
no auto-summary
!
!
end
!
hostname R3
!
!
!
interface Loopback1
ip address 3.3.3.3 255.255.255.255
!
interface FastEthernet0/0
BGP & MPLS WALKTHROUGH
58
ip address 10.1.23.3 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
router ospf 1
log-adjacency-changes
network 3.3.3.3 0.0.0.0 area 0
network 10.1.23.0 0.0.0.255 area 0
!
router bgp 65003
no synchronization
bgp log-neighbor-changes
bgp confederation identifier 123
bgp confederation peers 65002
neighbor 2.2.2.2 remote-as 65002
neighbor 2.2.2.2 ebgp-multihop 2
neighbor 2.2.2.2 update-source Loopback1
no auto-summary
!
!
end
!
hostname R4
!
!
interface Loopback1
ip address 4.4.4.4 255.255.255.255
!
interface FastEthernet0/0
ip address 10.1.14.4 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
router bgp 54
no synchronization
bgp log-neighbor-changes
BGP & MPLS WALKTHROUGH
59
network 4.4.4.4 mask 255.255.255.255
neighbor 10.1.14.1 remote-as 123
no auto-summary
!
end
--------- output ---- on R2, R3 ----------
R2#sh ip bgp
BGP table version is 2, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 4.4.4.4/32 10.1.14.4 0 100 0 (65001) 54 i
R3#sh ip bgp
BGP table version is 2, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 4.4.4.4/32 10.1.14.4 0 100 0 (65002 65001) 54 i
BGP & MPLS WALKTHROUGH
60
BGP CHAPTER 14 (BGP TWEAKING)
QUESTIONS:
28. What is BGP Process ?
29. How to improve BGP ?
Solution:
28. What is BGP Process ?
--> BGP Open - Starts peers up.
- BGP I/O - Prepares / Process Updates , Keepalives
- BGP Scanner - Checks next hops , determines routes to advertise
- BGP Router - Calculates best path , Process route changes
29. How to improve BGP ?
-->
. Use the IP TCP PATH-MTU-DISCOVERY (BGP defaults to 536 bytes)
(show ip bgp neighbors | in max)
. Use BGP peer groups
. Increase input queues (HOLD-QUEUE in )
cisco default is 1000 .
. Tune BGP scanner time / Adveritsement interval (per neighbor)
config-router)# bgp scan-time <5-60>
router)# neighbor 1.1.1.1 advertisement-interval <0-600>
. Set a maximum prefix limit
router)# neighbor 1.1.1.1 maximum-prefix 8000
BGP & MPLS WALKTHROUGH
61
BGP CHAPTER 15(Peer_groups_lab)
30. What is peer-groups in BGP ?
--> Lab on BGP Peer-groups .
31. What is BGP route Dampening ?
-->
Solution: 30. What is peer-groups in BGP ?
--> Lab on BGP Peer-groups .
. Efficient way of neighbour configuration.
. Separate peer for IBGP & EBGP
. Generates a single outbound update for all the peers.
. Individual configuration supported for inbound updates.
. Handled dynamically in IOS 12.0 (show ip bgp update-gorup)
Lab:
diagram--->
Diagram 15:
R1-R5 configs:
hostname R1
!
!
interface Loopback1
ip address 1.1.1.1 255.255.255.255
!
interface FastEthernet0/0
ip address 10.1.12.1 255.255.255.0
duplex auto
speed auto
!
BGP & MPLS WALKTHROUGH
62
interface FastEthernet0/1
ip address 10.1.13.1 255.255.255.0
duplex auto
speed auto
!
router ospf 1
log-adjacency-changes
network 1.1.1.1 0.0.0.0 area 0
network 10.1.12.0 0.0.0.255 area 0
network 10.1.13.0 0.0.0.255 area 0
!
router bgp 1234
no synchronization
bgp log-neighbor-changes
neighbor IBGP_PEERS peer-group
neighbor IBGP_PEERS remote-as 1234
neighbor IBGP_PEERS update-source Loopback1
neighbor 2.2.2.2 peer-group IBGP_PEERS
neighbor 3.3.3.3 peer-group IBGP_PEERS
neighbor 4.4.4.4 peer-group IBGP_PEERS
no auto-summary
!
end
!
hostname R2
!
!
interface Loopback1
ip address 2.2.2.2 255.255.255.255
!
interface FastEthernet0/0
ip address 10.1.12.2 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 10.1.24.2 255.255.255.0
duplex auto
speed auto
!
router ospf 1
log-adjacency-changes
network 2.2.2.2 0.0.0.0 area 0
network 10.1.12.0 0.0.0.255 area 0
network 10.1.24.0 0.0.0.255 area 0
!
router bgp 1234
no synchronization
bgp log-neighbor-changes
neighbor IBGP_PEERS peer-group
BGP & MPLS WALKTHROUGH
63
neighbor IBGP_PEERS remote-as 1234
neighbor IBGP_PEERS update-source Loopback1
neighbor 1.1.1.1 peer-group IBGP_PEERS
neighbor 3.3.3.3 peer-group IBGP_PEERS
neighbor 4.4.4.4 peer-group IBGP_PEERS
no auto-summary
!
!
end
!
hostname R3
!
interface Loopback1
ip address 3.3.3.3 255.255.255.255
!
interface FastEthernet0/0
ip address 10.1.34.3 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 10.1.13.3 255.255.255.0
duplex auto
speed auto
!
router ospf 1
log-adjacency-changes
network 3.3.3.3 0.0.0.0 area 0
network 10.1.13.0 0.0.0.255 area 0
network 10.1.34.0 0.0.0.255 area 0
!
router bgp 1234
no synchronization
bgp log-neighbor-changes
neighbor IBGP_PEERS peer-group
neighbor IBGP_PEERS remote-as 1234
neighbor IBGP_PEERS update-source Loopback1
neighbor 1.1.1.1 peer-group IBGP_PEERS
neighbor 2.2.2.2 peer-group IBGP_PEERS
neighbor 4.4.4.4 peer-group IBGP_PEERS
no auto-summary
!
end
hostname R4
!
interface Loopback1
ip address 4.4.4.4 255.255.255.255
!
interface FastEthernet0/0
BGP & MPLS WALKTHROUGH
64
ip address 10.1.34.4 255.255.255.0
duplex auto
speed auto
!
interface Serial0/0
ip address 10.1.45.4 255.255.255.0
clock rate 2000000
!
interface FastEthernet0/1
ip address 10.1.24.4 255.255.255.0
duplex auto
speed auto
!
interface Serial0/1
no ip address
shutdown
clock rate 2000000
!
router ospf 1
log-adjacency-changes
passive-interface Serial0/0
network 4.4.4.4 0.0.0.0 area 0
network 10.1.24.0 0.0.0.255 area 0
network 10.1.34.0 0.0.0.255 area 0
network 10.1.45.0 0.0.0.255 area 0
!
router bgp 1234
no synchronization
bgp log-neighbor-changes
neighbor IBGP_PEERS peer-group
neighbor IBGP_PEERS remote-as 1234
neighbor IBGP_PEERS update-source Loopback1
neighbor 1.1.1.1 peer-group IBGP_PEERS
neighbor 2.2.2.2 peer-group IBGP_PEERS
neighbor 3.3.3.3 peer-group IBGP_PEERS
neighbor 10.1.45.5 remote-as 555
no auto-summary
!
end
!
hostname R5
!
!
interface Loopback1
ip address 5.5.5.5 255.255.255.255
!
interface FastEthernet0/0
no ip address
shutdown
BGP & MPLS WALKTHROUGH
65
duplex auto
speed auto
!
interface Serial0/0
ip address 10.1.45.5 255.255.255.0
clock rate 2000000
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/1
no ip address
shutdown
clock rate 2000000
!
router bgp 555
no synchronization
bgp log-neighbor-changes
network 5.5.5.5 mask 255.255.255.255
neighbor 10.1.45.4 remote-as 1234
no auto-summary
!
end
-------------------------------------------------
31. What is BGP route Dampening ?
-->
.Suppress the impact of flapping routes without impacting better routes.
.Default mechanish: 5 seconds 'wait' for iBGP & 30 second 'wait' for eBGP.
.Works like a water beaker:
- penalty - 1000
- Suppress limit - 2000
- Reuse limit - 750
- Decay algorithm (half-life) - 15 min
BGP & MPLS WALKTHROUGH
66
Topics covered related to MPLS:
1. What are the commands to enable MPLS and where are the commands used ?
2. How do you verify the local label a router has chosen for a given network ?
3. How do you verify which label a router will impose
4. What protocol(s)/Port(s) are used for LDP Hellos & Sessions ?
5. How does R3 know what R2's local label is for a specific network ?
6. When MPLS is enabled, what would prevent an LDP neighborship ?
7. Why would you use an ACL in combination with an MPLS debug ?
8. How does the IGP next hop affect the LSP?
9. Why does LDP advertiese all local IPv4 address to a neighbor ?
10. By default , does the LSP path match the IPv4 path to a network ?
11. What is Liberal Label Retention ?
12a. LSRs that get a packet with an unknown label what it will do ?
12b. What is PHP ?
13. What is relationsip between RIB/FIB , LIB/LFIB CEF ?
14. Which is preferred by CEF: MPLS or IPv4 forwarding ?
15. What are different type of labels used in MPLS ?
16. How do you view the advertised transport address ?
17. What command changes the LDP router-id ?
18. When & how would you change the advertised transport address ?
19. What is MPLS label format ?
20. In MPLS L3VPN how do the customer & provider share routes ?
21. Why does a PE have a VRF for each customer ? What is VRF ?
22. Which protocol is used between PE's to advertise VPNv4 routes ?
23. What command is used to enter the "VPNv4 Section" of BGP ?
24. What is use of Extended Community ?
25. Why would you activate VPNv4 capability with an iBGP peer ?
26. What are to commands to activate VPNv4 feature ?
27. What keeps your customers routes unique from each other in mBGP ?
28. How do you assign a PE interface to a VRF ?
29. Which command shows you the routes inside the VRF ?
30. What does 'address-family ipv4' mean within EIGRP & RIP ?
31. How do you link an OSPF process to a specific VRF ?
33. Why is redistribution needed in MPLS L3VPN ?
34. When is a RD, RT and VPN label added to a route ?
35. In BGP configuration are you causing an Import or Export ?
36. Full Lab on MPLS.
BGP & MPLS WALKTHROUGH
67
MPLS CHAPTER 1
QUESTIONS
1. What are the commands to enable MPLS and where are the commands used ?
2. How do you verify the local label a router has chosen for a given network ?
3. How do you verify which label a router will impose
SOLUTION :
1. What are the commands to enable MPLS and where are the commands used ?
if we enable mpls ip at global config mode it will enable mpls on all the interfaces.
so enable mpls ip on per interface basis.
Diagram 16:
in this diagram enable mpls ip on the interface within the square box , R1 fa0/0
R2 f0/0-f0/1 & R3 f0/1.
2. How do you verify the local label a router has chosen for a given network ?
For LIB table:
R2#sh mpls ldp bindings 1.1.1.1 32
tib entry: 1.1.1.1/32, rev 2
local binding: tag: 16
remote binding: tsr: 1.1.1.1:0, tag: imp-null
remote binding: tsr: 3.3.3.3:0, tag: 16
BGP & MPLS WALKTHROUGH
68
R2#sh mpls ldp bindings 3.3.3.3 32
tib entry: 3.3.3.3/32, rev 6
local binding: tag: 17
remote binding: tsr: 1.1.1.1:0, tag: 501
remote binding: tsr: 3.3.3.3:0, tag: imp-null
for LFIB table:
R2#sh mpls forwarding-table 1.1.1.1
Local Outgoing Prefix Bytes tag Outgoing Next Hop
tag tag or VC or Tunnel Id switched interface
16 Pop tag 1.1.1.1/32 0 Fa0/0 10.1.12.1
R2#sh mpls forwarding-table 3.3.3.3
Local Outgoing Prefix Bytes tag Outgoing Next Hop
tag tag or VC or Tunnel Id switched interface
17 Pop tag 3.3.3.3/32 0 Fa0/1 10.1.23.3
3. How do you verify which label a router will impose
R1#sh ip cef 3.3.3.3
3.3.3.3/32, version 13, epoch 0, cached adjacency 10.1.12.2
0 packets, 0 bytes
tag information set
local tag: 501
fast tag rewrite with Fa0/0, 10.1.12.2, tags imposed: {17}
via 10.1.12.2, FastEthernet0/0, 0 dependencies
next hop 10.1.12.2, FastEthernet0/0
valid cached adjacency
tag rewrite with Fa0/0, 10.1.12.2, tags imposed: {17}
BGP & MPLS WALKTHROUGH
69
MPLS CHAPTER 2
QUESTION:
4. What protocol(s)/Port(s) are used for LDP Hellos & Sessions ?
5. How does R3 know what R2's local label is for a specific network ?
6. When MPLS is enabled, what would prevent an LDP neighborship ?
7. Why would you use an ACL in combination with an MPLS debug ?
SOLUTION :
4. What protocol(s)/Port(s) are used for LDP Hellos & Sessions ?
5. How does R3 know what R2's local label is for a specific network ?
7. Why would you use an ACL in combination with an MPLS debug ?
1. first they send hello pkts to discover the lsp routers with udp multicast 646 224.0.0.2
2. then the establish tcp relationship with tcp 646 224.0.0.2 , higher rid will act like
active router lower rid will act like passive router.
3. then they send & recieve ldp lables
Diagram 17:
in the diagram given from the last lab , disable & enable mpls & find the neighbor relationship .
configure on R2 for the relationship with R3
conf)# access-list 1 permit 3.3.3.3
exit
# debug mpls ldp bindings prefix-list 1
BGP & MPLS WALKTHROUGH
70
R2(config)#access-list 1 permit 3.3.3.3
R2(config)#end
R2#debug mpls ldp bindings prefix-acl 1
LDP Label Information Base (LIB) changes debugging is on for prefix ACL 1
R2#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#no mpls ip
*Mar 1 00:06:42.475: tagcon: tibent(3.3.3.3/32): deleted
R2(config)#mpls ip
R2(config)#
-----output cut -----------
*Mar 1 00:06:44.827: tib: find route tags: 3.3.3.3/32, Fa0/1, nh 10.1.23.3, res nh 10.1.23.3
*Mar 1 00:06:44.827: tagcon: announce labels for: 3.3.3.3/32; nh 10.1.23.3, Fa0/1, inlabel 19, outlabel
unknown (from 0.0.0.0:0), find route tags
R2(config)#
*Mar 1 00:06:49.907: tagcon: (Default-IP-Routing-Table) Assign peer id; 3.3.3.3:0: id 0
*Mar 1 00:06:49.911: %LDP-5-NBRCHG: LDP Neighbor 3.3.3.3:0 (1) is UP
*Mar 1 00:06:49.927: tagcon: 3.3.3.3:0: 10.1.23.3 added to addr<->ldp ident map
*Mar 1 00:06:49.931: tagcon: 3.3.3.3:0: 3.3.3.3 added to addr<->ldp ident map
*Mar 1 00:06:49.931: tagcon: tibent(3.3.3.3/32): label imp-null from 3.3.3.3:0 added
*Mar 1 00:06:49.935: tagcon: announce labels for: 3.3.3.3/32; nh 10.1.23.3, Fa0/1, inlabel 19, outlabel
imp-null (from 3.3.3.3:0), add rem binding
*Mar 1 00:06:50.367: tagcon: (Default-IP-Routing-Table) Assign peer id; 1.1.1.1:0: id 1
*Mar 1 00:06:50.371: %LDP-5-NBRCHG: LDP Neighbor 1.1.1.1:0 (2) is UP
R2(config)#
*Mar 1 00:06:50.479: tagcon: 1.1.1.1:0: 10.1.12.1 added to addr<->ldp ident map
*Mar 1 00:06:50.483: tagcon: 1.1.1.1:0: 1.1.1.1 added to addr<->ldp ident map
*Mar 1 00:06:50.491: tagcon: tibent(3.3.3.3/32): label 502 from 1.1.1.1:0 added
*Mar 1 00:06:50.491: tib: Not OK to announce label; nh 10.1.23.3 not bound to 1.1.1.1:0
*Mar 1 00:06:50.495: tagcon: omit announce labels for: 3.3.3.3/32; nh 10.1.23.3, Fa0/1, from 1.1.1.1:0:
add rem binding: next hop = 10.1.23.3
R2#undebug all
6. When MPLS is enabled, what would prevent an LDP neighborship ?
# sh mpls ldp neighbour
if transport address in not reachable they will not form ldp relationships
R2#sh mpls ldp neighbor
Peer LDP Ident: 1.1.1.1:0; Local LDP Ident 2.2.2.2:0
TCP connection: 1.1.1.1.646 - 2.2.2.2.38184
BGP & MPLS WALKTHROUGH
71
State: Oper; Msgs sent/rcvd: 19/19; Downstream
Up time: 00:10:11
LDP discovery sources:
FastEthernet0/0, Src IP addr: 10.1.12.1
Addresses bound to peer LDP Ident:
10.1.12.1 1.1.1.1
Peer LDP Ident: 3.3.3.3:0; Local LDP Ident 2.2.2.2:0
TCP connection: 3.3.3.3.43683 - 2.2.2.2.646
State: Oper; Msgs sent/rcvd: 13/13; Downstream
Up time: 00:04:38
LDP discovery sources:
FastEthernet0/1, Src IP addr: 10.1.23.3
Addresses bound to peer LDP Ident:
10.1.23.3 3.3.3.3
R2#sh mpls ldp bindings local
tib entry: 1.1.1.1/32, rev 2
local binding: tag: 18
tib entry: 2.2.2.2/32, rev 4
local binding: tag: imp-null
tib entry: 3.3.3.3/32, rev 6
local binding: tag: 19
tib entry: 10.1.12.0/24, rev 8
local binding: tag: imp-null
tib entry: 10.1.23.0/24, rev 10
local binding: tag: imp-null
R2#sh ip cef 3.3.3.3
3.3.3.3/32, version 21, epoch 0, cached adjacency 10.1.23.3
0 packets, 0 bytes
tag information set
local tag: 19
via 10.1.23.3, FastEthernet0/1, 0 dependencies
next hop 10.1.23.3, FastEthernet0/1
valid cached adjacency
tag rewrite with Fa0/1, 10.1.23.3, tags imposed: {}
R2#sh ip route 3.3.3.3
Routing entry for 3.3.3.3/32
Known via "ospf 1", distance 110, metric 11, type intra area
Last update from 10.1.23.3 on FastEthernet0/1, 00:17:24 ago
Routing Descriptor Blocks:
* 10.1.23.3, from 3.3.3.3, 00:17:24 ago, via FastEthernet0/1
Route metric is 11, traffic share count is 1
BGP & MPLS WALKTHROUGH
72
++++>> let us change the next hop of R2 for loopback address 3.3.3.3
R2(config)#ip route 3.3.3.3 255.255.255.255 10.1.12.1
R2(config)#end
*Mar 1 00:20:15.535: %SYS-5-CONFIG_I: Configured from console by consol
R2# sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
O 1.1.1.1 [110/11] via 10.1.12.1, 00:19:09, FastEthernet0/0
2.0.0.0/32 is subnetted, 1 subnets
C 2.2.2.2 is directly connected, Loopback1
3.0.0.0/32 is subnetted, 1 subnets
S 3.3.3.3 [1/0] via 10.1.12.1
10.0.0.0/24 is subnetted, 2 subnets
C 10.1.12.0 is directly connected, FastEthernet0/0
C 10.1.23.0 is directly connected, FastEthernet0/1
R2#traceroute 3.3.3.3 source 2.2.2.2
Type escape sequence to abort.
Tracing the route to 3.3.3.3
1 * * *
2 * * *
3 * * *
4 * * *
5 * * *
you can see it is unreachable plus the bytes tag switched is very high 846612 ???
means packet is looping in the network.
BGP & MPLS WALKTHROUGH
73
R2#sh mpls forwarding-table 3.3.3.3
Local Outgoing Prefix Bytes tag Outgoing Next Hop
tag tag or VC or Tunnel Id switched interface
19 502 3.3.3.3/32 846612 Fa0/0 10.1.12.1
but reachable next hop is 10.1.23.3
so it will not form neighbour:
redo the static route and it will work:
on R2 : no ip route 3.3.3.3 255.255.255.255 10.1.12.1
it will form neighbour
R2(config)#no ip route 3.3.3.3 255.255.255.255 10.1.12.1
R2(config)#end
R2#ping
*Mar 1 00:23:25.963: %SYS-5-CONFIG_I: Configured from console by console
R2#ping 3.3.3.3 so 2.2.2.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 3.3.3.3, timeout is 2 seconds:
Packet sent with a source address of 2.2.2.2
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/29/48 ms
R2#
*Mar 1 00:23:35.419: %LDP-5-NBRCHG: LDP Neighbor 3.3.3.3:0 (1) is UP
BGP & MPLS WALKTHROUGH
74
MPLS CHAPTER 3
QUESTIONS :
8. How does the IGP next hop affect the LSP?
9. Why does LDP advertiese all local IPv4 address to a neighbor ?
10. By default , does the LSP path match the IPv4 path to a network ?
11. What is Liberal Label Retention ?
Solution:
8. How does the IGP next hop affect the LSP?
9. Why does LDP advertiese all local IPv4 address to a neighbor ?
Follow the same diagram with same address scheme >
Diagram 18:
--->> IPv4 contorl plan build ospf RIB that is used by MPLS control plan
protocol LDP to build their Lable table (LIB) but data plan is quit different.
let us check RIB and binding tabel (LIB) of R2
R2#sh ip route ospf
1.0.0.0/32 is subnetted, 1 subnets
O 1.1.1.1 [110/11] via 10.1.12.1, 00:29:55, FastEthernet0/0
3.0.0.0/32 is subnetted, 1 subnets
O 3.3.3.3 [110/11] via 10.1.23.3, 00:07:39, FastEthernet0/1
R2#sh mpls ldp bin
R2#sh mpls ldp bindings 3.3.3.3
% Incomplete command.
R2#sh mpls ldp bindings 3.3.3.3 32
tib entry: 3.3.3.3/32, rev 6
local binding: tag: 19
remote binding: tsr: 1.1.1.1:0, tag: 502
BGP & MPLS WALKTHROUGH
75
remote binding: tsr: 3.3.3.3:0, tag: imp-null
R2#
you can see the RIB & LIB of route 3.3.3.3 of R2.
10. By default , does the LSP path match the IPv4 path to a network ?
11. What is Liberal Label Retention ?
LSP is driven by the IGP , We can manipulate with the MPLS-TE.
For a given router the upstream and downstream labeling is liberal label
retention.
R2#sh mpls ldp neighbor
Peer LDP Ident: 1.1.1.1:0; Local LDP Ident 2.2.2.2:0
TCP connection: 1.1.1.1.646 - 2.2.2.2.38184
State: Oper; Msgs sent/rcvd: 40/40; Downstream
Up time: 00:28:33
LDP discovery sources:
FastEthernet0/0, Src IP addr: 10.1.12.1
Addresses bound to peer LDP Ident:
10.1.12.1 1.1.1.1
Peer LDP Ident: 3.3.3.3:0; Local LDP Ident 2.2.2.2:0
TCP connection: 3.3.3.3.25942 - 2.2.2.2.646
State: Oper; Msgs sent/rcvd: 21/21; Downstream
Up time: 00:11:48
LDP discovery sources:
FastEthernet0/1, Src IP addr: 10.1.23.3
Addresses bound to peer LDP Ident:
10.1.23.3 3.3.3.3
R2#sh mpls ldp bindings 1.1.1.1 32
tib entry: 1.1.1.1/32, rev 2
local binding: tag: 18
remote binding: tsr: 1.1.1.1:0, tag: imp-null
remote binding: tsr: 3.3.3.3:0, tag: 22
R2#sh mpls ldp bindings 3.3.3.3 32
tib entry: 3.3.3.3/32, rev 6
local binding: tag: 19
remote binding: tsr: 1.1.1.1:0, tag: 502
remote binding: tsr: 3.3.3.3:0, tag: imp-null
R2#sh mpls forwarding-table 1.1.1.1
Local Outgoing Prefix Bytes tag Outgoing Next Hop
tag tag or VC or Tunnel Id switched interface
18 Pop tag 1.1.1.1/32 0 Fa0/0 10.1.12.1
R2#sh mpls forwarding-table 3.3.3.3
Local Outgoing Prefix Bytes tag Outgoing Next Hop
tag tag or VC or Tunnel Id switched interface
19 Pop tag 3.3.3.3/32 0 Fa0/1 10.1.23.3
BGP & MPLS WALKTHROUGH
76
MPLS CHAPTER 4
QUESTIONS:
12a. LSRs that get a packet with an unknown label what it will do ?
12b. What is PHP ?
13. What is relationsip between RIB/FIB , LIB/LFIB CEF ?
14. Which is preferred by CEF: MPLS or IPv4 forwarding ?
15. What are different type of labels used in MPLS ?
Solution:
------->(LSR_ROUTER)------>
12a. LSRs that get a packet with an unknown label what it will do ?
12b. What is PHP ?
14. Which is preferred by CEF: MPLS or IPv4 forwarding ?
When pkt arrieves to router according to its label it forward pkt to next-hop
if it don't have label information it will process according to IGP reachability.
incoming_pkt outgoing_decision(data plan)
IPv4 IPv4 (FIB)
IPv4 MPLS (LFIB)
MPLS MPLS (LFIB)
MPLS IPv4 (FIB)
Penultimate Hop popping (PHP)
. Penultimate means netxt to last
. Normally last hop must ....
- Lookup MPLS Label
- Pop MPLS Label
- Lookup IPv4 destination
. PHP avoids extra lookup on last hop
. Accomplished through implicit NULL label
advertisement for connected prefixes.
13. What is relationsip between RIB/FIB , LIB/LFIB CEF ?
Check the diagram for : RIB/FIB & LIB/LFIB
BGP & MPLS WALKTHROUGH
77
Diagram 19: (LIB/LFIB)
either it is label/unlabelled packet forwarding decision taken place with cef entry.
Diagram 20:
let us check some output on R2 on the given diagram:
for RIB: sh ip ospf 1 rib
BGP & MPLS WALKTHROUGH
78
for FIB
R2#sh ip route ospf 1
1.0.0.0/32 is subnetted, 1 subnets
O 1.1.1.1 [110/11] via 10.1.12.1, 00:45:34, FastEthernet0/0
3.0.0.0/32 is subnetted, 1 subnets
O 3.3.3.3 [110/11] via 10.1.23.3, 00:23:18, FastEthernet0/1
for LIB
R2#sh mpls ldp bindings
tib entry: 1.1.1.1/32, rev 2
local binding: tag: 18
remote binding: tsr: 1.1.1.1:0, tag: imp-null
remote binding: tsr: 3.3.3.3:0, tag: 22
tib entry: 2.2.2.2/32, rev 4
local binding: tag: imp-null
remote binding: tsr: 1.1.1.1:0, tag: 500
remote binding: tsr: 3.3.3.3:0, tag: 23
tib entry: 3.3.3.3/32, rev 6
local binding: tag: 19
remote binding: tsr: 1.1.1.1:0, tag: 502
remote binding: tsr: 3.3.3.3:0, tag: imp-null
tib entry: 10.1.12.0/24, rev 8
local binding: tag: imp-null
remote binding: tsr: 1.1.1.1:0, tag: imp-null
remote binding: tsr: 3.3.3.3:0, tag: 24
tib entry: 10.1.23.0/24, rev 10
local binding: tag: imp-null
remote binding: tsr: 1.1.1.1:0, tag: 501
remote binding: tsr: 3.3.3.3:0, tag: imp-null
for LFIB
R2#sh mpls forwarding-table
Local Outgoing Prefix Bytes tag Outgoing Next Hop
tag tag or VC or Tunnel Id switched interface
18 Pop tag 1.1.1.1/32 0 Fa0/0 10.1.12.1
19 Pop tag 3.3.3.3/32 0 Fa0/1 10.1.23.3
for particular CEF entry:
BGP & MPLS WALKTHROUGH
79
R2#sh ip cef 1.1.1.1 detail
1.1.1.1/32, version 20, epoch 0, cached adjacency 10.1.12.1
0 packets, 0 bytes
tag information set
local tag: 18
via 10.1.12.1, FastEthernet0/0, 0 dependencies
next hop 10.1.12.1, FastEthernet0/0
valid cached adjacency
tag rewrite with Fa0/0, 10.1.12.1, tags imposed: {}
15. What are different type of labels used in MPLS ?
Pop—The top label is removed. The packet is forwarded with the remaining label stack or as an unlabeled
packet.
Swap—The top label is removed and replaced with a new label.
Push—The top label is replaced with a new label (swapped), and one or more labels are added (pushed)
on top of the swapped label.
Untagged/No Label—The stack is removed, and the packet is forwarded unlabeled.
Aggregate—The label stack is removed, and an IP lookup is done on the IP packet.
BGP & MPLS WALKTHROUGH
80
MPLS CHAPTER 5
QUESIONS :
16. How do you view the advertised transport address ?
17. What command changes the LDP router-id ?
18. When & how would you change the advertised transport address ?
19. What is MPLS label format ?
SOLUTIONS :
16. How do you view the advertised transport address ?
17. What command changes the LDP router-id ?
18. When & how would you change the advertised transport address ?
follow our diagram:
Diagram 21:
FOR ROUTER -ID
1. configured
2. highest loopback interface
3. highest physical interface
R2#sh mpls ldp discovery detail
Local LDP Identifier:
2.2.2.2:0
Discovery Sources:
Interfaces:
FastEthernet0/0 (ldp): xmit/recv
Enabled: Interface config
Hello interval: 5000 ms; Transport IP addr: 2.2.2.2
LDP Id: 1.1.1.1:0
Src IP addr: 10.1.12.1; Transport IP addr: 1.1.1.1
BGP & MPLS WALKTHROUGH
81
Hold time: 15 sec; Proposed local/peer: 15/15 sec
Reachable via 1.1.1.1/32
FastEthernet0/1 (ldp): xmit/recv
Enabled: Interface config
Hello interval: 5000 ms; Transport IP addr: 2.2.2.2
LDP Id: 3.3.3.3:0
Src IP addr: 10.1.23.3; Transport IP addr: 3.3.3.3
Hold time: 15 sec; Proposed local/peer: 15/15 sec
Reachable via 3.3.3.3/32
R2#sh ip route ospf
1.0.0.0/32 is subnetted, 1 subnets
O 1.1.1.1 [110/11] via 10.1.12.1, 00:07:49, FastEthernet0/0
3.0.0.0/32 is subnetted, 1 subnets
O 3.3.3.3 [110/11] via 10.1.23.3, 00:07:49, FastEthernet0/1
For R2 local label is 2.2.2.2 remot labels are 1.1.1.1 & 2.2.2.2 which has IGP routes.
for f0/0 transport address 1.1.1.1
for f0/1 transport address 2.2.2.2
Let us traceroute from R1 to R3 loopback :
R1#traceroute 3.3.3.3 source 1.1.1.1
Type escape sequence to abort.
Tracing the route to 3.3.3.3
1 10.1.12.2 [MPLS: Label 17 Exp 0] 44 msec 60 msec 36 msec
2 10.1.23.3 40 msec * 64 msec
if follow the LSP path :
now create new loopback on R2 make this router-id for MPLS path, and do not advertise
into the IGP domain.
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#int l2
R2(config-if)#ip add 22.2.2.2 255.255.255.255
R2(config-if)#exit
R2(config)#mpls ldp router-id loopback 2 force
and then check the transport-address :
R2#sh mpls ldp discovery detail
Local LDP Identifier:
22.2.2.2:0
Discovery Sources:
Interfaces:
FastEthernet0/0 (ldp): xmit/recv
Enabled: Interface config
Hello interval: 5000 ms; Transport IP addr: 22.2.2.2
LDP Id: 1.1.1.1:0
Src IP addr: 10.1.12.1; Transport IP addr: 1.1.1.1
Hold time: 15 sec; Proposed local/peer: 15/15 sec
Reachable via 1.1.1.1/32
BGP & MPLS WALKTHROUGH
82
FastEthernet0/1 (ldp): xmit/recv
Enabled: Interface config
Hello interval: 5000 ms; Transport IP addr: 22.2.2.2
LDP Id: 3.3.3.3:0
Src IP addr: 10.1.23.3; Transport IP addr: 3.3.3.3
Hold time: 15 sec; Proposed local/peer: 15/15 sec
Reachable via 3.3.3.3/32
So R-ID and transport address has been changed do the tracerout from the R1-R3 loopback
now you can see it does not follow the LSP(mpls) path. ?????
now advertise loopback into ospf on R2
R2(config)#router ospf 1
R2(config-router)#net 22.2.2.2 0.0.0.0 ar 0
R2(config-router)#
*Mar 1 01:13:55.683: %LDP-5-NBRCHG: LDP Neighbor 3.3.3.3:0 (1) is UP
R2(config-router)#
*Mar 1 01:13:56.951: %LDP-5-NBRCHG: LDP Neighbor 1.1.1.1:0 (2) is UP
R1#
*Mar 1 01:13:47.903: %LDP-5-NBRCHG: LDP Neighbor 22.2.2.2:0 (1) is UP
R1#traceroute 3.3.3.3 source 1.1.1.1
Type escape sequence to abort.
Tracing the route to 3.3.3.3
1 10.1.12.2 [MPLS: Label 17 Exp 0] 60 msec 40 msec 44 msec
2 10.1.23.3 56 msec * 48 msec
now it follow the LSP(mpls path) WoW !!!!
19. What is MPLS label format ?
mpls label format:
20 bit label : locally significant to router
3 bit Exp = class of service
S bit = defines last label in the label stack
8 bit TTL
BGP & MPLS WALKTHROUGH
83
MPLS CHAPTER 6
QUUESTIONS :
20. In MPLS L3VPN how do the customer & provider share routes ?
21. Why does a PE have a VRF for each customer ? What is VRF ?
22. Which protocol is used between PE's to advertise VPNv4 routes ?
Solution :
20. In MPLS L3VPN how do the customer & provider share routes ?
21. Why does a PE have a VRF for each customer ? What is VRF ?
HOW MPLS L3VPNs Work
. MPLS L3VPNs have two basic components
. Separation of Customer routing information
-Virtual Routing & Forwarding VRF instance
- Customers have different "virtual" routing tables
. Exchange of customer routing information
- MP-BGP over the MPLS network
- Traffic is label switched towards BGP next-hops
VRF
. each VRF has its own routing table
- show ip route vrf [name | * ]
. Interfaes not in a VRF are in the global table
- show ip route
. VRF and global routes are separate
- implies addressing can overlap in different VRFs
- implies VRFs cant talk to each other because they have no
routes to each other
. VRFs without MPLS is considered "VRF Lite"
PE routers stores routing table of all the customers:
as shown in diagram:
BGP & MPLS WALKTHROUGH
84
Diagram 22:
22. Which protocol is used between PE's to advertise VPNv4 routes ?
Multiprotocol BGP
. RFC 4364 "BGP/MPLS IP Virtual Private Networks (VPNs) "
- MP-BGP define AFI & SAFI 128 as VPN-iPv4 or VPNv4
BGP & MPLS WALKTHROUGH
85
MPLS CHAPTER 7
QUESTIONS :
23. What command is used to enter the "VPNv4 Section" of BGP ?
24. What is use of Extended Community ?
25. Why would you activate VPNv4 capability with an iBGP peer ?
26. What are to commands to activate VPNv4 feature ?
Solution:
23. What command is used to enter the "VPNv4 Section" of BGP ?
24. What is use of Extended Community ?
- VPNv4 Route
. RD + Prefix makes VPN routes globally unique
- MPLS VPN label
. PE routers exchange label for each customer route via VPNv4
- Transport Label
. Label towards PE's BGP next-hop
VPNv4 bgp has two jobs to get the label information , remote label
information.
payload information:
|transport lable|vpn label|IP | TCP | WWW |
(which PE) (which cust)
Route distinguiser (RD)
- ASN:nn or IP-addres:nn
vrf rd are locally significant to give them globally significance
we are using route-targets.
VPNv4 Route Target:
. 8 byte field per RFC 4360 "BGP Extended Communities Attribute"
. Format Similar to route distinguisher
- ASN:nn or IP-addres:nn
. VPNv4 speakers only accept VPNv4 routes with a route-target matching
a local VRF
- Route reflection exception
- no bgp default route-target filter
Controlling VPNv4 Routes:
. Route distinguisher used solely to make route unique
. New BGP extended Community "route-target" used to control
what enters/exits VRF table
. "export" route-target vrf ----> bgp
. "import" vrf <----- bgp
. Allows granular control over what sites have what routes
- import map & export map allow control on a per prefix basis
BGP & MPLS WALKTHROUGH
86
26. What are to commands to activate VPNv4 feature ?
In diagram let us enable VPNv4 on both PE's
Diagram:23
on PE-R1
PE0R1#sh run | se bgp
!
router bgp 100
no synchronization
bgp log-neighbor-changes
neighbor 3.3.3.3 remote-as 100
neighbor 3.3.3.3 update-source Loopback1
no auto-summary
!
address-family vpnv4
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community extended
exit-address-family
!
BGP & MPLS WALKTHROUGH
87
on PE-R3
PE0R3#sh run | se bgp
!
router bgp 100
no synchronization
bgp log-neighbor-changes
neighbor 1.1.1.1 remote-as 100
neighbor 1.1.1.1 update-source Loopback1
no auto-summary
!
address-family vpnv4
neighbor 1.1.1.1 activate
neighbor 1.1.1.1 send-community extended
exit-address-family
some more verification commands:
PE0R1#sh ip bgp neighbors | se capabilities
Neighbor capabilities:
Route refresh: advertised and received(old & new)
Address family IPv4 Unicast: advertised and received
Address family VPNv4 Unicast: advertised and received
# sh control-plan host open-ports
BGP & MPLS WALKTHROUGH
88
MPLS CHAPTER 8
Questions:
27. What keeps your customers routes unique from each other in mBGP ?
28. How do you assign a PE interface to a VRF ?
Solution:
VRF Name R1-PE R3-PE
Cust_site1 101:Cust_site1 101:Cust_site1
Cust_site2 102:Cust_site2 102:Cust_site2
Route Distinguisher
Cust_site1 1.1.1.1:1 3.3.3.3:1
Cust_site2 1.1.1.1:2 3.3.3.3:2
Route Targets
Cust_site1 export 1.1.1.1:101 3.3.3.3:101
Cust_site1 import 3.3.3.3:101 1.1.1.1:101
Cust_site2 export 1.1.1.1:102 3.3.3.3:102
Cust_site2 import 3.3.3.3:102 1.1.1.1:102
Attached interface :
Attached interfaces:
Cust_site1 fa0/1 s0/0
Cust_site2 s0/0 f0/0
Flow of traffic: CE-CE
CE Advertised route -> ipv4 route sent from CE to PE ->Recieved on VRF->
-> Exported to BGP as VPNv4 route with RD/RT -> send PE to PE ->
Imported into VRF based on RT -> IPv4 Route sent from PE to CE -> CE learnd route
BGP & MPLS WALKTHROUGH
89
Let us start the Lab:
How to enable vrf & assign to particular interface:
With our Diagram:
Diagram 24:
PE0R1(config)#ip vrf Cust_site1
PE0R1(config-vrf)#rd 1.1.1.1:1
PE0R1(config-vrf)#route-target export 1.1.1.1:101
PE0R1(config-vrf)#route-target import 3.3.3.3:101
PE0R1(config)#ip vrf Cust_site2
PE0R1(config-vrf)#rd 1.1.1.1:2
PE0R1(config-vrf)#route-target export 1.1.1.1:102
PE0R1(config-vrf)#route-target import 3.3.3.3:102
PE0R1#sh ip vrf
Name Default RD Interfaces
Cust_site1 1.1.1.1:1
Cust_site2 1.1.1.1:2
PE0R1#sh run | se ip vrf
!
ip vrf Cust_site1
rd 1.1.1.1:1
route-target export 1.1.1.1:101
route-target import 3.3.3.3:101
!
ip vrf Cust_site2
rd 1.1.1.1:2
route-target export 1.1.1.1:102
route-target import 3.3.3.3:102
PE0R1#! Assign to particular interface
BGP & MPLS WALKTHROUGH
90
PE0R1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
PE0R1(config)#int fa0/1
PE0R1(config-if)#ip vrf forwarding Cust_site1
% Interface FastEthernet0/1 IP address 10.1.14.1 removed due to enabling VRF Cust_site1
PE0R1(config-if)#ip add 10.1.14.1 255.255.255.0
PE0R1(config-if)#int s0/0
PE0R1(config-if)#ip vrf forwarding Cust_site2
% Interface Serial0/0 IP address 10.1.15.1 removed due to enabling VRF Cust_site2
PE0R1(config-if)#ip add 10.1.15.1 255.255.255.0
PE0R1(config-if)#do sh ip vrf
Name Default RD Interfaces
Cust_site1 1.1.1.1:1 Fa0/1
Cust_site2 1.1.1.1:2 Se0/0
PE0R3(config)#ip vrf Cust_site1
PE0R3(config-vrf)#rd 3.3.3.3:1
PE0R3(config-vrf)#route-target import 1.1.1.1:101
PE0R3(config-vrf)#route-target export 3.3.3.3:101
PE0R3(config-vrf)#ip vrf Cust_site2
PE0R3(config-vrf)#rd 3.3.3.3:2
PE0R3(config-vrf)#route-target import 1.1.1.1:102
PE0R3(config-vrf)#route-target export 3.3.3.3:102
PE0R3(config-vrf)#int s0/0
PE0R3(config-if)#ip vrf forwarding Cust_site1
% Interface Serial0/0 IP address 10.1.36.3 removed due to enabling VRF Cust_site1
PE0R3(config-if)#ip add 10.1.36.3 255.255.255.0
PE0R3(config-if)#int fa0/0
PE0R3(config-if)#ip vrf forwarding Cust_site2
% Interface FastEthernet0/0 IP address 10.1.37.3 removed due to enabling VRF Cust_site2
PE0R3(config-if)#ip add 10.1.37.3 255.255.255.0
PE0R3(config-if)#no sh
PE0R3(config-if)#do sh ip vrf
Name Default RD Interfaces
Cust_site1 3.3.3.3:1 Se0/0
Cust_site2 3.3.3.3:2 Fa0/0
BGP & MPLS WALKTHROUGH
91
PE0R3#sh ip vrf detail
VRF Cust_site1; default RD 3.3.3.3:1; default VPNID <not set>
Interfaces:
Se0/0
Connected addresses are not in global routing table
Export VPN route-target communities
RT:3.3.3.3:101
Import VPN route-target communities
RT:1.1.1.1:101
No import route-map
No export route-map
VRF label distribution protocol: not configured
VRF Cust_site2; default RD 3.3.3.3:2; default VPNID <not set>
Interfaces:
Fa0/0
Connected addresses are not in global routing table
Export VPN route-target communities
RT:3.3.3.3:102
Import VPN route-target communities
RT:1.1.1.1:102
No import route-map
No export route-map
VRF label distribution protocol: not configured
BGP & MPLS WALKTHROUGH
92
MPLS CHAPTER 9
QUESTIONS :
29. Which command shows you the routes inside the VRF ?
30. What does 'address-family ipv4' mean within EIGRP & RIP ?
31. How do you link an OSPF process to a specific VRF ?
Solutions:
Refer the diagram below:
Diagram 25:
29. Which command shows you the routes inside the VRF ?
PE0R1#sh ip route vrf Cust_site1
Routing Table: Cust_site1
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
4.0.0.0/32 is subnetted, 1 subnets
O 4.4.4.1 [110/11] via 10.1.14.4, 00:13:56, FastEthernet0/1
10.0.0.0/24 is subnetted, 1 subnets
C 10.1.14.0 is directly connected, FastEthernet0/1
BGP & MPLS WALKTHROUGH
93
PE0R1#sh ip route vrf Cust_site2
Routing Table: Cust_site2
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
5.0.0.0/32 is subnetted, 1 subnets
D 5.5.5.1 [90/2297856] via 10.1.15.5, 00:07:50, Serial0/0
7.0.0.0/32 is subnetted, 1 subnets
B 7.7.7.1 [200/0] via 3.3.3.3, 00:04:47
10.0.0.0/24 is subnetted, 2 subnets
C 10.1.15.0 is directly connected, Serial0/0
B 10.1.37.0 [200/0] via 3.3.3.3, 00:04:47
30. What does 'address-family ipv4' mean within EIGRP & RIP ?
PE0R1#sh run | se eigrp
router eigrp 1
auto-summary
!
address-family ipv4 vrf Cust_site2
network 10.0.0.0
no auto-summary
autonomous-system 15
exit-address-family
PE0R3#sh run | se rip
router rip
version 2
!
address-family ipv4 vrf Cust_site1
network 10.0.0.0
no auto-summary
exit-address-family
BGP & MPLS WALKTHROUGH
94
31. How do you link an OSPF process to a specific VRF ?
32. How to enable BGP within address-family ?
router ospf 101 vrf Cust_site1
log-adjacency-changes
network 10.1.14.0 0.0.0.255 area 0
32. How to enable BGP within address-family ?
PE0R3#sh run | se bgp
router bgp 100
no synchronization
bgp log-neighbor-changes
neighbor 1.1.1.1 remote-as 100
neighbor 1.1.1.1 update-source Loopback1
no auto-summary
!
address-family vpnv4
neighbor 1.1.1.1 activate
neighbor 1.1.1.1 send-community extended
neighbor 1.1.1.1 next-hop-self
exit-address-family
!
address-family ipv4 vrf Cust_site2
neighbor 10.1.37.7 remote-as 200
neighbor 10.1.37.7 activate
no synchronization
exit-address-family
!
BGP & MPLS WALKTHROUGH
95
MPLS CHAPTER 10
QUESTIONS:
33. Why is redistribution needed in MPLS L3VPN ?
34. When is a RD, RT and VPN label added to a route ?
35. In BGP configuration are you causing an Import or Export ?
Solution :
33. Why is redistribution needed in MPLS L3VPN ?
--> For the Communication of VRF aware routes of PE to global routes of
CE we are doing redistribution.
34. When is a RD, RT and VPN label added to a route ?
CE Advertised route -> ipv4 route sent from CE to PE ->Recieved on VRF->
-> Exported to BGP as VPNv4 route with RD/RT -> send PE to PE ->
Imported into VRF based on RT -> IPv4 Route sent from PE to CE -> CE learnd route
--> when routes Reaches from CE to PE , PE export routes to MPBGP with
Local RD , RT(export) and send to other PE router.
35. In BGP configuration are you causing an Import or Export ?
--> It depends upon which MPLS topology we are using :
VPNv4 routes can have more than one route target
allows for complex VPN topologies
full mesh
import and export same everywhere
hub and spoke
spokes import only hubs routes
Central services
Multiple VPNs can import from a central site or from a central serv
Managment VPNs
Management Loopback on CE routers can be exported into special
management VPN.
Let us do it with our example:
BGP & MPLS WALKTHROUGH
96
Diagram 26:
PE0R1 CONFIG :
PE0R1#sh run | se ospf
router ospf 101 vrf Cust_site1
log-adjacency-changes
redistribute bgp 100 metric 555 subnets
network 10.1.14.0 0.0.0.255 area 0
router ospf 1
log-adjacency-changes
network 0.0.0.0 255.255.255.255 area 0
redistribute ospf 101 vrf Cust_site1
PE0R1#sh run | se eigrp
router eigrp 1
auto-summary
!
address-family ipv4 vrf Cust_site2
redistribute bgp 100 metric 1 1 1 1 1
network 10.0.0.0
no auto-summary
autonomous-system 15
exit-address-family
router eigrp 15
auto-summary
redistribute eigrp 15
PE0R1#sh run | se bgp
redistribute bgp 100 metric 1 1 1 1 1
redistribute bgp 100 metric 555 subnets
router bgp 100
no synchronization
BGP & MPLS WALKTHROUGH
97
bgp log-neighbor-changes
neighbor 3.3.3.3 remote-as 100
neighbor 3.3.3.3 update-source Loopback1
no auto-summary
!
address-family vpnv4
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community extended
exit-address-family
!
address-family ipv4 vrf Cust_site2
redistribute eigrp 15
no synchronization
exit-address-family
!
address-family ipv4 vrf Cust_site1
redistribute ospf 101 vrf Cust_site1
no synchronization
exit-address-family
PE0R1#sh bgp vpnv4 unicast vrf Cust_site1
BGP table version is 17, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 1.1.1.1:1 (default for vrf Cust_site1)
*> 4.4.4.1/32 10.1.14.4 11 32768 ?
*>i6.6.6.1/32 3.3.3.3 1 100 0 ?
*> 10.1.14.0/24 0.0.0.0 0 32768 ?
*>i10.1.36.0/24 3.3.3.3 0 100 0 ?
PE0R1#sh bgp vpnv4 unicast vrf Cust_site1 4.4.4.1/32
BGP routing table entry for 1.1.1.1:1:4.4.4.1/32, version 8
Paths: (1 available, best #1, table Cust_site1)
Advertised to update-groups:
1
Local
10.1.14.4 from 0.0.0.0 (1.1.1.1)
Origin incomplete, metric 11, localpref 100, weight 32768, valid, sourced, best
Extended Community: OSPF DOMAIN ID:0x0005:0x000000650200 RT:1.1.1.1:101
OSPF RT:0.0.0.0:2:0 OSPF ROUTER ID:10.1.14.1:0
mpls labels in/out 503/nolabel
PE0R1#sh bgp vpnv4 unicast vrf Cust_site1 6.6.6.1/32
BGP routing table entry for 1.1.1.1:1:6.6.6.1/32, version 16
Paths: (1 available, best #1, table Cust_site1)
Not advertised to any peer
Local, imported path from 3.3.3.3:1:6.6.6.1/32
3.3.3.3 (metric 21) from 3.3.3.3 (3.3.3.3)
Origin incomplete, metric 1, localpref 100, valid, internal, best
Extended Community: RT:3.3.3.3:101
BGP & MPLS WALKTHROUGH
98
mpls labels in/out nolabel/21
FOR ROUTER PE0R3:
PE0R3#sh run | se rip
router rip
version 2
!
address-family ipv4 vrf Cust_site1
redistribute bgp 100 metric 3
network 10.0.0.0
no auto-summary
exit-address-family
redistribute rip
PE0R3#sh run | se bgp
redistribute bgp 100 metric 3
router bgp 100
no synchronization
bgp log-neighbor-changes
neighbor 1.1.1.1 remote-as 100
neighbor 1.1.1.1 update-source Loopback1
no auto-summary
!
address-family vpnv4
neighbor 1.1.1.1 activate
neighbor 1.1.1.1 send-community extended
neighbor 1.1.1.1 next-hop-self
exit-address-family
!
address-family ipv4 vrf Cust_site2
neighbor 10.1.37.7 remote-as 200
neighbor 10.1.37.7 activate
no synchronization
exit-address-family
!
address-family ipv4 vrf Cust_site1
redistribute rip
no synchronization
exit-address-family
PE0R3#sh bgp vpnv4 unicast vrf Cust_site1
BGP table version is 16, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 3.3.3.3:1 (default for vrf Cust_site1)
*>i4.4.4.1/32 1.1.1.1 11 100 0 ?
*> 6.6.6.1/32 10.1.36.6 1 32768 ?
*>i10.1.14.0/24 1.1.1.1 0 100 0 ?
BGP & MPLS WALKTHROUGH
99
*> 10.1.36.0/24 0.0.0.0 0 32768 ?
PE0R3#sh bgp vpnv4 unicast vrf Cust_site2
BGP table version is 16, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 3.3.3.3:2 (default for vrf Cust_site2)
*>i5.5.5.1/32 1.1.1.1 2297856 100 0 ?
*> 7.7.7.1/32 10.1.37.7 0 0 200 ?
*>i10.1.15.0/24 1.1.1.1 0 100 0 ?
r> 10.1.37.0/24 10.1.37.7 0 0 200 ?
PE0R3#sh bgp vpnv4 unicast vrf Cust_site2 5.5.5.1/32
BGP routing table entry for 3.3.3.3:2:5.5.5.1/32, version 11
Paths: (1 available, best #1, table Cust_site2)
Advertised to update-groups:
1
Local, imported path from 1.1.1.1:2:5.5.5.1/32
1.1.1.1 (metric 21) from 1.1.1.1 (1.1.1.1)
Origin incomplete, metric 2297856, localpref 100, valid, internal, best
Extended Community: RT:1.1.1.1:102
Cost:pre-bestpath:128:2297856 (default-2145185791) 0x8800:32768:0
0x8801:15:640000 0x8802:65281:1657856 0x8803:65281:1500
mpls labels in/out nolabel/505
PE0R3#sh bgp vpnv4 unicast vrf Cust_site2 7.7.7.1/32
BGP routing table entry for 3.3.3.3:2:7.7.7.1/32, version 2
Paths: (1 available, best #1, table Cust_site2)
Advertised to update-groups:
2
200
10.1.37.7 from 10.1.37.7 (7.7.7.1)
Origin incomplete, metric 0, localpref 100, valid, external, best
Extended Community: RT:3.3.3.3:102
mpls labels in/out 19/nolabel
BGP & MPLS WALKTHROUGH
100
MPLS CHAPTER 11 (TROUBLESHOOTING & FULL CONFIG )
In this blog you will get full config & troubleshooting steps:
Points:
1. VRF ( RD , RT import -- RT export )
2. Assign VRF
3. Enable VRF aware Routing Process
4. VPNv4 Peers ( PE routers redistibuted routes)
5. Redistribution
Troubleshooting of mpls vpn
we check the control plan & data plan
sh ip vrf
sh ip vrf detail
- we can check the import and export
sh ip route vrf Cust_site1
- checking routes are coming or not
sh bgp vpnv4 unicast vrf Cust_site2
- it is redistributed on bgp or not
sh bgp vpnv4 unicast vrf Cust_site1 4.4.4.1/32
attributes of vrf
debug mpls packates
sh bgp vpnv4 unicast all
sh bgp vpnv4 unicast all 4.4.4.1/32
sh mpls interfaces
To check the mpls labels :
trasport label| vpnv4 label| payload
which PE which Customer
26|25|icmp
25 is vpnv4 label not changed . it will changed at PE router.
sh ip bgp vpnv4 rd 1.1.1.1:1 labels
sh ip bgp vpnv4 rd 1.1.1.1:2 labels
sh bgp vpnv4 unicast vrf Cust_site1 labels
sh bgp vpnv4 unicast vrf Cust_site2 labels
sh ip cef vrf Cust_site1 4.4.4.1
sh ip cef vrf Cust_site1 6.6.6.1
PE0R1#sh ip cef vrf Cust_site1 6.6.6.1
6.6.6.1/32, version 22, epoch 0, cached adjacency 10.1.12.2
0 packets, 0 bytes
tag information set
local tag: VPN-route-head
fast tag rewrite with Fa0/0, 10.1.12.2, tags imposed: {16 21}
via 3.3.3.3, 0 dependencies, recursive
next hop 10.1.12.2, FastEthernet0/0 via 3.3.3.3/32
BGP & MPLS WALKTHROUGH
101
valid cached adjacency
tag rewrite with Fa0/0, 10.1.12.2, tags imposed: {16 21}
{16 21} here : 16 is top label and 21 is vpn label .
===============================================================
config file of this lab:
Diagram 27:
----- Config----
!
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname PE0R1
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
ip cef
BGP & MPLS WALKTHROUGH
102
!
!
!
!
ip vrf Cust_site1
rd 1.1.1.1:1
route-target export 1.1.1.1:101
route-target import 3.3.3.3:101
!
ip vrf Cust_site2
rd 1.1.1.1:2
route-target export 1.1.1.1:102
route-target import 3.3.3.3:102
!
no ip domain lookup
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
mpls label range 500 599
!
!
interface Loopback1
ip address 1.1.1.1 255.255.255.255
!
interface FastEthernet0/0
ip address 10.1.12.1 255.255.255.0
duplex auto
speed auto
mpls ip
!
interface Serial0/0
ip vrf forwarding Cust_site2
ip address 10.1.15.1 255.255.255.0
clock rate 2000000
!
interface FastEthernet0/1
ip vrf forwarding Cust_site1
ip address 10.1.14.1 255.255.255.0
duplex auto
speed auto
!
interface Serial0/1
no ip address
shutdown
BGP & MPLS WALKTHROUGH
103
clock rate 2000000
!
router eigrp 1
auto-summary
!
address-family ipv4 vrf Cust_site2
redistribute bgp 100 metric 1 1 1 1 1
network 10.0.0.0
no auto-summary
autonomous-system 15
exit-address-family
!
router eigrp 15
auto-summary
!
router ospf 101 vrf Cust_site1
log-adjacency-changes
redistribute bgp 100 metric 555 subnets
network 10.1.14.0 0.0.0.255 area 0
!
router ospf 1
log-adjacency-changes
network 0.0.0.0 255.255.255.255 area 0
!
router bgp 100
no synchronization
bgp log-neighbor-changes
neighbor 3.3.3.3 remote-as 100
neighbor 3.3.3.3 update-source Loopback1
no auto-summary
!
address-family vpnv4
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community extended
exit-address-family
!
address-family ipv4 vrf Cust_site2
redistribute eigrp 15
no synchronization
exit-address-family
!
address-family ipv4 vrf Cust_site1
redistribute ospf 101 vrf Cust_site1
no synchronization
BGP & MPLS WALKTHROUGH
104
exit-address-family
!
ip forward-protocol nd
!
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0 4
login
!
!
end
============================================
!
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname P0R2
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
ip cef
!
!
!
!
interface Loopback1
ip address 2.2.2.2 255.255.255.255
!
interface FastEthernet0/0
ip address 10.1.12.2 255.255.255.0
duplex auto
speed auto
mpls ip
!
BGP & MPLS WALKTHROUGH
105
interface FastEthernet0/1
ip address 10.1.23.2 255.255.255.0
duplex auto
speed auto
mpls ip
!
router ospf 1
log-adjacency-changes
network 0.0.0.0 255.255.255.255 area 0
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0 4
login
!
!
end
==================================================
!
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname PE0R3
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
ip cef
!
!
BGP & MPLS WALKTHROUGH
106
!
!
ip vrf Cust_site1
rd 3.3.3.3:1
route-target export 3.3.3.3:101
route-target import 1.1.1.1:101
!
ip vrf Cust_site2
rd 3.3.3.3:2
route-target export 3.3.3.3:102
route-target import 1.1.1.1:102
!
no ip domain lookup
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
!
interface Loopback1
ip address 3.3.3.3 255.255.255.255
!
interface FastEthernet0/0
ip vrf forwarding Cust_site2
ip address 10.1.37.3 255.255.255.0
duplex auto
speed auto
!
interface Serial0/0
ip vrf forwarding Cust_site1
ip address 10.1.36.3 255.255.255.0
clock rate 2000000
!
interface FastEthernet0/1
ip address 10.1.23.3 255.255.255.0
duplex auto
speed auto
mpls ip
!
interface Serial0/1
no ip address
shutdown
clock rate 2000000
!
router ospf 1
log-adjacency-changes
BGP & MPLS WALKTHROUGH
107
network 0.0.0.0 255.255.255.255 area 0
!
router rip
version 2
!
address-family ipv4 vrf Cust_site1
redistribute bgp 100 metric 3
network 10.0.0.0
no auto-summary
exit-address-family
!
router bgp 100
no synchronization
bgp log-neighbor-changes
neighbor 1.1.1.1 remote-as 100
neighbor 1.1.1.1 update-source Loopback1
no auto-summary
!
address-family vpnv4
neighbor 1.1.1.1 activate
neighbor 1.1.1.1 send-community extended
neighbor 1.1.1.1 next-hop-self
exit-address-family
!
address-family ipv4 vrf Cust_site2
neighbor 10.1.37.7 remote-as 200
neighbor 10.1.37.7 activate
no synchronization
exit-address-family
!
address-family ipv4 vrf Cust_site1
redistribute rip
no synchronization
exit-address-family
!
ip forward-protocol nd
!
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0 4
login
BGP & MPLS WALKTHROUGH
108
!
!
end
====================================================
!
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R4
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
ip cef
!
!
interface Loopback1
ip address 4.4.4.1 255.255.255.255
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 10.1.14.4 255.255.255.0
duplex auto
speed auto
!
router ospf 1
log-adjacency-changes
network 4.4.4.1 0.0.0.0 area 0
network 10.1.14.0 0.0.0.255 area 0
!
ip forward-protocol nd
!
!
BGP & MPLS WALKTHROUGH
109
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0 4
login
!
!
end
==================================================
!
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R5
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
ip cef
!
!
interface Loopback1
ip address 5.5.5.1 255.255.255.255
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/0
ip address 10.1.15.5 255.255.255.0
clock rate 2000000
!
interface FastEthernet0/1
no ip address
shutdown
BGP & MPLS WALKTHROUGH
110
duplex auto
speed auto
!
interface Serial0/1
no ip address
shutdown
clock rate 2000000
!
router eigrp 15
network 5.0.0.0
network 10.0.0.0
no auto-summary
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0 4
login
!
!
end
================================================
!
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R6
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
ip cef
!
!
interface Loopback1
ip address 6.6.6.1 255.255.255.255
!
BGP & MPLS WALKTHROUGH
111
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/0
ip address 10.1.36.6 255.255.255.0
clock rate 2000000
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/1
no ip address
shutdown
clock rate 2000000
!
router rip
version 2
network 6.0.0.0
network 10.0.0.0
no auto-summary
!
ip forward-protocol nd
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0 4
login
!
!
end
==============================================
!
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
BGP & MPLS WALKTHROUGH
112
no service password-encryption
!
hostname R7
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
ip cef
!
!
interface Loopback1
ip address 7.7.7.1 255.255.255.255
!
interface FastEthernet0/0
ip address 10.1.37.7 255.255.255.0
duplex auto
speed auto
!
interface Serial0/0
no ip address
shutdown
clock rate 2000000
!
router bgp 200
no synchronization
bgp log-neighbor-changes
redistribute connected
neighbor 10.1.37.3 remote-as 100
no auto-summary
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0 4
login
!
!
end
================================================
BGP & MPLS WALKTHROUGH
113
Acronyms and Abbreviations
This appendix identifies abbreviations, acronyms, and initialisms used in this book and in the
internetworking industry.
Acronym Expanded Term
3DES Triple DES
6-to-4 IPv6-to-IPv4
AAA Authentication, authorization, accounting
ABR Area Border Router
ACL access control list
ACS Access Control Server
AD advertised distance
ADSL asymmetric DSL
AES Advanced Encryption Standard
AfriNIC African Network Information Centre
AH Authentication Header
ALG application layer gateway
ANSI American National Standards Institute
AON Application-Oriented Networking
API application programming interface
APNIC Asia Pacific Network Information Center
ARCNET Attached Resource Comp. Net. Acronym Expanded Term
ARIN American Registry for Internet Numbers
ARP Address Resolution Protocol
AS autonomous system
ASA Adaptive Security Appliance
ASBR Autonomous System Boundary Router
ATM Asynchronous Transfer Mode
AToM Any Transport over MPLS
BDR Backup Designated Router
BGP Border Gateway Protocol
BGPv4 or BGP-4 BGP Version 4
BIS Bump-in-the-Stack
BPDU bridge protocol data unit
bps bits per second
BRI Basic Rate Interface
BSCI Building Scalable Cisco Internetworks
CATV community antenna television
CBAC context-based access control
CCDP Cisco Certified Design Professional
CCNA Cisco Certified Network Associate
CCNP Cisco Certified Network Professional
CCSP Cisco Certified Security Professional
BGP & MPLS WALKTHROUGH
114
CDP Cisco Discovery Protocol
CE Customer Edge
CEF Cisco Express Forwarding
CEFv6 Cisco Express Forwarding for IPv6
CIDR classless interdomain routing
CIR committed information rate
CMTS Cable modem termination system
CO Central office
CoS class of service
CPE customer provider edge customer premise equipment
CPU central processing unit
CSM Cisco Security Manager
CSMA/CD carrier sense multiple access collision detect
DAD Duplicate address detection Acronym Expanded Term
DBD database description packets
DDP database description packets
DES Data Encryption Standard
DESGN Designing for Cisco Internetwork Solutions
DHCP Dynamic Host Configuration Protocol
DHCPv6 DHCP for IPv6
DiffServ Differentiated Services
DLCI data-link connection identifier
DMVPN Dynamic multipoint VPN
DNA DoNotAge
DNS Domain Name Service or Domain Name System
DoD Department of Defense
DR designated router
DSL digital subscriber line
DSLAM DSL access multiplexer
DUAL Diffusing Update Algorithm
E1 External Type 1
E2 External Type 2
EAP Extensible Authentication Protocol
EBGP External BGP
e-bit external bit
EGP Exterior Gateway Protocol
EIGRP Enhanced Interior Gateway Routing Protocol
EoMPLS Ethernet over MPLS
ESP Encapsulating Security Payload
EUI-64 extended universal identifier 64-bit
FD feasible distance
FCAPS Fault, Configuration, Accounting, Performance, and
Security
FDDI Fiber Distributed Data Interface
BGP & MPLS WALKTHROUGH
115
FEC forwarding equivalence class
FIB Forwarding Information Base
FLSM fixed-length subnet mask
FS feasible successor
FTP File Transfer Protocol
Gbps gigabits per second
GET Group encrypted transport
GRE Generic Routing Encapsulation
HDLC High-Level Data Link Control
HFC hybrid fiber-coaxial
HSRP Hot Standby Router Protocol
HTTP Hypertext Transfer Protocol
Hz hertz
IANA Internet Assigned Numbers Authority
IBGP Internal BGP
ICMP Internet Control Message Protocol
ID identifier
IDP initial domain part
IDRP Interdomain Routing Protocol
IEEE Institute of Electrical and Electronics Engineers
IETF Internet Engineering Task Force
IGMP Internet Group Management Protocol
IGP Interior Gateway Protocol
IGRP Interior Gateway Routing Protocol
IIN Intelligent Information Network
IKE Internet Key Exchange
IntServ Integrated Services
IOS Internet Operating System
IP Internet Protocol
IPCP Internet Protocol Control Protocol
IPM Internetwork Performance Monitor
IPsec IP security
IPv4 IP Version 4
IPv6 IP Version 6
IPX Internetwork Packet Exchange
IS 1. information systems
2. intermediate system
ISAKMP Internet Security Association and Key
Management Protocol
ISATAP Intra-Site Automatic Tunnel Addressing
IS-IS Intermediate System-to-Intermediate System
IS-ISv6 IS-IS for IPv6
ISDN Integrated Services Digital Network
ISO International Organization for Standardization
BGP & MPLS WALKTHROUGH
116
ISP Internet service provider
ISR integrated services router
ITIL IT Infrastructure Library
ITU-T International Telecommunication Union
Telecommunication Standardization Sector kbps kilobits per second
L3 Level 3
LACNIC Latin American and Caribbean IP Address Regional
Registry
LAN local-area network
LANE LAN Emulation
LS link state
LSA link-state advertisement
LSAck link-state acknowledgment
LSDB link-state database
LSP link-state packet
LSR link-state request
LSU link-state update
M metric
MAC Media Access Control
MAN metropolitan-area network
MB megabyte
MBGP Multiprotocol BGP
Mbps megabits per second
MD5 message digest algorithm 5
MED Multi-Exit-Discriminator
MIB Management Information Base
MLD Multicast Listener Discovery
MOSPF Multicast OSPF
MP-BGP4 Multiprotocol Border Gateway Protocol Version 4
MPLS Multiprotocol Label Switching
MTU maximum transmission unit
NA Neighbor advertisement
NAC Network Admission Control
NAT Network Address Translation
NAT-T NAT Traversal
NAT-PT NAT-Protocol Translation
NBMA nonbroadcast multiaccess
NCP Network control protocol
ND Neighbor discovery
NLRI Network Layer Reachability Information
NMS Network Management System
NS Neighbor solicitation
NSSA not-so-stubby area
NTP Network Time Protocol
BGP & MPLS WALKTHROUGH
117
ODR on-demand routing
OER Optimized Edge Routing
OS operating system
OSI Open System Interconnection
OSPF Open Shortest Path First
OSPFv2 OSPF Version 2
OSPFv3 OSPF Version 3
OUI organizationally unique identifier
P2P Point-to-point
PAT Port Address Translation
PBR policy-based routing
PBX Private Branch Exchange
PDM protocol-dependent module
PDU protocol data unit
PE Provider Edge
POP point of presence
POTS plain old telephone service
PPDIOO Prepare, Plan, Design, Implement, Operate,
Optimize
PPP Point-to-Point Protocol
PPPoA PPP over ATM
PPPoE PPP over Ethernet
pps packets per second
PPTP Point-to-Point Tunneling Protocol
PRI Primary Rate Interface
PSTN public switched telephone network
PVC permanent virtual circuit
QoS quality of service
RA Router advertisement
RF Radio frequency
RFC Request For Comments
RIB Routing Information Base
RIP Routing Information Protocol
RIPE-NCC Réseaux IP Européens-Network Coordination
Center
RIPng Routing Information Protocol new generation
RIPv1 Routing Information Protocol Version 1
RIPv2 Routing Information Protocol Version 2
RIR Regional Internet registries
RPF Reverse Path Forwarding
RR route reflector
RRI reverse route injection
RS Router solicitation
RSVP Resource Reservation Protocol
BGP & MPLS WALKTHROUGH
118
RTO retransmit timeout
RTP Reliable Transport Protocol
RTT round-trip time
RTTMON Round-Trip Time Monitor
SA security association
SDSL Symmetric DSL
SHA Secure hash
SHDSL single-pair high-speed DSL
SIA stuck in active
SIN ships in the night
SLAs Service level agreements
SM source metric
SMTP Simple Mail Transfer Protocol
SNAP Subnetwork Access Protocol
SNMP Simple Network Management Protocol
SOHO small office/home office
SONA Service-Oriented Network Architecture
SP Service Provider
SPF shortest path first
SPT shortest path tree
SPX Sequenced Packet Exchange
SRTT smooth round-trip time
ssh secure shell
SSL Secure socket layer
STP 1. shielded twisted-pair
2. Spanning Tree Protocol
SVC switched virtual circuit
SYN Synchronize
TCP Transmission Control Protocol
TCP/IP Transmission Control Protocol/Internet
Protocol
TFTP Trivial File Transfer Protocol
TLV Type, Length, Value
TMN Telecommunications Management
Network
ToS type of service
TTL Time To Live
UDP User Datagram Protocol
U/L Universal/Local
URL Uniform Resource Locator
UTP unshielded twisted-pair
VC virtual circuit
VDSL very high bitrate DSL
VLAN virtual LAN
BGP & MPLS WALKTHROUGH
119
VLSM variable-length subnet mask
VoD video on demand
VoIP Voice over IP
VPN virtual private network
VRF VPN routing and forwarding
VT video telephony
VTI Virtual tunnel interface
VTP VLAN Trunking Protocol
vty virtual terminal
WAN wide-area network
WAAS Wide Area Application Services
WCCP Web Cache Communications Protocol
WFQ weighted fair queuing
WiMAX Worldwide Interoperability for Microwave Access
WLAN wireless LAN
WRED weighted random early detection
WWW World Wide Web
ZBF zone-based firewall