Internetwork Expert’s CCIE SP 5-Day Bootcamp Mock … 4 234 8 8 9 0 0 00:00:30 6 Rack1R9#show ip...

Internetwork Expert’s CCIE SP 5-Day Bootcamp Mock Lab 3 Solutions

Copyright © 2009 Internetwork Expert www.InternetworkExpert.com- 1 -

Task 1.1 R1: interface Serial2/0.12 multipoint no frame-relay map ip 150.1.21.2 102 frame-relay map ip 150.1.12.2 102 R3: interface Serial1/3 encapsulation ppp Task 1.2 R6: interface Serial0/0 frame-relay interface-dlci 201 ppp Virtual-Template1 ! interface Virtual-Template1 ip vrf forwarding VPN_B ip address 54.1.7.6 255.255.255.0 ppp chap hostname ROUTER6 ppp chap password 0 CISCO Task 1.2 Verification Rack1R6#debug ppp negotiation PPP protocol negotiation debugging is on Rack1R6#conf t Enter configuration commands, one per line. End with CNTL/Z. Rack1R6(config)#int se 1/0 Rack1R6(config-if)#shut Rack1R6(config-if)# Vi1 PPP: Sending Acct Event[Down] id[E] Vi1 IPCP: Remove link info for cef entry 54.1.7.254 Vi1 IPCP: State is Closed Vi1 PPP: Phase is TERMINATING Vi1 LCP: State is Closed Vi1 PPP: Phase is DOWN Vi1 IPCP: Remove route to 54.1.7.254 Vi1 IPCP: Remove default route thru 54.1.7.254 Rack1R6(config-if)# Rack1R6(config-if)#no shut %LINK-3-UPDOWN: Interface Serial1/0, changed state to up %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to up Rack1R6(config-if)# Vi1 PPP: Using default call direction Vi1 PPP: Treating connection as a dedicated line Vi1 PPP: Session handle[81000011] Session id[13] Vi1 PPP: Phase is ESTABLISHING, Active Open Vi1 LCP: O CONFREQ [Closed] id 24 len 10 Vi1 LCP: MagicNumber 0x05674F96 (0x050605674F96) Vi1 LCP: I CONFREQ [REQsent] id 49 len 15 Vi1 LCP: AuthProto CHAP (0x0305C22305)



Vi1 LCP: MagicNumber 0x005E91A9 (0x0506005E91A9) Vi1 LCP: O CONFACK [REQsent] id 49 len 15 Vi1 LCP: AuthProto CHAP (0x0305C22305) Vi1 LCP: MagicNumber 0x005E91A9 (0x0506005E91A9) Vi1 LCP: I CONFACK [ACKsent] id 24 len 10 Vi1 LCP: MagicNumber 0x05674F96 (0x050605674F96) Vi1 LCP: State is Open Vi1 PPP: Phase is AUTHENTICATING, by the peer Vi1 CHAP: I CHALLENGE id 13 len 24 from "BB1" Vi1 CHAP: Using hostname from interface CHAP Vi1 CHAP: Using password from interface CHAP Vi1 CHAP: O RESPONSE id 13 len 28 from "ROUTER6" Vi1 CHAP: I SUCCESS id 13 len 4 Rack1R6#ping vrf VPN_B 54.1.7.254 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 54.1.7.254, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 24/36/48 ms Task 2.1 R5: interface Serial0/0.15 ip ospf network point-to-point R4: interface Serial0/0.34 no ip router isis 234 ip router isis R6: router ospf 156 no network 150.1.16.6 0.0.0.0 area 16 network 150.1.16.6 0.0.0.0 area 0 Task 2.2 R2: router ospf 234 router-id 160.1.2.2 network 150.1.102.2 0.0.0.0 area 0 network 160.1.2.2 0.0.0.0 area 0 R9: router ospf 9 router-id 150.1.9.9 network 150.1.109.9 0.0.0.0 area 0 network 150.1.9.9 0.0.0.0 area 0



Task 2.2 Verification Rack1R2#show ip ospf neighbor Neighbor ID Pri State Dead Time Address Interface 150.100.100.254 0 FULL/ - 00:00:34 150.1.102.254 ATM3/0.1 Rack1R2#show ip route ospf 150.100.0.0/32 is subnetted, 1 subnets O 150.100.100.254 [110/2] via 150.1.102.254, 00:07:07, ATM3/0.1 150.1.0.0/16 is variably subnetted, 8 subnets, 2 masks O 150.1.9.9/32 [110/3] via 150.1.102.254, 00:07:07, ATM3/0.1 O 150.1.101.0/24 [110/2] via 150.1.102.254, 00:07:07, ATM3/0.1 O 150.1.109.0/24 [110/2] via 150.1.102.254, 00:07:07, ATM3/0.1 Rack1R2#ping Protocol [ip]: Target IP address: 150.1.9.9 Repeat count [5]: Datagram size [100]: Timeout in seconds [2]: Extended commands [n]: y Source address or interface: 160.1.2.2 Type of service [0]: Set DF bit in IP header? [no]: Validate reply data? [no]: Data pattern [0xABCD]: Loose, Strict, Record, Timestamp, Verbose[none]: Sweep range of sizes [n]: Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 150.1.9.9, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 48/77/116 ms Task 2.3 R1: interface ATM 3/0.1 ip router isis ! router isis net 49.0156.0000.0000.0001.00 is-type level-2-only passive-interface Loopback0 R9: interface ATM 3/0.1 ip router isis ! router isis net 49.0009.0000.0000.0009.00 is-type level-2-only passive-interface Loopback0



Task 2.3 Verification Rack1R9#show clns neighbors System Id Interface SNPA State Holdtime Type Protocol CellModeATM AT3/0.1 VC 1 Up 21 L2 IS-IS Rack1R9#show ip route isis 150.1.0.0/16 is variably subnetted, 5 subnets, 2 masks i L2 150.1.1.1/32 [115/20] via 150.1.109.254, ATM3/0.1 Rack1R9#ping 150.1.1.1 source loopback 0 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 150.1.1.1, timeout is 2 seconds: Packet sent with a source address of 150.1.9.9 !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 40/41/44 ms Task 3.1 R3: router bgp 234 ! address-family ipv4 unicast neighbor 160.1.4.4 activate neighbor 160.1.4.4 route-reflector-client R5: router bgp 65005 ! address-family ipv4 unicast no network 150.1.5.0 mask 255.255.255.255 network 150.1.5.5 mask 255.255.255.255 R6: router bgp 65016 ! neighbor 150.1.5.5 ebgp-multihop



Task 3.2 R1: router bgp 65016 neighbor 150.1.9.9 remote-as 9 neighbor 150.1.9.9 update-source Loopback0 neighbor 150.1.9.9 ebgp-multihop ! address-family ipv4 unicast neighbor 150.1.9.9 activate neighbor 150.1.9.9 advertisement-interval 15 ! ! Fixing the distance, since eBGP has AD=20 ! router isis distance 19 ip R2: router bgp 234 neighbor 150.1.9.9 remote-as 9 neighbor 150.1.9.9 update-source Loopback0 neighbor 150.1.9.9 ebgp-multihop ! address-family ipv4 unicast neighbor 150.1.9.9 activate neighbor 150.1.9.9 advertisement-interval 15 ! router ospf 234 distance 19 R9: router bgp 9 no bgp default ipv4-unicast neighbor 150.1.1.1 remote-as 156 neighbor 150.1.1.1 update-source Loopback0 neighbor 150.1.1.1 ebgp-multihop neighbor 160.1.2.2 remote-as 234 neighbor 160.1.2.2 update-source Loopback0 neighbor 160.1.2.2 ebgp-multihop ! address-family ipv4 unicast neighbor 150.1.1.1 activate neighbor 150.1.1.1 advertisement-interval 15 neighbor 160.1.2.2 activate neighbor 160.1.2.2 advertisement-interval 15 network 150.1.9.9 mask 255.255.255.255 ! router ospf 9 distance 19 ! router isis distance 19 ip



Task 3.2 Verification Rack1R9#show ip bgp summary BGP router identifier 150.1.9.9, local AS number 9 BGP table version is 10, main routing table version 10 7 network entries using 791 bytes of memory 13 path entries using 676 bytes of memory 8/5 BGP path/bestpath attribute entries using 864 bytes of memory 4 BGP AS-PATH entries using 96 bytes of memory 0 BGP route-map cache entries using 0 bytes of memory 0 BGP filter-list cache entries using 0 bytes of memory BGP using 2427 total bytes of memory BGP activity 7/0 prefixes, 13/0 paths, scan interval 60 secs Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd 150.1.1.1 4 156 9 8 9 0 0 00:00:26 6 160.1.2.2 4 234 8 8 9 0 0 00:00:30 6 Rack1R9#show ip bgp neighbors 150.1.1.1 | inc adv Route refresh: advertised and received(new) Address family IPv4 Unicast: advertised and received ipv4 MPLS Label capability: advertised and received Address family IPv4 Multicast: advertised and received Default minimum time between advertisement runs is 30 seconds Route map for incoming advertisements is FROM_AS156 Minimum time between advertisement runs is 15 seconds Rack1R9#show ip bgp neighbors 160.1.2.2 | inc adv Route refresh: advertised and received(new) Address family IPv4 Unicast: advertised and received ipv4 MPLS Label capability: advertised and received Address family IPv4 Multicast: advertised and received Default minimum time between advertisement runs is 30 seconds Route map for incoming advertisements is FROM_AS234 Minimum time between advertisement runs is 15 seconds Rack1R6#show ip bgp 150.1.9.9 BGP routing table entry for 150.1.9.9/32, version 11 Paths: (1 available, best #1, table Default-IP-Routing-Table) Flag: 0x820 Not advertised to any peer 9 150.1.1.1 (metric 11) from 150.1.1.1 (150.1.1.1) Origin IGP, metric 0, localpref 100, valid, confed-internal, best Rack1R5#show ip bgp 150.1.9.9 BGP routing table entry for 150.1.9.9/32, version 11 Paths: (1 available, best #1, table Default-IP-Routing-Table) Flag: 0x820 Not advertised to any peer (65016) 9 150.1.1.1 (metric 21) from 150.1.1.1 (150.1.1.1) Origin IGP, metric 0, localpref 100, valid, confed-external, best



Rack1R3#show ip bgp 150.1.9.9 BGP routing table entry for 150.1.9.9/32, version 10 Paths: (1 available, best #1, table Default-IP-Routing-Table) Flag: 0x820 Advertised to update-groups: 1 9, (Received from a RR-client) 160.1.2.2 (metric 10) from 160.1.2.2 (160.1.2.2) Origin IGP, metric 0, localpref 100, valid, internal, best Rack1R4#show ip bgp 150.1.9.9 BGP routing table entry for 150.1.9.9/32, version 10 Paths: (1 available, best #1, table Default-IP-Routing-Table) Flag: 0x820 Not advertised to any peer 9 160.1.2.2 (metric 10) from 160.1.3.3 (160.1.3.3) Origin IGP, metric 0, localpref 100, valid, internal, best Originator: 160.1.2.2, Cluster list: 160.1.3.3 Task 3.3 R6: router bgp 65016 neighbor 150.1.9.9 remote-as 9 neighbor 150.1.9.9 update-source Loopback0 neighbor 150.1.9.9 ebgp-multihop neighbor 160.1.4.4 remote-as 234 neighbor 160.1.4.4 update-source Loopback0 neighbor 160.1.4.4 ebgp-multihop ! address-family vpnv4 unicast neighbor 150.1.9.9 activate neighbor 150.1.9.9 send-community extended neighbor 150.1.9.9 next-hop-unchanged neighbor 160.1.4.4 activate neighbor 160.1.4.4 send-community extended neighbor 160.1.4.4 next-hop-unchanged R4: router bgp 234 neighbor 150.1.9.9 remote-as 9 neighbor 150.1.9.9 update-source Loopback0 neighbor 150.1.9.9 ebgp-multihop neighbor 150.1.6.6 remote-as 156 neighbor 150.1.6.6 update-source Loopback0 neighbor 150.1.6.6 ebgp-multihop ! address-family vpnv4 unicast neighbor 150.1.9.9 activate neighbor 150.1.9.9 send-community extended neighbor 150.1.9.9 next-hop-unchanged neighbor 150.1.6.6 activate neighbor 150.1.6.6 send-community extended neighbor 150.1.6.6 next-hop-unchanged



R9: router bgp 9 neighbor 150.1.6.6 remote-as 156 neighbor 150.1.6.6 update-source Loopback0 neighbor 150.1.6.6 ebgp-multihop neighbor 160.1.4.4 remote-as 234 neighbor 160.1.4.4 update-source Loopback0 neighbor 160.1.4.4 ebgp-multihop ! address-family vpnv4 unicast neighbor 150.1.6.6 activate neighbor 150.1.6.6 send-community extended neighbor 150.1.6.6 next-hop-unchanged all neighbor 160.1.4.4 activate neighbor 160.1.4.4 send-community extended neighbor 160.1.4.4 next-hop-unchanged all Task 3.4 R1: ip community-list st LP_200 permit 156:200 ip bgp-community new-format ! ip prefix-list R1_LOOPBACK0 permit 150.1.1.1/32 ip prefix-list R5_LOOPBACK0 permit 150.1.5.5/32 ! ! Signal AS234 to prefer path to R1/R5 Loopback0 via AS9 ! no route-map TO_AS9 ! route-map TO_AS9 permit 10 match ip address prefix-list R1_LOOPBACK0 set community 234:200 ! route-map TO_AS9 permit 20 match ip address prefix-list R5_LOOPBACK0 set community 234:200 ! route-map TO_AS9 permit 1000 ! ! Respond to signaling from AS234 ! route-map FROM_AS234 permit 10 match community LP_200 set local-preference 200 ! route-map FROM_AS234 permit 1000 ! ! Respond to labeled prefixes coming from AS9 ! route-map FROM_AS9 permit 10 match community LP_200 set local-preference 200



! route-map FROM_AS9 permit 1000 router bgp 65016 address-family ipv4 unicast neighbor 150.1.9.9 route-map FROM_AS9 in neighbor 150.1.9.9 route-map TO_AS9 out neighbor 150.1.9.9 send-community neighbor 150.1.12.2 route-map FROM_AS234 in neighbor 150.1.12.2 send-community R2: ip community-list st LP_200 permit 234:200 ip bgp-community new-format ! ip prefix-list R2_LOOPBACK0 permit 160.1.2.2/32 ip prefix-list R4_LOOPBACK0 permit 160.1.4.4/32 ! ! Signal AS 156 to set high LP to R4/R2’s Loopback0 via AS9 ! no route-map TO_AS9 ! route-map TO_AS9 permit 10 match ip address prefix-list R2_LOOPBACK0 set community 156:200 ! route-map TO_AS9 permit 20 match ip address prefix-list R4_LOOPBACK0 set community 156:200 ! route-map TO_AS9 permit 1000 ! ! Respond to commands from AS156 ! route-map FROM_AS156 permit 10 match community LP_200 set local-preference 200 ! route-map FROM_AS156 permit 1000 ! ! ! route-map FROM_AS9 permit 10 match community LP_200 set local-preference 200 ! route-map FROM_AS9 permit 1000 router bgp 234 address-family ipv4 unicast neighbor 150.1.9.9 route-map FROM_AS9 in neighbor 150.1.9.9 route-map TO_AS9 out neighbor 150.1.9.9 send-community neighbor 150.1.12.1 route-map FROM_AS156 in neighbor 150.1.12.1 send-community



R9: ip community-list st LP_200 permit 9:200 ip bgp-community new-format ! route-map FROM_AS156 permit 10 match community LP_200 set local-preference 200 ! route-map FROM_AS156 permit 1000 ! ! ! route-map FROM_AS234 permit 10 match community LP_200 set local-preference 200 ! route-map FROM_AS234 permit 1000 router bgp 9 address-family ipv4 unicast neighbor 160.1.2.2 route-map FROM_AS234 in neighbor 160.1.2.2 send-community neighbor 150.1.1.1 route-map FROM_AS156 in neighbor 150.1.1.1 send-community Task 3.4 Verification Rack1R1#show ip bgp 160.1.3.3 BGP routing table entry for 160.1.3.3/32, version 9 Paths: (2 available, best #2) Advertised to update-groups: 2 3 4 9 234 150.1.9.9 (metric 20) from 150.1.9.9 (150.1.9.9) Origin IGP, localpref 100, valid, external 234 150.1.12.2 from 150.1.12.2 (160.1.2.2) Origin IGP, localpref 100, valid, external, best Rack1R1#show ip bgp 160.1.4.4 BGP routing table entry for 160.1.4.4/32, version 31 Paths: (2 available, best #1) Advertised to update-groups: 1 2 3 9 234 150.1.9.9 (metric 20) from 150.1.9.9 (150.1.9.9) Origin IGP, localpref 200, valid, external, best Community: 156:200 234 150.1.12.2 from 150.1.12.2 (160.1.2.2) Origin IGP, localpref 100, valid, external



Rack1R1#show ip bgp 160.1.2.2 BGP routing table entry for 160.1.2.2/32, version 32 Paths: (2 available, best #1) Advertised to update-groups: 1 2 3 9 234 150.1.9.9 (metric 20) from 150.1.9.9 (150.1.9.9) Origin IGP, localpref 200, valid, external, best Community: 156:200 234 150.1.12.2 from 150.1.12.2 (160.1.2.2) Origin IGP, metric 0, localpref 100, valid, external Rack1R2#show ip bgp 150.1.6.6 BGP routing table entry for 150.1.6.6/32, version 46 Paths: (2 available, best #1) Flag: 0x820 Advertised to update-groups: 1 3 156 150.1.12.1 from 150.1.12.1 (150.1.1.1) Origin IGP, localpref 100, valid, external, best 9 156 150.1.9.9 (metric 3) from 150.1.9.9 (150.1.9.9) Origin IGP, localpref 100, valid, external Rack1R2#show ip bgp 150.1.1.1 BGP routing table entry for 150.1.1.1/32, version 42 Paths: (2 available, best #2) Advertised to update-groups: 1 2 156 150.1.12.1 from 150.1.12.1 (150.1.1.1) Origin IGP, metric 0, localpref 100, valid, external 9 156 150.1.9.9 (metric 3) from 150.1.9.9 (150.1.9.9) Origin IGP, localpref 200, valid, external, best Community: 234:200 Rack1R2#show ip bgp 150.1.5.5 BGP routing table entry for 150.1.5.5/32, version 43 Paths: (2 available, best #2) Advertised to update-groups: 1 2 156 150.1.12.1 from 150.1.12.1 (150.1.1.1) Origin IGP, localpref 100, valid, external 9 156 150.1.9.9 (metric 3) from 150.1.9.9 (150.1.9.9) Origin IGP, localpref 200, valid, external, best Community: 234:200



Task 4.1 R2: mpls traffic-eng tunnels ! interface Serial 2/1 mpls traffic-eng tunnels ip rsvp bandwidth ! interface Serial 2/0.24 mpls traffic-eng tunnels ip rsvp bandwidth ! router isis metric-style wide level-2 mpls traffic-eng level-2 mpls traffic-eng router-id loopback0 ! ip explicit-path name TO_R4 next-add 160.1.23.3 next-add 160.1.34.4 next-add 160.1.4.4 ! interface Tunnel0 ip unnumbered loopback0 tunnel destination 160.1.4.4 tunnel mode mpls traffic-eng tunnel mpls traffic-eng priority 0 0 tunnel mpls traffic-eng path-option 1 explicit name TO_R4 tunnel mpls traffic-eng path-option 2 dynamic tunnel mpls traffic-eng autoroute announce R3: mpls traffic-eng tunnels ! interface Serial 1/3 mpls traffic-eng tunnels ip rsvp bandwidth ! interface Serial 1/0.34 mpls traffic-eng tunnels ip rsvp bandwidth ! router isis metric-style wide level-2 mpls traffic-eng level-2 mpls traffic-eng router-id loopback0



R4: mpls traffic-eng tunnels ! interface Serial 0/0.34 mpls traffic-eng tunnels ip rsvp bandwidth ! interface Serial 0/0.24 mpls traffic-eng tunnels ip rsvp bandwidth ! router isis metric-style wide level-2 mpls traffic-eng level-2 mpls traffic-eng router-id loopback0 Task 4.1 Rack1R2#show mpls traffic-eng tunnels tunnel 0 Name: Rack1R2_t0 (Tunnel0) Destination: 160.1.4.4 Status: Admin: up Oper: up Path: valid Signalling: connected path option 1, type explicit TO_R4 (Basis for Setup, path weight 20) path option 2, type dynamic Config Parameters: Bandwidth: 0 kbps (Global) Priority: 0 0 Affinity: 0x0/0xFFFF Metric Type: TE (default) AutoRoute: enabled LockDown: disabled Loadshare: 0 bw-based auto-bw: disabled Active Path Option Parameters: State: explicit path option 1 is active BandwidthOverride: disabled LockDown: disabled Verbatim: disabled InLabel : - OutLabel : Serial2/1, 16 RSVP Signalling Info: Src 160.1.2.2, Dst 160.1.4.4, Tun_Id 0, Tun_Instance 10 RSVP Path Info: My Address: 160.1.2.2 Explicit Route: 160.1.23.3 160.1.34.4 160.1.4.4 Record Route: NONE Tspec: ave rate=0 kbits, burst=1000 bytes, peak rate=0 kbits RSVP Resv Info: Record Route: NONE Fspec: ave rate=0 kbits, burst=1000 bytes, peak rate=0 kbits Shortest Unconstrained Path Info: Path Weight: 10 (TE) Explicit Route: 160.1.24.4 160.1.4.4 History:



Tunnel: Time since created: 5 minutes, 53 seconds Time since path change: 1 minutes, 44 seconds Number of LSP IDs (Tun_Instances) used: 10 Current LSP: Uptime: 1 minutes, 44 seconds Prior LSP: ID: path option 1 [9] Removal Trigger: path option updated Rack1R2#traceroute 160.1.4.4 Type escape sequence to abort. Tracing the route to 160.1.4.4 1 160.1.23.3 [MPLS: Label 16 Exp 0] 120 msec 36 msec 44 msec 2 160.1.34.4 56 msec * 36 msec Task 4.2 R1: access-list 1 permit 150.1.1.1 access-list 1 permit 150.1.5.5 access-list 1 permit 150.1.6.6 ! mpls ldp advertise-labels for 1 no mpls ldp advertise-labels ! access-list 2 permit 150.1.9.9 mpls ldp request-labels for 2 R5: access-list 1 permit 150.1.1.1 access-list 1 permit 150.1.5.5 access-list 1 permit 150.1.6.6 ! mpls ldp advertise-labels for 1 no mpls ldp advertise-labels R6: access-list 1 permit 150.1.1.1 access-list 1 permit 150.1.5.5 access-list 1 permit 150.1.6.6 ! mpls ldp advertise-labels for 1 no mpls ldp advertise-labels



Task 4.2 Verification Rack1R1#show mpls forwarding-table Local Outgoing Prefix Bytes tag Outgoing Next Hop tag tag or VC or Tunnel Id switched interface 16 Untagged 150.100.100.254/32 \ 0 AT3/0.1 point2point 17 1/37 150.1.9.9/32 0 AT3/0.1 point2point 18 Pop tag 150.1.6.6/32 0 Fa0/0 150.1.16.6 19 17 150.1.5.5/32 0 Fa0/0 150.1.16.6 20 Untagged 150.1.56.0/24 0 Fa0/0 150.1.16.6 21 Untagged 150.1.102.0/24 0 AT3/0.1 point2point 22 Untagged 150.1.109.0/24 0 AT3/0.1 point2point Rack1R5#show mpls forwarding-table Local Outgoing Prefix Bytes tag Outgoing Next Hop tag tag or VC or Tunnel Id switched interface 16 16 150.1.1.1/32 0 Et0/0 150.1.56.6 17 Untagged 150.1.16.0/24 0 Et0/0 150.1.56.6 18 Pop tag 150.1.6.6/32 0 Et0/0 150.1.56.6 Rack1R6#show mpls forwarding-table Local Outgoing Prefix Bytes tag Outgoing Next Hop tag tag or VC or Tunnel Id switched interface 16 Pop tag 150.1.1.1/32 826 Et0/0 150.1.16.1 17 Pop tag 150.1.5.5/32 753 Et0/1 150.1.56.5 18 Untagged 150.1.15.0/24 0 Et0/0 150.1.16.1 19 Untagged 54.1.7.254/32 0 Vi1 point2point Task 4.3 R2: interface Serial 2/0.24 mpls ldp discovery transport-address interface ! interface Serial 2/1 mpls ldp discovery transport-address interface ! mpls ldp neighbor 160.1.3.3 password CISCO mpls ldp neighbor 160.1.4.4 password CISCO R3: interface Serial 1/0.34 mpls ldp discovery transport-address interface ! interface Serial 1/3 mpls ldp discovery transport-address interface ! mpls ldp neighbor 160.1.2.2 password CISCO mpls ldp neighbor 160.1.4.4 password CISCO



R4: interface Serial 0/0.24 mpls ldp discovery transport-address interface interface Serial 0/0.34 mpls ldp discovery transport-address interface ! mpls ldp neighbor 160.1.2.2 password CISCO mpls ldp neighbor 160.1.3.3 password CISCO Task 4.3 Verification Rack1R4#show mpls ldp neighbor detail Peer LDP Ident: 160.1.3.3:0; Local LDP Ident 160.1.4.4:0 TCP connection: 160.1.34.3.646 - 160.1.34.4.20782; MD5 on State: Oper; Msgs sent/rcvd: 10/10; Downstream; Last TIB rev sent 47 Up time: 00:00:13; UID: 5; Peer Id 1; LDP discovery sources: Serial1/0.34; Src IP addr: 160.1.34.3 holdtime: 15000 ms, hello interval: 5000 ms Addresses bound to peer LDP Ident: 160.1.23.3 160.1.3.3 160.1.34.3 160.1.33.33 Peer holdtime: 180000 ms; KA interval: 60000 ms; Peer state: estab Peer LDP Ident: 160.1.2.2:0; Local LDP Ident 160.1.4.4:0 TCP connection: 160.1.24.2.646 - 160.1.24.4.57228; MD5 on State: Oper; Msgs sent/rcvd: 10/18; Downstream; Last TIB rev sent 47 Up time: 00:00:08; UID: 6; Peer Id 0; LDP discovery sources: Serial1/0.24; Src IP addr: 160.1.24.2 holdtime: 15000 ms, hello interval: 5000 ms Addresses bound to peer LDP Ident: 150.1.102.2 160.1.2.2 150.1.12.2 160.1.24.2 160.1.23.2 29.29.29.2 Peer holdtime: 180000 ms; KA interval: 60000 ms; Peer state: estab



Task 5.1 R3: router ospf 100 vrf VPN_A log-adjacency-changes network 172.16.37.3 0.0.0.0 area 0 ! router rip ! address-family ipv4 vrf VPN_B network 204.12.1.0 no auto-summary version 2 R4: router ospf 100 vrf VPN_A log-adjacency-changes network 172.16.48.4 0.0.0.0 area 0 R5: router ospf 100 vrf VPN_A log-adjacency-changes network 192.10.1.5 0.0.0.0 area 51 R6: router eigrp 1 ! address-family ipv4 vrf VPN_B autonomous-system 10 no auto-summary network 54.1.7.6 0.0.0.0 Task 5.1 Verification Rack1R3#show ip route vrf VPN_B Routing Table: VPN_B Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route Gateway of last resort is not set C 204.12.1.0/24 is directly connected, Ethernet0/1 31.0.0.0/16 is subnetted, 4 subnets R 31.3.0.0 [120/1] via 204.12.1.254, 00:00:11, Ethernet0/1 R 31.2.0.0 [120/1] via 204.12.1.254, 00:00:11, Ethernet0/1 R 31.1.0.0 [120/1] via 204.12.1.254, 00:00:11, Ethernet0/1 R 31.0.0.0 [120/1] via 204.12.1.254, 00:00:11, Ethernet0/1 30.0.0.0/16 is subnetted, 4 subnets R 30.2.0.0 [120/1] via 204.12.1.254, 00:00:11, Ethernet0/1 R 30.3.0.0 [120/1] via 204.12.1.254, 00:00:11, Ethernet0/1 R 30.0.0.0 [120/1] via 204.12.1.254, 00:00:11, Ethernet0/1



R 30.1.0.0 [120/1] via 204.12.1.254, 00:00:11, Ethernet0/1 Rack1R3#show ip ospf 100 neighbor Neighbor ID Pri State Dead Time Address Interface 172.16.7.7 1 FULL/DR 00:00:35 172.16.37.7 Ethernet0/0 Rack1R3#show ip route vrf VPN_A Routing Table: VPN_A Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route Gateway of last resort is not set 172.16.0.0/16 is variably subnetted, 5 subnets, 2 masks O 172.16.48.0/24 [110/10010] via 172.16.37.7, 00:11:21, Ethernet0/0 C 172.16.37.0/24 is directly connected, Ethernet0/0 O 172.16.8.8/32 [110/10010] via 172.16.37.7, 00:11:21, Ethernet0/0 O 172.16.7.7/32 [110/11] via 172.16.37.7, 00:11:21, Ethernet0/0 O 172.16.78.0/24 [110/10009] via 172.16.37.7, 00:11:21, Ethernet0/0 Rack1R4#show ip ospf 100 neighbor Neighbor ID Pri State Dead Time Address Interface 172.16.8.8 1 FULL/DR 00:00:36 172.16.48.8 Ethernet0/1 Rack1R4#sh ip route vrf VPN_A Routing Table: VPN_A Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route Gateway of last resort is not set 172.16.0.0/16 is variably subnetted, 5 subnets, 2 masks C 172.16.48.0/24 is directly connected, Ethernet0/1 O 172.16.37.0/24 [110/10010] via 172.16.48.8, 00:14:57, Ethernet0/1 O 172.16.8.8/32 [110/11] via 172.16.48.8, 00:14:57, Ethernet0/1 O 172.16.7.7/32 [110/10010] via 172.16.48.8, 00:14:57, Ethernet0/1 O 172.16.78.0/24 [110/10009] via 172.16.48.8, 00:14:57, Ethernet0/1 Rack1R5#show ip ospf 100 neighbor Neighbor ID Pri State Dead Time Address Interface 192.10.1.254 1 FULL/DR 00:00:35 192.10.1.254 Ethernet0/1



Rack1R5#show ip route vrf VPN_A Routing Table: VPN_A Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route Gateway of last resort is not set 51.0.0.0/32 is subnetted, 1 subnets O E2 51.51.51.51 [110/20] via 192.10.1.254, 00:15:13, Ethernet0/1 C 192.10.1.0/24 is directly connected, Ethernet0/1 Rack1R6#show ip eigrp vrf VPN_B neighbors IP-EIGRP neighbors for process 10 H Address Interface Hold Uptime SRTT RTO Q Seq (sec) (ms) Cnt Num 0 54.1.7.254 Vi1 13 00:06:36 47 282 0 8 Rack1R6#show ip route vrf VPN_B Routing Table: VPN_B Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route Gateway of last resort is not set D 200.0.0.0/24 [90/2713600] via 54.1.7.254, 00:06:42, Virtual-Access1 54.0.0.0/8 is variably subnetted, 2 subnets, 2 masks C 54.1.7.0/24 is directly connected, Virtual-Access1 C 54.1.7.254/32 is directly connected, Virtual-Access1 D 200.0.1.0/24 [90/2713600] via 54.1.7.254, 00:06:42, Virtual-Access1 D 200.0.2.0/24 [90/2713600] via 54.1.7.254, 00:06:42, Virtual-Access1 D 200.0.3.0/24 [90/2713600] via 54.1.7.254, 00:06:42, Virtual-Access1



Task 5.2 R3: ip vrf VPN_A route-target both 234:34 ! interface loopback 100 ip vrf forwarding VPN_A ip address 103.103.103.103 255.255.255.255 ! router bgp 234 address-family ipv4 vrf VPN_A redistribute ospf 100 match internal external network 103.103.103.103 mask 255.255.255.255 ! router ospf 100 redistribute bgp 234 subnets area 0 sham-link 103.103.103.103 104.104.104.104 R4: ip vrf VPN_A route-target both 234:34 ! interface loopback 100 ip vrf forwarding VPN_A ip address 104.104.104.104 255.255.255.255 ! router bgp 234 address-family ipv4 vrf VPN_A redistribute ospf 100 match internal external network 104.104.104.104 mask 255.255.255.255 ! router ospf 100 redistribute bgp 234 subnets area 0 sham-link 104.104.104.104 103.103.103.103 Task 5.2 Verification Rack1R3#show ip ospf sham-links Sham Link OSPF_SL0 to address 104.104.104.104 is up Area 0 source address 103.103.103.103 Run as demand circuit DoNotAge LSA allowed. Cost of using 1 State POINT_TO_POINT, Timer intervals configured, Hello 10, Dead 40, Wait 40, Hello due in 00:00:09 Adjacency State FULL (Hello suppressed) Index 2/2, retransmission queue length 0, number of retransmission 0 First 0x0(0)/0x0(0) Next 0x0(0)/0x0(0) Last retransmission scan length is 0, maximum is 0 Last retransmission scan time is 0 msec, maximum is 0 msec



Rack1R3#show ip bgp vpnv4 rd 234:34 BGP table version is 24, local router ID is 160.1.3.3 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path Route Distinguisher: 234:34 (default for vrf VPN_A) *> 103.103.103.103/32 0.0.0.0 0 32768 i *>i104.104.104.104/32 160.1.4.4 0 100 0 i * i172.16.7.7/32 160.1.4.4 10010 100 0 ? *> 172.16.37.7 11 32768 ? * i172.16.8.8/32 160.1.4.4 11 100 0 ? *> 172.16.37.7 10010 32768 ? * i172.16.37.0/24 160.1.4.4 10010 100 0 ? *> 0.0.0.0 0 32768 ? * i172.16.48.0/24 160.1.4.4 0 100 0 ? *> 172.16.37.7 10010 32768 ? * i172.16.78.0/24 160.1.4.4 10009 100 0 ? *> 172.16.37.7 10009 32768 ? Rack1R7#show ip route ospf 103.0.0.0/32 is subnetted, 1 subnets O E2 103.103.103.103 [110/1] via 172.16.37.3, 00:01:46, FastEthernet1/3 172.16.0.0/16 is variably subnetted, 5 subnets, 2 masks O 172.16.48.0/24 [110/12] via 172.16.37.3, 00:01:47, FastEthernet1/3 O 172.16.8.8/32 [110/13] via 172.16.37.3, 00:01:46, FastEthernet1/3 104.0.0.0/32 is subnetted, 1 subnets O E2 104.104.104.104 [110/1] via 172.16.37.3, 00:01:46, FastEthernet1/3 Rack1R7#traceroute 172.16.8.8 source loopback 0 Type escape sequence to abort. Tracing the route to 172.16.8.8 1 172.16.37.3 92 msec 36 msec 20 msec 2 172.16.48.4 116 msec 68 msec 68 msec 3 172.16.48.8 112 msec * 172 msec



Task 5.3 R1: router bgp 65016 ! address-family ipv4 unicast neighbor 150.1.12.2 send-label neighbor 150.1.9.9 send-label neighbor 150.1.6.6 send-label ! route-map TO_AS9 permit 10 set mpls-label ! route-map TO_AS9 permit 20 set mpls-label ! route-map TO_AS9 permit 1000 set mpls-label R2: router bgp 234 ! address-family ipv4 unicast neighbor 150.1.12.1 send-label neighbor 150.1.9.9 send-label neighbor 160.1.3.3 send-label ! route-map TO_AS9 permit 10 set mpls-label ! route-map TO_AS9 permit 20 set mpls-label ! route-map TO_AS9 permit 1000 set mpls-label R3: router bgp 234 ! address-family ipv4 unicast neighbor 160.1.4.4 send-label neighbor 160.1.2.2 send-label ! ip vrf VPN_A route-target import 156:5 ! ip vrf VPN_B route-target import 156:6 route-target export 234:3 ! router bgp 234 ! address-family ipv4 vrf VPN_B redistribute rip metric 1 ! router rip



! address-family ipv4 vrf VPN_B redistribute bgp 234 metric 1 R4: router bgp 234 ! address-family ipv4 unicast neighbor 160.1.3.3 send-label ! ip vrf VPN_A route-target import 156:5 R5: ip vrf VPN_A route-target import 234:34 route-target export 156:5 ! router bgp 65005 ! address-family ipv4 unicast neighbor 150.1.6.6 send-label ! address-family ipv4 vrf VPN_A redistribute ospf 100 match internal external ! router ospf 100 redistribute bgp 65005 subnets R6: router bgp 65016 ! no bgp default route-target filter ! address-family ipv4 unicast neighbor 150.1.5.5 send-label neighbor 150.1.1.1 send-label ! ip vrf VPN_B route-target import 234:3 route-target export 156:6 ! router bgp 65016 ! address-family ipv4 vrf VPN_B redistribute eigrp 10 ! router eigrp 1 address-family ipv4 vrf VPN_B redistribute bgp 65016 metric 1 1 1 1 1



R9: router bgp 9 ! no bgp default route-target filter ! address-family ipv4 unicast neighbor 160.1.2.2 send-label neighbor 150.1.1.1 send-label Task 5.3 Verification Verify Inter-A connectivity for VPN_A: Rack1R7#show ip route ospf 51.0.0.0/32 is subnetted, 1 subnets O E2 51.51.51.51 [110/1] via 172.16.37.3, 00:09:42, FastEthernet1/3 103.0.0.0/32 is subnetted, 1 subnets O E2 103.103.103.103 [110/1] via 172.16.37.3, 00:09:42, FastEthernet1/3 172.16.0.0/16 is variably subnetted, 5 subnets, 2 masks O 172.16.48.0/24 [110/12] via 172.16.37.3, 00:10:27, FastEthernet1/3 O 172.16.8.8/32 [110/13] via 172.16.37.3, 00:10:27, FastEthernet1/3 O IA 192.10.1.0/24 [110/2] via 172.16.37.3, 00:09:42, FastEthernet1/3 104.0.0.0/32 is subnetted, 1 subnets O E2 104.104.104.104 [110/1] via 172.16.37.3, 00:09:42, FastEthernet1/3 Rack1R8#show ip route ospf 51.0.0.0/32 is subnetted, 1 subnets O E2 51.51.51.51 [110/1] via 172.16.48.4, 00:10:08, FastEthernet1/4 103.0.0.0/32 is subnetted, 1 subnets O E2 103.103.103.103 [110/1] via 172.16.48.4, 00:10:08, FastEthernet1/4 172.16.0.0/16 is variably subnetted, 5 subnets, 2 masks O 172.16.37.0/24 [110/12] via 172.16.48.4, 00:10:55, FastEthernet1/4 O 172.16.7.7/32 [110/13] via 172.16.48.4, 00:10:55, FastEthernet1/4 O IA 192.10.1.0/24 [110/2] via 172.16.48.4, 00:10:08, FastEthernet1/4 104.0.0.0/32 is subnetted, 1 subnets O E2 104.104.104.104 [110/1] via 172.16.48.4, 00:10:08, FastEthernet1/4 Rack1R5#show ip route vrf VPN_A Routing Table: VPN_A Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route Gateway of last resort is not set 51.0.0.0/32 is subnetted, 1 subnets O E2 51.51.51.51 [110/20] via 192.10.1.254, 00:15:41, Ethernet0/1 103.0.0.0/32 is subnetted, 1 subnets B 103.103.103.103 [200/0] via 160.1.3.3, 00:14:23 172.16.0.0/16 is variably subnetted, 5 subnets, 2 masks B 172.16.48.0/24 [200/0] via 160.1.4.4, 00:14:23 B 172.16.37.0/24 [200/0] via 160.1.3.3, 00:14:23 B 172.16.8.8/32 [200/11] via 160.1.4.4, 00:14:23 B 172.16.7.7/32 [200/0] via 160.1.3.3, 00:14:23 B 172.16.78.0/24 [200/10009] via 160.1.4.4, 00:14:23



C 192.10.1.0/24 is directly connected, Ethernet0/1 104.0.0.0/32 is subnetted, 1 subnets B 104.104.104.104 [200/0] via 160.1.4.4, 00:14:23 Rack1R7#traceroute 51.51.51.51 source loopback 0 Type escape sequence to abort. Tracing the route to 51.51.51.51 1 172.16.37.3 32 msec 96 msec 100 msec 2 160.1.23.2 356 msec 416 msec 360 msec 3 150.1.102.254 456 msec 416 msec 560 msec 4 150.1.109.9 324 msec 400 msec 388 msec 5 150.1.109.254 508 msec 332 msec 412 msec 6 150.1.101.1 376 msec 416 msec 280 msec 7 150.1.16.6 396 msec 556 msec 560 msec 8 192.10.1.5 296 msec 396 msec 316 msec 9 192.10.1.254 308 msec * 2524 msec Rack1R8#traceroute 51.51.51.51 source loopback 0 Type escape sequence to abort. Tracing the route to 51.51.51.51 1 172.16.48.4 24 msec 40 msec 36 msec 2 160.1.24.2 596 msec 536 msec 556 msec 3 150.1.102.254 636 msec 416 msec 420 msec 4 150.1.109.9 436 msec 432 msec 500 msec 5 150.1.109.254 336 msec 496 msec 440 msec 6 150.1.101.1 596 msec 476 msec 440 msec 7 150.1.16.6 676 msec 536 msec 656 msec 8 192.10.1.5 516 msec 476 msec 388 msec 9 192.10.1.254 516 msec 536 msec 484 msec Rack1R5#traceroute vrf VPN_A 172.16.7.7 Type escape sequence to abort. Tracing the route to 172.16.7.7 1 150.1.56.6 [MPLS: Labels 27/31 Exp 0] 372 msec 436 msec 336 msec 2 150.1.16.1 [MPLS: Labels 25/31 Exp 0] 496 msec 304 msec 284 msec 3 150.1.12.2 [MPLS: Labels 17/31 Exp 0] 480 msec 428 msec 516 msec 4 172.16.37.3 [MPLS: Label 31 Exp 0] 280 msec 356 msec 236 msec 5 172.16.37.7 396 msec * 496 msec Rack1R5#traceroute vrf VPN_A 172.16.8.8 Type escape sequence to abort. Tracing the route to 172.16.8.8 1 150.1.56.6 [MPLS: Labels 26/21 Exp 0] 464 msec 476 msec 448 msec 2 150.1.16.1 [MPLS: Labels 26/21 Exp 0] 452 msec 480 msec 544 msec 3 150.1.101.254 [MPLS: Labels 16/23/21 Exp 0] 488 msec 400 msec 436 msec 4 150.1.109.9 [MPLS: Labels 23/21 Exp 0] 408 msec 380 msec 476 msec 5 150.1.109.254 [MPLS: Labels 18/16/21 Exp 0] 548 msec 520 msec 512 msec 6 150.1.102.2 [MPLS: Labels 16/21 Exp 0] 456 msec 492 msec 572 msec 7 160.1.23.3 [MPLS: Labels 19/21 Exp 0] 532 msec 472 msec 616 msec 8 172.16.48.4 [MPLS: Label 21 Exp 0] 312 msec 316 msec 256 msec



9 172.16.48.8 380 msec * 496 msec Verify Inter-AS connectivity for VPN_B: Rack1R6#show ip route vrf VPN_B Routing Table: VPN_B Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route Gateway of last resort is not set B 204.12.1.0/24 [20/0] via 160.1.3.3, 00:13:46 D 200.0.0.0/24 [90/2713600] via 54.1.7.254, 00:15:51, Virtual-Access1 54.0.0.0/8 is variably subnetted, 2 subnets, 2 masks C 54.1.7.0/24 is directly connected, Virtual-Access1 C 54.1.7.254/32 is directly connected, Virtual-Access1 D 200.0.1.0/24 [90/2713600] via 54.1.7.254, 00:15:51, Virtual-Access1 D 200.0.2.0/24 [90/2713600] via 54.1.7.254, 00:15:51, Virtual-Access1 D 200.0.3.0/24 [90/2713600] via 54.1.7.254, 00:15:51, Virtual-Access1 31.0.0.0/16 is subnetted, 4 subnets B 31.3.0.0 [20/0] via 160.1.3.3, 00:13:46 B 31.2.0.0 [20/0] via 160.1.3.3, 00:13:46 B 31.1.0.0 [20/0] via 160.1.3.3, 00:13:46 B 31.0.0.0 [20/0] via 160.1.3.3, 00:13:46 30.0.0.0/16 is subnetted, 4 subnets B 30.2.0.0 [20/0] via 160.1.3.3, 00:13:46 B 30.3.0.0 [20/0] via 160.1.3.3, 00:13:46 B 30.0.0.0 [20/0] via 160.1.3.3, 00:13:46 B 30.1.0.0 [20/0] via 160.1.3.3, 00:13:46 Rack1R3#show ip route vrf VPN_B Routing Table: VPN_B Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route Gateway of last resort is not set C 204.12.1.0/24 is directly connected, Ethernet0/1 B 200.0.0.0/24 [200/2713600] via 150.1.6.6, 00:15:04 54.0.0.0/8 is variably subnetted, 2 subnets, 2 masks B 54.1.7.0/24 [200/0] via 150.1.6.6, 00:15:04 B 54.1.7.254/32 [200/0] via 150.1.6.6, 00:15:04 B 200.0.1.0/24 [200/2713600] via 150.1.6.6, 00:15:04 B 200.0.2.0/24 [200/2713600] via 150.1.6.6, 00:15:04 B 200.0.3.0/24 [200/2713600] via 150.1.6.6, 00:15:04 31.0.0.0/16 is subnetted, 4 subnets R 31.3.0.0 [120/1] via 204.12.1.254, 00:00:04, Ethernet0/1 R 31.2.0.0 [120/1] via 204.12.1.254, 00:00:04, Ethernet0/1 R 31.1.0.0 [120/1] via 204.12.1.254, 00:00:05, Ethernet0/1 R 31.0.0.0 [120/1] via 204.12.1.254, 00:00:05, Ethernet0/1



30.0.0.0/16 is subnetted, 4 subnets R 30.2.0.0 [120/1] via 204.12.1.254, 00:00:05, Ethernet0/1 R 30.3.0.0 [120/1] via 204.12.1.254, 00:00:05, Ethernet0/1 R 30.0.0.0 [120/1] via 204.12.1.254, 00:00:05, Ethernet0/1 R 30.1.0.0 [120/1] via 204.12.1.254, 00:00:05, Ethernet0/1 Rack1R6#traceroute vrf VPN_B 30.0.0.1 Type escape sequence to abort. Tracing the route to 30.0.0.1 1 150.1.16.1 [MPLS: Labels 25/23 Exp 0] 200 msec 184 msec 204 msec 2 150.1.12.2 [MPLS: Labels 17/23 Exp 0] 184 msec 224 msec 208 msec 3 204.12.1.3 [MPLS: Label 23 Exp 0] 164 msec 176 msec 164 msec 4 204.12.1.254 184 msec * 196 msec Rack1R3#traceroute vrf VPN_B 200.0.1.1 Type escape sequence to abort. Tracing the route to 200.0.1.1 1 160.1.23.2 [MPLS: Labels 25/22 Exp 0] 204 msec 176 msec 228 msec 2 150.1.12.1 [MPLS: Labels 22/22 Exp 0] 156 msec 232 msec 248 msec 3 54.1.7.6 [MPLS: Label 22 Exp 0] 164 msec 188 msec 116 msec 4 54.1.7.254 216 msec * 180 msec

Task 5.4 R3: interface Loopback1 ip address 160.1.33.33 255.255.255.255 ! ! Make sure Loopback0 is used as Router-ID ! since Loopback1 is not advertised to IGP ! mpls ldp router-id loopback 0 force ! router bgp 234 ! address-family ipv4 unicast network 160.1.33.33 mask 255.255.255.255 ! ip vrf VPN_A bgp next-hop Loopback 1 R2: ip prefix-list R3_LOOPBACK1 permit 160.1.33.33/32 ! route-map TO_AS9 permit 30 match ip address prefix-list R3_LOOPBACK1 set community 156:200 set mpls-label R4: ip prefix-list R7_PREFIXES seq 5 permit 172.16.7.7/32 ip prefix-list R7_PREFIXES seq 10 permit 172.16.37.0/24 ! route-map FROM_R3 permit 10



match ip address prefix-list R7_PREFIXES set weight 32769 ! route-map FROM_R3 permit 1000 ! router bgp 234 ! address-family vpnv4 neighbor 160.1.3.3 route-map FROM_R3 in Task 5.4 Verification Rack1R5#traceroute 160.1.33.33 source loopback 0 Type escape sequence to abort. Tracing the route to 160.1.33.33 1 150.1.56.6 [MPLS: Label 36 Exp 0] 276 msec 280 msec 252 msec 2 150.1.16.1 [MPLS: Label 27 Exp 0] 316 msec 264 msec 332 msec 3 150.1.101.254 [MPLS: Labels 16/25 Exp 0] 216 msec 296 msec 292 msec 4 150.1.109.9 [MPLS: Label 25 Exp 0] 236 msec 244 msec 280 msec 5 150.1.109.254 [MPLS: Labels 18/27 Exp 0] 252 msec 268 msec 348 msec 6 150.1.102.2 [MPLS: Label 27 Exp 0] 232 msec 228 msec 204 msec 7 160.1.23.3 236 msec * 336 msec Rack1R5#show ip bgp vpnv4 rd 156:5 BGP table version is 24, local router ID is 150.1.5.5 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path Route Distinguisher: 156:5 (default for vrf VPN_A) *> 51.51.51.51/32 192.10.1.254 20 32768 ? *> 103.103.103.103/32 160.1.33.33 0 100 0 (65016) 234 i *> 104.104.104.104/32 160.1.4.4 0 100 0 (65016) 234 i *> 172.16.7.7/32 160.1.33.33 0 100 0 (65016) 234 ? *> 172.16.8.8/32 160.1.4.4 11 100 0 (65016) 234 ? *> 172.16.37.0/24 160.1.33.33 0 100 0 (65016) 234 ? *> 172.16.48.0/24 160.1.4.4 0 100 0 (65016) 234 ? *> 172.16.78.0/24 160.1.4.4 10009 100 0 (65016) 234 ? *> 192.10.1.0 0.0.0.0 0 32768 ?



Rack1R5#traceroute vrf VPN_A 172.16.7.7 Type escape sequence to abort. Tracing the route to 172.16.7.7 1 150.1.56.6 [MPLS: Labels 36/31 Exp 0] 428 msec 492 msec 372 msec 2 150.1.16.1 [MPLS: Labels 27/31 Exp 0] 504 msec 488 msec 420 msec 3 150.1.101.254 [MPLS: Labels 16/25/31 Exp 0] 496 msec 384 msec 496 msec 4 150.1.109.9 [MPLS: Labels 25/31 Exp 0] 512 msec 404 msec 400 msec 5 150.1.109.254 [MPLS: Labels 18/27/31 Exp 0] 472 msec 364 msec 384 msec 6 150.1.102.2 [MPLS: Labels 27/31 Exp 0] 328 msec 400 msec 416 msec 7 172.16.37.3 [MPLS: Label 31 Exp 0] 508 msec 456 msec 456 msec 8 172.16.37.7 536 msec * 420 msec Task 5.5 R3: ip route vrf VPN_B 9.9.9.0 255.255.255.0 160.1.2.2 global ! router rip ! address-family ipv4 vrf VPN_B redistribute static ! interface Ethernet 0/1 ip nat inside ! interface Serial 1/3 ip nat outside ! interface Serial 1/0.34 ip nat outside ! access-list 100 permit ip any 9.9.9.0 0.0.0.255 ! route-map INTERNET_ACCESS match ip address 100 ! ip nat inside so ro INTERNET_ACCESS int Loopback0 vrf VPN_B over R6: ip route vrf VPN_B 9.9.9.0 255.255.255.0 150.1.1.1 global ! router eigrp 1 ! address-family ipv4 vrf VPN_B redistribute static ! interface Virtual-Template 1 ip nat inside ! interface Ethernet 0/1 ip nat outside ! interface Ethernet 0/0 ip nat outside !



! access-list 100 permit ip any 9.9.9.0 0.0.0.255 ! route-map INTERNET_ACCESS match ip address 100 ! ip nat inside so ro INTERNET_ACCESS int Loopback0 vrf VPN_B over R9: router bgp 9 ! address-family ipv4 unicast network 9.9.9.0 mask 255.255.255.0 Task 5.5 Verification BB1#traceroute 9.9.9.9 Type escape sequence to abort. Tracing the route to 9.9.9.9 1 54.1.7.6 44 msec 64 msec 20 msec 2 150.1.16.1 76 msec 68 msec 48 msec 3 150.1.101.254 204 msec 184 msec 256 msec 4 150.1.109.9 220 msec * 132 msec Rack1R6#show ip nat translations Pro Inside global Inside local Outside local Outside global udp 150.1.6.6:49240 54.1.7.254:49240 9.9.9.9:33437 9.9.9.9:33437 udp 150.1.6.6:49241 54.1.7.254:49241 9.9.9.9:33438 9.9.9.9:33438 udp 150.1.6.6:49242 54.1.7.254:49242 9.9.9.9:33439 9.9.9.9:33439 udp 150.1.6.6:49243 54.1.7.254:49243 9.9.9.9:33440 9.9.9.9:33440 udp 150.1.6.6:49244 54.1.7.254:49244 9.9.9.9:33441 9.9.9.9:33441 udp 150.1.6.6:49245 54.1.7.254:49245 9.9.9.9:33442 9.9.9.9:33442 udp 150.1.6.6:49246 54.1.7.254:49246 9.9.9.9:33443 9.9.9.9:33443 udp 150.1.6.6:49247 54.1.7.254:49247 9.9.9.9:33444 9.9.9.9:33444 BB3#traceroute 9.9.9.9 Type escape sequence to abort. Tracing the route to 9.9.9.9 1 204.12.1.3 32 msec 32 msec 36 msec 2 160.1.23.2 56 msec 56 msec 76 msec 3 150.1.102.254 216 msec 188 msec 176 msec 4 150.1.109.9 136 msec * 188 msec Rack1R3#show ip nat translations Pro Inside global Inside local Outside local Outside global udp 160.1.3.3:49183 204.12.1.254:49183 9.9.9.9:33437 9.9.9.9:33437 udp 160.1.3.3:49184 204.12.1.254:49184 9.9.9.9:33438 9.9.9.9:33438 udp 160.1.3.3:49185 204.12.1.254:49185 9.9.9.9:33439 9.9.9.9:33439 udp 160.1.3.3:49186 204.12.1.254:49186 9.9.9.9:33440 9.9.9.9:33440 udp 160.1.3.3:49187 204.12.1.254:49187 9.9.9.9:33441 9.9.9.9:33441 udp 160.1.3.3:49188 204.12.1.254:49188 9.9.9.9:33442 9.9.9.9:33442 udp 160.1.3.3:49189 204.12.1.254:49189 9.9.9.9:33443 9.9.9.9:33443 udp 160.1.3.3:49190 204.12.1.254:49190 9.9.9.9:33444 9.9.9.9:33444 udp 160.1.3.3:49191 204.12.1.254:49191 9.9.9.9:33445 9.9.9.9:33445



Task 6.1 R9: interface Tunnel19 tunnel source loopback0 tunnel destination 150.1.1.1 ip address 19.19.19.9 255.255.255.0 ip pim sparse-mode ! interface Tunnel29 tunnel source loopback0 tunnel destination 160.1.2.2 ip address 29.29.29.9 255.255.255.0 ip pim sparse-mode R1: interface Tunnel19 tunnel source loopback0 tunnel destination 150.1.9.9 ip address 19.19.19.1 255.255.255.0 ip pim sparse-mode ip pim bsr-border ! interface Serial 2/0.12 ip pim bsr-border ip pim sparse-mode frame-relay map ip 150.1.12.2 102 broadcast R2: interface Tunnel29 tunnel source loopback0 tunnel destination 150.1.9.9 ip address 29.29.29.2 255.255.255.0 ip pim sparse-mode ip pim bsr-border ! ! interface Serial 2/0.12 ip pim bsr-border ip pim sparse-mode frame-relay map ip 150.1.12.1 201 broadcast ! router isis mpls traffic-eng multicast-intact



Task 6.1 Verification Rack1R9#show ip pim neighbor PIM Neighbor Table Neighbor Interface Uptime/Expires Ver DR Address Prio/Mode 19.19.19.1 Tunnel19 00:35:46/00:01:26 v2 1 / 29.29.29.2 Tunnel29 00:35:35/00:01:34 v2 1 / Rack1R1#show ip pim neighbor PIM Neighbor Table Neighbor Interface Uptime/Expires Ver DR Address Prio/Mode 150.1.16.6 FastEthernet0/0 00:37:57/00:01:43 v2 1 / DR S 150.1.15.5 Serial2/0.15 00:38:01/00:01:39 v2 1 / S 19.19.19.9 Tunnel19 00:00:33/00:01:40 v2 1 / S 150.1.12.2 Serial2/0.12 00:00:04/00:01:40 v2 1 / DR S Rack1R2#show ip pim neighbor PIM Neighbor Table Neighbor Interface Uptime/Expires Ver DR Address Prio/Mode 160.1.24.4 Serial2/0.24 00:39:08/00:01:29 v2 1 / S 160.1.23.3 Serial2/1 00:39:33/00:01:37 v2 1 / S 29.29.29.9 Tunnel29 00:00:40/00:01:33 v2 1 / S 150.1.12.1 Serial2/0.12 00:00:24/00:01:20 v2 1 / S Make sure R2 has no troubles with MPLS TE tunnel and RPF checks: Rack1R2#show ip pim rp mapping PIM Group-to-RP Mappings Group(s) 224.0.0.0/4 RP 160.1.4.4 (?), v2 Info source: 160.1.4.4 (?), via bootstrap, priority 0, holdtime 210 Uptime: 00:00:02, expires: 00:03:25 Task 6.2 R1: router bgp 65016 ! address-family ipv4 multicast neighbor 150.1.9.9 activate neighbor 150.1.12.2 activate R2: router bgp 234 ! address-family ipv4 multicast neighbor 150.1.9.9 activate neighbor 150.1.12.1 activate



R9: router bgp 9 ! address-family ipv4 multicast neighbor 150.1.1.1 activate neighbor 160.1.2.2 activate ! ip msdp peer 160.1.4.4 connect-source loopback0 ip msdp peer 150.1.6.6 connect-source loopback0 ! ip msdp mesh-group GROUP1 160.1.4.4 ip msdp mesh-group GROUP1 150.1.6.6 ! access-list 199 permit ip any 239.0.0.0 0.255.255.255 ! ip msdp sa-filter in 150.1.6.6 list 199 ip msdp sa-filter in 160.1.4.4 list 199 R6: ip msdp peer 150.1.9.9 connect-source loopback0 ip msdp peer 160.1.4.4 connect-source loopback0 ! ip msdp mesh-group GROUP1 150.1.9.9 ip msdp mesh-group GROUP1 160.1.4.4 ! access-list 199 permit ip any 239.0.0.0 0.255.255.255 ! ip msdp sa-filter in 150.1.9.9 list 199 ip msdp sa-filter in 160.1.4.4 list 199 R4: ip msdp peer 150.1.9.9 connect-source loopback0 ip msdp peer 150.1.6.6 connect-source loopback0 ! ip msdp mesh-group GROUP1 150.1.9.9 ip msdp mesh-group GROUP1 150.1.6.6 ! access-list 199 permit ip any 239.0.0.0 0.255.255.255 ! ip msdp sa-filter in 150.1.9.9 list 199 ip msdp sa-filter in 150.1.6.6 list 199



Task 6.2 Verification Rack1R1#show ip bgp ipv4 multicast summary BGP router identifier 150.1.1.1, local AS number 65016 BGP table version is 1, main routing table version 1 Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd 150.1.9.9 4 9 173 175 1 0 0 00:46:43 0 150.1.12.2 4 234 170 166 1 0 0 02:33:24 0 Rack1R2#show ip bgp ipv4 multicast summary BGP router identifier 160.1.2.2, local AS number 234 BGP table version is 1, main routing table version 1 Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd 150.1.9.9 4 9 170 179 1 0 0 00:46:53 0 150.1.12.1 4 156 166 170 1 0 0 02:33:47 0 Rack1R9#show ip bgp ipv4 multicast summary BGP router identifier 150.1.9.9, local AS number 9 BGP table version is 1, main routing table version 1 Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd 150.1.1.1 4 156 130 128 1 0 0 00:01:37 0 160.1.2.2 4 234 134 125 1 0 0 00:01:24 0 Rack1R9#show ip msdp peer MSDP Peer 160.1.4.4 (?), AS 234 Description: Connection status: State: Up, Resets: 0, Connection source: Loopback0 (150.1.9.9) Uptime(Downtime): 00:02:48, Messages sent/received: 3/4 Output messages discarded: 0 Connection and counters cleared 00:03:30 ago Peer is member of mesh-group GROUP1 SA Filtering: Input (S,G) filter: 199, route-map: none Input RP filter: none, route-map: none Output (S,G) filter: none, route-map: none Output RP filter: none, route-map: none SA-Requests: Input filter: none Peer ttl threshold: 0 SAs learned from this peer: 0 Input queue size: 0, Output queue size: 0 MSDP Peer 150.1.6.6 (?), AS 156 Description: Connection status: State: Up, Resets: 0, Connection source: Loopback0 (150.1.9.9) Uptime(Downtime): 00:02:48, Messages sent/received: 4/5 Output messages discarded: 0 Connection and counters cleared 00:03:31 ago Peer is member of mesh-group GROUP1 SA Filtering: Input (S,G) filter: 199, route-map: none Input RP filter: none, route-map: none Output (S,G) filter: none, route-map: none Output RP filter: none, route-map: none



SA-Requests: Input filter: none Peer ttl threshold: 0 SAs learned from this peer: 0 Input queue size: 0, Output queue size: 0 Task 6.3 R1: ! ! Respond to signaling from AS234 ! route-map MCAST_FROM_AS234 permit 10 match community LP_200 set local-preference 200 ! route-map MCAST_FROM_AS234 permit 1000 ! ! Respond to labeled prefixes coming from AS9 ! route-map MCAST_FROM_AS9 permit 10 match community LP_200 set local-preference 200 set ip next-hop 19.19.19.9 ! route-map MCAST_FROM_AS9 permit 1000 set ip next-hop 19.19.19.9 router bgp 65016 address-family ipv4 multicast neighbor 150.1.9.9 route-map MCAST_FROM_AS9 in neighbor 150.1.9.9 send-community neighbor 150.1.12.2 route-map MCAST_FROM_AS234 in neighbor 150.1.12.2 send-community ! network 150.1.5.5 mask 255.255.255.255 network 150.1.6.6 mask 255.255.255.255 network 150.1.1.1 mask 255.255.255.255 R2: ! ! Respond to signaling from AS156 ! route-map MCAST_FROM_AS156 permit 10 match community LP_200 set local-preference 200 ! route-map MCAST_FROM_AS156 permit 1000 ! ! Respond to labeled prefixes coming from AS9 ! route-map MCAST_FROM_AS9 permit 10 match community LP_200



set local-preference 200 set ip next-hop 29.29.29.9 ! route-map MCAST_FROM_AS9 permit 1000 set ip next-hop 29.29.29.9 router bgp 234 address-family ipv4 multicast neighbor 150.1.9.9 route-map MCAST_FROM_AS9 in neighbor 150.1.9.9 send-community neighbor 150.1.12.1 route-map MCAST_FROM_AS156 in neighbor 150.1.12.1 send-community network 160.1.3.3 mask 255.255.255.255 network 160.1.4.4 mask 255.255.255.255 network 160.1.2.2 mask 255.255.255.255 R9: ! ! Respond to signaling from AS156 ! route-map MCAST_FROM_AS156 permit 10 match community LP_200 set local-preference 200 set ip next-hop 19.19.19.1 ! route-map MCAST_FROM_AS156 permit 1000 set ip next-hop 19.19.19.1 ! ! Respond to labeled prefixes coming from AS234 ! route-map MCAST_FROM_AS234 permit 10 match community LP_200 set local-preference 200 set ip next-hop 29.29.29.2 ! route-map MCAST_FROM_AS234 permit 1000 set ip next-hop 29.29.29.2 router bgp 9 address-family ipv4 multicast neighbor 150.1.1.1 route-map MCAST_FROM_AS156 in neighbor 150.1.1.1 send-community neighbor 160.1.2.2 route-map MCAST_FROM_AS234 in neighbor 160.1.2.2 send-community



Task 6.3 Verification Rack1R9#show ip bgp ipv4 multicast BGP table version is 7, local router ID is 150.1.9.9 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path * 150.1.1.1/32 29.29.29.2 0 234 156 i *> 19.19.19.1 0 0 156 i * 150.1.5.5/32 29.29.29.2 0 234 156 i *> 19.19.19.1 12 0 156 i * 150.1.6.6/32 29.29.29.2 0 234 156 i *> 19.19.19.1 2 0 156 i * 160.1.2.2/32 19.19.19.1 0 156 234 i *> 29.29.29.2 0 0 234 i * 160.1.3.3/32 19.19.19.1 0 156 234 i *> 29.29.29.2 10 0 234 i * 160.1.4.4/32 19.19.19.1 0 156 234 i *> 29.29.29.2 10 0 234 i Rack1R1#show ip bgp ipv4 multicast BGP table version is 7, local router ID is 150.1.1.1 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *> 150.1.1.1/32 0.0.0.0 0 32768 i *> 150.1.5.5/32 150.1.16.6 12 32768 i *> 150.1.6.6/32 150.1.16.6 2 32768 i * 160.1.2.2/32 19.19.19.9 0 9 234 i *> 150.1.12.2 0 0 234 i * 160.1.3.3/32 19.19.19.9 0 9 234 i *> 150.1.12.2 10 0 234 i * 160.1.4.4/32 19.19.19.9 0 9 234 i *> 150.1.12.2 10 0 234 i Rack1R2#show ip bgp ipv4 multicast BGP table version is 7, local router ID is 160.1.2.2 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path * 150.1.1.1/32 29.29.29.9 0 9 156 i *> 150.1.12.1 0 0 156 i * 150.1.5.5/32 29.29.29.9 0 9 156 i *> 150.1.12.1 12 0 156 i * 150.1.6.6/32 29.29.29.9 0 9 156 i *> 150.1.12.1 2 0 156 i *> 160.1.2.2/32 0.0.0.0 0 32768 i



*> 160.1.3.3/32 160.1.23.3 10 32768 i *> 160.1.4.4/32 160.1.4.4 10 32768 i Task 6.4 R1: ip prefix-list R6_LOOPBACK0 permit 150.1.6.6/32 ! route-map MCAST_TO_AS9 permit 10 match ip address prefix-list R6_LOOPBACK0 set community 234:200 ! route-map MCAST_TO_AS9 permit 1000 router bgp 65016 ! address-family ipv4 multicast neighbor 150.1.9.9 route-map MCAST_TO_AS9 out R2: ip prefix-list R3_LOOPBACK0 permit 160.1.3.3/32 ! route-map MCAST_TO_AS9 permit 10 match ip address prefix-list R3_LOOPBACK0 set community 156:200 ! route-map MCAST_TO_AS9 permit 1000 router bgp 234 ! address-family ipv4 multicast neighbor 150.1.9.9 route-map MCAST_TO_AS9 out R3: interface Loopback0 ip igmp join-group 239.3.3.3 R6: interface Loopback0 ip igmp join-group 239.6.6.6



Task 6.4 Verification Rack1R1#show ip bgp ipv4 multicast BGP table version is 12, local router ID is 150.1.1.1 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *> 150.1.1.1/32 0.0.0.0 0 32768 i *> 150.1.5.5/32 150.1.16.6 12 32768 i *> 150.1.6.6/32 150.1.16.6 2 32768 i * 160.1.2.2/32 19.19.19.9 0 9 234 i *> 150.1.12.2 0 0 234 i *> 160.1.3.3/32 19.19.19.9 200 0 9 234 i * 150.1.12.2 10 0 234 i * 160.1.4.4/32 19.19.19.9 0 9 234 i *> 150.1.12.2 10 0 234 i Rack1R1#show ip bgp ipv4 multicast 160.1.3.3 MBGP routing table entry for 160.1.3.3/32, version 9 Paths: (2 available, best #1) Flag: 0x820 Advertised to update-groups: 1 9 234 19.19.19.9 from 150.1.9.9 (150.1.9.9) Origin IGP, localpref 200, valid, external, best Community: 156:200 234 150.1.12.2 from 150.1.12.2 (160.1.2.2) Origin IGP, metric 10, localpref 100, valid, external Rack1R2#show ip bgp ipv4 multicast BGP table version is 12, local router ID is 160.1.2.2 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path * 150.1.1.1/32 29.29.29.9 0 9 156 i *> 150.1.12.1 0 0 156 i * 150.1.5.5/32 29.29.29.9 0 9 156 i *> 150.1.12.1 12 0 156 i *> 150.1.6.6/32 29.29.29.9 200 0 9 156 i * 150.1.12.1 2 0 156 i *> 160.1.2.2/32 0.0.0.0 0 32768 i *> 160.1.3.3/32 160.1.23.3 10 32768 i *> 160.1.4.4/32 160.1.4.4 10 32768 i



Rack1R2#show ip bgp ipv4 multicast 150.1.6.6 MBGP routing table entry for 150.1.6.6/32, version 8 Paths: (2 available, best #1) Advertised to update-groups: 1 9 156 29.29.29.9 from 150.1.9.9 (150.1.9.9) Origin IGP, localpref 200, valid, external, best Community: 234:200 156 150.1.12.1 from 150.1.12.1 (150.1.1.1) Origin IGP, metric 2, localpref 100, valid, external Rack1R3#ping 239.6.6.6 source loopback 0 Type escape sequence to abort. Sending 1, 100-byte ICMP Echos to 239.6.6.6, timeout is 2 seconds: Packet sent with a source address of 160.1.3.3 Reply to request 0 from 150.1.16.6, 256 ms Reply to request 0 from 150.1.16.6, 340 ms Rack1R6#show ip msdp sa-cache MSDP Source-Active Cache - 4 entries (160.1.3.3, 239.6.6.6), RP 160.1.4.4, BGP/AS 234, 00:00:45/00:05:43, Peer 160.1.4.4 (160.1.23.3, 239.6.6.6), RP 160.1.4.4, BGP/AS 234, 00:00:45/00:05:43, Peer 160.1.4.4 (160.1.33.33, 239.6.6.6), RP 160.1.4.4, BGP/AS 234, 00:00:45/00:05:43, Peer 160.1.4.4 (160.1.34.3, 239.6.6.6), RP 160.1.4.4, BGP/AS 234, 00:00:45/00:05:43, Peer 160.1.4.4 Rack1R6#show ip mroute 239.6.6.6 160.1.3.3 IP Multicast Routing Table Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected, L - Local, P - Pruned, R - RP-bit set, F - Register flag, T - SPT-bit set, J - Join SPT, M - MSDP created entry, X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement, U - URD, I - Received Source Specific Host Report, Z - Multicast Tunnel, z - MDT-data group sender, Y - Joined MDT-data group, y - Sending to MDT-data group Outgoing interface flags: H - Hardware switched, A - Assert winner Timers: Uptime/Expires Interface state: Interface, Next-Hop or VCD, State/Mode (160.1.3.3, 239.6.6.6), 00:02:05/00:02:15, flags: LM Incoming interface: Ethernet0/0, RPF nbr 150.1.16.1 Outgoing interface list: Loopback0, Forward/Sparse, 00:02:05/00:02:32 Rack1R1#show ip mroute 239.6.6.6 160.1.3.3 IP Multicast Routing Table Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected, L - Local, P - Pruned, R - RP-bit set, F - Register flag, T - SPT-bit set, J - Join SPT, M - MSDP created entry, X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement, U - URD, I - Received Source Specific Host Report, Z - Multicast Tunnel, z - MDT-data group sender, Y - Joined MDT-data group, y - Sending to MDT-data group



V - RD & Vector, v - Vector Outgoing interface flags: H - Hardware switched, A - Assert winner Timers: Uptime/Expires Interface state: Interface, Next-Hop or VCD, State/Mode (160.1.3.3, 239.6.6.6), 00:02:34/00:00:56, flags: Incoming interface: Tunnel19, RPF nbr 19.19.19.9, Mbgp Outgoing interface list: FastEthernet0/0, Forward/Sparse, 00:02:34/00:02:54 Rack1R9#show ip mroute 239.6.6.6 160.1.3.3 IP Multicast Routing Table Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected, L - Local, P - Pruned, R - RP-bit set, F - Register flag, T - SPT-bit set, J - Join SPT, M - MSDP created entry, X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement, U - URD, I - Received Source Specific Host Report, Z - Multicast Tunnel Y - Joined MDT-data group, y - Sending to MDT-data group Outgoing interface flags: H - Hardware switched, A - Assert winner Timers: Uptime/Expires Interface state: Interface, Next-Hop or VCD, State/Mode (160.1.3.3, 239.6.6.6), 00:02:37/00:00:52, flags: Incoming interface: Tunnel29, RPF nbr 29.29.29.2, Mbgp Outgoing interface list: Tunnel19, Forward/Sparse, 00:02:37/00:02:49 Rack1R2#show ip mroute 239.6.6.6 160.1.3.3 IP Multicast Routing Table Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected, L - Local, P - Pruned, R - RP-bit set, F - Register flag, T - SPT-bit set, J - Join SPT, M - MSDP created entry, X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement, U - URD, I - Received Source Specific Host Report, Z - Multicast Tunnel, z - MDT-data group sender, Y - Joined MDT-data group, y - Sending to MDT-data group V - RD & Vector, v - Vector Outgoing interface flags: H - Hardware switched, A - Assert winner Timers: Uptime/Expires Interface state: Interface, Next-Hop or VCD, State/Mode (160.1.3.3, 239.6.6.6), 00:02:40/00:00:49, flags: Incoming interface: Serial2/1, RPF nbr 160.1.23.3 Outgoing interface list: Tunnel29, Forward/Sparse, 00:02:40/00:02:48 Rack1R3#show ip mroute 239.6.6.6 160.1.3.3 IP Multicast Routing Table Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected, L - Local, P - Pruned, R - RP-bit set, F - Register flag, T - SPT-bit set, J - Join SPT, M - MSDP created entry, X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement, U - URD, I - Received Source Specific Host Report, Z - Multicast Tunnel, z - MDT-data group sender, Y - Joined MDT-data group, y - Sending to MDT-data group Outgoing interface flags: H - Hardware switched, A - Assert winner Timers: Uptime/Expires Interface state: Interface, Next-Hop or VCD, State/Mode (160.1.3.3, 239.6.6.6), 00:02:45/00:00:50, flags: FT Incoming interface: Loopback0, RPF nbr 0.0.0.0 Outgoing interface list:



Serial1/3, Forward/Sparse, 00:02:45/00:02:43 Rack1R6#ping 239.3.3.3 source loopback 0 Type escape sequence to abort. Sending 1, 100-byte ICMP Echos to 239.3.3.3, timeout is 2 seconds: Packet sent with a source address of 150.1.6.6 Reply to request 0 from 160.1.34.3, 376 ms Rack1R4#show ip msdp sa-cache MSDP Source-Active Cache - 3 entries (150.1.6.6, 239.3.3.3), RP 150.1.6.6, BGP/AS 156, 00:00:24/00:05:35, Peer 150.1.6.6 (150.1.16.6, 239.3.3.3), RP 150.1.6.6, BGP/AS 156, 00:00:24/00:05:35, Peer 150.1.6.6 (150.1.56.6, 239.3.3.3), RP 150.1.6.6, BGP/AS 156, 00:00:24/00:05:35, Peer 150.1.6.6 Rack1R3#show ip mroute 239.3.3.3 150.1.6.6 IP Multicast Routing Table Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected, L - Local, P - Pruned, R - RP-bit set, F - Register flag, T - SPT-bit set, J - Join SPT, M - MSDP created entry, X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement, U - URD, I - Received Source Specific Host Report, Z - Multicast Tunnel, z - MDT-data group sender, Y - Joined MDT-data group, y - Sending to MDT-data group Outgoing interface flags: H - Hardware switched, A - Assert winner Timers: Uptime/Expires Interface state: Interface, Next-Hop or VCD, State/Mode (150.1.6.6, 239.3.3.3), 00:01:41/00:01:18, flags: LJ Incoming interface: Serial1/3, RPF nbr 160.1.23.2 Outgoing interface list: Loopback0, Forward/Sparse, 00:01:41/00:02:04 Rack1R2#show ip mroute 239.3.3.3 150.1.6.6 IP Multicast Routing Table Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected, L - Local, P - Pruned, R - RP-bit set, F - Register flag, T - SPT-bit set, J - Join SPT, M - MSDP created entry, X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement, U - URD, I - Received Source Specific Host Report, Z - Multicast Tunnel, z - MDT-data group sender, Y - Joined MDT-data group, y - Sending to MDT-data group V - RD & Vector, v - Vector Outgoing interface flags: H - Hardware switched, A - Assert winner Timers: Uptime/Expires Interface state: Interface, Next-Hop or VCD, State/Mode (150.1.6.6, 239.3.3.3), 00:01:47/00:01:42, flags: Incoming interface: Tunnel29, RPF nbr 29.29.29.9, Mbgp Outgoing interface list: Serial2/1, Forward/Sparse, 00:01:47/00:02:41 Serial2/0.24, Forward/Sparse, 00:01:47/00:02:40 Rack1R9#show ip mroute 239.3.3.3 150.1.6.6 IP Multicast Routing Table Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected, L - Local, P - Pruned, R - RP-bit set, F - Register flag, T - SPT-bit set, J - Join SPT, M - MSDP created entry,



X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement, U - URD, I - Received Source Specific Host Report, Z - Multicast Tunnel Y - Joined MDT-data group, y - Sending to MDT-data group Outgoing interface flags: H - Hardware switched, A - Assert winner Timers: Uptime/Expires Interface state: Interface, Next-Hop or VCD, State/Mode (150.1.6.6, 239.3.3.3), 00:01:54/00:01:36, flags: Incoming interface: Tunnel19, RPF nbr 19.19.19.1, Mbgp Outgoing interface list: Tunnel29, Forward/Sparse, 00:01:54/00:02:34 Rack1R1#show ip mroute 239.3.3.3 150.1.6.6 IP Multicast Routing Table Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected, L - Local, P - Pruned, R - RP-bit set, F - Register flag, T - SPT-bit set, J - Join SPT, M - MSDP created entry, X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement, U - URD, I - Received Source Specific Host Report, Z - Multicast Tunnel, z - MDT-data group sender, Y - Joined MDT-data group, y - Sending to MDT-data group V - RD & Vector, v - Vector Outgoing interface flags: H - Hardware switched, A - Assert winner Timers: Uptime/Expires Interface state: Interface, Next-Hop or VCD, State/Mode (150.1.6.6, 239.3.3.3), 00:01:57/00:01:32, flags: Incoming interface: FastEthernet0/0, RPF nbr 150.1.16.6 Outgoing interface list: Tunnel19, Forward/Sparse, 00:01:57/00:03:29 Rack1R6#show ip mroute 239.3.3.3 150.1.6.6 IP Multicast Routing Table Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected, L - Local, P - Pruned, R - RP-bit set, F - Register flag, T - SPT-bit set, J - Join SPT, M - MSDP created entry, X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement, U - URD, I - Received Source Specific Host Report, Z - Multicast Tunnel, z - MDT-data group sender, Y - Joined MDT-data group, y - Sending to MDT-data group Outgoing interface flags: H - Hardware switched, A - Assert winner Timers: Uptime/Expires Interface state: Interface, Next-Hop or VCD, State/Mode (150.1.6.6, 239.3.3.3), 00:02:02/00:00:57, flags: TA Incoming interface: Loopback0, RPF nbr 0.0.0.0 Outgoing interface list: Ethernet0/0, Forward/Sparse, 00:02:02/00:03:25



Task 6.5 R2: router bgp 234 ! address-family ipv4 multicast neighbor 160.1.3.3 activate R3: ip multicast-routing vrf VPN_A ip pim vrf VPN_A rp-address 172.16.7.7 ! interface Loopback1 ip pim sparse-mode ! router bgp 234 ! address-family ipv4 multicast neighbor 160.1.2.2 activate network 160.1.33.33 mask 255.255.255.255 ! ip vrf VPN_A mdt default 239.100.100.100 ! interface Ethernet 0/0 ip pim sparse-mode R4: ip multicast-routing vrf VPN_A ip pim vrf VPN_A rp-address 172.16.7.7 ! ip vrf VPN_A mdt default 239.100.100.100 ! interface Ethernet 0/1 ip pim sparse-mode R5: ip multicast-routing vrf VPN_A ip pim vrf VPN_A rp-address 172.16.7.7 ! ip vrf VPN_A mdt default 239.100.100.100 ! interface Ethernet 0/1 ip pim sparse-mode ip igmp join-group 239.5.5.5



Task 6.5 Verification Rack1R7#ping 239.5.5.5 source loopback 0 Type escape sequence to abort. Sending 1, 100-byte ICMP Echos to 239.5.5.5, timeout is 2 seconds: Packet sent with a source address of 172.16.7.7 Reply to request 0 from 150.1.5.5, 272 ms Reply to request 0 from 150.1.5.5, 528 ms Reply to request 0 from 150.1.5.5, 400 ms Rack1R8#ping 239.5.5.5 source loopback 0 Type escape sequence to abort. Sending 1, 100-byte ICMP Echos to 239.5.5.5, timeout is 2 seconds: Packet sent with a source address of 172.16.8.8 Reply to request 0 from 150.1.5.5, 284 ms Reply to request 0 from 150.1.5.5, 464 ms Reply to request 0 from 150.1.5.5, 384 ms Rack1R7#show ip mroute 239.5.5.5 172.16.7.7 IP Multicast Routing Table Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected, L - Local, P - Pruned, R - RP-bit set, F - Register flag, T - SPT-bit set, J - Join SPT, M - MSDP created entry, X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement, U - URD, I - Received Source Specific Host Report, Z - Multicast Tunnel, z - MDT-data group sender, Y - Joined MDT-data group, y - Sending to MDT-data group Outgoing interface flags: H - Hardware switched, A - Assert winner Timers: Uptime/Expires Interface state: Interface, Next-Hop or VCD, State/Mode (172.16.7.7, 239.5.5.5), 00:00:11/00:03:26, flags: T Incoming interface: Loopback0, RPF nbr 0.0.0.0 Outgoing interface list: FastEthernet1/3, Forward/Sparse, 00:00:11/00:03:18 Rack1R3#show ip mroute vrf VPN_A 239.5.5.5 172.16.7.7 IP Multicast Routing Table Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected, L - Local, P - Pruned, R - RP-bit set, F - Register flag, T - SPT-bit set, J - Join SPT, M - MSDP created entry, X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement, U - URD, I - Received Source Specific Host Report, Z - Multicast Tunnel, z - MDT-data group sender, Y - Joined MDT-data group, y - Sending to MDT-data group Outgoing interface flags: H - Hardware switched, A - Assert winner Timers: Uptime/Expires Interface state: Interface, Next-Hop or VCD, State/Mode (172.16.7.7, 239.5.5.5), 00:00:43/00:02:46, flags: Incoming interface: Ethernet0/0, RPF nbr 172.16.37.7 Outgoing interface list: Tunnel0, Forward/Sparse, 00:00:43/00:03:15



Rack1R5#show ip mroute vrf VPN_A 239.5.5.5 172.16.7.7 IP Multicast Routing Table Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected, L - Local, P - Pruned, R - RP-bit set, F - Register flag, T - SPT-bit set, J - Join SPT, M - MSDP created entry, X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement, U - URD, I - Received Source Specific Host Report, Z - Multicast Tunnel, z - MDT-data group sender, Y - Joined MDT-data group, y - Sending to MDT-data group Outgoing interface flags: H - Hardware switched, A - Assert winner Timers: Uptime/Expires Interface state: Interface, Next-Hop or VCD, State/Mode (172.16.7.7, 239.5.5.5), 00:01:18/00:01:51, flags: LJT Incoming interface: Tunnel0, RPF nbr 160.1.33.33 Outgoing interface list: Ethernet0/1, Forward/Sparse, 00:01:18/00:02:50 Task 7.1 R1: ip community-list st PREC_2 permit 156:1002 ip community-list st PREC_3 permit 156:1003 ! route-map QOS_MAP permit 10 match community PREC_2 set ip precedence 2 ! route-map QOS_MAP permit 20 match community PREC_3 set ip precedence 3 ! ! Outbound route-maps ! route-map TO_AS9 permit 20 set community 234:200 234:1003 ! route-map TO_AS9 permit 30 match ip address prefix-list R6_LOOPBACK0 set community 234:1002 set mpls-label ! ! ! route-map TO_AS234 permit 10 match ip address prefix-list R5_LOOPBACK0 set community 234:1003 set mpls-label ! route-map TO_AS234 permit 20 match ip address prefix-list R6_LOOPBACK0 set community 234:1002 set mpls-label ! route-map TO_AS234 permit 1000 set mpls-label



! ! Apply the mapping to BGP routes ! router bgp 65016 ! address-family ipv4 unicast table-map QOS_MAP neighbor 150.1.12.2 route-map TO_AS234 out R2: ip community-list st PREC_2 permit 234:1002 ip community-list st PREC_3 permit 234:1003 ! route-map QOS_MAP permit 10 match community PREC_2 set ip precedence 2 ! route-map QOS_MAP permit 20 match community PREC_3 set ip precedence 3 ! ! Outbound route-maps ! route-map TO_AS9 permit 20 match ip address prefix-list R4_LOOPBACK0 set community 156:200 156:1003 ! route-map TO_AS9 permit 40 match ip address prefix R3_LOOPBACK0 set community 156:1003 ! ! ! route-map TO_AS156 permit 20 match ip address prefix-list R4_LOOPBACK0 set community 156:1003 set mpls-label ! route-map TO_AS156 permit 40 match ip address prefix R3_LOOPBACK0 set community 156:1003 set mpls-label ! route-map TO_AS156 permit 1000 set mpls-label ! ! Apply the mapping to BGP routes ! router bgp 234 ! address-family ipv4 unicast table-map QOS_MAP neighbor 150.1.12.1 route-map TO_AS156 out



Task 7.1 Verification Rack1R1#show ip bgp 160.1.3.3 BGP routing table entry for 160.1.3.3/32, version 61 Paths: (2 available, best #1) Flag: 0x880 Advertised to update-groups: 2 3 234 150.1.12.2 from 150.1.12.2 (160.1.2.2) Origin IGP, localpref 100, valid, external, best Community: 156:1003 mpls labels in/out 24/18 9 234 150.1.9.9 (metric 20) from 150.1.9.9 (150.1.9.9) Origin IGP, localpref 100, valid, external Community: 156:1003 mpls labels in/out 24/21 Rack1R1#show ip bgp 160.1.4.4 BGP routing table entry for 160.1.4.4/32, version 60 Paths: (2 available, best #2) Advertised to update-groups: 1 3 234 150.1.12.2 from 150.1.12.2 (160.1.2.2) Origin IGP, localpref 100, valid, external Community: 156:1003 mpls labels in/out 26/16 9 234 150.1.9.9 (metric 20) from 150.1.9.9 (150.1.9.9) Origin IGP, localpref 200, valid, external, best Community: 156:200 156:1003 mpls labels in/out 26/23 Rack1R2#show ip bgp 150.1.5.5 BGP routing table entry for 150.1.5.5/32, version 63 Paths: (2 available, best #2) Advertised to update-groups: 1 2 156 150.1.12.1 from 150.1.12.1 (150.1.1.1) Origin IGP, localpref 100, valid, external Community: 234:1003 mpls labels in/out 24/30 9 156 150.1.9.9 (metric 3) from 150.1.9.9 (150.1.9.9) Origin IGP, localpref 200, valid, external, best Community: 234:200 234:1003 mpls labels in/out 24/31 Rack1R2#show ip bgp 150.1.6.6 BGP routing table entry for 150.1.6.6/32, version 62 Paths: (2 available, best #2) Advertised to update-groups: 1 3



9 156 150.1.9.9 (metric 3) from 150.1.9.9 (150.1.9.9) Origin IGP, localpref 100, valid, external Community: 234:1002 mpls labels in/out 27/27 156 150.1.12.1 from 150.1.12.1 (150.1.1.1) Origin IGP, localpref 100, valid, external, best Community: 234:1002 mpls labels in/out 27/22 Task 7.2 R1: class-map PREC_5 match ip precedence 5 ! class-map PREC_2 match ip precedence 2 ! class-map PREC_3 match ip precedence 3 ! ! Policy-map ! policy-map QOS_POLICY class PREC_5 priority 2000 class PREC_3 bandwidth 10000 shape average 15000000 class PREC_2 police 5000000 ! policy-map PARENT_POLICY class class-default shape average 45000000 service-policy QOS_POLICY ! interface Serial2/0 bandwidth 45000 ! interface Serial2/0.15 bandwidth 45000 service-policy out PARENT_POLICY ! ! Enable classification based on BGP mappings ! interface Serial 2/0.12 bgp-policy source ip-prec-map ! interface ATM 3/0.1 bgp-policy source ip-prec-map !



interface Tunnel19 bgp-policy source ip-prec-map R2: class-map PREC_5 match ip precedence 5 ! class-map PREC_2 match ip precedence 2 ! class-map PREC_3 match ip precedence 3 ! ! Policy-map ! policy-map QOS_POLICY class PREC_5 priority 2000 class PREC_3 bandwidth 10000 shape average 15000000 class PREC_2 police 5000000 interface Serial2/1 bandwidth 45000 service-policy out QOS_POLICY ! ! ! Enable classification based on BGP mappings ! interface Serial 2/0.12 bgp-policy source ip-prec-map ! interface ATM 3/0.1 bgp-policy source ip-prec-map ! interface Tunnel29 bgp-policy source ip-prec-map



Task 7.2 Verification Shutdown some interfaces to force traffic enter AS234 via FR link and flow via Serial 2/1 down to R3: R2: interface Serial2/0.24 point-to-point shutdown ! interface ATM 3/0.1 shutdown R1: interface ATM 3/0.1 shutdown Rack1R6#ping 239.3.3.3 source loopback 0 repeat 100 Type escape sequence to abort. Sending 100, 100-byte ICMP Echos to 239.3.3.3, timeout is 2 seconds: Packet sent with a source address of 150.1.6.6 Reply to request 0 from 160.1.34.3, 384 ms Reply to request 1 from 160.1.23.3, 144 ms Reply to request 2 from 160.1.23.3, 228 ms Reply to request 3 from 160.1.23.3, 208 ms Reply to request 4 from 160.1.23.3, 228 ms Rack1R2#show policy-map interface serial 2/1 Serial2/1 Service-policy output: QOS_POLICY (34) queue stats for all priority classes: queue limit 64 packets (queue depth/total drops/no-buffer drops) 0/0/0 (pkts queued/bytes queued) 0/0 Class-map: PREC_5 (match-all) (9076993/1) 0 packets, 0 bytes 5 minute offered rate 0 bps, drop rate 0 bps Match: ip precedence 5 (11265730) Priority: 2000 kbps, burst bytes 50000, Class-map: PREC_3 (match-all) (9076961/3) 178 packets, 13550 bytes 5 minute offered rate 0 bps, drop rate 0 bps Match: ip precedence 3 (15694162) Queueing queue limit 64 packets (queue depth/total drops/no-buffer drops) 0/0/0 (pkts queued/bytes queued) 178/13550 bandwidth 10000 kbps shape (average) cir 15000000, bc 60000, be 60000 target shape rate 15000000



Class-map: PREC_2 (match-all) (9076945/2) 6 packets, 624 bytes 5 minute offered rate 0 bps, drop rate 0 bps Match: ip precedence 2 (13054130) police: cir 5000000 bps, bc 156250 bytes conformed 6 packets, 624 bytes; actions: transmit exceeded 0 packets, 0 bytes; actions: drop conformed 0 bps, exceed 0 bps Class-map: class-default (match-any) (14664689/0) 3419 packets, 737998 bytes 5 minute offered rate 3000 bps, drop rate 0 bps Match: any (5649682) 3419 packets, 737998 bytes 5 minute rate 3000 bps Task 8.1 ! ! AS 234 ! R2: ip route 192.0.2.1 255.255.255.255 null0 ! ip community-list st BLACKHOLE permit 234:9999 ! route-map FROM_R3 permit 10 match community BLACKHOLE set ip next-hop 192.0.2.1 set origin igp set local-preference 1000 ! route-map FROM_R3 permit 1000 ! router bgp 234 ! address-family ipv4 unicast neighbor 160.1.3.3 route-map FROM_R3 in neighbor 160.1.3.3 send-community R3: router bgp 234 ! address-family ipv4 unicast neighbor 160.1.4.4 send-community neighbor 160.1.2.2 send-community



R4: route-map BLACKHOLE permit 10 match tag 9999 set community 234:9999 ! router bgp 234 ! address-family ipv4 unicast redistribute static route-map BLACKHOLE neighbor 160.1.3.3 send-community ! ! AS 156 ! R1: ip route 192.0.2.1 255.255.255.255 null0 ! ip community-list st BLACKHOLE permit 156:9999 ! route-map FROM_R6 permit 10 match community BLACKHOLE set ip next-hop 192.0.2.1 set origin igp set local-preference 1000 ! route-map FROM_R6 permit 1000 ! router bgp 65016 ! address-family ipv4 unicast neighbor 150.1.6.6 route-map FROM_R6 in neighbor 150.1.6.6 send-community R6: route-map BLACKHOLE permit 10 match tag 9999 set community 156:9999 ! router bgp 65016 ! address-family ipv4 unicast redistribute static route-map BLACKHOLE neighbor 150.1.1.1 send-community Task 8.2 R1: ! ! Outbound maps ! route-map TO_AS9 permit 990 match community BLACKHOLE set community 9:9999 ! route-map TO_AS234 permit 990



match community BLACKHOLE set community 234:9999 ! ! Inbound maps ! route-map FROM_AS9 permit 990 match community BLACKHOLE set ip next-hop 192.0.2.1 set origin igp set local-preference 1000 ! route-map FROM_AS234 permit 990 match community BLACKHOLE set ip next-hop 192.0.2.1 set origin igp set local-preference 1000 R2: ! ! Outbound maps ! route-map TO_AS9 permit 990 match community BLACKHOLE set community 9:9999 ! route-map TO_AS156 permi 990 match community BLACKHOLE set community 156:9999 ! ! ! Inbound maps ! route-map FROM_AS9 permit 990 match community BLACKHOLE set ip next-hop 192.0.2.1 set origin igp set local-preference 1000 ! route-map FROM_AS234 permit 990 match community BLACKHOLE set ip next-hop 192.0.2.1 set origin igp set local-preference 1000 R9: ip community-list st BLACKHOLE permit 9:9999 ip route 192.0.2.1 255.255.255.255 null0 ! ! Outbound maps ! route-map TO_AS156 permit 990 match community BLACKHOLE set community 156:9999 ! route-map TO_AS156 permit 1000 set mpls-label



! ! ! route-map TO_AS234 permit 990 match community BLACKHOLE set community 234:9999 ! route-map TO_AS234 permit 1000 set mpls-label ! ! ! Inbound maps ! route-map FROM_AS156 permit 990 match community BLACKHOLE set ip next-hop 192.0.2.1 set origin igp set local-preference 1000 ! route-map FROM_AS234 permit 990 match community BLACKHOLE set ip next-hop 192.0.2.1 set origin igp set local-preference 1000 ! router bgp 9 ! address-family ipv4 unicast neighbor 150.1.1.1 route-map TO_AS156 out neighbor 160.1.2.2 route-map TO_AS234 out Task 8.2 Verification R4: ip route 4.4.4.0 255.255.255.0 Null0 tag 9999 ip bgp-community new-format Rack1R4#show ip bgp 4.4.4.0 BGP routing table entry for 4.4.4.0/24, version 43 Paths: (1 available, best #1, table Default-IP-Routing-Table) Advertised to update-groups: 1 Local 0.0.0.0 from 0.0.0.0 (160.1.4.4) Origin incomplete, metric 0, localpref 100, weight 32768, valid, sourced, best Community: 234:9999, mpls labels in/out imp-null(from LDP)/nolabel Rack1R2#show ip bgp 4.4.4.0 BGP routing table entry for 4.4.4.0/24, version 88 Paths: (1 available, best #1, table Default-IP-Routing-Table) Advertised to update-groups: 2 3 Local 192.0.2.1 from 160.1.3.3 (160.1.3.3) Origin IGP, metric 0, localpref 1000, valid, internal, best Community: 234:9999 Originator: 160.1.4.4, Cluster list: 160.1.3.3,



mpls labels in/out nolabel/imp-null Rack1R1#show ip bgp 4.4.4.0 BGP routing table entry for 4.4.4.0/24, version 98 Paths: (2 available, best #2, table Default-IP-Routing-Table) Advertised to update-groups: 2 3 9 234 192.0.2.1 from 150.1.9.9 (150.1.9.9) Origin IGP, localpref 1000, valid, external Community: 156:9999, mpls labels in/out 31/nolabel 234 192.0.2.1 from 150.1.12.2 (160.1.2.2) Origin IGP, localpref 1000, valid, external, best Community: 156:9999, mpls labels in/out 31/nolabel Rack1R9#show ip bgp 4.4.4.0 BGP routing table entry for 4.4.4.0/24, version 86 Paths: (2 available, best #2, table Default-IP-Routing-Table) Advertised to update-groups: 1 156 234 192.0.2.1 from 150.1.1.1 (150.1.1.1) Origin IGP, localpref 1000, valid, external Community: 9:9999, mpls labels in/out 27/nolabel 234 192.0.2.1 from 160.1.2.2 (160.1.2.2) Origin IGP, localpref 1000, valid, external, best Community: 9:9999, mpls labels in/out 27/nolabel

Task 9.1 R6: archive log config logging enable logging size 500 notify syslog hidekeys ! logging host 192.10.1.100



Task 9.2 R9: ntp master 3 ntp authentication-key 1 md5 CISCO ntp source Loopback0 R1: ntp authenticate ntp authentication-key 1 md5 CISCO ntp trusted-key 1 ntp server 150.1.9.9 key 1 ntp source Loopback0 R2: ntp authenticate ntp authentication-key 1 md5 CISCO ntp trusted-key 1 ntp server 150.1.9.9 key 1 ntp source Loopback0

Task 9.2 Verification Rack1R1#show ntp associations detail 150.1.9.9 configured, authenticated, our_master, sane, valid, stratum 3 ref ID 127.127.7.1, time CA2A2AAB.4CA3C88A (11:51:07.299 UTC Mon Jun 25 2007) our mode client, peer mode server, our poll intvl 64, peer poll intvl 64 root delay 0.00 msec, root disp 0.03, reach 377, sync dist 55.954 delay 83.69 msec, offset -39.9673 msec, dispersion 14.08 precision 2**18, version 3 org time CA2A2AAE.26C70D28 (11:51:10.151 UTC Mon Jun 25 2007) rcv time CA2A2AAE.41D33C47 (11:51:10.257 UTC Mon Jun 25 2007) xmt time CA2A2AAE.242A1082 (11:51:10.141 UTC Mon Jun 25 2007) filtdelay = 115.74 151.64 195.71 83.69 115.95 131.76 183.75 143.69 filtoffset = -47.78 -25.82 16.13 -39.97 -36.01 -3.88 30.15 2.29 filterror = 0.02 0.03 0.05 0.06 0.08 0.09 0.11 0.12 Rack1R2#show ntp associations detail 150.1.9.9 configured, authenticated, our_master, sane, valid, stratum 3 ref ID 127.127.7.1, time CA2A2AAB.4CA3C88A (11:51:07.299 UTC Mon Jun 25 2007) our mode client, peer mode server, our poll intvl 64, peer poll intvl 64 root delay 0.00 msec, root disp 0.03, reach 3, sync dist 48.721 delay 67.75 msec, offset 21.9854 msec, dispersion 14.82 precision 2**18, version 3 org time CA2A2AB5.80E3B0B0 (11:51:17.503 UTC Mon Jun 25 2007) rcv time CA2A2AB5.83EF4D32 (11:51:17.515 UTC Mon Jun 25 2007) xmt time CA2A2AB5.728E6973 (11:51:17.447 UTC Mon Jun 25 2007) filtdelay = 67.75 99.72 0.00 0.00 0.00 0.00 0.00 0.00 filtoffset = 21.99 14.00 0.00 0.00 0.00 0.00 0.00 0.00 filterror = 0.02 0.03 15996.6 15996.6 15996.6 15996.6 15996.6 15996.6



Task 10.1 R5: interface Ethernet 0/1 ip flow ingress ip flow egress ! ip flow-top-talkers top 10 sort-by bytes match source address 192.10.1.0 255.255.255.0 match protocol 1 Task 10.2 R9: interface FastEthernet0/0 bgp-policy accounting output source ! ip as-path access-list 1 permit _156$ ip as-path access-list 2 permit _234$ ! route-map BGP_ACCOUNTING permit 10 match as-path 1 set traffic-index 1 ! route-map BGP_ACCOUNTING permit 20 match as-path 2 set traffic-index 2 ! router bgp 9 ! address-family ipv4 unicast table-map BGP_ACCOUNTING Task 10.2 Verification Rack1R9#show ip cef 150.1.6.6 detail 150.1.6.6/32, epoch 0 BGP: traffic_index 2 local label info: global/27 recursive via 150.1.1.1 label 22 nexthop 150.1.109.254 ATM3/0.1 label 65572 Rack1R9#show ip cef 160.1.3.3 detail 160.1.3.3/32, epoch 0 BGP: traffic_index 1 local label info: global/28 recursive via 160.1.2.2 nexthop 150.1.109.254 ATM3/0.1 label 65576

Date post:	12-May-2018
Category:	Documents
Upload:	duonghanh
View:	214 times
Download:	0 times

Internetwork Expert’s CCIE SP 5-Day Bootcamp Mock … 4 234 8 8 9 0 0 00:00:30 6 Rack1R9#show ip...

Documents