BGP CHAPTER 7 (LAB-CONTINUE)
QUESTIONS:
16.Announce networks into BGP appropriately
- ISP1 & ISP2 routers should use filtered redistribution to announce
their networks . Only advertiese loopbacks network.
- The Cust1 router should annonce its network with network command.
- The NL Fast ISP routers R1 & R2 should advertise the WAN link
subnet (currently 150.1.0.0/24) using a class C subnet mask.
17. Verification:
- Verify all expected neighbors are forming (show ip bgp summary)
- Verify all expected routes appear (show ip bgp/show ip route)
- ISP1/ISP2 should see and be able to ping:
. Cust1 routes
. NL Fast ISP WAN subnet (150.1.0.0/24)
- Cust1 should see & able to ping :
. ISP1/ISP2 loopback networks
SOLUTION:
---->
16.Announce networks into BGP appropriately
- ISP1 & ISP2 routers should use filtered redistribution to announce
their networks . Only advertiese loopbacks network.
- The Cust1 router should annonce its network with network command.
- The NL Fast ISP routers R1 & R2 should advertise the WAN link
subnet (currently 150.1.0.0/24) using a class C subnet mask.
!
!
ISP1:config:
ISP1#sh run | se ip prefix
!
ip prefix-list LOOP seq 10 permit 11.1.1.1/32
ip prefix-list LOOP seq 20 permit 11.1.1.2/32
ip prefix-list LOOP seq 30 permit 11.1.1.3/32
!
ISP1#sh run | se route-map
redistribute connected route-map RLOOP
route-map RLOOP permit 10
match ip address prefix-list LOOP
!
ISP1#sh run | se bgp
router bgp 200
redistribute connected route-map RLOOP
!
ISP2:config:
ISP2#sh run | se ip prefix
ip prefix-list LOOP seq 10 permit 22.1.1.1/32
ip prefix-list LOOP seq 20 permit 22.1.1.2/32
ip prefix-list LOOP seq 30 permit 22.1.1.3/32
ISP2#sh run | se route-map
redistribute connected route-map RLOOP
route-map RLOOP permit 10
match ip address prefix-list LOOP
ISP2#sh run | se bgp | redistri
router bgp 300
redistribute connected route-map RLOOP
!
- The Cust1 router should annonce its network with network command.
Cust1: config:
!
Cust1#sh run | se bgp
router bgp 64512
network 150.1.1.0 mask 255.255.255.0
!
R1:
! Peer ISP1 with this config so that ISP's network learnt by internal
! protocol.
ip prefix-list LOOP1 seq 10 permit 11.1.1.1/32
route-map OSPF_REDIS
mat ip address prefix LOOP1
router ospf 1
redistribut static route-map OSPF_REDIS metric 50 subnets
!
R2:
! Peer ISP2 with this config so that ISP's network learnt by internal
! protocol.
ip prefix-list LOOP1 seq 10 permit 22.1.1.1/32
route-map OSPF_REDIS
mat ip address prefix LOOP1
router ospf 1
redistribut static route-map OSPF_REDIS metric 50 subnets
!
on R3: config:
router ospf 1
passive-interface Serial0/0
network 150.1.0.1 0.0.0.0 area 0
!
giving customer the default route:
router bgp 1234
neighbor 150.1.0.2 default-originate
!
so R1 can ping to Cust1
!
While R1,R2 advertise Cust1 network it removes the private as nos:
so on R1, R2 do this:
!on R1
neighbor 11.1.1.1 remove-private-as
!on R2
neighbor 22.1.1.1 remove-private-as
!
Advertise 150.1.0.0 from NLfast datacentre to ISP1 & ISP2:
on R1, R2
!
ip route 150.1.0.0 255.255.255.0 null0
router bgp 1234
net 150.1.0.0 mask 255.255.255.0
!
17. Verification:
- Verify all expected neighbors are forming (show ip bgp summary)
- Verify all expected routes appear (show ip bgp/show ip route)
- ISP1/ISP2 should see and be able to ping:
. Cust1 routes
. NL Fast ISP WAN subnet (150.1.0.0/24)
- Cust1 should see & able to ping :
. ISP1/ISP2 loopback networks
-->
R1#sh ip bgp su
BGP router identifier 1.1.1.1, local AS number 1234
BGP table version is 80, main routing table version 80
8 network entries using 936 bytes of memory
9 path entries using 468 bytes of memory
6/4 BGP path/bestpath attribute entries using 744 bytes of memory
3 BGP AS-PATH entries using 72 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 2220 total bytes of memory
BGP activity 20/12 prefixes, 34/25 paths, scan interval 60 secs
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
2.2.2.2 4 1234 252 248 80 0 0 02:16:12 4
3.3.3.3 4 1234 237 245 80 0 0 01:51:24 1
4.4.4.4 4 1234 236 246 80 0 0 01:51:15 0
11.1.1.1 4 200 216 248 80 0 0 01:53:04 3
R1#sh ip bgp
BGP table version is 80, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
r> 11.1.1.1/32 11.1.1.1 0 0 200 ?
*> 11.1.1.2/32 11.1.1.1 0 0 200 ?
*> 11.1.1.3/32 11.1.1.1 0 0 200 ?
r>i22.1.1.1/32 22.1.1.1 0 100 0 300 ?
*>i22.1.1.2/32 22.1.1.1 0 100 0 300 ?
*>i22.1.1.3/32 22.1.1.1 0 100 0 300 ?
* i150.1.0.0/24 2.2.2.2 0 100 0 i
*> 0.0.0.0 0 32768 i
*>i150.1.1.0/24 150.1.0.2 0 100 0 64512 i
R1#
!
R2#sh ip bgp
BGP table version is 105, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
r>i11.1.1.1/32 11.1.1.1 0 100 0 200 ?
*>i11.1.1.2/32 11.1.1.1 0 100 0 200 ?
*>i11.1.1.3/32 11.1.1.1 0 100 0 200 ?
r> 22.1.1.1/32 22.1.1.1 0 0 300 ?
*> 22.1.1.2/32 22.1.1.1 0 0 300 ?
*> 22.1.1.3/32 22.1.1.1 0 0 300 ?
*> 150.1.0.0/24 0.0.0.0 0 32768 i
* i 1.1.1.1 0 100 0 i
*>i150.1.1.0/24 150.1.0.2 0 100 0 64512 i
R2#
*Mar 1 04:05:34.506: %SYS-5-CONFIG_I: Configured from console by console
R2#sh ip bgp
BGP table version is 105, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
r>i11.1.1.1/32 11.1.1.1 0 100 0 200 ?
*>i11.1.1.2/32 11.1.1.1 0 100 0 200 ?
*>i11.1.1.3/32 11.1.1.1 0 100 0 200 ?
r> 22.1.1.1/32 22.1.1.1 0 0 300 ?
*> 22.1.1.2/32 22.1.1.1 0 0 300 ?
*> 22.1.1.3/32 22.1.1.1 0 0 300 ?
*> 150.1.0.0/24 0.0.0.0 0 32768 i
* i 1.1.1.1 0 100 0 i
*>i150.1.1.0/24 150.1.0.2 0 100 0 64512 i
!
!
- ISP1/ISP2 should see and be able to ping:
. Cust1 routes
. NL Fast ISP WAN subnet (150.1.0.0/24)
- Cust1 should see & able to ping :
. ISP1/ISP2 loopback networks
!
on R2 & R1:
!Cisco best practise , use IGP to advertise next-hop address
!
router ospf 1
net 180.1.5.0 0.0.0.255 ar 0
passive-interface se0/1
passive-interface s0/0
!
!
router ospf 1
net 17.9.1.0 0.0.0.255 ar 0
passive-interface se0/1
passive-interface s0/0
!
ISP1#traceroute 150.1.1.2
Type escape sequence to abort.
Tracing the route to 150.1.1.2
1 17.9.1.6 8 msec
17.9.1.2 0 msec
17.9.1.6 0 msec
2 10.1.1.2 4 msec 208 msec 96 msec
3 150.1.0.2 [AS 1234] 208 msec * 92 msec
ISP1#ping 150.1.1.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 150.1.1.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 104/161/224 ms
!
ISP2#traceroute 150.1.0.2
Type escape sequence to abort.
Tracing the route to 150.1.0.2
1 180.1.5.6 216 msec
180.1.5.2 104 msec
180.1.5.6 100 msec
2 10.1.1.10 192 msec 48 msec 0 msec
3 10.1.1.13 44 msec 228 msec 180 msec
4 150.1.0.2 [AS 1234] 156 msec * 300 msec
ISP2#ping 150.1.0.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 150.1.0.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 68/123/172 ms
!
QUESTIONS:
16.Announce networks into BGP appropriately
- ISP1 & ISP2 routers should use filtered redistribution to announce
their networks . Only advertiese loopbacks network.
- The Cust1 router should annonce its network with network command.
- The NL Fast ISP routers R1 & R2 should advertise the WAN link
subnet (currently 150.1.0.0/24) using a class C subnet mask.
17. Verification:
- Verify all expected neighbors are forming (show ip bgp summary)
- Verify all expected routes appear (show ip bgp/show ip route)
- ISP1/ISP2 should see and be able to ping:
. Cust1 routes
. NL Fast ISP WAN subnet (150.1.0.0/24)
- Cust1 should see & able to ping :
. ISP1/ISP2 loopback networks
SOLUTION:
---->
16.Announce networks into BGP appropriately
- ISP1 & ISP2 routers should use filtered redistribution to announce
their networks . Only advertiese loopbacks network.
- The Cust1 router should annonce its network with network command.
- The NL Fast ISP routers R1 & R2 should advertise the WAN link
subnet (currently 150.1.0.0/24) using a class C subnet mask.
!
!
ISP1:config:
ISP1#sh run | se ip prefix
!
ip prefix-list LOOP seq 10 permit 11.1.1.1/32
ip prefix-list LOOP seq 20 permit 11.1.1.2/32
ip prefix-list LOOP seq 30 permit 11.1.1.3/32
!
ISP1#sh run | se route-map
redistribute connected route-map RLOOP
route-map RLOOP permit 10
match ip address prefix-list LOOP
!
ISP1#sh run | se bgp
router bgp 200
redistribute connected route-map RLOOP
!
ISP2:config:
ISP2#sh run | se ip prefix
ip prefix-list LOOP seq 10 permit 22.1.1.1/32
ip prefix-list LOOP seq 20 permit 22.1.1.2/32
ip prefix-list LOOP seq 30 permit 22.1.1.3/32
ISP2#sh run | se route-map
redistribute connected route-map RLOOP
route-map RLOOP permit 10
match ip address prefix-list LOOP
ISP2#sh run | se bgp | redistri
router bgp 300
redistribute connected route-map RLOOP
!
- The Cust1 router should annonce its network with network command.
Cust1: config:
!
Cust1#sh run | se bgp
router bgp 64512
network 150.1.1.0 mask 255.255.255.0
!
R1:
! Peer ISP1 with this config so that ISP's network learnt by internal
! protocol.
ip prefix-list LOOP1 seq 10 permit 11.1.1.1/32
route-map OSPF_REDIS
mat ip address prefix LOOP1
router ospf 1
redistribut static route-map OSPF_REDIS metric 50 subnets
!
R2:
! Peer ISP2 with this config so that ISP's network learnt by internal
! protocol.
ip prefix-list LOOP1 seq 10 permit 22.1.1.1/32
route-map OSPF_REDIS
mat ip address prefix LOOP1
router ospf 1
redistribut static route-map OSPF_REDIS metric 50 subnets
!
on R3: config:
router ospf 1
passive-interface Serial0/0
network 150.1.0.1 0.0.0.0 area 0
!
giving customer the default route:
router bgp 1234
neighbor 150.1.0.2 default-originate
!
so R1 can ping to Cust1
!
While R1,R2 advertise Cust1 network it removes the private as nos:
so on R1, R2 do this:
!on R1
neighbor 11.1.1.1 remove-private-as
!on R2
neighbor 22.1.1.1 remove-private-as
!
Advertise 150.1.0.0 from NLfast datacentre to ISP1 & ISP2:
on R1, R2
!
ip route 150.1.0.0 255.255.255.0 null0
router bgp 1234
net 150.1.0.0 mask 255.255.255.0
!
17. Verification:
- Verify all expected neighbors are forming (show ip bgp summary)
- Verify all expected routes appear (show ip bgp/show ip route)
- ISP1/ISP2 should see and be able to ping:
. Cust1 routes
. NL Fast ISP WAN subnet (150.1.0.0/24)
- Cust1 should see & able to ping :
. ISP1/ISP2 loopback networks
-->
R1#sh ip bgp su
BGP router identifier 1.1.1.1, local AS number 1234
BGP table version is 80, main routing table version 80
8 network entries using 936 bytes of memory
9 path entries using 468 bytes of memory
6/4 BGP path/bestpath attribute entries using 744 bytes of memory
3 BGP AS-PATH entries using 72 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 2220 total bytes of memory
BGP activity 20/12 prefixes, 34/25 paths, scan interval 60 secs
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
2.2.2.2 4 1234 252 248 80 0 0 02:16:12 4
3.3.3.3 4 1234 237 245 80 0 0 01:51:24 1
4.4.4.4 4 1234 236 246 80 0 0 01:51:15 0
11.1.1.1 4 200 216 248 80 0 0 01:53:04 3
R1#sh ip bgp
BGP table version is 80, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
r> 11.1.1.1/32 11.1.1.1 0 0 200 ?
*> 11.1.1.2/32 11.1.1.1 0 0 200 ?
*> 11.1.1.3/32 11.1.1.1 0 0 200 ?
r>i22.1.1.1/32 22.1.1.1 0 100 0 300 ?
*>i22.1.1.2/32 22.1.1.1 0 100 0 300 ?
*>i22.1.1.3/32 22.1.1.1 0 100 0 300 ?
* i150.1.0.0/24 2.2.2.2 0 100 0 i
*> 0.0.0.0 0 32768 i
*>i150.1.1.0/24 150.1.0.2 0 100 0 64512 i
R1#
!
R2#sh ip bgp
BGP table version is 105, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
r>i11.1.1.1/32 11.1.1.1 0 100 0 200 ?
*>i11.1.1.2/32 11.1.1.1 0 100 0 200 ?
*>i11.1.1.3/32 11.1.1.1 0 100 0 200 ?
r> 22.1.1.1/32 22.1.1.1 0 0 300 ?
*> 22.1.1.2/32 22.1.1.1 0 0 300 ?
*> 22.1.1.3/32 22.1.1.1 0 0 300 ?
*> 150.1.0.0/24 0.0.0.0 0 32768 i
* i 1.1.1.1 0 100 0 i
*>i150.1.1.0/24 150.1.0.2 0 100 0 64512 i
R2#
*Mar 1 04:05:34.506: %SYS-5-CONFIG_I: Configured from console by console
R2#sh ip bgp
BGP table version is 105, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
r>i11.1.1.1/32 11.1.1.1 0 100 0 200 ?
*>i11.1.1.2/32 11.1.1.1 0 100 0 200 ?
*>i11.1.1.3/32 11.1.1.1 0 100 0 200 ?
r> 22.1.1.1/32 22.1.1.1 0 0 300 ?
*> 22.1.1.2/32 22.1.1.1 0 0 300 ?
*> 22.1.1.3/32 22.1.1.1 0 0 300 ?
*> 150.1.0.0/24 0.0.0.0 0 32768 i
* i 1.1.1.1 0 100 0 i
*>i150.1.1.0/24 150.1.0.2 0 100 0 64512 i
!
!
- ISP1/ISP2 should see and be able to ping:
. Cust1 routes
. NL Fast ISP WAN subnet (150.1.0.0/24)
- Cust1 should see & able to ping :
. ISP1/ISP2 loopback networks
!
on R2 & R1:
!Cisco best practise , use IGP to advertise next-hop address
!
router ospf 1
net 180.1.5.0 0.0.0.255 ar 0
passive-interface se0/1
passive-interface s0/0
!
!
router ospf 1
net 17.9.1.0 0.0.0.255 ar 0
passive-interface se0/1
passive-interface s0/0
!
ISP1#traceroute 150.1.1.2
Type escape sequence to abort.
Tracing the route to 150.1.1.2
1 17.9.1.6 8 msec
17.9.1.2 0 msec
17.9.1.6 0 msec
2 10.1.1.2 4 msec 208 msec 96 msec
3 150.1.0.2 [AS 1234] 208 msec * 92 msec
ISP1#ping 150.1.1.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 150.1.1.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 104/161/224 ms
!
ISP2#traceroute 150.1.0.2
Type escape sequence to abort.
Tracing the route to 150.1.0.2
1 180.1.5.6 216 msec
180.1.5.2 104 msec
180.1.5.6 100 msec
2 10.1.1.10 192 msec 48 msec 0 msec
3 10.1.1.13 44 msec 228 msec 180 msec
4 150.1.0.2 [AS 1234] 156 msec * 300 msec
ISP2#ping 150.1.0.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 150.1.0.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 68/123/172 ms
!
No comments:
Post a Comment