My Ongoing CCIE Journey .Me@Cisco
This blog is designed to provide information about Routing, switching, Firewall technologies for CCIE aspirants.I started my study a few Years ago with hopes to achieve the covered CCIE certification. It seems the more I study more I find that I need to study. But the journey has started ...
Search This Blog
Tuesday, August 9, 2011
Wednesday, July 27, 2011
Bgp route Aggregation
R1 configuration
router bgp 100
no synchronization
bgp log-neighbor-changes
network 1.1.1.0 mask 255.255.255.0
neighbor 131.1.12.2 remote-as 200
no auto-summary
R1#sh ip bgp
BGP table version is 43, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.0/24 0.0.0.0 0 32768 i
*> 2.2.0.0/22 131.1.12.2 0 0 200 i -------route aggregation is done for 2.2.x.x network
R5 configuration
interface Loopback2
ip address 2.2.0.2 255.255.255.0
!
interface Loopback3
ip address 2.2.1.2 255.255.255.0
!
interface Loopback4
ip address 2.2.2.2 255.255.255.0
!
interface Loopback5
ip address 2.2.3.2 255.255.255.0
router bgp 200
no synchronization
bgp log-neighbor-changes
network 2.2.0.0 mask 255.255.255.0
network 2.2.1.0 mask 255.255.255.0
network 2.2.2.0 mask 255.255.255.0
network 2.2.3.0 mask 255.255.255.0
aggregate-address 2.2.0.0 255.255.252.0 as-set summary-only
neighbor 131.1.12.1 remote-as 100
no auto-summary
BGP Dampening using Route-Map
Task 1
Configure R1 and R2 should apply the route dampening for prefixes 40.x.x.x according to the following:
- Max-Suppres=50 minutes
- Suppress=2000 points
- Reuse=800 points
- Half-Time=10 minutes
- Max-Suppres=90 minutes
- Suppress=2500 points
- Reuse=700 points
- Half-Time=20 minutes
R1 configuration
router bgp 123
no synchronization
bgp router-id 172.16.101.1
bgp log-neighbor-changes
bgp dampening route-map DAMPEN
network 172.16.101.0 mask 255.255.255.0
neighbor 10.1.13.3 remote-as 123
neighbor 10.1.14.4 remote-as 40
neighbor 10.1.14.4 next-hop-self
no auto-summary
ip prefix-list NET_40 seq 5 permit 40.0.0.0/8 le 32
!
ip prefix-list NET_44 seq 5 permit 44.0.0.0/8 le 32
!
!
!
route-map DAMPEN permit 10
match ip address prefix-list NET_40
set dampening 15 800 3000 50
!
route-map DAMPEN permit 20
match ip address prefix-list NET_44
set dampening 15 800 3000 50
R1#sh ip bg dampening parameters
dampening 15 800 3000 50 (route-map DAMPEN 10)
Half-life time : 15 mins Decay Time : 1280 secs
Max suppress penalty: 8051 Max suppress time: 50 mins
Suppress penalty : 3000 Reuse penalty : 800
dampening 15 800 3000 50 (route-map DAMPEN 20)
Half-life time : 15 mins Decay Time : 1280 secs
Max suppress penalty: 8051 Max suppress time: 50 mins
Suppress penalty : 3000 Reuse penalty : 800
R1#
R2 configuration
router bgp 123
no synchronization
bgp log-neighbor-changes
bgp dampening route-map DAMPEN
network 172.16.102.0 mask 255.255.255.0
neighbor 10.1.23.3 remote-as 123
neighbor 10.1.23.3 next-hop-self
neighbor 10.1.24.4 remote-as 40
no auto-summary
ip prefix-list NET_40 seq 5 permit 40.0.0.0/8 le 32
!
ip prefix-list NET_44 seq 5 permit 44.0.0.0/8 le 32
!
!
!
route-map DAMPEN permit 10
match ip address prefix-list NET_40
set dampening 15 800 3000 50
!
route-map DAMPEN permit 20
match ip address prefix-list NET_44
set dampening 20 700 2500 90
r2# sh ip bgp dampening parameters
dampening 15 800 3000 50 (route-map DAMPEN 10)
Half-life time : 15 mins Decay Time : 1280 secs
Max suppress penalty: 8051 Max suppress time: 50 mins
Suppress penalty : 3000 Reuse penalty : 800
dampening 20 700 2500 90 (route-map DAMPEN 20)
Half-life time : 20 mins Decay Time : 3190 secs
Max suppress penalty: 15816 Max suppress time: 90 mins
Suppress penalty : 2500 Reuse penalty : 700
Thursday, July 21, 2011
Bgp route reflector
R1 configuration and output
router bgp 100
no synchronization
bgp log-neighbor-changes
network 1.0.0.0
neighbor 10.1.1.2 remote-as 100
neighbor 10.1.1.2 route-reflector-client
neighbor 10.1.1.3 remote-as 100
neighbor 10.1.1.3 route-reflector-client
no auto-summary
no synchronization
bgp log-neighbor-changes
network 1.0.0.0
neighbor 10.1.1.2 remote-as 100
neighbor 10.1.1.2 route-reflector-client
neighbor 10.1.1.3 remote-as 100
neighbor 10.1.1.3 route-reflector-client
no auto-summary
R1#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
C 1.0.0.0/8 is directly connected, Loopback0
B 2.0.0.0/8 [200/0] via 10.1.1.3, 00:05:39
B 3.0.0.0/8 [200/0] via 10.1.1.2, 00:05:38
C 10.0.0.0/8 is directly connected, FastEthernet0/0
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
C 1.0.0.0/8 is directly connected, Loopback0
B 2.0.0.0/8 [200/0] via 10.1.1.3, 00:05:39
B 3.0.0.0/8 [200/0] via 10.1.1.2, 00:05:38
C 10.0.0.0/8 is directly connected, FastEthernet0/0
R1#sh ip bgp
BGP table version is 14, local router ID is 10.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 1.0.0.0 0.0.0.0 0 32768 i
*>i2.0.0.0 10.1.1.3 0 100 0 i
*>i3.0.0.0 10.1.1.2 0 100 0 i
BGP table version is 14, local router ID is 10.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 1.0.0.0 0.0.0.0 0 32768 i
*>i2.0.0.0 10.1.1.3 0 100 0 i
*>i3.0.0.0 10.1.1.2 0 100 0 i
R2 configuration and output
router bgp 100
no synchronization
bgp log-neighbor-changes
network 2.0.0.0
neighbor 10.1.1.1 remote-as 100
no auto-summary
no synchronization
bgp log-neighbor-changes
network 2.0.0.0
neighbor 10.1.1.1 remote-as 100
no auto-summary
R2# sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
B 1.0.0.0/8 [200/0] via 10.1.1.1, 00:04:47
C 2.0.0.0/8 is directly connected, Loopback0
B 3.0.0.0/8 [200/0] via 10.1.1.2, 00:04:46
C 10.0.0.0/8 is directly connected, FastEthernet0/0
R2#sh ip bgp
BGP table version is 12, local router ID is 10.1.1.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*>i1.0.0.0 10.1.1.1 0 100 0 i
*> 2.0.0.0 0.0.0.0 0 32768 i
*>i3.0.0.0 10.1.1.2 0 100 0 i
R2#
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
B 1.0.0.0/8 [200/0] via 10.1.1.1, 00:04:47
C 2.0.0.0/8 is directly connected, Loopback0
B 3.0.0.0/8 [200/0] via 10.1.1.2, 00:04:46
C 10.0.0.0/8 is directly connected, FastEthernet0/0
R2#sh ip bgp
BGP table version is 12, local router ID is 10.1.1.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*>i1.0.0.0 10.1.1.1 0 100 0 i
*> 2.0.0.0 0.0.0.0 0 32768 i
*>i3.0.0.0 10.1.1.2 0 100 0 i
R2#
R3 configuration and output
router bgp 100
no synchronization
bgp log-neighbor-changes
network 3.0.0.0
neighbor 10.1.1.1 remote-as 100
no auto-summary
no synchronization
bgp log-neighbor-changes
network 3.0.0.0
neighbor 10.1.1.1 remote-as 100
no auto-summary
R3#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
B 1.0.0.0/8 [200/0] via 10.1.1.1, 00:05:24
B 2.0.0.0/8 [200/0] via 10.1.1.3, 00:05:24
C 3.0.0.0/8 is directly connected, Loopback0
C 10.0.0.0/8 is directly connected, FastEthernet0/0
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
B 1.0.0.0/8 [200/0] via 10.1.1.1, 00:05:24
B 2.0.0.0/8 [200/0] via 10.1.1.3, 00:05:24
C 3.0.0.0/8 is directly connected, Loopback0
C 10.0.0.0/8 is directly connected, FastEthernet0/0
R3#sh ip bgp
BGP table version is 14, local router ID is 10.1.1.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*>i1.0.0.0 10.1.1.1 0 100 0 i
*>i2.0.0.0 10.1.1.3 0 100 0 i
*> 3.0.0.0 0.0.0.0 0 32768 i
BGP table version is 14, local router ID is 10.1.1.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*>i1.0.0.0 10.1.1.1 0 100 0 i
*>i2.0.0.0 10.1.1.3 0 100 0 i
*> 3.0.0.0 0.0.0.0 0 32768 i
R3#sh ip bgp summary
BGP router identifier 10.1.1.2, local AS number 100
BGP table version is 14, main routing table version 14
3 network entries using 360 bytes of memory
3 path entries using 156 bytes of memory
3/2 BGP path/bestpath attribute entries using 372 bytes of memory
1 BGP rrinfo entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
Bitfield cache entries: current 1 (at peak 2) using 32 bytes of memory
BGP using 944 total bytes of memory
BGP activity 3/0 prefixes, 8/5 paths, scan interval 60 secs
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
10.1.1.1 4 100 33 27 14 0 0 00:05:31 2
R3#
BGP router identifier 10.1.1.2, local AS number 100
BGP table version is 14, main routing table version 14
3 network entries using 360 bytes of memory
3 path entries using 156 bytes of memory
3/2 BGP path/bestpath attribute entries using 372 bytes of memory
1 BGP rrinfo entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
Bitfield cache entries: current 1 (at peak 2) using 32 bytes of memory
BGP using 944 total bytes of memory
BGP activity 3/0 prefixes, 8/5 paths, scan interval 60 secs
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
10.1.1.1 4 100 33 27 14 0 0 00:05:31 2
R3#
Tuesday, June 14, 2011
Area authentication in ospf
Area authentication
To enable authentication for an OSPF area, use the area authentication command in router configuration mode. To remove an authentication specification of an area or a specified area from the configuration, use the no form of this command.
area area-id authentication [message-digest]
no area area-id authentication [message-digest]
area 0 authentication
!−−− Plain text authentication is enabled for
!−−− all interfaces in Area 0.
!---- Should be enable on all the Routers
Eg:-
Router ospf 10
log−adjacency−changes
network 70.0.0.0 0.255.255.255 area 0
network 192.16.64.0 0.0.0.255 area 0
area 0 authentication Under Ospf process
To enable authentication for an OSPF area, use the area authentication command in router configuration mode. To remove an authentication specification of an area or a specified area from the configuration, use the no form of this command.
area area-id authentication [message-digest]
no area area-id authentication [message-digest]
area 0 authentication
!−−− Plain text authentication is enabled for
!−−− all interfaces in Area 0.
!---- Should be enable on all the Routers
Eg:-
Router ospf 10
log−adjacency−changes
network 70.0.0.0 0.255.255.255 area 0
network 192.16.64.0 0.0.0.255 area 0
area 0 authentication Under Ospf process
Monday, May 16, 2011
A few learning notes on BGP command
neighbor 1.1.1.1 ttl-security hops 2
neighbor 1.1.1.1 disable-connected-check
By default BGP will check that a eBGP peer is directly connected by comparing the peer address against directly connected interface addresses. The BGP router will not even try to connect (no packets hit the wire) if the neighbor doesn't first pass the connected test. Similarly the remote peer will not accept the peer connection if it does not pass the connected test. This is beyond the IP TTL limitations related to eBGP, eBGP multihop and TTL security - the checking is at the application layer of BGP.
This check is disabled by :
* neighbor disable-connected-check , or
* neighbor ebgp-multihop <ttl> , when TTL > 1
The disable-connect-check command is used when you want to establish peering of directly connect routers using the loopback interface (using the loopback as the BGP source is configured with neighbor update-source).
Eg:-
network 1.1.1.0 mask 255.255.255.0
neighbor 2.2.2.2 remote-as 200
neighbor 2.2.2.2 ttl-security hops 2
neighbor 2.2.2.2 update-source Loopback0
Subscribe to:
Posts (Atom)