Search This Blog

Wednesday, July 27, 2011

Bgp route Aggregation








R1 configuration



router bgp 100
 no synchronization
 bgp log-neighbor-changes
 network 1.1.1.0 mask 255.255.255.0
 neighbor 131.1.12.2 remote-as 200
 no auto-summary


R1#sh ip bgp
BGP table version is 43, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 1.1.1.0/24       0.0.0.0                  0         32768 i
*> 2.2.0.0/22       131.1.12.2               0             0 200 i -------route aggregation is done for 2.2.x.x network


R5 configuration



interface Loopback2
 ip address 2.2.0.2 255.255.255.0
!
interface Loopback3
 ip address 2.2.1.2 255.255.255.0
!
interface Loopback4
 ip address 2.2.2.2 255.255.255.0
!
interface Loopback5
 ip address 2.2.3.2 255.255.255.0

router bgp 200
no synchronization
 bgp log-neighbor-changes
 network 2.2.0.0 mask 255.255.255.0
 network 2.2.1.0 mask 255.255.255.0
 network 2.2.2.0 mask 255.255.255.0
 network 2.2.3.0 mask 255.255.255.0
 aggregate-address 2.2.0.0 255.255.252.0 as-set summary-only
 neighbor 131.1.12.1 remote-as 100
 no auto-summary






BGP Dampening using Route-Map


Task 1
Configure R1 and R2 should apply the route dampening for prefixes 40.x.x.x according to the following:

  • Max-Suppres=50 minutes
  • Suppress=2000 points
  • Reuse=800 points
  • Half-Time=10 minutes
Prefixes 44.4.x.x should use the following dampening policy:

  • Max-Suppres=90 minutes
  • Suppress=2500 points
  • Reuse=700 points
  • Half-Time=20 minutes

R1 configuration



router bgp 123
 no synchronization
 bgp router-id 172.16.101.1
 bgp log-neighbor-changes
 bgp dampening route-map DAMPEN
 network 172.16.101.0 mask 255.255.255.0
 neighbor 10.1.13.3 remote-as 123
 neighbor 10.1.14.4 remote-as 40
 neighbor 10.1.14.4 next-hop-self
 no auto-summary


ip prefix-list NET_40 seq 5 permit 40.0.0.0/8 le 32
!
ip prefix-list NET_44 seq 5 permit 44.0.0.0/8 le 32
!
!
!
route-map DAMPEN permit 10
 match ip address prefix-list NET_40
 set dampening 15 800 3000 50
!
route-map DAMPEN permit 20
 match ip address prefix-list NET_44
 set dampening 15 800 3000 50

R1#sh ip bg dampening parameters
 dampening 15 800 3000 50 (route-map DAMPEN 10)
  Half-life time      : 15 mins       Decay Time       : 1280 secs
  Max suppress penalty:  8051         Max suppress time: 50 mins
  Suppress penalty    :  3000         Reuse penalty    : 800

 dampening 15 800 3000 50 (route-map DAMPEN 20)
  Half-life time      : 15 mins       Decay Time       : 1280 secs
  Max suppress penalty:  8051         Max suppress time: 50 mins
  Suppress penalty    :  3000         Reuse penalty    : 800

R1#







R2 configuration 

router bgp 123
 no synchronization
 bgp log-neighbor-changes
 bgp dampening route-map DAMPEN
 network 172.16.102.0 mask 255.255.255.0
 neighbor 10.1.23.3 remote-as 123
 neighbor 10.1.23.3 next-hop-self
 neighbor 10.1.24.4 remote-as 40
 no auto-summary

ip prefix-list NET_40 seq 5 permit 40.0.0.0/8 le 32
!
ip prefix-list NET_44 seq 5 permit 44.0.0.0/8 le 32
!
!
!
route-map DAMPEN permit 10
 match ip address prefix-list NET_40
 set dampening 15 800 3000 50
!
route-map DAMPEN permit 20
 match ip address prefix-list NET_44
 set dampening 20 700 2500 90

r2# sh ip bgp dampening parameters
 dampening 15 800 3000 50 (route-map DAMPEN 10)
  Half-life time      : 15 mins       Decay Time       : 1280 secs
  Max suppress penalty:  8051         Max suppress time: 50 mins
  Suppress penalty    :  3000         Reuse penalty    : 800

 dampening 20 700 2500 90 (route-map DAMPEN 20)
  Half-life time      : 20 mins       Decay Time       : 3190 secs
  Max suppress penalty: 15816         Max suppress time: 90 mins
  Suppress penalty    :  2500         Reuse penalty    : 700






Thursday, July 21, 2011

Bgp route reflector

R1 configuration and output
router bgp 100
 no synchronization
 bgp log-neighbor-changes
 network 1.0.0.0
 neighbor 10.1.1.2 remote-as 100
 neighbor 10.1.1.2 route-reflector-client
 neighbor 10.1.1.3 remote-as 100
 neighbor 10.1.1.3 route-reflector-client
 no auto-summary

R1#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

C    1.0.0.0/8 is directly connected, Loopback0
B    2.0.0.0/8 [200/0] via 10.1.1.3, 00:05:39
B    3.0.0.0/8 [200/0] via 10.1.1.2, 00:05:38
C    10.0.0.0/8 is directly connected, FastEthernet0/0


R1#sh ip bgp
BGP table version is 14, local router ID is 10.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 1.0.0.0          0.0.0.0                  0         32768 i
*>i2.0.0.0          10.1.1.3                 0    100      0 i
*>i3.0.0.0          10.1.1.2                 0    100      0 i



R2 configuration and output
router bgp 100
 no synchronization
 bgp log-neighbor-changes
 network 2.0.0.0
 neighbor 10.1.1.1 remote-as 100
 no auto-summary

R2# sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

B    1.0.0.0/8 [200/0] via 10.1.1.1, 00:04:47
C    2.0.0.0/8 is directly connected, Loopback0
B    3.0.0.0/8 [200/0] via 10.1.1.2, 00:04:46
C    10.0.0.0/8 is directly connected, FastEthernet0/0
R2#sh ip bgp
BGP table version is 12, local router ID is 10.1.1.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*>i1.0.0.0          10.1.1.1                 0    100      0 i
*> 2.0.0.0          0.0.0.0                  0         32768 i
*>i3.0.0.0          10.1.1.2                 0    100      0 i
R2#


 R3 configuration and output


router bgp 100
 no synchronization
 bgp log-neighbor-changes
 network 3.0.0.0
 neighbor 10.1.1.1 remote-as 100
 no auto-summary


R3#sh  ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

B    1.0.0.0/8 [200/0] via 10.1.1.1, 00:05:24
B    2.0.0.0/8 [200/0] via 10.1.1.3, 00:05:24
C    3.0.0.0/8 is directly connected, Loopback0
C    10.0.0.0/8 is directly connected, FastEthernet0/0

 R3#sh ip bgp
BGP table version is 14, local router ID is 10.1.1.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*>i1.0.0.0          10.1.1.1                 0    100      0 i
*>i2.0.0.0          10.1.1.3                 0    100      0 i
*> 3.0.0.0          0.0.0.0                  0         32768 i

 R3#sh ip bgp summary
BGP router identifier 10.1.1.2, local AS number 100
BGP table version is 14, main routing table version 14
3 network entries using 360 bytes of memory
3 path entries using 156 bytes of memory
3/2 BGP path/bestpath attribute entries using 372 bytes of memory
1 BGP rrinfo entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
Bitfield cache entries: current 1 (at peak 2) using 32 bytes of memory
BGP using 944 total bytes of memory
BGP activity 3/0 prefixes, 8/5 paths, scan interval 60 secs

Neighbor        V    AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
10.1.1.1        4   100      33      27       14    0    0 00:05:31        2
R3#













Tuesday, June 14, 2011

Area authentication in ospf

Area authentication

To enable authentication for an OSPF area, use the area authentication command in router configuration mode. To remove an authentication specification of an area or a specified area from the configuration, use the no form of this command.

area area-id authentication [message-digest]

no area area-id authentication [message-digest]

area 0 authentication

!−−−  Plain text authentication is enabled for

!−−−  all interfaces in Area 0.

!---- Should be enable on all the Routers

Eg:-
Router ospf 10
log−adjacency−changes
network 70.0.0.0 0.255.255.255 area 0
network 192.16.64.0 0.0.0.255 area 0
area 0 authentication   Under Ospf process



Monday, May 16, 2011

A few learning notes on BGP command


neighbor 1.1.1.1 ttl-security hops 2
neighbor 1.1.1.1 disable-connected-check



By default  BGP will check that a eBGP peer is directly connected by comparing the peer address against directly connected interface addresses.  The BGP router will not even try to connect (no packets hit the wire) if the neighbor doesn't first pass the connected test.  Similarly the remote peer will not accept the peer connection if it does not pass the connected test.  This is beyond the IP TTL limitations related to eBGP, eBGP multihop and TTL security - the checking is at the application layer of BGP.

This check is disabled by :

    * neighbor disable-connected-check , or
    * neighbor ebgp-multihop <ttl> , when TTL > 1

The disable-connect-check  command is used when you want to establish peering of directly connect routers using the loopback interface (using the loopback as the BGP source is configured with neighbor update-source).


Eg:-          bgp log-neighbor-changes
             network 1.1.1.0 mask 255.255.255.0
             neighbor 2.2.2.2 remote-as 200
             neighbor 2.2.2.2 ttl-security hops 2
             neighbor 2.2.2.2 update-source Loopback0