CCIE SP Workbook.pdf

(1)

LAB 2 WORKBOOK (Updated)

(2)

(3)

ALIASES

Aliases for IOS

Aliases for IOS-XR

alias exec c configure terminal alias exec p4 show ip interface brief alias exec p6 show ipv6 interface brief alias exec r show run | section router rip alias exec b show run | section router bgp alias exec o show run | section router ospf alias exec i show run | section ^router isis alias exec e show run | section router eigrp alias exec o4 show ip ospf neighbor

alias exec o6 show ipv6 ospf neighbor alias exec oi4 show ip ospf interface brief alias exec oi6 show ipv6 ospf interface brief alias exec b4 show bgp ipv4 unicast summary alias exec b6 show bgp ipv6 unicast summary alias exec v4 show bgp vpnv4 unicast all summary alias exec v6 show bgp vpnv6 unicast all summary alias exec pn show ip pim neighbor

alias exec pi show ip pim interface alias exec ld show mpls ldp discovery alias exec ln show mpls ldp neighbor

alias c configure terminal alias p4 show ipv4 int brief

alias pv4 show ipv4 vrf ABC int brief alias p6 show ipv6 int brief

alias pv6 show ipv6 vrf ABC int brief alias r show run router rip

alias o show run router ospf alias b show run router bgp alias i show run router isis abc alias e show run router eigrp

alias b4 show bgp ipv4 unicast summary alias b6 show bgp ipv6 unicast summary alias v4 show bgp vpnv4 unicast summary alias v6 show bgp vpnv6 unicast summary alias o4 show ospf neighbor

alias oi4 show ospf interface brief alias o6 show ospfv3 neighbor alias oi6 show ospfv3 interface brief alias pn show pim ipv4 neighbor alias pi show pim ipv4 interface alias ld show mpls ldp discovery alias ln show mpls ldp neighbor commit

NOTE: In LAB, the first thing you will do is “WRITE ALIASES”. Creating and using aliases will

save a huge amount of time in your LAB.

LAB Equipment

Cisco XR12000 series Routers (IOS XR)

Cisco 7200/7600 Series Routers (Regular IOS)

Cisco ME3400E Series Switches (CAT OS)

(4)

Addressing Pattern

In Service Provider Cores (ASN 9 and ASN 1009)

For IPv4

Loopback Interfaces  9.9.0.X/32

Interconnected Interfaces  9.9.XY.X/24

For IPv6

Loopback Interfaces  2002:9:9::X/128

Interconnected Interfaces  2002:9:9:XY::X/64

Interfaces on XR Series Routers are “GigabitEthernet” and Interfaces on all other Routers are

“Ethernet”

(5)

LAB 2

Questions

and

Diagrams

All

Questions

Manage

Devices

Guidelines

End Session

Help

Section 1: CORE TEHNOLOGY

1.1 OSPFv2 IPv4 troubleshooting

OSPF for IPV4 routing on routers in AS9 has been configured for the interfaces according to

the given table.

There are some problems in the topology find out and fix them.

NOTE: A Table will be given in the lab under the question , all interfaces will be in area 0. Don’t advertise any extra interface in the OSPF.

Aliases  O4 - Oi4 - show ip route ospf

Use TCL Script

Routers

Area

Interfaces

R2 0 Gi0/0.27 Gi0/0.23 Lo0 R3 0 Gi0/0.35 Gi0/0.34 Gi0/0.23 Lo0 R4 0 Gi0/0.47 Gi0/0.46 Gi0/0.34 Lo0 R5 0 Fa0/0.56 Fa0/0.35 Lo0 R6 0 Fa0/0.56 Fa0/0.46 Lo0 R7 0 Fa0/0.47 Fa0/0.27 Lo0

(6)

Possible Faults for Task 1.1

Example 1:

OSPF neighbor ship is down b/w R3-R4 due to mismatch hello interval R3: ! router ospf 9 area 0 int GigabitEthernet0/0.34 no ip ospf hello-interval 20 !

Example 2:

OSPF neighbor ship is down b/w R7-R4 due to mismatch MTU, neighbor-ship is stuck in EXSTART state.

R7: !

interface FastEthernet0/0.47 no ip mtu 1300

!

Faults

Description of Faults

1 Hello or Dead interval Mismatch

2 MTU Mismatch

3 OSPF Network Type Mismatch

4 Duplicate Router IDs

5 Network Not advertised in OSPF 6 Wrong IP Address or Subnet mask

7 Mismatch Area IDs

8 Mismatch Regular Area Types (STUB, Totally STUB, NSSA, Totally NSSA). 9 Packet Filter can also cause problems.

(7)

Example 3:

OSPF Neighbor ship is established between R5-R6, but one side is

configured as “point-to-point” , for other side of the link network type is still “broadcast” . In this case both routers will not exchange the DATABASE.

R6#show ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface 9.9.0.5 0

FULL/

-

00:00:37 9.9.56.5 FastEthernet0/0.56 9.9.0.4 1 FULL/DR 00:00:37 9.9.46.4 FastEthernet0/0.46 R6#

ON R6:

interface FastEthernet0/0.56

no ip ospf network point-to-point

1.2: OSPFv3 troubleshooting:

OSPF for IPV6 routing on routers in AS9 have been configured according to the given table.

There are some problems in the topology find out and fix them.

Routers

Area

Interfaces

R2 0 0 0 Gi0/0.27 Gi0/0.23 Lo0 R3 1 0 0 0 Gi0/0.35 Gi0/0.34 Gi0/0.23 Lo0 R4 0 1 0 0 Gi0/0.47 Gi0/0.46 Gi0/0.34 Lo0 R5 1 1 1 Fa0/0.56 Fa0/0.35 Lo0 R6 1 1 1 Fa0/0.56 Fa0/0.46 Lo0 R7 0 0 0 Fa0/0.47 Fa0/0.27 Lo0

(8)

Aliases  O6 - Oi6 - show ipv6 route ospf

Use TCL Script

Example 1:

IPv6 OSPF neighbor-ship is down b/w R4-R6 due to area mismatch On R4: router ospfv3 9 no area 10 area 1 interface GigabitEthernet0/9/0/0.46

Example 2:

IPv6 OSPF neighbor-ship is down between R2 and R3 due to wrong interface is advertised in area 0.

router ospfv3 9 Area 0

Interface loopback 0

No Interface Gig0/7/0/0.38 //Remove Interface Gig0/7/0/0.23 Interface Gig0/7/0/0.27

R3

R4

R5 R6 R7 VLAN 47 VLAN 23 VLAN 27 VLAN 34 VLAN 46 VLAN 35 VLAN 56

ASN 9

R2

OSPFV3

AREA 0

OSPFV3

AREA 1

(9)

1.3: ISIS for IPv4

ISIS for IPV4 has been configured in AS1009 according to the table. There are some

problems in the topology find out and fix them.

1.4: ISIS for IPv6

ISIS for IPV6 has been configured in AS1009 according to the table.There are some problems

in the topology find out and fix them.

NOTE: We will solve

the two questions

simultaneously.

R1

R8 R10 R9 R20 VLAN 18 VLAN 109 VLAN 101 VLAN 89

ASN

1009

PP

P

LEVEL-1 Only CAN BE ISIS LEVEL-1-2 OR ISIS LEVEL-2 only

(10)

Example 1:

R10 - R1 isis for ipv6 is not enable

R1#sh isis neighbor detail

System Id Type Interface IP Address State Holdtime Circuit Id

R10 L2 Gi0/0.101 9.9.101.10 UP 8 R10.02 Area Address(es): 47.0110

SNPA: ca09.0bc0.0008

State Changed: 00:45:

13  IPv6 Address FE80 is not shown

LAN Priority: 64 Format: Phase V Remote TID: 0 Local TID: 0, 2

Interface name: GigabitEthernet0/0.101

R8 L2 Gi0/0.18 9.9.18.8 UP 9 R8.02 Area Address(es): 47.0108

SNPA: ca07.0bc0.0008

IPv6 Address(es): FE80::C807:BFF:FEC0:8 State Changed: 00:45:12

LAN Priority: 64 Format: Phase V Remote TID: 0, 2 Local TID: 0, 2

Interface name: GigabitEthernet0/0.18

R10:

int FastEthernet0/0.101 ipv6 router isis

Example 2:

configure AS 1009 as multi-topology:

R1: IOS: R9,R10,R8

router isis abc

address-family ipv6 unicast no single-topology

router isis

address-family ipv6 unicast multi-topology

NOTE: if IOS-XR is running single-topology, then we don’t need to change it to

MULTI-TOPOLOGY on both IOS /IOS-XR , Our goal is to just match the topology mode.

(11)

Example 3:

ISIS NET ID is wrong on R8

!

router isis

no network 47.0109.0000.0000.8888.00

network 47.

0108

.0000.0000.8888.00

!

Example 4:

IP Address is not configured on the interface but neighbor is UP.

on R9

configure the IPv4 Address on R9 interface connecting R10.

!

interface FastEthernet0/0.109

encapsulation dot1Q 109

ip address 9.9.109.9 255.255.255.0

end

NOTE: Need to check if the IP addresses and subnet masks are correct? It

is very important to check these in an Integrated IS-IS environment because a misconfigured IP address will not prevent an IS-IS adjacency from being partially established

SOLUTION for Task 1.3 and Task 1.4 (ISIS for IPv4/IPv6)

R8/R9/R10

R1 : IOS-XR

ON R8

router isis

net 47.0108.0000.0000.8888.00

metric-style wide

!

address-family ipv6

multi-topology

exit-address-family

!

Interface loopback 0

ip router isis

Ipv6 router isis

router isis abc

net 47.0101.0000.0000.1111.00

address-family ipv4 unicast

metric-style wide

!

address-family ipv6 unicast

metric-style wide

//Default and will not be displayed if configured.

!

interface Loopback0

passive

address-family ipv4 unicast

!

(12)

!

interface FastEthernet 0/0.18

Ip router isis

Ipv6 router isis

!

interface FastEthernet 0/0.89

Ip router isis

Ipv6 router isis

!

ON R9

router isis

net 47.0109.0000.0000.9999.00

metric-style wide

!

address-family ipv6

multi-topology

exit-address-family

!

Interface loopback 0

ip router isis

Ipv6 router isis

!

interface FastEthernet 0/0.109

Ip router isis

Ipv6 router isis

!

interface FastEthernet 0/0.89

Ip router isis

Ipv6 router isis

!

ON R10

router isis

net 47.0110.0000.0000.1010.00

metric-style wide

!

address-family ipv6

multi-topology

exit-address-family

!

Interface loopback 0

ip router isis

Ipv6 router isis

!

address-family ipv6 unicast

!

interface GigabitEthernet0/1/0/0.18

point-to-point

address-family ipv4 unicast

!

address-family ipv6 unicast

!

interface GigabitEthernet0/1/0/0.101

address-family ipv4 unicast

!

address-family ipv6 unicast

!

//Single-Topology

ISIS cost calculation for IPv4 and IPv6 will remain same. Calculate once and use twice. This is not processor intensive.

//Multi-Topology

Individual Metric Calculation for IPv4 and IPv6 Calculation. We should use this when we want to change the path for IPv6 routes and we will be able to change the cost for IPv6 routes.

NOTE: We will use

Multi-Topology and we will use metric-style wide.

Aliases  i

show isis neighbor detail

show ip route isis

(13)

interface FastEthernet 0/0.109

Ip router isis

Ipv6 router isis

!

interface FastEthernet 0/0.101

Ip router isis

Ipv6 router isis

!

1.5: ISIS Link or Network Type

Configure ISIS as point to point between R1 R8.

R1

R8

router isis abc

interface Gig0/2/1/0.18 point-to-point

interface fastethernet0/0.18 isis network point-to-point

1.6: OSPFv3 Path Control

R7 is getting R5 Loopback IPv6 address via two paths R4-R6-R5 and from R2-R3-R5.

Configure R3 such that it should prefer the path one (R4-R6-R5) as primary.

router ospfv3 9

address-family ipv6 unicast ! area 1 int GigabitEthernet0/7/0/0.35 cost 30 ! !

Verification on R7# traceroute 2002:9:9::5

1.7: IPV4 BGP unicast troubleshooting

R2 R3 R4 R5 R7 R6 have been preconfigured to belong to AS9.

R1 R8 R9 R10 have been preconfigured to belong to AS1009.

R2 and R7 act as the route reflector for IBGP IPV4 unicast within AS9. An I-BGP ipv4 session

should not be established between R3 R4 R5 R6.

R1 , R8 act as route reflector for IBGP ipv4 unicast within AS1009. An IBGP IPV4 session

should not establish between R9 R10.

(14)

ROUTE REFLECTOR - R7&R8

ROUTE REFLECTOR Client

R5, R6, R9, R10

ON R7:

router bgp 9 no bgp default ipv4-unicast bgp log-neighbor-changes neighbor 9.9.0.2 remote-as 9

neighbor 9.9.0.2 update-source Loopback0 neighbor 9.9.0.3 remote-as 9

neighbor 9.9.0.6 update-source Loopback0 ! address-family ipv4 no synchronization network 9.9.0.7 mask 255.255.255.255 neighbor 9.9.0.2 activate neighbor 9.9.0.2 send-community neighbor 9.9.0.2 route-reflector-client neighbor 9.9.0.3 activate neighbor 9.9.0.3 send-community neighbor 9.9.0.3 route-reflector-client neighbor 9.9.0.4 activate neighbor 9.9.0.4 send-community neighbor 9.9.0.4 route-reflector-client neighbor 9.9.0.5 activate neighbor 9.9.0.5 send-community neighbor 9.9.0.5 route-reflector-client neighbor 9.9.0.6 activate neighbor 9.9.0.6 send-community neighbor 9.9.0.6 route-reflector-client no auto-summary exit-address-family !

ON R8:

neighbor 9.9.0.10 update-source Loopback0 !

address-family ipv4 no synchronization

network 9.9.0.8 mask 255.255.255.255 neighbor 9.9.0.1 activate

neighbor 9.9.0.1 send-community both neighbor 9.9.0.1 route-reflector-client neighbor 9.9.0.1 next-hop-self neighbor 9.9.0.9 activate neighbor 9.9.0.9 send-community neighbor 9.9.0.9 route-reflector-client neighbor 9.9.0.9 next-hop-self neighbor 9.9.0.10 activate neighbor 9.9.0.10 send-community neighbor 9.9.0.10 route-reflector-client neighbor 9.9.0.10 next-hop-self neighbor 9.9.78.7 activate

neighbor 9.9.78.7 send-community both no auto-summary exit-address-family !

ON R5:

neighbor 9.9.0.7 update-source Loopback0 ! address-family ipv4 no synchronization network 9.9.0.5 mask 255.255.255.255 neighbor 9.9.0.2 activate neighbor 9.9.0.2 send-community neighbor 9.9.0.7 activate neighbor 9.9.0.7 send-community no auto-summary exit-address-family !

ON R6:

ON R9:

ON R10:

(15)

ON IOS-XR

ROUTE REFLECTOR – R1 & R2

ROUTE REFLECTOR Client

R3 and R4

ON R1:

router bgp 1009

address-family ipv4 unicast network 9.9.0.1/32 ! ! neighbor 9.9.0.8 remote-as 1009 update-source Loopback0 address-family ipv4 unicast route-reflector-client ! ! ! neighbor 9.9.0.9 remote-as 1009 update-source Loopback0 address-family ipv4 unicast route-reflector-client ! ! neighbor 9.9.0.10 remote-as 1009 update-source Loopback0 address-family ipv4 unicast route-reflector-client !

ON R2:

router bgp 1009

address-family ipv4 unicast network 9.9.0.2/32 ! ! neighbor 9.9.0.3 remote-as 9 update-source Loopback0 address-family ipv4 unicast route-reflector-client ! ! neighbor 9.9.0.4 remote-as 9 update-source Loopback0 address-family ipv4 unicast route-reflector-client ! ! neighbor 9.9.0.5 remote-as 9 update-source Loopback0 address-family ipv4 unicast route-reflector-client !

neighbor 9.9.0.6 remote-as 9

update-source Loopback0 address-family ipv4 unicast route-reflector-client !

ON R3:

router bgp 9

address-family ipv4 unicast network 9.9.0.3/32 ! ! neighbor 9.9.0.2 remote-as 9 update-source Loopback0 address-family ipv4 unicast !

!

update-source Loopback0 address-family ipv4 unicast !

!

ON R4:

router bgp 9

address-family ipv4 unicast network 9.9.0.4/32 ! ! neighbor 9.9.0.2 remote-as 9 update-source Loopback0 address-family ipv4 unicast !

!

(16)

1.8 : IPV6 BGP unicast troubleshooting

R2 R3 R4 R5 R7 R6 have been preconfigured to belong to AS9.

R1 R8 R9 R10 have been preconfigured to belong to AS1009.

R2 act as the route reflector for IBGP IPV6 unicast within AS9. An iBGP IPv6 session should

not be established between R3 R4 R5 R6 R7.

R1 act as route reflector for iBGP IPv6 unicast within AS1009. An IBGP IPV6 session should

not establish between R6 R9 R10.

There are some problems in BGP IPV6 unicast find out and fix them.

Configuration for ASN 9

ROUTE REFLECTOR – R2

ROUTE REFLECTOR Client

R3, R4, R5, R6, R7

ON R2:

router bgp 9

address-family ipv6 unicast network 2002:9:9::2/128 ! ! neighbor 2002:9:9::3 remote-as 9 update-source Loopback0 address-family ipv6 unicast route-reflector-client ! ! neighbor 2002:9:9::4 remote-as 9 update-source Loopback0 address-family ipv6 unicast route-reflector-client !

!

ON R3:

router bgp 9

address-family ipv6 unicast network 2002:9:9::3/128 ! ! neighbor 2002:9:9::2 remote-as 9 update-source Loopback0 address-family ipv6 unicast !

ON R4:

router bgp 9

address-family ipv6 unicast network 2002:9:9::4/128 ! ! neighbor 2002:9:9::2 R1 RR For BGP AF IPv6

_R3

R4

R5 R6 R7 R8 R10 R9 VLAN 18 VLAN 109 VLAN 101 VLAN 89 VLAN 47 VLAN 23 VLAN 27 VLAN 34 VLAN 46 VLAN 35 VLAN 56

ASN

1009

ASN 9

POS

R2 RR For BGP AF IPv6

(17)

neighbor 2002:9:9::5 remote-as 9

remote-as 9

ON R5:

router bgp 9

neighbor 2002:9:9::2 remote-as 9

neighbor 2002:9:9::2 update-source Loopback0 address-family ipv6 no synchronization network 2002:9:9::5/128 neighbor 2002:9:9::2 activate neighbor 2002:9:9::2 send-community exit-address-family

ON R6:

router bgp 9 neighbor 2002:9:9::2 remote-as 9

ON R7:

Configuration for ASN 1009

ROUTE REFLECTOR – R1

ROUTE REFLECTOR Client

R8, R9, R10

ON R1:

router bgp 1009

address-family ipv6 unicast network 2002:9:9::1/128 ! ! neighbor 2002:9:9::8 remote-as 1009 update-source Loopback0 address-family ipv6 unicast route-reflector-client ! ! neighbor 2002:9:9::9 remote-as 1009 update-source Loopback0 address-family ipv6 unicast route-reflector-client ! ! neighbor 2002:9:9::10 remote-as 1009 update-source Loopback0 address-family ipv6 unicast route-reflector-client ! !

ON R8:

neighbor 2002:9:9::1 update-source Loopback0 !

address-family ipv6 no synchronization network 2002:9:9::8/128 neighbor 2002:9:9::1 activate

neighbor 2002:9:9::1 send-community both exit-address-family

!

ON R9:

router bgp 1009

address-family ipv6 no synchronization network 2002:9:9::9/128 neighbor 2002:9:9::1 activate

!

ON R10:

router bgp 1009

(18)

no synchronization network 2002:9:9::10/128 neighbor 2002:9:9::1 activate

!

1.9 (a): E-BGP IPv4 Peerings

Configure a E-BGP IPv4 unicast session between R1 and R2

Configure a E-BGP IPv4 unicast session between R7 and R8

Loopback 0 for all the Routers should be visible in both AS 9 and AS1009, no other routes

are allowed to be redistributed between AS9 and AS1009.

Point to point connected subnets between R1 and R2 / R7 & R8 are NOT ALLOWED to be

advertised/redistribute in the respective IGPs

R2 IOS-XR

R1 IOS-XR

router static

address-family ipv4 unicast

9.9.12.1/32 POS0/7/0/0

!

route-policy pass

pass

end-policy

!

router bgp 9

neighbor 9.9.12.1

remote-as 1009

address-family ipv4 unicast

route-policy pass in

route-policy pass out

commit

---

router bgp 1009 !

neighbor 9.9.0.3

address-family ipv4 unicast next-hop-self

!

router static

address-family ipv4 unicast

9.9.12.2/32 POS0/7/0/0

!

route-policy pass

pass

end-policy

!

router bgp 1009

neighbor 9.9.12.2

remote-as 9

address-family ipv4 unicast

route-policy pass in

route-policy pass out

commit

---

router bgp 1009 !

!

neighbor 9.9.0.10

(19)

!

R7-IOS

R8-IOS

router bgp 9

neighbor 9.9.78.8 remote-as 1009 address-family ipv4 unicast

neighbor 9.9.78.8 activate

neighbor 9.9.78.8 send-community both --- router bgp 9

address-family ipv4 unicast neighbor 9.9.0.2 next-hop-self neighbor 9.9.0.3 next-hop-self neighbor 9.9.0.4 next-hop-self neighbor 9.9.0.5 next-hop-self neighbor 9.9.0.6 next-hop-self router bgp 1009 neighbor 9.9.78.7 remote-as 9 address-family ipv4 unicast neighbor 9.9.78.7 activate

neighbor 9.9.78.7 send-community both --- router bgp 9

address-family ipv4 unicast neighbor 9.9.0.1 next-hop-self neighbor 9.9.0.9 next-hop-self neighbor 9.9.0.10 next-hop-self

1.9 (b): BGP IPV4 Unicast Path selection

Configure R7 to ensure that ipv4 traffic from AS9 destined to AS1009 chooses R7 as primary

exit point and R2 as backup exit point.

Configure R8 to ensure that ipv4 traffic from AS1009 destined to AS9 chooses R8 as primary

exit point and R1 as backup exit point.

R7-IOS

R8-IOS

! route-map LP permit 10 set local-preference 200 ! router bgp 9

address-family ipv4 unicast

neighbor 9.9.78.8 route-map LP in ! route-map LP permit 10 set local-preference 200 ! router bgp 1009

neighbor 9.9.78.7 route-map LP in

1.9 (c): E-BGP IPv6 Peering

Configure a E-BGP IPv6 unicast session between R1 and R2

Lo0 for all the Routers should be visible in both AS 9 and AS1009, no other routes are

allowed to be redistributed between AS9 and AS1009. Point to point connected subnets

between R1 & R2 are NOT ALLOWED to be advertised/redistribute in the respective IGPs

(20)

R2 IOS-XR

R1 IOS-XR

route-policy pass pass end-policy ! router bgp 9 neighbor 2002:9:9:12::1 remote-as 1009

address-family ipv6 unicast route-policy pass in route-policy pass out commit

--- router bgp 9

!

neighbor 2002:9:9::3 address-family ipv6 unicast next-hop-self

!

neighbor 2002:9:9::7 address-family ipv6 unicast next-hop-self ! route-policy pass pass end-policy ! router bgp 1009 neighbor 2002:9:9:12::2 remote-as 9

address-family ipv6 unicast route-policy pass in route-policy pass out commit

--- router bgp 9

!

Aliases  b4 - b6

Show ip route bgp - Show ipv6 route bgp Use TCL Script

1.10: MPLS LDP troubleshooting

MPLS is configured in AS9 & AS1009 on the interconnect interfaces there are some faults in

this find out and fix them.

(Table will be given in the LAB)

Rx-IOS (R5-R10)

Rx-IOS XR (R1-R4)

mpls ldp router-id loopback 0 interface X/X mpls ip mpls ip router-id yy.yy.0.x interface X/X interface X/X

(21)

EXAMPLE:

On R7:

int FastEthernet0/0.27 mpls ip

On R6:

mpls ldp router-id lo0 force on R9:

R9-R10 link on side is configured with password , other is not

mpls ldp neighbor 9.9.0.10 password cisco. same fault is coming between R1 and R8 , where R1 is a IOS-XR router

R1-IOS-XR !

mpls ldp

neighbor 9.9.0.8 password cisco ! !

VERFICATION COMMANDS:

show mpls ldp neighbor  ln show mpls ldp discovery  ld show mpls interfaces

show run | sec mpls

1.11: MPLS traffic engineering:

Set up MPLS traffic engineering tunnel between R6 & R2.

Configure R2 R3 R4 R5 R6 R7 to support MPLS traffic engineering.

Set up MPLS TE

tunnel 62

on R6 to reach R2 via

R4 R3 R2

.

Set up MPLS TE

tunnel 26

on R2 to reach R6 via

R3 R4 R6.

Ensure that traffic from R6 to the R2 loopback 2 interface chooses tunnel 62.

Ensure that traffic from R2 to the R8 loopback 2 interface chooses tunnel 26.

you are permitted to define static route on R6 and R2 to accomplish this task.

Configure R2 R3 R4 R5 R6 R7 to support a maximum 20 MB reservation on each sub

interface. Set up MPLS TE tunnel 62 with a bandwidth 6MB and MPLS Tunnel 26 with

(22)

STEP 1

STEP 2

On IOS  R5, R6, R7

ON XR R2,R3,R4

R5:

int FastEthernet0/0.35 mpls traffic-eng tunnels ip rsvp bandwidth 20000 int FastEthernet0/0.56 mpls traffic-eng tunnels ip rsvp bandwidth 20000

R6:

R7:

R2:

mpls traffic-eng int GigabitEthernet0/4/0/0.23 int GigabitEthernet0/4/0/0.27 rsvp int GigabitEthernet0/4/0/0.23 bandwidth 20M int GigabitEthernet0/4/0/0.27 bandwidth 20M

R3:

mpls traffic-eng int GigabitEthernet0/7/0/0.23 int GigabitEthernet0/7/0/0.34 int GigabitEthernet0/7/0/0.35 rsvp int GigabitEthernet0/7/0/0.23 bandwidth 20M int GigabitEthernet0/7/0/0.34 bandwidth 20M int GigabitEthernet0/7/0/0.35 bandwidth 20M

R4:

mpls traffic-eng interface GigabitEthernet0/9/0/0.34 interface GigabitEthernet0/9/0/0.46 interface GigabitEthernet0/9/0/0.47 rsvp interface GigabitEthernet0/0.34 bandwidth 20M

On IOS  R5, R6, R7

ON XR R2,R3,R4

mpls traffic-eng tunnels router ospf 9

mpls traffic-eng router-id loopback 0 mpls traffic-eng area 0

mpls traffic-eng multicast-intact

router ospf 9

mpls traffic-eng router-id loopback 0 mpls traffic-eng multicast-intact area 0

(23)

interface GigabitEthernet0/0.46 bandwidth 20M

interface GigabitEthernet0/0.47 bandwidth 20M

STEP 3

TUNNEL 62 IOS R6-R4-R3-R2

TUNNEL-26 IOS-XR R2-R3-R5-R6

ip explicit-path name 62 enable index 10 next-address 9.9.46.4 index 20 next-address 9.9.34.3 index 30 next-address 9.9.23.2

interface Tunnel62

ip unnumbered Loopback0 tunnel mode mpls traffic-eng tunnel destination 9.9.0.2

tunnel mpls traffic-eng bandwidth 6000 tunnel mpls traffic-eng path-option 1 explicit name 62 ip route 9.9.0.22 255.255.255.255 Tunnel62 explicit-path name 26 index 10 n s i u 9.9.23.3 index 20 n s i u 9.9.35.5 index 30 n s i u 9.9.56.6 int tunnel-te 26

ipv4 unnumbered loopback 0 destination 9.9.0.6

signalled-bandwidth 2000 path-option 1 explicit name 26 router static

address-family ipv4 unicast 9.9.0.66/32 tunnel-te 26

Verification

Show run mpls show run rsvp

show run mpls traffic-eng show mpls traffic-eng tunnels

1.12: MPLS TE link protection:

Set up an MPLS traffic engineering tunnel between R6 and R7.

Set up MPLS TE tunnel 67 to reach R7. use dynamic path option.

The TE tunnel 67 will transverse the link of Vlan XX (to be confirmed) between R4-R7.

Setup a backup MPLS TE tunnel 47 on R4 to protect the link of Vlan XX the backup tunnel

originates from R4 through R3 and end at R7.

if R4 detect any failure of the link, TE tunnel 67 should switch to this backup tunnel

immediately.

(24)

ON R6 - Tunnel 67:

interface Tunnel67

ip unnumbered Loopback0

tunnel mode mpls traffic-eng

tunnel destination 9.9.0.7

tunnel mpls traffic-eng path-option 1 dynamic

tunnel mpls traffic-eng autoroute announce

tunnel mpls traffic-eng fast-reroute

end

On R4 - Tunnel 47:

explicit-path name 47

index 10 n s i u 9.9.34.3

index 20 n s i u 9.9.23.2

index 30 n s i u 9.9.27.7

interface tunnel-te 47

ipv4 unnumbered loopback 0

destination 9.9.0.7

path-option 1 name 47

mpls traffic-eng

interface GigabitEthernet0/9/0/0.47

backup-path tunnel-te 47

NOTE:

After you shutdown R4-R7 interface on to test the backup tunnel , traffic will pass through backup tunnel only for few seconds. When you do a no-shut , tunnel 67 path will be through R5 , for tunnel to take direct path through R4 , you need to give following command on R6 or bounce the interface connecting R5 R6#mpls traffic-eng reoptimize

Verification

(25)

1.13 (a): IPV4 PIM-SM troubleshooting:

IPV4 multicast and PIM sparse mode have been configured in the services provider network

AS9 and AS1009 . All the Core Interfaces have ip pim sparse mode configured.

Table will be given in the lab. No Other Interface should have PIM enabled.

STEPs to solve this question

1) IP multicast-routing

2) Use Pi and Pn aliases

ON IOS-XR  R1,R2,R3,R4

ON IOS  R5,R6,R7,R8,R9,R10

multicast-routing address-family ipv4 interface loopback0 enable interface GigX/X.Z Enable --- router igmp interface loopback 0 join-group 239.255.0.X --- router pim address-family ipv4 interface loopback0 enable interface GigX/X.Z enable ip multicast-routing interface X/X ip pim sparse-mode --- interface loopback 0 ip igmp join-group 239.255.0.X

EXAMPLE 1:

On R6: conf t no ip pim rp-address 9.9.0.6 OR

R6 is configured for PIM BSR RP-CANDIDATE conf t

no ip pim rp-candidate lo0 R7:

interface fast0/0.27 ip pim sparse-mode

(26)

interface fast0/0.47 ip pim sparse-mode

R5,R6

ip pim sparse-mode is also configured on the serial interfaces going

towards R21 and R22 respectively .need to remove it as it interface serial 0/x

no ip pim sparse-mode

ON R2

pim is enabled for loopback2 , need to remove it from router pim and multicast routing. ! multicast-routing address-family ipv4 no interface Loopback2 ! router igmp no interface Loopback2 ! router pim address-family ipv4 no interface Loopback2 !

Verification on IOS

1) Show ip pim rp mapping

2) Pi - Pn

3) Show run | include igmp and show run int loopback 0

Verification on IOS-XR

1) Show pim rpf

2) Pi - Pn

3) Show run | include igmp and show run int loopback 0

4) Show run multicast-routing

5) Show run router pim

6) Show run router igmp

(27)

1.13 (b): PIM SM RP

Configure PIM-SM RP in the service provider network AS9 and AS1009 as follows:

R2 R3 R4 R5 R7 R6 are in the same multicast domain and use the R7 loopback0 ipv4 address

as the RP.

Use the BSR method to distribute the RP within AS9.

R1 R8 R9 R10 are in the same multicast domain and use the R8 loopback 0 ipv4 address as

the RP within AS1009.

RP information should not leak between the two domain AS9 and AS1009.

Multicast group address have been configured as shown in table.

Ensure that routers within AS 9 can ping the group address within AS9.

Ensure that router within AS1009 can ping the group address within AS 1009.

R7:

R8:

int Serial2/1 ip pim bsr-border ip pim sparse-mode

access-list 55 permit 239.255.0.0 0.0.255.255 ip pim bsr-candidate loopback 0

ip pim rp-candidate loopback 0 group-list 55

int Serial2/1 ip pim bsr-border ip pim sparse-mode

access-list 55 permit 239.255.0.0 0.0.255.255 ip pim bsr-candidate loopback 0

ip pim rp-candidate loopback 0 group-list 55

USE TCL SCRIPT on R2-R7 to ping 239.255.0.2-239.255.0.7

USE TCL SCRIPT on R1,R8-10 to ping 239.255.0.1, 239.255.0.8-10

1.13 (c): IPV4 MSDP

Configure MSDP between AS9 and AS1009 as follows:

Configure MSDP on R7 and R8. Use R7 and R8 Loopback 0 interface IPV4 address to

establish MSDP peer.

The RPs (R7 and R8) should inform each when multicast sources become active in their

autonomous systems. Ensure that the routes in AS 9 can ping multicast group in AS 1009

using the sources of loopback 0. Ensure that the routers in AS 1009 can ping multicast group

address in AS9 using the sources of loopback 0.

R7: R8:

ip msdp peer 9.9.0.8 connect-source lo 0 remote-as 1009

ip msdp peer 9.9.0.7 connect-source lo 0 remote-as 9

(28)

1.13 (c): IPV4 MSDP

Configure BFD between R5 and R6.

On R5:

On R6:

int Fa0/0.56 ip ospf bfd bfd interval 100 min_rx 100 multiplier 3 int Fa0/0.56 ip ospf bfd bfd interval 100 min_rx 100 multiplier 3

Verification:

show bfd neighbor

** NOTE : DON’T TEST ON DYNAMIPS, ROUTERS MIGHT CRASH , it will work on if you are

practicing on IOU/Gigavelociy Rack-Rental and offcource in actual lab ;)

Section 2: Implement Optimize and Troubleshooting

Access/Edge

Connection

technologies

.

There is ONE serial link between R9 and R20 , you need to configure R20 for ISIS-Level 1 for

both IPv4 and IPv6 unicast-routing.

R1

R8 R10 R9 R20 VLAN 18 VLAN 109 VLAN 101 VLAN 89

ASN

1009

P

LEVEL-1 Only CAN BE ISIS LEVEL-1-2 OR ISIS LEVEL-2 only

(29)

NOTE: In Lab1 there was a similar question between R10 and R20 with TWO Serial Links,

we were asked to make a Multilink and run ISIS for IPv4 as Level 2.

R20

R9

router isis

is-type level-1

net 47.0109.0000.0000.0120.00

metric-style wide

address-family ipv6

multi-topology

exit-address-family

interface Loopback0

ip address 9.9.0.20 255.255.255.255

ip router isis

ipv6 address 2002:9:9::20/128

ipv6 router isis

!

interface Serial0/2

ip address 9.9.209.20 255.255.255.0

encapsulation ppp

clock rate 2000000

ip router isis

ipv6 address 2002:9:9::20/128

ipv6 router isis

!

interface Serial2/0

description * CONNECTED TO R20 Ser0/2 *

ip address 9.9.209.9 255.255.255.0

ip router isis

encapsulation ppp

ipv6 address 2002:9:9:209::9/64

ipv6 router isis

serial restart-delay 0

isis circuit-type level-1

!

(30)

Section 3: Implement, Optimize and troubleshoot

L3VPN Technologies.

Virtual routing and forwarding instances (VRFs) on R1 R2, R3 , R4, R5, R6, R9 R10, R11, R12,

R13, R14 have been configured as follows:

VRF ABC site 1 users the VRF name ABC with route distinguisher 9:9 and import / export 9:9

for ipv4 and IPV6 address-family.

VRF ABC site 2 users the VRF name ABC with route distinguisher 9:9 and import / export 9:9

for ipv4 and IPV6 address-family.

VRF ABC site 3 users the VRF name ABC with route distinguisher 1009:9 and import / export

1009:9 for ipv4 and IPV6 address-family.

VRF XYZ site 1 and site 2 use the VRF name XYZ with RD 109:109 and import and export

route target 109:109 for IPV4 address family.

VRF XYZ site 3 use the vrf name XYZ with RD 1109:1109 and import and export route target

1109:1109 for ipv4 address-family.

NOTE: In the lab on some routers they are importing wrong RT’s ,

since for Inter-AS IPv4 and IPv6 VPNs requirements we have to

import other AS RT’s , so we will do it now and will also

quickly check if export Rt’s are correct .

Also, there is no VRF ABC on R7 and R8. You will not create VRF on R7 and R8. Plus, you don’t

need to advertise loopback 1 under ”address-family ipv4 unicast vrf ABC”.

The “send-community both” doesn’t matter in case of ipv4 and ipv6 address-family but it

will matter in case of vpnv4 and vpnv6

Verification

(31)

IOS  R1

IOS-XR  R2,R3,R4

vrf ABC

address-family ipv4 unicast import route-target 1009:9 ! export route-target 1009:9 ! !

address-family ipv6 unicast import route-target 1009:9 ! export route-target 1009:9 ! ! --- router bgp 1009 vrf ABC rd 1009:9

address-family ipv4 unicast network 172.9.0.1/32 !

address-family ipv6 unicast network 2002:172:9::1/128 !

vrf ABC

address-family ipv4 unicast import route-target 9:9 ! export route-target 9:9 ! !

address-family ipv6 unicast import route-target 9:9 ! export route-target 9:9 ! ! --- router bgp 9 vrf ABC rd 9:9

address-family ipv4 unicast network 172.9.0.X/32 !

address-family ipv6 unicast network 2002:172:9::X/128 !

IOS  R9,R10

IOS  R5,R6

On R9:

vrf definition ABC rd 1009:9 ! address-family ipv4 route-target export 1009:9 route-target import 1009:9 exit-address-family !

On R10:

vrf definition ABC rd 1009:9 ! address-family ipv4 route-target export 1009:9 route-target import 1009:9 exit-address-family ! address-family ipv6 route-target export 1009:9 route-target import 1009:9 exit-address-family !

On R5:

vrf definition ABC rd 9:9 ! address-family ipv4 route-target export 9:9 route-target import 9:9 exit-address-family !

On R10:

vrf definition ABC rd 9:9 ! address-family ipv4 route-target export 9:9 route-target import 9:9 exit-address-family ! address-family ipv6 route-target export 9:9 route-target import 9:9 exit-address-family !

(32)

3.1: IBGP VPNV4 Troubleshooting

R2 R3 R4 R5 R6 R7 have been configured IBGP vpnv4 within AS9.

R1 R8 R9 R10 have been configured IBGP vpnv4 within AS1009.

R7 acts as a route reflector for iBGP vpnv4 unicast within AS9. An IBGP VPNV4 session

should not be established between R3 R4 R5 R6 R2.

R8 acts as a route reflector for iBGP vpnv4 unicast within AS9. An IBGP VPNV4 session

should not be established between R1 R10 R9.

The interface Loopback 0 IP address is used to established BGP VPNV4 sessions.

The interface Loopback 1 network is put into VRF ABC IPV4 unicast address family.

There are some fault in the scenario find out and fix them.

R7  Route Reflector

R8  Route Reflector

router bgp 9

address-family vpnv4 neighbor 9.9.0.2 activate

neighbor 9.9.0.2 send-community both neighbor 9.9.0.2 route-reflector-client neighbor 9.9.0.2 next-hop-self

neighbor 9.9.0.4 send-community both neighbor 9.9.0.4 route-reflector-client neighbor 9.9.0.4 next-hop-self neighbor 9.9.0.5 activate router bgp 1009 address-family vpnv4 neighbor 9.9.0.1 activate

R1

_R3

R4

ASN

1009

ASN 9

PPP POS

R2

RR FOR IBGP VPNV4

RR FOR

IBGP

VPNV4

(33)

neighbor 9.9.0.6 send-community both neighbor 9.9.0.6 route-reflector-client neighbor 9.9.0.6 next-hop-self --- router bgp 9 neighbor 9.9.78.8 remote-as 1009 address-family vpnv4 unicast neighbor 9.9.78.8 activate

neighbor 9.9.78.8 send-community both exit-address-family ! --- router bgp 1009 neighbor 9.9.78.7 remote-as 9 address-family vpnv4 unicast neighbor 9.9.78.7 activate

neighbor 9.9.78.7 send-community both exit-address-family

!

R2,R3,R4  IOS-XR (RR Client)

R1  IOS-XR (RR Client)

Router bgp 9 Neighbor 9.9.0.7 Remote-as 9 Update-source loopback 0 Address-family vpnv4 unicast Router bgp 1009 Neighbor 9.9.0.8 Remote-as 1009 Update-source loopback 0 Address-family vpnv4 unicast

R5,R6  IOS (RR Client)

R9,R10  IOS (RR Client)

router bgp 9

address-family vpnv4 unicast neighbor 9.9.0.7 activate

neighbor 9.9.0.7 send-community both exit-address-family

router bgp 1009

address-family vpnv4 unicast neighbor 9.9.0.8 activate

neighbor 9.9.0.8 send-community both exit-address-family

3.2: IBGP VPNV6 Troubleshooting

R2 R3 R6 have been configured IBGP vpnv6 within AS9. R1 R10 have been configured IBGP

vpnv6 within AS1009.

R2 establishes a direct iBGP VPNv6 session with R3 and R6. R2 acts as a route reflector for

iBGP VPNV6 information in AS9. An IBGP VPNV6 session should not be established between

R3 & R6.

R1 establishes a direct iBGP VPNv6 session with R10 ONLY. R1 acts as a route reflector for

iBGP VPNV6 information in AS1009.

The interface Loopback 0 IP address is used to establish iBGP IPV6 session.

The interface Loopback 1 network is put into VRF ABC IPV6 unicast address family.

There are some fault in the scenario find out and fix them.

(34)

R1  IOS-XR (Route Reflector)

R2  IOS-XR (Route Reflector)

router bgp 1009 neighbor 9.9.0.10 remote-as 1009 update-source loopback 0 address-family vpnv6 unicast route-reflector-client next-hop-self --- route-policy pass pass end commit

router bgp 1009

neighbor 9.9.12.2

remote-as 9

address-family vpnv6 unicast

route-policy pass in

route-policy pass out

commit

router bgp 9 neighbor 9.9.0.3 remote-as 9 update-source loopback 0 address-family vpnv6 unicast route-reflector-client next-hop-self neighbor 9.9.0.6 remote-as 9 update-source loopback 0 address-family vpnv6 unicast route-reflector-client next-hop-self --- route-policy pass pass end commit

router bgp 9

neighbor 9.9.12.1

remote-as 1009

address-family vpnv6 unicast

route-policy pass in

route-policy pass out

commit

R1

_R3

R4

ASN

1009

ASN 9

PPP

POS

R2

RR FOR IBGP VPNV6 RR FOR IBGP VPNV6

(35)

R10  IOS (RR Client)

R3,R6  IOS (RR Client)

router bgp 1009

address-family vpnv6 unicast

neighbor 9.9.0.1 activate

neighbor 9.9.0.1 send-community both

exit-address-family

router bgp 9

address-family vpnv6 unicast

neighbor 9.9.0.2 activate

neighbor 9.9.0.2 send-community both

exit-address-family

3.3 Intra AS VPNV4

The ABC company at Site 1 used BGP IPV4 to connect to the service provider router R4 & R6.

R13 R14 locate in AS109.

Establish BGP IPV4 unicast session between R4 and R13.

Establish BGP IPV4 unicast session between R6 & R14.

Configure OSPF on R13 and R14 on the interface that are shown in the table.

Interface that are not listed in the table are not permitted to enable OSPF.

Router

Interface

Area

R13

Loopback 0

0 Ethe 1/1

0 R14

Loopback 0

0 Ethe 1/1

0 R4

R6 R13 R14 VLAN 46 VLAN 134 VLAN 146 VLAN 1314

ABC SITE

1

OSPF 109 A0

BGP AS 9

BGP AS 109

eBGPV4

(36)

R13  Customer Edge

R14  Customer Edge

router ospf 109 router-id 172.9.0.13 network 172.9.0.13 0.0.0.0 area 0 network 172.9.134.13 0.0.0.0 area 0 redistribute bgp 109 subnets router bgp 109 no bgp default ipv4-unicast neighbor 172.9.34.4 remote-as 9 address-family ipv4 neighbor 172.9.34.4 activate

neighbor 172.9.34.4 send-community both neighbor 172.9.34.4 send-label redistribute ospf 109 exit-address-family ! router ospf 109 router-id 172.9.0.14 network 172.9.0.14 0.0.0.0 area 0 network 172.9.134.14 0.0.0.0 area 0 redistribute bgp 109 subnets router bgp 109 no bgp default ipv4-unicast neighbor 172.9.146.6 remote-as 9 address-family ipv4 neighbor 172.9.146.6 activate

neighbor 172.9.146.6 send-community both neighbor 172.9.146.6 send-label

redistribute ospf 109 exit-address-family !

R4  Provider Edge

R6  Provider Edge

route-policy pass pass end-policy ! router static vrf ABC

172.9.34.13/32 GigabitEthernet0/4/0/1.143 !

!

router bgp 9 vrf ABC

address-family ipv4 unicast redistribute connected allocate-label all !

neighbor 172.9.34.13 remote-as 109

address-family ipv4 labeled-unicast route-policy pass in

route-policy pass out as-override

site-of-origin 109:1 !

!

router bgp 9

address-family ipv4 unicast vrf ABC neighbor 172.9.146.14 remote-as 109 neighbor 172.9.146.14 activate

neighbor 172.9.146.14 send-community both neighbor 172.9.146.14 send-label neighbor 172.9.146.14 as-override neighbor 172.9.146.14 soo 109:1 redistribute connected exit-address-family !

(37)

The ABC Company Site 2 used BGP IPV4 and OSPF to connect to service provider routers

R3-R11 IPV4 BGP and R12 - R5 OSPF IPV4. R3-R11 and R12 locate in AS109.

Establish BGP IPV4 unicast session between R3 and R11.

Configure OSPF on R5 , R12 and R11 on the interfaces that are shown in this table.

Interfaces that are not listed in the table are not permitted to enable the OSPF. Ensure that

the routers of ABC at site 1 and site 2 can ping each other via IPV4.

R3

ABC SITE

2

OSPF 109 A0

BGP 9

BGP 109

eBGPv4

Router

Interface

Area

R5

Loopback 1

0 Ethe 1/0

0 R12

Loopback 0

0 Ethe 1/1

0 Ethe 1/0

0 R11

Loopback 0

0 Ethe 1/1

0

(38)

R11  Customer Edge

R12  Customer Edge

! router ospf 109 log-adjacency-changes network 172.9.0.11 0.0.0.0 area 0 network 172.9.112.11 0.0.0.0 area 0 redistribute bgp 109 subnets tag 109 !

router bgp 109 no bgp default ipv4

neighbor 172.9.113.3 remote-as 9 address-family ipv4 unicast neighbor 172.9.113.3 activate

neighbor 172.9.113.3 send-community both neighbor 172.9.113.3 send-label redistribute ospf 109 router ospf 109 router-id 172.9.0.12 network 172.9.0.12 0.0.0.0 a 0 network 172.9.112.12 0.0.0.0 a 0 network 172.9.125.12 0.0.0.0 a 0

R3  Provider Edge

R5  Provider Edge

route-policy pass Pass end ! commit --- router static vrf ABC

172.9.113.11/32 GigabitEthernet0/7/0/0.143 --- !

router bgp 9 vrf ABC

address-family ipv4 unicast redistribute connected allocate-label all !

neighbor 172.9.113.11 remote-as 109

address-family ipv4 labeled-unicast route-policy PASS in

route-policy PASS out as-override

!

route-map DENY deny 10 match tag 109

route-map DENY permit 20

--- router ospf 109 vrf ABC

router-id 172.9.0.5

network 172.9.0.5 0.0.0.0 a 0 network 172.9.125.5 0.0.0.0 a 0 distribute-list route-map DENY in

redistribute bgp 9 subnets metric-type 1

router bgp 9

address-family ipv4 unicast vrf ABC

redistribute ospf 109 vrf ABC match internal external 1 external 2

(39)

3.4 Intra AS VPNv6

The ABC company at Site 1 used BGP IPV6 to connect to the service provider router R4 & R6. R13 R14 locate in AS109.

Establish BGP IPV6 unicast session between R6 & R14.

Configure OSPFV3 on R13 and R14 on the interface that are shown in the table.

Interface that are not listed in the table are not permitted to enable OSPF.

R13  Customer Edge

R14  Customer Edge

!

interface Loopback0 ipv6 ospf 109 area 0 !

interface FastEthernet0/0.1314 ipv6 ospf 109 area 0

!

ipv6 router ospf 109

interface Loopback0 ipv6 ospf 109 area 0 !

interface FastEthernet0/0.1314 ipv6 ospf 109 area 0

!

ipv6 router ospf 109 redistribute bgp 109 redistribute connected !

Router Interface Area

R13 Loopback 0 0 Ethe 1/1 0 R14 Loopback 0 0 Ethe 1/1 0

R4

ABC SITE

1

OSPFV3 109 A0

BGP AS 9

BGP AS 109

eBGPV6

(40)

router bgp 109

neighbor 2002:172:9:146::6 remote-as 9 !

address-family ipv6 unicast neighbor 2002:172:9:146::6 ac

neighbor 2002:172:9:146::6 send-community both redistribute ospf 109 include-connected

!

R6  Provider Edge

router bgp 9

address-family ipv6 unicast vrf ABC

neighbor 2002:172:9:146::14 remote-as 109 neighbor 2002:172:9:146::14 activate

neighbor 2002:172:9:146::14 send-community both neighbor 2002:172:9:146::14 as-override

redistribute connected

The ABC Company Site 2 used BGP IPV6 and EIGRP to connect to service provider routers R3-R11 IPV6 BGP and R11 - R12 EIGRPV6.

Establish BGP IPV6 unicast session between R3 and R11.

Configure EIGRPV6 on R11 , R12 on the interfaces that are shown in this table.

Interfaces that are not listed in the table are not permitted to enable the EIGRP. Ensure that

the routers of ABC at site 1 and site 2 can ping each other via IPV6.

Router Interface Area

R12 Loopback 0 0 Ethe 1/1 0 R11 Loopback 0 0 Ethe 1/1 0

R3

R5 R11 R12 VLAN 35 VLAN 125 VLAN 113 VLAN 112 ABC SITE 2 EIGRP V6 BGP 9 BGP 109 eBGPv6

(41)

R11  Customer Edge

R12  Customer Edge

! interface loopback 0 ipv6 eigrp 100 ! interface FastEthernet0/0.112 ipv6 eigrp 100 !

ipv6 router eigrp 100 redistribute connected redistribute bgp 109 metric 1000 100 255 1 1500 no shut ! ! router bgp 109 neighbor 2002:172:9:113::3 remote-as 9

neighbor 2002:172:9:113::3 activate

neighbor 2002:172:9:113::3 send-community both redistribute eigrp 100 include-connected

! interface loopback 0 ipv6 eigrp 100 ! interface FastEthernet0/0.112 ipv6 eigrp 100 !

ipv6 router eigrp 100 no shut !

R3  Provider Edge

! router bgp 9 vrf ABC

address-family ipv6 unicast redistribute connected !

neighbor 2002:172:9:113::11 remote-as 109

address-family ipv6 unicast route-policy PASS in route-policy PASS out as-override

(42)

3.5 Inter AS VPNv4

Configure R7 and R8 to establish eBGP VPNv4 sessions.

Other router in AS9 and AS 1009 should not exchange the EBGP VPNV4 information

between these two AS.

The ABC company at Site 3 uses EIGRP to connect to the service provider routers R9 R10.

Configure EIGRP on R9 R10 and R16 R15 on the interfaces that are shown in

the table.

Interfaces that are not listed in the table are not permitted to enable EIGRP.

Only the import route-target method can be used to control VPNV4 route distribution.

configure accordingly so that router of ABC at Site1, Site 2 and Site 3 can ping each via IPV4.

you are permitted to define a static route on R1 and R2.

Router Interface Area

R9 / R10 Loopback 1 100 Ethe 1/0 100 R16 Loopback 0 100 Ethe 1/0 100 Ethe 1/1 100 R15 Loopback 0 100 Ethe 1/0 100 Ethe 1/1 100 R10 R9 R16 R15 VLAN 109 VLAN 106 VLAN 159 VLAN 156

ABC SITE

3 B

G

P

1

0

9 B

G

P

1

0

9 E

IG

R

P

1

0

(43)

R15

R16

router eigrp 100 no auto network 172.9.0.15 0.0.0.0 network 172.9.156.15 0.0.0.0 network 172.9.105.15 0.0.0.0 router eigrp 100 no auto network 172.9.0.16 0.0.0.0 network 172.9.196.16 0.0.0.0 network 172.9.156.16 0.0.0.0

R9

R10

route-map SOO permit 10 set extcommunity soo 1109:1 exit

interface FastEthernet0/0.196 ip vrf sitemap SOO

exit

router eigrp 100

address-family ipv4 unicast vrf ABC no auto-summary autonomous-system 100 network 172.9.0.9 0.0.0.0 network 172.9.196.9 0.0.0.0 redistribute bgp 1009 default-metric 1000 100 255 1 1500 router bgp 1009

address-family ipv4 unicast vrf ABC redistribute eigrp 100

route-map SOO permit 10 set extcommunity soo 1109:1 exit

interface FastEthernet0/0.105 ip vrf sitemap SOO

exit

router eigrp 100

address-family ipv4 unicast vrf ABC no auto-summary autonomous-system 100 network 172.9.0.10 0.0.0.0 network 172.9.105.10 0.0.0.0 redistribute bgp 1009 default-metric 1000 100 255 1 1500 router bgp 1009

address-family ipv4 unicast vrf ABC redistribute eigrp 100