CCIE SP Workbook.pdf
Short Description
Download CCIE SP Workbook.pdf...
Description
CCIE Service Provider LAB 2 WORKBOOK (Updated)
ALIASES Aliases for IOS
Aliases for IOS-XR
alias exec c configure terminal alias exec p4 show ip interface brief alias exec p6 show ipv6 interface brief
alias c configure terminal alias p4 show ipv4 int brief alias pv4 show ipv4 vrf ABC int brief alias p6 show ipv6 int brief alias pv6 show ipv6 vrf ABC int brief
alias exec r show run | section router rip alias exec b show run | section router bgp alias exec o show run | section router ospf alias exec i show run | section ^router isis alias exec e show run | section router eigrp alias exec o4 show ip ospf neighbor alias exec o6 show ipv6 ospf neighbor alias exec oi4 show ip ospf interface brief alias exec oi6 show ipv6 ospf interface brief alias exec b4 show bgp ipv4 unicast summary alias exec b6 show bgp ipv6 unicast summary alias exec v4 show bgp vpnv4 unicast all summary alias exec v6 show bgp vpnv6 unicast all summary alias exec pn show ip pim neighbor alias exec pi show ip pim interface alias exec ld show mpls ldp discovery alias exec ln show mpls ldp neighbor
alias r show run router rip alias o show run router ospf alias b show run router bgp alias i show run router isis abc alias e show run router eigrp alias b4 show bgp ipv4 unicast summary alias b6 show bgp ipv6 unicast summary alias v4 show bgp vpnv4 unicast summary alias v6 show bgp vpnv6 unicast summary alias o4 show ospf neighbor alias oi4 show ospf interface brief alias o6 show ospfv3 neighbor alias oi6 show ospfv3 interface brief alias pn show pim ipv4 neighbor alias pi show pim ipv4 interface alias ld show mpls ldp discovery alias ln show mpls ldp neighbor commit
NOTE: In LAB, the first thing you will do is “WRITE ALIASES”. Creating and using aliases will save a huge amount of time in your LAB.
LAB Equipment Cisco XR12000 series Routers (IOS XR) Cisco 7200/7600 Series Routers (Regular IOS) Cisco ME3400E Series Switches (CAT OS)
Addressing Pattern In Service Provider Cores (ASN 9 and ASN 1009) For IPv4 Loopback Interfaces 9.9.0.X/32 Interconnected Interfaces 9.9.XY.X/24 For IPv6 Loopback Interfaces 2002:9:9::X/128 Interconnected Interfaces 2002:9:9:XY::X/64
Interfaces on XR Series Routers are “GigabitEthernet” and Interfaces on all other Routers are “Ethernet”
LAB 2 Questions and Diagrams
All Questions
Manage Devices
Guidelines
End Session
Help
Section 1: CORE TEHNOLOGY 1.1 OSPFv2 IPv4 troubleshooting OSPF for IPV4 routing on routers in AS9 has been configured for the interfaces according to the given table. There are some problems in the topology find out and fix them.
Routers
Area
Interfaces
R2
0
Gi0/0.27 Gi0/0.23 Lo0
R3
0
Gi0/0.35 Gi0/0.34 Gi0/0.23 Lo0
R4
0
Gi0/0.47 Gi0/0.46 Gi0/0.34 Lo0
R5
0
Fa0/0.56 Fa0/0.35 Lo0
R6
0
Fa0/0.56 Fa0/0.46 Lo0
R7
0
Fa0/0.47 Fa0/0.27 Lo0
NOTE: A Table will be given in the lab under the question , all interfaces will be in area 0. Don’t advertise any extra interface in the OSPF.
Aliases O4 - Oi4 - show ip route ospf Use TCL Script
Possible Faults for Task 1.1 Faults
Description of Faults
1
Hello or Dead interval Mismatch
2
MTU Mismatch
3
OSPF Network Type Mismatch
4
Duplicate Router IDs
5
Network Not advertised in OSPF
6
Wrong IP Address or Subnet mask
7
Mismatch Area IDs
8
Mismatch Regular Area Types (STUB, Totally STUB, NSSA, Totally NSSA).
9
Packet Filter can also cause problems.
10
Wrong Interface is advertised or right interface in wrong Area.
Example 1: OSPF neighbor ship is down b/w R3-R4 due to mismatch hello interval R3: ! router ospf 9 area 0 int GigabitEthernet0/0.34 no ip ospf hello-interval 20 !
Example 2: OSPF neighbor ship is down b/w R7-R4 due to mismatch MTU, neighbor-ship is stuck in EXSTART state. R7: ! interface FastEthernet0/0.47 no ip mtu 1300 !
Example 3: OSPF Neighbor ship is established between R5-R6, but one side is configured as “point-to-point” , for other side of the link network type is still “broadcast” . In this case both routers will not exchange the DATABASE. R6#show ip ospf neighbor Neighbor ID
Pri
State
Dead Time
9.9.0.5
0
FULL/ -
9.9.0.4 R6#
1
FULL/DR
00:00:37 00:00:37
Address 9.9.56.5 9.9.46.4
Interface FastEthernet0/0.56 FastEthernet0/0.46
ON R6: interface FastEthernet0/0.56 no ip ospf network point-to-point
1.2: OSPFv3 troubleshooting: OSPF for IPV6 routing on routers in AS9 have been configured according to the given table. There are some problems in the topology find out and fix them.
Routers
Area
Interfaces
R2
0 0 0
Gi0/0.27 Gi0/0.23 Lo0
R3
1 0 0 0
Gi0/0.35 Gi0/0.34 Gi0/0.23 Lo0
R4
0 1 0 0
Gi0/0.47 Gi0/0.46 Gi0/0.34 Lo0
R5
1 1 1
Fa0/0.56 Fa0/0.35 Lo0
R6
1 1 1
Fa0/0.56 Fa0/0.46 Lo0
R7
0 0 0
Fa0/0.47 Fa0/0.27 Lo0
R2
R3 VLAN 35
VLAN 23
R5
ASN 9 VLAN 27
OSPFV3 AREA 0 VLAN 47
VLAN 34
R4
R7
OSPFV3 VLAN AREA 1 56
VLAN 46
R6
Aliases O6 - Oi6 - show ipv6 route ospf Use TCL Script
Example 1: IPv6 OSPF neighbor-ship is down b/w R4-R6 due to area mismatch On R4: router ospfv3 9 no area 10 area 1 interface GigabitEthernet0/9/0/0.46
Example 2: IPv6 OSPF neighbor-ship is down between R2 is advertised in area 0. router ospfv3 9 Area 0 Interface loopback 0 No Interface Gig0/7/0/0.38 Interface Gig0/7/0/0.23 Interface Gig0/7/0/0.27
//Remove
and R3 due to wrong interface
1.3: ISIS for IPv4 ISIS for IPV4 has been configured in AS1009 according to the table. There are some problems in the topology find out and fix them.
1.4: ISIS for IPv6 ISIS for IPV6 has been configured in AS1009 according to the table.There are some problems in the topology find out and fix them.
R1 NOTE: We will solve the two questions simultaneously.
VLAN 101
R10
ASN 1009 VLAN
VLAN 109 18 CAN BE ISIS LEVEL-1-2 OR ISIS LEVEL-2 only VLAN 89
LEVEL-1 Only
R8
PPP
R9
R20
Example 1: R10 - R1 isis for ipv6 is not enable
R1#sh isis neighbor detail System Id Type Interface R10 L2 Gi0/0.101 Area Address(es): 47.0110 SNPA: ca09.0bc0.0008
IP Address 9.9.101.10
State Changed: 00:45:13
State Holdtime Circuit Id UP 8 R10.02
IPv6 Address FE80 is not shown
LAN Priority: 64 Format: Phase V Remote TID: 0 Local TID: 0, 2 Interface name: GigabitEthernet0/0.101 R8 L2 Gi0/0.18 9.9.18.8 Area Address(es): 47.0108 SNPA: ca07.0bc0.0008 IPv6 Address(es): FE80::C807:BFF:FEC0:8 State Changed: 00:45:12 LAN Priority: 64 Format: Phase V Remote TID: 0, 2 Local TID: 0, 2 Interface name: GigabitEthernet0/0.18
UP
9
R8.02
R10: int FastEthernet0/0.101 ipv6 router isis
Example 2: configure AS 1009 as multi-topology: R1: router isis abc address-family ipv6 unicast no single-topology
IOS: R9,R10,R8 router isis address-family ipv6 unicast multi-topology
NOTE: if IOS-XR is running single-topology, then we don’t need to change it to MULTITOPOLOGY on both IOS /IOS-XR , Our goal is to just match the topology mode.
Example 3: ISIS NET ID is wrong on R8
! router isis no network 47.0109.0000.0000.8888.00 network 47.0108.0000.0000.8888.00 !
Example 4: IP Address is not configured on the interface but neighbor is UP.
on R9 configure the IPv4 Address on R9 interface connecting R10.
! interface FastEthernet0/0.109 encapsulation dot1Q 109 ip address 9.9.109.9 255.255.255.0 end NOTE: Need to check if the IP addresses and subnet masks are correct? It is very important to check these in an Integrated IS-IS environment because a misconfigured IP address will not prevent an IS-IS adjacency from being partially established
SOLUTION for Task 1.3 and Task 1.4 (ISIS for IPv4/IPv6) R8/R9/R10
R1 : IOS-XR
ON R8
router isis abc net 47.0101.0000.0000.1111.00 address-family ipv4 unicast metric-style wide ! address-family ipv6 unicast metric-style wide
router isis net 47.0108.0000.0000.8888.00 metric-style wide ! address-family ipv6 multi-topology exit-address-family ! Interface loopback 0 ip router isis Ipv6 router isis
//Default and will not be displayed if configured.
! interface Loopback0 passive address-family ipv4 unicast !
! interface FastEthernet 0/0.18 Ip router isis Ipv6 router isis ! interface FastEthernet 0/0.89 Ip router isis Ipv6 router isis !
ON R9 router isis net 47.0109.0000.0000.9999.00 metric-style wide ! address-family ipv6 multi-topology exit-address-family ! Interface loopback 0 ip router isis Ipv6 router isis ! interface FastEthernet 0/0.109 Ip router isis Ipv6 router isis ! interface FastEthernet 0/0.89 Ip router isis Ipv6 router isis !
address-family ipv6 unicast ! ! interface GigabitEthernet0/1/0/0.18 point-to-point address-family ipv4 unicast ! address-family ipv6 unicast ! ! interface GigabitEthernet0/1/0/0.101 address-family ipv4 unicast ! address-family ipv6 unicast ! !
//Single-Topology ISIS cost calculation for IPv4 and IPv6 will remain same. Calculate once and use twice. This is not processor intensive.
//Multi-Topology Individual Metric Calculation for IPv4 and IPv6 Calculation. We should use this when we want to change the path for IPv6 routes and we will be able to change the cost for IPv6 routes. NOTE: We will use Multi-Topology and we will use metric-style wide.
ON R10 router isis net 47.0110.0000.0000.1010.00 metric-style wide ! address-family ipv6 multi-topology exit-address-family ! Interface loopback 0 ip router isis Ipv6 router isis !
Aliases i show isis neighbor detail show ip route isis show ipv6 route isis
interface FastEthernet 0/0.109 Ip router isis Ipv6 router isis ! interface FastEthernet 0/0.101 Ip router isis Ipv6 router isis !
1.5: ISIS Link or Network Type Configure ISIS as point to point between R1 R8.
R1 router isis abc interface Gig0/2/1/0.18 point-to-point
R8 interface fastethernet0/0.18 isis network point-to-point
1.6: OSPFv3 Path Control R7 is getting R5 Loopback IPv6 address via two paths R4-R6-R5 and from R2-R3-R5. Configure R3 such that it should prefer the path one (R4-R6-R5) as primary. router ospfv3 9 address-family ipv6 unicast ! area 1 int GigabitEthernet0/7/0/0.35 cost 30 ! !
Verification on R7# traceroute 2002:9:9::5
1.7: IPV4 BGP unicast troubleshooting R2 R3 R4 R5 R7 R6 have been preconfigured to belong to AS9. R1 R8 R9 R10 have been preconfigured to belong to AS1009. R2 and R7 act as the route reflector for IBGP IPV4 unicast within AS9. An I-BGP ipv4 session should not be established between R3 R4 R5 R6. R1 , R8 act as route reflector for IBGP ipv4 unicast within AS1009. An IBGP IPV4 session should not establish between R9 R10. There are some problems in BGP IPV4 unicast find out and fix them.
ROUTE REFLECTOR - R7&R8
ROUTE REFLECTOR Client R5, R6, R9, R10
ON R7:
ON R5:
router bgp 9 no bgp default ipv4-unicast bgp log-neighbor-changes neighbor 9.9.0.2 remote-as 9 neighbor 9.9.0.2 update-source Loopback0 neighbor 9.9.0.3 remote-as 9 neighbor 9.9.0.3 update-source Loopback0 neighbor 9.9.0.4 remote-as 9 neighbor 9.9.0.4 update-source Loopback0 neighbor 9.9.0.5 remote-as 9 neighbor 9.9.0.5 update-source Loopback0 neighbor 9.9.0.6 remote-as 9 neighbor 9.9.0.6 update-source Loopback0 ! address-family ipv4 no synchronization network 9.9.0.7 mask 255.255.255.255 neighbor 9.9.0.2 activate neighbor 9.9.0.2 send-community neighbor 9.9.0.2 route-reflector-client neighbor 9.9.0.3 activate neighbor 9.9.0.3 send-community neighbor 9.9.0.3 route-reflector-client neighbor 9.9.0.4 activate neighbor 9.9.0.4 send-community neighbor 9.9.0.4 route-reflector-client neighbor 9.9.0.5 activate neighbor 9.9.0.5 send-community neighbor 9.9.0.5 route-reflector-client neighbor 9.9.0.6 activate neighbor 9.9.0.6 send-community neighbor 9.9.0.6 route-reflector-client no auto-summary exit-address-family !
router bgp 9 no bgp default ipv4-unicast bgp log-neighbor-changes neighbor 9.9.0.2 remote-as 9 neighbor 9.9.0.2 update-source Loopback0 neighbor 9.9.0.7 remote-as 9 neighbor 9.9.0.7 update-source Loopback0 ! address-family ipv4 no synchronization network 9.9.0.5 mask 255.255.255.255 neighbor 9.9.0.2 activate neighbor 9.9.0.2 send-community neighbor 9.9.0.7 activate neighbor 9.9.0.7 send-community no auto-summary exit-address-family !
ON R8: router bgp 1009 no bgp default ipv4-unicast bgp log-neighbor-changes neighbor 9.9.0.1 remote-as 1009 neighbor 9.9.0.1 update-source Loopback0 neighbor 9.9.0.9 remote-as 1009 neighbor 9.9.0.9 update-source Loopback0 neighbor 9.9.0.10 remote-as 1009 neighbor 9.9.0.10 update-source Loopback0 ! address-family ipv4 no synchronization network 9.9.0.8 mask 255.255.255.255 neighbor 9.9.0.1 activate neighbor 9.9.0.1 send-community both neighbor 9.9.0.1 route-reflector-client neighbor 9.9.0.1 next-hop-self neighbor 9.9.0.9 activate neighbor 9.9.0.9 send-community neighbor 9.9.0.9 route-reflector-client neighbor 9.9.0.9 next-hop-self neighbor 9.9.0.10 activate neighbor 9.9.0.10 send-community neighbor 9.9.0.10 route-reflector-client neighbor 9.9.0.10 next-hop-self neighbor 9.9.78.7 activate neighbor 9.9.78.7 send-community both no auto-summary exit-address-family !
ON R6: router bgp 9 no bgp default ipv4-unicast bgp log-neighbor-changes neighbor 9.9.0.2 remote-as 9 neighbor 9.9.0.2 update-source Loopback0 neighbor 9.9.0.7 remote-as 9 neighbor 9.9.0.7 update-source Loopback0 ! address-family ipv4 no synchronization network 9.9.0.6 mask 255.255.255.255 neighbor 9.9.0.2 activate neighbor 9.9.0.2 send-community neighbor 9.9.0.7 activate neighbor 9.9.0.7 send-community no auto-summary exit-address-family !
ON R9: router bgp 1009 no bgp default ipv4-unicast bgp log-neighbor-changes neighbor 9.9.0.1 remote-as 1009 neighbor 9.9.0.1 update-source Loopback0 neighbor 9.9.0.8 remote-as 1009 neighbor 9.9.0.8 update-source Loopback0 ! address-family ipv4 no synchronization network 9.9.0.9 mask 255.255.255.255 neighbor 9.9.0.1 activate neighbor 9.9.0.1 send-community neighbor 9.9.0.8 activate neighbor 9.9.0.8 send-community no auto-summary exit-address-family !
ON R10: router bgp 1009 no bgp default ipv4-unicast bgp log-neighbor-changes neighbor 9.9.0.1 remote-as 1009 neighbor 9.9.0.1 update-source Loopback0 neighbor 9.9.0.8 remote-as 1009 neighbor 9.9.0.8 update-source Loopback0 ! address-family ipv4 no synchronization network 9.9.0.10 mask 255.255.255.255 neighbor 9.9.0.1 activate neighbor 9.9.0.1 send-community neighbor 9.9.0.8 activate neighbor 9.9.0.8 send-community no auto-summary exit-address-family !
ON IOS-XR
ROUTE REFLECTOR – R1 & R2
ROUTE REFLECTOR Client R3 and R4
ON R1:
ON R3:
router bgp 1009 address-family ipv4 unicast network 9.9.0.1/32 ! ! neighbor 9.9.0.8 remote-as 1009 update-source Loopback0 address-family ipv4 unicast route-reflector-client ! ! ! neighbor 9.9.0.9 remote-as 1009 update-source Loopback0 address-family ipv4 unicast route-reflector-client ! ! neighbor 9.9.0.10 remote-as 1009 update-source Loopback0 address-family ipv4 unicast route-reflector-client !
ON R2: router bgp 1009 address-family ipv4 unicast network 9.9.0.2/32 ! ! neighbor 9.9.0.3 remote-as 9 update-source Loopback0 address-family ipv4 unicast route-reflector-client ! ! neighbor 9.9.0.4 remote-as 9 update-source Loopback0 address-family ipv4 unicast route-reflector-client ! ! neighbor 9.9.0.5 remote-as 9 update-source Loopback0 address-family ipv4 unicast route-reflector-client ! neighbor 9.9.0.6 remote-as 9 update-source Loopback0 address-family ipv4 unicast route-reflector-client ! neighbor 9.9.0.7 remote-as 9 update-source Loopback0 address-family ipv4 unicast route-reflector-client !
router bgp 9 address-family ipv4 unicast network 9.9.0.3/32 ! ! neighbor 9.9.0.2 remote-as 9 update-source Loopback0 address-family ipv4 unicast ! ! neighbor 9.9.0.7 remote-as 9 update-source Loopback0 address-family ipv4 unicast ! !
ON R4: router bgp 9 address-family ipv4 unicast network 9.9.0.4/32 ! ! neighbor 9.9.0.2 remote-as 9 update-source Loopback0 address-family ipv4 unicast ! ! neighbor 9.9.0.7 remote-as 9 update-source Loopback0 address-family ipv4 unicast ! !
1.8 : IPV6 BGP unicast troubleshooting R2 R3 R4 R5 R7 R6 have been preconfigured to belong to AS9. R1 R8 R9 R10 have been preconfigured to belong to AS1009. R2 act as the route reflector for IBGP IPV6 unicast within AS9. An iBGP IPv6 session should not be established between R3 R4 R5 R6 R7. R1 act as route reflector for iBGP IPv6 unicast within AS1009. An IBGP IPV6 session should not establish between R6 R9 R10. There are some problems in BGP IPV6 unicast find out and fix them. R2 RR For BGP AF IPv6
R1 RR For BGP AF IPv6
R10
VLAN 109
VLAN 101
ASN 1009
VLAN 27
ASN 9 VLAN 34 VLAN 47
VLAN 89
R9
R8
VLAN 35
VLAN 23
POS
VLAN 18
R3
R4
R5
VLAN 56
VLAN 46
R6
R7
Configuration for ASN 9
ROUTE REFLECTOR – R2
ROUTE REFLECTOR Client R3, R4, R5, R6, R7
ON R2:
ON R3:
router bgp 9 address-family ipv6 unicast network 2002:9:9::2/128 ! ! neighbor 2002:9:9::3 remote-as 9 update-source Loopback0 address-family ipv6 unicast route-reflector-client ! ! neighbor 2002:9:9::4 remote-as 9 update-source Loopback0 address-family ipv6 unicast route-reflector-client ! !
router bgp 9 address-family ipv6 unicast network 2002:9:9::3/128 ! ! neighbor 2002:9:9::2 remote-as 9 update-source Loopback0 address-family ipv6 unicast !
ON R4: router bgp 9 address-family ipv6 unicast network 2002:9:9::4/128 ! ! neighbor 2002:9:9::2
neighbor 2002:9:9::5 remote-as 9 update-source Loopback0 address-family ipv6 unicast route-reflector-client ! neighbor 2002:9:9::6 remote-as 9 update-source Loopback0 address-family ipv6 unicast route-reflector-client ! neighbor 2002:9:9::7 remote-as 9 update-source Loopback0 address-family ipv6 unicast route-reflector-client !
remote-as 9 update-source Loopback0 address-family ipv6 unicast !
ON R5: router bgp 9 neighbor 2002:9:9::2 remote-as 9 neighbor 2002:9:9::2 update-source Loopback0 address-family ipv6 no synchronization network 2002:9:9::5/128 neighbor 2002:9:9::2 activate neighbor 2002:9:9::2 send-community exit-address-family
ON R6: router bgp 9 neighbor 2002:9:9::2 remote-as 9 neighbor 2002:9:9::2 update-source Loopback0 address-family ipv6 no synchronization network 2002:9:9::6/128 neighbor 2002:9:9::2 activate neighbor 2002:9:9::2 send-community exit-address-family
ON R7: router bgp 9 neighbor 2002:9:9::2 remote-as 9 neighbor 2002:9:9::2 update-source Loopback0 address-family ipv6 no synchronization network 2002:9:9::7/128 neighbor 2002:9:9::2 activate neighbor 2002:9:9::2 send-community exit-address-family
Configuration for ASN 1009
ROUTE REFLECTOR – R1
ROUTE REFLECTOR Client R8, R9, R10
ON R1:
ON R8:
router bgp 1009 address-family ipv6 unicast network 2002:9:9::1/128 ! ! neighbor 2002:9:9::8 remote-as 1009 update-source Loopback0 address-family ipv6 unicast route-reflector-client ! ! neighbor 2002:9:9::9 remote-as 1009 update-source Loopback0 address-family ipv6 unicast route-reflector-client ! ! neighbor 2002:9:9::10 remote-as 1009 update-source Loopback0 address-family ipv6 unicast route-reflector-client ! !
router bgp 1009 neighbor 2002:9:9::1 remote-as 1009 neighbor 2002:9:9::1 update-source Loopback0 ! address-family ipv6 no synchronization network 2002:9:9::8/128 neighbor 2002:9:9::1 activate neighbor 2002:9:9::1 send-community both exit-address-family !
ON R9: router bgp 1009 neighbor 2002:9:9::1 remote-as 1009 neighbor 2002:9:9::1 update-source Loopback0 ! address-family ipv6 no synchronization network 2002:9:9::9/128 neighbor 2002:9:9::1 activate neighbor 2002:9:9::1 send-community both exit-address-family !
ON R10: router bgp 1009 neighbor 2002:9:9::1 remote-as 1009 neighbor 2002:9:9::1 update-source Loopback0 ! address-family ipv6
no synchronization network 2002:9:9::10/128 neighbor 2002:9:9::1 activate neighbor 2002:9:9::1 send-community both exit-address-family !
1.9 (a): E-BGP IPv4 Peerings Configure a E-BGP IPv4 unicast session between R1 and R2 Configure a E-BGP IPv4 unicast session between R7 and R8 Loopback 0 for all the Routers should be visible in both AS 9 and AS1009, no other routes are allowed to be redistributed between AS9 and AS1009. Point to point connected subnets between R1 and R2 / R7 & R8 are NOT ALLOWED to be advertised/redistribute in the respective IGPs
R2 IOS-XR
R1 IOS-XR
router static address-family ipv4 unicast 9.9.12.1/32 POS0/7/0/0 ! route-policy pass pass end-policy ! router bgp 9 neighbor 9.9.12.1 remote-as 1009 address-family ipv4 unicast route-policy pass in route-policy pass out commit ----------------------------------------------------
router static address-family ipv4 unicast 9.9.12.2/32 POS0/7/0/0 ! route-policy pass pass end-policy !
router bgp 1009 ! neighbor 9.9.0.3 address-family ipv4 unicast next-hop-self ! neighbor 9.9.0.4 address-family ipv4 unicast next-hop-self ! neighbor 9.9.0.5 address-family ipv4 unicast next-hop-self ! neighbor 9.9.0.6 address-family ipv4 unicast next-hop-self ! neighbor 9.9.0.7 address-family ipv4 unicast next-hop-self
router bgp 1009 neighbor 9.9.12.2 remote-as 9 address-family ipv4 unicast route-policy pass in route-policy pass out commit ---------------------------------------------------router bgp 1009 ! neighbor 9.9.0.8 address-family ipv4 unicast next-hop-self ! neighbor 9.9.0.9 address-family ipv4 unicast next-hop-self ! neighbor 9.9.0.10 address-family ipv4 unicast next-hop-self
!
R7-IOS
R8-IOS
router bgp 9 neighbor 9.9.78.8 remote-as 1009
router bgp 1009 neighbor 9.9.78.7 remote-as 9
address-family ipv4 unicast neighbor 9.9.78.8 activate neighbor 9.9.78.8 send-community both -----------------------------------------------------------router bgp 9 address-family ipv4 unicast neighbor 9.9.0.2 next-hop-self neighbor 9.9.0.3 next-hop-self neighbor 9.9.0.4 next-hop-self neighbor 9.9.0.5 next-hop-self neighbor 9.9.0.6 next-hop-self
address-family ipv4 unicast neighbor 9.9.78.7 activate neighbor 9.9.78.7 send-community both -----------------------------------------------------------router bgp 9 address-family ipv4 unicast neighbor 9.9.0.1 next-hop-self neighbor 9.9.0.9 next-hop-self neighbor 9.9.0.10 next-hop-self
1.9 (b): BGP IPV4 Unicast Path selection Configure R7 to ensure that ipv4 traffic from AS9 destined to AS1009 chooses R7 as primary exit point and R2 as backup exit point. Configure R8 to ensure that ipv4 traffic from AS1009 destined to AS9 chooses R8 as primary exit point and R1 as backup exit point.
R7-IOS
R8-IOS
! route-map LP permit 10 set local-preference 200 ! router bgp 9 address-family ipv4 unicast neighbor 9.9.78.8 route-map LP in
! route-map LP permit 10 set local-preference 200 ! router bgp 1009 address-family ipv4 unicast neighbor 9.9.78.7 route-map LP in
1.9 (c): E-BGP IPv6 Peering Configure a E-BGP IPv6 unicast session between R1 and R2 Lo0 for all the Routers should be visible in both AS 9 and AS1009, no other routes are allowed to be redistributed between AS9 and AS1009. Point to point connected subnets between R1 & R2 are NOT ALLOWED to be advertised/redistribute in the respective IGPs
R2 IOS-XR
R1 IOS-XR
route-policy pass pass end-policy ! router bgp 9 neighbor 2002:9:9:12::1 remote-as 1009 address-family ipv6 unicast route-policy pass in route-policy pass out commit ---------------------------------------------------router bgp 9 ! neighbor 2002:9:9::3 address-family ipv6 unicast next-hop-self ! neighbor 2002:9:9::4 address-family ipv6 unicast next-hop-self ! neighbor 2002:9:9::5 address-family ipv6 unicast next-hop-self ! neighbor 2002:9:9::6 address-family ipv6 unicast next-hop-self ! neighbor 2002:9:9::7 address-family ipv6 unicast next-hop-self !
route-policy pass pass end-policy ! router bgp 1009 neighbor 2002:9:9:12::2 remote-as 9 address-family ipv6 unicast route-policy pass in route-policy pass out commit ---------------------------------------------------router bgp 9 ! neighbor 2002:9:9::8 address-family ipv6 unicast next-hop-self ! neighbor 2002:9:9::9 address-family ipv6 unicast next-hop-self ! neighbor 2002:9:9::10 address-family ipv6 unicast next-hop-self !
Aliases b4 - b6 Show ip route bgp - Show ipv6 route bgp Use TCL Script
1.10: MPLS LDP troubleshooting MPLS is configured in AS9 & AS1009 on the interconnect interfaces there are some faults in this find out and fix them. (Table will be given in the LAB)
Rx-IOS (R5-R10)
Rx-IOS XR (R1-R4)
mpls ldp router-id loopback 0 interface X/X mpls ip
mpls ip router-id yy.yy.0.x interface X/X interface X/X
EXAMPLE: On R7: int FastEthernet0/0.27 mpls ip On R6: mpls ldp router-id lo0 force on R9: R9-R10 link on side is configured with password , other is not mpls ldp neighbor 9.9.0.10 password cisco. same fault is coming between R1 and R8 , where R1 is a IOS-XR router R1-IOS-XR ! mpls ldp neighbor 9.9.0.8 password cisco ! !
VERFICATION COMMANDS: show mpls ldp neighbor ln show mpls ldp discovery ld show mpls interfaces show run | sec mpls
1.11: MPLS traffic engineering: Set up MPLS traffic engineering tunnel between R6 & R2. Configure R2 R3 R4 R5 R6 R7 to support MPLS traffic engineering. Set up MPLS TE tunnel 62 on R6 to reach R2 via R4 R3 R2. Set up MPLS TE tunnel 26 on R2 to reach R6 via R3 R4 R6. Ensure that traffic from R6 to the R2 loopback 2 interface chooses tunnel 62. Ensure that traffic from R2 to the R8 loopback 2 interface chooses tunnel 26. you are permitted to define static route on R6 and R2 to accomplish this task. Configure R2 R3 R4 R5 R6 R7 to support a maximum 20 MB reservation on each sub interface. Set up MPLS TE tunnel 62 with a bandwidth 6MB and MPLS Tunnel 26 with bandwidth 2 MB.
STEP 1 On IOS R5, R6, R7
ON XR R2,R3,R4
mpls traffic-eng tunnels
router ospf 9 mpls traffic-eng router-id loopback 0 mpls traffic-eng multicast-intact area 0 mpls traffic-eng
router ospf 9 mpls traffic-eng router-id loopback 0 mpls traffic-eng area 0 mpls traffic-eng multicast-intact
STEP 2 On IOS R5, R6, R7
ON XR R2,R3,R4
R5:
R2:
int FastEthernet0/0.35 mpls traffic-eng tunnels ip rsvp bandwidth 20000 int FastEthernet0/0.56 mpls traffic-eng tunnels ip rsvp bandwidth 20000
mpls traffic-eng int GigabitEthernet0/4/0/0.23 int GigabitEthernet0/4/0/0.27
R6: int FastEthernet0/0.46 mpls traffic-eng tunnels ip rsvp bandwidth 20000 int FastEthernet0/0.56 mpls traffic-eng tunnels ip rsvp bandwidth 20000
rsvp int GigabitEthernet0/4/0/0.23 bandwidth 20M int GigabitEthernet0/4/0/0.27 bandwidth 20M
R3: mpls traffic-eng int GigabitEthernet0/7/0/0.23 int GigabitEthernet0/7/0/0.34 int GigabitEthernet0/7/0/0.35
R7: int FastEthernet0/0.27 mpls traffic-eng tunnels ip rsvp bandwidth 20000 int FastEthernet0/0.47 mpls traffic-eng tunnels ip rsvp bandwidth 20000
rsvp int GigabitEthernet0/7/0/0.23 bandwidth 20M int GigabitEthernet0/7/0/0.34 bandwidth 20M int GigabitEthernet0/7/0/0.35 bandwidth 20M
R4: mpls traffic-eng interface GigabitEthernet0/9/0/0.34 interface GigabitEthernet0/9/0/0.46 interface GigabitEthernet0/9/0/0.47 rsvp interface GigabitEthernet0/0.34 bandwidth 20M
interface bandwidth interface bandwidth
GigabitEthernet0/0.46 20M GigabitEthernet0/0.47 20M
STEP 3 TUNNEL 62 IOS R6-R4-R3-R2
TUNNEL-26 IOS-XR R2-R3-R5-R6
ip explicit-path name 62 enable index 10 next-address 9.9.46.4 index 20 next-address 9.9.34.3 index 30 next-address 9.9.23.2
explicit-path name 26 index 10 n s i u 9.9.23.3 index 20 n s i u 9.9.35.5 index 30 n s i u 9.9.56.6
interface Tunnel62 ip unnumbered Loopback0 tunnel mode mpls traffic-eng tunnel destination 9.9.0.2 tunnel mpls traffic-eng bandwidth 6000 tunnel mpls traffic-eng path-option 1 explicit name 62
int tunnel-te 26 ipv4 unnumbered loopback 0 destination 9.9.0.6 signalled-bandwidth 2000 path-option 1 explicit name 26 router static address-family ipv4 unicast 9.9.0.66/32 tunnel-te 26
ip route 9.9.0.22 255.255.255.255 Tunnel62
Verification Show run mpls show run rsvp show run mpls traffic-eng show mpls traffic-eng tunnels
1.12: MPLS TE link protection: Set up an MPLS traffic engineering tunnel between R6 and R7. Set up MPLS TE tunnel 67 to reach R7. use dynamic path option. The TE tunnel 67 will transverse the link of Vlan XX (to be confirmed) between R4-R7. Setup a backup MPLS TE tunnel 47 on R4 to protect the link of Vlan XX the backup tunnel originates from R4 through R3 and end at R7. if R4 detect any failure of the link, TE tunnel 67 should switch to this backup tunnel immediately.
ON R6 - Tunnel 67: interface Tunnel67 ip unnumbered Loopback0 tunnel mode mpls traffic-eng tunnel destination 9.9.0.7 tunnel mpls traffic-eng path-option 1 dynamic tunnel mpls traffic-eng autoroute announce tunnel mpls traffic-eng fast-reroute end
On R4 - Tunnel 47: explicit-path name 47 index 10 n s i u 9.9.34.3 index 20 n s i u 9.9.23.2 index 30 n s i u 9.9.27.7 interface tunnel-te 47 ipv4 unnumbered loopback 0 destination 9.9.0.7 path-option 1 name 47 mpls traffic-eng interface GigabitEthernet0/9/0/0.47 backup-path tunnel-te 47
NOTE:
After you shutdown R4-R7 interface on to test the backup tunnel , traffic will pass through backup
tunnel only for few seconds. When you do a no-shut , tunnel 67 path will be through R5 , for tunnel to take direct path through R4 , you need to give following command on R6 or bounce the interface connecting R5
R6#mpls traffic-eng reoptimize
Verification R4#show mpls traffic-eng tunnels backup
1.13 (a): IPV4 PIM-SM troubleshooting: IPV4 multicast and PIM sparse mode have been configured in the services provider network AS9 and AS1009 . All the Core Interfaces have ip pim sparse mode configured. Table will be given in the lab. No Other Interface should have PIM enabled. STEPs to solve this question 1) IP multicast-routing 2) Use Pi and Pn aliases
ON IOS-XR R1,R2,R3,R4
ON IOS R5,R6,R7,R8,R9,R10
multicast-routing address-family ipv4 interface loopback0 enable interface GigX/X.Z Enable
ip multicast-routing interface X/X ip pim sparse-mode
--------------------------router igmp interface loopback 0 join-group 239.255.0.X
--------------------------interface loopback 0 ip igmp join-group 239.255.0.X
--------------------------router pim address-family ipv4 interface loopback0 enable interface GigX/X.Z enable
EXAMPLE 1: On R6: conf t no ip pim rp-address 9.9.0.6 OR R6 is configured for PIM BSR RP-CANDIDATE conf t no ip pim rp-candidate lo0 R7: interface fast0/0.27 ip pim sparse-mode
interface fast0/0.47 ip pim sparse-mode
R5,R6 ip pim sparse-mode is also configured on the serial interfaces going towards R21 and R22 respectively .need to remove it as it interface serial 0/x no ip pim sparse-mode
ON R2 pim is enabled for loopback2 multicast routing. ! multicast-routing address-family ipv4 no interface Loopback2 ! router igmp no interface Loopback2 ! router pim address-family ipv4 no interface Loopback2 !
, need to remove it from router pim and
Verification on IOS 1) Show ip pim rp mapping 2) Pi - Pn 3) Show run | include igmp and show run int loopback 0 Verification on IOS-XR 1) Show pim rpf 2) Pi - Pn 3) Show run | include igmp and show run int loopback 0 4) Show run multicast-routing 5) Show run router pim 6) Show run router igmp
1.13 (b): PIM SM RP Configure PIM-SM RP in the service provider network AS9 and AS1009 as follows: R2 R3 R4 R5 R7 R6 are in the same multicast domain and use the R7 loopback0 ipv4 address as the RP. Use the BSR method to distribute the RP within AS9. R1 R8 R9 R10 are in the same multicast domain and use the R8 loopback 0 ipv4 address as the RP within AS1009. RP information should not leak between the two domain AS9 and AS1009. Multicast group address have been configured as shown in table. Ensure that routers within AS 9 can ping the group address within AS9. Ensure that router within AS1009 can ping the group address within AS 1009.
R7:
R8:
int Serial2/1 ip pim bsr-border ip pim sparse-mode
int Serial2/1 ip pim bsr-border ip pim sparse-mode
access-list 55 permit 239.255.0.0 0.0.255.255
access-list 55 permit 239.255.0.0 0.0.255.255
ip pim bsr-candidate loopback 0 ip pim rp-candidate loopback 0 group-list 55
ip pim bsr-candidate loopback 0 ip pim rp-candidate loopback 0 group-list 55
USE TCL SCRIPT on R2-R7 to ping 239.255.0.2-239.255.0.7 USE TCL SCRIPT on R1,R8-10 to ping 239.255.0.1, 239.255.0.8-10
1.13 (c): IPV4 MSDP Configure MSDP between AS9 and AS1009 as follows: Configure MSDP on R7 and R8. Use R7 and R8 Loopback 0 interface IPV4 address to establish MSDP peer. The RPs (R7 and R8) should inform each when multicast sources become active in their autonomous systems. Ensure that the routes in AS 9 can ping multicast group in AS 1009 using the sources of loopback 0. Ensure that the routers in AS 1009 can ping multicast group address in AS9 using the sources of loopback 0. R7:
R8:
ip msdp peer 9.9.0.8 connect-source lo 0 remote-as 1009
ip msdp peer 9.9.0.7 connect-source lo 0 remote-as 9
USE TCL SCRIPT on R1-R10 to ping 239.255.0.1-239.255.0.10
1.13 (c): IPV4 MSDP Configure BFD between R5 and R6.
On R5:
On R6:
int Fa0/0.56 ip ospf bfd bfd interval 100 min_rx 100 multiplier 3
int Fa0/0.56 ip ospf bfd bfd interval 100 min_rx 100 multiplier 3
Verification: show bfd neighbor
** NOTE : DON’T TEST ON DYNAMIPS, ROUTERS MIGHT CRASH , it will work on if you are practicing on IOU/Gigavelociy Rack-Rental and offcource in actual lab ;)
Section 2: Implement Optimize and Troubleshooting Access/Edge Connection technologies. There is ONE serial link between R9 and R20 , you need to configure R20 for ISIS-Level 1 for both IPv4 and IPv6 unicast-routing.
R1 VLAN 101
R10
ASN 1009 VLAN
VLAN 109 18 CAN BE ISIS LEVEL-1-2 OR ISIS LEVEL-2 only VLAN 89
LEVEL-1 Only
R8
PPP
R9
R20
NOTE: In Lab1 there was a similar question between R10 and R20 with TWO Serial Links, we were asked to make a Multilink and run ISIS for IPv4 as Level 2.
R20
R9
router isis is-type level-1 net 47.0109.0000.0000.0120.00 metric-style wide address-family ipv6 multi-topology exit-address-family
interface Serial2/0 description * CONNECTED TO R20 Ser0/2 * ip address 9.9.209.9 255.255.255.0 ip router isis encapsulation ppp ipv6 address 2002:9:9:209::9/64 ipv6 router isis serial restart-delay 0 isis circuit-type level-1 !
interface Loopback0 ip address 9.9.0.20 255.255.255.255 ip router isis ipv6 address 2002:9:9::20/128 ipv6 router isis ! interface Serial0/2 ip address 9.9.209.20 255.255.255.0 encapsulation ppp clock rate 2000000 ip router isis ipv6 address 2002:9:9::20/128 ipv6 router isis !
Section 3: Implement, Optimize and troubleshoot L3VPN Technologies. Virtual routing and forwarding instances (VRFs) on R1 R2, R3 , R4, R5, R6, R9 R10, R11, R12, R13, R14 have been configured as follows: VRF ABC site 1 users the VRF name ABC with route distinguisher 9:9 and import / export 9:9 for ipv4 and IPV6 address-family. VRF ABC site 2 users the VRF name ABC with route distinguisher 9:9 and import / export 9:9 for ipv4 and IPV6 address-family. VRF ABC site 3 users the VRF name ABC with route distinguisher 1009:9 and import / export 1009:9 for ipv4 and IPV6 address-family. VRF XYZ site 1 and site 2 use the VRF name XYZ with RD 109:109 and import and export route target 109:109 for IPV4 address family. VRF XYZ site 3 use the vrf name XYZ with RD 1109:1109 and import and export route target 1109:1109 for ipv4 address-family.
NOTE: In the lab on some routers they are importing wrong RT’s , since for Inter-AS IPv4 and IPv6 VPNs requirements we have to import other AS RT’s , so we will do it now and will also quickly check if export Rt’s are correct .
Also, there is no VRF ABC on R7 and R8. You will not create VRF on R7 and R8. Plus, you don’t need to advertise loopback 1 under ”address-family ipv4 unicast vrf ABC”. The “send-community both” doesn’t matter in case of ipv4 and ipv6 address-family but it will matter in case of vpnv4 and vpnv6
Verification show run | sec vrf
IOS R1
IOS-XR R2,R3,R4
vrf ABC address-family ipv4 unicast import route-target 1009:9 ! export route-target 1009:9 ! ! address-family ipv6 unicast import route-target 1009:9 ! export route-target 1009:9 ! ! ------------------------------------------------------router bgp 1009 vrf ABC rd 1009:9 address-family ipv4 unicast network 172.9.0.1/32 ! address-family ipv6 unicast network 2002:172:9::1/128 !
vrf ABC address-family ipv4 unicast import route-target 9:9 ! export route-target 9:9 ! ! address-family ipv6 unicast import route-target 9:9 ! export route-target 9:9 ! ! ------------------------------------------------------router bgp 9 vrf ABC rd 9:9 address-family ipv4 unicast network 172.9.0.X/32 ! address-family ipv6 unicast network 2002:172:9::X/128 !
IOS R9,R10
IOS R5,R6
On R9:
On R5:
vrf definition ABC rd 1009:9 ! address-family ipv4 route-target export 1009:9 route-target import 1009:9 exit-address-family !
vrf definition ABC rd 9:9 ! address-family ipv4 route-target export 9:9 route-target import 9:9 exit-address-family !
On R10:
On R10:
vrf definition ABC rd 1009:9 ! address-family ipv4 route-target export 1009:9 route-target import 1009:9 exit-address-family ! address-family ipv6 route-target export 1009:9 route-target import 1009:9 exit-address-family !
vrf definition ABC rd 9:9 ! address-family ipv4 route-target export 9:9 route-target import 9:9 exit-address-family ! address-family ipv6 route-target export 9:9 route-target import 9:9 exit-address-family !
3.1: IBGP VPNV4 Troubleshooting R2 R3 R4 R5 R6 R7 have been configured IBGP vpnv4 within AS9. R1 R8 R9 R10 have been configured IBGP vpnv4 within AS1009. R7 acts as a route reflector for iBGP vpnv4 unicast within AS9. An IBGP VPNV4 session should not be established between R3 R4 R5 R6 R2. R8 acts as a route reflector for iBGP vpnv4 unicast within AS9. An IBGP VPNV4 session should not be established between R1 R10 R9. The interface Loopback 0 IP address is used to established BGP VPNV4 sessions. The interface Loopback 1 network is put into VRF ABC IPV4 unicast address family. There are some fault in the scenario find out and fix them.
R1 R10
VLAN 109
VLAN 101
ASN 1009
VLAN 27
VLAN 18
PPP R8
RR FOR IBGP VPNV4
VLAN 35
VLAN 23
POS
VLAN 89
R9
R3
R2
ASN 9 VLAN
VLAN 56
34
VLAN 47
R4
R5
VLAN 46
R7
RR FOR IBGP VPNV4
R7 Route Reflector
R8 Route Reflector
router bgp 9 address-family vpnv4 neighbor 9.9.0.2 activate neighbor 9.9.0.2 send-community both neighbor 9.9.0.2 route-reflector-client neighbor 9.9.0.2 next-hop-self neighbor 9.9.0.3 activate neighbor 9.9.0.3 send-community both neighbor 9.9.0.3 route-reflector-client neighbor 9.9.0.3 next-hop-self neighbor 9.9.0.4 activate neighbor 9.9.0.4 send-community both neighbor 9.9.0.4 route-reflector-client neighbor 9.9.0.4 next-hop-self neighbor 9.9.0.5 activate
router bgp 1009 address-family vpnv4 neighbor 9.9.0.1 activate neighbor 9.9.0.1 send-community both neighbor 9.9.0.1 route-reflector-client neighbor 9.9.0.1 next-hop-self neighbor 9.9.0.9 activate neighbor 9.9.0.9 send-community both neighbor 9.9.0.9 route-reflector-client neighbor 9.9.0.9 next-hop-self neighbor 9.9.0.10 activate neighbor 9.9.0.10 send-community both neighbor 9.9.0.10 route-reflector-client neighbor 9.9.0.10 next-hop-self
R6
neighbor 9.9.0.5 send-community both neighbor 9.9.0.5 route-reflector-client neighbor 9.9.0.5 next-hop-self neighbor 9.9.0.6 activate neighbor 9.9.0.6 send-community both neighbor 9.9.0.6 route-reflector-client neighbor 9.9.0.6 next-hop-self -----------------------------------------------------router bgp 9 neighbor 9.9.78.8 remote-as 1009 address-family vpnv4 unicast neighbor 9.9.78.8 activate neighbor 9.9.78.8 send-community both exit-address-family !
R2,R3,R4 IOS-XR (RR Client)
-----------------------------------------------------router bgp 1009 neighbor 9.9.78.7 remote-as 9 address-family vpnv4 unicast neighbor 9.9.78.7 activate neighbor 9.9.78.7 send-community both exit-address-family !
R1 IOS-XR (RR Client)
Router bgp 9 Neighbor 9.9.0.7 Remote-as 9 Update-source loopback 0 Address-family vpnv4 unicast
Router bgp 1009 Neighbor 9.9.0.8 Remote-as 1009 Update-source loopback 0 Address-family vpnv4 unicast
R5,R6 IOS (RR Client)
R9,R10 IOS (RR Client)
router bgp 9 address-family vpnv4 unicast neighbor 9.9.0.7 activate neighbor 9.9.0.7 send-community both exit-address-family
router bgp 1009 address-family vpnv4 unicast neighbor 9.9.0.8 activate neighbor 9.9.0.8 send-community both exit-address-family
3.2: IBGP VPNV6 Troubleshooting R2 R3 R6 have been configured IBGP vpnv6 within AS9. R1 R10 have been configured IBGP vpnv6 within AS1009. R2 establishes a direct iBGP VPNv6 session with R3 and R6. R2 acts as a route reflector for iBGP VPNV6 information in AS9. An IBGP VPNV6 session should not be established between R3 & R6. R1 establishes a direct iBGP VPNv6 session with R10 ONLY. R1 acts as a route reflector for iBGP VPNV6 information in AS1009. The interface Loopback 0 IP address is used to establish iBGP IPV6 session. The interface Loopback 1 network is put into VRF ABC IPV6 unicast address family. There are some fault in the scenario find out and fix them.
RR FOR IBGP VPNV6
RR FOR IBGP VPNV6
R1 R10
VLAN 109
VLAN 101
ASN 1009
R2
VLAN 27
VLAN 18
PPP R8
VLAN 35
VLAN 23
POS
VLAN 89
R9
R3
ASN 9 VLAN 34 VLAN 47
R4
VLAN 56
VLAN 46
R7
R6
R1 IOS-XR (Route Reflector)
R2 IOS-XR (Route Reflector)
router bgp 1009 neighbor 9.9.0.10 remote-as 1009 update-source loopback 0 address-family vpnv6 unicast route-reflector-client next-hop-self -----------------------------------------------route-policy pass pass end commit
router bgp 9 neighbor 9.9.0.3 remote-as 9 update-source loopback 0 address-family vpnv6 unicast route-reflector-client next-hop-self
router bgp 1009 neighbor 9.9.12.2 remote-as 9 address-family vpnv6 unicast route-policy pass in route-policy pass out commit
R5
neighbor 9.9.0.6 remote-as 9 update-source loopback 0 address-family vpnv6 unicast route-reflector-client next-hop-self -----------------------------------------------route-policy pass pass end commit
router bgp 9 neighbor 9.9.12.1 remote-as 1009 address-family vpnv6 unicast route-policy pass in route-policy pass out commit
R10 IOS (RR Client)
R3,R6 IOS (RR Client)
router bgp 1009 address-family vpnv6 unicast neighbor 9.9.0.1 activate neighbor 9.9.0.1 send-community both exit-address-family
router bgp 9 address-family vpnv6 unicast neighbor 9.9.0.2 activate neighbor 9.9.0.2 send-community both exit-address-family
3.3 Intra AS VPNV4 The ABC company at Site 1 used BGP IPV4 to connect to the service provider router R4 & R6. R13 R14 locate in AS109. Establish BGP IPV4 unicast session between R4 and R13. Establish BGP IPV4 unicast session between R6 & R14. Configure OSPF on R13 and R14 on the interface that are shown in the table.
Router R13 R14
Interface Loopback 0 Ethe 1/1 Loopback 0 Ethe 1/1
Area 0 0 0 0
Interface that are not listed in the table are not permitted to enable OSPF.
BGP AS 9
R4
VLAN 46
R6
eBGPV4
ABC SITE VLAN 1 146
VLAN 134
R13
VLAN 1314
OSPF 109 A0
BGP AS 109
R14
eBGPV4
R13 Customer Edge
R14 Customer Edge
router ospf 109 router-id 172.9.0.13 network 172.9.0.13 0.0.0.0 area 0 network 172.9.134.13 0.0.0.0 area 0 redistribute bgp 109 subnets
router ospf 109 router-id 172.9.0.14 network 172.9.0.14 0.0.0.0 area 0 network 172.9.134.14 0.0.0.0 area 0 redistribute bgp 109 subnets
router bgp 109 no bgp default ipv4-unicast neighbor 172.9.34.4 remote-as 9 address-family ipv4 neighbor 172.9.34.4 activate neighbor 172.9.34.4 send-community both neighbor 172.9.34.4 send-label redistribute ospf 109 exit-address-family !
router bgp 109 no bgp default ipv4-unicast neighbor 172.9.146.6 remote-as 9 address-family ipv4 neighbor 172.9.146.6 activate neighbor 172.9.146.6 send-community both neighbor 172.9.146.6 send-label redistribute ospf 109 exit-address-family !
R4 Provider Edge
R6 Provider Edge
route-policy pass pass end-policy ! router static vrf ABC address-family ipv4 unicast 172.9.34.13/32 GigabitEthernet0/4/0/1.143 ! ! router bgp 9 vrf ABC address-family ipv4 unicast redistribute connected allocate-label all ! neighbor 172.9.34.13 remote-as 109 address-family ipv4 labeled-unicast route-policy pass in route-policy pass out as-override site-of-origin 109:1 ! !
router bgp 9 address-family ipv4 unicast vrf ABC neighbor 172.9.146.14 remote-as 109 neighbor 172.9.146.14 activate neighbor 172.9.146.14 send-community both neighbor 172.9.146.14 send-label neighbor 172.9.146.14 as-override neighbor 172.9.146.14 soo 109:1 redistribute connected exit-address-family !
The ABC Company Site 2 used BGP IPV4 and OSPF to connect to service provider routers R3R11 IPV4 BGP and R12 - R5 OSPF IPV4. R11 and R12 locate in AS109. Establish BGP IPV4 unicast session between R3 and R11. Configure OSPF on R5 , R12 and R11 on the interfaces that are shown in this table. Router R5 R12
R11
Interface Loopback 1 Ethe 1/0 Loopback 0 Ethe 1/1 Ethe 1/0 Loopback 0 Ethe 1/1
Area 0 0 0 0 0 0 0
Interfaces that are not listed in the table are not permitted to enable the OSPF. Ensure that the routers of ABC at site 1 and site 2 can ping each other via IPV4.
BGP 109
VLAN 112
R11
OSPF 109 A0
VLAN 125
VLAN 113
eBGPv4
R12
R3 VLAN 35
BGP 9
ABC SITE 2
R5
R11 Customer Edge
R12 Customer Edge
! router ospf 109 log-adjacency-changes network 172.9.0.11 0.0.0.0 area 0 network 172.9.112.11 0.0.0.0 area 0 redistribute bgp 109 subnets tag 109 ! router bgp 109 no bgp default ipv4 neighbor 172.9.113.3 remote-as 9 address-family ipv4 unicast neighbor 172.9.113.3 activate neighbor 172.9.113.3 send-community both neighbor 172.9.113.3 send-label redistribute ospf 109
router ospf 109 router-id 172.9.0.12 network 172.9.0.12 0.0.0.0 a 0 network 172.9.112.12 0.0.0.0 a 0 network 172.9.125.12 0.0.0.0 a 0
R3 Provider Edge
R5 Provider Edge
route-policy pass Pass end ! commit ----------------------------------------------------------router static vrf ABC address-family ipv4 unicast 172.9.113.11/32 GigabitEthernet0/7/0/0.143 ----------------------------------------------------------! router bgp 9 vrf ABC address-family ipv4 unicast redistribute connected allocate-label all ! neighbor 172.9.113.11 remote-as 109 address-family ipv4 labeled-unicast route-policy PASS in route-policy PASS out as-override !
route-map DENY deny 10 match tag 109 route-map DENY permit 20 --------------------------------------------------------router ospf 109 vrf ABC router-id 172.9.0.5 network 172.9.0.5 0.0.0.0 a 0 network 172.9.125.5 0.0.0.0 a 0 distribute-list route-map DENY in redistribute bgp 9 subnets metric-type 1 router bgp 9 address-family ipv4 unicast vrf ABC redistribute ospf 109 vrf ABC match internal external 1 external 2
3.4 Intra AS VPNv6 The ABC company at Site 1 used BGP IPV6 to connect to the service provider router R4 & R6. R13 R14 locate in AS109. Establish BGP IPV6 unicast session between R6 & R14. Configure OSPFV3 on R13 and R14 on the interface that are shown in the table. Router R13
Interface Loopback 0 Ethe 1/1 Loopback 0 Ethe 1/1
R14
Area 0 0 0 0
Interface that are not listed in the table are not permitted to enable OSPF.
BGP AS 9
R4
VLAN 46
R6
ABC SITE VLAN VLAN 1 134 146
R13
VLAN 1314
eBGPV6
R14
OSPFV3 109 A0
BGP AS 109
R13 Customer Edge
R14 Customer Edge
! interface Loopback0 ipv6 ospf 109 area 0 ! interface FastEthernet0/0.1314 ipv6 ospf 109 area 0 ! ipv6 router ospf 109
interface Loopback0 ipv6 ospf 109 area 0 ! interface FastEthernet0/0.1314 ipv6 ospf 109 area 0 ! ipv6 router ospf 109 redistribute bgp 109 redistribute connected !
router bgp 109 neighbor 2002:172:9:146::6 remote-as 9 ! address-family ipv6 unicast neighbor 2002:172:9:146::6 ac neighbor 2002:172:9:146::6 send-community both redistribute ospf 109 include-connected !
R6 Provider Edge router bgp 9 address-family ipv6 unicast vrf ABC neighbor 2002:172:9:146::14 remote-as 109 neighbor 2002:172:9:146::14 activate neighbor 2002:172:9:146::14 send-community both neighbor 2002:172:9:146::14 as-override redistribute connected
The ABC Company Site 2 used BGP IPV6 and EIGRP to connect to service provider routers R3-R11 IPV6 BGP and R11 - R12 EIGRPV6. Establish BGP IPV6 unicast session between R3 and R11. Configure EIGRPV6 on R11 , R12 on the interfaces that are shown in this table. Router R12 R11
Interface Loopback 0 Ethe 1/1 Loopback 0 Ethe 1/1
Area 0 0 0 0
Interfaces that are not listed in the table are not permitted to enable the EIGRP. Ensure that the routers of ABC at site 1 and site 2 can ping each other via IPV6. BGP 109
EIGRP V6
R11
VLAN 112
VLAN 125
VLAN 113
eBGPv6
R12
R3 VLAN 35
BGP 9
ABC SITE 2
R5
R11 Customer Edge
R12 Customer Edge
! interface loopback 0 ipv6 eigrp 100 ! interface FastEthernet0/0.112 ipv6 eigrp 100 ! ipv6 router eigrp 100 redistribute connected redistribute bgp 109 metric 1000 100 255 1 1500 no shut ! !
! interface loopback 0 ipv6 eigrp 100 ! interface FastEthernet0/0.112 ipv6 eigrp 100 ! ipv6 router eigrp 100 no shut !
router bgp 109 neighbor 2002:172:9:113::3 remote-as 9 address-family ipv6 unicast neighbor 2002:172:9:113::3 activate neighbor 2002:172:9:113::3 send-community both redistribute eigrp 100 include-connected
R3 Provider Edge ! router bgp 9 vrf ABC address-family ipv6 unicast redistribute connected ! neighbor 2002:172:9:113::11 remote-as 109 address-family ipv6 unicast route-policy PASS in route-policy PASS out as-override !
3.5 Inter AS VPNv4 Configure R7 and R8 to establish eBGP VPNv4 sessions. Other router in AS9 and AS 1009 should not exchange the EBGP VPNV4 information between these two AS. The ABC company at Site 3 uses EIGRP to connect to the service provider routers R9 R10. Configure EIGRP on R9 R10 and R16 R15 on the interfaces that are shown in the table. Router R9 / R10 R16
R15
Interface Loopback 1 Ethe 1/0 Loopback 0 Ethe 1/0 Ethe 1/1 Loopback 0 Ethe 1/0 Ethe 1/1
Area 100 100 100 100 100 100 100 100
Interfaces that are not listed in the table are not permitted to enable EIGRP. Only the import route-target method can be used to control VPNV4 route distribution. configure accordingly so that router of ABC at Site1, Site 2 and Site 3 can ping each via IPV4. you are permitted to define a static route on R1 and R2.
BGP 1109
VLAN 109
VLAN 159
R9
R15
ABC SITE 3
BGP 1009
VLAN 156
R10
EIGRP 100
VLAN 106
R16
R15
R16
router eigrp 100 no auto network 172.9.0.15 0.0.0.0 network 172.9.156.15 0.0.0.0 network 172.9.105.15 0.0.0.0
router eigrp 100 no auto network 172.9.0.16 0.0.0.0 network 172.9.196.16 0.0.0.0 network 172.9.156.16 0.0.0.0
R9
R10
route-map SOO permit 10 set extcommunity soo 1109:1 exit
route-map SOO permit 10 set extcommunity soo 1109:1 exit
interface FastEthernet0/0.196 ip vrf sitemap SOO exit
interface FastEthernet0/0.105 ip vrf sitemap SOO exit
router eigrp 100 address-family ipv4 unicast vrf ABC no auto-summary autonomous-system 100 network 172.9.0.9 0.0.0.0 network 172.9.196.9 0.0.0.0 redistribute bgp 1009 default-metric 1000 100 255 1 1500
router eigrp 100 address-family ipv4 unicast vrf ABC no auto-summary autonomous-system 100 network 172.9.0.10 0.0.0.0 network 172.9.105.10 0.0.0.0 redistribute bgp 1009 default-metric 1000 100 255 1 1500
router bgp 1009 address-family ipv4 unicast vrf ABC redistribute eigrp 100
router bgp 1009 address-family ipv4 unicast vrf ABC redistribute eigrp 100
3.6: Inter AS VPNV6 Configure R1 and R2 to establish e-BGP VPNv6 sessions. Other router in AS9 and AS 1009 should not exchange the EBGP VPNV6 information between these two AS. The ABC company at Site 3 uses BGP to connect to the service provider routers R9 R10. Router R16, R15 locate in AS1109 Establish BGP IPV6 unicast session between R15 R16. Establish BGP IPV6 unicast session between R15 and R10. Only the import route target method can be used to control VPNv6 route distribution. Configure accordingly so that routers of ABC at site 1, 2 , 3 can ping each other via ipv6.
R15
R16
router bgp 1109 no bgp default ipv4-unicast neighbor 2002:172:9:156::16 remote-as 1109 neighbor 2002:172:9:105::10 remote-as 1009
router bgp 1109 no bgp default ipv4-unicast neighbor 2002:172:9:156::15 remote-as 1109
address-family ipv6 unicast neighbor 2002:172:9:156::16 activate neighbor 2002:172:9:156::16 send-community both neighbor 2002:172:9:105::10 activate neighbor 2002:172:9:105::10 send-community both redistribute connected
address-family ipv6 unicast neighbor 2002:172:9:156::15 activate neighbor 2002:172:9:156::15 send-community both redistribute connected
R10 Provider Edge router bgp 1009 address-family ipv6 unicast vrf ABC neighbor 2002:172:9:105::15 remote-as 1109 neighbor 2002:172:9:105::15 activate neighbor 2002:172:9:105::15 send-community both redistribute connected
3.7a: Carrier Supporting Carrier -1 VPN ABC site 1 and site 2 is one service provider carrier (AS109) that is distributed in two locations. it requests support from AS 9 service provider carriers to provide MPLS VPNV4 services. Configure R3 R4 R5 R6 R11 R12 R14 R13 so that AS 109 is able to deliver MPLS VPNV4 services. The XYZ company at site 1 uses RIP version 2 to connect to the service provider router R13 and R14. The XYZ company at site 2 uses RIP version 2 to connect to the service provider router R11 and R12.
3.7b: Carrier Supporting Carrier -2 The XYZ company at site 3 uses OSPF to connect to the service provider R15 and R16. Configure RIP v-2 on the interfaces that are shown in this table.
Router R11 R12 R17
R13 R14 R18
Interface Loopback 1 Ethe 0/0 Loopback 1 Ethe 0/0 Loopback 1 Ethe 0/0 Ethe 0/1 Loopback 1 Ethe 0/0 Loopback 1 Ethe 0/0 Loopback 1 Ethe 0/0 Ethe 0/1
Establish BGP VPNv4 unicast session between R13 , R12 and R13 to R16. Configure accordingly so that routers of XYZ at Site 1 and Site 2 can Ping each other via IPV4. you are permitted to define static route on R3 & R4 VRF ABC. First Enable MPLS Supports on interfaces which are in IGP.
R13: interface FastEthernet0/0.1314 mpls ip
R14: interface FastEthernet0/0.1314 mpls ip
R11: interface FastEthernet0/0.112 mpls ip
R12: interface FastEthernet0/0.112 mpls ip
R9: interface FastEthernet0/0.196 mpls ip R16: interface FastEthernet0/0.156 mpls ip interface FastEthernet0/0.196 mpls ip
interface FastEthernet0/0.125 mpls ip R10: int FastEthernet0/0.106 mpls ip R15: interface FastEthernet0/0.105 mpls ip interface FastEthernet0/0.156 mpls ip
NOTE: we have already done send-lables using BGP on R3-R11 , R4-R13 and R6-R14 legs in AS9
VPNv4 Peerings as per CSC requriments: R13: R12:
R16:
router bgp 109
router bgp 1109
neighbor 172.9.0.12 remote-as 109 neighbor 172.9.0.12 update-source lo 0 neighbor 172.9.0.16 remote-as 1109 neighbor 172.9.0.16 update-source lo 0 neighbor 172.9.0.16 ebgp-multihop 255
address-family vpnv4 unicast neighbor 172.9.0.12 activate neighbor 172.9.0.12 send-community both neighbor 172.9.0.16 activate neighbor 172.9.0.16 send-community both neighbor 172.9.0.16 next-hop-unchanged
router bgp 109 neighbor 172.9.0.13 remote-as 109 neighbor 172.9.0.13 update-source lo 0 address-family vpnv4 unicast neighbor 172.9.0.13 activate neighbor 172.9.0.13 send-community both
neighbor 172.9.0.13 remote-as 109 neighbor 172.9.0.13 ebgp-multihop 255 neighbor 172.9.0.13 update-source Loopback0 address-family vpnv4 neighbor 172.9.0.13 activate neighbor 172.9.0.13 send-community both neighbor 172.9.0.13 next-hopunchanged exit-address-family
XYZ- SITE1 R13
R14
R18
router rip version 2 no auto-summary ! address-family ipv4 vrf XYZ redistribute bgp 109 metric 2 network 192.9.0.0 network 192.9.138.0 no auto-summary version 2 exit-address-family ! ! router bgp 109 address-family ipv4 vrf XYZ redistribute rip exit-address-family !
router rip version 2 no auto-summary ! address-family ipv4 vrf XYZ network 192.9.0.0 network 192.9.148.0 no auto-summary version 2 exit-address-family !
! router rip version 2 network 192.9.0.0 network 192.9.138.0 network 192.9.148.0 no auto-summary !
XYZ- SITE2 R11
R12
R17
router rip version 2 no auto-summary ! address-family ipv4 vrf XYZ network 192.9.0.0 network 192.9.117.0 no auto-summary version 2 exit-address-family !
router rip version 2 no auto-summary ! address-family ipv4 vrf XYZ redistribute bgp 109 metric 2 network 192.9.0.0 network 192.9.127.0 no auto-summary version 2 exit-address-family ! router bgp 109 address-family ipv4 vrf XYZ redistribute rip exit-address-family !
router rip version 2 network 192.9.0.0 network 192.9.117.0 network 192.9.127.0 no auto-summary !
XYZ- SITE3: R15
R16
R19
router ospf 1109 vrf XYZ router-id 192.9.0.15 log-adjacency-changes capability vrf-lite network 192.9.0.15 0.0.0.0 a 0 network 192.9.159.15 0.0.0.0 a 0 !
router ospf 1109 vrf XYZ router-id 192.9.0.16 log-adjacency-changes redistribute bgp 1109 subnets network 192.9.0.16 0.0.0.0 area 0 network 192.9.169.16 0.0.0.0 area 0 ! router bgp 1109 address-family ipv4 vrf XYZ no synchronization redistribute ospf 1109 vrf XYZ match in ex 1 ex 2 exit-address-family ! !
router ospf 100 router-id 192.9.0.19 log-adjacency-changes network 192.9.159.19 0.0.0.0 area 0 network 192.9.169.19 0.0.0.0 area 0 network 192.9.0.19 0.0.0.0 a 0 !
RT’s IMPORT on PE’s R13,R12 and R16 ! vrf definition XYZ address-family ipv4 route-target import 1109:1109 route-target import 109:109 exit-address-family !
3.8: Intra AS Multicast VPN The router in VPN ABC site 1 and site 2 have been configured PIM SM on the interface show in the table there are some fault find out and fix them. (Table of interconnect). Statically define the IPV4 address of interface Loopback 0 on R11 as the RP. Multicast group address have been configured on Loopback 0 of R11 R12 R13 R14. Configure R3,R4,R5, R6 so that they support multicast VPN. USE 239.255.13.100 for VRF ABC mdt default group address. Establish that R11 R12 R13 R14 can ping each these group address
Question 3.8 – Intra AS Multicast VPN STEP 1: Enable Multicast routing and Configure Static RP
On R11-R14 [Client Routers] ip multicast-routing ip pim rp-address 172.9.0.13
On R5-R6 [Provider Edges] ip multicast-routing vrf ABC ip pim vrf ABC rp-address 172.9.0.13
On R3-R4 [Provider Edges] router pim vrf ABC address-family ipv4 rp-address 172.9.0.13
STEP 2: Configure “PIM” on the appropriate interfaces.
On R11-R14 [Client Routers] R11 interface fas 0/0.112 ip pim sparse-mode interface fas 0/0.113 ip pim sparse-mode interface loopback 0 ip pim sparse-mode R13 interface fas 0/0.1314 ip pim sparse-mode interface fas 0/0.134 ip pim sparse-mode interface loopback 0 ip pim sparse-mode
On R5-R6 [Provider Edges] R5 interface fas 0/0.125 ip pim sparse-mode
R12 interface fas 0/0.112 ip pim sparse-mode interface fas 0/0.125 ip pim sparse-mode interface loopback 0 ip pim sparse-mode R14 interface fas 0/0.1314 ip pim sparse-mode interface fas 0/0.146 ip pim sparse-mode interface loopback 0 ip pim sparse-mode
R6 interface fas 0/0.146 ip pim sparse-mode
On R3-R4 [Provider Edges] R3
R4
multicast-routing vrf ABC address-family ipv4 interface loopback 1 enable interface GigabitEthernet0/1/0/1.113 enable
multicast-routing vrf ABC address-family ipv4 interface loopback 1 enable interface GigabitEthernet0/4/0/1.134 enable
router pim vrf ABC address-family ipv4 interface loopback 1 enable interface GigabitEthernet0/1/0/1.113 enable
router pim vrf ABC address-family ipv4 interface loopback 1 enable interface GigabitEthernet0/4/0/1.134 enable
STEP 3: Make sure that R11-R14’s loopback 0 has properly joined the igmp-groups. interface Loopback0 ip pim sparse-mode ip igmp join-group 239.255.172.X
STEP 4: Configure MDT Protocol to establish Tunnel on Provide Edges.
On R5-R6 [Provider Edges] R5 Vrf definition ABC address-family ipv4 bgp next-hop loopback 0 mdt default 239.255.13.100
R6 Vrf definition ABC address-family ipv4 bgp next-hop loopback 0 mdt default 239.255.13.100
On R3-R4 [Provider Edges] R3
multicast-routing address-family ipv4 mdt source Loopback0
R4 multicast-routing address-family ipv4 mdt source Loopback0
vrf ABC address-family ipv4 mdt default ipv4 239.255.13.100
vrf ABC address-family ipv4 mdt default ipv4 239.255.13.100
Section 4. Implement, Optimize and troubleshoot L2VPN Technologies 4.1 HDLC over MPLS R22 and R23 would like to establish HDLC connection through AS 9. Configure R7 and R6 to support HDLC over MPLS. configure OSPF for IPV4 and IPV6 on the interfaces that are shown in this table. Router R22 R23
Interface Loopback 0 S 2/0 Loopback 0 S 2/0
Area 0 0 0 0
Ensure that R22 and R23 have the OSPF IPV4 and IPV6 routes and can ping each other via IPV4 and IPV6. R22
R23
ipv6 unicast-routing
ipv6 unicast-routing
interface Loopback0 ip ospf 100 area 0 ipv6 ospf 100 area 0
interface Loopback0 ip ospf 100 area 0 ipv6 ospf 100 area 0
interface Serial0/2 ip ospf 100 area 0 ipv6 ospf 100 area 0
interface Serial0/2 ip ospf 100 area 0 ipv6 ospf 100 area 0
R7
R6
! interface Serial2/0 description *** CONNECTED TO R23 no ip address serial restart-delay 0 xconnect 9.9.0.6 67 encapsulation mpls end ! interface Serial2/0 description *** CONNECTED TO R23 no ip address serial restart-delay 0 xconnect 9.9.0.7 67 encapsulation mpls end
VERFICATION: R6#show mpls l2transport vc 67 Local intf ------------Se2/0
Local circuit Dest address VC ID Status -------------------------- --------------- ---------- ---------HDLC 9.9.0.7 67 UP
R6#show xconnect all Legend: XC ST=Xconnect State UP=Up DN=Down SB=Standby HS=Hot Standby
S1=Segment1 State AD=Admin Down RV=Recovering
S2=Segment2 State IA=Inactive NH=No Hardware
XC ST Segment 1 S1 Segment 2 S2 ------+---------------------------------+--+---------------------------------+-UP ac Se2/0(HDLC) UP mpls 9.9.0.7:67 UP R6#
R6#show mpls ldp neighbor . Peer LDP Ident: 9.9.0.7:0; Local LDP Ident 9.9.0.6:0 TCP connection: 9.9.0.7.61322 - 9.9.0.6.646 State: Oper; Msgs sent/rcvd: 23/24; Downstream Up time: 00:04:42 LDP discovery sources: Targeted Hello 9.9.0.6 -> 9.9.0.7, active, passive Addresses bound to peer LDP Ident: 9.9.27.7 9.9.47.7 9.9.0.7 9.9.78.7 R6#
R22#show ip ospf neighbor Neighbor ID 172.9.0.23
Pri 0
State FULL/
-
Dead Time 00:00:38
Address 172.9.223.23
Interface Serial0/2
Dead Time 00:00:31
Interface ID 8
Interface Serial0/2
R22#show ipv6 ospf neighbor Neighbor ID 172.9.0.23 R22#
Pri 1
State FULL/
-
4.2 Frame Relay & PPP over L2TPV3 R21 and R24 connect to the service provider by FR and PPP respectively. configure L2TPV3 on R5 and R10 to support FR and PPP using interworking IP. Configure OSPF IPV4 on the interfaces that are show in this table. Router R21 R24
Interface Loopback 0 S 2/0 Loopback 0 S 2/0
Area 0 0 0 0
Ensure that R21 and R24 have full IPV4 connectivity.
ON R5
ON R21
R5#show frame-relay pvc
R21#show frame-relay pvc
//TO GET THE DLCI going towards R21 (512)
//TO GET THE DLCI going towards R5 (215)
interface Serial2/0 description Connected to R21 Se0/2 no ip address encapsulation frame-relay serial restart-delay 0 ! ! pseudowire-class 2124 encapsulation l2tpv3 interworking ip ip local interface Loopback0 ! connect 2124 Serial2/0 521 l2transport xconnect 9.9.0.10 510 pw-class 2124 !
interface Serial0/2 description *** CONNECTED TO R5 VIA FR *** ip address 172.9.214.21 255.255.255.0 encapsulation frame-relay ip ospf network point-to-point frame-relay map ip 172.9.214.24 215 broadcast
ON R10 pseudowire-class 2124 encapsulation l2tpv3 interworking ip ip local interface Loopback0 ! ! interface Serial2/0 description *** CONNECTED TO R24 *** no ip address encapsulation ppp serial restart-delay 0 xconnect 9.9.0.5 510 pw-class 2124 end
Verification Commands R5# show connection R10# show xconnect all R24# show ip ospf neighbor
! router ospf 1 log-adjacency-changes network 172.9.0.21 0.0.0.0 area 0 network 172.9.214.21 0.0.0.0 area 0
ON R24 ! interface Serial0/2 description *** CONNECTED TO R10 Ser0/2 **** ip address 172.9.214.24 255.255.255.0 encapsulation ppp ! router ospf 1 log-adjacency-changes network 172.9.0.24 0.0.0.0 area 0 network 172.9.214.24 0.0.0.0 area 0 !
4.3: VPLS Define Vlan 123 on SW2 and SW3. Configure R2 and R4 to support Vlan over VPLS. Ensure that Vlan 123 is bridged over VPLS. Use Loopback 0 IPV4 address to establish neighbor. Configure SW3 so that SW3 becomes the STP root for vlan 123. VPLS is configured b/w R2 & R4.
R2 cdp interface GigabitEthernet0/4/0/1 cdp no shut ! interface GigabitEthernet X/X.123 l2transport commit dot1q vlan 123 commit ! l2vpn bridge group BG_24 bridge-domain BD_24 int GigabitEthernet0/4/0/1.123 ! vfi 24 neighbor 9.9.0.4 pw-id 24 ! ! ! ! ! commit ! ** CDP is not enabled by default on IOSXR , enable CDP to ensure which port on the switch you are connected .
SW-2 ! vlan 123 name VPLS ! spanning-tree vlan 123 ! interface GigabitEthernet0/2 description connected to R2-IOSXR- Gi-0/4/0/1 port-type nni switchport mode trunk no shutdown !
R4 cdp interface GigabitEthernet0/4/0/1 cdp no shut ! interface GigabitEthernet0/4/0/1.123 l2transport commit dot1q vlan 123 commit ! l2vpn bridge group BG_24 bridge-domain BD_24 int GigabitEthernet0/4/0/1.123 ! vfi 24 neighbor 9.9.0.2 pw-id 24 ! ! ! commit ! ** CDP is not enabled by default on IOS-XR , enable CDP to ensure which port on the switch you are connected .
SW-3 ! vlan 123 name VPLS ! spanning-tree vlan 123 spanning-tree vlan 123 root primary interface GigabitEthernet0/4 description connected to R4-IOSXR- Gi-0/9/0/2 port-type nni switchport mode trunk no shutdown !
Verification Commands: SW-3# show spanning-tree vlan 123
Enable mpls oam on R2 and R4 ! mpls oam commit ! RP/0/3/CPU0:R2#show l2vpn bridge-domain Fri Apr 13 14:03:48.853 UTC Bridge group: BG_24, bridge-domain: BD_24, id: 0, state: up, ShgId: 0, MSTi: 0 Aging: 300 s, MAC limit: 4000, Action: none, Notification: syslog Filter MAC addresses: 0 ACs: 1 (0 up), VFIs: 1, PWs: 1 (1 up), PBBs: 0 (0 up) List of ACs: Gi0/4/0/1.123, state: unresolved, Static MAC addresses: 0 List of Access PWs: List of VFIs: VFI 24 Neighbor 9.9.0.4 pw-id 24, state: up, Static MAC addresses: 0 RP/0/3/CPU0:R2# RP/0/3/CPU0:R2#ping mpls pseudowire 9.9.0.4 24 Fri Apr 13 14:04:41.181 UTC Sending 5, 100-byte MPLS Echos to 9.9.0.4 VC: 24, timeout is 2 seconds, send interval is 0 msec: Codes: '!' - success, 'Q' - request not sent, '.' - timeout, 'L' - labeled output interface, 'B' - unlabeled output interface, 'D' - DS Map mismatch, 'F' - no FEC mapping, 'f' - FEC mismatch, 'M' - malformed request, 'm' - unsupported tlvs, 'N' - no rx label, 'P' - no rx intf label prot, 'p' - premature termination of LSP, 'R' - transit router, 'I' - unknown upstream index, 'X' - unknown return code, 'x' - return code 0 Type escape sequence to abort. !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 5/19/75 ms RP/0/3/CPU0:R2#
View more...
Comments
