LAB 1-1
en
conf t
ip host r1 197.1.1.1
ip host r2 197.1.2.1
ip host r3 197.1.4.1
ip host r4 197.1.6.1
ip host good 192.168.20.20
ip host cheap 192.168.20.22
ip host client 192.168.21.99
host wg1r1
enable secret cisco
no ip domain-lookup
line vty 0 4
privilege level 15
logging sync
exec-timeout 0 0
line con 0
privilege level 15
logging sync
exec-timeout 0 0
int s0
encap frame-relay
no shut
int s0.1 point-to-point
frame-relay interface-dlci 122
ip address 192.168.1.1 255.255.255.252
int e0
no shut
ip address 192.168.20.1 255.255.255.0
int lo 0
ip address 197.1.1.1 255.255.255.0
int lo 1
ip address 197.1.8.1 255.255.255.0
router eigrp 1
passive-int e0
network 0.0.0.0 0.0.0.0
no auto-summ
redistribute static
ip route 0.0.0.0 0.0.0.0 null0
router bgp 1
neighbor 192.168.20.20 remote-as 20
--------
lab 1-2 Task 1
router bgp 1
network 197.1.1.0
network 197.1.2.0
network 197.1.3.0
network 197.1.4.0
network 197.1.5.0
network 197.1.6.0
network 197.1.7.0
network 197.1.8.0
network 192.168.1.0
------------
Lab 1-2 task 2
router bgp 1
no network 197.1.1.0
no network 197.1.2.0
no network 197.1.3.0
no network 197.1.4.0
no network 197.1.5.0
no network 197.1.6.0
no network 197.1.7.0
no network 197.1.8.0
no network 192.168.1.0
redistribute eigrp 1 route-map red-eigrp
route-map red-eigrp
match ip address 1
set origin igp
access-list 1 permit 197.1.0.0 0.0.255.255
access-list 1 permit 192.168.1.0 0.0.0.255
-------------
lab 1-3 task 3
router bgp 1
aggregate-address 197.1.0.0 0.0.255.255 summary-only
______________________________
en
conf t
ip host r1 197.1.1.1
ip host r2 197.1.2.1
ip host r3 197.1.4.1
ip host r4 197.1.6.1
ip host good 192.168.20.20
ip host cheap 192.168.20.22
ip host client 192.168.21.99
host wg1r2
enable secret cisco
no ip domain-lookup
line vty 0 4
privilege level 15
logging sync
exec-timeout 0 0
line con 0
privilege level 15
logging sync
exec-timeout 0 0
int s0
encap frame-relay
no shut
int s0.1 point-to-point
frame-relay interface-dlci 221
ip address 192.168.1.2 255.255.255.252
int e0
no shut
ip address 192.168.1.5 255.255.255.252
int lo 0
ip address 197.1.2.1 255.255.255.0
int lo 1
ip address 197.1.2.1 255.255.255.0
router eigrp 1
network 0.0.0.0 0.0.0.0
no auto-summ
_______________________
en
conf t
ip host r1 197.1.1.1
ip host r2 197.1.2.1
ip host r3 197.1.4.1
ip host r4 197.1.6.1
ip host good 192.168.20.20
ip host cheap 192.168.20.22
ip host client 192.168.21.99
host wg1r3
enable secret cisco
no ip domain-lookup
line vty 0 4
privilege level 15
logging sync
exec-timeout 0 0
line con 0
privilege level 15
logging sync
exec-timeout 0 0
int s0
no shut
ip address 192.168.1.9 255.255.255.252
clock rate 500000
int e0
no shut
ip address 192.168.1.6 255.255.255.252
int lo 0
ip address 197.1.4.1 255.255.255.0
int lo 1
ip address 197.1.5.1 255.255.255.0
router eigrp 1
network 0.0.0.0 0.0.0.0
no auto-summ
_________________________
en
conf t
ip host r1 197.1.1.1
ip host r2 197.1.2.1
ip host r3 197.1.4.1
ip host r4 197.1.6.1
ip host good 192.168.20.20
ip host cheap 192.168.20.22
ip host client 192.168.21.99
host wg1r4
enable secret cisco
no ip domain-lookup
line vty 0 4
privilege level 15
logging sync
exec-timeout 0 0
line con 0
privilege level 15
logging sync
exec-timeout 0 0
int s0
no shut
ip address 192.168.1.10 255.255.255.252
int e0
no shut
ip address 192.168.21.1 255.255.255.0
int lo 0
ip address 197.1.6.1 255.255.255.0
int lo 1
ip address 197.1.7.1 255.255.255.0
router eigrp 1
network 0.0.0.0 0.0.0.0
no auto-summ
LAB 2-1 - IBGP
r1
no router bgp 1
no route-map red-eigrp permit 10
no access-list 1
no ip route 0.0.0.0 0.0.0.0 null0
router eigrp 1
no redistribute static
no network 0.0.0.0
network 192.168.1.0
network 192.168.20.0
network 197.1.1.1 0.0.0.0
router bgp 1
no sync
no auto-summary
neighbor 192.168.20.20 remote-as 20
neighbor 197.1.2.1 remote-as 1
neighbor 197.1.4.1 remote-as 1
neighbor 197.1.6.1 remote-as 1
neighbor 197.1.2.1 update-so lo0
neighbor 197.1.4.1 update-so lo0
neighbor 197.1.6.1 update-so lo0
network 192.168.1.0
network 197.1.8.0
!!!!!!!!!!!!!!!!!!!!!
r2
router eigrp 1
no network 0.0.0.0
network 192.168.1.0
network 197.1.2.1 0.0.0.0
router bgp 1
no sync
no auto-summary
neighbor 197.1.1.1 remote-as 1
neighbor 197.1.4.1 remote-as 1
neighbor 197.1.6.1 remote-as 1
neighbor 197.1.1.1 update-so lo0
neighbor 197.1.4.1 update-so lo0
neighbor 197.1.6.1 update-so lo0
network 192.168.1.0
network 197.1.3.0
!!!!!!!!!!!!!!!!!!!!!!
r3
router eigrp 1
no network 0.0.0.0
network 192.168.1.0
network 197.1.4.1 0.0.0.0
router bgp 1
no sync
no auto-summary
neighbor 197.1.1.1 remote-as 1
neighbor 197.1.2.1 remote-as 1
neighbor 197.1.6.1 remote-as 1
neighbor 197.1.1.1 update-so lo0
neighbor 197.1.2.1 update-so lo0
neighbor 197.1.6.1 update-so lo0
network 192.168.1.0
network 197.1.5.0
r4
router eigrp 1
no network 0.0.0.0
network 192.168.1.0
network 197.1.6.1 0.0.0.0
network 192.168.21.0
router bgp 1
no sync
no auto-summary
neighbor 192.168.21.99 remote-as 99
neighbor 197.1.1.1 remote-as 1
neighbor 197.1.2.1 remote-as 1
neighbor 197.1.4.1 remote-as 1
neighbor 197.1.1.1 update-so lo0
neighbor 197.1.2.1 update-so lo0
neighbor 197.1.4.1 update-so lo0
network 192.168.1.0
network 197.1.7.0
__________________________________________
LAB 3-1
R1
IP AS-PATH ACCESS-LIST 1 DENY _213$
IP AS-PATH ACCESS-LIST 1 PERMIT .*
IP AS-PATH ACCESS-LIST 2 DENY _214_
IP AS-PATH ACCESS-LIST 2 PERMIT .*
IP AS-PATH ACCESS-LIST 3 PERMIT ^$
ROUTER BGP 1
neighbor 192.168.20.22 remote-as 22
NEIGHBOR 192.168.20.22 FILTER-LIST 1 IN
NEIGHBOR 192.168.20.22 FILTER-LIST 3 OUT
NEIGHBOR 192.168.20.20 FILTER-LIST 2 IN
NEIGHBOR 192.168.20.20 FILTER-LIST 3 OUT
_____________________________________
LAB 3-2
router bgp 1
neighbor 192.168.20.20 prefix-list good-in in
neighbor 192.168.20.22 prefix-list cheap-in in
ip prefix-list cheap-in 5 deny 128.0.0.0/2 ge 17
ip prefix-list cheap-in 10 deny 192.168.0.0/16 le 32
ip prefix-list cheap-in 20 deny 172.16.0.0/20 le 32
ip prefix-list cheap-in 30 deny 10.0.0.0/8 le 32
ip prefix-list cheap-in 40 permit 0.0.0.0/0 le 32
ip prefix-list good-in 5 deny 192.0.0.0/3 ge 24
ip prefix-list good-in 10 deny 192.168.0.0/16 le 32
ip prefix-list good-in 20 deny 172.16.0.0/20 le 32
ip prefix-list good-in 30 deny 10.0.0.0/8 le 32
ip prefix-list good-in 40 permit 0.0.0.0/0 le 32
_________________________________________________
LAB 4-1
Router bgp 1
neighbor 192.168.20.20 route-map good-in in
neighbor 192.168.20.20 route-map good-out out
neighbor 192.168.20.22 route-map cheap-in in
neighbor 192.168.20.22 route-map cheap-out out
route-map good-in permit 10
match as-path 10
set weight 150
route-map good-in permit 9999
set weight 0
ip as-path access-list 10 permit _213_|_37_
route-map cheap-in permit 9999
set weight 100
route-map good-out permit 9999
route-map cheap-out permit 9999
ip as-path access-list 1 permit ^20(_[0-9]+)*(_213_|_37_)
ip as-path access-list 2 permit ^22_
route-map weight permit 10
match as-path 1
set weight 200
route-map weight permit 20
match as-path 2
set weight 100
route-map weight permit 9999
router bgp 1
neighbor 192.168.20.20 route-map weight in
neighbor 192.168.20.22 route-map weight in
________________________________
Community Lab
______________________________________________________
LAB 4-4 Special Edition
build an inbound route-map from client
Only at wgxR4
if marked with these values from as99
- x:20 or x:22 do not forward out of local as to good or cheap
- x:80 set local preference to 80
- x:120 set local preference to 120
- x:1 prepend 2 copy of your as "x"
- x:2 append community of 20:123
****allowed commands on r1-r3***
_______
router(config)# ip bgp-community new-format
router(config)# router bgp 1
router(config-router)# neighbor x.x.x.x send-community
R4
router bgp 1
neighbor 192.168.21.99 route-map client-in in
ip community-list 1 permit 1:1
ip community-list 2 permit 1:2
ip community-list 20 permit 1:20
ip community-list 20 permit 1:22
ip community-list 80 permit 1:80
ip community-list 99 permit 1:120
route-map client-in permit 10
match community 1
set as-path prepend 1 1
route-map client-in permit 20
match community 2
set community 20:123 additive
route-map client-in permit 30
match community 20
set community no-export
route-map client-in 30
match community 80
set local-preference 80
route-map client-in 40
match community 99
set local-preference 120
________________________________________________
LAB 6-1
r1
router bgp 1
neighbor 197.1.6.1 shutdown
neighbor 197.1.4.1 shutdown
r2
router bgp 1
bgp cluster-id 2
neighbor 197.1.6.1 shutdown
neighbor 197.1.1.1 route-reflector-client
neighbor 192.168.31.2 shutdown
r3
router bgp 1
bgp cluster-id 3
neighbor 197.1.1.1 shutdown
neighbor 197.1.2.1 route-reflector-client
r4
router bgp 1
neighbor 197.1.1.1 shutdown
neighbor 197.1.2.1 shutdown
LAB 3-2
router bgp 1
neighbor 192.168.20.20 prefix-list good-in in
neighbor 192.168.20.22 prefix-list cheap-in in
ip prefix-list cheap-in 5 deny 128.0.0.0/2 ge 17
ip prefix-list cheap-in 10 deny 192.168.0.0/16 le 32
ip prefix-list cheap-in 20 deny 172.16.0.0/20 le 32
ip prefix-list cheap-in 30 deny 10.0.0.0/8 le 32
ip prefix-list cheap-in 40 permit 0.0.0.0/0 le 32
ip prefix-list good-in 5 deny 192.0.0.0/3 ge 24
ip prefix-list good-in 10 deny 192.168.0.0/16 le 32
ip prefix-list good-in 20 deny 172.16.0.0/20 le 32
ip prefix-list good-in 30 deny 10.0.0.0/8 le 32
ip prefix-list good-in 40 permit 0.0.0.0/0 le 32
_________________________________________________
LAB 4-1
Router bgp 1
neighbor 192.168.20.20 route-map good-in in
neighbor 192.168.20.20 route-map good-out out
neighbor 192.168.20.22 route-map cheap-in in
neighbor 192.168.20.22 route-map cheap-out out
route-map good-in permit 10
match as-path 10
set weight 150
route-map good-in permit 9999
set weight 0
ip as-path access-list 10 permit _213_|_37_
route-map cheap-in permit 9999
set weight 100
route-map good-out permit 9999
route-map cheap-out permit 9999
_________________________________________________
LAB 4-1 (alternate configuration)
ip as-path access-list 1 permit ^20(_[0-9]+)*(_213_|_37_)
ip as-path access-list 2 permit ^22_
route-map weight permit 10
match as-path 1
set weight 200
route-map weight permit 20
match as-path 2
set weight 100
route-map weight permit 9999
router bgp 1
neighbor 192.168.20.20 route-map weight in
neighbor 192.168.20.22 route-map weight in
________________________________
Community Lab
Advanced BGP Design with BGP Community Attribute
Objective:
You decide to offer additional Internet services to your customers. These services include:
n Using your autonomous system as primary or backup AS
n Using your autonomous system to reach only AS20 or only AS22
You will use BGP communities to give your customers the ability to indicate which services they would like to use in their BGP updates.
Command List:
Use the following commands to complete this exercise:
Command | Description |
router bgp as-number | Enter BGP configuration mode |
neighbor neighbor route-map name {in|out} | Use this command to apply a route map to incoming or outgoing routing updates. |
match community c-acl | Use this command in a route-map to match Communities by using a community list. |
set community community [additive] | Use this command in a route-map to set Community attributes. Use keyword “additive” to append Communities instead of replacing them. |
set local-preference num | Use this command to set Local Preference attribute. |
set metric metric | Use this command to set Multi‑exit Discriminator attribute. |
ip community-list num {permit|deny} community | Use this command to create a community access list. |
show ip bgp | Inspect the contents of the BGP table. |
show ip bgp regexp regexp | Use a regular expression to filter the output of “show ip bgp” command. |
show ip bgp community [community [community …]] [exact-match] | Use this command to view BGP routes that have at least on Community attribute or those specified in the command. |
show ip bgp community-list c‑list [exact-match] | Use this command to view BGP routes that are permitted by the specified community list. |
Table 5: Configuration and monitoring commands used with advanced BGP configurations
Guidelines:
Your AS should provide the following services to its customers:
n If a customer sends an update with Community x:22 the route should not be forwarded to AS 22.
n If a customer sends an update with Community x:20 the route should not be forwarded to AS 20.
n If a customer sends an update with Community x:80 the route should be marked with Local Preference 80.
n If a customer sends an update with Community x:120 the route should be marked with Local Preference 120.
Router Client has been preconfigured to send IP prefixes with various combinations of these communities attached to them. Your customer also uses BGP communities to indicate which services it would like to receive from AS 20. These communities have to be propagated to AS 20.
Task: Configure BGP Community Propagation
Step 1 On all routers in your autonomous system, configure BGP community propagation.
Task: Configure WGxR4 to Set Local Preference based on BGP Community
Step 2 Create a community list to match updates carrying BGP community x:80. Create another community list to match updates carrying BGP community x:120.
Step 3 Create a new route map. Match routes with the BGP community x:80 and set Local Preference to 80. Match routes with BGP community x:120 and set Local Preference to 120. Permit all other routes without modifying them.
Step 4 Apply the route map to incoming updates form router Client.
Task: Configure Outbound Filters on WGxR2
Step 5 Create a community list to match updates carrying Community x:20.
Step 6 Create a new statement in the route map already used for outgoing updates to router Good. This statement should filter out all BGP routes carrying communities x:20.
Task: Configure Outbound Filters on WGxR1
Step 7 Create a community list to match updates carrying Community x:20. Create another community list to match updates carrying Community x:22.
Step 8 Create a new statement in the route map already used for outgoing updates to router Good. This statement should filter out all BGP routes carrying communities x:20.
Step 9 Create a new route map. The first statement should match all BGP routes carrying community x:22 and filter them out. All other routes should be permitted.
Step 10 Apply the new route map to outgoing updates to router Cheap.
Verification:
n Identify customer networks and their corresponding Community attributes on router WGxR4.
WG4R4>show ip bgp community 4:80
BGP table version is 47, local router ID is 197.4.7.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 197.99.80.0 192.168.21.99 0 80 0 99 i
WG4R4>show ip bgp community 4:20
BGP table version is 47, local router ID is 197.4.7.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 197.99.20.0 192.168.21.99 0 0 99 i
n Log in to router WGxR1 and check whether appropriate action was taken based on the Community values (local preference set to value 120 for networks with community x:120; local preference set to value 80 for networks with community x:80).
WG4R1>show ip bgp community 4:80
BGP table version is 518, local router ID is 197.4.8.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*>i197.99.80.0 192.168.21.99 0 80 0 99 i
WG4R1>show ip bgp community 4:120
BGP table version is 518, local router ID is 197.4.8.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*>i197.99.120.0 192.168.21.99 0 120 0 99 i
n Log in to router Good and check whether appropriate action was taken based on the Community values (routing updates carrying the Community attribute x:20 should not be received from your routers).
Step 1 Find routes carrying community x:20
WG4R1>show ip bgp community 4:20
BGP table version is 518, local router ID is 197.4.8.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*>i197.99.20.0 192.168.21.99 0 100 0 99 i
Step 2 Log into the Good router and inspect the BGP table for routes you have identified in the previous step. Verify that you are not sending these routes to the Good router.
WG4R1>192.168.20.20
Trying 192.168.20.20 ... Open
Good>show ip bgp 197.99.20.0
BGP routing table entry for 197.99.20.0/24, version 2235
Paths: (3 available, best #2, table Default-IP-Routing-Table)
Advertised to peer-groups:
students
Advertised to non peer-group peers:
192.168.34.1
2 22 4 99
192.168.20.4 from 192.168.20.2 (197.2.8.1)
Origin IGP, localpref 100, valid, external
22 4 99
192.168.20.4 from 192.168.20.22 (192.20.11.1)
Origin IGP, localpref 100, valid, external, best
3 22 4 99
192.168.20.4 from 192.168.20.3 (197.3.8.1)
Origin IGP, localpref 100, valid, external
Step 3 Examine the routes you are sending to the Good router to verify that all other client routes are still propagated to the Good router.
Good>show ip bgp regexp ^4_
BGP table version is 2235, local router ID is 199.199.199.199
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
* 99.0.0.0 192.168.20.4 200 0 4 99 i
*> 192.168.34.1 25 0 4 99 i
*> 192.168.4.0 192.168.34.1 25 0 4 i
* 192.168.20.4 200 0 4 i
*> 197.4.0.0/16 192.168.34.1 25 0 4 i
* 192.168.20.4 200 0 4 i
* 197.99.1.0 192.168.20.4 200 0 4 99 i
*> 192.168.34.1 25 0 4 99 i
* 197.99.11.0 192.168.20.4 200 0 4 99 i
*> 192.168.34.1 25 0 4 99 I
… rest deleted …
n Log in to router Cheap and check whether appropriate action was taken based on the BGP community values (routing updates carrying the Community attribute x:22 should not be received from your routers).
Review Questions:
n What do you have to do to enable Community propagation?
n What mechanisms can you use to match or set Communities?
______________________________________________________
LAB 4-4 Special Edition
build an inbound route-map from client
Only at wgxR4
if marked with these values from as99
- x:20 or x:22 do not forward out of local as to good or cheap
- x:80 set local preference to 80
- x:120 set local preference to 120
- x:1 prepend 2 copy of your as "x"
- x:2 append community of 20:123
****allowed commands on r1-r3***
_______
router(config)# ip bgp-community new-format
router(config)# router bgp 1
router(config-router)# neighbor x.x.x.x send-community
R4
router bgp 1
neighbor 192.168.21.99 route-map client-in in
ip community-list 1 permit 1:1
ip community-list 2 permit 1:2
ip community-list 20 permit 1:20
ip community-list 20 permit 1:22
ip community-list 80 permit 1:80
ip community-list 99 permit 1:120
route-map client-in permit 10
match community 1
set as-path prepend 1 1
route-map client-in permit 20
match community 2
set community 20:123 additive
route-map client-in permit 30
match community 20
set community no-export
route-map client-in 30
match community 80
set local-preference 80
route-map client-in 40
match community 99
set local-preference 120
________________________________________________
LAB 6-1
r1
router bgp 1
neighbor 197.1.6.1 shutdown
neighbor 197.1.4.1 shutdown
r2
router bgp 1
bgp cluster-id 2
neighbor 197.1.6.1 shutdown
neighbor 197.1.1.1 route-reflector-client
neighbor 192.168.31.2 shutdown
r3
router bgp 1
bgp cluster-id 3
neighbor 197.1.1.1 shutdown
neighbor 197.1.2.1 route-reflector-client
r4
router bgp 1
neighbor 197.1.1.1 shutdown
neighbor 197.1.2.1 shutdown
No comments:
Post a Comment