Pete's Packet

Limitless

  • Catagories

  • Global visitors

    free counters

  • RSS CCIE Jobs – Metro NY area

    • Senior Network Engineer
      Titan Computer Services New York, NY
    • Architect
      Tekmark Global Solutions LLC New York, NYJob description: ...6) Visio drawings 7) Voice/data convergence 8) Data center design 9) Firewalls/security 10) CCIE Written Roles and Responsibilities: -Provide Network Architectural direction to various client outsourced customer accounts-Works with...
    • Sr. Network Engineer Cisco - Somerset NJ or Jersey City
      Confidential Company Somerset, NJJob description: ...industry knowledge* Excellent communication and interpersonal skills* Excellent customer presentation skills** Cisco Certifications preferred (CCNA, CCNP,CCIE).We are committed to a policy of Equal Employment opportunity and will not discriminate on any legally...
    • Senior Network/Communications Engineer
      Next Level Business Services, Inc. New York City, NYJob description: ...CCDP (Cisco Certified Design Professional)CCSP (Cisco Certified Security Professional)CCIE (Cisco Certified Internet Expert; Routing and Switching or Security)CISSP (Cisco Information Systems Security Professional)...

Archive for February, 2009

« Previous Entries

Narbik – OSPF notes.

Posted by Peter Kurdziel on February 27, 2009

OSPF states – what’s happening?

Down – hellos sent, none received

INIT – received hello

2WAY  - hellos & router-ids exchanged, DR election

EXSTART – DR & BDR adjacency, DR & others master/slave

EXCHANGE – DDP packets, database exchange

LOADING – LSR/LSU/LASCK

FULL – :)

ip ospf retransmission interval

If LSACK doesn’t come, neighbor is considered down after dead timer expires

State can be FULL, but routes wont be inserted into routing table unless network types are ok

Your OSPF is stuck somewhere?

DOWN – interface down, no neighbor statement for non-broadcast

INIT – ACL blocking, corrupt DB :(

2WAY – DR to DROTHER

EXSTART/EXCHANGE mtu mismatch- fix mtu or ip ospf mtu-ignore

LOADING – bad LSAs coming in (why?), Hardware problem (usually RAM)

FULL – network types not matching

Found on http://www.matthillccie.com/2008/05/20/narbik-day2/

Posted in OSPF, Routing & Switching Lab | Leave a Comment »

Narbik adv wb BGP lab 5 – route aggregation

Posted by Peter Kurdziel on February 26, 2009

Task 5

FYI, the question is truncated….

  1. r2 should aggregate all the networks in 3.1.0.0 address space………..
  2. Aggregation should be configured such that R1 in AS 100 is the only AS that receives the aggregate route, R3 and future peer neighbors should NOT receive the aggregate route.
  3. R1 should not use R3 if network 3.1.11.0/24 is down

1. r2 should aggregate all the networks in 3.1.0.0 address space………..

r2
router bgp 200
aggregate-address 3.1.0.0 255.255.240.0 summary-only as-set

Verification:
R1(config-if)#do sho ip bgp
BGP table version is 3, local router ID is 10.1.12.1
Status codes: s suppressed, d damped, h history, * valid, > best, i – internal,
r RIB-failure, S Stale
Origin codes: i – IGP, e – EGP, ? – incompleteNetwork          Next Hop            Metric LocPrf Weight Path
*> 2.2.2.0/24       10.1.12.2                0             0 200 i
*> 3.1.11.0/24      0.0.0.0                  0         32768 i

R1(config-if)#do sho ip bgp nei 10.1.12.2 route     <—————- this command shows me the routes I reeived and ACCEPTED.
BGP table version is 3, local router ID is 10.1.12.1
Status codes: s suppressed, d damped, h history, * valid, > best, i – internal,
r RIB-failure, S Stale
Origin codes: i – IGP, e – EGP, ? – incompleteNetwork          Next Hop            Metric LocPrf Weight Path
*> 2.2.2.0/24       10.1.12.2                0             0 200 i

R2(config-router)#do sho ip bgp
BGP table version is 87, local router ID is 2.2.3.2
Status codes: s suppressed, d damped, h history, * valid, > best, i – internal,
r RIB-failure, S Stale
Origin codes: i – IGP, e – EGP, ? – incompleteNetwork          Next Hop            Metric LocPrf Weight Path
*> 2.2.2.0/24       0.0.0.0                  0         32768 i
s> 3.1.0.0/24       10.1.23.3                0             0 300 i
*> 3.1.0.0/20 0.0.0.0                       100  32768 {300,100} i
s> 3.1.1.0/24       10.1.23.3                0             0 300 i
s> 3.1.2.0/24       10.1.23.3                0             0 300 i
s> 3.1.3.0/24       10.1.23.3                0             0 300 i
s> 3.1.4.0/24       10.1.23.3                0             0 300 i
s> 3.1.5.0/24       10.1.23.3                0             0 300 i
s> 3.1.6.0/24       10.1.23.3                0             0 300 i
s> 3.1.7.0/24       10.1.23.3                0             0 300 i
s> 3.1.8.0/24       10.1.23.3                0             0 300 i
s> 3.1.9.0/24       10.1.23.3                0             0 300 i
s> 3.1.10.0/24      10.1.23.3                0             0 300 i
s> 3.1.11.0/24      10.1.12.1                0             0 100 i
s> 3.1.12.0/24      10.1.23.3                0             0 300 i
s> 3.1.13.0/24      10.1.23.3                0             0 300 i
s> 3.1.14.0/24      10.1.23.3                0             0 300 i
Network          Next Hop            Metric LocPrf Weight Path
s> 3.1.15.0/24      10.1.23.3                0             0 300 i

R2(config-router)#do sho ip bgp nei 10.1.12.1 adver <———— this shows me what I am advertising to my peer.
BGP table version is 87, local router ID is 2.2.3.2
Status codes: s suppressed, d damped, h history, * valid, > best, i – internal,
r RIB-failure, S Stale
Origin codes: i – IGP, e – EGP, ? – incompleteNetwork          Next Hop            Metric LocPrf Weight Path
*> 2.2.2.0/24       0.0.0.0                  0         32768 i
*> 3.1.0.0/20       0.0.0.0                       100  32768

{300,100} i <————– {300,100} you see that because I added the as-set command

Total number of prefixes 2

R2(config-router)#do sho ip bgp nei 10.1.23.3 adver <———— this shows me what I am advertising to my peer.
BGP table version is 87, local router ID is 2.2.3.2
Status codes: s suppressed, d damped, h history, * valid, > best, i – internal,
r RIB-failure, S Stale
Origin codes: i – IGP, e – EGP, ? – incompleteNetwork          Next Hop            Metric LocPrf Weight Path
*> 2.2.2.0/24       0.0.0.0                  0         32768 i
*> 3.1.0.0/20       0.0.0.0                       100  32768

{300,100} i   <————– {300,100} you see that because I added the as-set command

R3(config-router)#do sho ip bgp
BGP table version is 17, local router ID is 3.1.15.3
Status codes: s suppressed, d damped, h history, * valid, > best, i – internal,
r RIB-failure, S Stale
Origin codes: i – IGP, e – EGP, ? – incompleteNetwork          Next Hop            Metric LocPrf Weight Path
*> 2.2.2.0/24       10.1.23.2                0             0 200 i
*> 3.1.0.0/24       0.0.0.0                  0         32768 i
*> 3.1.1.0/24       0.0.0.0                  0         32768 i
*> 3.1.2.0/24       0.0.0.0                  0         32768 i
*> 3.1.3.0/24       0.0.0.0                  0         32768 i
*> 3.1.4.0/24       0.0.0.0                  0         32768 i
*> 3.1.5.0/24       0.0.0.0                  0         32768 i
*> 3.1.6.0/24       0.0.0.0                  0         32768 i
*> 3.1.7.0/24       0.0.0.0                  0         32768 i
*> 3.1.8.0/24       0.0.0.0                  0         32768 i
*> 3.1.9.0/24       0.0.0.0                  0         32768 i
*> 3.1.10.0/24      0.0.0.0                  0         32768 i
*> 3.1.12.0/24      0.0.0.0                  0         32768 i
*> 3.1.13.0/24      0.0.0.0                  0         32768 i
*> 3.1.14.0/24      0.0.0.0                  0         32768 i
*> 3.1.15.0/24      0.0.0.0                  0         32768 i

R3(config-router)#do sho ip bgp nei 10.1.23.2 route     <—————- this command shows me the routes I received and ACCEPTED.
BGP table version is 17, local router ID is 3.1.15.3
Status codes: s suppressed, d damped, h history, * valid, > best, i – internal,
r RIB-failure, S Stale
Origin codes: i – IGP, e – EGP, ? – incompleteNetwork          Next Hop            Metric LocPrf Weight Path
*> 2.2.2.0/24       10.1.23.2                0             0 200 i

So looking at this R2 is advertising the aggregated route to R1 and R3 but they are not installing in the BGP table.
2. Aggregation should be configured such that R1 in AS 100 is the only AS that receives the aggregate route, R3 and future peer neighbors should NOT receive the aggregate route.
solution
r2
ip as-path access-list 1 per ^300$ <———— So with the as-path list /route-map we are telling the aggregate-address in what AS the routes originated. We do not have to worry about the aggregate route being advertised to AS 300 because it will dropped anyway due to loop avoidance because AS 300 will see that it came from AS 300.
route-map TST 10
match as-path 1
router bgp 200
aggregate-address 3.1.0.0 255.255.240.0 summary-only as-set advertise-map TST
Using the advertise-map keyword selects specific routes that will be used to build different components of the aggregate route, such as AS_SET or community. This form of the aggregate-address command is useful when the components of an aggregate are in separate autonomous systems and you want to create an aggregate with AS_SET, and advertise it back to some of the same autonomous systems. You must remember to omit the specific autonomous system numbers from the AS_SET to prevent the aggregate from being dropped by the BGP loop detection mechanism at the receiving router. IP access lists and autonomous system path access lists match clauses are supported.

R1(config-if)#do sho ip bgp
BGP table version is 6, local router ID is 10.1.12.1
Status codes: s suppressed, d damped, h history, * valid, > best, i – internal,
r RIB-failure, S Stale
Origin codes: i – IGP, e – EGP, ? – incomplete

Network          Next Hop            Metric LocPrf Weight Path
*> 2.2.2.0/24       10.1.12.2                0             0 200 i
*> 3.1.0.0/20       10.1.12.2                0             0 200 300 i
*> 3.1.11.0/24      0.0.0.0                  0         32768 i

3. R1 should not use R3 is network 3.1.11.0/24 is down
solution
R1
ip route 3.1.11.0 255.255.255.0 Null0   <——————- Admin distance = Connected (0) vs static route (1). so when the interface is up it is installed in the routing table.

Posted in BGP, Routing & Switching Lab | Leave a Comment »

Narbik adv wb BGP lab 4 – dampening

Posted by Peter Kurdziel on February 25, 2009

Narbik adv wb BGP lab 4 – dampening – completed.

All I really need to know is =

router bgp 1
bgp damp

sh ip bpg damp para

this will show me the default dampening parameters and I can manipulate any way I like with an ACL and route-map.

Posted in Routing & Switching Lab | Leave a Comment »

One of my classmate’s from Narbik’s Nov 2008 class passed the lab on Monday.

Posted by Peter Kurdziel on February 25, 2009

Yemisrach Girma


CCIE 23609

Here is how Yemi  prepared for his second attempt.

“> what made the difference this time … ? ….luck of getting a better exam was a big factor. It was not bad this time

> what’s the study strategy?  Went through Narbik’s material and the DOC cd after my last attempt.  The core stuff in Narbik’s material, I was checking it in the CD as well …not thoroughly though

> how did you squeeze in the time during weekdays?  B/n Dec 17 to mid Jan , i did not study.  Right after I took Narbik’s boot camp here in MD, I did not have a life.  My life was CCIE studying…

> Any additional preparation material … ?  Make sure to fully understand what is in the Narbik’s material.  And then do InternetworkExpert labs.  A must.

I did all the 20 labs for volume II and COD from InternetworkExpert before my last attempt.

I wish you all the best of luck.  Time to celebrate in style ………….”

Posted in Routing & Switching Lab | Leave a Comment »

VRF example – 6 hosts with the same IP address

Posted by Peter Kurdziel on February 25, 2009

connect-to-same-ip1
Solution =VRF/NAT

!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname NAT-TEST-ROUTER
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
!
no aaa new-model
!
resource policy
!
!
!
ip cef
!
!
ip vrf VRF1
rd 1:1
route-target export 1:1
route-target import 1:1
route-target import 10:10
!
ip vrf VRF10
rd 10:10
route-target export 10:10
route-target import 10:10
route-target import 1:1
route-target import 2:2
route-target import 3:3
route-target import 4:4
route-target import 5:5
route-target import 6:6
!
ip vrf VRF2
rd 2:2
route-target export 2:2
route-target import 2:2
route-target import 10:10
!
ip vrf VRF3
rd 3:3
route-target export 3:3
route-target import 3:3
route-target import 10:10
!
ip vrf VRF4
rd 4:4
route-target export 4:4
route-target import 4:4
route-target import 10:10
!
ip vrf VRF5
rd 5:5
route-target export 5:5
route-target import 5:5
route-target import 10:10
!
ip vrf VRF6
rd 6:6
route-target export 6:6
route-target import 6:6
route-target import 10:10
!
ip vrf forwarding
!
no ip domain lookup
ip domain name chisa.com
!
!
crypto pki trustpoint TP-self-signed-2960199964
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-2960199964
revocation-check none
rsakeypair TP-self-signed-2960199964
!
!
crypto pki certificate chain TP-self-signed-2960199964
certificate self-signed 01
30820253 308201BC A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 32393630 31393939 3634301E 170D3039 30323034 31343439
30375A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 39363031
39393936 3430819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100C57A 835DB165 EB23A94E 6704CC51 B87A796C D2643BE4 83B2B162 7657F83A
EA44CC69 18DA39DA 195AFE6E 956BE381 DCA8C6EB 8B9CDDBD DF47B116 9483B8E3
705E44CB CA42373E 5412E437 46ABB4E1 87D9697A EF00DD36 17790D96 52B6E1BE
8C17122C B40A5305 319B31CA BA6AAD31 4AA11740 C7D8E7EE 5EF9C522 8F1497E2
C8250203 010001A3 7B307930 0F060355 1D130101 FF040530 030101FF 30260603
551D1104 1F301D82 1B434849 53412D52 4F555445 522E796F 7572646F 6D61696E
2E636F6D 301F0603 551D2304 18301680 140C6267 13F34BBB CFDF83D5 CCAB421E
EC723A56 0A301D06 03551D0E 04160414 0C626713 F34BBBCF DF83D5CC AB421EEC
723A560A 300D0609 2A864886 F70D0101 04050003 81810006 92D997B2 895060AD
FDBC3A73 87E2F775 F65DB489 F4F0CD7A 0FFF2AA3 FF8BAA04 FC9A694E F00037CD
ED920B27 AA72B01C 5FD27A45 B3433A45 AADC70CB 57AA2C5D 525FD44D 48AB5950
FEED164A F4686EB8 F1349CFD BE0BD959 979A9554 ED64A068 D9C18D3A 36740378
6ED96248 5DE4170F 330EFE2D 72D2A4E5 4425AACE 9253EE
quit
username cisco privilege 15 secret 5 $1$PLG6$Qhx0p8TuAy0.g.94LFvc2.
!
!
!
!
!
!
interface Loopback1
ip vrf forwarding VRF1
ip address 172.30.1.10 255.255.255.0
!
interface Loopback2
ip vrf forwarding VRF2
ip address 172.30.2.10 255.255.255.0
!
interface Loopback3
ip vrf forwarding VRF3
ip address 172.30.3.10 255.255.255.0
!
interface Loopback4
ip vrf forwarding VRF4
ip address 172.30.4.10 255.255.255.0
!
interface Loopback5
ip vrf forwarding VRF5
ip address 172.30.5.10 255.255.255.0
!
interface Loopback6
ip vrf forwarding VRF6
ip address 172.30.6.10 255.255.255.0
!
interface Loopback10
ip address 172.30.100.10 255.255.255.255
!
interface FastEthernet0
no ip address
duplex auto
speed auto
!
interface FastEthernet1
ip vrf forwarding VRF10
ip address 172.30.100.1 255.255.255.0
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
!
interface FastEthernet2
shutdown
!
interface FastEthernet3
switchport access vlan 16
spanning-tree portfast
!
interface FastEthernet4
switchport access vlan 15
spanning-tree portfast
!
interface FastEthernet5
switchport access vlan 14
spanning-tree portfast
!
interface FastEthernet6
shutdown
!
interface FastEthernet7
switchport access vlan 13
spanning-tree portfast
!
interface FastEthernet8
switchport access vlan 12
spanning-tree portfast
!
interface FastEthernet9
switchport access vlan 11
spanning-tree portfast
!
interface Vlan1
no ip address
shutdown
!
interface Vlan11
ip vrf forwarding VRF1
ip address 192.168.1.11 255.255.255.0
ip nat inside
ip virtual-reassembly
!
interface Vlan12
ip vrf forwarding VRF2
ip address 192.168.1.12 255.255.255.0
ip nat inside
ip virtual-reassembly
!
interface Vlan13
ip vrf forwarding VRF3
ip address 192.168.1.13 255.255.255.0
ip nat inside
ip virtual-reassembly
!
interface Vlan14
ip vrf forwarding VRF4
ip address 192.168.1.14 255.255.255.0
ip nat inside
ip virtual-reassembly
!
interface Vlan15
ip vrf forwarding VRF5
ip address 192.168.1.15 255.255.255.0
ip nat inside
ip virtual-reassembly
!
interface Vlan16
ip vrf forwarding VRF6
ip address 192.168.1.16 255.255.255.0
ip nat inside
ip virtual-reassembly
!
interface Async1
no ip address
encapsulation slip
shutdown
!
router bgp 1
no synchronization
bgp router-id 172.30.100.10
bgp log-neighbor-changes
no auto-summary
!
address-family ipv4 vrf VRF6
no synchronization
network 172.30.6.0 mask 255.255.255.0
exit-address-family
!
address-family ipv4 vrf VRF5
no synchronization
network 172.30.5.0 mask 255.255.255.0
exit-address-family
!
address-family ipv4 vrf VRF4
no synchronization
network 172.30.4.0 mask 255.255.255.0
exit-address-family
!
address-family ipv4 vrf VRF3
no synchronization
network 172.30.3.0 mask 255.255.255.0
exit-address-family
!
address-family ipv4 vrf VRF2
no synchronization
network 172.30.2.0 mask 255.255.255.0
exit-address-family
!
address-family ipv4 vrf VRF10
redistribute connected
no synchronization
exit-address-family
!
address-family ipv4 vrf VRF1
no synchronization
network 172.30.1.0 mask 255.255.255.0
exit-address-family
!
!
!
no ip http server
ip http access-class 23
ip http authentication local
no ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source static 192.168.1.1 172.30.1.1 vrf VRF1
ip nat inside source static 192.168.1.1 172.30.2.1 vrf VRF2
ip nat inside source static 192.168.1.1 172.30.3.1 vrf VRF3
ip nat inside source static 192.168.1.1 172.30.4.1 vrf VRF4
ip nat inside source static 192.168.1.1 172.30.5.1 vrf VRF5
ip nat inside source static 192.168.1.1 172.30.6.1 vrf VRF6
!
!
!
!
!
!
!
control-plane
!

———————————————————————–
^C
!
line con 0
login local
line 1
modem InOut
stopbits 1
speed 115200
flowcontrol hardware
line aux 0
line vty 0 4
access-class 23 in
privilege level 15
login local
transport input telnet ssh
line vty 5 15
access-class 23 in
privilege level 15
login local
transport input telnet ssh
!
!
webvpn context Default_context
ssl authenticate verify all
!
no inservice
!
end

Posted in IP Services | Leave a Comment »

Narbik adv wb BGP lab 3 notes

Posted by Peter Kurdziel on February 24, 2009

TASK 7 & 9

If net 2.0.0.0 is up and it’s advertised to R1, R1 should take the

following actions:
-r1 should NOT advertise it’s network 1.0.0.0/8 to R3
-r1 should oNLY advertise network 2.0.0.0/8 to R3

However is net 2.0.0.0/8 is down then R1 should take the following

actions:
-R1 should advertise network 1.0.0.0/8 to R3
-R1 should remove network 2.0.0.0/8 from it’s BGP table.

to conditionally advertise we can use the following

commands:
advertise-map
non-exist-map
exist-map.

r1
access-list 1 permit 1.0.0.0 0.255.255.255
access-list 2 permit 2.0.0.0 0.255.255.255
route-map ADV per 10
match ip add 1
route-map NotThere per 10
match ip add 2

router bgp 100
neighbor 10.1.13.3 advertise-map ADV non-exist-map NotThere

advertise-map map-name
Specifies the name of the route map that will be advertised if the conditions of the exist map or nonexist map are met.

exist-map map-name
Specifies the name of the route map that will be compared to the advertise map. If the condition is met and a match occurs between the advertise map and exist map, the route will be advertised. If no match occurs, then the condition is not met, and the route iswithdrawn.

non-exist-map map-name
Specifies the name of the route map that will be compared to the advertise map. If the condition is met and no match occurs, the route will be advertised. If a match occurs, then the condition is not met, and the route is withdrawn.

note: the advertise-map specifies the name of the route-map that will be advertised if the condition of the non-exsit-map is met.

neighbor 10.1.13.3 advertise-map ADV(match 1.0.0.0) non-exist-map

NotThere (match 2.0.0.0)

so bgp will advertise 1.0.0.0 if 2.0.0.0 is not there. But if the 2.0.0.0 is there then it will not advertise the 1.0.0.0 prefix.

note: the non-exist-map specifies the route-map that will be compared to the advertise-map. If the condition is met then the route will be advertised. If a match occurs then the condition is NOT met and the route will be withdrawn.

neighbor 10.1.13.3 advertise-map ADV(match 1.0.0.0) non-exist-map

NotThere (match 2.0.0.0)

so because 2.0.0.0 is there when the non-exist-map looks to match the

2.0.0.0 prefix then the 1.0.0.0 prefix is not advertised

sho ip bgp nei 10.1.13.3 advertised-routes

————————————————————-

1- if both 1.0.0.0 & 2.0.0.0 are up then both networks should be

advertised to R3.
2-if net 1.0.0.0 is down, R1 should NOT advertise net 2.0.0.0 to R3
3-if net 2.0.0.0 is down, then R1 should only advertise 1.0.0.0 to R3

access-list 1 per 1.0.0.0 0.255.255.255
access-list 2 per 2.0.0.0 0.255.255.255

route-map ADV per 10
match ip add 2.0.0.0
route-map EXIST per 10
match ip add 1.0.0.0

router bgp 100
neig 10.1.13.3 advertise-map ADV (2.0.0.0) exist-map EXIST (1.0.0.0)

so if the exist-map matches the prefix’s in EXIST (1.0.0.0) and in the advertise-map ADV (2.0.0.0) then the prefix is advertised.

to test condition #1
sh ip bgp nei 10.1.13.3 advertised-routes

BGP table version is 20, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i -

internal,
r RIB-failure, S Stale
Origin codes: i – IGP, e – EGP, ? – incomplete

Network          Next Hop            Metric LocPrf Weight Path
*> 1.0.0.0          0.0.0.0                  0         32768 i
*> 2.0.0.0          10.1.12.2                0             0 200 i

note: since EXIST and ADV both match the prefix’s in the bgp table both networks are advertised. So since 1.0.0.0 exists both 1.0.0.0

and 2.0.0.0 will be advertised. to test conditon #2 – so if 1.0.0.0 is down it should not advertise 2.0.0.0

r1
int lo0
shut

sh ip bgp nei 10.1.13.3 advertised-routes
Total number of prefixes 0

note:since the exist-map did not match EXIST (because 1.0.0.0 is down and hte prefix is not in the bgp table) the EXIST prefix and ADV prefix is not advertised.

to test condition #3 – if 2.0.0.0 is down it should advertise 1.0.0.0
sho ip bgp nei 10.1.13.3 adver
BGP table version is 21, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i -

internal,
r RIB-failure, S Stale
Origin codes: i – IGP, e – EGP, ? – incomplete

Network          Next Hop            Metric LocPrf Weight Path
*> 1.0.0.0          0.0.0.0                  0         32768 i

Total number of prefixes 1

note: since the advertise-map (2.0.0.0 is down) did not match ADV 2.0.0.0 was not advertised.

————————————————

neig 10.1.13.3 advertise-map ADV (2.0.0.0) exist-map EXIST (1.0.0.0)

if 1.0.0.0 prefix esists advertsise both 1.0.0.0 & 2.0.0.0.
if 1.0.0.0 does not exist do not advertise anything.
if 1.0.0.0 exists but 2.0.0.0 does not exist advertise 1.0.0.0.

neighbor 10.1.13.3 advertise-map ADV(match 1.0.0.0) non-exist-map

NotThere (match 2.0.0.0)

if 2.0.0.0 does not exist advertise 1.0.0.0
if 2.0.0.0 does exist 2.0.0.0 will be advertised and ADV 1.0.0.0

will not be advertised. The point of a non-exist-map is that there should be no match and if there is a match then the advertise-map is not advertised even if the prefix is in the bgp table. so bgp will advertise 1.0.0.0 if 2.0.0.0 is not there. But if the 2.0.0.0 is there then it will not advertise the 1.0.0.0 prefix

clear ip bgp *  for the changes to take effect.

This is pretty easy if you don’t get confused  by the question. Using route-map names that make sense also help tremendously ;)

Posted in BGP, Routing & Switching Lab | Leave a Comment »

Completed Narbik’s advanced wb BGP lab 2 – route reflectors

Posted by Peter Kurdziel on February 24, 2009

Completed Narbik’s advanced wb BGP lab 2 – route reflectors.

Posted in BGP, Routing & Switching Lab | Leave a Comment »

Today I read Sam Halabi’s BGP4 Case Studies/Tutorial

Posted by Peter Kurdziel on February 23, 2009

Today I read Sam Halabi’s BGP4 Case Studies/Tutorial. I really enjoyed reading this 100 page document.  Sam provided a good example for each topic.

Some things  to remember:

BGP back door – manipultes  the IGP admin distance to prefer the IGP vs EBGP.

BGP load balancing = 1. loopbacks 2. maximum path command

as-set – append  to prevent advertising the atomic aggregate. This forces the router to generatepath information in the form of a set {}.

weight = local to the router – set on updates coming into the router – higher is preferred

routerc

router bgp 100
nei 1.1.1.1 remote-as 100
nei 1.1.1.1 weight 200 ( the route to routera will have a router of 200)

or

routerc

router bgp 100
nei 1.1.1.1 remote-as 100
nei 1.1.1.1 route-map SETWEIGHTIN in
ip as-path access-list 1 per ^100$
route-map SETWEIGHTIN per 10
match as-path 1
set weight 200

local-preference - local to the AS – set on updates out of the router – higher is preferred

eg..

router bgp 111
nei 11.1.1.1 remote-as 100
nei 11.1.1.1 route-map SETLOCPREF in
ip as-path access-list 1 per ^111$
route-map SETLOCPREF per 10
match as-path 1
set local-pref 200

MED – a hint to external neighbors about the preferred path into a network – exchanged between AS’s – lower is preferred – BGP ALWAYS-COMPARE-MED is needed for a router to compare MED’s from a DIFFERENT AS.

eg..

router bgp 44
nei 4.4.4.4 remote-as 100
nei 4.4.4.4 route-map SETMED out
route-map SETMED per 10
set metric 50
or
router bgp 44
redist static
default-metric 50
ip route 10.0.0.0 255.0.0.0 null 0
AS_path – a shorter as_path is preferred -
router bgp 55
nei 5.5.5.5 remote-as 100
nei 5.5.5.5 route-map SETASPATH out
route-map SETASPATH per 10
set as-path 55 55 55 55
From my earlier post:

BGP path manipulation

BGP path manipulation

Why laugh at me?

Method Direction Applied Direction Affected Best Metric
Weight Inbound Outbound Highest
Local Preference Inbound Outbound Highest
AS Path Outbound Inbound Shortest
MED (metric) Outbound Inbound Lowest
BGP COMMUNITY
no-export – do not advertise to EBGP peers, only IBGP peers
no-advertise – do not advertise to any peer
internet – advertise to everyone
local-as – used in confederations to prevent transmitting packets outside the local AS.
This looks like an updated cases studies doc http://www.cisco.com/application/pdf/paws/26634/bgp-toc.pdf I’ll read this next.

Posted in BGP, Routing & Switching Lab | Leave a Comment »

Cisco games

Posted by Peter Kurdziel on February 20, 2009

https://cisco.hosted.jivesoftware.com/community/connections/games?view=overview

Posted in Routing & Switching Lab | Leave a Comment »

I am working on Narbiks advanced workbook – BGP

Posted by Peter Kurdziel on February 16, 2009

I am working on Narbiks advanced workbook – BGP.

Narbik is in NYC this week.  Maybe I’ll stop by to hang out for a little bit.

Posted in Routing & Switching Lab | Leave a Comment »

« Previous Entries
 
Follow

Get every new post delivered to your Inbox.