Pages

network cisco ccna gns3 certification arteq

network cisco ccna gns3 certification arteq
a network runs through it

Search insearchofthecert

Monday, August 27, 2012

bgp lab 6-3... again... begin...




isp#sh run | beg router
router bgp 200
 bgp log-neighbor-changes
 network 192.168.100.0
 neighbor 192.168.1.2 remote-as 64512
 neighbor 192.168.1.6 remote-as 64512

sj1#sh run | beg router            
router eigrp 64512
 network 172.16.0.0
!
router bgp 64512
 bgp log-neighbor-changes
 network 172.16.0.0
 neighbor 172.16.32.1 remote-as 64512
 neighbor 172.16.32.1 update-source Loopback0
 neighbor 192.168.1.5 remote-as 200

ip route 172.16.0.0 255.255.0.0 Null0

sj2#sh run | beg router
router eigrp 64512
 network 172.16.0.0
!
router bgp 64512
 bgp log-neighbor-changes
 network 172.16.0.0
 neighbor 172.16.64.1 remote-as 64512
 neighbor 172.16.64.1 update-source Loopback0
 neighbor 192.168.1.1 remote-as 200
!
ip route 172.16.0.0 255.255.0.0 Null0

isp#sh ip bgp
BGP table version is 3, local router ID is 192.168.100.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
              x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

     Network          Next Hop            Metric LocPrf Weight Path
 *   172.16.0.0       192.168.1.2              0             0 64512 i
 *>                   192.168.1.6              0             0 64512 i
 *>  192.168.100.0    0.0.0.0                  0         32768 i
isp#clear ip bgp *
isp#
*Aug 27 07:25:20: %BGP-5-ADJCHANGE: neighbor 192.168.1.2 Down User reset

isp#sh ip bgp
BGP table version is 3, local router ID is 192.168.100.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
              x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

     Network          Next Hop            Metric LocPrf Weight Path
 *   172.16.0.0       192.168.1.6              0             0 64512 i
 *>                   192.168.1.2              0             0 64512 i
 *>  192.168.100.0    0.0.0.0                  0         32768 i

the best path changed because sj1 was set up first, then sj2, then bgp was cleared to enforce  the better router id, which for bgp is the lower rid...

isp#sh ip bgp neigh | inc BGP
BGP neighbor is 192.168.1.2,  remote AS 64512, external link
  BGP version 4, remote router ID 172.16.32.1
  BGP state = Established, up for 00:07:44
  BGP table version 3, neighbor version 3/0
BGP neighbor is 192.168.1.6,  remote AS 64512, external link
  BGP version 4, remote router ID 172.16.64.1
  BGP state = Established, up for 00:07:44
  BGP table version 3, neighbor version 3/0

all of which i mentioned in the earlier post of the same lab, which i now mention again because the theme of today is...  AGAIN

i'm on vacation this week... and this is my vacation... this is it... and i am very happy about it because nobody can bother me... not even you...

so i've now saved the configs up to this point,  which i didn't do yesterday... i had saved only up to the topology and interface configuration... i had to rebuild the eigrp and bgp shit...  was i angry? no... why? because i had to build bgp AGAIN and that is good... and i am on vacation... double plus good... bgp and i have come to an agreement... i configure it, and it exhibits expected behaviors... BECAUSE I SAID SO...

router bgp 200
netw 192.168.1.0 mask 255.255.255.252
netw 192.168.1.4 mask 255.255.255.252

isp#sh ip bgp
BGP table version is 5, local router ID is 192.168.100.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
              x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

     Network          Next Hop            Metric LocPrf Weight Path
 *   172.16.0.0       192.168.1.6              0             0 64512 i
 *>                   192.168.1.2              0             0 64512 i
 *>  192.168.1.0/30   0.0.0.0                  0         32768 i
 *>  192.168.1.4/30   0.0.0.0                  0         32768 i
 *>  192.168.100.0    0.0.0.0                  0         32768 i

bgp now advertises the internal links... this is important for igp type folks because... WE LIKE TO PING EVERYTHING...

sj2#sh ip route | excl L | incl loop
     
Gateway of last resort is not set

      172.16.0.0/16 is variably subnetted, 6 subnets, 3 masks
S        172.16.0.0/16 is directly connected, Null0
C        172.16.1.0/24 is directly connected, Serial1/0
C        172.16.32.0/24 is directly connected, Loopback0
D        172.16.64.0/24 [90/2297856] via 172.16.1.1, 01:19:26, Serial1/0
      192.168.1.0/24 is variably subnetted, 3 subnets, 2 masks
C        192.168.1.0/30 is directly connected, Serial1/3
B        192.168.1.4/30 [20/0] via 192.168.1.1, 00:07:32
B     192.168.100.0/24 [20/0] via 192.168.1.1, 00:45:17

self love...

for an explanation on this, go to this disaster...

http://insearchofthecert.blogspot.com/2012/08/bgp-6-3-cont-again.html

sj2#sh ip bgp
BGP table version is 8, local router ID is 172.16.32.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
              x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

     Network          Next Hop            Metric LocPrf Weight Path
 *>  172.16.0.0       0.0.0.0                  0         32768 i
 * i                  172.16.64.1              0    100      0 i
 r i 192.168.1.0/30   192.168.1.5              0    100      0 200 i
 r>                   192.168.1.1              0             0 200 i
 * i 192.168.1.4/30   192.168.1.5              0    100      0 200 i
 *>                   192.168.1.1              0             0 200 i
 * i 192.168.100.0    192.168.1.5              0    100      0 200 i
 *>                   192.168.1.1              0             0 200 i

notice the one's are best...

those friggin r's... i defer to ivan the terrible below...
http://blog.ioshints.info/2007/12/what-is-bgp-rib-failure.html

The RIB failure feature was introduced in IOS release 12.2T; prior to that, the BGP routes with higher administrative distance than other route sources were silently ignored (similar to all other routing protocols).

You can display BGP routes that are not inserted in the IP routing table with the show ip bgp rib-failure command, which also explains why the BGP route was not inserted in the IP routing table.

The BGP routes that are not used due to higher administrative distance are still advertised to all BGP peers (contrary to what most other distance-vector routing protocols do), unless you configure bgp suppress-inactive (introducted in 12.2T and 12.0(26)S).

on sj1

router bgp 64512
neighb 172.16.32.1 next-hop-self

on sj2

router bgp 54512
neigh 1172.16.64.1 next-hop-self


                                               i love next hop self...

prefer the link outbound from the sj's to use the link from sj2 to isp...

on sj1

route-map bad_link permit
set local-preference 125
exit
router bgp 64512
neighbor 192.168.1.5 route-map bad_link in

on sj2 use

route-map good_link permit
set local-preference 150
exit
router bgp 64512
neig 192.168.1.1 route-map good_link in
                                                   
reset soft or hard depending on your local preference...

note  sj1 goes through sj2 to get to lo0 of isp

sj1#trace 192.168.100.1
Type escape sequence to abort.
Tracing the route to 192.168.100.1
VRF info: (vrf in name/id, vrf out name/id)
  1 172.16.1.2 4 msec 32 msec 4 msec
  2 192.168.1.1 [AS 200] 8 msec 20 msec *


check the path another way using extended ping from sj1 target 192.168.100.1 source 172.16.64.1 and select record...

Reply to request 0 (8 ms).  Received packet has options
 Total option bytes= 40, padded length=40
 Record route:
   (172.16.1.1)
   (192.168.1.2)
   (192.168.1.1)
   (192.168.1.5)
   (192.168.1.6) <*>
   (0.0.0.0)
   (0.0.0.0)
   (0.0.0.0)
   (0.0.0.0)
 End of list

and with record you'll note that it returns via 192.168.1.5 and .6... but you don't want that... you want it to come back the same way, because i told you that's what you wanted, that's why...

to remedy that we'll use multi-exit discriminator... it means what it says, discriminate between more than one exit...


on sj1

route-map bad_reply permit
set metric 75
exit
router bgp 64512
neighbor 192.168.1.5 route-map bad_reply out

on sj2

route-map good_reply permit
set local-preference 50

exit
router bgp 64512
neig 192.168.1.1 route-map good_reply out

now that's some awesome shit, man...
follow the path with record from sj1...

Reply to request 0 (16 ms).  Received packet has options
 Total option bytes= 40, padded length=40
 Record route:
   (172.16.1.1)
   (192.168.1.2)
   (192.168.1.1)
   (192.168.1.1)
   (172.16.1.2)
   (172.16.1.1) <*>
   (0.0.0.0)
   (0.0.0.0)
   (0.0.0.0)
 End of list

sj1(172.16.1.1) --> sj2 (192.168.1.2) --> isp (192.168.1.1)
and it reverses the path back just like i told you you wanted it to...

local-pref prefers higher and med prefers the lower value...

a default-network for each customer router could be applied to adjust for changes in the network... the guidance is that a default-network is useful for remotely learned classful networks only... default-originate to each neighbor from the isp is the better choice...

neighbor 192.168.1.2 default-originate
neighbor 192.168.1.6 default-originate

sj1#sh ip bgp
BGP table version is 10, local router ID is 172.16.64.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
              x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

     Network          Next Hop            Metric LocPrf Weight Path
 *>i 0.0.0.0          172.16.32.1              0    150      0 200 i
 *                    192.168.1.5                   125      0 200 i
 * i 172.16.0.0       172.16.32.1              0    100      0 i
 *>                   0.0.0.0                  0         32768 i
 *>i 192.168.1.0/30   172.16.32.1              0    150      0 200 i
 *                    192.168.1.5              0    125      0 200 i
 r>i 192.168.1.4/30   172.16.32.1              0    150      0 200 i
 r                    192.168.1.5              0    125      0 200 i
 *>i 192.168.100.0    172.16.32.1              0    150      0 200 i
 *                    192.168.1.5              0    125      0 200 i

sj2# sh ip route | excl L | inc loop
   
Gateway of last resort is 192.168.1.1 to network 0.0.0.0

B*    0.0.0.0/0 [20/0] via 192.168.1.1, 00:04:23
      172.16.0.0/16 is variably subnetted, 6 subnets, 3 masks
S        172.16.0.0/16 is directly connected, Null0
C        172.16.1.0/24 is directly connected, Serial1/0
C        172.16.32.0/24 is directly connected, Loopback0
D        172.16.64.0/24 [90/2297856] via 172.16.1.1, 06:51:18, Serial1/0
      192.168.1.0/24 is variably subnetted, 3 subnets, 2 masks
C        192.168.1.0/30 is directly connected, Serial1/3
B        192.168.1.4/30 [20/0] via 192.168.1.1, 00:04:23
B     192.168.100.0/24 [20/0] via 192.168.1.1, 00:04:23

this was a very painful, but very important lab... i saved only up to the beginning of the bgp configuration because i will do it...

AGAIN... another day... now back to your originally scheduled programming... this has been a test of the emergency....

No comments:

Post a Comment