Multilayer Switching- Routed Ports

In this lab I will configured a multilayer switch port to be a routed port. On the router I configured an ip address that goes is directly connected to the l3 switch.

Router#config t
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)#int fa 0/1
Router(config-if)#ip add 210.1.1.1 255.255.255.0

On the l3 switch I configured an SVI for vlan 11 and 33.

Switch(config)#ip routing
Switch(config)#int vlan 11
Switch(config-if)#ip add 201.1.1.254 255.255.255.0

Switch(config)#int fa 0/2
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 11

%LINK-5-CHANGED: Interface Vlan11, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan11, changed state to up
% Access VLAN does not exist. Creating vlan 11

Switch(config-if)#int vlan 33
Switch(config-if)#ip add 30.1.1.254 255.255.255.0
Switch(config-if)#int fa 0/3
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 33

%LINK-5-CHANGED: Interface Vlan33, changed state to up

For the port directly connected to the router I turn off layer2 switching with the no switch port command and then assign an ip address to the interface just like I would a router.

Switch(config)#int fa 0/1
Switch(config-if)#no switchport

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up

Switch(config-if)#ip add 210.1.1.2 255.255.255.0

I confirmed connectivity with the router by pinging its interface.

Switch#ping 210.1.1.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 210.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 2

From the host I can ping the switch routed interface but not the router's. The reason for this is that the router doesn't know how to get to those VLANs.

PC>ping 210.1.1.2

Pinging 210.1.1.2 with 32 bytes of data:

Reply from 210.1.1.2: bytes=32 time=27ms TTL=255
Reply from 210.1.1.2: bytes=32 time=4ms TTL=255
Reply from 210.1.1.2: bytes=32 time=4ms TTL=255
Reply from 210.1.1.2: bytes=32 time=3ms TTL=255

Ping statistics for 210.1.1.2:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 3ms, Maximum = 27ms, Average = 9ms

PC>ping 210.1.1.1

Pinging 210.1.1.1 with 32 bytes of data:

Request timed out.
Request timed out.
Request timed out.
Request timed out.

Ping statistics for 210.1.1.1:
    Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

Router has no entries for 20.1.1.0 or 30.1.1.0 networks, a dynamic protocol can be used to solve this problem or static routes.

Router#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
       i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
       * - candidate default, U - per-user static route, o - ODR
       P - periodic downloaded static route

Gateway of last resort is not set

C    210.1.1.0/24 is directly connected, FastEthernet0/0

I configured EIGRP on both the router and the l3 switch so that they can exchange routing tables.

Router(config)#router eigrp 100
Router(config-router)#no auto-summary
Router(config-router)#network 210.1.1.0 0.0.0.255



Switch#config t
Enter configuration commands, one per line.  End with CNTL/Z.
Switch(config)#router eigrp 100
Switch(config-router)#no auto
Switch(config-router)#network 210.1.1.0 0.0.0.255
Switch(config-router)#
%DUAL-5-NBRCHANGE: IP-EIGRP 100: Neighbor 210.1.1.1 (FastEthernet0/1) is up: new adjacency

Switch(config-router)# network 20.1.1.0 0.0.0.255
Switch(config-router)# network 30.1.1.0 0.0.0.255


The router now knows how to reach all networks in this topology.

Router#show ip route eigrp
     20.0.0.0/24 is subnetted, 1 subnets
D       20.1.1.0 [90/25628160] via 210.1.1.2, 00:00:34, FastEthernet0/0
     30.0.0.0/24 is subnetted, 1 subnets
D       30.1.1.0 [90/25628160] via 210.1.1.2, 00:02:28, FastEthern

The ping is successful from the host now.

PC>ping 210.1.1.1

Pinging 210.1.1.1 with 32 bytes of data:

Reply from 210.1.1.1: bytes=32 time=9ms TTL=254
Reply from 210.1.1.1: bytes=32 time=11ms TTL=254
Reply from 210.1.1.1: bytes=32 time=8ms TTL=254
Reply from 210.1.1.1: bytes=32 time=9ms TTL=254

Ping statistics for 210.1.1.1:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 8ms, Maximum = 11ms, Average = 9ms

Multilayer Switching- SVIs

In this lab I created two switch virtual interfaces (SVIs) on int vlan 10 and vlan 192. I assigned fa0/1 with vlan access 10 and fa0/2 with clan access 192.

Switch#config t
Switch(config)#int vlan 10
Switch(config-if)#
%LINK-5-CHANGED: Interface Vlan10, changed state to up

Switch(config-if)#ip add 10.1.1.1 255.255.255.0
Switch(config-if)#exit
Switch(config)#int vlan 192
Switch(config-if)#ip add 192.168.1.1 255.255.255.0


Switch(config)#int fa 0/1
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 10


Switch(config-if)#int fa 0/2
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 192

Here I tested that the switch could see the hosts which were configured according to the diagram and with the SVI as the default gateway.


Switch#ping 10.1.1.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.1.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 3/5/7 ms

Switch#ping 192.168.1.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms

Next I tried to ping from host 10.1.1.2 to host 192.168.1.2 but it failed. The reason it did was because my default ip routing is disabled on multilayer switches.

PC>ping 192.168.1.2

Pinging 192.168.1.2 with 32 bytes of data:

Request timed out.
Request timed out.
Request timed out.
Request timed out.

Ping statistics for 192.168.1.2:
    Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

Here I enabled ip routing and verified with show ip route that connected route when in the routing table.


Switch#config t
Enter configuration commands, one per line.  End with CNTL/Z.
Switch(config)#ip routing
Switch(config)#do show run
Building configuration...

Current configuration : 1295 bytes
!
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname Switch
!
!
!
!
!
ip routing
!
!

Switch#show ip route

Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP

       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

       E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP

       i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area

       * - candidate default, U - per-user static route, o - ODR

       P - periodic downloaded static route

Gateway of last resort is not set

     10.0.0.0/24 is subnetted, 1 subnets

C       10.1.1.0 is directly connected, Vlan10

C    192.168.1.0/24 is directly connected, Vlan192

Now the ping is successful once routing was enabled.


PC>ping 192.168.1.2

Pinging 192.168.1.2 with 32 bytes of data:

Reply from 192.168.1.2: bytes=32 time=5ms TTL=127
Reply from 192.168.1.2: bytes=32 time=5ms TTL=127
Reply from 192.168.1.2: bytes=32 time=10ms TTL=127
Reply from 192.168.1.2: bytes=32 time=7ms TTL=127

Ping statistics for 192.168.1.2:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 5ms, Maximum = 10ms, Average = 6ms

Configuring EtherChannel (PAgP, LACP)

No trunks are currently set between DLS1 and any other switch, I will setup port 7 through 12 to trunk and do the same for the rest of the switches.

DLS1#show int trunk
DLS1#
DLS1#config t
Enter configuration commands, one per line.  End with CNTL/Z.
DLS1(config)#int range fast 0/7- 12

DLS1(config-if-range)#switchport trunk encap dot1q
DLS1(config-if-range)#switchport mode trunk


DLS2  ports directly connected to DLS1 became trunks after I setup DLS1 port 0/11 ,0/12 to trunk because DLS2 ports are in dynamic auto by default.

DLS2#show int trunk
Port        Mode         Encapsulation  Status        Native vlan
Fa0/11      auto         n-802.1q       trunking      1
Fa0/12      auto         n-802.1q       trunking      1

Port        Vlans allowed on trunk
Fa0/11      1-1005
Fa0/12      1-1005

Port        Vlans allowed and active in management domain
Fa0/11      1
Fa0/12      1

Port        Vlans in spanning tree forwarding state and not pruned
Fa0/11      1
Fa0/12      1



DLS2#show interfaces fastEthernet 0/11 switchport
Name: Fa0/11
Switchport: Enabled
Administrative Mode: dynamic auto


..............................................


DLS2(config)#int range fastEthernet 0/7- 12
DLS2(config-if-range)#switchport trunk encap dot1q
DLS2(config-if-range)#switchport mode trunk

I like to make them trunk manually. 

On ALS1 we have the same story dynamic auto is on and once I changed DLS1 to trunk interfaces they dynamically became trunks.

ALS1# show int fast 0/7 switchport 

Name: Fa0/7

Switchport: Enabled

Administrative Mode: dynamic auto

Operational Mode: trunk

ALS1#show int trunk

Port        Mode         Encapsulation  Status        Native vlan

Fa0/7       auto         n-802.1q       trunking      1

Fa0/8       auto         n-802.1q       trunking      1

Fa0/9       auto         n-802.1q       trunking      1

Fa0/10      auto         n-802.1q       trunking      1

Port        Vlans allowed on trunk

Fa0/7       1-1005

Fa0/8       1-1005

Fa0/9       1-1005

Fa0/10      1-1005

Port        Vlans allowed and active in management domain

Fa0/7       1,100,110,120

Fa0/8       1,100,110,120

Fa0/9       1,100,110,120

Fa0/10      1,100,110,120

Port        Vlans in spanning tree forwarding state and not pruned

Fa0/7       100,110,120

Fa0/8       100,110,120

Fa0/9       1,100,110,120

Fa0/10      100,110,120

Ports 0/11 and Port 0/12 aren't trunks because connections with ALS1 and ALS2 are both setup as dynamic auto. ALS1 and ALS2 IOS only supports dot1q so encapsulation doesn't need to be specified.

ALS1(config)#int range fast 0/7- 12

ALS1(config-if-range)#switch mode trunk

ALS2(config)#int range fast 0/7- 12

ALS2(config-if-range)#switch mode trunk

I want to create an etherchannel with ALS1 and ALS2 using Cisco's PAgP. There are some rules I must follow before I combine ports into an etherchannel. They must be the same type of port (trunk,port) , same duplex, same speed , same allowed VLANs and native VLAN.  Here both 11 and 12 are trunks with the same port and VLAN settings.

ALS1(config)#int range fast 0/11- 12

ALS1(config-if-range)#channel-group 1 mode desirable 

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/11, changed state to down

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/11, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/12, changed state to down

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/12, changed state to up

ALS2(config)#int range fast 0/11- 12

ALS2(config-if-range)#channel-group 1 mode desirable 

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/11, changed state to down

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/11, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/12, changed state to down

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/12, changed state to up

ALS2(config-if-range)#

%LINK-5-CHANGED: Interface Port-channel 1, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface Port-channel 1, changed state to up

The etherchannel is now a logical interface named po1.

ALS1(config)#int port-channel 1

ALS1(config-if)#switchport mode trunk

ALS2(config)#int po1

ALS2(config-if)#switchport mode trunk

ALS1#show int trunk

Port        Mode         Encapsulation  Status        Native vlan

Fa0/7       on           802.1q         trunking      1

Fa0/8       on           802.1q         trunking      1

Fa0/9       on           802.1q         trunking      1

Fa0/10      on           802.1q         trunking      1

Fa0/11      on           802.1q         trunking      1

Fa0/12      on           802.1q         trunking      1

Po1         on           802.1q         trunking      1

To make sure the etherchannel is up and running , I run the show etherchannel summary command. I can see the ports are layer 2 and in use with PAgP and that 11 and 12 are in the bundle. 

ALS1#show etherchannel summary 

Flags:  D - down        P - in port-channel

        I - stand-alone s - suspended

        H - Hot-standby (LACP only)

        R - Layer3      S - Layer2

        U - in use      f - failed to allocate aggregator

        u - unsuitable for bundling

        w - waiting to be aggregated

        d - default port

Number of channel-groups in use: 1

Number of aggregators:           1

Group  Port-channel  Protocol    Ports

------+-------------+-----------+----------------------------------------------

1      Po1(SU)           PAgP   Fa0/11(P) Fa0/12(P) 

ALS1# 

Now I want to create a LACP etherchannel on ports 7 &8 at ALS1 and DLS1.

ALS1(config)#int range fast 0/7- 8

ALS1(config-if-range)#channel-group 2 mode ?

  active     Enable LACP unconditionally

  auto       Enable PAgP only if a PAgP device is detected

  desirable  Enable PAgP unconditionally

  on         Enable Etherchannel only

  passive    Enable LACP only if a LACP device is detected

ALS1(config-if-range)#channel-group 2 mode active

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/7, changed state to down

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/7, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/8, changed state to down

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/8, changed state to up

ALS1(config-if-range)#

DLS1(config)#int range fast 0/7- 8

DLS1(config-if-range)#channel-group 2 mode active

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/7, changed state to down

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/7, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/8, changed state to down

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/8, changed state to up

DLS1(config-if-range)#

%LINK-5-CHANGED: Interface Port-channel 2, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface Port-channel 2, changed state to up

ALS1(config)#int po2

ALS1(config-if)#switchport mode trunk

DLS1(config)#int po2

DLS1(config-if)#switchport mode trunk

ALS1#show int trunk

Port        Mode         Encapsulation  Status        Native vlan

Fa0/7       on           802.1q         trunking      1

Fa0/8       on           802.1q         trunking      1

Fa0/9       on           802.1q         trunking      1

Fa0/10      on           802.1q         trunking      1

Fa0/11      on           802.1q         trunking      1

Fa0/12      on           802.1q         trunking      1

Po1         on           802.1q         trunking      1

Po2         on           802.1q         trunking      1

ALS1#show etherchannel summary 

Flags:  D - down        P - in port-channel

        I - stand-alone s - suspended

        H - Hot-standby (LACP only)

        R - Layer3      S - Layer2

        U - in use      f - failed to allocate aggregator

        u - unsuitable for bundling

        w - waiting to be aggregated

        d - default port

Number of channel-groups in use: 2

Number of aggregators:           2

Group  Port-channel  Protocol    Ports

------+-------------+-----------+----------------------------------------------

1      Po1(SU)           PAgP   Fa0/11(P) Fa0/12(P) 

2      Po2(SU)           LACP   Fa0/7(P) Fa0/8(P) 

Static VLAN, VLAN Trunking, VLAN VTP Modes

Initial switch configuration

Switch(config)#hostname ALS1
ALS1(config)#int vlan 1
ALS1(config-if)#ip add 10.1.1.103 255.255.255.0
ALS1(config-if)#no shut


Switch(config)#hostname ALS2
ALS2(config)#int vlan 1
ALS2(config-if)#ip add 10.1.1.104 255.255.255.0
ALS2(config-if)#no shut

Switch(config)#hostname DLS1

 DLS1(config)#int vlan 1
 DLS1(config-if)#ip add 10.1.1.101 255.255.255.0
 DLS1(config-if)#no shut

Switch(config)#hostname DLS2
DLS2(config)#int vlan 1
DLS2(config-if)#ip add 10.1.1.102 255.255.255.0
DLS2(config-if)#no shut




I will configure DLS1 as a vtp server and ALS1 as a VTP client using vtp domain SWLAB


DLS1#
DLS1#show vtp status
VTP Version                     : 2
Configuration Revision          : 0
Maximum VLANs supported locally : 1005
Number of existing VLANs        : 5
VTP Operating Mode              : Server
VTP Domain Name                 :
VTP Pruning Mode                : Disabled
VTP V2 Mode                     : Disabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0x7D 0x5A 0xA6 0x0E 0x9A 0x72 0xA0 0x3A
Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00
Local updater ID is 10.1.1.101 on interface Vl1 (lowest numbered VLAN interface found)
DLS1#config t
Enter configuration commands, one per line.  End with CNTL/Z.
DLS1(config)#vtp domain SWLAB
Changing VTP domain name from NULL to SWLAB
DLS1(config)#do show vtp status
VTP Version                     : 2
Configuration Revision          : 0
Maximum VLANs supported locally : 1005
Number of existing VLANs        : 5
VTP Operating Mode              : Server
VTP Domain Name                 : SWLAB
VTP Pruning Mode                : Disabled
VTP V2 Mode                     : Disabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0x87 0x67 0x56 0x26 0xCB 0xE7 0x65 0x4D
Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00
Local updater ID is 10.1.1.101 on interface Vl1 (lowest numbered VLAN interface found)



ALS1#show vtp status
VTP Version                     : 2
Configuration Revision          : 0
Maximum VLANs supported locally : 255
Number of existing VLANs        : 5
VTP Operating Mode              : Server
VTP Domain Name                 :
VTP Pruning Mode                : Disabled
VTP V2 Mode                     : Disabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0x7D 0x5A 0xA6 0x0E 0x9A 0x72 0xA0 0x3A
Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00
Local updater ID is 10.1.1.103 on interface Vl1 (lowest numbered VLAN interface found)
ALS1#config t
Enter configuration commands, one per line.  End with CNTL/Z.
ALS1(config)#vtp mode client
Setting device to VTP CLIENT mode.
ALS1(config)#vtp domain SWLAB
Changing VTP domain name from NULL to SWLAB
ALS1(config)#do show vtp status
VTP Version                     : 2
Configuration Revision          : 0
Maximum VLANs supported locally : 255
Number of existing VLANs        : 5
VTP Operating Mode              : Client
VTP Domain Name                 : SWLAB
VTP Pruning Mode                : Disabled
VTP V2 Mode                     : Disabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0x87 0x67 0x56 0x26 0xCB 0xE7 0x65 0x4D
Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00

The configuration hasn't been modified because there are no trunks setup between these two switches, if I hadn't given the ALS1 the domain name it wouldn't have gotten it automatically because no trunks exist.




ALS1#show interfaces trunk

ALS1#show interfaces fastEthernet 0/7 switchport
Name: Fa0/7
Switchport: Enabled
Administrative Mode: dynamic auto
Operational Mode: static access
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: native
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk private VLANs: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Protected: false
Appliance trust: none





DLS1#show interfaces fastEthernet 0/7 switchport 
Name: Fa0/7
Switchport: Enabled
Administrative Mode: dynamic auto
Operational Mode: static access
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: native
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk private VLANs: none
Operational private-vlan: none
Trunking VLANs Enabled: All
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Protected: false
Unknown unicast blocked: disabled
Unknown multicast blocked: disabled
Appliance trust: none

Trunks will not form because port 7 on both switches are setup for dynamic auto, both are listening for instructions to become a trunk. I will setup DLS1's port 7 in trunk mode for all ports that will be used as trunks.


DLS1(config)#int range fastEthernet 0/7-12
DLS1(config-if-range)#switchport trunk encapsulation dot1q
DLS1(config-if-range)#switchport mode trunk

DLS1#show interfaces trunk
Port        Mode         Encapsulation  Status        Native vlan
Fa0/7       on           802.1q         trunking      1
Fa0/8       on           802.1q         trunking      1
Fa0/9       on           802.1q         trunking      1
Fa0/10      on           802.1q         trunking      1
Fa0/11      on           802.1q         trunking      1
Fa0/12      on           802.1q         trunking      1

ALS1(config)#int range fastEthernet 0/7-12
ALS1(config-if-range)#switchport mode trunk

Client ports will be setup as access switches because they do not need to participate in spanning tree.

DLS2(config)#int range fastEthernet 0/7-12
DLS2(config-if-range)#switchport trunk encapsulation dot1q
DLS2(config-if-range)#switchport mode trunk



ALS2(config)#int fa0/6
ALS2(config-if)#switchport mode access 



DLS1(config)#int fa0/6
DLS1(config-if)#switchport mode access



ALS1(config)#int fa0/6
ALS1(config-if)#switchport mode access


I created the VLANs on the VTP server which will propagate them to clients and other servers within the domain.

DLS1#config t
DLS1(config)#vlan 100
DLS1(config-vlan)#vlan 110
DLS1(config-vlan)#vlan 120


Now I can assign the ports to their respective VLANs.

DLS1(config)#int fa0/6
DLS1(config-if)#switchport access vlan 100

Client can't not speak with each other because they are in different VLANs without layer 3 routing.

Manually Configure Spanning-Tree Root

In this lab, I created two trunk ports on each switch and let spanning-tree run it's default election process.

Sw1(config)#int fa0/11
Sw1(config-if)#switchport trunk encap dot
Sw1(config-if)#switchport mode trunk

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/11, changed state to down

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/11, changed state to up

Sw1(config-if)#int fa0/12

Sw1(config-if)#switchport trunk encap dot

Sw1(config-if)#switchport mode trunk

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/12, changed state to down

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/12, changed state to up

Sw2(config)#int fa0/11

Sw2(config-if)#switchport trunk encap dot

Sw2(config-if)#switchport mode trunk

Sw2(config-if)#int fa0/12

Sw2(config-if)#switchport trunk encap dot

Sw2(config-if)#switchport mode trunk

Running the show spanning-tree command by itself will display all spanning tree information for each vlan. There are 4 vlan on each switch, vlan 1,10,20 and 30. Sw1 won the election and is the root switch for all vlans. There are multiple ways of verifying if the switch is the root switch, one is that the show spanning tree command will display "this is the root bridge", the root id information will match the bridge id information and lastly, all ports will be forwarding state.

Sw1#show spanning-tree 

VLAN0001

  Spanning tree enabled protocol ieee

  Root ID    Priority    32769

             Address     0002.1710.2A57

             This bridge is the root

             Hello Time  2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    32769  (priority 32768 sys-id-ext 1)

             Address     0002.1710.2A57

             Hello Time  2 sec  Max Age 20 sec  Forward Delay 15 sec

             Aging Time  20

Interface        Role Sts Cost      Prio.Nbr Type

---------------- ---- --- --------- -------- --------------------------------

Fa0/11           Desg FWD 19        128.11   P2p

Fa0/12           Desg FWD 19        128.12   P2p

VLAN0010

  Spanning tree enabled protocol ieee

  Root ID    Priority    32778

             Address     0002.1710.2A57

             This bridge is the root

             Hello Time  2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    32778  (priority 32768 sys-id-ext 10)

             Address     0002.1710.2A57

             Hello Time  2 sec  Max Age 20 sec  Forward Delay 15 sec

             Aging Time  20

Interface        Role Sts Cost      Prio.Nbr Type

---------------- ---- --- --------- -------- --------------------------------

Fa0/11           Desg FWD 19        128.11   P2p

Fa0/12           Desg FWD 19        128.12   P2p

VLAN0020

  Spanning tree enabled protocol ieee

  Root ID    Priority    32788

             Address     0002.1710.2A57

             This bridge is the root

             Hello Time  2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    32788  (priority 32768 sys-id-ext 20)

             Address     0002.1710.2A57

             Hello Time  2 sec  Max Age 20 sec  Forward Delay 15 sec

             Aging Time  20

Interface        Role Sts Cost      Prio.Nbr Type

---------------- ---- --- --------- -------- --------------------------------

Fa0/11           Desg FWD 19        128.11   P2p

Fa0/12           Desg FWD 19        128.12   P2p

VLAN0030

  Spanning tree enabled protocol ieee

  Root ID    Priority    32798

             Address     0002.1710.2A57

             This bridge is the root

             Hello Time  2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    32798  (priority 32768 sys-id-ext 30)

             Address     0002.1710.2A57

             Hello Time  2 sec  Max Age 20 sec  Forward Delay 15 sec

             Aging Time  20

Interface        Role Sts Cost      Prio.Nbr Type

---------------- ---- --- --------- -------- --------------------------------

Fa0/11           Desg FWD 19        128.11   P2p

Fa0/12           Desg FWD 19        128.12   P2p

On Sw2 I displayed the information for vlan 30 only, here we don't see "this is the root bridge", the root information doesn't match the bridge ID and not all ports are forwarding 

Sw2# show spanning-tree vlan 30

VLAN0030

  Spanning tree enabled protocol ieee

  Root ID    Priority    32798

             Address     0002.1710.2A57

             Cost        19

             Port        11(FastEthernet0/11)

             Hello Time  2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    32798  (priority 32768 sys-id-ext 30)

             Address     000C.CF68.DC11

             Hello Time  2 sec  Max Age 20 sec  Forward Delay 15 sec

             Aging Time  20

Interface        Role Sts Cost      Prio.Nbr Type

---------------- ---- --- --------- -------- --------------------------------

Fa0/11           Root FWD 19        128.11   P2p

Fa0/12           Altn BLK 19        128.12   P2p

I want to manually change the SPF root for vlan 20 and 30 to Sw2. I used the spanning-tree vlan root primary command. There is a option for a secondary root if I wanted to create a backup root.

Sw2(config)#spanning-tree vlan 20 root primary 

Sw2(config)#spanning-tree vlan 30 root primary 

I can see now that Sw2 is the root switch for vlan 20 and vlan 30.

Sw2#show span vlan 20

VLAN0020

  Spanning tree enabled protocol ieee

  Root ID    Priority    24596

             Address     000C.CF68.DC11

             This bridge is the root

             Hello Time  2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    24596  (priority 24576 sys-id-ext 20)

             Address     000C.CF68.DC11

             Hello Time  2 sec  Max Age 20 sec  Forward Delay 15 sec

             Aging Time  20

Interface        Role Sts Cost      Prio.Nbr Type

---------------- ---- --- --------- -------- --------------------------------

Fa0/11           Desg FWD 19        128.11   P2p

Fa0/12           Desg LRN 19        128.12   P2p

Sw2#show span vlan 30

VLAN0030

  Spanning tree enabled protocol ieee

  Root ID    Priority    24606

             Address     000C.CF68.DC11

             This bridge is the root

             Hello Time  2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    24606  (priority 24576 sys-id-ext 30)

             Address     000C.CF68.DC11

             Hello Time  2 sec  Max Age 20 sec  Forward Delay 15 sec

             Aging Time  20

Interface        Role Sts Cost      Prio.Nbr Type

---------------- ---- --- --------- -------- --------------------------------

Fa0/11           Desg FWD 19        128.11   P2p

Fa0/12           Desg LRN 19        128.12   P2p

Sw2#show span vlan 30

VLAN0030

  Spanning tree enabled protocol ieee

  Root ID    Priority    24606

             Address     000C.CF68.DC11

             This bridge is the root

             Hello Time  2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    24606  (priority 24576 sys-id-ext 30)

             Address     000C.CF68.DC11

             Hello Time  2 sec  Max Age 20 sec  Forward Delay 15 sec

             Aging Time  20

Interface        Role Sts Cost      Prio.Nbr Type

---------------- ---- --- --------- -------- --------------------------------

Fa0/11           Desg FWD 19        128.11   P2p

Fa0/12           Desg FWD 19        128.12   P2p

Passed CCNP Route

I will start studying material for the Switch Exam.

BGP Route Reflectors

R1#show ip bgp
BGP table version is 3, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*>i2.2.2.2/32       172.12.123.2             0    100      0 i
*>i4.4.4.4/32       172.12.123.3             0    100      0 4 i

R2#show ip bgp

BGP table version is 2, local router ID is 2.2.2.2

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

*> 2.2.2.2/32       0.0.0.0                  0         32768 i

R3#show ip bgp

BGP table version is 2, local router ID is 3.3.3.3

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

*> 4.4.4.4/32       10.1.1.4                 0             0 4 i

R1(config)#router bgp 1235

R1(config-router)#nei

R1(config-router)#neighbor 172.12.123.2 rou

R1(config-router)#neighbor 172.12.123.2 route-re

R1(config-router)#neighbor 172.12.123.2 route-reflector-client

R1(config-router)#neighbor 172.12.123.2 route-reflector-client

*Mar  1 00:22:49.735: %BGP-5-ADJCHANGE: neighbor 172.12.123.2 Down RR client conf*Mar  1 00:22:52.071: %BGP-5-ADJCHANGE: neighbor 172.12.123.2 Up

R1(config-router)#neighbor 172.12.123.3 route-reflector-client

R1(config-router)#

*Mar  1 00:23:11.183: %BGP-5-ADJCHANGE: neighbor 172.12.123.3 Down RR client config change

*Mar  1 00:23:13.487: %BGP-5-ADJCHANGE: neighbor 172.12.123.3 Up

R2#

*Mar  1 00:22:48.887: %BGP-5-ADJCHANGE: neighbor 172.12.123.1 Down Peer closed the session

*Mar  1 00:22:50.867: %BGP-5-ADJCHANGE: neighbor 172.12.123.1 Up

R2#show ip bgp

BGP table version is 5, local router ID is 2.2.2.2

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

*> 2.2.2.2/32       0.0.0.0                  0         32768 i

*>i4.4.4.4/32       172.12.123.3             0    100      0 4 i

R3#

*Mar  1 00:23:08.943: %BGP-5-ADJCHANGE: neighbor 172.12.123.1 Down Peer closed the session

*Mar  1 00:23:11.019: %BGP-5-ADJCHANGE: neighbor 172.12.123.1 Up

R3#show ip bgp

BGP table version is 5, local router ID is 3.3.3.3

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

*>i2.2.2.2/32       172.12.123.2             0    100      0 i

*> 4.4.4.4/32       10.1.1.4                 0             0 4 i

Distribute List OSPF

R1#show ip rou
R1#show ip route rip
R    5.0.0.0/8 [120/1] via 15.1.1.5, 00:00:15, FastEthernet0/0
R    6.0.0.0/8 [120/1] via 15.1.1.5, 00:00:15, FastEthernet0/0
R    7.0.0.0/8 [120/1] via 15.1.1.5, 00:00:15, FastEthernet0/0
R    8.0.0.0/8 [120/1] via 15.1.1.5, 00:00:15, FastEthernet0/0

R1(config)#router ospf 1

R1(config-router)#redistribute rip subnets 

R1(config-router)#redistribute connected subnets 

R2#show ip route ospf 

     1.0.0.0/32 is subnetted, 1 subnets

O E2    1.1.1.1 [110/20] via 172.12.123.1, 00:00:10, Serial0/0

O E2 5.0.0.0/8 [110/20] via 172.12.123.1, 00:00:15, Serial0/0

O E2 6.0.0.0/8 [110/20] via 172.12.123.1, 00:00:15, Serial0/0

O E2 7.0.0.0/8 [110/20] via 172.12.123.1, 00:00:15, Serial0/0

O E2 8.0.0.0/8 [110/20] via 172.12.123.1, 00:00:15, Serial0/0

     15.0.0.0/24 is subnetted, 1 subnets

O E2    15.1.1.0 [110/20] via 172.12.123.1, 00:00:15, Serial0/0

R2#

R1(config)#access-list 17 deny 6.0.0.0 0.255.255.255

R1(config)#access-list 17 deny 7.0.0.0 0.255.255.255

R1(config)#access-list 17 permit any                

R1(config)#router ospf 1

R1(config-router)#distribute-list 17 out rip 

R1(config-router)#

R2#show ip route ospf                                             

     1.0.0.0/32 is subnetted, 1 subnets

O E2    1.1.1.1 [110/20] via 172.12.123.1, 00:04:25, Serial0/0

O E2 5.0.0.0/8 [110/20] via 172.12.123.1, 00:04:30, Serial0/0

O E2 8.0.0.0/8 [110/20] via 172.12.123.1, 00:04:30, Serial0/0

     15.0.0.0/24 is subnetted, 1 subnets

O E2    15.1.1.0 [110/20] via 172.12.123.1, 00:04:30, Serial0/0

BGP Route Aggregation

In this lab, I want to summarize the routes being advised by R5, in BGP it's called route aggregation. I found the summary route the same by writing down all the routes in binary and finding the common bits to make the network address and turning those to all ones to get the subnet mask.

0001 0000    00000001    00000001    00000001    00000001
0001 0001    00000001    00000001    00000001    00000001
0001 0010    00000001    00000001    00000001    00000001
0001 0100    00000001    00000001    00000001    00000001

common bits
0001 0 = 16.0.0.0

Turn common bits to all ones
11111 = 252.0.0.0

16.0.0.0 252.0.0.0 is the aggregate address and mask

I want to reduce the size of R1's BGP table because everything has a cost in CPU cycles. I will create the aggregation on R2.


R1#show ip bgp
BGP table version is 5, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 16.0.0.0         10.10.10.5               0             0 500 i
*> 17.0.0.0         10.10.10.5               0             0 500 i
*> 18.0.0.0         10.10.10.5               0             0 500 i
*> 19.0.0.0         10.10.10.5               0             0 500 i

R1#show ip bgp sum
BGP router identifier 1.1.1.1, local AS number 100
BGP table version is 5, main routing table version 5
4 network entries using 480 bytes of memory
4 path entries using 208 bytes of memory
2/1 BGP path/bestpath attribute entries using 248 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 960 total bytes of memory
BGP activity 4/0 prefixes, 4/0 paths, scan interval 60 secs

Neighbor        V    AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
10.10.10.5      4   500       5       4        5    0    0 00:00:39        4

R5#config t

Enter configuration commands, one per line.  End with CNTL/Z.

R5(config)#router bgp 500

R5(config-router)#aggregate-address 16.0.0.0 252.0.0.0

BGP by default aggregate addresses along with the more specific routes, when I look at the BGP routes, I'm now learning 5 routes, each single route with the additional of the summary route.

R1#show ip bgp sum
BGP router identifier 1.1.1.1, local AS number 100
BGP table version is 6, main routing table version 6
5 network entries using 600 bytes of memory
5 path entries using 260 bytes of memory
3/2 BGP path/bestpath attribute entries using 372 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1256 total bytes of memory
BGP activity 5/0 prefixes, 5/0 paths, scan interval 60 secs

Neighbor        V    AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
10.10.10.5      4   500       8       6        6    0    0 00:02:12        5

Summary is in bold below

R1#show ip bgp

BGP table version is 6, local router ID is 1.1.1.1

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

*> 16.0.0.0         10.10.10.5               0             0 500 i

*> 16.0.0.0/6       10.10.10.5               0             0 500 i

*> 17.0.0.0         10.10.10.5               0             0 500 i

*> 18.0.0.0         10.10.10.5               0             0 500 i

*> 19.0.0.0         10.10.10.5               0             0 500 i

I will take off the default and enable the option for summary only.

R5(config)#router bgp 500

R5(config-router)#no aggregate-address 16.0.0.0 252.0.0.0

R5(config-router)#aggregate-address 16.0.0.0 252.0.0.0 summary-only

I now have only an aggregate address being advised to R1.

R1#show ip bgp

BGP table version is 12, local router ID is 1.1.1.1

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

*> 16.0.0.0/6       10.10.10.5               0             0 500 i

I notice the atomic-aggregate attribute in the BGP summary.

R1#show ip bgp 16.0.0.0

BGP routing table entry for 16.0.0.0/6, version 8

Paths: (1 available, best #1, table Default-IP-Routing-Table)

Flag: 0x820

  Not advertised to any peer

  500, (aggregated by 500 19.1.1.1)

    10.10.10.5 from 10.10.10.5 (19.1.1.1)

      Origin IGP, metric 0, localpref 100, valid, external, atomic-aggregate, best

BGP-Changing weight attribute (cisco specific)

In this lab I will demonstrate how to change the weight of a neighbor peer to get the results I want. R4 is advertising its lo 4.4.4.4 and R1 know how to get it two different ways, R2 and R3. I want R1 to choose R3.

No routes are chosen as best because both are inaccessible.

R1#show ip bgp
BGP table version is 1, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
* i4.4.4.4/32       10.1.1.4                 0    100      0 4 i
* i                 10.1.1.4                 0    100      0 4 i

First I notice that I need the next-hop-self command on R2 and R3 because in BGP the next hop router doesn't change when advising into an different AS.

R2(config-router)#neighbor 172.12.123.1 next-hop-self

R3(config-router)#neighbor 172.12.123.1 next-hop-self

R1#show ip bgp

BGP table version is 2, local router ID is 1.1.1.1

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

* i4.4.4.4/32       172.12.123.3             0    100      0 4 i

*>i                 172.12.123.2             0    100      0 4 i

I need to clear the BGP table so that I can force the changes to appear.

R1#show ip bgp 4.4.4.4

BGP routing table entry for 4.4.4.4/32, version 2

Paths: (2 available, best #2, table Default-IP-Routing-Table)

Flag: 0x820

  Not advertised to any peer

  4

    172.12.123.3 from 172.12.123.3 (3.3.3.3)

      Origin IGP, metric 0, localpref 100, valid, internal

  4

    172.12.123.2 from 172.12.123.2 (2.2.2.2)

      Origin IGP, metric 0, localpref 100, valid, internal, best

Now that both routes accessible, I will change the weight with the neighbor weight command.

R1(config)#router bgp 123

R1(config-router)#neighbor 172.12.123.3 weight 200

R1#show ip bgp

BGP table version is 2, local router ID is 1.1.1.1

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

* i4.4.4.4/32       172.12.123.3             0    100      0 4 i

*>i                 172.12.123.2             0    100      0 4 i

R1#clear ip bgp * soft

R1#show ip bgp

BGP table version is 3, local router ID is 1.1.1.1

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

*>i4.4.4.4/32       172.12.123.3             0    100    200 4 i

* i                 172.12.123.2             0    100      0 4 i

The weight now shows 200 for R3's route.

BGP- Chaning Local Pref with Route Map

Now we want R1 to use R2 for 172.12.34.0 and R3 for 210.1.1.0. A route map can be used conditionally to achieve this.


R2(config)#access-list 27 permit 172.12.34.0 0.0.0.255
R2(config)#route-map R1TOR3 permit 10
R2(config-route-map)#match ip address 27
R2(config-route-map)#set local-preference 200
R2(config-route-map)#exit
R2(config)#route-map R1TOR3 permit 20
R2(config-route-map)#set local-preference 100
R2(config-route-map)#router bgp 12
R2(config-router)#neighbor 4.4.4.4 route-map R1TOR3 in


R1#show ip bgp
BGP table version is 10, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
* i172.12.34.0/24   2.2.2.2                  0    100      0 34 i
*>                  3.3.3.3                  0             0 34 i
* i210.1.1.0        2.2.2.2                  0    100      0 34 i
*>                  3.3.3.3                  0             0 34 i

It appears my route map didn't work but BGP doesn't update unless there is a network change. Clearing all bgp routes with a soft command allows BGP to update without breaking the peers relationships.


R2#clear ip bgp * soft

R1#show ip bgp

BGP table version is 11, local router ID is 1.1.1.1

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

*>i172.12.34.0/24   2.2.2.2                  0    200      0 34 i

*                   3.3.3.3                  0             0 34 i

* i210.1.1.0        2.2.2.2                  0    100      0 34 i

*>                  3.3.3.3                  0             0 34 i

R1#

Now I have routes destined for 172.12.34.0 going through R2 and routes destined for 219.1.1.0 going through R3 using nothing but a route map setting local prf. 

BGP Next-Hop-Self & Changing Local Pref with default command

Below is the configuration for the topology above. IBGP and EBGP peers are setup using the loopback addresses. R4 and R3 advertise network 172.12.34.0.

R1#config t
Enter configuration commands, one per line.  End with CNTL/Z.
R1(config)#int fa0/0
R1(config-if)#ip add 10.1.1.1 255.255.255.0
R1(config-if)#no shut
R1(config-if)#
*Mar  1 00:01:30.575: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up
*Mar  1 00:01:31.575: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up
R1(config-if)#int lo0
R1(config-if)#ip add 1.1.1.1 255.255.255.255
R1(config-if)#router bgp 12
R1(config-router)#neighbor 2.2.2.2 remote-as 12
R1(config-router)#neighbor 2.2.2.2 update-source loopback 0
R1(config-router)#neighbor 3.3.3.3 remote-as 34
R1(config-router)#neighbor 3.3.3.3 update-source loopback 0
R1(config-router)#neighbor 3.3.3.3 ebgp-multihop 2
R1(config-router)#exit
R1(config)#ip route 2.2.2.2 255.255.255.255 10.1.1.2
R1(config)#ip route 3.3.3.3 255.255.255.255 10.1.1.3
R1(config)#^Z
R1#wr


R2#config t
Enter configuration commands, one per line.  End with CNTL/Z.
R2(config)#int lo0
R2(config-if)#ip add 2.2.2.2 255.255.255.255
R2(config-if)#int fa0/0
R2(config-if)#ip add 10.1.1.2 255.255.255.0
R2(config-if)#no shutdown
R2(config-if)#
*Mar  1 00:04:53.971: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up
*Mar  1 00:04:54.971: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up
R2(config-if)#router bgp 12
R2(config-router)#neighbor 1.1.1.1 remote-as 12
R2(config-router)#neighbor 1.1.1.1 update-source loopback 0
R2(config-router)#neighbor 4.4.4.4 remote-as 34
R2(config-router)#neighbor 4.4.4.4 update-source loopback 0
R2(config-router)#neighbor 4.4.4.4 ebgp-multihop 2
R2(config-router)#exit
R2(config)#ip route 1.1.1.1 255.255.255.255 10.1.1.1
*Mar  1 00:06:15.935: %BGP-5-ADJCHANGE: neighbor 1.1.1.1 Up
R2(config)#ip route 4.4.4.4 255.255.255.255 10.1.1.4


R3#config t
Enter configuration commands, one per line.  End with CNTL/Z.
R3(config)#int lo0
R3(config-if)#ip add 3.3.3.3 255.255.255.255
R3(config-if)#int fa 0/0
R3(config-if)#ip add 10.1.1.3 255.255.255.0
R3(config-if)#no shut
R3(config-if)#
*Mar  1 00:09:07.383: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up
*Mar  1 00:09:08.383: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up
R3(config-if)#router bgp 34
R3(config-router)#neighbor 1.1.1.1 remote-as 12
R3(config-router)#neighbor 1.1.1.1 update-source loopback 0
R3(config-router)#neighbor 1.1.1.1 ebgp-multihop 2
R3(config-router)#neighbor 4.4.4.4 remote-as 34
R3(config-router)#neighbor 4.4.4.4 update-source loopback 0
R3(config-router)#network 172.12.34.0 mask 255.255.255.0
R3(config-router)#exit
R3(config)#int s0/0
R3(config-if)#ip add
R3(config-if)#ip address 172.12.34.3 255.255.255.0
R3(config-if)#no shut
R3(config-if)#exit
R3(config)#
*Mar  1 00:10:56.303: %LINK-3-UPDOWN: Interface Serial0/0, changed state to up
*Mar  1 00:10:57.303: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0, changed state to up
R3(config)#
R3(config)#ip route 1.1.1.1 255.255.255.255 10.1.1.1
R3(config)#ip route 4.4.4.4 255.255.25
*Mar  1 00:11:14.607: %BGP-5-ADJCHANGE: neighbor 1.1.1.1 Up
R3(config)#ip route 4.4.4.4 255.255.255.255 10.1.1.4

R3(config)#^Z
R3#wr

R4#config t

Enter configuration commands, one per line.  End with CNTL/Z.

R4(config)#int lo0

R4(config-if)#ip add 4.4.4.4 255.255.255.255

R4(config-if)#int fa0/0

R4(config-if)#ip add 10.1.1.4 255.255.255.0

R4(config-if)# no shut

R4(config-if)#int s0/0

R4(config-if)#ip add 172.12.34.4 255.255.255.0

R4(config-if)#no shut

R4(config-if)#

*Mar  1 00:12:36.843: %LINK-3-UPDOWN: Interface Serial0/0, changed state to up

*Mar  1 00:12:37.843: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0, changed state to up

R4(config-if)#

R4(config-if)#router bgp 34

R4(config-router)#neighbor 2.2.2.2 remote-as 12

R4(config-router)#neighbor 2.2.2.2 update-source loopback 0

R4(config-router)#neighbor 2.2.2.2 ebgp-multihop 2

R4(config-router)#neighbor 3.3.3.3 remote 34

R4(config-router)#neighbor 3.3.3.3 update-source loopback 0

R4(config-router)#network 172.12.34.0 mask 255.255.255.0

R4(config-router)#^Z

R4#config t

*Mar  1 00:13:48.447: %SYS-5-CONFIG_I: Configured from console by console

R4#config t

Enter configuration commands, one per line.  End with CNTL/Z.

R4(config)#ip route 2.2.2.2 255.255.255.255 10.1.1.2

R4(config)#ip route 3.3.3.3 255.255.255.255 10.1.1.3

R4(config)#

*Mar  1 00:15:41.507: %BGP-5-ADJCHANGE: neighbor 3.3.3.3 Up

*Mar  1 00:15:41.671: %BGP-5-ADJCHANGE: neighbor 2.2.2.2 Up

We can see that R3 is the next hop for network 172.12.34.0 and this is vaild because all attributes are the same, weight, as-path,local prf  and med except for the next in the list which is ebgp over ibgp. Let's say we want the route to go through R2 instead because it is the faster link, we can change the local prf so that BGP chooses that route. 

R1#show ip bgp
BGP table version is 2, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
* i172.12.34.0/24   4.4.4.4                  0    100      0 34 i
*>                  3.3.3.3                  0             0 34 i

R1#show ip bgp 172.12.34.0

BGP routing table entry for 172.12.34.0/24, version 2

Paths: (2 available, best #2, table Default-IP-Routing-Table)

  Advertised to non peer-group peers:

  2.2.2.2

  34

    4.4.4.4 (inaccessible) from 2.2.2.2 (2.2.2.2)

      Origin IGP, metric 0, localpref 100, valid, internal

  34

    3.3.3.3 from 3.3.3.3 (3.3.3.3)

      Origin IGP, metric 0, localpref 100, valid, external, best

The local prf needs to be changed on the router advising the route we want to use. First we have to make the route to R3 accessible, currently it's not because an ebgp route advised into a ibgp retains the hop from the route it was learned from which is R4. The next-hop-self command allows R2 to make itself the next hop address for ebgp routes.

R2(config)#router bgp 12
R2(config-router)#neighbor 1.1.1.1 next-hop-self

Now that both routes are accessible , I will change the local prf  of 2.2.2.2 learned route. 

R1#show ip bgp 172.12.34.0

BGP routing table entry for 172.12.34.0/24, version 2

Paths: (2 available, best #2, table Default-IP-Routing-Table)

  Advertised to non peer-group peers:

  2.2.2.2

  34

    2.2.2.2 from 2.2.2.2 (2.2.2.2)

      Origin IGP, metric 0, localpref 100, valid, internal

  34

    3.3.3.3 from 3.3.3.3 (3.3.3.3)

      Origin IGP, metric 0, localpref 100, valid, external, best

Local prf is viable within an AS not only between two routers, we can change the default or use a route map to change the local prf, first we will do the default command. The higher the local prf the more preferred unlike the MED which is the lowest value.

R2(config)#router bgp 12

R2(config-router)#bgp default local-preference 200

R1#show ip bgp 172.12.34.0
BGP routing table entry for 172.12.34.0/24, version 3
Paths: (2 available, best #1, table Default-IP-Routing-Table)
Flag: 0x800
  Advertised to update-groups:
        2
  34
    2.2.2.2 from 2.2.2.2 (2.2.2.2)
      Origin IGP, metric 0, localpref 200, valid, internal, best
  34
    3.3.3.3 from 3.3.3.3 (3.3.3.3)
      Origin IGP, metric 0, localpref 100, valid, external

R2 is now the valid and best route for the network 172.12.34.0

BGP Neighbor/Advising Routes with loopback interfaces

Creating BGP neighbors with physical interfaces can become troublesome when that interface is changed or is flapping, best practice is to create neighbors with loopback interfaces that are always up if the router is. Additional commands are needed to create a neighbor with loopback interfaces and an extra command is needed for EBGP peers.

The update source command is needed to change the interface from a physical interface to a loopback. The ebgp multihop command is required to tell BGP how many hops away the loopback interface is.

R1(config)#router bgp 100
R1(config-router)#neighbor 3.3.3.3 remote-as 200

R1(config-router)#neighbor 3.3.3.3 update-source loopback 0

R1(config-router)#neighbor 3.3.3.3 ebgp-multihop 2

R3(config)#router bgp 200

R3(config-router)#neighbor 1.1.1.1 remote-as 100        

R3(config-router)#neighbor 1.1.1.1 update-source loopback 0

R3(config-router)#neighbor 1.1.1.1 ebgp-multihop 2

The neighborship between R1 and R3 still won't happen unless they know how to reach each others loopback addresses. A static route can accomplish this.

R1(config)#ip route 3.3.3.3 255.255.255.255 172.12.123.3
R3(config)#ip route 1.1.1.1 255.255.255.255 172.12.123.1

With routes to each others loopbacks the adjacency comes up.

R3(config)#
*Mar  1 00:39:47.866: %BGP-5-ADJCHANGE: neighbor 1.1.1.1 Up

Verifying the BGP adjacency with the show ip bgp summary command.

R1#show ip bgp sum
BGP router identifier 1.1.1.1, local AS number 100
BGP table version is 1, main routing table version 1

Neighbor        V    AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
3.3.3.3         4   200       4       4        1    0    0 00:00:32        0

Below I create adjacencies between R1 and R2, no ebgp multi-hop command is needed because these are internal BGP peers, both in AS 100.

R1(config)#router bgp 100

R1(config-router)#neighbor 2.2.2.2 remote-as 100

R1(config-router)#neighbor 2.2.2.2 update-source loopback 0

R2(config)#router bgp 100

R2(config-router)#neighbor 1.1.1.1 remote-as 100

R2(config-router)#neighbor 1.1.1.1 update-source loopback 0

R2(config-router)#       

*Mar  1 00:44:01.574: %BGP-5-ADJCHANGE: neighbor 1.1.1.1 Up 

R1 now has adjacencies with both R2 and R3.

R1#show ip bgp sum

BGP router identifier 1.1.1.1, local AS number 100

BGP table version is 1, main routing table version 1

Neighbor        V    AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd

2.2.2.2         4   100       4       4        1    0    0 00:00:42        0

3.3.3.3         4   200       8       8        1    0    0 00:04:55        0

Similar to OSPF, to advise a route into BGP we use the network command along with the actual mask not the inverse mask. The mask isn't required but can cause problems when classful boundaries are overlapping. 

R3(config)#router bgp 200

R3(config-router)#network 3.3.3.3 mask 255.255.255.255

R3(config-router)#network 33.33.33.33 mask 255.255.255.255     

The show ip bgp command will show the routes learned by BGP. Both routes are valid and best. BGP has many attributes that decide which route is valid and best when multiple routes to a destination are known.

R1#show ip bgp   

BGP table version is 4, local router ID is 1.1.1.1

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

*> 3.3.3.3/32       3.3.3.3                  0             0 200 i

*> 33.33.33.33/32   3.3.3.3                  0             0 200 i

BGP Neighbors with physical interfaces

BGP is an external gateway protocol that is used between autonomous systems. Normally these are seen inside of an ISP network or between an enterprise network with multiple ISPs.  Unlike EIGRP the  AS number doesn't have to match to become a peer but it is classified differently. An IBGP is a peer between two spokes with the same AS number and an EBGP is a peer between two spokes with different AS numbers. BGP doesn't automatically detect a neighbor so a neighbor command is used along with the remote as number. In the example below I configured a peers using the connected interfaces.


R1(config)#router bgp 100
R1(config-router)#neighbor 172.12.123.2 remote-as 100
R1(config-router)#neighbor 172.12.123.3 remote-as 200

R2(config)#router bgp 100

R2(config-router)#neighbor 172.12.123.1 remote-as 100

*Mar  1 00:49:35.068: %BGP-5-ADJCHANGE: neighbor 172.12.123.21Up 

R3(config)#router bgp 200

R3(config-router)#neighbor 172.12.123.1 remote-as 100

R3(config-router)#

*Mar  1 00:53:12.084: %BGP-5-ADJCHANGE: neighbor 172.12.123.1 Up 

Using the ip BGP summary command I can see a summary of the neighbor relationships. An empty State means it's established or you can use the ip bgp neighbor command to see the state of the relationship.

R1#show ip bgp sum          

BGP router identifier 172.12.123.1, local AS number 100

BGP table version is 1, main routing table version 1

Neighbor        V    AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd

172.12.123.2    4   100      10      10        1    0    0 00:06:10        0

172.12.123.3    4   200       6       6        1    0    0 00:02:32        0

R1#show ip bgp neighbors 172.12.123.3          

BGP neighbor is 172.12.123.3,  remote AS 200, external link

  BGP version 4, remote router ID 172.12.123.3

  BGP state = Established, up for 00:02:54

  Last read 00:00:54, hold time is 180, keepalive interval is 60 seconds

  Neighbor capabilities:

    Route refresh: advertised and received(old & new)

    Address family IPv4 Unicast: advertised and received.....................

Also the type of peer is shown as internal (ibgp)or external (ebgp)

R1#show ip bgp neighbors 172.12.123.2

BGP neighbor is 172.12.123.2,  remote AS 100, internal link

  BGP version 4, remote router ID 172.12.123.2

  BGP state = Established, up for 00:06:57

  Last read 00:00:56, hold time is 180, keepalive interval is 60 seconds

  Neighbor capabilities:

    Route refresh: advertised and received(old & new)

    Address family IPv4 Unicast: advertised and received.......................................