Sunday, October 28, 2012

BGP Route Aggregation



In this lab, I want to summarize the routes being advised by R5, in BGP it's called route aggregation. I found the summary route the same by writing down all the routes in binary and finding the common bits to make the network address and turning those to all ones to get the subnet mask.

0001 0000    00000001    00000001    00000001    00000001
0001 0001    00000001    00000001    00000001    00000001
0001 0010    00000001    00000001    00000001    00000001
0001 0100    00000001    00000001    00000001    00000001

common bits
0001 0 = 16.0.0.0

Turn common bits to all ones
11111 = 252.0.0.0

16.0.0.0 252.0.0.0 is the aggregate address and mask

I want to reduce the size of R1's BGP table because everything has a cost in CPU cycles. I will create the aggregation on R2.


R1#show ip bgp
BGP table version is 5, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 16.0.0.0         10.10.10.5               0             0 500 i
*> 17.0.0.0         10.10.10.5               0             0 500 i
*> 18.0.0.0         10.10.10.5               0             0 500 i
*> 19.0.0.0         10.10.10.5               0             0 500 i




R1#show ip bgp sum
BGP router identifier 1.1.1.1, local AS number 100
BGP table version is 5, main routing table version 5
4 network entries using 480 bytes of memory
4 path entries using 208 bytes of memory
2/1 BGP path/bestpath attribute entries using 248 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 960 total bytes of memory
BGP activity 4/0 prefixes, 4/0 paths, scan interval 60 secs

Neighbor        V    AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
10.10.10.5      4   500       5       4        5    0    0 00:00:39        4


R5#config t
Enter configuration commands, one per line.  End with CNTL/Z.
R5(config)#router bgp 500
R5(config-router)#aggregate-address 16.0.0.0 252.0.0.0

BGP by default aggregate addresses along with the more specific routes, when I look at the BGP routes, I'm now learning 5 routes, each single route with the additional of the summary route.



R1#show ip bgp sum
BGP router identifier 1.1.1.1, local AS number 100
BGP table version is 6, main routing table version 6
5 network entries using 600 bytes of memory
5 path entries using 260 bytes of memory
3/2 BGP path/bestpath attribute entries using 372 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1256 total bytes of memory
BGP activity 5/0 prefixes, 5/0 paths, scan interval 60 secs

Neighbor        V    AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
10.10.10.5      4   500       8       6        6    0    0 00:02:12        5

Summary is in bold below

R1#show ip bgp
BGP table version is 6, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 16.0.0.0         10.10.10.5               0             0 500 i
*> 16.0.0.0/6       10.10.10.5               0             0 500 i
*> 17.0.0.0         10.10.10.5               0             0 500 i
*> 18.0.0.0         10.10.10.5               0             0 500 i
*> 19.0.0.0         10.10.10.5               0             0 500 i

I will take off the default and enable the option for summary only.
R5(config)#router bgp 500
R5(config-router)#no aggregate-address 16.0.0.0 252.0.0.0
R5(config-router)#aggregate-address 16.0.0.0 252.0.0.0 summary-only

I now have only an aggregate address being advised to R1.

R1#show ip bgp
BGP table version is 12, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 16.0.0.0/6       10.10.10.5               0             0 500 i

I notice the atomic-aggregate attribute in the BGP summary.
R1#show ip bgp 16.0.0.0
BGP routing table entry for 16.0.0.0/6, version 8
Paths: (1 available, best #1, table Default-IP-Routing-Table)
Flag: 0x820
  Not advertised to any peer
  500, (aggregated by 500 19.1.1.1)
    10.10.10.5 from 10.10.10.5 (19.1.1.1)
      Origin IGP, metric 0, localpref 100, valid, external, atomic-aggregate, best



Posted by No comments:

BGP-Changing weight attribute (cisco specific)


In this lab I will demonstrate how to change the weight of a neighbor peer to get the results I want. R4 is advertising its lo 4.4.4.4 and R1 know how to get it two different ways, R2 and R3. I want R1 to choose R3.

No routes are chosen as best because both are inaccessible.

R1#show ip bgp
BGP table version is 1, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
* i4.4.4.4/32       10.1.1.4                 0    100      0 4 i
* i                 10.1.1.4                 0    100      0 4 i

First I notice that I need the next-hop-self command on R2 and R3 because in BGP the next hop router doesn't change when advising into an different AS.

R2(config-router)#neighbor 172.12.123.1 next-hop-self

R3(config-router)#neighbor 172.12.123.1 next-hop-self

R1#show ip bgp
BGP table version is 2, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
* i4.4.4.4/32       172.12.123.3             0    100      0 4 i
*>i                 172.12.123.2             0    100      0 4 i

I need to clear the BGP table so that I can force the changes to appear.

R1#show ip bgp 4.4.4.4
BGP routing table entry for 4.4.4.4/32, version 2
Paths: (2 available, best #2, table Default-IP-Routing-Table)
Flag: 0x820
  Not advertised to any peer
  4
    172.12.123.3 from 172.12.123.3 (3.3.3.3)
      Origin IGP, metric 0, localpref 100, valid, internal
  4
    172.12.123.2 from 172.12.123.2 (2.2.2.2)
      Origin IGP, metric 0, localpref 100, valid, internal, best

Now that both routes accessible, I will change the weight with the neighbor weight command.

R1(config)#router bgp 123
R1(config-router)#neighbor 172.12.123.3 weight 200

R1#show ip bgp
BGP table version is 2, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
* i4.4.4.4/32       172.12.123.3             0    100      0 4 i
*>i                 172.12.123.2             0    100      0 4 i
R1#clear ip bgp * soft

R1#show ip bgp
BGP table version is 3, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*>i4.4.4.4/32       172.12.123.3             0    100    200 4 i
* i                 172.12.123.2             0    100      0 4 i

The weight now shows 200 for R3's route.

Posted by No comments:

BGP- Chaning Local Pref with Route Map




Now we want R1 to use R2 for 172.12.34.0 and R3 for 210.1.1.0. A route map can be used conditionally to achieve this.


R2(config)#access-list 27 permit 172.12.34.0 0.0.0.255
R2(config)#route-map R1TOR3 permit 10
R2(config-route-map)#match ip address 27
R2(config-route-map)#set local-preference 200
R2(config-route-map)#exit
R2(config)#route-map R1TOR3 permit 20
R2(config-route-map)#set local-preference 100
R2(config-route-map)#router bgp 12
R2(config-router)#neighbor 4.4.4.4 route-map R1TOR3 in


R1#show ip bgp
BGP table version is 10, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
* i172.12.34.0/24   2.2.2.2                  0    100      0 34 i
*>                  3.3.3.3                  0             0 34 i
* i210.1.1.0        2.2.2.2                  0    100      0 34 i
*>                  3.3.3.3                  0             0 34 i


It appears my route map didn't work but BGP doesn't update unless there is a network change. Clearing all bgp routes with a soft command allows BGP to update without breaking the peers relationships.


R2#clear ip bgp * soft

R1#show ip bgp
BGP table version is 11, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*>i172.12.34.0/24   2.2.2.2                  0    200      0 34 i
*                   3.3.3.3                  0             0 34 i
* i210.1.1.0        2.2.2.2                  0    100      0 34 i
*>                  3.3.3.3                  0             0 34 i
R1#

Now I have routes destined for 172.12.34.0 going through R2 and routes destined for 219.1.1.0 going through R3 using nothing but a route map setting local prf. 




Posted by No comments:

BGP Next-Hop-Self & Changing Local Pref with default command



Below is the configuration for the topology above. IBGP and EBGP peers are setup using the loopback addresses. R4 and R3 advertise network 172.12.34.0.

R1#config t
Enter configuration commands, one per line.  End with CNTL/Z.
R1(config)#int fa0/0
R1(config-if)#ip add 10.1.1.1 255.255.255.0
R1(config-if)#no shut
R1(config-if)#
*Mar  1 00:01:30.575: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up
*Mar  1 00:01:31.575: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up
R1(config-if)#int lo0
R1(config-if)#ip add 1.1.1.1 255.255.255.255
R1(config-if)#router bgp 12
R1(config-router)#neighbor 2.2.2.2 remote-as 12
R1(config-router)#neighbor 2.2.2.2 update-source loopback 0
R1(config-router)#neighbor 3.3.3.3 remote-as 34
R1(config-router)#neighbor 3.3.3.3 update-source loopback 0
R1(config-router)#neighbor 3.3.3.3 ebgp-multihop 2
R1(config-router)#exit
R1(config)#ip route 2.2.2.2 255.255.255.255 10.1.1.2
R1(config)#ip route 3.3.3.3 255.255.255.255 10.1.1.3
R1(config)#^Z
R1#wr


R2#config t
Enter configuration commands, one per line.  End with CNTL/Z.
R2(config)#int lo0
R2(config-if)#ip add 2.2.2.2 255.255.255.255
R2(config-if)#int fa0/0
R2(config-if)#ip add 10.1.1.2 255.255.255.0
R2(config-if)#no shutdown
R2(config-if)#
*Mar  1 00:04:53.971: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up
*Mar  1 00:04:54.971: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up
R2(config-if)#router bgp 12
R2(config-router)#neighbor 1.1.1.1 remote-as 12
R2(config-router)#neighbor 1.1.1.1 update-source loopback 0
R2(config-router)#neighbor 4.4.4.4 remote-as 34
R2(config-router)#neighbor 4.4.4.4 update-source loopback 0
R2(config-router)#neighbor 4.4.4.4 ebgp-multihop 2
R2(config-router)#exit
R2(config)#ip route 1.1.1.1 255.255.255.255 10.1.1.1
*Mar  1 00:06:15.935: %BGP-5-ADJCHANGE: neighbor 1.1.1.1 Up
R2(config)#ip route 4.4.4.4 255.255.255.255 10.1.1.4


R3#config t
Enter configuration commands, one per line.  End with CNTL/Z.
R3(config)#int lo0
R3(config-if)#ip add 3.3.3.3 255.255.255.255
R3(config-if)#int fa 0/0
R3(config-if)#ip add 10.1.1.3 255.255.255.0
R3(config-if)#no shut
R3(config-if)#
*Mar  1 00:09:07.383: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up
*Mar  1 00:09:08.383: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up
R3(config-if)#router bgp 34
R3(config-router)#neighbor 1.1.1.1 remote-as 12
R3(config-router)#neighbor 1.1.1.1 update-source loopback 0
R3(config-router)#neighbor 1.1.1.1 ebgp-multihop 2
R3(config-router)#neighbor 4.4.4.4 remote-as 34
R3(config-router)#neighbor 4.4.4.4 update-source loopback 0
R3(config-router)#network 172.12.34.0 mask 255.255.255.0
R3(config-router)#exit
R3(config)#int s0/0
R3(config-if)#ip add
R3(config-if)#ip address 172.12.34.3 255.255.255.0
R3(config-if)#no shut
R3(config-if)#exit
R3(config)#
*Mar  1 00:10:56.303: %LINK-3-UPDOWN: Interface Serial0/0, changed state to up
*Mar  1 00:10:57.303: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0, changed state to up
R3(config)#
R3(config)#ip route 1.1.1.1 255.255.255.255 10.1.1.1
R3(config)#ip route 4.4.4.4 255.255.25
*Mar  1 00:11:14.607: %BGP-5-ADJCHANGE: neighbor 1.1.1.1 Up
R3(config)#ip route 4.4.4.4 255.255.255.255 10.1.1.4

R3(config)#^Z
R3#wr


R4#config t
Enter configuration commands, one per line.  End with CNTL/Z.
R4(config)#int lo0
R4(config-if)#ip add 4.4.4.4 255.255.255.255
R4(config-if)#int fa0/0
R4(config-if)#ip add 10.1.1.4 255.255.255.0
R4(config-if)# no shut
R4(config-if)#int s0/0
R4(config-if)#ip add 172.12.34.4 255.255.255.0
R4(config-if)#no shut
R4(config-if)#
*Mar  1 00:12:36.843: %LINK-3-UPDOWN: Interface Serial0/0, changed state to up
*Mar  1 00:12:37.843: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0, changed state to up
R4(config-if)#
R4(config-if)#router bgp 34
R4(config-router)#neighbor 2.2.2.2 remote-as 12
R4(config-router)#neighbor 2.2.2.2 update-source loopback 0
R4(config-router)#neighbor 2.2.2.2 ebgp-multihop 2
R4(config-router)#neighbor 3.3.3.3 remote 34
R4(config-router)#neighbor 3.3.3.3 update-source loopback 0
R4(config-router)#network 172.12.34.0 mask 255.255.255.0
R4(config-router)#^Z
R4#config t
*Mar  1 00:13:48.447: %SYS-5-CONFIG_I: Configured from console by console
R4#config t
Enter configuration commands, one per line.  End with CNTL/Z.
R4(config)#ip route 2.2.2.2 255.255.255.255 10.1.1.2
R4(config)#ip route 3.3.3.3 255.255.255.255 10.1.1.3
R4(config)#
*Mar  1 00:15:41.507: %BGP-5-ADJCHANGE: neighbor 3.3.3.3 Up
*Mar  1 00:15:41.671: %BGP-5-ADJCHANGE: neighbor 2.2.2.2 Up


We can see that R3 is the next hop for network 172.12.34.0 and this is vaild because all attributes are the same, weight, as-path,local prf  and med except for the next in the list which is ebgp over ibgp. Let's say we want the route to go through R2 instead because it is the faster link, we can change the local prf so that BGP chooses that route. 



R1#show ip bgp
BGP table version is 2, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
* i172.12.34.0/24   4.4.4.4                  0    100      0 34 i
*>                  3.3.3.3                  0             0 34 i

R1#show ip bgp 172.12.34.0
BGP routing table entry for 172.12.34.0/24, version 2
Paths: (2 available, best #2, table Default-IP-Routing-Table)
  Advertised to non peer-group peers:
  2.2.2.2
  34
    4.4.4.4 (inaccessible) from 2.2.2.2 (2.2.2.2)
      Origin IGP, metric 0, localpref 100, valid, internal
  34
    3.3.3.3 from 3.3.3.3 (3.3.3.3)
      Origin IGP, metric 0, localpref 100, valid, external, best

The local prf needs to be changed on the router advising the route we want to use. First we have to make the route to R3 accessible, currently it's not because an ebgp route advised into a ibgp retains the hop from the route it was learned from which is R4. The next-hop-self command allows R2 to make itself the next hop address for ebgp routes.


R2(config)#router bgp 12
R2(config-router)#neighbor 1.1.1.1 next-hop-self

Now that both routes are accessible , I will change the local prf  of 2.2.2.2 learned route. 

R1#show ip bgp 172.12.34.0
BGP routing table entry for 172.12.34.0/24, version 2
Paths: (2 available, best #2, table Default-IP-Routing-Table)
  Advertised to non peer-group peers:
  2.2.2.2
  34
    2.2.2.2 from 2.2.2.2 (2.2.2.2)
      Origin IGP, metric 0, localpref 100, valid, internal
  34
    3.3.3.3 from 3.3.3.3 (3.3.3.3)
      Origin IGP, metric 0, localpref 100, valid, external, best

Local prf is viable within an AS not only between two routers, we can change the default or use a route map to change the local prf, first we will do the default command. The higher the local prf the more preferred unlike the MED which is the lowest value.

R2(config)#router bgp 12
R2(config-router)#bgp default local-preference 200


R1#show ip bgp 172.12.34.0
BGP routing table entry for 172.12.34.0/24, version 3
Paths: (2 available, best #1, table Default-IP-Routing-Table)
Flag: 0x800
  Advertised to update-groups:
        2
  34
    2.2.2.2 from 2.2.2.2 (2.2.2.2)
      Origin IGP, metric 0, localpref 200, valid, internal, best
  34
    3.3.3.3 from 3.3.3.3 (3.3.3.3)
      Origin IGP, metric 0, localpref 100, valid, external


R2 is now the valid and best route for the network 172.12.34.0

Posted by No comments:

Friday, October 26, 2012

BGP Neighbor/Advising Routes with loopback interfaces


Creating BGP neighbors with physical interfaces can become troublesome when that interface is changed or is flapping, best practice is to create neighbors with loopback interfaces that are always up if the router is. Additional commands are needed to create a neighbor with loopback interfaces and an extra command is needed for EBGP peers.

The update source command is needed to change the interface from a physical interface to a loopback. The ebgp multihop command is required to tell BGP how many hops away the loopback interface is.

R1(config)#router bgp 100
R1(config-router)#neighbor 3.3.3.3 remote-as 200
R1(config-router)#neighbor 3.3.3.3 update-source loopback 0
R1(config-router)#neighbor 3.3.3.3 ebgp-multihop 2

R3(config)#router bgp 200
R3(config-router)#neighbor 1.1.1.1 remote-as 100        
R3(config-router)#neighbor 1.1.1.1 update-source loopback 0
R3(config-router)#neighbor 1.1.1.1 ebgp-multihop 2

The neighborship between R1 and R3 still won't happen unless they know how to reach each others loopback addresses. A static route can accomplish this.


R1(config)#ip route 3.3.3.3 255.255.255.255 172.12.123.3
R3(config)#ip route 1.1.1.1 255.255.255.255 172.12.123.1

With routes to each others loopbacks the adjacency comes up.

R3(config)#
*Mar  1 00:39:47.866: %BGP-5-ADJCHANGE: neighbor 1.1.1.1 Up


Verifying the BGP adjacency with the show ip bgp summary command.

R1#show ip bgp sum
BGP router identifier 1.1.1.1, local AS number 100
BGP table version is 1, main routing table version 1

Neighbor        V    AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
3.3.3.3         4   200       4       4        1    0    0 00:00:32        0

Below I create adjacencies between R1 and R2, no ebgp multi-hop command is needed because these are internal BGP peers, both in AS 100.

R1(config)#router bgp 100
R1(config-router)#neighbor 2.2.2.2 remote-as 100
R1(config-router)#neighbor 2.2.2.2 update-source loopback 0

R2(config)#router bgp 100
R2(config-router)#neighbor 1.1.1.1 remote-as 100
R2(config-router)#neighbor 1.1.1.1 update-source loopback 0
R2(config-router)#       
*Mar  1 00:44:01.574: %BGP-5-ADJCHANGE: neighbor 1.1.1.1 Up 

R1 now has adjacencies with both R2 and R3.

R1#show ip bgp sum
BGP router identifier 1.1.1.1, local AS number 100
BGP table version is 1, main routing table version 1

Neighbor        V    AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
2.2.2.2         4   100       4       4        1    0    0 00:00:42        0
3.3.3.3         4   200       8       8        1    0    0 00:04:55        0

Similar to OSPF, to advise a route into BGP we use the network command along with the actual mask not the inverse mask. The mask isn't required but can cause problems when classful boundaries are overlapping. 

R3(config)#router bgp 200
R3(config-router)#network 3.3.3.3 mask 255.255.255.255
R3(config-router)#network 33.33.33.33 mask 255.255.255.255     

The show ip bgp command will show the routes learned by BGP. Both routes are valid and best. BGP has many attributes that decide which route is valid and best when multiple routes to a destination are known.

R1#show ip bgp   
BGP table version is 4, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 3.3.3.3/32       3.3.3.3                  0             0 200 i
*> 33.33.33.33/32   3.3.3.3                  0             0 200 i


Posted by No comments:

Wednesday, October 24, 2012

BGP Neighbors with physical interfaces



BGP is an external gateway protocol that is used between autonomous systems. Normally these are seen inside of an ISP network or between an enterprise network with multiple ISPs.  Unlike EIGRP the  AS number doesn't have to match to become a peer but it is classified differently. An IBGP is a peer between two spokes with the same AS number and an EBGP is a peer between two spokes with different AS numbers. BGP doesn't automatically detect a neighbor so a neighbor command is used along with the remote as number. In the example below I configured a peers using the connected interfaces.


R1(config)#router bgp 100
R1(config-router)#neighbor 172.12.123.2 remote-as 100
R1(config-router)#neighbor 172.12.123.3 remote-as 200

R2(config)#router bgp 100
R2(config-router)#neighbor 172.12.123.1 remote-as 100
*Mar  1 00:49:35.068: %BGP-5-ADJCHANGE: neighbor 172.12.123.21Up 

R3(config)#router bgp 200
R3(config-router)#neighbor 172.12.123.1 remote-as 100
R3(config-router)#
*Mar  1 00:53:12.084: %BGP-5-ADJCHANGE: neighbor 172.12.123.1 Up 

Using the ip BGP summary command I can see a summary of the neighbor relationships. An empty State means it's established or you can use the ip bgp neighbor command to see the state of the relationship.

R1#show ip bgp sum          
BGP router identifier 172.12.123.1, local AS number 100
BGP table version is 1, main routing table version 1

Neighbor        V    AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
172.12.123.2    4   100      10      10        1    0    0 00:06:10        0
172.12.123.3    4   200       6       6        1    0    0 00:02:32        0

R1#show ip bgp neighbors 172.12.123.3          
BGP neighbor is 172.12.123.3,  remote AS 200, external link
  BGP version 4, remote router ID 172.12.123.3
  BGP state = Established, up for 00:02:54
  Last read 00:00:54, hold time is 180, keepalive interval is 60 seconds
  Neighbor capabilities:
    Route refresh: advertised and received(old & new)
    Address family IPv4 Unicast: advertised and received.....................

Also the type of peer is shown as internal (ibgp)or external (ebgp)

R1#show ip bgp neighbors 172.12.123.2
BGP neighbor is 172.12.123.2,  remote AS 100, internal link
  BGP version 4, remote router ID 172.12.123.2
  BGP state = Established, up for 00:06:57
  Last read 00:00:56, hold time is 180, keepalive interval is 60 seconds
  Neighbor capabilities:
    Route refresh: advertised and received(old & new)
    Address family IPv4 Unicast: advertised and received.......................................


Posted by No comments:

Sunday, October 21, 2012

OSPF Neighbor Authentication


Neighbor authentication is pretty straightforward, there is a clear text and md5 option. I show the md5 option, clear test is similar just minus the md5 stuff in the command. Adjacencies will break when setting up authentication.

R1(config-if)#ip ospf authentication message-digest

R1(config-if)#ip ospf message-digest-key 1 md5 CCNP



R1(config-if)#
R1#
*Mar  1 01:03:18.335: %SYS-5-CONFIG_I: Configured from console by console
*Mar  1 01:03:23.375: %OSPF-5-ADJCHG: Process 1, Nbr 2.2.2.2 on Serial0/0 from FULL to DOWN, Neighbor Down: Dead timer expired
*Mar  1 01:03:35.407: %OSPF-5-ADJCHG: Process 1, Nbr 3.3.3.3 on Serial0/0 from FULL to DOWN, Neighbor Down: Dead timer expired


R2(config)#interface serial 0/0
R2(config-if)#ip ospf authentication message-digest
R2(config-if)#ip ospf message-digest-key 1 md5 CCNP




R3(config)#int serial 0/0
R3(config-if)#ip ospf message-digest-key 1 md5 CCNP
R3(config-if)#ip ospf authentication message-digest


R1#show ip ospf neighbor

Neighbor ID     Pri   State           Dead Time   Address         Interface
2.2.2.2           0   FULL/DROTHER    00:01:46    172.12.123.2    Serial0/0
3.3.3.3           0   FULL/DROTHER    00:01:58    172.12.123.3    Serial0/0

Posted by No comments:

OSPF Area-Based Route Summarization


Area 0 can't  be a stub area so if you need to reduce the routing table there is also route summarization. Looking at R3 I can see the OSPF table is bit lengthy, so I will summarize both IA and E1 routes. E2 is the default OSPF external route type but I changed it with the metric-type command when I redistributed them into OSPF. There are two different ways to summarize routes depending on the type of routes you want summarize. First I will redistribute inter-area routes using the area range command. I will summarize 8.0.0.0,9.0.0.0 and 10.0.0.0. The binary results gives me a 8.0.0.0 248.0.0.0 summary address. The area is the area in which the routes originated from not where they are going for the area range command.



R3#show ip route ospf
     1.0.0.0/32 is subnetted, 1 subnets
O IA    1.1.1.1 [110/65] via 172.12.123.1, 00:07:11, Serial0/0
     2.0.0.0/32 is subnetted, 1 subnets
O IA    2.2.2.2 [110/65] via 172.12.123.2, 00:07:11, Serial0/0
     5.0.0.0/32 is subnetted, 1 subnets
O E1    5.1.1.1 [110/84] via 172.12.123.1, 00:03:54, Serial0/0
     6.0.0.0/32 is subnetted, 1 subnets
O E1    6.1.1.1 [110/84] via 172.12.123.1, 00:03:54, Serial0/0
     7.0.0.0/32 is subnetted, 1 subnets
O E1    7.1.1.1 [110/84] via 172.12.123.1, 00:03:54, Serial0/0
     8.0.0.0/32 is subnetted, 1 subnets
O IA    8.1.1.1 [110/65] via 172.12.123.1, 00:00:02, Serial0/0
     9.0.0.0/32 is subnetted, 1 subnets
O IA    9.1.1.1 [110/65] via 172.12.123.1, 00:00:02, Serial0/0
     10.0.0.0/32 is subnetted, 1 subnets
O IA    10.1.1.1 [110/65] via 172.12.123.1, 00:00:02, Serial0/0
     15.0.0.0/24 is subnetted, 1 subnets
O E1    15.1.1.0 [110/84] via 172.12.123.1, 00:03:54, Serial0/0





R1(config)#router ospf 1
R1(config-router)#area 1 range 8.0.0.0 248.0.0.0 


I can see that the routes are not summarize into OIA 8.0.0.0/5, the route is smaller but now I will summarize the external routes.



R3#show ip route ospf
     1.0.0.0/32 is subnetted, 1 subnets
O IA    1.1.1.1 [110/65] via 172.12.123.1, 00:06:35, Serial0/0
     2.0.0.0/32 is subnetted, 1 subnets
O IA    2.2.2.2 [110/65] via 172.12.123.2, 00:06:35, Serial0/0
     5.0.0.0/32 is subnetted, 1 subnets
O E1    5.1.1.1 [110/84] via 172.12.123.1, 00:03:18, Serial0/0
     6.0.0.0/32 is subnetted, 1 subnets
O E1    6.1.1.1 [110/84] via 172.12.123.1, 00:03:18, Serial0/0
     7.0.0.0/32 is subnetted, 1 subnets
O E1    7.1.1.1 [110/84] via 172.12.123.1, 00:03:18, Serial0/0
     15.0.0.0/24 is subnetted, 1 subnets
O E1    15.1.1.0 [110/84] via 172.12.123.1, 00:03:18, Serial0/0
O IA 8.0.0.0/5 [110/65] via 172.12.123.1, 00:03:23, Serial0/0


To summarize external routes I use the command summary-address, the routes are 5.1.1.1,6.1.1.1.1,7.1.1.1 that I want summarize. The binary result gives me 4.0.0.0 with a mask of 252.0.0.0.

R1(config)#router ospf 1
R1(config-router)#summary-address 4.0.0.0 252.0.0.0

I can now see the summary address of O E1 4.0.0.0, the summary address takes the type of the routes being summarize. The ip routing table is now much smaller. Connectivity is still working.

R3#show ip route ospf
     1.0.0.0/32 is subnetted, 1 subnets
O IA    1.1.1.1 [110/65] via 172.12.123.1, 00:13:43, Serial0/0
     2.0.0.0/32 is subnetted, 1 subnets
O IA    2.2.2.2 [110/65] via 172.12.123.2, 00:13:43, Serial0/0
     15.0.0.0/24 is subnetted, 1 subnets
O E1    15.1.1.0 [110/84] via 172.12.123.1, 00:06:13, Serial0/0
O E1 4.0.0.0/6 [110/84] via 172.12.123.1, 00:00:01, Serial0/0
O IA 8.0.0.0/5 [110/65] via 172.12.123.1, 00:06:18, Serial0/0

R3#ping 5.1.1.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 5.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 32/49/88 ms
R3#



Posted by No comments:

Friday, October 19, 2012

OSPF NSSA-NSSTSA

The general rule with OSPF is that you can't make an ASBR  a stub router but it is possible by bending the rules with a Not So Stubby Area. At this point the above configuration has been configured. What if we needed R3 to be an ASBR by redistributing another ospf route 14.14.14.14, area 34 could not be a stub area anymore because of the stub network rules. NSSA uses Type 7 LSAs to allow this breakage of the rules.


R3(config)#int lo14

R3(config-if)#ip address 14.14.14.14 255.255.255.255
R3(config-if)#router ospf 1
R3(config-router)#redistribute connected subnets



R1#show ip route ospf
     2.0.0.0/32 is subnetted, 1 subnets
O IA    2.2.2.2 [110/65] via 172.12.123.2, 00:01:02, Serial0/0
     3.0.0.0/32 is subnetted, 1 subnets
O IA    3.3.3.3 [110/65] via 172.12.123.3, 00:01:02, Serial0/0
     172.34.0.0/24 is subnetted, 1 subnets
O IA    172.34.34.0 [110/65] via 172.12.123.3, 00:01:02, Serial0/0
     14.0.0.0/32 is subnetted, 1 subnets
O E2    14.14.14.14 [110/20] via 172.12.123.3, 00:01:02, Serial0/0

R1#show ip route rip  
R    5.0.0.0/8 [120/1] via 15.0.0.5, 00:00:21, FastEthernet0/0
R    6.0.0.0/8 [120/1] via 15.0.0.5, 00:00:21, FastEthernet0/0
R    7.0.0.0/8 [120/1] via 15.0.0.5, 00:00:21, FastEthernet0/0

R2#show ip route ospf 
     1.0.0.0/32 is subnetted, 1 subnets
O IA    1.1.1.1 [110/65] via 172.12.123.1, 00:06:53, Serial0/0
     3.0.0.0/32 is subnetted, 1 subnets
O IA    3.3.3.3 [110/65] via 172.12.123.3, 00:06:53, Serial0/0
O E2 5.0.0.0/8 [110/20] via 172.12.123.1, 00:00:41, Serial0/0
O E2 6.0.0.0/8 [110/20] via 172.12.123.1, 00:00:41, Serial0/0
     172.34.0.0/24 is subnetted, 1 subnets
O IA    172.34.34.0 [110/65] via 172.12.123.3, 00:06:53, Serial0/0
O E2 7.0.0.0/8 [110/20] via 172.12.123.1, 00:00:41, Serial0/0
O E2 15.0.0.0/8 [110/20] via 172.12.123.1, 00:00:31, Serial0/0

R3#show ip route ospf 
     1.0.0.0/32 is subnetted, 1 subnets
O IA    1.1.1.1 [110/65] via 172.12.123.1, 00:07:28, Serial0/0
     2.0.0.0/32 is subnetted, 1 subnets
O IA    2.2.2.2 [110/65] via 172.12.123.2, 00:07:28, Serial0/0
O E2 5.0.0.0/8 [110/20] via 172.12.123.1, 00:01:16, Serial0/0
O E2 6.0.0.0/8 [110/20] via 172.12.123.1, 00:01:16, Serial0/0
O E2 7.0.0.0/8 [110/20] via 172.12.123.1, 00:01:16, Serial0/0
O E2 15.0.0.0/8 [110/20] via 172.12.123.1, 00:01:06, Serial0/0


R4#show ip route ospf 
     1.0.0.0/32 is subnetted, 1 subnets
O IA    1.1.1.1 [110/66] via 172.34.34.3, 00:10:16, FastEthernet0/0
     2.0.0.0/32 is subnetted, 1 subnets
O IA    2.2.2.2 [110/66] via 172.34.34.3, 00:10:16, FastEthernet0/0
     3.0.0.0/32 is subnetted, 1 subnets
O IA    3.3.3.3 [110/2] via 172.34.34.3, 00:10:16, FastEthernet0/0
O E2 5.0.0.0/8 [110/20] via 172.34.34.3, 00:00:34, FastEthernet0/0
O E2 6.0.0.0/8 [110/20] via 172.34.34.3, 00:00:34, FastEthernet0/0
     172.12.0.0/24 is subnetted, 1 subnets
O IA    172.12.123.0 [110/65] via 172.34.34.3, 00:10:16, FastEthernet0/0
O E2 7.0.0.0/8 [110/20] via 172.34.34.3, 00:00:34, FastEthernet0/0
O E2 15.0.0.0/8 [110/20] via 172.34.34.3, 00:00:24, FastEthernet0/0

R5#show ip route rip
     1.0.0.0/32 is subnetted, 1 subnets
R       1.1.1.1 [120/2] via 15.0.0.1, 00:00:06, FastEthernet0/0
     2.0.0.0/32 is subnetted, 1 subnets
R       2.2.2.2 [120/2] via 15.0.0.1, 00:00:06, FastEthernet0/0
     3.0.0.0/32 is subnetted, 1 subnets
R       3.3.3.3 [120/2] via 15.0.0.1, 00:00:06, FastEthernet0/0
     172.12.0.0/24 is subnetted, 1 subnets
R       172.12.123.0 [120/2] via 15.0.0.1, 00:00:06, FastEthernet0/0
     172.34.0.0/24 is subnetted, 1 subnets
R       172.34.34.0 [120/2] via 15.0.0.1, 00:00:06, FastEthernet0/0

Now we want to make our routing tables complete yet concise and realize that R4 next hop address are all through area 34 to R3. We want to create a stub area but we can't because R3 is ASBR but with the NSSA command we still can. 


R3(config-router)#area 34 nssa    
R3(config-router)#
*Mar  1 00:47:59.031: %OSPF-5-ADJCHG: Process 1, Nbr 172.34.34.4 on FastEthernet0/0 from FULL to DOWN, Neighbor Down: Adjacency forced to reset

R4(config-router)#area 34 nssa
R4(config-router)#
*Mar  1 00:48:15.069: %OSPF-5-ADJCHG: Process 1, Nbr 3.3.3.3 on FastEthernet0/0 from FULL to DOWN, Neighbor Down: Adjacency forced to reset
*Mar  1 00:48:18.711: %OSPF-5-ADJCHG: Process 1, Nbr 3.3.3.3 on FastEthernet0/0 from LOADING to FULL, Loading Done

R4 now has all external routes removed from the table but we can still make it smaller by using the no summary command, which is called a not so stubby total stub area.

R4#show ip route ospf 
     1.0.0.0/32 is subnetted, 1 subnets
O IA    1.1.1.1 [110/66] via 172.34.34.3, 00:00:24, FastEthernet0/0
     2.0.0.0/32 is subnetted, 1 subnets
O IA    2.2.2.2 [110/66] via 172.34.34.3, 00:00:24, FastEthernet0/0
     3.0.0.0/32 is subnetted, 1 subnets
O IA    3.3.3.3 [110/2] via 172.34.34.3, 00:00:24, FastEthernet0/0
     172.12.0.0/24 is subnetted, 1 subnets
O IA    172.12.123.0 [110/65] via 172.34.34.3, 00:00:24, FastEthernet0/0
     14.0.0.0/32 is subnetted, 1 subnets
O N2    14.14.14.14 [110/20] via 172.34.34.3, 00:00:24, FastEthernet0/0

R3(config-router)#area 34 nssa no-summary 

R4(config-router)#area 34 nssa no-summary

R4 has a default no summary route now like we had before with a total stub area.

R4#show ip route ospf 
     14.0.0.0/32 is subnetted, 1 subnets
O N2    14.14.14.14 [110/20] via 172.34.34.3, 00:00:23, FastEthernet0/0
O*IA 0.0.0.0/0 [110/2] via 172.34.34.3, 00:00:28, FastEthernet0/0

Posted by No comments:

Monday, October 8, 2012

Starting up Blog Again

I took a break from studying for my CCNP. I'm back on track and should be taking the route exam in a few weeks.
Posted by No comments:
Subscribe to: Posts (Atom)