Topology:
Configure loopback0 interfaces and links between routers for initial configuration.
All routers are IOS.
Use the following networks for links between routers in different autonomous systems:
R1-R5: 35.0.15/24
R1-R8: 38.0.18/24
R3-R6: 36.0.36/24
R3-R9: 39.0.39/24
R5-R6: 35.0.56/24
R5-R8: 35.0.58/24
R6-R8: 36.0.68/24
R6-R9: 36.0.69/24
R8-R9: 38.0.89/24
AS35, AS36, AS38 and AS 39 are 4 interconnected ISPs.
Site A and Site B are two customer sites which use private IP address scheme internally.
R2 and R4 represent internal hosts inside customer sites.
Routers R7 and R10 are customer owned routers collocated at ISPs AS35 and AS39.
Requirements:
1. Configure each ISP (AS35, AS36, AS38 and AS39) to advertise its IPv4 prefix to neighbors via eBGP.
2. Configure links between Site A and Site B to upstream ISPs. DO NOT run eBGP between customer and ISP routers.
3. Configure the network to allow connectivity between Site A and Site B internal private networks (R2 to R4). Only apply configuration on customer owned devices to complete this requirement.
4. Traffic between site A and Site B shall be balanced between the two upstream links.
5. The configuration shall allow the customer site to change it's upstream provider, without requiring configuration changes to other customer sites.
6. Do not use NAT to complete this task.
Solution:
Highlight the text below to reveal the solution.
This task requires understanding of LISP, and configuration of LISP on IOS platform.
This is example of basic LISP configuration with single xTR per site and two MR/MS elements.
Requirement #5 implies the use of LISP, since using any type of direct tunnels between sites, requires configuring the tunnel destination address at the tunnel headend. LISP solves this "issue" by using MR/MS element to store and resolve the EID to RLOC addresses mappings.
Use routers R1 and R3 as xTR devices, and R7 and R10 as MR/MS devices to solve this task.
!
interface Ethernet0/0
ip address 35.0.15.1 255.255.255.0
!
interface Ethernet0/1
ip address 38.0.18.1 255.255.255.0
!
interface Ethernet0/2
ip address 10.1.12.1 255.255.255.0
!
This task requires understanding of LISP, and configuration of LISP on IOS platform.
This is example of basic LISP configuration with single xTR per site and two MR/MS elements.
Requirement #5 implies the use of LISP, since using any type of direct tunnels between sites, requires configuring the tunnel destination address at the tunnel headend. LISP solves this "issue" by using MR/MS element to store and resolve the EID to RLOC addresses mappings.
Use routers R1 and R3 as xTR devices, and R7 and R10 as MR/MS devices to solve this task.
R1:
!
interface Ethernet0/0
ip address 35.0.15.1 255.255.255.0
!
interface Ethernet0/1
ip address 38.0.18.1 255.255.255.0
!
interface Ethernet0/2
ip address 10.1.12.1 255.255.255.0
!
!
router lisp
database-mapping 10.1.0.0/16 35.0.15.1 priority 100 weight 50
database-mapping 10.1.0.0/16 38.0.18.1 priority 100 weight 50
ipv4 itr map-resolver 35.0.57.7
ipv4 itr map-resolver 39.0.109.10
ipv4 itr
ipv4 etr map-server 35.0.57.7 key STRONG
ipv4 etr map-server 39.0.109.10 key STRONG
ipv4 etr
exit
!
ip route 0.0.0.0 0.0.0.0 35.0.15.5
ip route 0.0.0.0 0.0.0.0 38.0.18.8
R2:
!
interface Ethernet0/0
ip address 10.1.12.2 255.255.255.0
!
ip route 0.0.0.0 0.0.0.0 10.1.12.1
R3:
!
interface Ethernet0/0
ip address 36.0.36.3 255.255.255.0
!
interface Ethernet0/1
ip address 39.0.39.3 255.255.255.0
!
interface Ethernet0/2
ip address 10.3.34.3 255.255.255.0
!
!
router lisp
database-mapping 10.3.0.0/16 36.0.36.3 priority 100 weight 50
database-mapping 10.3.0.0/16 39.0.39.3 priority 100 weight 50
ipv4 itr map-resolver 35.0.57.7
ipv4 itr map-resolver 39.0.109.10
ipv4 itr
ipv4 etr map-server 35.0.57.7 key STRONG
ipv4 etr map-server 39.0.109.10 key STRONG
ipv4 etr
exit
!
ip route 0.0.0.0 0.0.0.0 36.0.36.6
ip route 0.0.0.0 0.0.0.0 39.0.39.9
!
R4:
!
interface Ethernet0/0
ip address 10.3.34.4 255.255.255.0
!
ip route 0.0.0.0 0.0.0.0 10.3.34.3
R5:
!
interface Loopback0
ip address 35.0.5.5 255.255.255.255
!
interface Ethernet0/0
ip address 35.0.56.5 255.255.255.0
!
interface Ethernet0/1
ip address 35.0.57.5 255.255.255.0
!
!
interface Ethernet1/0
ip address 35.0.15.5 255.255.255.0
!
interface Ethernet1/1
ip address 35.0.58.5 255.255.255.0
!
!
router bgp 35
bgp log-neighbor-changes
network 35.0.0.0 mask 255.255.0.0
neighbor 35.0.56.6 remote-as 36
neighbor 35.0.58.8 remote-as 38
!
ip route 35.0.0.0 255.255.0.0 Null0
R6:
!
interface Loopback0
ip address 36.0.6.6 255.255.255.255
!
interface Ethernet0/0
ip address 35.0.56.6 255.255.255.0
!
!
interface Ethernet1/0
ip address 36.0.36.6 255.255.255.0
!
interface Ethernet1/1
ip address 36.0.69.6 255.255.255.0
!
interface Ethernet1/2
ip address 36.0.68.6 255.255.255.0
!
!
router bgp 36
bgp log-neighbor-changes
network 36.0.0.0 mask 255.255.0.0
neighbor 35.0.56.5 remote-as 35
neighbor 36.0.68.8 remote-as 38
neighbor 36.0.69.9 remote-as 39
!
ip route 36.0.0.0 255.255.0.0 Null0
R7:
!
vrf definition MRMS
!
address-family ipv4
exit-address-family
!
!
interface Ethernet0/0
ip address 35.0.57.7 255.255.255.0
!
!
router lisp
site S1
authentication-key STRONG
eid-prefix 10.1.0.0/16
exit
!
site S3
authentication-key STRONG
eid-prefix 10.3.0.0/16
exit
!
ipv4 map-server
ipv4 map-resolver
ipv4 alt-vrf MRMS
exit
!
ip route 0.0.0.0 0.0.0.0 35.0.57.5
R8:
!
interface Loopback0
ip address 38.0.8.8 255.255.255.255
!
interface Ethernet0/0
ip address 38.0.89.8 255.255.255.0
!
!
interface Ethernet1/0
ip address 38.0.18.8 255.255.255.0
!
interface Ethernet1/1
ip address 35.0.58.8 255.255.255.0
!
interface Ethernet1/2
ip address 36.0.68.8 255.255.255.0
!
!
router bgp 38
bgp log-neighbor-changes
network 38.0.0.0 mask 255.255.0.0
neighbor 35.0.58.5 remote-as 35
neighbor 36.0.68.6 remote-as 36
neighbor 38.0.89.9 remote-as 39
!
ip route 38.0.0.0 255.255.0.0 Null0
R9:
!
interface Loopback0
ip address 39.0.9.9 255.255.255.255
!
interface Ethernet0/0
ip address 38.0.89.9 255.255.255.0
!
interface Ethernet0/1
ip address 39.0.109.9 255.255.255.0
!
!
interface Ethernet1/0
ip address 39.0.39.9 255.255.255.0
!
interface Ethernet1/1
ip address 36.0.69.9 255.255.255.0
!
!
router bgp 39
bgp log-neighbor-changes
network 39.0.0.0 mask 255.255.0.0
neighbor 36.0.69.6 remote-as 36
neighbor 38.0.89.8 remote-as 38
!
ip route 39.0.0.0 255.255.0.0 Null0
R10:
!
vrf definition MRMS
!
address-family ipv4
exit-address-family
!
!
!
interface Ethernet0/0
ip address 39.0.109.10 255.255.255.0
!
!
router lisp
site S1
authentication-key STRONG
eid-prefix 10.1.0.0/16
exit
!
site S3
authentication-key STRONG
eid-prefix 10.3.0.0/16
exit
!
ipv4 map-server
ipv4 map-resolver
ipv4 alt-vrf MRMS
exit
!
ip route 0.0.0.0 0.0.0.0 39.0.109.9
Verification:
R2#traceroute 10.3.34.4
Type escape sequence to abort.
Tracing the route to 10.3.34.4
VRF info: (vrf in name/id, vrf out name/id)
1 10.1.12.1 5 msec 5 msec 5 msec
2 35.0.15.5 5 msec 6 msec 5 msec
3 35.0.56.6 6 msec 6 msec 6 msec
4 36.0.36.3 6 msec 1 msec 6 msec
5 10.3.34.4 5 msec 5 msec 6 msec
R1#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is 38.0.18.8 to network 0.0.0.0
S* 0.0.0.0/0 [1/0] via 38.0.18.8
[1/0] via 35.0.15.5
10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 10.1.12.0/24 is directly connected, Ethernet0/2
L 10.1.12.1/32 is directly connected, Ethernet0/2
35.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 35.0.15.0/24 is directly connected, Ethernet0/0
L 35.0.15.1/32 is directly connected, Ethernet0/0
38.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 38.0.18.0/24 is directly connected, Ethernet0/1
L 38.0.18.1/32 is directly connected, Ethernet0/1
R5#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
35.0.0.0/8 is variably subnetted, 10 subnets, 3 masks
S 35.0.0.0/16 is directly connected, Null0
C 35.0.5.5/32 is directly connected, Loopback0
C 35.0.15.0/24 is directly connected, Ethernet1/0
L 35.0.15.5/32 is directly connected, Ethernet1/0
C 35.0.56.0/24 is directly connected, Ethernet0/0
L 35.0.56.5/32 is directly connected, Ethernet0/0
C 35.0.57.0/24 is directly connected, Ethernet0/1
L 35.0.57.5/32 is directly connected, Ethernet0/1
C 35.0.58.0/24 is directly connected, Ethernet1/1
L 35.0.58.5/32 is directly connected, Ethernet1/1
36.0.0.0/16 is subnetted, 1 subnets
B 36.0.0.0 [20/0] via 35.0.56.6, 19:53:05
38.0.0.0/16 is subnetted, 1 subnets
B 38.0.0.0 [20/0] via 35.0.58.8, 19:48:39
39.0.0.0/16 is subnetted, 1 subnets
B 39.0.0.0 [20/0] via 35.0.58.8, 19:44:21
R8# sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
35.0.0.0/8 is variably subnetted, 3 subnets, 3 masks
B 35.0.0.0/16 [20/0] via 35.0.58.5, 19:48:59
C 35.0.58.0/24 is directly connected, Ethernet1/1
L 35.0.58.8/32 is directly connected, Ethernet1/1
36.0.0.0/8 is variably subnetted, 3 subnets, 3 masks
B 36.0.0.0/16 [20/0] via 36.0.68.6, 19:48:51
C 36.0.68.0/24 is directly connected, Ethernet1/2
L 36.0.68.8/32 is directly connected, Ethernet1/2
38.0.0.0/8 is variably subnetted, 6 subnets, 3 masks
S 38.0.0.0/16 is directly connected, Null0
C 38.0.8.8/32 is directly connected, Loopback0
C 38.0.18.0/24 is directly connected, Ethernet1/0
L 38.0.18.8/32 is directly connected, Ethernet1/0
C 38.0.89.0/24 is directly connected, Ethernet0/0
L 38.0.89.8/32 is directly connected, Ethernet0/0
39.0.0.0/16 is subnetted, 1 subnets
B 39.0.0.0 [20/0] via 38.0.89.9, 19:44:41
R7#show lisp site detail
LISP Site Registration Information
Site name: S1
Allowed configured locators: any
Allowed EID-prefixes:
EID-prefix: 10.1.0.0/16
First registered: 19:27:42
Routing table tag: 0
Origin: Configuration
Merge active: No
Proxy reply: No
TTL: 1d00h
State: complete
Registration errors:
Authentication failures: 0
Allowed locators mismatch: 0
ETR 38.0.18.1, last registered 00:00:34, no proxy-reply, no map-notify
TTL 1d00h, no merge, nonce 0xED309F90-0x2290B66F
state complete
Locator Local State Pri/Wgt
35.0.15.1 yes up 100/50
38.0.18.1 yes up 100/50
Site name: S3
Allowed configured locators: any
Allowed EID-prefixes:
EID-prefix: 10.3.0.0/16
First registered: 19:27:42
Routing table tag: 0
Origin: Configuration
Merge active: No
Proxy reply: No
TTL: 1d00h
State: complete
Registration errors:
Authentication failures: 0
Allowed locators mismatch: 0
ETR 39.0.39.3, last registered 00:00:51, no proxy-reply, no map-notify
TTL 1d00h, no merge, nonce 0x259CB080-0x6FBCADEA
state complete
Locator Local State Pri/Wgt
36.0.36.3 yes up 100/50
39.0.39.3 yes up 100/50
R10#show lisp site detail
LISP Site Registration Information
Site name: S1
Allowed configured locators: any
Allowed EID-prefixes:
EID-prefix: 10.1.0.0/16
First registered: 02:19:06
Routing table tag: 0
Origin: Configuration
Merge active: No
Proxy reply: No
TTL: 1d00h
State: complete
Registration errors:
Authentication failures: 0
Allowed locators mismatch: 0
ETR 38.0.18.1, last registered 00:00:09, no proxy-reply, no map-notify
TTL 1d00h, no merge, nonce 0xED309F90-0x2290B66F
state complete
Locator Local State Pri/Wgt
35.0.15.1 yes up 100/50
38.0.18.1 yes up 100/50
Site name: S3
Allowed configured locators: any
Allowed EID-prefixes:
EID-prefix: 10.3.0.0/16
First registered: 02:20:25
Routing table tag: 0
Origin: Configuration
Merge active: No
Proxy reply: No
TTL: 1d00h
State: complete
Registration errors:
Authentication failures: 0
Allowed locators mismatch: 0
ETR 39.0.39.3, last registered 00:00:17, no proxy-reply, no map-notify
TTL 1d00h, no merge, nonce 0x259CB080-0x6FBCADEA
state complete
Locator Local State Pri/Wgt
36.0.36.3 yes up 100/50
39.0.39.3 yes up 100/50