Topology:
Routers R3 and R4 are IOS-XR routers, the rest are IOS routers.
Service Provider routers are R2, R2, R3 & R5.
Customer A routers are R4 and R8.
Customer B routers are R6 and R7.
Links between PE and CE routers are numbered from the SP address space.
Example link R2-R4 is allocated prefix 17.0.24/24
Configure loopback0 interfaces and links between all routers for initial configuration.
Requirements:
1. Configure ISIS as SP IGP.
2. Minimize the number of iBGP sessions in SP network.
3. In iBGP, only exchange address-families required for this task.
4. Provide connectivity between routers of Customer A - R6 and R7. Do not use any dynamic routing protocols. Customer A routers do not have any other links, except those depicted in this topology.
5. Provide connectivity between routers of Customer B - R4 and R8. Customer B use OSPF as IGP, with all interfaces configured in area 0. Customer B routers should see each other prefixes as IA OSPF routes.
Solution:
Highlight the text below to reveal the solution.
This task requires understanding of the following technologies:
ISIS
OSPF
MP-BGP
MPLS L3VPN
Requirement #2 - configure R1 as route-reflector to minimize the amount of iBGP sessions in SP network.
Requirement #3 - disable ipv4 address family in SP BGP. only vpnv4 address family is required for this task.
Requirement #4 - configure static default routes on Customer A routers. on PE routers, redistribute static and connected.
Requirement #5 - configure OSPF on PE-CE links. in order for routes to appear as OSPF IA, OSPF domain should match between the PE routers R2 and R3. In this solution, domain- id from IOS-XR R3 was manually configured on IOS R2 router.
!
interface Loopback0
ip address 17.0.1.1 255.255.255.255
ip router isis CCIE
!
interface Ethernet0/0
ip address 17.0.12.1 255.255.255.0
ip router isis CCIE
!
interface Ethernet0/1
ip address 17.0.13.1 255.255.255.0
ip router isis CCIE
!
interface Ethernet0/2
ip address 17.0.15.1 255.255.255.0
ip router isis CCIE
!
This task requires understanding of the following technologies:
ISIS
OSPF
MP-BGP
MPLS L3VPN
Requirement #2 - configure R1 as route-reflector to minimize the amount of iBGP sessions in SP network.
Requirement #3 - disable ipv4 address family in SP BGP. only vpnv4 address family is required for this task.
Requirement #4 - configure static default routes on Customer A routers. on PE routers, redistribute static and connected.
Requirement #5 - configure OSPF on PE-CE links. in order for routes to appear as OSPF IA, OSPF domain should match between the PE routers R2 and R3. In this solution, domain- id from IOS-XR R3 was manually configured on IOS R2 router.
R1:
!
interface Loopback0
ip address 17.0.1.1 255.255.255.255
ip router isis CCIE
!
interface Ethernet0/0
ip address 17.0.12.1 255.255.255.0
ip router isis CCIE
!
interface Ethernet0/1
ip address 17.0.13.1 255.255.255.0
ip router isis CCIE
!
interface Ethernet0/2
ip address 17.0.15.1 255.255.255.0
ip router isis CCIE
!
!
router isis CCIE
mpls ldp autoconfig
net 49.0017.0000.0000.0001.00
is-type level-2-only
!
router bgp 17
bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor CLIENTS peer-group
neighbor CLIENTS remote-as 17
neighbor CLIENTS update-source Loopback0
neighbor 17.0.2.2 peer-group CLIENTS
neighbor 17.0.3.3 peer-group CLIENTS
neighbor 17.0.5.5 peer-group CLIENTS
!
address-family ipv4
exit-address-family
!
address-family vpnv4
neighbor CLIENTS send-community both
neighbor CLIENTS route-reflector-client
neighbor 17.0.2.2 activate
neighbor 17.0.3.3 activate
neighbor 17.0.5.5 activate
exit-address-family
!
R2:
!
vrf definition CUST_A
rd 67:1
route-target export 67:1
route-target import 67:1
!
address-family ipv4
exit-address-family
!
vrf definition CUST_B
rd 48:1
route-target export 48:1
route-target import 48:1
!
address-family ipv4
exit-address-family
!
!
interface Loopback0
ip address 17.0.2.2 255.255.255.255
ip router isis CCIE
!
interface Ethernet0/0
ip address 17.0.12.2 255.255.255.0
ip router isis CCIE
!
!
interface Ethernet1/0
vrf forwarding CUST_B
ip address 17.0.24.2 255.255.255.0
ip ospf 1 area 0
!
interface Ethernet1/1
vrf forwarding CUST_A
ip address 17.0.27.2 255.255.255.0
!
!
router ospf 1 vrf CUST_B
router-id 2.2.2.2
domain-id type 0005 value 000000000001
redistribute bgp 17 subnets
!
router isis CCIE
mpls ldp autoconfig
net 49.0017.0000.0000.0002.00
is-type level-2-only
!
router bgp 17
bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor 17.0.1.1 remote-as 17
neighbor 17.0.1.1 update-source Loopback0
!
address-family ipv4
exit-address-family
!
address-family vpnv4
neighbor 17.0.1.1 activate
neighbor 17.0.1.1 send-community both
exit-address-family
!
address-family ipv4 vrf CUST_A
redistribute connected
redistribute static
exit-address-family
!
address-family ipv4 vrf CUST_B
redistribute connected
redistribute ospf 1
exit-address-family
!
ip route vrf CUST_A 192.168.7.0 255.255.255.0 17.0.27.7
!
R3:
vrf CUST_B
address-family ipv4 unicast
import route-target
48:1
!
export route-target
48:1
!
!
!
!
interface Loopback0
ipv4 address 17.0.3.3 255.255.255.255
!
interface GigabitEthernet0/0/0/0
ipv4 address 17.0.13.3 255.255.255.0
!
interface GigabitEthernet0/0/0/1
vrf CUST_B
ipv4 address 17.0.38.3 255.255.255.0
!
router isis CCIE
is-type level-2-only
net 49.0017.0000.0000.0003.00
interface Loopback0
address-family ipv4 unicast
!
!
interface GigabitEthernet0/0/0/0
address-family ipv4 unicast
!
!
!
router ospf CUST_B
vrf CUST_B
router-id 3.3.3.3
domain-id type 0005 value 000000000001
redistribute bgp 17
area 0
interface GigabitEthernet0/0/0/1
!
!
!
!
router bgp 17
address-family vpnv4 unicast
!
neighbor 17.0.1.1
remote-as 17
update-source Loopback0
address-family vpnv4 unicast
!
!
vrf CUST_B
rd 48:1
address-family ipv4 unicast
redistribute ospf CUST_B
!
!
!
!
mpls ldp
interface GigabitEthernet0/0/0/0
!
!
R4:
!
interface Loopback0
ipv4 address 10.10.4.4 255.255.255.255
!
interface GigabitEthernet0/0/0/0
ipv4 address 17.0.24.4 255.255.255.0
!
router ospf 1
router-id 10.10.4.4
area 0
interface Loopback0
!
interface GigabitEthernet0/0/0/0
!
!
!
R5:
!
vrf definition CUST_A
rd 67:1
route-target export 67:1
route-target import 67:1
!
address-family ipv4
exit-address-family
!
!
interface Loopback0
ip address 17.0.5.5 255.255.255.255
ip router isis CCIE
!
interface Ethernet0/0
ip address 17.0.15.5 255.255.255.0
ip router isis CCIE
!
!
interface Ethernet1/0
vrf forwarding CUST_A
ip address 17.0.56.5 255.255.255.0
!
!
router isis CCIE
mpls ldp autoconfig
net 49.0017.0000.0000.0005.00
is-type level-2-only
!
router bgp 17
bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor 17.0.1.1 remote-as 17
neighbor 17.0.1.1 update-source Loopback0
!
address-family ipv4
exit-address-family
!
address-family vpnv4
neighbor 17.0.1.1 activate
neighbor 17.0.1.1 send-community both
exit-address-family
!
address-family ipv4 vrf CUST_A
redistribute connected
redistribute static
exit-address-family
!
ip route vrf CUST_A 192.168.6.0 255.255.255.0 17.0.56.6
!
R6:
!
interface Loopback0
ip address 192.168.6.6 255.255.255.255
!
interface Ethernet0/0
ip address 17.0.56.6 255.255.255.0
!
ip route 0.0.0.0 0.0.0.0 17.0.56.5
!
R7:
!
interface Loopback0
ip address 192.168.7.7 255.255.255.255
!
interface Ethernet0/0
ip address 17.0.27.7 255.255.255.0
!
ip route 0.0.0.0 0.0.0.0 17.0.27.2
!
R8:
!
interface Loopback0
ip address 10.10.8.8 255.255.255.255
ip ospf 1 area 0
!
interface Ethernet0/0
ip address 17.0.38.8 255.255.255.0
ip ospf 1 area 0
!
router ospf 1
router-id 10.10.8.8
!
Verification:
R1#show bgp all
For address family: IPv4 Unicast
For address family: VPNv4 Unicast
BGP table version is 19, local router ID is 17.0.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 48:1
*>i 10.10.4.4/32 17.0.2.2 11 100 0 ?
*>i 10.10.8.8/32 17.0.3.3 2 100 0 ?
*>i 17.0.24.0/24 17.0.2.2 0 100 0 ?
*>i 17.0.38.0/24 17.0.3.3 0 100 0 ?
Route Distinguisher: 67:1
*>i 17.0.27.0/24 17.0.2.2 0 100 0 ?
*>i 17.0.56.0/24 17.0.5.5 0 100 0 ?
*>i 192.168.6.0 17.0.5.5 0 100 0 ?
*>i 192.168.7.0 17.0.2.2 0 100 0 ?
Network Next Hop Metric LocPrf Weight Path
For address family: IPv4 Multicast
R1#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
17.0.0.0/8 is variably subnetted, 10 subnets, 2 masks
C 17.0.1.1/32 is directly connected, Loopback0
i L2 17.0.2.2/32 [115/20] via 17.0.12.2, 10:12:16, Ethernet0/0
i L2 17.0.3.3/32 [115/20] via 17.0.13.3, 10:09:16, Ethernet0/1
i L2 17.0.5.5/32 [115/20] via 17.0.15.5, 10:12:06, Ethernet0/2
C 17.0.12.0/24 is directly connected, Ethernet0/0
L 17.0.12.1/32 is directly connected, Ethernet0/0
C 17.0.13.0/24 is directly connected, Ethernet0/1
L 17.0.13.1/32 is directly connected, Ethernet0/1
C 17.0.15.0/24 is directly connected, Ethernet0/2
L 17.0.15.1/32 is directly connected, Ethernet0/2
R2# show bgp all
For address family: IPv4 Unicast
For address family: VPNv4 Unicast
BGP table version is 25, local router ID is 17.0.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 48:1 (default for vrf CUST_B)
*> 10.10.4.4/32 17.0.24.4 11 32768 ?
*>i 10.10.8.8/32 17.0.3.3 2 100 0 ?
*> 17.0.24.0/24 0.0.0.0 0 32768 ?
*>i 17.0.38.0/24 17.0.3.3 0 100 0 ?
Route Distinguisher: 67:1 (default for vrf CUST_A)
*> 17.0.27.0/24 0.0.0.0 0 32768 ?
*>i 17.0.56.0/24 17.0.5.5 0 100 0 ?
*>i 192.168.6.0 17.0.5.5 0 100 0 ?
*> 192.168.7.0 17.0.27.7 0 32768 ?
Network Next Hop Metric LocPrf Weight Path
For address family: IPv4 Multicast
RP/0/0/CPU0:R3#show bgp all all
Tue Jan 5 08:01:07.307 UTC
Address Family: VPNv4 Unicast
-----------------------------
BGP router identifier 17.0.3.3, local AS number 17
BGP generic scan interval 60 secs
BGP table state: Active
Table ID: 0x0 RD version: 0
BGP main routing table version 20
BGP scan interval 60 secs
Status codes: s suppressed, d damped, h history, * valid, > best
i - internal, r RIB-failure, S stale, N Nexthop-discard
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 48:1 (default for vrf CUST_B)
*>i10.10.4.4/32 17.0.2.2 11 100 0 ?
*> 10.10.8.8/32 17.0.38.8 2 32768 ?
*>i17.0.24.0/24 17.0.2.2 0 100 0 ?
*> 17.0.38.0/24 0.0.0.0 0 32768 ?
Processed 4 prefixes, 4 paths
RP/0/0/CPU0:R4#show route ipv4
Tue Jan 5 08:01:36.885 UTC
Codes: C - connected, S - static, R - RIP, B - BGP, (>) - Diversion path
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - ISIS, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, su - IS-IS summary null, * - candidate default
U - per-user static route, o - ODR, L - local, G - DAGR
A - access/subscriber, a - Application route, (!) - FRR Backup path
Gateway of last resort is not set
L 10.10.4.4/32 is directly connected, 05:35:58, Loopback0
O IA 10.10.8.8/32 [110/3] via 17.0.24.2, 05:14:04, GigabitEthernet0/0/0/0
C 17.0.24.0/24 is directly connected, 05:35:58, GigabitEthernet0/0/0/0
L 17.0.24.4/32 is directly connected, 05:35:58, GigabitEthernet0/0/0/0
O IA 17.0.38.0/24 [110/2] via 17.0.24.2, 05:14:04, GigabitEthernet0/0/0/0
R8# sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
10.0.0.0/32 is subnetted, 2 subnets
O IA 10.10.4.4 [110/21] via 17.0.38.3, 05:15:04, Ethernet0/0
C 10.10.8.8 is directly connected, Loopback0
17.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
O IA 17.0.24.0/24 [110/11] via 17.0.38.3, 05:15:06, Ethernet0/0
C 17.0.38.0/24 is directly connected, Ethernet0/0
L 17.0.38.8/32 is directly connected, Ethernet0/0
R8#traceroute 10.10.4.4 source 10.10.8.8 numeric
Type escape sequence to abort.
Tracing the route to 10.10.4.4
VRF info: (vrf in name/id, vrf out name/id)
1 17.0.38.3 1 msec 0 msec 0 msec
2 17.0.13.1 [MPLS: Labels 16/25 Exp 0] 2 msec 2 msec 2 msec
3 17.0.24.2 [MPLS: Label 25 Exp 0] 2 msec 1 msec 1 msec
4 17.0.24.4 3 msec * 3 msec
R6# traceroute 192.168.7.7 source 192.168.6.6 numeric
Type escape sequence to abort.
Tracing the route to 192.168.7.7
VRF info: (vrf in name/id, vrf out name/id)
1 17.0.56.5 5 msec 6 msec 4 msec
2 17.0.15.1 [MPLS: Labels 16/22 Exp 0] 6 msec 5 msec 7 msec
3 17.0.27.2 [MPLS: Label 22 Exp 0] 5 msec 5 msec 5 msec
4 17.0.27.7 5 msec 6 msec 6 msec
