Redistribution Lab

here is the following scenario:

 

R1 is configured with RIPv2 and EIGRP AS100 while both Lo1 and Lo2 are advertised on both protocols, R5 advertise both loopbacks through OSPF to R4.

Note that RIP will advertise all connected interface by default, which i will explain in the next post.

R4 routing table is as follows:

R4#sh ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

       E1 - OSPF external type 1, E2 - OSPF external type 2

       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

       ia - IS-IS inter area, * - candidate default, U - per-user static route

       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

     4.0.0.0/32 is subnetted, 1 subnets

C       4.4.4.4 is directly connected, Loopback0

C    200.0.0.0/24 is directly connected, FastEthernet1/0

     192.168.10.0/32 is subnetted, 1 subnets

O       192.168.10.1 [110/2] via 200.0.0.5, 00:02:32, FastEthernet1/0

     172.10.0.0/24 is subnetted, 1 subnets

D       172.10.0.0 [90/435200] via 10.1.34.3, 00:03:16, FastEthernet0/1

     172.20.0.0/24 is subnetted, 1 subnets

D       172.20.0.0 [90/435200] via 10.1.34.3, 00:03:16, FastEthernet0/1

     192.168.20.0/32 is subnetted, 1 subnets

O       192.168.20.1 [110/2] via 200.0.0.5, 00:02:33, FastEthernet1/0

     10.0.0.0/24 is subnetted, 4 subnets

D       10.1.13.0 [90/307200] via 10.1.34.3, 00:27:54, FastEthernet0/1

R       10.1.12.0 [120/1] via 10.1.24.2, 00:00:18, FastEthernet0/0

C       10.1.24.0 is directly connected, FastEthernet0/0

C       10.1.34.0 is directly connected, FastEthernet0/1

Note that R4 is learning networks 172.10.0.0/24 and 172.20.0.0/24 from R3 through EIGRP, due to lower AD of this protocol. So while redistributing RIP into OSPF, R5 is not learning these networks.

R5 routing table:

R5#        sh ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

       E1 - OSPF external type 1, E2 - OSPF external type 2

       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

       ia - IS-IS inter area, * - candidate default, U - per-user static route

       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

C    200.0.0.0/24 is directly connected, FastEthernet0/0

     5.0.0.0/32 is subnetted, 1 subnets

C       5.5.5.5 is directly connected, Loopback0

C    192.168.10.0/24 is directly connected, Loopback1

C    192.168.20.0/24 is directly connected, Loopback2

     10.0.0.0/24 is subnetted, 3 subnets

O E2    10.1.12.0 [110/20] via 200.0.0.4, 00:00:16, FastEthernet0/0

O E2    10.1.24.0 [110/20] via 200.0.0.4, 00:00:16, FastEthernet0/0

O E2    10.1.34.0 [110/20] via 200.0.0.4, 00:00:16, FastEthernet0/0

In order to allow network 172.10.0.0/24 to be advertised to R5 I have configured a distribute-list on R1:

R1(config)#ip access-list standard NET172

R1(config-std-nacl)#deny 172.10.0.0 0.0.0.255

R1(config-std-nacl)#permit any

R1(config-router)#distribute-list NET172 out fastEthernet 0/1

And the result:

R5#        sh ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

       E1 - OSPF external type 1, E2 - OSPF external type 2

       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

       ia - IS-IS inter area, * - candidate default, U - per-user static route

       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

C    200.0.0.0/24 is directly connected, FastEthernet0/0

     5.0.0.0/32 is subnetted, 1 subnets

C       5.5.5.5 is directly connected, Loopback0

C    192.168.10.0/24 is directly connected, Loopback1

     172.10.0.0/24 is subnetted, 1 subnets

O E2    172.10.0.0 [110/20] via 200.0.0.4, 00:00:13, FastEthernet0/0

C    192.168.20.0/24 is directly connected, Loopback2

     10.0.0.0/24 is subnetted, 3 subnets

O E2    10.1.12.0 [110/20] via 200.0.0.4, 00:09:04, FastEthernet0/0

O E2    10.1.24.0 [110/20] via 200.0.0.4, 00:09:05, FastEthernet0/0

O E2    10.1.34.0 [110/20] via 200.0.0.4, 00:09:05, FastEthernet0/0

But this will prevent from R3 to be a redundant path in case of failure in R2 path or to have load balance between these 2 networks, from R5 to R1 network 172.10.0.0/24 through R3, and from R5 to R1 network 172.20.0.0/24 through R2.

One way I found out to overcome this problem is to redistribute network 172.20.0.0/24 on R1 EIGRP, using a route-map, and by that to give this network an AD of 170 (EIGRP external)

R1(config)#route-map NET172 permit 10

R1(config-route-map)#match interface lo2

R1(config-route-map)#router eigrp 100

R1(config-router)#redistribute connected route-map NET172

R1(config-router)#no network 172.20.0.1 0.0.0.0

And the result on R5:

R5#        sh ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

       E1 - OSPF external type 1, E2 - OSPF external type 2

       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

       ia - IS-IS inter area, * - candidate default, U - per-user static route

       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

C    200.0.0.0/24 is directly connected, FastEthernet0/0

     5.0.0.0/32 is subnetted, 1 subnets

C       5.5.5.5 is directly connected, Loopback0

C    192.168.10.0/24 is directly connected, Loopback1

     172.20.0.0/24 is subnetted, 1 subnets

O E2    172.20.0.0 [110/20] via 200.0.0.4, 00:00:01, FastEthernet0/0

C    192.168.20.0/24 is directly connected, Loopback2

     10.0.0.0/24 is subnetted, 3 subnets

O E2    10.1.12.0 [110/20] via 200.0.0.4, 00:19:57, FastEthernet0/0

O E2    10.1.24.0 [110/20] via 200.0.0.4, 00:19:58, FastEthernet0/0

O E2    10.1.34.0 [110/20] via 200.0.0.4, 00:19:58, FastEthernet0/0

Now let’s redistribute network 172.10.0.0/24 through EIGRP on R4:

R4(config-router)#router rip

R4(config-router)#redistribute ospf 1 metric 5

R4(config-router)#router eigrp 100

R4(config-router)#redistribute ospf 1 metric 100000 100 255 1 1500

Unlike OSPF which has a default metric seed of 20, in EIGRP and RIP we have to configure a metric else we will get an infinity metric.

RIP with no metric configured gets metric of 16 which in RIP equals to infinite:

 RIP with metric 5 configured:

Using traceroute we can verify that R5 is learning network 172.10.0.0/24 from R4 through R3 and network 172.20.0.0/24 from R4 through R2:

R5#traceroute 172.10.0.1

Type escape sequence to abort.

Tracing the route to 172.10.0.1

  1 200.0.0.4 52 msec 16 msec 20 msec

  2 10.1.34.3 24 msec 40 msec 20 msec

  3 10.1.13.1 56 msec *  92 msec

R5#traceroute 172.20.0.1

Type escape sequence to abort.

Tracing the route to 172.20.0.1

  1 200.0.0.4 36 msec 20 msec 20 msec

  2 10.1.24.2 52 msec 28 msec 20 msec

  3 10.1.12.1 76 msec *  64 msec

Now R1 is learning both networks 192.168.10.0/24 and 192.168.20.0/24 from R2 due to RIP preferred (lower) AD. If we would like split these 2 networks, one for each path, through a different router we will have to use different method, from the one that I use earlier with EIGRP, because RIP doesn’t differentiate between internal and external routes.

So I tried a few methods to manipulate these routes, which R4 learns from R5, and see how I can achieve the result where one route (192.168.10.0/24) is preferred through R3 and the other (192.168.20.0/24) preferred through R2, in perspective view from R1.

While trying to use the distance command on EIGRP I found the following post which helped me to understand why I didn’t succeeded:

If it is an internal route, you can change their AD , use the cmd "distance <AD> <source> <list>"
if it is an EIGRP external route you cannot do that per route, you can do this for all the external routes. Use the command "distance eigrp <internal_AD> <external_AD>"

Also note that the distance command is locally significant and it isn’t traversing along with the route updates between adjacent neighbors.

So the solution I came up with is to configure the distance command on R1 and increase the AD of learned route 192.168.10.0/24 through RIP:

R1(config)#access-list 10 permit 192.168.10.0 0.0.0.255

R1(config)#access-list 10 deny any                     

R1(config)#router rip                                 

R1(config-router)#distance 180 10.1.12.2 0.0.0.0 10    

Clearing the routing table (clear ip route *) and here is the result:

R1#sh ip rou

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

       E1 - OSPF external type 1, E2 - OSPF external type 2

       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

       ia - IS-IS inter area, * - candidate default, U - per-user static route

       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

     1.0.0.0/32 is subnetted, 1 subnets

C       1.1.1.1 is directly connected, Loopback0

R    200.0.0.0/24 [120/6] via 10.1.12.2, 00:00:01, FastEthernet0/0

     192.168.10.0/32 is subnetted, 1 subnets

D EX    192.168.10.1 [170/332800] via 10.1.13.3, 00:00:01, FastEthernet0/1

     172.10.0.0/24 is subnetted, 1 subnets

C       172.10.0.0 is directly connected, Loopback1

     172.20.0.0/24 is subnetted, 1 subnets

C       172.20.0.0 is directly connected, Loopback2

     192.168.20.0/32 is subnetted, 1 subnets

R       192.168.20.1 [120/6] via 10.1.12.2, 00:00:03, FastEthernet0/0

     10.0.0.0/24 is subnetted, 4 subnets

C       10.1.13.0 is directly connected, FastEthernet0/1

C       10.1.12.0 is directly connected, FastEthernet0/0

R       10.1.24.0 [120/1] via 10.1.12.2, 00:00:03, FastEthernet0/0

D       10.1.34.0 [90/307200] via 10.1.13.3, 00:00:03, FastEthernet0/1

So finally we have R1 and R5, learns two different networks , each on different path.

Separate companies - redundant topology

This one is real life scenario where two companies, which owns two Ethernet lines (50Mb each), want to get separate but keep load-balance, on regular basis, and redundant path in case of failure, for each one of them.

I will use the following topology:

Network setup:

      -          Each Ethernet line is provided with two separate VLAN’s from the service provider

      -          CPE1 represent the companies physical location, two LAN’s, one for each company 

             (Company 1-192.168.11.0/24 and Company 2-192.168.12.0/24)

      -          CPE2 represent some sort of data center where servers, firewalls and internet exit 

             located (Company 1-192.168.21.0/24 and Company 2-192.168.22.0/24)

      -          BGP is used as routing protocol (real customer demand) while I would prefer OSPF or  

            EIGRP which were much suitable for this topology.

      -     HSRP is used between CPE and routers for keeping the default route

I had to use  VRF lite in order to separate the routing tables for each company

After I finished configuring the interfaces, in their correct VRF, I started to configure the BGP and noticed that no neighbor had come up and I started to get the following messages:

*Mar  1 18:14:48.719: %BGP-4-NORTRID: BGP could not pick a router-id. Please configure manually.

And:

R4#sh ip bgp
% BGP cannot run because the router-id is not configured

After a little investigation I saw that the routers don’t have router-ID:

R4#sh ip bgp vpnv4 vrf CO1
% BGP cannot run because the router-id is not configured

BGP table version is 1, local router ID is 0.0.0.0
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
Route Distinguisher: 1:100 (default for vrf CO1)
*  10.1.34.0/24     0.0.0.0                  0         32768 i
*  192.168.21.0     10.1.34.254              0         32768 i

And this is my conclusion although I didn’t check it for sure so I may be wrong:

The routing process should take the highest IP (first loopbacks the interfaces) as the router-ID, in this situation he couldn’t use any IP because there were in VRF and not in the global routing table.

After configuring  a loopback interface is solved this problem.

the rest of this lab, along with configs and NET map, can be found in the following link:

http://www.4shared.com/rar/2NVMjzxb/CONFIG.html

Windows shutdown and restart through CLI

From time to time i need to restart or shutdown a virtual-machine through an RDP connection,
so i have created 2 shortcuts on my desktop using the following commands:

For restart the host:

shutdown -r -t 01

For shutdown the host:

shutdown -s -t 01

Where t is the time parameter in seconds,

for stopping this process use: shutdown -a 

this will work for Microsoft windows XP and 2000 and Win7.

Juniper/Cisco MPLS Layer-2 VPN configuration

Here is the following scenario:

The following post will explain how to configure an MPLS Layer-2 VPN, using single interface, to multiple far end interfaces, where both Juniper and Cisco routers are been used.

This is taken from a production network which I configured lately to one of our customers.

Topology setup:

       -          An MPLS network based on LDP/MPLS, IGP, BGP, MP-BGP

       -          AGG1 - An aggregation switch which terminate customer’s layer 2 connections

       -          3x PE routers (PE1 and PE2 are Juniper J6350 and PE3 is Cisco 7206VXR)

       -          Customer’s switches and CPE’s

Note that the interfaces, which connected from the switches, to the MPLS Layer-2 VPN ingress interface, should be in trunk mode.

The following configuration is referring to PE routers:

PE1 Configuration (Juniper router)

      1.       Make sure router’s loopback is configured under mpls and ldp protocols else configure it:

root@PE1# set protocols mpls interface lo0.0 root@PE1# set protocols ldp interface lo0.0

      2.       Configure the physical ingress router interface for 802.1q tagging for a cross-connect:

root@PE1# set interfaces ge-0/0/2 vlan-tagging root@PE1# set interfaces ge-0/0/2 encapsulation vlan-ccc

      3.       Configure the appropriate interfaces as units under the physical interface:

root@PE1# set interfaces ge-0/0/2 unit 2900 encapsulation vlan-ccc vlan-id 2900 root@PE1# set interfaces ge-0/0/2 unit 2077 encapsulation vlan-ccc vlan-id 2077

      4.       Now configure the Layer-2 circuit under protocols:

[edit protocols] root@PE1# set l2circuit neighbor 155.1.1.2 interface ge-0/0/2.2900 virtual-circuit-id 2900 root@PE1# set l2circuit neighbor 155.1.1.2 interface ge-0/0/2.2900 no-control-word root@PE1# set l2circuit neighbor 155.1.1.2 interface ge-0/0/2.2900 encapsulation-type ethernet-vlan root@PE1# set l2circuit neighbor 155.1.1.2 interface ge-0/0/2.2900 mtu 1500  root@PE1# set l2circuit neighbor 155.1.1.3 interface ge-0/0/2.2077 virtual-circuit-id 2900 root@PE1# set l2circuit neighbor 155.1.1.3 interface ge-0/0/2.2077 no-control-word root@PE1# set l2circuit neighbor 155.1.1.3 interface ge-0/0/2.2077 encapsulation-type ethernet-vlan root@PE1# set l2circuit neighbor 155.1.1.3 interface ge-0/0/2.2077 mtu 1500

The configurations are per neighbor and for each VLAN configure a separate interface and interface settings.

     

      5.       Apply commit

root@PE1# commit

PE2 Configuration (Juniper router)

Pretty much the same as PE1

      1.       Make sure router’s loopback is configured under mpls and ldp protocols else configure it:

root@PE2# set protocols mpls interface lo0.0 root@PE2# set protocols ldp interface lo0.0

      2.       Configure the physical ingress router interface for 802.1q tagging for a cross-connect:

root@PE2# set interfaces ge-3/0/0 vlan-tagging root@PE2# set interfaces ge-3/0/0 encapsulation vlan-ccc

      3.       Configure the appropriate interfaces as units under the physical interface:

root@PE2# set interfaces ge-3/0/0 unit 2900 encapsulation vlan-ccc vlan-id 2900

      4.       Now configure the Layer-2 circuit under protocols:

[edit protocols] root@PE2# set l2circuit neighbor 155.1.1.1 interface ge-3/0/0.2900 virtual-circuit-id 2900 root@PE2# set l2circuit neighbor 155.1.1.1 interface ge-3/0/0.2900 no-control-word root@PE2# set l2circuit neighbor 155.1.1.1 interface ge-3/0/0.2900 encapsulation-type ethernet-vlan root@PE2# set l2circuit neighbor 155.1.1.1 interface ge-3/0/0.2900 mtu 1500

      5.       Apply commit

root@PE1# commit

PE3 Configuration (Cisco router)

     

      1.       Configure the physical interface:  

interface GigaEthernet2/0  no ip address  load-interval 30  duplex full end

      2.       Configure the logical interface:

interface GigaEthernet2/0.2077  encapsulation dot1Q 2077  xconnect 155.1.1.1 2077 encapsulation mpls end

      3.       Save the configuration:

Router(config)# wr

Verification

Check Layer-2 link status:

Juniper: root@PE1> show l2circuit connections extensive Layer-2 Circuit Connections: Legend for connection status (St)   EI -- encapsulation invalid      NP -- interface h/w not present   MM -- mtu mismatch               Dn -- down                       EM -- encapsulation mismatch     VC-Dn -- Virtual circuit Down    CM -- control-word mismatch      Up -- operational                VM -- vlan id mismatch           CF -- Call admission control failure OL -- no outgoing label          IB -- TDM incompatible bitrate NC -- intf encaps not CCC/TCC    TM -- TDM misconfiguration BK -- Backup Connection          ST -- Standby Connection CB -- rcvd cell-bundle size bad  SP -- Static Pseudowire LD -- local site signaled down   RS -- remote site standby RD -- remote site signaled down  XX -- unknown Legend for interface status  Up -- operational            Dn -- down                   Neighbor: 155.1.1.2     Interface                 Type  St     Time last up          # Up trans     ge-0/0/2.2900(vc 2900)    rmt   Up     Feb 12 03:35:59 2012           1       Remote PE: 155.1.1.2, Negotiated control-word: No       Incoming label: 324768, Outgoing label: 319760       Negotiated PW status TLV: No       Local interface: ge-0/0/2.2900, Status: Up, Encapsulation: VLAN     Connection History:         Feb 12 03:35:59 2012  status update timer          Feb 12 03:35:58 2012  PE route changed             Feb 12 03:35:58 2012  Out lbl Update                    319760         Feb 12 03:35:58 2012  In lbl Update                     324768         Feb 12 03:35:58 2012  loc intf up                ge-0/0/2.2900 Neighbor: 155.1.1.3     Interface                 Type  St     Time last up          # Up trans     ge-0/0/2.2077(vc 2077)    rmt   Up     Feb 13 00:34:09 2012           1       Remote PE: 155.1.1.3, Negotiated control-word: No       Incoming label: 324752, Outgoing label: 42       Negotiated PW status TLV: No       Local interface: ge-0/0/2.2077, Status: Up, Encapsulation: VLAN     Connection History:         Feb 13 00:34:09 2012  status update timer          Feb 13 00:34:09 2012  PE route changed             Feb 13 00:34:09 2012  Out lbl Update                        42         Feb 13 00:34:09 2012  In lbl Update                     324752         Feb 13 00:34:09 2012  loc intf up                ge-0/0/2.2077 Cisco: router#show xconnect all detail Legend: XC ST=Xconnect State, S1=Segment1 State, S2=Segment2 State UP=Up, DN=Down, AD=Admin Down, IA=Inactive, NH=No Hardware XC ST  Segment 1                         S1 Segment 2                         S2 ------+---------------------------------+--+---------------------------------+-- UP     ac   Gi2/0.2077 2077(Eth VLAN)    UP mpls 155.1.1.1:2077            UP             Interworking: none                   Local VC label 42                                                               Remote VC label 324752                                                          pw-class:

EIGRP and BGP Redistribution Lab

Here is the setup for the following scenario:

      1. R1 represent customer edge router which runs EIGRP (AS1) with R2 and R3 (dual homing)

       2. R2 and R3 represent provider edge routers with EIGRP (AS1) to R1 and iBGP to R4 (AS65000)

       3. R4 function as route-reflector to R2 and R3

       4. OSPF uses as IGP for AS65000

       5. R4 has eBGP to R5 (AS65005)

       6. R5 has eBGP to R6 (AS65006)

       7. R6 advertise default route to eBGP neighbors

First task is to advertise to R1 a default route from R2 and R3, which learned through BGP, into EIGRP AS1.

By default we can’t redistribute iBGP learned routes to IGP so we need to apply the command bgp redistribute-internal on R2 and R3 which allow us to redistribute routes learned from iBGP into IGP.

router bgp 65000

 bgp redistribute-internal

Then configure a prefix-list to allow only default-route:

ip prefix-list PL_DEFAULT seq 5 permit 0.0.0.0/0

Attach the prefix-list into route-map:

route-map RM_ADV_DEFAULT permit 10

 match ip address prefix-list PL_DEFAULT

And under EIGRP process enable redistribution:

redistribute bgp 65000 metric 100000 500 255 1 1500 route-map RM_ADV_DEFAULT

I have configured on R1, R2 and R3 EIGRP weights which enumerate only the delay in the composite metric calculation:

router eigrp 1

 metric weights 0 0 0 1 0 0

The weight modifier values goes as follow:

TOS which always set to 0

K1 - bandwidth

K2 - load

K3 – delay

K4 – reliability

K5 – another reliability modifier

Note that the K5 is not MTU value as most of us may think, in the redistribute command or default-metric command we enter five VALUES of a metric.  Bandwidth, delay, load, reliability and MTU, That sets a baseline metric and describes the weighting of the route.

The K values are MODIFIERS of metric information (NOT raw metric information).  By default, these values are 1's or 0's which essentially just turns ON or OFF parts of the overall mathematical equation.

[Taken from a post where Scott Morris explain this issue on Cisco NetPro forums]

So looking on R1 routing table:

R1#sh ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

       E1 - OSPF external type 1, E2 - OSPF external type 2

       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

       ia - IS-IS inter area, * - candidate default, U - per-user static route

       o - ODR, P - periodic downloaded static route

Gateway of last resort is 10.1.13.3 to network 0.0.0.0

     155.1.0.0/32 is subnetted, 1 subnets

C       155.1.1.1 is directly connected, Loopback0

C    192.168.10.0/24 is directly connected, Loopback1

C    192.168.20.0/24 is directly connected, Loopback2

     10.0.0.0/24 is subnetted, 2 subnets

C       10.1.13.0 is directly connected, FastEthernet0/1

C       10.1.12.0 is directly connected, FastEthernet0/0

D*EX 0.0.0.0/0 [170/51200] via 10.1.13.3, 00:32:09, FastEthernet0/1

               [170/51200] via 10.1.12.2, 00:32:09, FastEthernet0/0

We can see that R1 is learning default route from R2 and R3.

Second task is to manipulate the routes so that R1 upstream will be through R2 and downstream through R3.

On R3 we will change the redistribution metric delay to higher value in order to R1, metric calculation, prefer R2 default route

R3:

router eigrp 1

 redistribute bgp 65000 metric 100000 500 255 1 1500 route-map RM_ADV_DEFAULT

Now R1 default route is towards R2:

R1#sh ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

       E1 - OSPF external type 1, E2 - OSPF external type 2

       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

       ia - IS-IS inter area, * - candidate default, U - per-user static route

       o - ODR, P - periodic downloaded static route

Gateway of last resort is 10.1.12.2 to network 0.0.0.0

     155.1.0.0/32 is subnetted, 1 subnets

C       155.1.1.1 is directly connected, Loopback0

C    192.168.10.0/24 is directly connected, Loopback1

C    192.168.20.0/24 is directly connected, Loopback2

     10.0.0.0/24 is subnetted, 2 subnets

C       10.1.13.0 is directly connected, FastEthernet0/1

C       10.1.12.0 is directly connected, FastEthernet0/0

D*EX 0.0.0.0/0 [170/51200] via 10.1.12.2, 00:00:51, FastEthernet0/0

In order to prevent routing loops and updates goes from EIGRP to BGP and so on we must apply filters to prevent unnecessary routing behavior. For that I will configure distribute-lists on R2 and R3:

access-list 10 permit 192.168.10.0 0.0.0.255

access-list 10 permit 192.168.20.0 0.0.0.255

access-list 10 deny   any

!

router eigrp 1

 distribute-list 10 in

For the downstream section we will do pretty much the same, redistributing EIGRP into BGP, on both R2 and R3, while giving lower metric for R3 which will cause downstream traffic to prefer R3

R2:

router bgp 65000

 redistribute eigrp 1

R3:

router bgp 65000

 redistribute eigrp 1 metric 100000

Note that the default metric for IGP routes distributed into BGP, if not defined by the metric command, is the same as the IGP metric.

So R2 metric will be 153600:

R2:

R2#sh ip route eigrp

D    192.168.10.0/24 [90/153600] via 10.1.12.1, 00:53:25, FastEthernet0/0

D    192.168.20.0/24 [90/153600] via 10.1.12.1, 00:53:25, FastEthernet0/0

     10.0.0.0/24 is subnetted, 5 subnets

D       10.1.13.0 [90/51200] via 10.1.12.1, 00:53:25, FastEthernet0/0

After redistribute into BGP R4 will see the same metric learned from R2:

R4#show ip bgp neighbors 155.1.2.2 routes

BGP table version is 26, local router ID is 155.1.4.4

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

*>i10.1.12.0/24     155.1.2.2                0    100      0 ?

*>i10.1.13.0/24     10.1.12.1            51200    100      0 ?

* i192.168.10.0     10.1.12.1           153600    100      0 ?

* i192.168.20.0     10.1.12.1           153600    100      0 ?

Total number of prefixes 4

So now AS65000 will prefer R3 as downstream router to R1 networks:

R4#sh ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

       E1 - OSPF external type 1, E2 - OSPF external type 2

       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

       ia - IS-IS inter area, * - candidate default, U - per-user static route

       o - ODR, P - periodic downloaded static route

Gateway of last resort is 155.1.5.5 to network 0.0.0.0

     155.1.0.0/32 is subnetted, 4 subnets

S       155.1.5.5 [1/0] via 10.1.45.5

C       155.1.4.4 is directly connected, Loopback0

O       155.1.3.3 [110/11] via 10.1.34.3, 17:23:00, FastEthernet0/0

O       155.1.2.2 [110/11] via 10.1.24.2, 17:23:00, FastEthernet0/1

B    192.168.10.0/24 [200/10000] via 10.1.13.1, 00:10:21

     172.17.0.0/24 is subnetted, 1 subnets

B       172.17.0.0 [20/0] via 155.1.5.5, 05:58:39

     172.16.0.0/24 is subnetted, 1 subnets

B       172.16.0.0 [20/0] via 155.1.5.5, 05:58:40

B    192.168.20.0/24 [200/10000] via 10.1.13.1, 00:10:22

     10.0.0.0/24 is subnetted, 5 subnets

B       10.1.13.0 [200/51200] via 10.1.12.1, 00:59:13

B       10.1.12.0 [200/0] via 155.1.2.2, 05:10:16

C       10.1.24.0 is directly connected, FastEthernet0/1

C       10.1.45.0 is directly connected, FastEthernet1/0

C       10.1.34.0 is directly connected, FastEthernet0/0

B*   0.0.0.0/0 [20/0] via 155.1.5.5, 05:59:12

But R2 traffic to R1 networks will still goes directly to R1, this is because EIGRP AD is lower than iBGP AD.

So in order to change it lets first examine how R2 learn routes to 192.168.10.0/24 and 192.168.20.0/24:

R2#sh ip route 192.168.10.0

Routing entry for 192.168.10.0/24

  Known via "eigrp 1", distance 90, metric 153600, type internal

  Redistributing via bgp 65000, eigrp 1

  Advertised by bgp 65000

  Last update from 10.1.12.1 on FastEthernet0/0, 03:42:02 ago

  Routing Descriptor Blocks:

  * 10.1.12.1, from 10.1.12.1, 03:42:02 ago, via FastEthernet0/0

      Route metric is 153600, traffic share count is 1

      Total delay is 6000 microseconds, minimum bandwidth is 10000 Kbit

      Reliability 255/255, minimum MTU 1500 bytes

      Loading 1/255, Hops 1

We can see that R2 learn these routes from 10.1.12.1 and we know that R2 prefer this route over other routing protocols (for example iBGP form R3) is due to lower AD for EIGRP. So changing the AD, for routes learned from 10.1.12.1 will solve this issue:

R2:

router eigrp 1

  distance 220 10.1.12.1 0.0.0.0

This will set an AD of 220 to all routes learned through EIGRP and sourced at 10.1.12.1, note that we can also filter the AD setting based on certain networks using ACLs.

So now the final result is that R1 send traffic through R2 and receive traffic through R3, sending an ICMP with source 192.168.10.1 to destination 155.1.5.5 with record option revel the way:

Reply to request 4 (52 ms).  Received packet has options

 Total option bytes= 40, padded length=40

 Record route:

   (10.1.12.1)

   (10.1.24.2)

   (10.1.45.4)

   (155.1.5.5)

   (10.1.45.5)

   (10.1.34.4)

   (10.1.13.3)

   (192.168.10.1) <*>

   (0.0.0.0)

 End of list

Next lab will be the same topology but with MPLS/MP-BGP at the SP side.

B.T.W

For everyone interesting in full routers configuration or GNS topology files just drop me an e-mail.