prefix Deaggregation and inject map - BGP Design & Implementation Chap 4

this lab is directly taken from BGP Design & Implementation Chap 4. GNS3 configurations attached below.
Summary -
In the boarder router if the summary route injected as follows 
aggregate-address 172.16.0.0 255.255.0.0 as-set summary-only
downwards the originality of the prefix may be lost therefore to specify the best exist path we can regenerate the path we use inject path .
bgp inject-map Map1 exist-map Map2
Map1 injects the path
Map2 checks whether path is available , it at least two match statements one is route-source & aggregate prefix. Whether u can inject weird prefix other than aggregate .. (eg aggregate is 172.16.0.0/16 but if you try to inject 10.0.0.0/24 ???) As usual you can't :)

following is the attached diagram

R5 Relevant configuration. 
router bgp 100
 no synchronization
 bgp log-neighbor-changes
 bgp inject-map AS200-Specific exist-map AS200-aggregate
 neighbor 192.168.12.2 remote-as 100
 neighbor 192.168.12.2 send-community
 neighbor 192.168.23.2 remote-as 100
 neighbor 192.168.23.2 send-community
 neighbor 192.168.24.1 remote-as 200
 neighbor 192.168.24.1 send-community
 no auto-summary
!
ip forward-protocol nd
!
ip bgp-community new-format
!
ip http server
no ip http secure-server
!
!
ip prefix-list AS200-R3 seq 5 permit 192.168.24.1/32
!
ip prefix-list Aggregate seq 5 permit 172.16.0.0/16
!
ip prefix-list Specific seq 5 permit 172.16.1.0/24

no cdp run
!
!
!
route-map AS200-Specific permit 10
 set ip address prefix-list Specific
 set community 100:200 no-export
!
route-map AS200-aggregate permit 10
 match ip address prefix-list Aggregate
 match ip route-source AS200-R3
!


R7#show ip bgp
BGP table version is 4, local router ID is 192.168.13.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*>i172.16.0.0       192.168.24.1             0    100      0 200 300 i
* i                 192.168.35.1             0    100      0 200 400 i
*>i172.16.1.0/24    192.168.24.1             0    100      0 ?
*>i172.16.2.0/24    192.168.35.1             0    100      0 ?
show ip route OSPF sync in the AS100

R7#show ip route 
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

C    192.168.12.0/24 is directly connected, FastEthernet0/1
C    192.168.13.0/24 is directly connected, FastEthernet0/0
O E2 192.168.24.0/24 [110/20] via 192.168.12.1, 00:00:56, FastEthernet0/1
     172.16.0.0/16 is variably subnetted, 3 subnets, 2 masks
B       172.16.0.0/16 [200/0] via 192.168.24.1, 00:00:51
B       172.16.1.0/24 [200/0] via 192.168.24.1, 00:00:51
B       172.16.2.0/24 [200/0] via 192.168.35.1, 00:00:23
O    192.168.23.0/24 [110/20] via 192.168.13.2, 01:21:56, FastEthernet0/0
                     [110/20] via 192.168.12.1, 01:21:23, FastEthernet0/1
O E2 192.168.35.0/24 [110/20] via 192.168.13.2, 00:00:46, FastEthernet0/0

when the BGP peer goes down between R3 & R5
*Mar  1 01:25:37.511: %BGP-5-ADJCHANGE: neighbor 192.168.24.1 Down BGP Notification sent
*Mar  1 01:25:37.511: %BGP-3-NOTIFICATION: sent to neighbor 192.168.24.1 4/0 (hold time expired) 0 bytes 
*Mar  1 01:25:38.511: BGP(0): no valid path for 172.16.0.0/16
*Mar  1 01:25:38.511: BGP(0): no valid path for 172.16.1.0/24
*Mar  1 01:25:38.515: BGP(0): nettable_walker 172.16.0.0/16 no best path
*Mar  1 01:25:38.515: BGP(0): nettable_walker 172.16.1.0/24 no best path
*Mar  1 01:25:38.519: BGP(0): 192.168.12.2 send unreachable 172.16.1.0/24
*Mar  1 01:25:38.519: BGP(0): 192.168.12.2 send UPDATE 172.16.1.0/24 -- unreachable
*Mar  1 01:25:38.519: BGP(0): 192.168.12.2 send UPDATE 172.16.0.0/16 -- unreachable
*Mar  1 01:25:38.623: BGP(0): updgrp 3 - 192.168.12.2 updates replicated for neighbors: 192.168.23.2
*Mar  1 01:25:47.283: BGP(0): updating injected prefix 172.16.1.0/24, from source prefix 172.16.0.0/16
*Mar  1 01:25:47.283: BGP(0): retaining injected prefix 172.16.1.0/24, from source prefix 172.16.0.0/16

when the BGP peer up
*Mar  1 01:27:06.899: %BGP-5-ADJCHANGE: neighbor 192.168.24.1 Up 
*Mar  1 01:27:06.947: BGP(0): 192.168.24.1 rcvd UPDATE w/ attr: nexthop 192.168.24.1, origin i, metric 0, aggregated by 200 192.168.46.2, path 200 300
*Mar  1 01:27:06.951: BGP(0): 192.168.24.1 rcvd 172.16.0.0/16
*Mar  1 01:27:06.955: BGP(0): Revise route installing 1 of 1 routes for 172.16.0.0/16 -> 192.168.24.1(main) to main IP table
*Mar  1 01:27:06.959: BGP(0): 192.168.12.2 NEXT_HOP is on same subnet as the bgp peer and set to 192.168.24.1 for net 172.16.0.0/16
*Mar  1 01:27:06.959: BGP(0): 192.168.12.2 send UPDATE (format) 172.16.0.0/16, next 192.168.24.1, metric 0, path 200 300
*Mar  1 01:27:06.963: BGP(0): updgrp 3 - 192.168.12.2 updates replicated for neighbors: 192.168.23.2
*Mar  1 01:27:47.331: BGP(0): creating injected prefix 172.16.1.0/24, from source prefix 172.16.0.0/16
*Mar  1 01:27:47.331: BGP(0): updating injected prefix 172.16.1.0/24, from source prefix 172.16.0.0/16
*Mar  1 01:27:47.335: BGP(0): retaining injected prefix 172.16.1.0/24, from source prefix 172.16.0.0/16
*Mar  1 01:27:47.335: BGP(0): retaining injected prefix 172.16.1.0/24, from source prefix 172.16.0.0/16
*Mar  1 01:27:48.063: BGP(0): Revise route installing 1 of 1 routes for 172.16.1.0/24 -> 192.168.24.1(main) to main IP table
*Mar  1 01:27:48.063: BGP(0): 192.168.12.2 NEXT_HOP is on same subnet as the bgp peer and set to 192.168.24.1 for net 172.16.1.0/24
*Mar  1 01:27:48.063: BGP(0): 192.168.12.2 send UPDATE (format) 172.16.1.0/24, next 192.168.24.1, metric 0, path Local
*Mar  1 01:27:48.163: BGP(0): updgrp 3 - 192.168.12.2 updates replicated for neighbors: 192.168.23.2
*Mar  1 01:28:47.355: BGP(0): updating injected prefix 172.16.1.0/24, from source prefix 172.16.0.0/16
*Mar  1 01:28:47.359: BGP(0): updating injected prefix 172.16.1.0/24, from source prefix 172.16.0.0/16
*Mar  1 01:28:47.359: BGP(0): retaining injected prefix 172.16.1.0/24, from source prefix 172.16.0.0/16
*Mar  1 01:28:47.359: BGP(0): retaining injected prefix 172.16.1.0/24, from source prefix 172.16.0.0/16

GNS3 Configurations

Comments

Post a Comment

Popular posts from this blog

PPTP Server as Cisco for Mikrotik Client

Image
Following configuration explains the Cisco as PPTP server and connecting two sites: Following Configuration needed to enable the VPDN and default server: vpdn enable ! vpdn-group Mtik ! Default PPTP VPDN group accept-dialin protocol pptp virtual-template 1 interface Virtual-Template1 ip unnumbered Loopback0 peer default ip address pool IPPOOL1 ppp encrypt mppe auto required ppp authentication ms-chap-v2 ms-chap pap ip local pool IPPOOL1 192.168.150.10 192.168.150.224 Few more additional things we need to keep the same ip address for the user: aaa new-model ! ! aaa authentication ppp default local aaa authorization network default local ! aaa attribute list Gobi attribute type addr 192.168.150.13 service ppp protocol ip mandatory attribute type route "10.0.0.0 255.255.255.0 192.168.150.13" attribute type interface-config "description Gobi-test" Finally apply the attribute list to the user: username gobi password 0 test username gobi aaa attri...
Read more

l2tpv3 configuration reference

Image
Reference Comparing , Designing and Deploying VPNs chap - 02 : L2TPv3 is the enhanced version of L2TPv2 protocol. Mikrotik uses L2TPv2 i suppose but it offer another similar tunneling mechanism as EOIP. L2TPv3 in cisco provides Pseudo-wire services to the customer. L2TPv3 only require the IP connectivity between peers but it can transport Ethernet, 802.1Q , HDLC, PPP framerelay etc. Advantage over MPLS is the customer having the full control of their routing domain. L2TP depolyment methods having 3 topologies LAC - LNS , LNS - LNS , LAC - LAC Following Diagram explain simple LAC - LAC L2TPv3 setup. It uses two types of messages: control connection messages - used for signaling between LCEs session data messages - Used to transport layer 2 protocols and connections Data channel Message Header having Session ID & cookie to correctly associate with the tunnel Deploying dynamic Pseudowires session 1) configure CEF - Its default in IOSs now. 2) configure a loopback in...
Read more

proxy arp

Image
In the above diagram , both hosts don't have default routes. But both are in the same /16 subnet. When host1 tries to ping host2 will it be able to ping ? Yes this behaviour due to the Proxy Arp feature. Note: Cisco by default enabled the proxy arp feature you have to disable it manually . Check the following Debug messages "debug arp" from the router. When the Arp request for 192.168.20.101 received on the router Fa0/1 it replies with its own mac address of fa0/1. (c200.03fc.0001)and vice versa *Mar 1 00:11:43.071: IP ARP: rcvd req src 192.168.12.154 00aa.00f4.6800, dst 192.168.20.101 FastEthernet0/1 *Mar 1 00:11:43.075: IP ARP: sent rep src 192.168.20.101 c200.03fc.0001,dst 192.168.12.154 00aa.00f4.6800 FastEthernet0/1 *Mar 1 00:13:13.067: IP ARP: rcvd req src 192.168.20.101 00aa.0041.1d00, dst 192.168.12.154 FastEthernet0/0 *Mar 1 00:13:13.067: IP ARP: sent rep src 192.168.12.154 c200.03fc.0000, dst 192.168.20.101 00aa.0041.1d00 FastEther...
Read more