The (Unofficial) CCNP-SP Study Guide
  • About
    • About the Author
    • About This Study Guide
  • MPLS
    • LDP
      • LDP Transport Address
      • LDP Conditional Advertisement
      • LDP Authentication
      • LDP/IGP Sync
      • LDP Session Protection
    • MPLS-TE
      • MPLS-TE Basics, Pt. 1 (TED)
      • MPLS-TE Basics, Pt.2 (RSVP)
      • MPLS-TE Basics, Pt.3 (CSPF)
      • MPLS-TE Basics, Pt.4 (Routing)
      • MPLS-TE Fast Reroute (FRR)
      • MPLS-TE with OSPF
    • Unified MPLS
    • Segment Routing
      • Introduction, Theory Pt.1
      • Introduction, Lab (OSPF) Pt.2
      • Introduction, Lab (ISIS) Pt. 3
      • Multi-Area/Level Segment Routing
      • Segment Routing using BGP
      • Migrating LDP to SR
      • LDP/SR Interworking
      • TI-LFA Pt. 1 (Theory)
      • TI-LFA Pt. 2 (Implementation)
      • TI-LFA Pt. 3 (Node and SRLG Protection)
      • SR-TE Pt. 1 (Overview)
      • SR-TE Pt. 2 (Creating an SR-TE Policy)
      • SR-TE Pt. 3 (Using a PCE)
      • SR-TE Pt. 4 (Automated Steering)
      • SR-TE Pt. 5 (On-Demand Nexthop)
      • SR-TE Pt. 6 (Flex Algo)
    • MPLS OAM
      • Classic Traceroute Behavior in MPLS Networks
      • LSP Ping
      • LSP Traceroute
  • Routing
    • BGP
      • BGP Synchronization
      • BGP Load Sharing (Multipath)
      • An Intuitive Look at Path Attributes
      • AS Path Prepending on XE and XR
      • RPL
    • BGP Security
      • BGP TTL Security, Pt. 1
      • BGP TTL Security, Pt. 2 (IOS-XE)
      • BGP TTL Security, Pt. 3 (IOS-XR)
      • BGP MD5 Authentication
      • BGP Maximum Prefixes
      • BGP RFD (Route Flap Dampening)
      • RTBH
      • Flowspec
      • BGPsec
    • L3VPN
      • An In-Depth Look at RD and RT, Pt. 1
      • An In-Depth Look at RD and RT, Pt. 2
      • An In-Depth Look at RD and RT, Pt. 3
      • An In-Depth Look at RD and RT, Pt. 4
      • Inter-AS L3VPN Pt. 1, Overview
      • Inter-AS L3VPN Pt. 2, Option A
      • Inter-AS L3VPN Pt. 3, Option B
      • Inter-AS L3VPN Pt. 4, Option C
      • CSC (Carrier Supporting Carrier)
      • PE NAT
    • OSPF
      • Type 7 to Type 5 Translation
      • OSPF Authentication
      • Troubleshooting OSPF Adjacencies
      • OSPFv3 LSA Types
      • OSPFv3 LSAs Example (Single Area)
    • ISIS
      • The Potential for Asymmetric Routing with Multi-Area ISIS
      • Interarea Routing is Distance-Vector
      • Basic ISIS - LSPDB
      • Multitopology
      • What is the role of CLNS and CLNP in ISIS?
      • Troubleshooting ISIS Adjacencies
    • IPv6 Transition
      • Overview
      • NAT64
      • 6to4
      • 6RD (IPv6 Rapid Deployment)
      • DS Lite (Dual Stack Lite)
      • MAP (Mapping of Address and Port)
      • Tunneling IPv6 Dynamic Routing Protocols over IPv4
    • Multicast
      • Introduction
      • IP and MAC Addressing
      • Tree Formation and Packet Forwarding
      • IGMP
      • PIM-DM (Dense Mode)
      • PIM-SM (Sparse Mode)
      • PIM-SM SPT Switchover
      • PIM-SM Tunnel Interfaces
      • PIM DR and the Assert Message
      • PIM-SM RP Discovery
      • PIM-BiDir
      • PIM-SSM (Source-Specific Multicast)
      • Interdomain Multicast (PIM-SM)
      • IPv6 Multicast
      • mVPN Introduction
      • mVPN Profile 0
      • mVPN Profile 1
      • Multicast Routing on IOS-XR
  • L2VPN & Ethernet
    • IOS-XE Ethernet Services
      • Service Instances
      • E-Line
      • E-LAN (VPLS)
      • E-Tree
      • E-Access
      • VPLS with BGP Autodiscovery
      • Martini/Kompella Circuits
    • EVPN
      • Introduction to EVPN
      • Learning EVPN VXLAN First
      • E-Line (EVPN VPWS)
      • E-Line (EVPN VPWS) on IOS-XR
      • E-Line (EVPN VPWS) Multi-Homed
      • E-LAN (EVPN Single-Homed)
    • Carrier Ethernet
      • 802.1ah (MAC-in-MAC)
      • 802.3ah (Ethernet OAM)
      • 802.1ag (CFM)
      • Cisco REP (Resilient Ethernet Protocol)
      • ITU G.8032 ERPS (Ethernet Ring Protection Switching)
  • Security
    • CoPP (Control Plane Policing)
    • LPTS (Local Packet Transport Services)
  • Misc
    • QoS
      • QoS Introduction (Part 1)
      • QoS Tools Overview and QoS Models (Part 2)
      • QoS Classification and Marking (Part 3)
      • QoS Queuing/Congestion Management (Part 4)
      • QoS Shaping and Policing (Part 5)
      • QoS for IPv6
      • MPLS QoS Basics
      • MPLS QoS Modes
      • MPLS TE QoS (DS-TE)
      • MPLS TE CBTS/PBTS
    • Automation and Assurance
      • NSO
      • NSO Command Cheat Sheet
      • Intro to YANG/NETCONF
      • YANG In-Depth
      • NETCONF In-Depth
      • RESTCONF
      • Model-Driven Telemetry
      • Automation Tool Comparison
      • Netflow
      • SNMP
    • Virtualization
      • NFV (Network Function Virtualization)
      • OpenStack
    • Transport
      • xPON
      • SONET/SDH
      • WDM
      • 4G and 5G RAN
    • High Availability (HA)
      • NSF/GR
      • NSR
      • NSF/NSR Whitepapers
      • BFD
      • Link Aggregation on IOS-XE
      • Link Aggregation on IOS-XR
    • IOS Software Overview
  • Labs
    • Lab Challenges
      • How to Use These Labs
      • Basic LDP
      • Advanced LDP
      • BGP Security
      • Unified MPLS
      • BGP Fundamentals
      • Ethernet Services
      • L3VPN Extranet
      • Multicast
      • Inter-area OSPF
      • ISIS
      • MPLS-TE
      • Control Plane Policing
      • QoS
Powered by GitBook
On this page
  1. Labs
  2. Lab Challenges

BGP Fundamentals

PreviousUnified MPLSNextEthernet Services

Last updated 2 years ago

Lab file

Startup configs

The following is pre-configured:

  • IPv4 and IPv6 addressing

  • IGP in AS100 and AS200

  • BGP peering sessions between the ISPs (AS1, AS2, AS3)

  • BGP peering sessions to the customers (AS100 and AS200) on XR5 and R6 only

  1. Configure a full iBGP mesh in AS 100 and AS 200. Use Lo0 for peering. Use one peering address per address family.

  2. Configure eBGP peering on R2, R3, XR7 and XR8.

  3. On R1 advertise the four prefixes shown in the diagram. Do the same on XR9.

Ensure that R1 can ping prefixes in AS200

R1#ping 200.0.0.1 source lo1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 200.0.0.1, timeout is 2 seconds:
Packet sent with a source address of 100.0.0.1 
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/11/38 ms

R1#ping 2001:db8:200::1 source lo1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:DB8:200::1, timeout is 2 seconds:
Packet sent with a source address of 2001:DB8:100::1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/11/19 ms

4. Before moving on, run clear bgp ipv4 uni * and clear bgp ipv6 uni * on R4. We need to ensure that R4 chooses the best route via XR5 due to the lowest RID. Without clearing, R4 may prefer R6 for routes it learned from R6 first. This is because oldest eBGP routes are preferred before using the RID tiebreaker.

R4#show ip route bgp | be Gateway
Gateway of last resort is not set

      100.0.0.0/24 is subnetted, 2 subnets
B        100.0.0.0 [20/0] via 10.4.5.5, 00:00:28
B        100.0.1.0 [20/0] via 10.4.5.5, 00:00:28
B     200.0.0.0/24 [20/0] via 10.4.5.5, 00:00:28
B     200.0.1.0/24 [20/0] via 10.4.5.5, 00:00:28
R4#show ipv6 route bgp | be 20   
B   2001:DB8:100::/64 [20/0], tag 2
     via FE80::5054:FF:FE0B:D977, GigabitEthernet1
B   2001:DB8:100:1::/64 [20/0], tag 2
     via FE80::5054:FF:FE0B:D977, GigabitEthernet1
B   2001:DB8:200::/64 [20/0], tag 2
     via FE80::5054:FF:FE0B:D977, GigabitEthernet1
B   2001:DB8:200:1::/64 [20/0], tag 2
     via FE80::5054:FF:FE0B:D977, GigabitEthernet1

  • All BGP routes have a nexthop of XR5

5. AS100 wants to receive traffic inbound from AS 3. Find two different ways to do this by only making changes on R2 and R3. You can look at the ISP routers but may not make changes to them. XR5 and R4 should have a best path to AS100 prefixes via R6.

RP/0/0/CPU0:XR5#show route bgp
Thu Oct 20 18:22:17.268 UTC

B    100.0.0.0/24 [20/0] via 10.5.6.6, 00:00:33
B    100.0.1.0/24 [20/0] via 10.5.6.6, 00:00:33
B    200.0.0.0/24 [20/0] via 10.5.8.8, 03:31:40
B    200.0.1.0/24 [20/0] via 10.5.8.8, 03:31:40

RP/0/0/CPU0:XR5#show route ipv6 bgp
Thu Oct 20 18:24:43.968 UTC

B    2001:db8:100::/64 
      [20/0] via fe80::5054:ff:fe15:5908, 00:00:13, GigabitEthernet0/0/0/1
B    2001:db8:100:1::/64 
      [20/0] via fe80::5054:ff:fe15:5908, 00:00:13, GigabitEthernet0/0/0/1
B    2001:db8:200::/64 
      [20/0] via fe80::5054:ff:fe15:7df4, 03:34:07, GigabitEthernet0/0/0/3
B    2001:db8:200:1::/64 
      [20/0] via fe80::5054:ff:fe15:7df4, 03:34:07, GigabitEthernet0/0/0/3



R4#show ip route bgp | beg Gateway
Gateway of last resort is not set

      100.0.0.0/24 is subnetted, 2 subnets
B        100.0.0.0 [20/0] via 10.4.6.6, 00:01:29
B        100.0.1.0 [20/0] via 10.4.6.6, 00:01:29
B     200.0.0.0/24 [20/0] via 10.4.5.5, 03:19:13
B     200.0.1.0/24 [20/0] via 10.4.5.5, 03:19:13

R4#show ipv6 route bgp | be 20
B   2001:DB8:100::/64 [20/0], tag 3
     via FE80::5054:FF:FE1E:8F73, GigabitEthernet2
B   2001:DB8:100:1::/64 [20/0], tag 3
     via FE80::5054:FF:FE1E:8F73, GigabitEthernet2
B   2001:DB8:200::/64 [20/0], tag 2
     via FE80::5054:FF:FE0B:D977, GigabitEthernet1
B   2001:DB8:200:1::/64 [20/0], tag 2
     via FE80::5054:FF:FE0B:D977, GigabitEthernet1

Do the same exercise above for AS200.

6. R1 wants to ensure that outgoing traffic is forwarded towards AS 3. Find two separate ways to achieve this by only making changes on R1.

Revert the changes above, and find two ways to achieve this by only making changes to R2.

Do the same exercise above for AS200.

7. Find a way to make 100.0.0.0/23 appear to originate from AS 2 on R4. You can configure any router. Find a way to make 2001:db8:200::/63 originate from AS 3.

R4#show bgp ipv4 unicast 

     Network          Next Hop            Metric LocPrf Weight Path
 *    100.0.0.0/23     10.4.6.6                               0 3 2 i
 *>                    10.4.5.5                               0 2 i

R4#show bgp ipv6 uni

     Network          Next Hop            Metric LocPrf Weight Path
 *    2001:DB8:200::/63
                      2001:DB8:4:5::5                        0 2 3 i
 *>                    2001:DB8:4:6::6          0             0 3 i

Answers

2. Make sure to use route-policies on XR7 and XR8 for the eBGP sessions. By default, all routes received and sent are blocked on an eBGP session. However for an iBGP session, all routes are permitted by default

3. You must ensure R2, R3, XR7, and XR8 are using next-hop-self for the iBGP peering to R1 and XR9. Without it, R1 and XR9 will have an unreachable next-hop for the routes.

5. You can either prepend the AS-PATH on routes advertised out R2 twice (so it has an AS_PATH length of 3), or use the community 2:90 to set LP low on XR5 so it will prefer the path via R6 which has a default LP of 100. If you only set LP on R6 high, XR5 will still choose its own directly connected path. Remember to use send-community on the neighbor statement. Do the same on XR8.

6. You can set weight on routes from R3 to a value of at least 1. You can set LP on routes from R3 to a value above 100. This is not the ideal way to do it though. On R2 you can set local pref low (below 100) on routes from XR5, or prepend them once with XR5’s AS number. You can also do this on R3 by setting local pref high (above 100) on routes from R6. In the real world, LP is the way you should handle this.

7. Configure aggregate-addresses on XR5 and R6 without using as-set. To achieve the goal we want to lose the original AS path information. With as-set we would preserve the original AS path information.

53KB
Challenge - BGP Fundamentals.yaml
19KB
bgp_fundamentals_initial_configs.zip
archive