BGP Fundamentals

Lab file

53KB

Challenge - BGP Fundamentals.yaml

Startup configs

19KB

bgp_fundamentals_initial_configs.zip

archive

The following is pre-configured:

• IPv4 and IPv6 addressing

• IGP in AS100 and AS200

• BGP peering sessions between the ISPs (AS1, AS2, AS3)

• BGP peering sessions to the customers (AS100 and AS200) on XR5 and R6 only

1. Configure a full iBGP mesh in AS 100 and AS 200. Use Lo0 for peering. Use one peering address per address family.

2. Configure eBGP peering on R2, R3, XR7 and XR8.

3. On R1 advertise the four prefixes shown in the diagram. Do the same on XR9.

Ensure that R1 can ping prefixes in AS200

R1#ping 200.0.0.1 source lo1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 200.0.0.1, timeout is 2 seconds:
Packet sent with a source address of 100.0.0.1 
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/11/38 ms

R1#ping 2001:db8:200::1 source lo1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:DB8:200::1, timeout is 2 seconds:
Packet sent with a source address of 2001:DB8:100::1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/11/19 ms

4. Before moving on, run clear bgp ipv4 uni * and clear bgp ipv6 uni * on R4. We need to ensure that R4 chooses the best route via XR5 due to the lowest RID. Without clearing, R4 may prefer R6 for routes it learned from R6 first. This is because oldest eBGP routes are preferred before using the RID tiebreaker.

R4#show ip route bgp | be Gateway
Gateway of last resort is not set

      100.0.0.0/24 is subnetted, 2 subnets
B        100.0.0.0 [20/0] via 10.4.5.5, 00:00:28
B        100.0.1.0 [20/0] via 10.4.5.5, 00:00:28
B     200.0.0.0/24 [20/0] via 10.4.5.5, 00:00:28
B     200.0.1.0/24 [20/0] via 10.4.5.5, 00:00:28
R4#show ipv6 route bgp | be 20   
B   2001:DB8:100::/64 [20/0], tag 2
     via FE80::5054:FF:FE0B:D977, GigabitEthernet1
B   2001:DB8:100:1::/64 [20/0], tag 2
     via FE80::5054:FF:FE0B:D977, GigabitEthernet1
B   2001:DB8:200::/64 [20/0], tag 2
     via FE80::5054:FF:FE0B:D977, GigabitEthernet1
B   2001:DB8:200:1::/64 [20/0], tag 2
     via FE80::5054:FF:FE0B:D977, GigabitEthernet1

• All BGP routes have a nexthop of XR5

5. AS100 wants to receive traffic inbound from AS 3. Find two different ways to do this by only making changes on R2 and R3. You can look at the ISP routers but may not make changes to them. XR5 and R4 should have a best path to AS100 prefixes via R6.

RP/0/0/CPU0:XR5#show route bgp
Thu Oct 20 18:22:17.268 UTC

B    100.0.0.0/24 [20/0] via 10.5.6.6, 00:00:33
B    100.0.1.0/24 [20/0] via 10.5.6.6, 00:00:33
B    200.0.0.0/24 [20/0] via 10.5.8.8, 03:31:40
B    200.0.1.0/24 [20/0] via 10.5.8.8, 03:31:40

RP/0/0/CPU0:XR5#show route ipv6 bgp
Thu Oct 20 18:24:43.968 UTC

B    2001:db8:100::/64 
      [20/0] via fe80::5054:ff:fe15:5908, 00:00:13, GigabitEthernet0/0/0/1
B    2001:db8:100:1::/64 
      [20/0] via fe80::5054:ff:fe15:5908, 00:00:13, GigabitEthernet0/0/0/1
B    2001:db8:200::/64 
      [20/0] via fe80::5054:ff:fe15:7df4, 03:34:07, GigabitEthernet0/0/0/3
B    2001:db8:200:1::/64 
      [20/0] via fe80::5054:ff:fe15:7df4, 03:34:07, GigabitEthernet0/0/0/3



R4#show ip route bgp | beg Gateway
Gateway of last resort is not set

      100.0.0.0/24 is subnetted, 2 subnets
B        100.0.0.0 [20/0] via 10.4.6.6, 00:01:29
B        100.0.1.0 [20/0] via 10.4.6.6, 00:01:29
B     200.0.0.0/24 [20/0] via 10.4.5.5, 03:19:13
B     200.0.1.0/24 [20/0] via 10.4.5.5, 03:19:13

R4#show ipv6 route bgp | be 20
B   2001:DB8:100::/64 [20/0], tag 3
     via FE80::5054:FF:FE1E:8F73, GigabitEthernet2
B   2001:DB8:100:1::/64 [20/0], tag 3
     via FE80::5054:FF:FE1E:8F73, GigabitEthernet2
B   2001:DB8:200::/64 [20/0], tag 2
     via FE80::5054:FF:FE0B:D977, GigabitEthernet1
B   2001:DB8:200:1::/64 [20/0], tag 2
     via FE80::5054:FF:FE0B:D977, GigabitEthernet1

Do the same exercise above for AS200.

6. R1 wants to ensure that outgoing traffic is forwarded towards AS 3. Find two separate ways to achieve this by only making changes on R1.

Revert the changes above, and find two ways to achieve this by only making changes to R2.

Do the same exercise above for AS200.

7. Find a way to make 100.0.0.0/23 appear to originate from AS 2 on R4. You can configure any router. Find a way to make 2001:db8:200::/63 originate from AS 3.

R4#show bgp ipv4 unicast 

     Network          Next Hop            Metric LocPrf Weight Path
 *    100.0.0.0/23     10.4.6.6                               0 3 2 i
 *>                    10.4.5.5                               0 2 i

R4#show bgp ipv6 uni

     Network          Next Hop            Metric LocPrf Weight Path
 *    2001:DB8:200::/63
                      2001:DB8:4:5::5                        0 2 3 i
 *>                    2001:DB8:4:6::6          0             0 3 i

Answers

2. Make sure to use route-policies on XR7 and XR8 for the eBGP sessions. By default, all routes received and sent are blocked on an eBGP session. However for an iBGP session, all routes are permitted by default

3. You must ensure R2, R3, XR7, and XR8 are using next-hop-self for the iBGP peering to R1 and XR9. Without it, R1 and XR9 will have an unreachable next-hop for the routes.

5. You can either prepend the AS-PATH on routes advertised out R2 twice (so it has an AS_PATH length of 3), or use the community 2:90 to set LP low on XR5 so it will prefer the path via R6 which has a default LP of 100. If you only set LP on R6 high, XR5 will still choose its own directly connected path. Remember to use send-community on the neighbor statement. Do the same on XR8.

6. You can set weight on routes from R3 to a value of at least 1. You can set LP on routes from R3 to a value above 100. This is not the ideal way to do it though. On R2 you can set local pref low (below 100) on routes from XR5, or prepend them once with XR5’s AS number. You can also do this on R3 by setting local pref high (above 100) on routes from R6. In the real world, LP is the way you should handle this.

7. Configure aggregate-addresses on XR5 and R6 without using as-set. To achieve the goal we want to lose the original AS path information. With as-set we would preserve the original AS path information.