GNS3 Lab: Troubleshoot and Resolve Routing IssuesBGPIn previous
articles, we have learned how to face OSPF and EIGRP routing
issues. If you havent already, please check out my previous
articles. It is a very challenging and responsible task to maintain
Border Gateway Protocol (BGP) properly because we have to deal with
external routing; if any breakdown occurs it should be resolved
quickly.
Lets have a quick look at functionalities and properties of
BGP.BGP is an Exterior Gateway Protocol (EGP) used for routing
between autonomous systems. TCP port 179 is used to establish
session and BGP neighbors are not discovered; rather, they must be
configured manually so we have to configure unicast routing using
neighbor command on both sides.We can use BGP in the following
conditions: Customer connected to multiple Internet service
providers (ISPs). Service provider networks (transit autonomous
system). In very large enterprise networks, where we can use BGP at
core layer as a redundant routing protocol.Common Neighbor
Stability Problems of BGP: Misconfigured neighbors IP address and
AS number. Reachability issues when interfaces other than directly
connected interfaces are used while peering (update-source issue).
Authentication must be properly implemented (if configured). Router
ID must be unique.BGP often stuck in idle or active state; some
common issues are described below.For the IDLE state, common issues
are: TCP port 179 is not open. Misconfigured Peer address under
BGP. Misconfigured AS number under BGP (remote-as). BGP
misconfiguration for peers.For the ACTIVE state, common issues are:
TCP connection is initiated and it is in ACTIVE state; Retry to
establish TCP session. Peer address configured is not directly
connected interface (Missing update-source command). Network
congestion, so TCP is unable to establish session. Interface
flapping.To resolve most common BGP routing issues I have designed
a GNS3 Lab which is posted here for your hands-on practice so that
you can start the implementation or trouble-shooting as per the
described objective. You will also find a solution file so that you
can tally your configuration. ScenarioIn this GNS3 lab (as shown in
Fig. 1), you will begin with preloaded configuration scripts on
each of the routers. These scripts contain errors that will prevent
end-to-end communication across the network, especially between
Router LA and NY. This means you have to establish communication
from 10.1.1.1 to 10.2.2.2. To achieve this task, you will need to
troubleshoot each router to determine the configuration errors, and
then use the appropriate commands to correct the configurations.
When you have corrected all of the configuration errors, loopback
on the router LA should be able to communicate with the loopback
address of router NY, i.e., 10.2.2.2, so at the end you should get
a ping reply, as shown below:LA# ping 10.2.2.2 source 10.1.1.1
Sending 5, 100-byte ICMP Echos to 10.2.2.2, timeout is 2
seconds:Packet sent with a source address of 10.1.1.1!!!!!Success
rate is 100 percent (5/5), round-trip min/avg/max = 88/126/168
msLearning Objectives of Working with GNS3 File:Upon completion of
this lab, you will be able to troubleshoot and resolve: Next hop
unchanged issue with BGP (for iBGP peers) BGP split-horizon issues
BGP authentication issues BGP neighborship stability issues Router
ID issue with BGPYou can also: Gather information about the
misconfigured portion of the network. Analyze information to
determine why communication is not possible. Implement solutions to
resolve network errors.Download the GNS3 file and turn on all the
devices. First we will check BGP peering using sh ip bgp summary on
routers LA, WDC1, WDC2, WDC3, WDC4, WDC5 and NY. You will see that
neighborship between WDC1WDC4 (1.1.1.1 to 4.4.4.4) is in active
state, as shown in Fig. 2.
But if you check the running configuration on routers WDC1 and
WDC4, you will see that update-source command is missing from BGP
configuration, as shown below:!router bgp 10 no synchronization bgp
log-neighbor-changes neighbor 4.4.4.4 remote-as 10 neighbor
11.1.1.1 remote-as 20 no auto-summary!So configure the
update-source for respective neighbors using this
command:WDC1(config)#router bgp 10WDC1(config-router)#neighbor
4.4.4.4 update-source loopback 1
WDC4(config)#router bgp 10WDC4(config-router)#neighbor 1.1.1.1
update-source loopback 1After configuring the above commands, your
neighborship will comes up.But on router WDC4, you will see the log
messages of BAD Authentication for BGP neighbor 56.1.1.1, as shown
below:*Mar 1 00:04:49.731: %TCP-6-BADAUTH: No MD5 digest from
56.1.1.2(179) to 56.1.1.1(14121)*Mar 1 00:04:49.871:
%TCP-6-BADAUTH: No MD5 digest from 56.1.1.2(179) to
56.1.1.1(14121)If you check the authentication parameters on both
routers using show run | section bgp, you will find that router
WDC4 is configured with password CISC0 instead of CISCO (which is
configured on neighbor router NY).Now you have all the BGP
neighborships, as described in scenario, so you have won half of
war with BGP. Now its time to check routing database and network
reachability between BGP peers.If you check the BGP database on
routers WDC1 and WDC5, you will get 10.1.1.1 on WDC1 and 10.2.2.2
on WDC5 as best path but on router WDC4 you will find that you are
getting both 10.1.1.1 and 10.2.2.2 but not best, as shown in Fig.3
. Why are both routes not best? You can find the answer with next
hop; if you closely look at the next hops, 11.1.1.1 and 56.1.1.2,
both are eBGP routes and we have not advertised 11.1.1.0 or
56.1.1.0 anywhere in BGP. Thats why both next hops are unreachable
from WDC4, so the solution is to advertise 11.1.1.0 on WDC1 under
BGP and 56.1.1.0 on WDC5 but this is not feasible solution to
advertise eBGP networks.A better and more feasible solution is to
use Next-hop-self and you know very well when to use this command;
if not, then the next line is for you.To inject networks learned
from eBGP peer to iBGP peerThe next hop command is only for iBGP
peers; now you can go to routers WDC1 and WDC5 to configure
next-hop-self under BGP for router WDC4, as shown below:
WDC1(config-router)#neighbor 4.4.4.4 next-hop-self
WDC5(config-router)#neighbor 45.1.1.1 next-hop-selfNow if you check
the BGP database on router WDC4 , you will get the result shown in
Fig. 4.
Both networks are best, but you will not get 10.2.2.2 on router
WDC1 and 10.1.1.1 on router WDC5 because of the BGP split-horizon
rule, which says Routes learned from iBGP peer will not be
forwarded to other iBGP peer. Feasible solutions of BGP
split-horizon are: * Route-reflector * Confederation (sub-AS
method)The confederation method is not as popular as a solution of
BGP split-horizon just because of its complex implementation and
lack of flexibility for technology updating, whereas route
reflector is a far better and more widely used solution for BGP
split-horizon.Route reflector is deployed over centralized routers
in iBGP; as per our topology, WDC4 is a centralized router, so WDC4
will be configured as route reflector and WDC1-WDC5 will be router
reflector clients so that WDC4 can exchange routing information
with WDC1 and WDC2. You can use following commands to implement
route reflector:WDC4(config)#router bgp
10WDC4(config-router)#neighbor 1.1.1.1
route-reflector-clientWDC4(config-router)#neighbor 45.1.1.2
route-reflector-clientInstantly you will get following log
messages,*Mar 1 01:19:59.099: %BGP-5-ADJCHANGE: neighbor 1.1.1.1
Down RR client config change*Mar 1 01:20:01.347: %BGP-5-ADJCHANGE:
neighbor 1.1.1.1 Up*Mar 1 01:20:20.651: %BGP-5-ADJCHANGE: neighbor
45.1.1.2 Down RR client config change*Mar 1 01:20:22.931:
%BGP-5-ADJCHANGE: neighbor 45.1.1.2 UpNow you can see the 10.2.2.2
in LAs BGP routing table as shown in Fig. 5. Now you have end to
end reachability between AS 20 & AS 30 and you can check the
reachability using ping from router LA loopback to router NYs
loopback as shown in Fig. 6 Some Important Tips to Trouble-Shoot
and Resolve BGP Issues: Router-ID must be unique to establish BGP
peering. If certain BGP routes are missing from the routing table,
then check if they exist in the BGP table:if yes : next hop
reachability issueif not : non-availability of valid route in
BGPSplit-Horizon issue or Synchronization rule issue If certain
routes are missing from the BGP and routing table, then check the
neighborship, using show ip bgp summary, or you can check for route
filtering (ACLs, route-maps, etc.). iBGP learned route is not
advertised to other iBGP peers, so configuring a route reflector
might be necessary. Similarly, routes advertised by issuing a
network command in BGP must be advertised with proper subnet
mask.Useful Commands to Monitor and Troubleshoot BGP: show ip bgp
summaryTo check BGP neighbors with their respective states show ip
bgpTo check BGP routing database show ip bgp neighbor
[ip-address]To check specific neighbors information show ip bgp
[particular route]To check detailed information about specific
route debug ip bgp eventsDisplays significant BGP events debug ip
bgp keepalivesDisplays BGP keepalive packets debug ip bgp
updatesDisplays all incoming or outgoing BGP updatesI have also
posted a solution file for BGP GNS3 lab so that you can tally your
solutions with that file.All of us know very well that it is not
possible to describe BGP issues in a single article, but I have
tried to discuss most common BGP problems with their solutions. I
hope that now you can deal with BGP issues and resolve them quickly
and thanks all for appreciating my previous articles. If you like
this article, then say thanks to intenseschool.com @ comment
section for providing you with such technologies. Your feedback is
also welcome.References1. Cisco Certified Internetwork Expert by
Wendell Odom and others, Ciscopress.com2. Routing TCP/IP Vol. 2 by
Jeff Doyle3. CCNP Route Quick Reference by Denis Donohou,
Ciscopress.com4. Cisco Certified Internetwork Expert Quick
Reference by Brad Ellis, Ciscopress.com
BGP - Tshoot File/.DS_Store
__MACOSX/BGP - Tshoot File/._.DS_Store
BGP - Tshoot File/BGP-Tshoot.netautostart = Falseversion =
0.8.3[127.0.0.1:7202] workingdir =
C:\Users\Scorpio\AppData\Local\Temp udp = 10200 [[3725]] image =
D:\Gurgaon\GNS3\C3725-AD.BIN ram = 256 idlepc = 0x60bf8ba0
sparsemem = True ghostios = True [[ROUTER WDC5]] model = 3725
console = 2005 aux = 2505 cnfg = configs\WDC5.cfg wic0/0 = WIC-2T
wic0/1 = WIC-2T s0/0 = WDC4 s0/2 s0/1 = NY s0/0 x = 23.0 y = -92.0
z = 1.0 hx = 13.0 hy = 38.0 [[ROUTER NY]] model = 3725 console =
2006 aux = 2506 cnfg = configs\NY.cfg wic0/0 = WIC-2T s0/0 = WDC5
s0/1 x = 96.0 y = -246.0 z = 1.0 hx = 65.5 hy =
11.0[127.0.0.1:7203] workingdir =
C:\Users\Scorpio\AppData\Local\Temp udp = 10300 [[3725]] image =
D:\Gurgaon\GNS3\C3725-AD.BIN ram = 256 idlepc = 0x60bf8ba0
sparsemem = True ghostios = True [[ROUTER LA]] model = 3725 console
= 2007 aux = 2507 cnfg = configs\LA.cfg wic0/0 = WIC-2T s0/0 = WDC1
s0/2 x = -609.0 y = -82.0 z = 1.0[127.0.0.1:7200] workingdir =
C:\Users\Scorpio\AppData\Local\Temp udp = 10000 [[3725]] image =
D:\Gurgaon\GNS3\C3725-AD.BIN ram = 256 idlepc = 0x60bf8ba0
sparsemem = True ghostios = True [[ROUTER WDC1]] model = 3725
console = 2001 aux = 2501 cnfg = configs\WDC1.cfg wic0/0 = WIC-2T
wic0/1 = WIC-2T s0/0 = WDC2 s0/0 s0/1 = WDC3 s0/0 s0/2 = LA s0/0 x
= -433.0 y = -89.0 z = 1.0 hx = 15.0 hy = 40.0 [[ROUTER WDC2]]
model = 3725 console = 2002 aux = 2502 cnfg = configs\WDC2.cfg
wic0/0 = WIC-2T s0/0 = WDC1 s0/0 s0/1 = WDC4 s0/0 x = -288.0 y =
-174.0 z = 1.0[127.0.0.1:7201] workingdir =
C:\Users\Scorpio\AppData\Local\Temp udp = 10100 [[3725]] image =
D:\Gurgaon\GNS3\C3725-AD.BIN ram = 256 idlepc = 0x60bf8ba0
sparsemem = True ghostios = True [[ROUTER WDC4]] model = 3725
console = 2004 aux = 2504 cnfg = configs\WDC4.cfg wic0/0 = WIC-2T
wic0/1 = WIC-2T s0/0 = WDC2 s0/1 s0/1 = WDC3 s0/1 s0/2 = WDC5 s0/0
x = -127.0 y = -87.0 z = 1.0 hx = 11.0 hy = -19.0 [[ROUTER WDC3]]
model = 3725 console = 2003 aux = 2503 cnfg = configs\WDC3.cfg
wic0/0 = WIC-2T s0/0 = WDC1 s0/1 s0/1 = WDC4 s0/1 x = -281.0 y =
-4.0 z = 1.0 hx = 12.0 hy = 36.0[GNS3-DATA] configs = configs
workdir = working [[NOTE 1]] text = "24.1.1.0/30" x = -187.0 y =
-155.0 font = "MS Shell Dlg 2,9,-1,5,75,0,0,0,0,0" rotate = 28
color = "#8b0000" [[NOTE 2]] text = "BGP Neighbor-ship Between\n\n
EBGP : LA - WDC1 & WDC5 - NY with MD5 Authentication\n IBGP
:WDC1-2, WDC1-3, WDC2-4, WDC3-4 \n WDC1- WDC4 (Loopback to
Loopback)\n " x = -623.0 y = -297.0 font = "MS Shell Dlg
2,11,-1,5,75,0,0,0,0,0" color = "#590044" [[NOTE 3]] text = "BGP AS
20" x = -594.0 y = -149.0 font = "MS Shell Dlg
2,12,-1,5,75,0,0,0,0,0" color = "#00007f" [[NOTE 4]] text =
"Loopback 1 : 10.1.1.1/32" x = -630.0 y = -11.0 [[NOTE 5]] text =
"BGP AS 30" x = 66.0 y = -307.0 font = "MS Shell Dlg
2,12,-1,5,75,0,0,0,0,0" color = "#00007f" [[NOTE 6]] text =
"Loopback 1 : 10.2.2.2/32" x = 27.0 y = -279.0 [[NOTE 7]] text =
"BGP AS 10" x = -132.0 y = -178.0 font = "MS Shell Dlg
2,12,-1,5,75,0,0,0,0,0" color = "#00007f" [[NOTE 8]] text = "IGP -
OSPF 1 \n Area 0" x = -307.0 y = -89.0 font = "MS Shell Dlg
2,12,-1,5,75,0,0,0,0,0" color = "#003e00" [[NOTE 9]] text =
"Loopback 1\n1.1.1.1/32" x = -453.0 y = -124.0 [[NOTE 10]] text =
"Loopback 1\n4.4.4.4/32" x = -111.0 y = -48.0 [[NOTE 11]] text =
"45.1.1.0/30" x = -61.0 y = -100.0 font = "MS Shell Dlg
2,9,-1,5,75,0,0,0,0,0" color = "#8b0000" [[NOTE 12]] text =
"12.1.1.0/30" x = -375.0 y = -121.0 font = "MS Shell Dlg
2,9,-1,5,75,0,0,0,0,0" rotate = -30 color = "#8b0000" [[NOTE 13]]
text = "13.1.1.0/30" x = -375.0 y = -38.0 font = "MS Shell Dlg
2,9,-1,5,75,0,0,0,0,0" rotate = 28 color = "#8b0000" [[NOTE 14]]
text = "11.1.1.0/30" x = -526.0 y = -97.0 color = "#860000" [[NOTE
15]] text = "56.1.1.0/30" x = 90.0 y = -106.0 rotate = -73 color =
"#8b0000" [[NOTE 16]] text = "BGP MD5" x = 110.0 y = -110.0 rotate
= -72 [[NOTE 17]] text = "34.1.1.0/30" x = -203.0 y = 7.0 font =
"MS Shell Dlg 2,9,-1,5,75,0,0,0,0,0" rotate = -30 color = "#8b0000"
[[NOTE 18]] text = "BGP MD5" x = -532.0 y = -55.0 [[SHAPE 1]] type
= ellipse x = -466.0 y = -207.0 width = 560.0 height = 263.0
fill_color = "#b1ff87" border_style = 2 z = -1.0 [[SHAPE 2]] type =
rectangle x = -622.0 y = -113.0 width = 154.0 height = 100.0
fill_color = "#f3c2ff" border_style = 3 z = -1.0 [[SHAPE 3]] type =
rectangle x = 21.0 y = -279.0 width = 200.0 height = 100.0
fill_color = "#a9ddff" border_style = 3 z = -2.0
BGP - Tshoot File/configs/LA.cfg!
!version 12.4service timestamps debug datetime msecservice
timestamps log datetime msecno service password-encryption!hostname
LA!boot-start-markerboot-end-marker!!no aaa new-modelmemory-size
iomem 5ip cef!!!!no ip domain lookupip domain name
lab.local!multilink bundle-name
authenticated!!!!!!!!!!!!!!!!!!!!!archive log config hidekeys!
!!!!!!!interface Loopback1 ip address 10.1.1.1
255.255.255.255!interface FastEthernet0/0 no ip address shutdown
duplex auto speed auto!interface Serial0/0 ip address 11.1.1.1
255.255.255.252 clock rate 2000000!interface FastEthernet0/1 no ip
address shutdown duplex auto speed auto!interface Serial0/1 no ip
address shutdown clock rate 2000000!router bgp 20 no
synchronization bgp log-neighbor-changes network 10.1.1.1 mask
255.255.255.255 neighbor 11.1.1.2 remote-as 10 neighbor 11.1.1.2
password CISCO no auto-summary!ip forward-protocol nd!!no ip http
serverno ip http secure-server!!!!!!!control-plane!!!!!!!!!!line
con 0 exec-timeout 0 0 privilege level 15 logging synchronousline
aux 0 exec-timeout 0 0 privilege level 15 logging synchronousline
vty 0 4 login!!end
BGP - Tshoot File/configs/NY.cfg!
!version 12.4service timestamps debug datetime msecservice
timestamps log datetime msecno service password-encryption!hostname
NY!boot-start-markerboot-end-marker!!no aaa new-modelmemory-size
iomem 5ip cef!!!!no ip domain lookupip domain name
lab.local!multilink bundle-name
authenticated!!!!!!!!!!!!!!!!!!!!!archive log config hidekeys!
!!!!!!!interface Loopback1 ip address 10.2.2.2
255.255.255.255!interface FastEthernet0/0 no ip address shutdown
duplex auto speed auto!interface Serial0/0 ip address 56.1.1.2
255.255.255.252 clock rate 2000000!interface FastEthernet0/1 no ip
address shutdown duplex auto speed auto!interface Serial0/1 no ip
address shutdown clock rate 2000000!router bgp 30 no
synchronization bgp log-neighbor-changes network 10.2.2.2 mask
255.255.255.255 neighbor 56.1.1.1 remote-as 10 neighbor 56.1.1.1
password CISCO no auto-summary!ip forward-protocol nd!!no ip http
serverno ip http secure-server!!!!!!!control-plane!!!!!!!!!!line
con 0 exec-timeout 0 0 privilege level 15 logging synchronousline
aux 0 exec-timeout 0 0 privilege level 15 logging synchronousline
vty 0 4 login!!end
BGP - Tshoot File/configs/WDC1.cfg!
!version 12.4service timestamps debug datetime msecservice
timestamps log datetime msecno service password-encryption!hostname
WDC1!boot-start-markerboot-end-marker!!no aaa new-modelmemory-size
iomem 5ip cef!!!!no ip domain lookupip domain name
lab.local!multilink bundle-name
authenticated!!!!!!!!!!!!!!!!!!!!!archive log config hidekeys!
!!!!!!!interface Loopback1 ip address 1.1.1.1
255.255.255.255!interface FastEthernet0/0 no ip address shutdown
duplex auto speed auto!interface Serial0/0 ip address 12.1.1.1
255.255.255.252 clock rate 2000000!interface FastEthernet0/1 no ip
address shutdown duplex auto speed auto!interface Serial0/1 ip
address 13.1.1.1 255.255.255.252 clock rate 2000000!interface
Serial0/2 ip address 11.1.1.2 255.255.255.252 clock rate
2000000!interface Serial0/3 no ip address shutdown clock rate
2000000!router ospf 1 log-adjacency-changes network 1.1.1.1 0.0.0.0
area 0 network 12.1.1.1 0.0.0.0 area 0 network 13.1.1.1 0.0.0.0
area 0!router bgp 10 no synchronization bgp log-neighbor-changes
neighbor 4.4.4.4 remote-as 10 neighbor 11.1.1.1 remote-as 20
neighbor 11.1.1.1 password CISCO neighbor 12.1.1.2 remote-as 10
neighbor 13.1.1.2 remote-as 10 no auto-summary!ip forward-protocol
nd!!no ip http serverno ip http
secure-server!!!!!!!control-plane!!!!!!!!!!line con 0 exec-timeout
0 0 privilege level 15 logging synchronousline aux 0 exec-timeout 0
0 privilege level 15 logging synchronousline vty 0 4 login!!end
BGP - Tshoot File/configs/WDC2.cfg!
!version 12.4service timestamps debug datetime msecservice
timestamps log datetime msecno service password-encryption!hostname
WDC2!boot-start-markerboot-end-marker!!no aaa new-modelmemory-size
iomem 5ip cef!!!!!multilink bundle-name
authenticated!!!!!!!!!!!!!!!!!!!!!archive log config hidekeys!
!!!!!!!interface FastEthernet0/0 no ip address shutdown duplex auto
speed auto!interface Serial0/0 ip address 12.1.1.2 255.255.255.252
clock rate 2000000!interface FastEthernet0/1 no ip address shutdown
duplex auto speed auto!interface Serial0/1 ip address 24.1.1.1
255.255.255.252 clock rate 2000000!router ospf 1
log-adjacency-changes network 12.1.1.2 0.0.0.0 area 0 network
24.1.1.1 0.0.0.0 area 0!router bgp 10 no synchronization bgp
log-neighbor-changes neighbor 12.1.1.1 remote-as 10 neighbor
24.1.1.2 remote-as 10 no auto-summary!ip forward-protocol nd!!ip
http serverno ip http
secure-server!!!!!!!control-plane!!!!!!!!!!line con 0line aux 0line
vty 0 4 login!!end
BGP - Tshoot File/configs/WDC3.cfg!
!version 12.4service timestamps debug datetime msecservice
timestamps log datetime msecno service password-encryption!hostname
WDC3!boot-start-markerboot-end-marker!!no aaa new-modelmemory-size
iomem 5ip cef!!!!no ip domain lookupip domain name
lab.local!multilink bundle-name
authenticated!!!!!!!!!!!!!!!!!!!!!archive log config hidekeys!
!!!!!!!interface FastEthernet0/0 no ip address shutdown duplex auto
speed auto!interface Serial0/0 ip address 13.1.1.2 255.255.255.252
clock rate 2000000!interface FastEthernet0/1 no ip address shutdown
duplex auto speed auto!interface Serial0/1 ip address 34.1.1.1
255.255.255.252 clock rate 2000000!router ospf 1
log-adjacency-changes network 13.1.1.2 0.0.0.0 area 0 network
34.1.1.1 0.0.0.0 area 0!router bgp 10 no synchronization bgp
log-neighbor-changes neighbor 13.1.1.1 remote-as 10 neighbor
34.1.1.2 remote-as 10 no auto-summary!ip forward-protocol nd!!no ip
http serverno ip http
secure-server!!!!!!!control-plane!!!!!!!!!!line con 0 exec-timeout
0 0 privilege level 15 logging synchronousline aux 0 exec-timeout 0
0 privilege level 15 logging synchronousline vty 0 4 login!!end
BGP - Tshoot File/configs/WDC4.cfg!
!version 12.4service timestamps debug datetime msecservice
timestamps log datetime msecno service password-encryption!hostname
WDC4!boot-start-markerboot-end-marker!!no aaa new-modelmemory-size
iomem 5ip cef!!!!no ip domain lookupip domain name
lab.local!multilink bundle-name
authenticated!!!!!!!!!!!!!!!!!!!!!archive log config hidekeys!
!!!!!!!interface Loopback1 ip address 4.4.4.4
255.255.255.255!interface FastEthernet0/0 no ip address shutdown
duplex auto speed auto!interface Serial0/0 ip address 24.1.1.2
255.255.255.252 clock rate 2000000!interface FastEthernet0/1 no ip
address shutdown duplex auto speed auto!interface Serial0/1 ip
address 34.1.1.2 255.255.255.252 clock rate 2000000!interface
Serial0/2 ip address 45.1.1.1 255.255.255.252 clock rate
2000000!interface Serial0/3 no ip address shutdown clock rate
2000000!router ospf 1 log-adjacency-changes network 4.4.4.4 0.0.0.0
area 0 network 24.1.1.2 0.0.0.0 area 0 network 34.1.1.2 0.0.0.0
area 0 network 45.1.1.1 0.0.0.0 area 0!router bgp 10 no
synchronization bgp log-neighbor-changes neighbor 1.1.1.1 remote-as
10 neighbor 24.1.1.1 remote-as 10 neighbor 34.1.1.1 remote-as 10
neighbor 45.1.1.2 remote-as 10 no auto-summary!ip forward-protocol
nd!!no ip http serverno ip http
secure-server!!!!!!!control-plane!!!!!!!!!!line con 0 exec-timeout
0 0 privilege level 15 logging synchronousline aux 0 exec-timeout 0
0 privilege level 15 logging synchronousline vty 0 4 login!!end
BGP - Tshoot File/configs/WDC5.cfg!
!version 12.4service timestamps debug datetime msecservice
timestamps log datetime msecno service password-encryption!hostname
WDC5!boot-start-markerboot-end-marker!!no aaa new-modelmemory-size
iomem 5ip cef!!!!no ip domain lookupip domain name
lab.local!multilink bundle-name
authenticated!!!!!!!!!!!!!!!!!!!!!archive log config hidekeys!
!!!!!!!interface Loopback1 no ip address!interface FastEthernet0/0
no ip address shutdown duplex auto speed auto!interface Serial0/0
ip address 45.1.1.2 255.255.255.252 clock rate 2000000!interface
FastEthernet0/1 no ip address shutdown duplex auto speed
auto!interface Serial0/1 ip address 56.1.1.1 255.255.255.252 clock
rate 2000000!interface Serial0/2 no ip address shutdown clock rate
2000000!interface Serial0/3 no ip address shutdown clock rate
2000000!router ospf 1 log-adjacency-changes network 45.1.1.2
0.0.0.0 area 0!router bgp 10 no synchronization bgp
log-neighbor-changes neighbor 45.1.1.1 remote-as 10 neighbor
56.1.1.2 remote-as 30 neighbor 56.1.1.2 password CISC0 no
auto-summary!ip forward-protocol nd!!no ip http serverno ip http
secure-server!!!!!!!control-plane!!!!!!!!!!line con 0 exec-timeout
0 0 privilege level 15 logging synchronousline aux 0 exec-timeout 0
0 privilege level 15 logging synchronousline vty 0 4 login!!end
BGP - Tshoot-Solution File/.DS_Store
__MACOSX/BGP - Tshoot-Solution File/._.DS_Store
BGP - Tshoot-Solution File/BGP-Tshoot.netautostart =
Falseversion = 0.8.3[127.0.0.1:7202] workingdir =
C:\Users\Scorpio\AppData\Local\Temp udp = 10200 [[3725]] image =
D:\Gurgaon\GNS3\C3725-AD.BIN ram = 256 idlepc = 0x60bf8ba0
sparsemem = True ghostios = True [[ROUTER WDC5]] model = 3725
console = 2005 aux = 2505 cnfg = configs\WDC5.cfg wic0/0 = WIC-2T
wic0/1 = WIC-2T s0/0 = WDC4 s0/2 s0/1 = NY s0/0 x = 23.0 y = -92.0
z = 1.0 hx = 13.0 hy = 38.0 [[ROUTER NY]] model = 3725 console =
2006 aux = 2506 cnfg = configs\NY.cfg wic0/0 = WIC-2T s0/0 = WDC5
s0/1 x = 96.0 y = -246.0 z = 1.0 hx = 65.5 hy =
11.0[127.0.0.1:7203] workingdir =
C:\Users\Scorpio\AppData\Local\Temp udp = 10300 [[3725]] image =
D:\Gurgaon\GNS3\C3725-AD.BIN ram = 256 idlepc = 0x60bf8ba0
sparsemem = True ghostios = True [[ROUTER LA]] model = 3725 console
= 2007 aux = 2507 cnfg = configs\LA.cfg wic0/0 = WIC-2T s0/0 = WDC1
s0/2 x = -609.0 y = -82.0 z = 1.0[127.0.0.1:7200] workingdir =
C:\Users\Scorpio\AppData\Local\Temp udp = 10000 [[3725]] image =
D:\Gurgaon\GNS3\C3725-AD.BIN ram = 256 idlepc = 0x60bf8ba0
sparsemem = True ghostios = True [[ROUTER WDC1]] model = 3725
console = 2001 aux = 2501 cnfg = configs\WDC1.cfg wic0/0 = WIC-2T
wic0/1 = WIC-2T s0/0 = WDC2 s0/0 s0/1 = WDC3 s0/0 s0/2 = LA s0/0 x
= -433.0 y = -89.0 z = 1.0 hx = 15.0 hy = 40.0 [[ROUTER WDC2]]
model = 3725 console = 2002 aux = 2502 cnfg = configs\WDC2.cfg
wic0/0 = WIC-2T s0/0 = WDC1 s0/0 s0/1 = WDC4 s0/0 x = -288.0 y =
-174.0 z = 1.0[127.0.0.1:7201] workingdir =
C:\Users\Scorpio\AppData\Local\Temp udp = 10100 [[3725]] image =
D:\Gurgaon\GNS3\C3725-AD.BIN ram = 256 idlepc = 0x60bf8ba0
sparsemem = True ghostios = True [[ROUTER WDC4]] model = 3725
console = 2004 aux = 2504 cnfg = configs\WDC4.cfg wic0/0 = WIC-2T
wic0/1 = WIC-2T s0/0 = WDC2 s0/1 s0/1 = WDC3 s0/1 s0/2 = WDC5 s0/0
x = -127.0 y = -87.0 z = 1.0 hx = 11.0 hy = -19.0 [[ROUTER WDC3]]
model = 3725 console = 2003 aux = 2503 cnfg = configs\WDC3.cfg
wic0/0 = WIC-2T s0/0 = WDC1 s0/1 s0/1 = WDC4 s0/1 x = -281.0 y =
-4.0 z = 1.0 hx = 12.0 hy = 36.0[GNS3-DATA] configs = configs
workdir = working [[NOTE 1]] text = "BGP MD5" x = 117.0 y = -114.0
rotate = -72 [[NOTE 2]] text = "BGP MD5" x = -531.0 y = -55.0
[[NOTE 3]] text = "34.1.1.0/30" x = -203.0 y = 7.0 font = "MS Shell
Dlg 2,9,-1,5,75,0,0,0,0,0" rotate = -30 color = "#8b0000" [[NOTE
4]] text = "13.1.1.0/30" x = -375.0 y = -38.0 font = "MS Shell Dlg
2,9,-1,5,75,0,0,0,0,0" rotate = 28 color = "#8b0000" [[NOTE 5]]
text = "12.1.1.0/30" x = -375.0 y = -121.0 font = "MS Shell Dlg
2,9,-1,5,75,0,0,0,0,0" rotate = -30 color = "#8b0000" [[NOTE 6]]
text = "56.1.1.0/30" x = 90.0 y = -106.0 rotate = -73 color =
"#8b0000" [[NOTE 7]] text = "11.1.1.0/30" x = -526.0 y = -97.0
color = "#860000" [[NOTE 8]] text = "45.1.1.0/30" x = -61.0 y =
-100.0 font = "MS Shell Dlg 2,9,-1,5,75,0,0,0,0,0" color =
"#8b0000" [[NOTE 9]] text = "Loopback 1\n4.4.4.4/32" x = -111.0 y =
-48.0 [[NOTE 10]] text = "Loopback 1 : 10.2.2.2/32" x = 27.0 y =
-279.0 [[NOTE 11]] text = "Loopback 1\n1.1.1.1/32" x = -453.0 y =
-124.0 [[NOTE 12]] text = "BGP AS 10" x = -132.0 y = -178.0 font =
"MS Shell Dlg 2,12,-1,5,75,0,0,0,0,0" color = "#00007f" [[NOTE 13]]
text = "BGP AS 30" x = 66.0 y = -307.0 font = "MS Shell Dlg
2,12,-1,5,75,0,0,0,0,0" color = "#00007f" [[NOTE 14]] text =
"Loopback 1 : 10.1.1.1/32" x = -630.0 y = -11.0 [[NOTE 15]] text =
"BGP AS 20" x = -594.0 y = -149.0 font = "MS Shell Dlg
2,12,-1,5,75,0,0,0,0,0" color = "#00007f" [[NOTE 16]] text = "BGP
Neighbor-ship Between \n\nEBGP : LA - WDC1 & WDC5 - NY with MD5
Authentication\nIBGP :WDC1-2, WDC1-3, WDC2-4, WDC3-4 \n WDC1- WDC4
(Loopback to Loopback)\n" x = -612.0 y = -299.0 font = "MS Shell
Dlg 2,11,-1,5,75,0,0,0,0,0" color = "#590044" [[NOTE 17]] text =
"24.1.1.0/30" x = -187.0 y = -155.0 font = "MS Shell Dlg
2,9,-1,5,75,0,0,0,0,0" rotate = 28 color = "#8b0000" [[NOTE 18]]
text = "IGP - OSPF 1 \n Area 0" x = -307.0 y = -89.0 font = "MS
Shell Dlg 2,12,-1,5,75,0,0,0,0,0" color = "#003e00" [[SHAPE 1]]
type = rectangle x = -622.0 y = -113.0 width = 154.0 height = 100.0
fill_color = "#f3c2ff" border_style = 3 z = -1.0 [[SHAPE 2]] type =
ellipse x = -466.0 y = -207.0 width = 560.0 height = 263.0
fill_color = "#b1ff87" border_style = 2 z = -1.0 [[SHAPE 3]] type =
rectangle x = 21.0 y = -279.0 width = 200.0 height = 100.0
fill_color = "#a9ddff" border_style = 3 z = -2.0
BGP - Tshoot-Solution File/configs/LA.cfg!!version 12.4service
timestamps debug datetime msecservice timestamps log datetime
msecno service password-encryption!hostname
LA!boot-start-markerboot-end-marker!!no aaa new-modelmemory-size
iomem 5ip cef!!!!no ip domain lookupip domain name
lab.local!multilink bundle-name
authenticated!!!!!!!!!!!!!!!!!!!!!archive log config hidekeys!
!!!!!!!interface Loopback1 ip address 10.1.1.1
255.255.255.255!interface FastEthernet0/0 no ip address shutdown
duplex auto speed auto!interface Serial0/0 ip address 11.1.1.1
255.255.255.252 clock rate 2000000!interface FastEthernet0/1 no ip
address shutdown duplex auto speed auto!interface Serial0/1 no ip
address shutdown clock rate 2000000!router bgp 20 no
synchronization bgp log-neighbor-changes network 10.1.1.1 mask
255.255.255.255 neighbor 11.1.1.2 remote-as 10 neighbor 11.1.1.2
password CISCO no auto-summary!ip forward-protocol nd!!no ip http
serverno ip http secure-server!!!!!!!control-plane!!!!!!!!!!line
con 0 exec-timeout 0 0 privilege level 15 logging synchronousline
aux 0 exec-timeout 0 0 privilege level 15 logging synchronousline
vty 0 4 login!!end
BGP - Tshoot-Solution File/configs/NY.cfg!
!version 12.4service timestamps debug datetime msecservice
timestamps log datetime msecno service password-encryption!hostname
NY!boot-start-markerboot-end-marker!!no aaa new-modelmemory-size
iomem 5ip cef!!!!no ip domain lookupip domain name
lab.local!multilink bundle-name
authenticated!!!!!!!!!!!!!!!!!!!!!archive log config hidekeys!
!!!!!!!interface Loopback1 ip address 10.2.2.2
255.255.255.255!interface FastEthernet0/0 no ip address shutdown
duplex auto speed auto!interface Serial0/0 ip address 56.1.1.2
255.255.255.252 clock rate 2000000!interface FastEthernet0/1 no ip
address shutdown duplex auto speed auto!interface Serial0/1 no ip
address shutdown clock rate 2000000!router bgp 30 no
synchronization bgp log-neighbor-changes network 10.2.2.2 mask
255.255.255.255 neighbor 56.1.1.1 remote-as 10 neighbor 56.1.1.1
password CISCO no auto-summary!ip forward-protocol nd!!no ip http
serverno ip http secure-server!!!!!!!control-plane!!!!!!!!!!line
con 0 exec-timeout 0 0 privilege level 15 logging synchronousline
aux 0 exec-timeout 0 0 privilege level 15 logging synchronousline
vty 0 4 login!!end
BGP - Tshoot-Solution File/configs/WDC1.cfg!!version 12.4service
timestamps debug datetime msecservice timestamps log datetime
msecno service password-encryption!hostname
WDC1!boot-start-markerboot-end-marker!!no aaa new-modelmemory-size
iomem 5ip cef!!!!no ip domain lookupip domain name
lab.local!multilink bundle-name
authenticated!!!!!!!!!!!!!!!!!!!!!archive log config hidekeys!
!!!!!!!interface Loopback1 ip address 1.1.1.1
255.255.255.255!interface FastEthernet0/0 no ip address shutdown
duplex auto speed auto!interface Serial0/0 ip address 12.1.1.1
255.255.255.252 clock rate 2000000!interface FastEthernet0/1 no ip
address shutdown duplex auto speed auto!interface Serial0/1 ip
address 13.1.1.1 255.255.255.252 clock rate 2000000!interface
Serial0/2 ip address 11.1.1.2 255.255.255.252 clock rate
2000000!interface Serial0/3 no ip address shutdown clock rate
2000000!router ospf 1 log-adjacency-changes network 1.1.1.1 0.0.0.0
area 0 network 12.1.1.1 0.0.0.0 area 0 network 13.1.1.1 0.0.0.0
area 0!router bgp 10 no synchronization bgp log-neighbor-changes
neighbor 4.4.4.4 remote-as 10 neighbor 4.4.4.4 update-source
Loopback1 neighbor 4.4.4.4 next-hop-self neighbor 11.1.1.1
remote-as 20 neighbor 11.1.1.1 password CISCO neighbor 12.1.1.2
remote-as 10 neighbor 13.1.1.2 remote-as 10 no auto-summary!ip
default-gateway 4.4.4.4ip forward-protocol nd!!no ip http serverno
ip http secure-server!!!!!!!control-plane!!!!!!!!!!line con 0
exec-timeout 0 0 privilege level 15 logging synchronousline aux 0
exec-timeout 0 0 privilege level 15 logging synchronousline vty 0 4
login!!end
BGP - Tshoot-Solution File/configs/WDC2.cfg!!version 12.4service
timestamps debug datetime msecservice timestamps log datetime
msecno service password-encryption!hostname
WDC2!boot-start-markerboot-end-marker!!no aaa new-modelmemory-size
iomem 5ip cef!!!!!multilink bundle-name
authenticated!!!!!!!!!!!!!!!!!!!!!archive log config hidekeys!
!!!!!!!interface FastEthernet0/0 no ip address shutdown duplex auto
speed auto!interface Serial0/0 ip address 12.1.1.2 255.255.255.252
clock rate 2000000!interface FastEthernet0/1 no ip address shutdown
duplex auto speed auto!interface Serial0/1 ip address 24.1.1.1
255.255.255.252 clock rate 2000000!router ospf 1
log-adjacency-changes network 12.1.1.2 0.0.0.0 area 0 network
24.1.1.1 0.0.0.0 area 0!router bgp 10 no synchronization bgp
log-neighbor-changes neighbor 12.1.1.1 remote-as 10 neighbor
24.1.1.2 remote-as 10 no auto-summary!ip forward-protocol nd!!ip
http serverno ip http
secure-server!!!!!!!control-plane!!!!!!!!!!line con 0line aux 0line
vty 0 4 login!!end
BGP - Tshoot-Solution File/configs/WDC3.cfg!!version 12.4service
timestamps debug datetime msecservice timestamps log datetime
msecno service password-encryption!hostname
WDC3!boot-start-markerboot-end-marker!!no aaa new-modelmemory-size
iomem 5ip cef!!!!no ip domain lookupip domain name
lab.local!multilink bundle-name
authenticated!!!!!!!!!!!!!!!!!!!!!archive log config hidekeys!
!!!!!!!interface FastEthernet0/0 no ip address shutdown duplex auto
speed auto!interface Serial0/0 ip address 13.1.1.2 255.255.255.252
clock rate 2000000!interface FastEthernet0/1 no ip address shutdown
duplex auto speed auto!interface Serial0/1 ip address 34.1.1.1
255.255.255.252 clock rate 2000000!router ospf 1
log-adjacency-changes network 13.1.1.2 0.0.0.0 area 0 network
34.1.1.1 0.0.0.0 area 0!router bgp 10 no synchronization bgp
log-neighbor-changes neighbor 13.1.1.1 remote-as 10 neighbor
34.1.1.2 remote-as 10 no auto-summary!ip forward-protocol nd!!no ip
http serverno ip http
secure-server!!!!!!!control-plane!!!!!!!!!!line con 0 exec-timeout
0 0 privilege level 15 logging synchronousline aux 0 exec-timeout 0
0 privilege level 15 logging synchronousline vty 0 4 login!!end
BGP - Tshoot-Solution File/configs/WDC4.cfg!!version 12.4service
timestamps debug datetime msecservice timestamps log datetime
msecno service password-encryption!hostname
WDC4!boot-start-markerboot-end-marker!!no aaa new-modelmemory-size
iomem 5ip cef!!!!no ip domain lookupip domain name
lab.local!multilink bundle-name
authenticated!!!!!!!!!!!!!!!!!!!!!archive log config hidekeys!
!!!!!!!interface Loopback1 ip address 4.4.4.4
255.255.255.255!interface FastEthernet0/0 no ip address shutdown
duplex auto speed auto!interface Serial0/0 ip address 24.1.1.2
255.255.255.252 clock rate 2000000!interface FastEthernet0/1 no ip
address shutdown duplex auto speed auto!interface Serial0/1 ip
address 34.1.1.2 255.255.255.252 clock rate 2000000!interface
Serial0/2 ip address 45.1.1.1 255.255.255.252 clock rate
2000000!interface Serial0/3 no ip address shutdown clock rate
2000000!router ospf 1 log-adjacency-changes network 4.4.4.4 0.0.0.0
area 0 network 24.1.1.2 0.0.0.0 area 0 network 34.1.1.2 0.0.0.0
area 0 network 45.1.1.1 0.0.0.0 area 0!router bgp 10 no
synchronization bgp log-neighbor-changes neighbor 1.1.1.1 remote-as
10 neighbor 1.1.1.1 update-source Loopback1 neighbor 1.1.1.1
route-reflector-client neighbor 24.1.1.1 remote-as 10 neighbor
34.1.1.1 remote-as 10 neighbor 45.1.1.2 remote-as 10 neighbor
45.1.1.2 route-reflector-client no auto-summary!ip default-gateway
1.1.1.1ip forward-protocol nd!!no ip http serverno ip http
secure-server!!!!!!!control-plane!!!!!!!!!!line con 0 exec-timeout
0 0 privilege level 15 logging synchronousline aux 0 exec-timeout 0
0 privilege level 15 logging synchronousline vty 0 4 login!!end
BGP - Tshoot-Solution File/configs/WDC5.cfg!!version 12.4service
timestamps debug datetime msecservice timestamps log datetime
msecno service password-encryption!hostname
WDC5!boot-start-markerboot-end-marker!!no aaa new-modelmemory-size
iomem 5ip cef!!!!no ip domain lookupip domain name
lab.local!multilink bundle-name
authenticated!!!!!!!!!!!!!!!!!!!!!archive log config hidekeys!
!!!!!!!interface Loopback1 no ip address!interface FastEthernet0/0
no ip address shutdown duplex auto speed auto!interface Serial0/0
ip address 45.1.1.2 255.255.255.252 clock rate 2000000!interface
FastEthernet0/1 no ip address shutdown duplex auto speed
auto!interface Serial0/1 ip address 56.1.1.1 255.255.255.252 clock
rate 2000000!interface Serial0/2 no ip address shutdown clock rate
2000000!interface Serial0/3 no ip address shutdown clock rate
2000000!router ospf 1 log-adjacency-changes network 45.1.1.2
0.0.0.0 area 0!router bgp 10 no synchronization bgp
log-neighbor-changes neighbor 45.1.1.1 remote-as 10 neighbor
45.1.1.1 next-hop-self neighbor 56.1.1.2 remote-as 30 neighbor
56.1.1.2 password CISCO no auto-summary!ip forward-protocol nd!!no
ip http serverno ip http
secure-server!!!!!!!control-plane!!!!!!!!!!line con 0 exec-timeout
0 0 privilege level 15 logging synchronousline aux 0 exec-timeout 0
0 privilege level 15 logging synchronousline vty 0 4 login!!end
![BGP Flowspec - 2016.peeringdays.eu Juniper Configuration nextlayer@NL-LAB-AX1> show configuration protocols bgp group FLOWSPEC ! ... [BGP/170] 00:04:26, localpref 100, from 10.0.0.254!](https://img.pdfslide.us/doc/110x75/5ad81b7a7f8b9a9d5c8ce26f/bgp-flowspec-2016-juniper-configuration-nextlayernl-lab-ax1-show-configuration.jpg)
