Upload
netwax-lab
View
31
Download
0
Embed Size (px)
Citation preview
Lab 26: BGP-II
Task
1. Configure IP Address as per given in topology. Make sure all routers have four loopbacks (e.g.
on R1 L1 1.1.1.1/24 L2 1.1.2.1/24.)
2. Configure IBGP as per given in topology and advertise first two loopbacks in IBGP Domain.
3. Configure HSRP on R5 and R6. Use Virtual IP as 192.168.20.254 and MD5 authentication key
as "N3tW@x!ab".
4. Configure Server as per given in topology. Make sure Routers who participate in BGP 100 will
ping netwaxlab and blog.eincop.com
5. Configure BGP as per given in topology. Also Configure Sub BGP in BGP 1000.
6. Make sure Loopback which is participating in BGP domains will communicate each other’s.
7. Make sure OSPF Area 0 authenticate with MD5 using "N3tW@x!ab" key.
8. Configure BGP authentication between R4 and R6 using "N3tW@x!ab" key.
9. On R9, R14 is the best path for networks 8.8.1.0, 8.8.2.0, 8.8.3.0 and 8.8.4.0.
10. R11 receives all the routes from R8. Expect their own BGP domain.
Figure 1 Topology
Lab 26: BGP-II
Solution
Task 2: Configure IBGP as per given in topology and advertise first two loopbacks in IBGP
Domain.
R1
router ospf 1
router-id 1.1.1.1
network 1.1.1.0 0.0.0.255 area 0
network 1.1.2.0 0.0.0.255 area 0
network 10.0.13.0 0.0.0.255 area 0
network 10.0.14.0 0.0.0.255 area 0
exit
R2
router ospf 1
router-id 2.2.2.2
network 2.2.1.0 0.0.0.255 area 0
network 2.2.2.0 0.0.0.255 area 0
network 10.0.23.0 0.0.0.255 area 0
network 10.0.24.0 0.0.0.255 area 0
exit
R3
router ospf 1
router-id 3.3.3.3
network 3.3.1.0 0.0.0.255 area 0
network 3.3.2.0 0.0.0.255 area 0
network 10.0.13.0 0.0.0.255 area 0
network 10.0.23.0 0.0.0.255 area 0
exit
R4
router ospf 1
router-id 4.4.4.4
network 4.4.1.0 0.0.0.255 area 0
network 4.4.2.0 0.0.0.255 area 0
network 10.0.14.0 0.0.0.255 area 0
network 10.0.24.0 0.0.0.255 area 0
Lab 26: BGP-II
network 20.0.45.0 0.0.0.255 area 1
network 20.0.46.0 0.0.0.255 area 1
exit
R5
router ospf 1
router-id 5.5.5.5
network 5.5.1.0 0.0.0.255 area 1
network 5.5.2.0 0.0.0.255 area 1
network 20.0.45.0 0.0.0.255 area 1
network 192.168.20.0 0.0.0.255 area 1
exit
R6
router ospf 1
router-id 6.6.6.6
network 6.6.1.0 0.0.0.255 area 1
network 6.6.2.0 0.0.0.255 area 1
network 20.0.46.0 0.0.0.255 area 1
network 192.168.20.0 0.0.0.255 area 1
exit
R11
router eigrp 100
network 10.0.112.0 0.0.0.255
network 10.0.113.0 0.0.0.255
network 11.11.1.0 0.0.0.255
network 11.11.2.0 0.0.0.255
no auto-summary
R12
router eigrp 100
network 10.0.112.0 0.0.0.255
network 10.0.114.0 0.0.0.255
network 12.12.1.0 0.0.0.255
network 12.12.2.0 0.0.0.255
no auto-summary
Lab 26: BGP-II
R13
router eigrp 100
network 10.0.113.0 0.0.0.255
network 13.13.1.0 0.0.0.255
network 13.13.2.0 0.0.0.255
no auto-summary
R14
router eigrp 100
network 10.0.114.0 0.0.0.255
network 14.14.1.0 0.0.0.255
network 14.14.2.0 0.0.0.255
no auto-summary
Task 3: Configure HSRP on R5 and R6. Use Virtual IP as 192.168.20.254 and MD5 authentication
key as "N3tW@x!ab".
R5
int f0/0
standby 1 ip 192.168.20.254
standby 1 priority 101
standby 1 preempt
standby 1 authentication md5 key-string N3tW@x!ab
exit
R6
int f1/0
standby 1 ip 192.168.20.254
standby 1 priority 99
standby 1 preempt
standby 1 authentication md5 key-string N3tW@x!ab
exit
Lab 26: BGP-II
Task 4: Configure Server as per given in topology. Make sure Routers who participate in BGP
100 will ping netwaxlab and blog.eincop.com
R6
int l1
ip add 99.99.99.100 255.255.255.0
int l2
ip add 99.99.98.11 255.255.255.0
R4, R5 and R6
ip domain lookup
ip name-server 192.168.20.200
Task 5: Configure BGP as per given in topology. Also Configure Sub BGP in BGP 1000. (Task 6
will also complete in this task).
R1
router bgp 100
no synchronization
bgp log-neighbor-changes
network 1.1.3.0 mask 255.255.255.0
network 1.1.4.0 mask 255.255.255.0
neighbor 10.0.13.3 remote-as 100
neighbor 10.0.14.4 remote-as 100
neighbor 10.0.14.4 route-reflector-client
neighbor 10.0.14.4 next-hop-self
no auto-summary
R2
router bgp 100
no synchronization
bgp log-neighbor-changes
network 2.2.3.0 mask 255.255.255.0
network 2.2.4.0 mask 255.255.255.0
neighbor 10.0.23.3 remote-as 100
neighbor 10.0.24.4 remote-as 100
neighbor 10.0.24.4 route-reflector-client
neighbor 10.0.24.4 next-hop-self
no auto-summary
Lab 26: BGP-II
R3
router bgp 100
no synchronization
bgp log-neighbor-changes
network 3.3.3.0 mask 255.255.255.0
network 3.3.4.0 mask 255.255.255.0
neighbor 7.7.1.1 remote-as 200
neighbor 7.7.1.1 ebgp-multihop 2
neighbor 7.7.1.1 update-source Loopback1
neighbor 8.8.1.1 remote-as 1422
neighbor 8.8.1.1 ebgp-multihop 2
neighbor 8.8.1.1 update-source Loopback1
neighbor 10.0.13.1 remote-as 100
neighbor 10.0.13.1 next-hop-self
neighbor 10.0.23.2 remote-as 100
neighbor 10.0.23.2 route-reflector-client
neighbor 10.0.23.2 next-hop-self
neighbor 10.0.37.7 remote-as 200
neighbor 10.0.38.8 remote-as 1422
no auto-summary
R4
router bgp 100
no synchronization
bgp log-neighbor-changes
network 4.4.3.0 mask 255.255.255.0
network 4.4.4.0 mask 255.255.255.0
neighbor 10.0.14.1 remote-as 100
neighbor 10.0.14.1 route-reflector-client
neighbor 10.0.14.1 next-hop-self
neighbor 10.0.24.2 remote-as 100
neighbor 10.0.24.2 route-reflector-client
neighbor 10.0.24.2 next-hop-self
neighbor 20.0.45.5 remote-as 100
neighbor 20.0.45.5 route-reflector-client
neighbor 20.0.45.5 next-hop-self
neighbor 20.0.46.6 remote-as 100
neighbor 20.0.46.6 route-reflector-client
neighbor 20.0.46.6 next-hop-self
Lab 26: BGP-II
no auto-summary
R5
router bgp 100
no synchronization
bgp log-neighbor-changes
network 5.5.3.0 mask 255.255.255.0
network 5.5.4.0 mask 255.255.255.0
network 192.168.20.0
neighbor 20.0.45.4 remote-as 100
no auto-summary
R6
router bgp 100
no synchronization
bgp log-neighbor-changes
network 6.6.3.0 mask 255.255.255.0
network 6.6.4.0 mask 255.255.255.0
network 99.99.98.0 mask 255.255.255.0
network 99.99.99.0 mask 255.255.255.0
network 192.168.20.0
neighbor 9.9.1.1 remote-as 1330
neighbor 9.9.1.1 ebgp-multihop 2
neighbor 9.9.1.1 update-source Loopback1
neighbor 10.0.69.9 remote-as 1330
neighbor 10.10.1.1 remote-as 400
neighbor 10.10.1.1 ebgp-multihop 2
neighbor 10.10.1.1 update-source Loopback1
neighbor 20.0.46.4 remote-as 100
neighbor 20.0.46.4 next-hop-self
no auto-summary
R7
router bgp 200
no synchronization
bgp log-neighbor-changes
network 7.7.1.0 mask 255.255.255.0
network 7.7.2.0 mask 255.255.255.0
network 7.7.3.0 mask 255.255.255.0
Lab 26: BGP-II
network 7.7.4.0 mask 255.255.255.0
network 10.0.0.0 mask 255.255.255.0
network 20.0.0.0 mask 255.255.255.0
neighbor 3.3.1.1 remote-as 100
neighbor 3.3.1.1 ebgp-multihop 2
neighbor 3.3.1.1 update-source Loopback1
neighbor 10.0.37.3 remote-as 100
no auto-summary
R8
router bgp 1422
no synchronization
bgp log-neighbor-changes
network 8.8.1.0 mask 255.255.255.0
network 8.8.2.0 mask 255.255.255.0
network 8.8.3.0 mask 255.255.255.0
network 8.8.4.0 mask 255.255.255.0
network 192.168.4.0
neighbor 3.3.1.1 remote-as 100
neighbor 3.3.1.1 ebgp-multihop 2
neighbor 3.3.1.1 update-source Loopback1
neighbor 10.0.38.3 remote-as 100
neighbor 10.0.81.11 remote-as 1000
neighbor 11.11.1.1 remote-as 1000
neighbor 11.11.1.1 ebgp-multihop 2
neighbor 11.11.1.1 update-source Loopback1
no auto-summary
R9
router bgp 1330
no synchronization
bgp log-neighbor-changes
network 9.9.1.0 mask 255.255.255.0
network 9.9.2.0 mask 255.255.255.0
network 9.9.3.0 mask 255.255.255.0
network 9.9.4.0 mask 255.255.255.0
neighbor 6.6.1.1 remote-as 100
neighbor 6.6.1.1 ebgp-multihop 2
neighbor 6.6.1.1 update-source Loopback1
neighbor 10.0.69.6 remote-as 100
Lab 26: BGP-II
neighbor 10.0.149.14 remote-as 1000
neighbor 14.14.1.1 remote-as 1000
neighbor 14.14.1.1 ebgp-multihop 2
neighbor 14.14.1.1 update-source Loopback1
no auto-summary
R10
router bgp 400
no synchronization
bgp log-neighbor-changes
network 10.10.1.0 mask 255.255.255.0
network 10.10.2.0 mask 255.255.255.0
network 10.10.3.0 mask 255.255.255.0
network 10.10.4.0 mask 255.255.255.0
neighbor 6.6.1.1 remote-as 100
neighbor 6.6.1.1 ebgp-multihop 2
neighbor 6.6.1.1 update-source Loopback1
neighbor 10.0.60.0 remote-as 100
no auto-summary
R11
router bgp 1000
no synchronization
bgp log-neighbor-changes
bgp confederation identifier 1000
bgp confederation peers 230
network 11.11.3.0 mask 255.255.255.0
network 11.11.4.0 mask 255.255.255.0
neighbor 8.8.1.1 remote-as 1422
neighbor 8.8.1.1 ebgp-multihop 2
neighbor 8.8.1.1 update-source Loopback1
neighbor 10.0.81.8 remote-as 1422
neighbor 10.0.112.12 remote-as 1000
neighbor 10.0.112.12 next-hop-self
neighbor 10.0.113.13 remote-as 230
neighbor 10.0.113.13 next-hop-self
no auto-summary
Lab 26: BGP-II
R12
router bgp 1000
no synchronization
bgp log-neighbor-changes
bgp confederation identifier 1000
bgp confederation peers 260
network 12.12.3.0 mask 255.255.255.0
network 12.12.4.0 mask 255.255.255.0
neighbor 10.0.112.11 remote-as 1000
neighbor 10.0.112.11 next-hop-self
neighbor 10.0.114.14 remote-as 260
neighbor 10.0.114.14 next-hop-self
no auto-summary
R13
router bgp 230
no synchronization
bgp log-neighbor-changes
bgp confederation identifier 1000
bgp confederation peers 1000
network 13.13.3.0 mask 255.255.255.0
network 13.13.4.0 mask 255.255.255.0
neighbor 10.0.113.11 remote-as 1000
no auto-summary
R14
router bgp 260
no synchronization
bgp log-neighbor-changes
bgp confederation identifier 1000
bgp confederation peers 1000
network 14.14.3.0 mask 255.255.255.0
network 14.14.4.0 mask 255.255.255.0
neighbor 9.9.1.1 remote-as 1330
neighbor 9.9.1.1 ebgp-multihop 2
neighbor 9.9.1.1 update-source Loopback1
neighbor 10.0.114.12 remote-as 1000
neighbor 10.0.114.12 next-hop-self
neighbor 10.0.149.9 remote-as 1330
Lab 26: BGP-II
no auto-summary
Task 6: Already completed in above task.
Task 7: Make sure OSPF Area 0 authenticate with MD5 using "N3tW@x!ab" key.
R1
router ospf 1
area 0 authentication
exit
int se0/0
ip ospf authentication message-digest
ip ospf message-digest-key 10 md5 N3tW@x!ab
exit
int se0/1
ip ospf authentication message-digest
ip ospf message-digest-key 10 md5 N3tW@x!ab
exit
R2
router ospf 1
area 0 authentication
exit
int se0/0
ip ospf authentication message-digest
ip ospf message-digest-key 10 md5 N3tW@x!ab
exit
int se0/1
ip ospf authentication message-digest
ip ospf message-digest-key 10 md5 N3tW@x!ab
exit
R3
router ospf 1
area 0 authentication
exit
Lab 26: BGP-II
int se0/0
ip ospf authentication message-digest
ip ospf message-digest-key 10 md5 N3tW@x!ab
exit
int se0/1
ip ospf authentication message-digest
ip ospf message-digest-key 10 md5 N3tW@x!ab
exit
R4
router ospf 1
area 0 authentication
exit
int se0/0
ip ospf authentication message-digest
ip ospf message-digest-key 10 md5 N3tW@x!ab
exit
int se0/1
ip ospf authentication message-digest
ip ospf message-digest-key 10 md5 N3tW@x!ab
exit
Task 8: Configure BGP authentication between R4 and R6 using "N3tW@x!ab" key.
R4
router bgp 100
neighbor 20.0.46.6 password N3tW@x!ab
exit
R6
router bgp 100
neighbor 20.0.46.4 password N3tW@x!ab
exit
Lab 26: BGP-II
Task 9: On R9, R14 is the best path for networks 8.8.1.0, 8.8.2.0, 8.8.3.0 and 8.8.4.0.
R9
access-list 10 permit 8.8.1.0 0.0.0.255
access-list 10 permit 8.8.2.0 0.0.0.255
access-list 10 permit 8.8.3.0 0.0.0.255
access-list 10 permit 8.8.4.0 0.0.0.255
route-map R8 permit 10
match ip address 10
set local-preference 500
exit
route-map R8 permit 20
exit
router bgp 1330
neighbor 10.0.149.14 route-map R8 in
exit
Task 10: R11 receives all the routes from R8. Expect their own BGP domain.
R11
access-list 10 permit 9.9.1.0 0.0.0.255
access-list 10 permit 9.9.2.0 0.0.0.255
access-list 10 permit 9.9.3.0 0.0.0.255
access-list 10 permit 9.9.4.0 0.0.0.255
route-map R9 permit 10
match ip address 10
set weight 1500
exit
route-map R9 permit 20
exit
router bgp 1000
neighbor 10.0.81.8 route-map R9 in
exit