Scribd
Upload
293 views39 pages

Prep For CCIE SP Lab Exam v3-0 Part - 3 of 7 PDF

Uploaded by

jnahamed
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
293 views39 pages

Prep For CCIE SP Lab Exam v3-0 Part - 3 of 7 PDF

Uploaded by

jnahamed
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 39

CCIE Service Provider v3.

0
Sample Lab
Part 3/7

Vincent Jun Ling Zhou


CCIE Service Provider – Product Manager
Cisco Systems
SP Sample Lab – Main Topology
Backbone Carrier SP
Customer Carrier SP
AS 1002
ABC Site 5 QAZ
S2/1 S2/1 AS 612 Site 3
.135.13/24 PPP R6
R13 R12 R17
E1/0 ISIS E1/0 E1/3 OSPF E1/3
E0/1
.126.6/24 .126.12/24 .12.12/24 .12.17/24
.69.6/24

G0/2/0/1.69 VLAN 69
.69.9/24
VLAN 59
E0/0 E1/0 G0/2/0/1.29 G0/2/0/1.59 E0/0
E0/0
R14 .142.14/24 142.1/24
.29.2/24 VLAN 29 .29.9/24 .59.9/24 .59.5/24
R2
R9 R5
ABC RIP V2 EIGRP ABC
E0/2
Site 1 E0/1 .27.2/24 G0/2/0/1.79 Site 4
.28.2/24 .79.9/24
G0/2/0/1 G0/3
Trunk
E0/0 VLAN 28
.135.15/24 Backbone Carrier SP VLAN 79 Sw2
R15
AS 2 VLAN 98
VLAN 158 E0/2
ISIS or OSPF .98.2
.27.7/24
G0/2/0/2.158 G0/2/0/2.28
.28.8/24 E0/1
.79.7/24 S2/0
G0/2/0/2.78 E0/0
.78.8/24 DLCI 107
.78.7/24
Sw3 R8 R7
.178.11
R11
G0/2 G0/2/0/2 VLAN 78 S2/0
VLAN 98 Trunk
.98.3 DLCI 701
VLAN 178 G0/2.38 E1/0
.178.3
Customer Carrier SP .38.8/24 .17.7/24 Customer Carrier SP
ABC Site 2 VLAN 38
AS 123 BGP OSPF ABC Site 3
E1/0 AS 123
E1/0 .17.1/24
.38.3/24 E1/3 E1/3
E1/3 E1/3
.1.1/24 .1.18/24
.3.16/24 .3.3/24
R16 R3 R1 R18
ISIS OSPF
QAZ QAZ
Site 1 Site 2
SP Sample Lab – Addressing Scheme
 Backbone Carrier SP network Prefix: 2.2.0.0/24, 2002:2:2::/64
 Backbone Carrier SP router Loopback0: 2.2.0.Z/32, 2002:2:2::Z/128
 Customer Carrier SP/VPN network Prefix: 172.2.0.0/24, 2002:172:2::/64
 Customer Carrier SP/VPN router Loopback0: 172.2.0.Z/32, 2002:172:2::Z/128
 End Customer VPN network Prefix: 192.2.0.0/24
 End Customer VPN router Loopback0: 192.2.0.Z/32
 L2 VPN Customer network Prefix: 172.2.0.0/24
 L2 VPN Customer router Loopback0: 172.2.0.Z/32

“Z”  is  router  number,  for  example  “Z”  value  for  R12 is  “12”
SP Sample Lab – Setup
 Hardware
Two XR-12404 with two GigabitEthernet interfaces or equivalent
Thirteen Cisco 7200 series routers with Ethernet interfaces or equivalent
Three Cisco 3560G series or equivalent
 Software Operating System
XR12000-iosxr-k9-3.9.1.tar
c7200-spservices-mz.122-33.SRE2.bin
c3560-advipservicesk9-mz.122-46.SE.bin
SP Sample Lab Questions
Question, Configuration and Verification

1 IS-IS IPv4/IPv6

2 OSPF IPv4/IPv6

3 BGP unicast IPv4/IPv6

4 MPLS LDP

5 MPLS TE

6 MPLS TE FRR

7 MP-BGP intra-AS VPNv4

8 MP-BGP inter-AS VPNv4

9 CSC

10 MP-BGP VPNv6 - 6VPE

11 Multicast VPN

12 AToM

13 VPLS

14 L2TPv3
MPLS VPN Terminology
• LSR: Label switch router
• LSP: Label switched path
– The chain of labels that are swapped at each hop to get from one LSR to another
• VRF: VPN routing and forwarding
– Mechanism in Cisco IOS® used to build per-interface RIB and FIB
• MP-BGP: Multiprotocol BGP
• PE: Provider edge router interfaces with CE routers
• P: Provider (core) router, without knowledge of VPN
• VPNv4: Address family used in BGP to carry MPLS-VPN routes
• RD: Route distinguisher
– Distinguish same network/mask prefix in different VRFs
• RT: Route target
– Extended community attribute used to control import and export policies of
VPN routes
• LFIB: Label forwarding information base
• FIB: Forwarding information base
Mapping to Lab Exam Blueprint
 This question of the sample lab maps to following sections/sub-sections in
the Lab Exam Blueprint document below;
https://learningnetwork.cisco.com/docs/DOC-9991
3.0 – Implement, Optimize and Troubleshoot L3VPN Technologies
3.1 – Implement, Optimize and Troubleshoot Intra-AS L3VPN
 For more details, please review the Lab Exam Checklist document below;
https://learningnetwork.cisco.com/docs/DOC-10145
MP-BGP Intra-AS VPNv4 – Sub Topology and
Question
G0/2/0/1.59 E0/0
E0/0 E1/0 E0/0 G0/2/0/1.29
.59.9/24 .59.5/24
.142.14/24 142.1/24 .29.2/24 .29.9/24
R14 R2 R9 R5
RIP v2 E0/2 EIGRP
E0/1 .27.2/24 G0/2/0/1.79
.28.2/24 .79.9/24
ABC ABC
Site 1 Site 4

SP AS 2
E0/2
G0/2/0/2.28 .27.7/24
.28.8/24 Ei0/1
E0/0 .79.7/24
G0/2/0/2.78
.78.7/24
.78.8/24

R8 R7
Gi0/2.38 E1/0
ABC .38.8/24 .17.7/24 ABC
Site 2 BGP OSPF Site 3
E1/0
E1/0 .17.1/24
.38.3/24

AS 123
R3 R1

 Configure BGP VPNv4 on R2, R7, R8 and R9, configure R9 as VPNv4


Route-reflector for R2, R7 and R8
 Configure ABC sites router R14, R3, R1 and R5, ensure the Four sites can
ping each other
MP-BGP VPNv4 Configuration
R2 (IOS) configuration router rip
version 2
vrf definition ABC !
rd 2:2 address-family ipv4 vrf ABC
! redistribute bgp 2 metric 1
address-family ipv4 network 172.2.0.0
route-target export 2:2 version 2
route-target import 2:2 exit-address-family
! !
interface Ethernet0/0 router bgp 2
ip address 2.2.29.2 255.255.255.0 neighbor 2.2.0.9 remote-as 2
mpls ip neighbor 2.2.0.9 update-source Loopback0
! !
interface Ethernet0/1 address-family vpnv4
ip address 2.2.28.2 255.255.255.0 neighbor 2.2.0.9 activate
mpls ip neighbor 2.2.0.9 send-community extended
! neighbor 2.2.0.9 next-hop-self
interface Ethernet0/2 !
ip address 2.2.27.2 255.255.255.0 address-family ipv4 vrf ABC
mpls ip no synchronization
! redistribute rip
interface Ethernet1/0 exit-address-family
vrf forwarding ABC !
ip address 172.2.142.2 255.255.255.0
MP-BGP VPNv4 Configuration (Cont.)
R7 (IOS) configuration
vrf definition ABC router ospf 100 vrf ABC
rd 2:2 redistribute bgp 2 subnets
! network 172.2.0.0 0.0.255.255 area 0
address-family ipv4 !
route-target export 2:2 router bgp 2
route-target import 2:2 neighbor 2.2.0.9 remote-as 2
! neighbor 2.2.0.9 update-source Loopback0
interface Ethernet0/0 !
ip address 2.2.78.7 255.255.255.0 address-family vpnv4
mpls ip neighbor 2.2.0.9 activate
! neighbor 2.2.0.9 send-community extended
interface Ethernet0/1 exit-address-family
ip address 2.2.79.7 255.255.255.0 !
mpls ip address-family ipv4 vrf ABC
! no synchronization
interface Ethernet0/2 redistribute ospf 100 vrf ABC
ip address 2.2.27.7 255.255.255.0 exit-address-family
mpls ip !
!
interface Ethernet1/0
vrf forwarding ABC
ip address 172.2.17.7 255.255.255.0
MP-BGP VPNv4 Configuration (Cont.)
R8 (IOS-XR) configuration vrf ABC
rd 2:2
interface GigabitEthernet0/2/0/2.28 address-family ipv4 unicast
ipv4 address 2.2.28.8 255.255.255.0 allocate-label all
dot1q vlan 28 !
! neighbor 172.2.38.3
interface GigabitEthernet0/2/0/2.78 remote-as 123
ipv4 address 2.2.78.8 255.255.255.0 address-family ipv4 labeled-unicast
dot1q vlan 78 route-policy default_policy_pass_all in
! route-policy default_policy_pass_all out
interface GigabitEthernet0/2/0/2.38 as-override
vrf ABC send-extended-community-ebgp
ipv4 address 172.2.38.8 255.255.255.0 !
dot1q vlan 38 mpls ldp
! router-id 2.2.0.8
router bgp 2 interface GigabitEthernet0/2/0/2.28
address-family vpnv4 unicast !
! interface GigabitEthernet0/2/0/2.78
neighbor 2.2.0.9 !
remote-as 2 !
update-source Loopback0 vrf ABC
! address-family ipv4 unicast
address-family vpnv4 unicast import route-target
! 2:2
!
export route-target
2:2
MP-BGP VPNv4 Configuration (Cont.)
R9 (IOS-XR) configuration
router bgp 2 mpls ldp
vrf ABC
address-family vpnv4 unicast router-id 2.2.0.9
address-family ipv4 unicast
! !
import route-target
neighbor 2.2.0.2 interface GigabitEthernet0/2/0/1.29
2:2
remote-as 2 !
!
update-source Loopback0 interface GigabitEthernet0/2/0/1.79
export route-target
address-family vpnv4 unicast !
2:2
route-reflector-client router eigrp 100
!
! vrf ABC
interface GigabitEthernet0/2/0/1.29
neighbor 2.2.0.7 address-family ipv4
ipv4 address 2.2.29.9 255.255.255.0
remote-as 2 default-metric 100000 10 250 1 1500
dot1q vlan 29
update-source Loopback0 autonomous-system 100
!
address-family vpnv4 unicast redistribute bgp 2
interface GigabitEthernet0/2/0/1.59
route-reflector-client interface GigabitEthernet0/2/0/1.59
vrf ABC
! !
ipv4 address 172.2.59.9 255.255.255.0
neighbor 2.2.0.8 !
dot1q vlan 59
remote-as 2
!
update-source Loopback0
interface GigabitEthernet0/2/0/1.79
address-family vpnv4 unicast
ipv4 address 2.2.79.9 255.255.255.0
route-reflector-client
dot1q vlan 79
!
!
vrf ABC
rd 2:2
address-family ipv4 unicast
redistribute eigrp 100
!
MP-BGP VPNv4 Configuration (Cont.)
R14 configuration R3 configuration
interface Loopback0
interface Loopback0 ip address 172.2.0.3 255.255.255.255
ip address 172.2.0.14 255.255.255.255 !
! interface Ethernet1/0
interface Ethernet0/0 ip address 172.2.38.3 255.255.255.0
ip address 172.2.142.14 255.255.255.0 !
! router bgp 123
router rip neighbor 172.2.38.8 remote-as 2
version 2 !
network 172.2.0.0 address-family ipv4
network 172.2.0.3 mask 255.255.255.255
neighbor 172.2.38.8 activate
R1 configuration
interface Loopback0 R5 configuration
ip address 172.2.0.1 255.255.255.255
interface Loopback0
!
ip address 172.2.0.5 255.255.255.255
interface Ethernet1/0
!
ip address 172.2.17.1 255.255.255.0
interface Ethernet0/0
!
ip address 172.2.59.5 255.255.255.0
router ospf 100
!
network 172.2.0.1 0.0.0.0 area 0
router eigrp 100
network 172.2.17.1 0.0.0.0 area 0
network 172.2.0.5 0.0.0.0
network 172.2.59.0 0.0.0.255
MP-BGP VPNv4 Adjacency
RP/0/0/CPU0:R9#show bgp vpnv4 unicast summary
BGP router identifier 2.2.0.9, local AS number 2
Neighbor Spk AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down St/PfxRcd
2.2.0.2 0 2 111048 108531 13904 0 0 4d02h 18
2.2.0.7 0 2 109794 104739 13904 0 0 4d01h 2
2.2.0.8 0 2 99301 108712 13904 0 0 4d02h 3

R2#show ip bgp vpnv4 all summary


BGP router identifier 2.2.0.2, local AS number 2
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
2.2.0.9 4 2 185 183 29 0 0 02:28:55 10

R7#show ip bgp vpnv4 all summary


BGP router identifier 2.2.0.7, local AS number 2
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
2.2.0.9 4 2 181 177 31 0 0 02:33:17 12

RP/0/0/CPU0:R8#show bgp vpnv4 unicast summary


BGP router identifier 2.2.0.8, local AS number 2
Neighbor Spk AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down St/PfxRcd
2.2.0.9 0 2 116418 107553 10590 0 0 03:44:31 11
MP-BGP VPNv4 table
R8 VPN table
RP/0/0/CPU0:R8#show bgp vpnv4 unicast vrf ABC
Route Distinguisher: 2:2 (default for vrf ABC)
*>i172.2.0.1/32 2.2.0.7 15 100 0 ?
*> 172.2.0.3/32 172.2.38.3 0 0 123 i
*>i172.2.0.5/32 2.2.0.9 130816 200 0 ?
*>i172.2.0.14/32 2.2.0.2 1 100 0 ?
*>i172.2.17.0/24 2.2.0.7 15 100 0 ?
*> 172.2.38.0/24 0.0.0.0 0 32768 ?
*>i172.2.59.0/24 2.2.0.9 0 200 0 ?
*>i172.2.142.0/24 2.2.0.2 0 100 0 ?

R9 VPN table
RP/0/0/CPU0:R9#show bgp vpnv4 unicast vrf ABC
*>i172.2.0.1/32 2.2.0.7 15 100 0 ?
*>i172.2.0.3/32 2.2.0.8 0 100 0 123 i
*> 172.2.0.5/32 172.2.59.5 130816 32768 ?
*>i172.2.0.14/32 2.2.0.2 1 100 0 ?
*>i172.2.17.0/24 2.2.0.7 15 100 0 ?
*>i172.2.38.0/24 2.2.0.8 0 100 0 ?
*> 172.2.59.0/24 0.0.0.0 0 32768 ?
*>i172.2.142.0/24 2.2.0.2 0 100 0 ?
MP-BGP VPNv4 table (Cont.)
R2 VPN table
R2#show ip bgp vpnv4 vrf ABC
Route Distinguisher: 2:2 (default for vrf ABC)
*>i172.2.0.1/32 2.2.0.7 15 100 0 ?
*>i172.2.0.3/32 2.2.0.8 0 100 0 123 i
*>i172.2.0.5/32 2.2.0.9 130816 200 0 ?
*> 172.2.0.14/32 172.2.142.14 1 32768 ?
*>i172.2.17.0/24 2.2.0.7 15 100 0 ?
*>i172.2.38.0/24 2.2.0.8 0 100 0 ?
*>i172.2.59.0/24 2.2.0.9 0 200 0 ?
*> 172.2.142.0/24 0.0.0.0 0 32768 ?
R7 VPN table
R7#show ip bgp vpnv4 vrf ABC
*> 172.2.0.1/32 172.2.17.1 15 32768 ?
*>i172.2.0.3/32 2.2.0.8 0 100 0 123 i
*>i172.2.0.5/32 2.2.0.9 130816 200 0 ?
*>i172.2.0.14/32 2.2.0.2 1 100 0 ?
*> 172.2.17.0/24 0.0.0.0 15 32768 ?
*>i172.2.38.0/24 2.2.0.8 0 100 0 ?
*>i172.2.59.0/24 2.2.0.9 0 200 0 ?
*>i172.2.142.0/24 2.2.0.2 0 100 0 ?
MPLS VPNv4 routes
R14 and R3 route
R14#show ip route rip
R 172.2.0.1/32 [120/1] via 172.2.142.2, 00:00:12, Ethernet0/0
R 172.2.0.3/32 [120/1] via 172.2.142.2, 00:00:12, Ethernet0/0
R 172.2.0.5/32 [120/1] via 172.2.142.2, 00:00:12, Ethernet0/0
R 172.2.17.0/24 [120/1] via 172.2.142.2, 00:00:19, Ethernet0/0
R 172.2.38.0/24 [120/1] via 172.2.142.2, 00:00:19, Ethernet0/0
R 172.2.59.0/24 [120/1] via 172.2.142.2, 00:00:19, Ethernet0/0

R3#show ip route bgp


B 172.2.0.1/32 [20/0] via 172.2.38.8, 01:29:23
B 172.2.0.5/32 [20/0] via 172.2.38.8, 01:26:09
B 172.2.0.14/32 [20/0] via 172.2.38.8, 01:02:08
B 172.2.17.0/24 [20/0] via 172.2.38.8, 01:41:59
B 172.2.59.0/24 [20/0] via 172.2.38.8, 01:38:45
B 172.2.142.0/24 [20/0] via 172.2.38.8, 01:16:00
MP-BGP VPNv4 routes (Cont.)
R1 and R5 routes
R1#show ip route ospf
O E2 172.2.0.3/32 [110/1] via 172.2.17.7, 01:30:15, Ethernet1/0
O E2 172.2.0.5/32 [110/130816] via 172.2.17.7, 01:27:00, Ethernet1/0
O E2 172.2.0.14/32 [110/1] via 172.2.17.7, 01:02:54, Ethernet1/0
O E2 172.2.38.0/24 [110/1] via 172.2.17.7, 01:40:49, Ethernet1/0
O E2 172.2.59.0/24 [110/1] via 172.2.17.7, 01:40:49, Ethernet1/0
O E2 172.2.142.0/24 [110/1] via 172.2.17.7, 01:14:43, Ethernet1/0

R5#show ip route eigrp


D EX 172.2.0.1/32 [170/284160] via 172.2.59.9, 01:27:05, Ethernet0/0
D EX 172.2.0.3/32 [170/284160] via 172.2.59.9, 01:27:05, Ethernet0/0
D EX 172.2.0.14/32 [170/284160] via 172.2.59.9, 01:03:55, Ethernet0/0
D EX 172.2.17.0/24 [170/284160] via 172.2.59.9, 01:38:43, Ethernet0/0
D EX 172.2.38.0/24 [170/284160] via 172.2.59.9, 01:38:43, Ethernet0/0
D EX 172.2.142.0/24 [170/284160] via 172.2.59.9, 01:16:48, Ethernet0/0
MP-BGP VPNv4 routes (Cont.)
R2 and R7 VRF ABC routes
R2#show ip route vrf ABC
B 172.2.0.1/32 [200/15] via 2.2.0.7, 01:56:52
B 172.2.0.3/32 [200/0] via 2.2.0.8, 4d01h
B 172.2.0.5/32 [200/130816] via 2.2.0.9, 01:53:36
R 172.2.0.14/32 [120/1] via 172.2.142.14, 00:00:19, Ethernet1/0
B 172.2.17.0/24 [200/15] via 2.2.0.7, 01:57:00
B 172.2.38.0/24 [200/0] via 2.2.0.8, 4d01h
B 172.2.59.0/24 [200/0] via 2.2.0.9, 01:53:45
C 172.2.142.0/24 is directly connected, Ethernet1/0
L 172.2.142.2/32 is directly connected, Ethernet1/0

R7#show ip route vrf ABC


O 172.2.0.1/32 [110/11] via 172.2.17.1, 01:58:04, Ethernet1/0
B 172.2.0.3/32 [200/0] via 2.2.0.8, 01:58:04
B 172.2.0.5/32 [200/130816] via 2.2.0.9, 01:54:41
B 172.2.0.14/32 [200/1] via 2.2.0.2, 01:30:35
C 172.2.17.0/24 is directly connected, Ethernet1/0
L 172.2.17.7/32 is directly connected, Ethernet1/0
B 172.2.38.0/24 [200/0] via 2.2.0.8, 01:58:04
B 172.2.59.0/24 [200/0] via 2.2.0.9, 01:54:53
B 172.2.142.0/24 [200/0] via 2.2.0.2, 01:31:53
MP-BGP VPNv4 routes (Cont.)
R8 and R9 VRF ABC routes
RP/0/0/CPU0:R8#show route vrf ABC ipv4
B 172.2.0.1/32 [200/15] via 2.2.0.7 (nexthop in vrf default), 01:59:19
B 172.2.0.3/32 [20/0] via 172.2.38.3, 4d03h
B 172.2.0.5/32 [200/130816] via 2.2.0.9 (nexthop in vrf default), 01:56:05
B 172.2.0.14/32 [200/1] via 2.2.0.2 (nexthop in vrf default), 01:32:04
B 172.2.17.0/24 [200/15] via 2.2.0.7 (nexthop in vrf default), 01:59:19
C 172.2.38.0/24 is directly connected, 8w4d, GigabitEthernet0/2/0/2.38
L 172.2.38.8/32 is directly connected, 8w4d, GigabitEthernet0/2/0/2.38
B 172.2.59.0/24 [200/0] via 2.2.0.9 (nexthop in vrf default), 01:56:05
B 172.2.124.0/24 [200/0] via 2.2.0.9 (nexthop in vrf default), 2d06h

RP/0/0/CPU0:R9#show route vrf ABC ipv4


B 172.2.0.1/32 [200/15] via 2.2.0.7 (nexthop in vrf default), 02:00:34
B 172.2.0.3/32 [200/0] via 2.2.0.8 (nexthop in vrf default), 4d01h
D 172.2.0.5/32 [90/130816] via 172.2.59.5, 01:59:03, GigabitEthernet0/2/0/1.59
B 172.2.0.14/32 [200/1] via 2.2.0.2 (nexthop in vrf default), 01:33:20
B 172.2.17.0/24 [200/15] via 2.2.0.7 (nexthop in vrf default), 02:00:34
B 172.2.38.0/24 [200/0] via 2.2.0.8 (nexthop in vrf default), 4d01h
C 172.2.59.0/24 is directly connected, 10w0d, GigabitEthernet0/2/0/1.59
L 172.2.59.9/32 is directly connected, 10w0d, GigabitEthernet0/2/0/1.59
B 172.2.142.0/24 [200/0] via 2.2.0.2 (nexthop in vrf default), 01:34:35
MP-BGP VPNv4 connection verification
R1#ping 172.2.0.3 source loopback 0
Sending 5, 100-byte ICMP Echos to 172.2.0.3, timeout is 2 seconds:
Packet sent with a source address of 172.2.0.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/19/20 ms

R1#ping 172.2.0.5 source loopback 0


Sending 5, 100-byte ICMP Echos to 172.2.0.5, timeout is 2 seconds:
Packet sent with a source address of 172.2.0.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/20/24 ms

R1#ping 172.2.0.14 source loopback 0


Sending 5, 100-byte ICMP Echos to 172.2.0.14, timeout is 2 seconds:
Packet sent with a source address of 172.2.0.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms

R3#ping 172.2.0.5 source loopback 0


Sending 5, 100-byte ICMP Echos to 172.2.0.5, timeout is 2 seconds:
Packet sent with a source address of 172.2.0.3
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 40/40/44 ms
MP-BGP Inter-AS VPNv4 Distribution Options

RR1 Back-to-Back VRFs RR2


ASBR1 ASBR2
MP-eBGP for VPNv4
AS #1 AS #2
Multihop MP-eBGP
PE1 between RRs PE2

CE1 CE2

VPN-1 VPN-2

VPN Sites Attached to Different MPLS VPN Service Providers


Mapping to Lab Exam Blueprint
 This question of the sample lab maps to following sections/sub-sections in
the Lab Exam Blueprint document below;
https://learningnetwork.cisco.com/docs/DOC-9991
3.0 – Implement, Optimize and Troubleshoot L3VPN Technologies
3.2 – Implement, Optimize and Troubleshoot Inter-AS L3VPN
 For more details, please review the Lab Exam Checklist document below;
https://learningnetwork.cisco.com/docs/DOC-10145
MP-BGP Inter-AS VPNv4 – Sub Topology and
Question
ABC
Site 5

AS 1002
 Configure Inter-AS BGP R6 R12
ISIS E1/0
E0/1 E1/0
.126.12/24
VPNv4 unicast on R6 and .69.6/24 .126.6/24

R9, ensure they can G0/2/0/1.69


.69.9/24

exchange VPNv4 unicast E0/0 G0/2/0/1.29 G0/2/0/1.59


.59.9/24
E0/0
.59.5/24
.29.2/24 .29.9/24
information R2 R9
EIGRP
R5
E0/2
E0/1 .27.2/24 G0/2/0/1.79
 Configure VPN site 2, 3, 4 .28.2/24 .79.9/24 ABC
Site 4
and 5. Ensure these sites
have full reach ability SP AS 2
E0/2
between each other G0/2/0/2.28
.28.8/24
.27.7/24
Ei0/1
E0/0 .79.7/24
G0/2/0/2.78
 You are permitted to .78.8/24
.78.7/24

R8 R7
define static host route
Gi0/2.38 E1/0
on R9 .38.8/24
ABC
.17.7/24 ABC
BGP OSPF Site 3
Site 2 E1/0
E1/0 .17.1/24
.38.3/24

AS 123
R3 R1
MP-BGP VPNv4 Configuration
R6 (IOS) configuration
vrf definition ABC router bgp 1002
rd 1002:2 no bgp default route-target filter
! neighbor 2.2.69.9 remote-as 2
address-family ipv4 !
route-target export 1002:2 address-family vpnv4
route-target import 1002:2 neighbor 2.2.69.9 activate
route-target import 2:2 neighbor 2.2.69.9 send-community extended
! exit-address-family
interface Ethernet0/1 !
ip address 2.2.69.6 255.255.255.0 address-family ipv4 vrf ABC
! no synchronization
interface Ethernet1/0 redistribute isis ABC level-1-2
vrf forwarding ABC exit-address-family
ip address 172.2.126.6 255.255.255.0
!
router isis ABC
vrf ABC
net 47.0172.0000.0000.0006.00
metric-style wide
redistribute bgp 1002
!
MP-BGP VPNv4 Configuration (Cont.)
R9 (IOS-XR) configuration
vrf ABC vrf ABC
address-family ipv4 unicast rd 2:2
import route-target address-family ipv4 unicast
2:2 redistribute eigrp 100
1002:2 !
! router eigrp 100
export route-target vrf ABC
2:2 address-family ipv4
! default-metric 100000 10 250 1 1500
! autonomous-system 100
router bgp 2 redistribute bgp 2
address-family vpnv4 unicast interface GigabitEthernet0/2/0/1.59
! !
neighbor 2.2.69.6 router static
remote-as 1002 address-family ipv4 unicast
address-family vpnv4 unicast 2.2.69.6/32 GigabitEthernet0/2/0/1.69
route-policy default_policy_pass_all in !
route-policy default_policy_pass_all out
!

Note: IOS-XR does not automatically learn directly connected host


route, static host route request to ensure MPLS forwarding
MP-BGP VPNv4 Configuration (Cont.)
R12 configuration R2 and R7 configuration
interface Loopback0 vrf definition ABC
ip address 172.2.0.12 255.255.255.255 rd 2:2
ip router isis !
! address-family ipv4
interface Ethernet1/0 route-target export 2:2
ip address 172.2.126.12 255.255.255.0 route-target import 2:2
ip pim sparse-mode route-target import 1002:2
ip router isis exit-address-family
! !
router isis
net 47.0172.0000.0000.0012.00
metric-style wide R8 configuration
!
vrf ABC
address-family ipv4 unicast
import route-target
2:2
1002:2
!
export route-target
2:2
!
MP-BGP VPNv4 Adjacency
R9 VPNv4 neighbor
RP/0/0/CPU0:R9#show bgp vpnv4 unicast summary
BGP router identifier 2.2.0.9, local AS number 2
Neighbor Spk AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down St/PfxRcd
2.2.0.2 0 2 111048 108531 13904 0 0 4d02h 18
2.2.0.7 0 2 109794 104739 13904 0 0 4d01h 2
2.2.0.8 0 2 99301 108712 13904 0 0 4d02h 3
2.2.69.6 0 1002 112963 104627 13918 0 0 2d22h 2

R6 VPNv4 neighbor
R6#show ip bgp vpnv4 all summary
BGP router identifier 2.2.0.6, local AS number 1002
BGP table version is 158, main routing table version 158

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd


2.2.69.9 4 2 4245 4658 158 0 0 2d22h 26
MP-BGP VPNv4 table
R6 VPNv4 table
R6#show ip bgp vpnv4 vrf ABC
BGP table version is 158, local router ID is 2.2.0.6
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? – incomplete
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 1002:2 (default for vrf ABC)
*> 172.2.0.1/32 2.2.69.9 02?
*> 172.2.0.3/32 2.2.69.9 0 2 123 i
*> 172.2.0.5/32 2.2.69.9 130816 02?
*> 172.2.0.12/32 172.2.126.12 20 32768 ?
*> 172.2.17.0/24 2.2.69.9 02?
*> 172.2.38.0/24 2.2.69.9 02?
*> 172.2.59.0/24 2.2.69.9 0 02?
*> 172.2.126.0/24 0.0.0.0 0 32768 ?
MP-BGP VPNv4 table (Cont.)
R9 VPNv4 table
RP/0/0/CPU0:R9#show bgp vpnv4 unicast vrf ABC
BGP router identifier 2.2.0.9, local AS number 2
BGP generic scan interval 60 secs
Status codes: s suppressed, d damped, h history, * valid, > best
i - internal, S stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 2:2 (default for vrf ABC)
*>i172.2.0.1/32 2.2.0.7 15 100 0 ?
*>i172.2.0.3/32 2.2.0.8 0 100 0 123 i
*> 172.2.0.5/32 172.2.59.5 130816 32768 ?
*> 172.2.0.12/32 2.2.69.6 20 0 1002 ?
*>i172.2.17.0/24 2.2.0.7 15 100 0 ?
*>i172.2.38.0/24 2.2.0.8 0 100 0 ?
*> 172.2.59.0/24 0.0.0.0 0 32768 ?
*> 172.2.126.0/24 2.2.69.6 0 0 1002 ?
MP-BGP VPNv4 table (Cont.)
R7 VPNv4 table
R7#show ip bgp vpnv4 vrf ABC
BGP table version is 342, local router ID is 2.2.0.7
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path


Route Distinguisher: 2:2 (default for vrf ABC)
*> 172.2.0.1/32 172.2.17.1 15 32768 ?
*>i172.2.0.3/32 2.2.0.8 0 100 0 123 i
*>i172.2.0.5/32 2.2.0.9 130816 200 0 ?
*>i172.2.0.12/32 2.2.0.9 20 200 0 1002 ?
*> 172.2.17.0/24 0.0.0.0 15 32768 ?
*>i172.2.38.0/24 2.2.0.8 0 100 0 ?
*>i172.2.59.0/24 2.2.0.9 0 200 0 ?
*>i172.2.126.0/24 2.2.0.9 0 200 0 1002 ?
VPNv4 routes
R12 and R5 route

R12#show ip route isis

i L2 172.2.0.1/32 [115/10] via 172.2.126.6, Ethernet1/0


i L2 172.2.0.3/32 [115/10] via 172.2.126.6, Ethernet1/0
i L2 172.2.0.5/32 [115/10] via 172.2.126.6, Ethernet1/0
i L2 172.2.17.0/24 [115/10] via 172.2.126.6, Ethernet1/0
i L2 172.2.38.0/24 [115/10] via 172.2.126.6, Ethernet1/0
i L2 172.2.59.0/24 [115/10] via 172.2.126.6, Ethernet1/0

R5#show ip route eigrp

D EX 172.2.0.1/32 [170/284160] via 172.2.59.9, 17:31:10, Ethernet0/0


D EX 172.2.0.3/32 [170/284160] via 172.2.59.9, 17:31:10, Ethernet0/0
D EX 172.2.0.12/32 [170/284160] via 172.2.59.9, 00:40:57, Ethernet0/0
D EX 172.2.17.0/24 [170/284160] via 172.2.59.9, 17:31:10, Ethernet0/0
D EX 172.2.38.0/24 [170/284160] via 172.2.59.9, 17:31:10, Ethernet0/0
D EX 172.2.126.0/24 [170/284160] via 172.2.59.9, 00:41:27, Ethernet0/0
VPNv4 routes (Cont.)
R1 and R3 routes
R1#show ip route ospf

O E2 172.2.0.3/32 [110/1] via 172.2.17.7, 17:35:44, Ethernet1/0


O E2 172.2.0.5/32 [110/130816] via 172.2.17.7, 17:32:29, Ethernet1/0
O E2 172.2.0.12/32 [110/20] via 172.2.17.7, 00:41:31, Ethernet1/0
O E2 172.2.38.0/24 [110/1] via 172.2.17.7, 17:35:44, Ethernet1/0
O E2 172.2.59.0/24 [110/1] via 172.2.17.7, 17:35:44, Ethernet1/0
O E2 172.2.126.0/24 [110/1] via 172.2.17.7, 00:42:01, Ethernet1/0

R3#show ip route bgp

B 172.2.0.1/32 [20/0] via 172.2.38.8, 17:48:55


B 172.2.0.5/32 [20/0] via 172.2.38.8, 17:45:41
B 172.2.0.12/32 [20/0] via 172.2.38.8, 00:54:38
B 172.2.17.0/24 [20/0] via 172.2.38.8, 17:48:55
B 172.2.59.0/24 [20/0] via 172.2.38.8, 17:45:41
B 172.2.126.0/24 [20/0] via 172.2.38.8, 00:55:08
VPNv4 routes (Cont.)
R6 and R9 VRF route
R6#show ip route vrf ABC
B 172.2.0.1/32 [20/0] via 2.2.69.9, 15:04:01
B 172.2.0.3/32 [20/0] via 2.2.69.9, 15:04:01
B 172.2.0.5/32 [20/130816] via 2.2.69.9, 15:04:01
i L1 172.2.0.12/32 [115/20] via 172.2.126.12, Ethernet1/0
B 172.2.17.0/24 [20/0] via 2.2.69.9, 15:04:01
B 172.2.38.0/24 [20/0] via 2.2.69.9, 15:04:01
B 172.2.59.0/24 [20/0] via 2.2.69.9, 15:04:01
C 172.2.126.0/24 is directly connected, Ethernet1/0
L 172.2.126.6/32 is directly connected, Ethernet1/0

RP/0/0/CPU0:R9#show route vrf ABC ipv4


B 172.2.0.1/32 [200/15] via 2.2.0.7 (nexthop in vrf default), 17:36:28
B 172.2.0.3/32 [200/0] via 2.2.0.8 (nexthop in vrf default), 4d17h
D 172.2.0.5/32 [90/130816] via 172.2.59.5, 17:34:57, GigabitEthernet0/2/0/1.59
B 172.2.0.12/32 [20/20] via 2.2.69.6 (nexthop in vrf default), 00:42:30
B 172.2.17.0/24 [200/15] via 2.2.0.7 (nexthop in vrf default), 17:36:28
B 172.2.38.0/24 [200/0] via 2.2.0.8 (nexthop in vrf default), 4d17h
C 172.2.59.0/24 is directly connected, 10w1d, GigabitEthernet0/2/0/1.59
L 172.2.59.9/32 is directly connected, 10w1d, GigabitEthernet0/2/0/1.59
B 172.2.126.0/24 [20/0] via 2.2.69.6 (nexthop in vrf default), 00:43:00
MPLS forwarding table
R6 MPLS label table

R6#show mpls forwarding-table vrf ABC


Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or VC or Tunnel Id Switched interface
16003 16026 172.2.0.1/32[V] 194740 Et0/1 2.2.69.9
16021 No Label 172.2.0.12/32[V] 3360895 Et1/0 172.2.126.12
16022 No Label 172.2.126.0/24[V] 98070 aggregate/ABC
16037 16011 172.2.0.5/32[V] 118 Et0/1 2.2.69.9
16038 16015 172.2.0.3/32[V] 10478523 Et0/1 2.2.69.9
16042 16027 172.2.17.0/24[V] 0 Et0/1 2.2.69.9
16043 16052 172.2.38.0/24[V] 0 Et0/1 2.2.69.9
16044 16029 172.2.59.0/24[V] 118 Et0/1 2.2.69.9
MPLS forwarding table (Cont.)

R9 MPLS label table


RP/0/0/CPU0:R9#show mpls forwarding
Local Outgoing Prefix Outgoing Next Hop Bytes
Label Label or ID Interface Switched
------ ----------- ------------------ ------------ --------------- ------------
16011 Unlabelled 172.2.0.5/32[V] Gi0/2/0/1.59 172.2.59.5 516064
16015 16009 172.2.0.3/32[V] 2.2.0.8 0
16026 62 172.2.0.1/32[V] 2.2.0.7 884
16027 27 172.2.17.0/24[V] 2.2.0.7 0
16028 16022 1002:2:172.2.126.0/24 \
Gi0/2/0/1.69 2.2.69.6 0
16048 16021 1002:2:172.2.0.12/32 \
Gi0/2/0/1.69 2.2.69.6 3156
16052 16019 172.2.38.0/24[V] 2.2.0.8 0
MPLS forwarding table (Cont.)

R8 MPLS label table


RP/0/0/CPU0:R8#show mpls forwarding vrf ABC
Local Outgoing Prefix Outgoing Next Hop Bytes
Label Label or ID Interface Switched
------ ----------- ------------------ ------------ --------------- ------------
16001 Pop 172.2.38.3/32[V] Gi0/2/0/2.38 172.2.38.3 56468989
16013 Pop 172.2.0.3/32[V] Gi0/2/0/2.38 172.2.38.3 1650
16018 30 172.2.0.1/32[V] 2.2.0.7 0
16020 16015 172.2.0.5/32[V] 2.2.0.9 0
16022 29 172.2.17.0/24[V] 2.2.0.7 0
16023 16029 172.2.59.0/24[V] 2.2.0.9 0
16024 16028 172.2.0.12/32[V] 2.2.0.9 2547
16025 16030 172.2.126.0/24[V] 2.2.0.9 0
Connection verification

R3#ping 172.2.0.12 source loopback 0


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.2.0.12, timeout is 2 seconds:
Packet sent with a source address of 172.2.0.3
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 40/40/44 ms

R3#traceroute 172.2.0.12 source loopback 0


Type escape sequence to abort.
Tracing the route to 172.2.0.12

1 172.2.38.8 [AS 2] [MPLS: Label 16024 Exp 0] 40 msec 40 msec 40 msec


2 2.2.28.2 [MPLS: Labels 17/16028 Exp 0] 40 msec 40 msec 40 msec
3 2.2.29.9 [MPLS: Label 16028 Exp 0] 40 msec 40 msec 40 msec
4 172.2.126.6 [AS 1002] [MPLS: Label 16004 Exp 0] 40 msec 40 msec 40 msec
5 172.2.126.12 [AS 1002] 36 msec * 40 msec

You might also like