Just another Cisco blog
Posts tagged Tutorial
Guest Post On NF Blog
Apr 29th
I wrote a BGP Lab post on the Networking-Forum Blog. Here’s a preview:
Topology:
Tasks:
1. Configure the Oustside Border Router in AS 6500. Peer with ISP-1 and ISP-2. Ensure that the DMZ subnet is advertised to the internet.
2. Prevent AS 6500 from being used as a transit between ASes 1111 and 2222.
3. The link through ISP-1 is much faster than the link through ISP-2. Configure outgoing traffic to use ISP-1 as the primary, only use the link through ISP-2 if the primary link is down.
4. Configure incoming traffic to use the link through ISP-1 as the primary.
5. Ensure that NAT is setup to use both ISPs.
RIP Lab #1
Apr 27th
This is the first in a series of lab posts I’ll be doing to prepare for the CCIE.
Today’s lab is from Narbik’s Volume One workbook. It’s a RIPv2 lab with some tricks thrown in. Here’s the topology:
(Click image for fullsize)
Click here for the initial configs
Here is task one:
1. Configure RIPv2 on all routers and advertise their directly connected interfaces. Ensure that these routers have full NLRI to all the loopback interfaces advertised into RIP. Ensure that all routers can ping all loopbacks.
Let’s go through the config:
R1: R1(config)#router rip R1(config-router)#ver 2 R1(config-router)#no auto R1(config-router)#network 10.0.0.0 R1(config-router)#network 1.0.0.0 R2: R2(config)#router rip R2(config-router)#ver 2 R2(config-router)#no auto R2(config-router)#network 10.0.0.0 R2(config-router)#network 2.0.0.0 R3: R3(config)#router rip R3(config-router)#ver 2 R3(config-router)#no auto R3(config-router)#network 10.0.0.0 R3(config-router)#network 3.0.0.0 |
Looks pretty simple, but I’m sure you guys see that this won’t work correctly. Let’s look at R2 and R3′s routing tables:
R2#sh ip route
...
R 1.0.0.0/8 [120/1] via 10.1.1.1, 00:00:15, Serial0/0
C 2.0.0.0/8 is directly connected, Loopback0
10.0.0.0/24 is subnetted, 1 subnets
C 10.1.1.0 is directly connected, Serial0/0
R3#sh ip route
...
R 1.0.0.0/8 [120/1] via 10.1.1.1, 00:00:06, Serial0/0
C 3.0.0.0/8 is directly connected, Loopback0
10.0.0.0/24 is subnetted, 1 subnets
C 10.1.1.0 is directly connected, Serial0/0 |
Simple IPv6 Tutorial
Apr 20th
Today we’ll configure a basic IPv6 network. I’m not a big fan of IPv6. I’ve never used it in the real world, so it’s hard for me to keep it in my head, but I’ve been studying the hell out of it for the Written, so here goes.
We have a simple topology, only three routers. We will be running OSFPv3 on our serial links and loopbacks. Here’s our topology:
(Click image for fullsize)
First we’ll configure our IPv6 addresses:
R1: R1(config)#ipv6 unicast-routing R1(config)#int s0/0 R1(config-if)#ip add 10.1.12.1 255.255.255.0 R1(config-if)#ipv6 add 10:1:1:12::1/64 R1(config-if)#no shut R2: R2(config)#ipv6 unicast-routing R2(config)# int s0/0 R2(config-if)#ip add 10.1.12.2 255.255.255.0 R2(config-if)#ipv6 add 10:1:1:12::2/64 R2(config-if)#no shut R2(config-if)#exit R2(config)#int s0/1 R2(config-if)#ip add 10.1.23.2 255.255.255.0 R2(config-if)#ipv6 add 10:1:1:23::2/64 R2(config-if)#no shut R3: R3(config)#ipv6 unicast-routing R3(config-if)#int s0/1 R3(config-if)#ip add 10.1.23.3 255.255.255.0 R3(config-if)#ipv6 add 10:1:1:23::3/64 |
The first thing we do on each router is enable IPv6 routing. Then we give the interface an IPv4 address and finally an IPv6 address.
Let’s verify connectivity from R2:
Serial0/0 is up, line protocol is up
IPv6 is enabled, link-local address is FE80::C001:71FF:FE12:0
Global unicast address(es):
10:1:1:12::2, subnet is 10:1:1:12::/64
Joined group address(es):
FF02::1
FF02::2
FF02::1:FF00:2
FF02::1:FF12:0
MTU is 1500 bytes
ICMP error messages limited to one every 100 milliseconds
ICMP redirects are enabled
ND DAD is enabled, number of DAD attempts: 1
ND reachable time is 30000 milliseconds
Hosts use stateless autoconfig for addresses.
Serial0/1 is administratively down, line protocol is down
IPv6 is enabled, link-local address is FE80::C001:71FF:FE12:0 [TEN]
Global unicast address(es):
10:1:1:23::2, subnet is 10:1:1:23::/64 [TEN]
Joined group address(es):
FF02::1
FF02::2
FF02::1:FF00:2
FF02::1:FF12:0
MTU is 1500 bytes
ICMP error messages limited to one every 100 milliseconds
ICMP redirects are enabled
ND DAD is enabled, number of DAD attempts: 1
ND reachable time is 30000 milliseconds
Hosts use stateless autoconfig for addresses.
R2#sh ipv int b
Serial0/0 [up/up]
FE80::C001:71FF:FE12:0
10:1:1:12::2
Serial0/1 [up/up]
FE80::C001:71FF:FE12:0
10:1:1:23::2
R2#ping 10:1:1:12::1
Sending 5, 100-byte ICMP Echos to 10:1:1:12::1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 0/2/4 ms
R2#ping 10:1:1:23::3
Sending 5, 100-byte ICMP Echos to 10:1:1:23::3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 0/3/12 ms |
We have connectivity between interfaces on the same subnet.
Now we’ll configure our loopbacks and OSPFv3:
R1: R1(config-if)#int lo0 R1(config-if)#ipv6 add 1:1:1::1/64 R1(config-if)#ipv6 ospf 20 area 0 R1(config-if)#int s0/0 R1(config-if)#ipv6 ospf 20 area 0 R2: R2(config)#int lo0 R2(config-if)#ipv6 add 2:2:2::2/64 R2(config-if)#ipv6 ospf 20 area 0 R2(config-if)#int s0/0 R2(config-if)#ipv6 ospf 20 area 0 R2(config-if)#int s0/1 R2(config-if)#ipv6 ospf 20 area 0 R3: R3(config)#int lo0 R3(config-if)#ipv6 add 3:3:3::3/64 R3(config-if)#ipv6 ospf 20 area 0 R3(config-if)#int s0/1 R3(config-if)#ipv6 ospf 20 area 0 |
With v6 we enable OSPF directly under the interface on which it runs.
Make IOS Like JUNOS
Mar 24th
Thought you guys would like the title. 
Sorry for the lack of content lately, I’ve been very busy.
Today we’re going to explore the “archive” feature in IOS with a small “archive tutorial”. This was sparked by a recent comment on one of my JUNOS posts. The commenter said that the “archive” command in IOS is the same as “rollback” in JUNOS. They are similar, but “rollback” is there by default where you need to do some tinkering with “archive”. I’ve used it in the past, but never with the intention of mimicking JUNOS’s “rollback”.
Here’s the config:
EDGE(config)#archive EDGE(config-archive)#? Archive configuration commands: default Set a command to its defaults exit Exit from archive configuration mode log Logging commands maximum maximum number of backup copies no Negate a command or set its defaults path path for backups rollback Rollback parameters time-period Period of time in minutes to automatically archive the running-config write-memory Enable automatic backup generation during write memory EDGE(config-archive)#path disk0:config-backup EDGE(config-archive)#max 14 EDGE(config-archive)#write-memory |
To enter the config, we simply type “archive” in global config. There are quite a few options, as we can see. First we’ll need to set our path to store the archived configs, this is a 7200, so I’m using disk0 and a simple naming convention. Next we specify how many configs we want to backup, I’m using the maximum on my device, which is 14. Finally we set the “write-memory” command, which tells the router to archive the config anytime we save.
BGP Multi-Exit Discriminator (MED)
Feb 8th
Today we’ll go over another important BGP topic: MED. From Cisco:
“MED is an optional nontransitive attribute. MED is a hint to external neighbors about the preferred path into an autonomous system (AS) that has multiple entry points. The MED is also known as the external metric of a route. A lower MED value is preferred over a higher value.”
So, to summarize, MED is used to influence incoming traffic from a multi-homed neighbor AS.
Here’s our diagram:
In this case we’ll say that the link between PE1 and CE1 is only a T1, while the link between PE2 and CE1 is a DS3. Obviously we will want traffic to use the faster link, the PE2-CE1 DS3.
First we’ll configure our interfaces and basic BGP:
PE1: hostname PE1 ! interface Loopback0 ip address 1.1.1.1 255.255.255.255 ! interface Serial0/0 description To PE2 ip address 10.1.1.2 255.255.255.254 ! interface Serial0/1 description To CE1 bandwidth 1500 ip address 172.16.1.2 255.255.255.254 ! router bgp 5300 no synchronization bgp log-neighbor-changes neighbor 2.2.2.2 remote-as 5300 neighbor 2.2.2.2 update-source Loopback0 neighbor 2.2.2.2 next-hop-self neighbor 172.16.1.3 remote-as 1200 no auto-summary ! ip route 2.2.2.2 255.255.255.255 10.1.1.3 PE2: hostname PE2 ! interface Loopback0 ip address 2.2.2.2 255.255.255.255 ! interface Serial0/0 description To PE1 ip address 10.1.1.3 255.255.255.254 ! interface Serial0/2 description To CE1 bandwidth 45000 ip address 172.16.1.4 255.255.255.254 ! router bgp 5300 no synchronization bgp log-neighbor-changes neighbor 1.1.1.1 remote-as 5300 neighbor 1.1.1.1 update-source Loopback0 neighbor 1.1.1.1 next-hop-self neighbor 172.16.1.5 remote-as 1200 no auto-summary ! ip route 1.1.1.1 255.255.255.255 10.1.1.2 CE1: hostname CE1 ! interface Loopback0 ip address 3.3.3.3 255.255.255.255 ! interface Loopback1 ip address 192.168.1.1 255.255.255.0 ! interface Loopback2 ip address 192.168.2.1 255.255.255.0 ! interface Loopback3 ip address 192.168.3.1 255.255.255.0 ! interface Loopback4 ip address 192.168.4.1 255.255.255.0 ! interface Serial0/1 description To PE1 bandwidth 1500 ip address 172.16.1.3 255.255.255.254 ! interface Serial0/2 description To PE2 bandwidth 45000 ip address 172.16.1.5 255.255.255.254 ! router bgp 1200 no synchronization bgp log-neighbor-changes network 192.168.1.0 network 192.168.2.0 network 192.168.3.0 network 192.168.4.0 neighbor 172.16.1.2 remote-as 5300 neighbor 172.16.1.4 remote-as 5300 no auto-summary |
Recent Comments