Wednesday, August 22, 2012

Lab 181 - MPLS BGP Cost Community

Prerequisites: CCNP level skills.

Note!
This lab layout is based on the new physical topology presented here. SW1, SW2 are configured with trunking allowing communication between PE and CE routers.

Note!
CE3 and CE4 use BACKDOOR link (should be used by CE routers as a secondary path).

Topology

Pic2. MPLS Topology 2

Task 1
Re-configure the lab so that it matches the Pic. 2 connections above (you can find the the initial configuration at the bottom of this page assuming you use my layout for MPLS labs).
Do not create VRF yet but check if you can ping all neighboring devices first.

Task 2
In PE1 (R1) and PE2 (R3) configure VRF A with rd and rt import/export value of 1:100.
Assign proper interfaces into the VRF A (as per topology diagram).

Task 3
Configure EIGRP AS 100 in all CE devices. Enable EIGRP on all 172.16.x.x interfaces.
In CE1 (R6) advertise all 192.168.6.x subnets into EIGRP.
In CE2 (SW4) advertise all 192.168.10.x subnets into EIGRP.

NOTE!
Perform the below steps in EXACT order listed!

Task 4
In PE1 (R1), enable EIGRP AS 1 and create EIGRP adjacency with CE1 (R6). PE1 (R1) should learn 192.168.6.x subnets.

Task 5
Establish EIGRP adjacency between PE1 (R1) and CE3 (R5). Make sure that both CE3 (R5) and CE4 (R4) learn prefixes advertised by CE1 (R6). In CE4 (R4) check the next hop address for these destination.

Task 6
In PE2 (R3) configure EIGRP adjacency with CE4 (R4) and with CE2 (SW4). Check the next hop address PE2 (R3) chooses for 192.168.6.x subnets.

Question1:
Which path does PE2 (R3) choose to reach 192.168.6.x subnets?

Task 7
Configure mutual redistribution between EIGRP 100 and MP-BGP in PE1 (R1) and PE2 (R3) respectively. Start by redistributing EIGRP 100 into MP-BGP on PE1 (R1). Wait about 15 seconds and check the next-hop address of 192.168.6.x subnets in PE2's (R3) routing table.

Question2:
Which path does PE2 (R3) choose to reach 192.168.6.x subnets after redistribution and what source is chosen (EIGRP or BGP)? Why?

Question3:
Why do PE routers show only one path towards the remote subnets in their BGP table?

Task 8
Ensure that both CE3 (R5) and CE4 (R4) choose their respective PE router towards all prefixes advertised by CE1 (R6) and CE2 (SW4) . This includes the remote CE-to-PE connection.

Solution

Having some audio problems; solution in writing for now ;)

Task 2
In PE1 (R1) and PE2 (R3) configure VRF A with rd and rt import/export value of 1:100.
Assign proper interfaces into the VRF A (as per topology diagram).

PE1 (R1) Config:
!
ip vrf A
 rd 1:100
 route-target export 1:100
 route-target import 1:100
!
interface FastEthernet0/0.15
 encapsulation dot1Q 15
 ip vrf forwarding A
 ip address 172.16.15.1 255.255.255.0
!
interface FastEthernet0/0.16
 encapsulation dot1Q 16
 ip vrf forwarding A
 ip address 172.16.16.1 255.255.255.0
!

PE2 (R3) Config:
!
ip vrf A
 rd 1:100
 route-target export 1:100
 route-target import 1:100
!
interface FastEthernet0/0.34
 encapsulation dot1Q 34
 ip vrf forwarding A
 ip address 172.16.34.3 255.255.255.0
!
interface FastEthernet0/0.103
 encapsulation dot1Q 103
 ip vrf forwarding A
 ip address 172.16.103.3 255.255.255.0
!

Task 3
Configure EIGRP AS 100 in all CE devices. Enable EIGRP on all 172.16.x.x interfaces.
In CE1 (R6) advertise all 192.168.6.x subnets into EIGRP.
In CE2 (SW4) advertise all 192.168.10.x subnets into EIGRP.

CE1 (R6) Config:
!
router eigrp 100
 network 172.16.0.0
 network 192.168.6.0
 no auto-summary
!

CE2 (SW4) Config:
!
router eigrp 100
 network 172.16.0.0
 network 192.168.10.0
 no auto-summary
!

CE3 (R5) Config:
!
router eigrp 100
 network 172.16.0.0
 no auto-summary
!

CE4 (R4) Config:
!
router eigrp 100
 network 172.16.0.0
 no auto-summary
!

NOTE!
Perform the below steps in EXACT order listed!

Task 4
In PE1 (R1), enable EIGRP AS 1 and create EIGRP adjacency with CE1 (R6). PE1 (R1) should learn 192.168.6.x subnets.

PE (R1) Config:
!
router eigrp 1
 auto-summary
 !
 address-family ipv4 vrf A
  network 172.16.15.1 0.0.0.0
  network 172.16.16.1 0.0.0.0
  no auto-summary
  autonomous-system 100
 exit-address-family
!

Task 5
Establish EIGRP adjacency between PE1 (R1) and CE3 (R5). Make sure that both CE3 (R5) and CE4 (R4) learn prefixes advertised by CE1 (R6). In CE4 (R4) check the next hop address for these destination.

! Done in the task 4

Task 6
In PE2 (R3) configure EIGRP adjacency with CE4 (R4) and with CE2 (SW4). Check the next hop address PE2 (R3) chooses for 192.168.6.x subnets.

! You don't need my assistance here, do you?

Question1:
Which path does PE2 (R3) choose to reach 192.168.6.x subnets?

! Of course, you know the answer to this question! 
! If not, you should get back to study routing fundamentals ;)

Task 7
Configure mutual redistribution between EIGRP 100 and MP-BGP in PE1 (R1) and PE2 (R3) respectively. Start by redistributing EIGRP 100 into MP-BGP on PE1 (R1). Wait about 15 seconds and check the next-hop address of 192.168.6.x subnets in PE2's (R3) routing table.

PE1 (R1) Config:
!
router eigrp 1
 auto-summary
 !
 address-family ipv4 vrf A
  redistribute bgp 1 metric 1 1 1 1 1
  network 172.16.15.1 0.0.0.0
  network 172.16.16.1 0.0.0.0
  no auto-summary
  autonomous-system 100
 exit-address-family
!
router bgp 1
 no synchronization
 bgp log-neighbor-changes
 neighbor 10.0.3.3 remote-as 1
 neighbor 10.0.3.3 update-source Loopback0
 no auto-summary
 !
 address-family vpnv4
  neighbor 10.0.3.3 activate
  neighbor 10.0.3.3 send-community both
  neighbor 10.0.3.3 next-hop-self
 exit-address-family
 !
 address-family ipv4 vrf A
  redistribute eigrp 100
  no synchronization
!
!
! Similar config on PE2 (R3)
!

Question2:
Which path does PE2 (R3) choose to reach 192.168.6.x subnets after redistribution and what source is chosen (EIGRP or BGP)? Why?

! PE2 chooses direct path through MPLS cloud.
! Two reasons:
! Firstly, BGP Cost Community is advertised and used by default
! The IGP metric is checked before a regular BGP route selection process occurs.
! Secondly, the metric advertised from PE1 to PE2 does not get incremented.
! The metric through site A3 will have a higher value (less preferred)
! You can check the behavior by disabling the command:
! router bgp 1
!  bgp bestpath cost-community ignore
! and then clearing bgp session.


Question3:
Why do PE routers show only one path towards the remote subnets in their BGP table?

! Come on! If you understand the answer in question 2 you must know this!

Task 8
Ensure that both CE3 (R5) and CE4 (R4) choose their respective PE router towards all prefixes advertised by CE1 (R6) and CE2 (SW4) . This includes the remote CE-to-PE connection.

! traceroute from CE3 and CE4 to sites A1 and A2

MPLS Topology 2 Initial Configuration:

PE1 (R1)
!
hostname R1
!
interface Loopback0
 ip address 10.0.1.1 255.255.255.255
!
interface FastEthernet0/0.13
 encapsulation dot1Q 13
 ip address 172.16.13.1 255.255.255.0
 mpls ip  
!         
interface FastEthernet0/0.15
 encapsulation dot1Q 15
 ip address 172.16.15.1 255.255.255.0
!         
interface FastEthernet0/0.16
 encapsulation dot1Q 16
 ip address 172.16.16.1 255.255.255.0
!
router ospf 1
 log-adjacency-changes
 network 10.0.1.1 0.0.0.0 area 0
 network 172.16.12.1 0.0.0.0 area 0
 network 172.16.13.1 0.0.0.0 area 0
!
router bgp 1
 no synchronization
 bgp log-neighbor-changes
 neighbor 10.0.3.3 remote-as 1
 neighbor 10.0.3.3 update-source Loopback0
 no auto-summary
 !
 address-family vpnv4
  neighbor 10.0.3.3 activate
  neighbor 10.0.3.3 send-community both
  neighbor 10.0.3.3 next-hop-self
 exit-address-family
!

PE2 (R3)
!
hostname R3
!
interface Loopback0
 ip address 10.0.3.3 255.255.255.255
!
interface FastEthernet0/0.13
 encapsulation dot1Q 13
 ip address 172.16.13.3 255.255.255.0
 mpls ip
!
interface FastEthernet0/0.34
 encapsulation dot1Q 34
 ip address 172.16.34.3 255.255.255.0
!
interface FastEthernet0/0.103
 encapsulation dot1Q 103
 ip address 172.16.103.3 255.255.255.0
!
router ospf 1
 log-adjacency-changes
 network 10.0.3.3 0.0.0.0 area 0
 network 172.16.13.3 0.0.0.0 area 0
 network 172.16.23.3 0.0.0.0 area 0
!
router bgp 1
 no synchronization
 bgp log-neighbor-changes
 neighbor 10.0.1.1 remote-as 1
 neighbor 10.0.1.1 update-source Loopback0
 no auto-summary
 !
 address-family vpnv4
  neighbor 10.0.1.1 activate
  neighbor 10.0.1.1 send-community both
  neighbor 10.0.1.1 next-hop-self
 exit-address-family


CE4 (R4)
!
hostname R4
!
interface Loopback0
 ip address 10.0.4.4 255.255.255.255
!
interface Loopback1
 ip address 192.168.4.1 255.255.255.224
!
interface Loopback2
 ip address 192.168.4.33 255.255.255.224
!
interface FastEthernet0/0.34
 encapsulation dot1Q 34
 ip address 172.16.34.4 255.255.255.0
!
interface FastEthernet0/0.45
 encapsulation dot1Q 45
 ip address 172.16.45.4 255.255.255.0
!

CE3 (R5)
!
hostname R5
!
interface Loopback0
 ip address 10.0.5.5 255.255.255.255
!
interface Loopback1
 ip address 192.168.5.1 255.255.255.224
!
interface Loopback2
 ip address 192.168.5.33 255.255.255.224
!
interface FastEthernet0/0.15
 encapsulation dot1Q 15
 ip address 172.16.15.5 255.255.255.0
!
interface FastEthernet0/0.45
 encapsulation dot1Q 45
 ip address 172.16.45.5 255.255.255.0
!

CE1 (R6)
!
hostname R6
!
interface Loopback0
 ip address 10.0.6.6 255.255.255.255
!         
interface Loopback1
 ip address 192.168.6.1 255.255.255.248
!         
interface Loopback2
 ip address 192.168.6.9 255.255.255.248
!         
interface Loopback3
 ip address 192.168.6.17 255.255.255.248
!         
interface Loopback4
 ip address 192.168.6.25 255.255.255.248
!
interface FastEthernet0/0.16
 encapsulation dot1Q 16
 ip address 172.16.16.6 255.255.255.0
!

CE2 (SW4)
!
hostname SW4
!
interface Loopback0
 ip address 10.0.10.10 255.255.255.255
!
interface Loopback1
 ip address 192.168.10.1 255.255.255.240
!         
interface Loopback2
 ip address 192.168.10.17 255.255.255.240
!
interface Vlan103
 ip address 172.16.103.10 255.255.255.0
!