Category Archives: Routing

Cisco Routing

NAT Basics

static nat
ip nat inside source static 10.0.0.2 112.1.1.5

R4#sh ip nat translations
Pro Inside global Inside local Outside local Outside global
— 112.1.1.5 10.0.0.2 — —

R4#sh ip nat translations
Pro Inside global Inside local Outside local Outside global
icmp 112.1.1.5:5 10.0.0.2:5 112.1.1.2:5 112.1.1.2:5
icmp 112.1.1.5:6 10.0.0.2:6 112.1.1.2:6 112.1.1.2:6
icmp 112.1.1.5:7 10.0.0.2:7 112.1.1.2:7 112.1.1.2:7

Dynamic nat
access-list 10 permit any
ip nat inside source list 10 interface g2/0 overload

R4#sh ip nat translations
Pro Inside global Inside local Outside local Outside global
icmp 112.1.1.1:8 10.0.0.2:8 112.1.1.2:8 112.1.1.2:8
icmp 112.1.1.1:9 172.1.1.1:9 112.1.1.2:9 112.1.1.2:9
icmp 112.1.1.1:10 172.1.1.1:10 112.1.1.2:10 112.1.1.2:10

https://learningnetwork.cisco.com/thread/41202

Advertisements

BGP Weight Path Attribute in Network Failover Scenarios

Note: The default weight for learned routes is 0 and the default weight for a locally originated route is 32768

IGP-BGP0401

Using EIGRP

CE01#sh ip eigrp topology
EIGRP-IPv4 Topology Table for AS(10)/ID(172.1.1.1)
Codes: P – Passive, A – Active, U – Update, Q – Query, R – Reply,
r – reply Status, s – sia Status
P 192.168.1.1/32, 1 successors, FD is 2560002816, tag is 10
via 3.3.3.2 (2560002816/2560000256), FastEthernet2/0
P 3.3.3.0/30, 1 successors, FD is 28160
via Connected, FastEthernet2/0
P 192.168.2.2/32, 1 successors, FD is 2560002816, tag is 10
via 3.3.3.2 (2560002816/2560000256), FastEthernet2/0
P 172.1.1.1/32, 1 successors, FD is 156160
via 3.3.3.2 (156160/128256), FastEthernet2/0

CE01#sh ip bgp
BGP table version is 9, local router ID is 3.3.3.1
Status codes: s suppressed, d damped, h history, * valid, > best, i – internal,
r RIB-failure, S Stale
Origin codes: i – IGP, e – EGP, ? – incomplete

Network Next Hop Metric LocPrf Weight Path
*> 3.3.3.0/30 0.0.0.0 0 32768 ?
*> 172.1.1.1/32 3.3.3.2 156160 32768 ?
* 192.168.1.1/32 1.1.1.1 0 10 i
*> 3.3.3.2 2560002816 32768 ?
* 192.168.2.2/32 1.1.1.1 0 10 i
*> 3.3.3.2 2560002816 32768 ?

CE01#sh ip route
D 172.1.1.1 [90/156160] via 3.3.3.2, 00:05:07, FastEthernet2/0
192.168.1.0/32 is subnetted, 1 subnets
D EX 192.168.1.1 [170/2560002816] via 3.3.3.2, 00:02:23, FastEthernet2/0
192.168.2.0/32 is subnetted, 1 subnets
D EX 192.168.2.2 [170/2560002816] via 3.3.3.2, 00:02:23, FastEthernet2/0

CE01#sh run | sec router
router eigrp 10
network 3.3.3.0 0.0.0.3
router bgp 20
no synchronization
bgp log-neighbor-changes
redistribute eigrp 10
neighbor 1.1.1.1 remote-as 10
no auto-summary

##########################################
CE02#sh run | sec router
router eigrp 10
network 3.3.3.0 0.0.0.3
network 172.1.1.0 0.0.0.255
redistribute bgp 20
router bgp 20
no synchronization
bgp log-neighbor-changes
neighbor 2.2.2.1 remote-as 10

CE02#sh ip bgp
BGP table version is 4, local router ID is 3.3.3.2
Status codes: s suppressed, d damped, h history, * valid, > best, i – internal,
r RIB-failure, S Stale
Origin codes: i – IGP, e – EGP, ? – incomplete
Network Next Hop Metric LocPrf Weight Path
*> 192.168.1.1/32 2.2.2.1 0 10 i
*> 192.168.2.2/32 2.2.2.1 0 10 i
#########################################################################

CE01#sh ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
172.1.1.1 1 FULL/DR 00:00:31 3.3.3.2 FastEthernet2/0

CE01#sh ip ospf database
OSPF Router with ID (3.3.3.1) (Process ID 1)

Router Link States (Area 0)
Link ID ADV Router Age Seq# Checksum Link count
3.3.3.1 3.3.3.1 17 0x80000002 0x00FB0D 1
172.1.1.1 172.1.1.1 18 0x80000003 0x0024D4 2
Net Link States (Area 0)
Link ID ADV Router Age Seq# Checksum
3.3.3.2 172.1.1.1 18 0x80000001 0x003494
Type-5 AS External Link States
Link ID ADV Router Age Seq# Checksum Tag
192.168.1.1 172.1.1.1 94 0x80000001 0x006CA2 10
192.168.2.2 172.1.1.1 94 0x80000001 0x0057B5 10
CE01#sh ip bgp
BGP table version is 29, local router ID is 3.3.3.1
Status codes: s suppressed, d damped, h history, * valid, > best, i – internal,
r RIB-failure, S Stale
Origin codes: i – IGP, e – EGP, ? – incomplete
Network Next Hop Metric LocPrf Weight Path
*> 3.3.3.0/30 0.0.0.0 0 32768 ?
*> 172.1.1.1/32 3.3.3.2 2 32768 ?
* 192.168.1.1/32 1.1.1.1 0 10 i
*> 3.3.3.2 2 32768 ?
* 192.168.2.2/32 1.1.1.1 0 10 i
*> 3.3.3.2 2 32768 ?

CE01#sh ip route
Gateway of last resort is not set
O 172.1.1.1 [110/2] via 3.3.3.2, 00:06:47, FastEthernet2/0
192.168.1.0/32 is subnetted, 1 subnets
O E1 192.168.1.1 [110/2] via 3.3.3.2, 00:05:13, FastEthernet2/0
192.168.2.0/32 is subnetted, 1 subnets
O E1 192.168.2.2 [110/2] via 3.3.3.2, 00:05:13, FastEthernet2/0

CE01# sh run | sec router
router ospf 1
log-adjacency-changes
router bgp 20
no synchronization
bgp log-neighbor-changes
redistribute ospf 1 match internal external 1 external 2
neighbor 1.1.1.1 remote-as 10
no auto-summary

##################################
CE02#sh ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
3.3.3.1 1 FULL/BDR 00:00:33 3.3.3.1 FastEthernet2/0

CE02#sh run | sec router
router ospf 1
log-adjacency-changes
redistribute bgp 20 metric-type 1 subnets
router bgp 20
no synchronization
bgp log-neighbor-changes
neighbor 2.2.2.1 remote-as 10
no auto-summary

Solution:
Set the Weight path attribute to 40000 for all routes received from the BGP peer.

CE01(config)#router bgp 20
CE01(config-router)#neighbor 1.1.1.1 weight 4000

CE01#sh ip bgp
Network Next Hop Metric LocPrf Weight Path
*> 192.168.1.1/32 1.1.1.1 4000 10 i
*> 192.168.2.2/32 1.1.1.1 4000 10 i

CE01#sh ip route
O 172.1.1.1 [110/2] via 3.3.3.2, 00:56:16, FastEthernet2/0
192.168.1.0/32 is subnetted, 1 subnets
B 192.168.1.1 [20/0] via 1.1.1.1, 00:00:20
192.168.2.0/32 is subnetted, 1 subnets
B 192.168.2.2 [20/0] via 1.1.1.1, 00:00:20

Reference:
https://www.rogerperkin.co.uk/routing-protocols/bgp/bgp-weight-attribute/
https://www.cisco.com/c/en/us/support/docs/ip/border-gateway-protocol-bgp/213285-understand-the-importance-of-bgp-weight.html

BGP OUTBOUND ROUTE FILTERING (BGP ORF)

Outbound Route Filtering Capability for BGP-4 is currently an IETF draft (http://www.ietf.org/internet-drafts/draft-ietf-idr-route-filter-16.txt) that describes an optimization on how prefix filtering can occur between a Customer Edge (CE) router and a Provider Edge (PE) router that are exchanging IPv4 unicast BGP prefixes. In the design we saw above the upstream PE router sent the full BGP table downstream to the CE router, and filtering was applied inbound on the downstream CE. With BGP ORF the downstream CE router dynamically tells the upstream PE router what routes to filter *outbound*. This means that the downstream CE router will only receive update messages about the prefixes that it wants.

Implementation wise the first step of this feature is for the BGP neighbors to negotiate that they both support the BGP ORF capability. Configuration-wise this looks as follows:

AS100_PE#
router bgp 100
neighbor 10.0.0.200 remote-as 200
!
address-family ipv4
neighbor 10.0.0.200 capability orf prefix-list receive
neighbor 204.12.25.254 activate
exit-address-family

AS200_CE#
router bgp 200
neighbor 10.0.0.100 remote-as 100
!
address-family ipv4
neighbor 10.0.0.100 capability orf prefix-list send
neighbor 10.0.0.100 prefix-list AS_100_INBOUND in
exit-address-family
!

Verification:
AS100_PE#show ip bgp neighbors 10.0.0.200 | begin AF-dependant capabilities:
AS200_CE#show ip bgp neighbors 10.0.0.100 | begin AF-dependant capabilities:

Next, AS 200’s CE router tells AS 100’s PE router which prefixes it wants to receive. The logic of this configuration is that AS 200 is “sending” a prefix-list of what routes it wants, while AS 100 is “receiving” the prefix-list of what the downstream neighbor wants. The reception of the prefix-list by the upstream PE can be verified as follows.

INE LINK

BGP Aggregate Address

### R1 BGP CONFIGURATION ###
router bgp 10
no synchronization
bgp log-neighbor-changes
network 37.1.1.0 mask 255.255.255.0
neighbor 1.1.1.2 remote-as 20
neighbor 1.1.1.2 soft-reconfiguration inbound

R1#sh ip bgp neighbors 1.1.1.2 advertised-routes
BGP table version is 5, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i – internal,
r RIB-failure, S Stale
Origin codes: i – IGP, e – EGP, ? – incomplete

Originating default network 0.0.0.0

Network Next Hop Metric LocPrf Weight Path
*> 37.1.1.0/26 37.1.1.252 0 32768 ?
*> 37.1.1.64/26 0.0.0.0 0 32768 ?
*> 37.1.1.128/25 0.0.0.0 0 32768 ?
Without route summmarizaton we are adversting multiple 37.1.1.0 prefixes towards to the neighbor.

Suppressing more-specific routes

The keyword summary-only filters all more-specific routes which belong to the aggregate-address and only the summary will be advertised.

R1#sh run | sec router bgp
router bgp 10
no synchronization
bgp log-neighbor-changes
network 37.1.1.0 mask 255.255.255.0
aggregate-address 37.1.1.0 255.255.255.0 summary-only

R1#sh ip bgp neighbors 1.1.1.2 advertised-routes
Originating default network 0.0.0.0

Network Next Hop Metric LocPrf Weight Path
*> 37.1.1.0/24 0.0.0.0 32768 i

What is Route Leaking
1. When running a multi MPLS network, it can be useful to leak routes between VRFs. A classic use for this would be to leak your link to a management VRF, or assigning a management address to your CE routers as a /32 address and leaking that. Other uses could be leaking public ip addresses to a separate VRF, to be handled by a different router than the LAN addresses. It is necessary to filter your route leaking to make sure that only non-overlapping addresses are leaked, and it is important to make sure that one VRF doesn’t have access to routes of another VRF.

2. 2 ways to leak one vrf to another: –
1. // statically leak a vrf to global routing table and vice versa
2.// using Rd and rt values leak it to mp bgp (other vrfs) and then redistribute to other dynamic routing protocols in that vrf.

3. In ISP environment they use common MPLS core for multiple customer,,if Ur having multiple sites like London-A and Delhi -A and another end London-B and Delhi-B,if u want to make communications between them we can do that, for that isp MPLS core routers use RD and RT concept ,edge router add RT and same applied to both site if they match they successfully communicate without any issue,,and routes of A gives to another end site A only ,,but if RT mismatch then routes will get leak and site A which is london-A route will get into another end site which is Delhi -2.

BGP – ROUTE REFLECTOR
1. Service provider environment – RR are installed to share routes with multiple PEs rather than building igbp with all PEs

2. Generally service provider must have RR. Those RR can be redundant to each other or shared traffic based on Geo location.

3. 1. RR is used to break the ibgp rule.
2. While using RR there are 2 more attributes introduced in bgp which are originator id and cluster id.
3. These two attributes also provide a loop prevention mechanism in ibgp while using RR.

http://packetpushers.net/bgp-rr-design-part-1/