DESAFIO OSPF+BGP+RR+MPLS NIVEL 2

Assunto: DESAFIO OSPF+BGP+RR+MPLS NIVEL 2 Ter Jul 22, 2008 5:11 pm

Segue um LAB envolvendo um pouco de OSPF (IGP), BGP, MPLS e RR. Como envolve muitas configurações diferentes, os problemas que coloquei não são muito complicados. Quando alguém resolver esse eu posto outro mais complexo.

Sua tarefa estará completa quando:

1 - O CEA estiver recebendo 3 prefixos
2 - O CEB estiver recebendo 3 prefixos
3 - Com source em sua FastEthernet0/0 o CEA conseguir pingar a FastEthernet0/0 do CEB e vice-versa

obs. O LAB é para utilizarmos o RR, os prefixos por dentro da VPN devem ser propagados por ele, ou seja não vale fechar uma vizinhança BGP entre os PEs diretamente, nem propagar o EGP dentro do IGP.

Topologia:

DESAFIO OSPF+BGP+RR+MPLS NIVEL 2 Mpls210

DESAFIO OSPF+BGP+RR+MPLS NIVEL 2 Mpls210

Config dos routers:

********* CEA *********

conf t

service tcp-keepalives-in
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service compress-config
hostname CEA
logging buffered 16000 debugging
no logging console
ip subnet-zero
no ip source-route
ip cef
no ip domain-lookup
interface Loopback0
ip address 192.168.1.4 255.255.255.255
interface Multilink1
bandwidth 128
ip address 200.1.1.2 255.255.255.252
ppp multilink
ppp multilink fragment-delay 10
ppp multilink interleave
multilink-group 1
interface FastEthernet0/0
ip address 10.0.0.1 255.255.255.0
speed 100
full-duplex
interface Serial1/0
bandwidth 128
no ip address
encapsulation ppp
serial restart-delay 0
ppp multilink
multilink-group 1
router bgp 65001
no synchronization
bgp log-neighbor-changes
redistribute connected
neighbor 200.1.1.1 remote-as 7738
neighbor 200.1.1.1 allowas-in
no auto-summary
ip classless
no ip http server
ip bgp-community new-format
end

wr

********* CEB *********

conf t

service tcp-keepalives-in
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service compress-config
hostname CEB
logging buffered 16000 debugging
no logging console
ip subnet-zero
no ip source-route
ip cef
no ip domain-lookup
interface Loopback0
ip address 192.168.1.5 255.255.255.255
interface Multilink1
bandwidth 128
ip address 200.2.1.2 255.255.255.252
max-reserved-bandwidth 95
ppp multilink
ppp multilink fragment-delay 10
ppp multilink interleave
multilink-group 1
interface FastEthernet0/0
ip address 11.0.0.1 255.255.255.0
speed 100
full-duplex
interface Serial1/0
no ip address
encapsulation ppp
serial restart-delay 0
ppp multilink
multilink-group 1
router bgp 65001
no synchronization
bgp log-neighbor-changes
redistribute connected
neighbor 200.2.1.1 remote-as 7738
neighbor 200.2.1.1 allowas-in
no auto-summary
ip classless
no ip http server
ip bgp-community new-format
end

wr

********* PEA *********

conf t

service tcp-keepalives-in
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service compress-config
hostname PEA
logging buffered 16000 debugging
no logging console
ip subnet-zero
no ip source-route
no ip domain lookup
ip vrf CLIENTE
rd 65001:1
route-target export 65001:1
route-target import 65001:1
ip cef
mpls label protocol ldp
mpls ldp logging neighbor-changes
no tag-switching ip propagate-ttl forwarded
interface Loopback0
ip address 192.168.1.1 255.255.255.255
interface Multilink1
bandwidth 128
ip vrf forwarding CLIENTE
ip address 200.1.1.1 255.255.255.252
max-reserved-bandwidth 95
ppp multilink
ppp multilink fragment-delay 10
ppp multilink interleave
multilink-group 1
interface FastEthernet0/0
ip address 200.0.0.1 255.255.255.252
duplex full
speed 100
mpls label protocol ldp
tag-switching mtu 1508
tag-switching ip
interface Serial1/0
bandwidth 128
no ip address
encapsulation ppp
serial restart_delay 0
ppp multilink
multilink-group 1
router ospf 2000
log-adjacency-changes
redistribute connected subnets
network 200.0.0.0 0.0.0.3 area 0
router bgp 7738
no synchronization
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 192.168.1.3 remote-as 7738
neighbor 192.168.1.3 update-source Loopback0
no auto-summary
address-family vpnv4
neighbor 192.168.1.3 activate
neighbor 192.168.1.3 send-community both
no auto-summary
exit-address-family
address-family ipv4 vrf CLIENTE
neighbor 200.1.1.2 remote-as 65001
neighbor 200.1.1.2 activate
no auto-summary
no synchronization
exit-address-family
ip classless
no ip http server
ip bgp-community new-format
end

wr

********* PEB *********

conf t

version 12.2
service tcp-keepalives-in
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service compress-config
hostname PEB
logging buffered 16000 debugging
no logging console
ip subnet-zero
no ip source-route
no ip domain lookup
no ip bootp server
ip vrf CLIENTE
rd 65001:1
route-target export 65001:1
route-target import 65001:1
ip cef
mpls label protocol ldp
mpls ldp logging neighbor-changes
no tag-switching ip propagate-ttl forwarded
interface Loopback0
ip address 192.168.1.2 255.255.255.255
interface Multilink10
bandwidth 128
ip vrf forwarding CLIENTE
ip address 200.2.1.1 255.255.255.252
max-reserved-bandwidth 95
ppp multilink
ppp multilink fragment-delay 10
ppp multilink interleave
multilink-group 10
interface FastEthernet0/0
ip address 200.0.1.1 255.255.255.252
duplex full
speed 100
mpls label protocol ldp
tag-switching mtu 1508
tag-switching ip
interface Serial1/0
bandwidth 128
no ip address
encapsulation ppp
serial restart_delay 0
ppp multilink
multilink-group 10
router ospf 2000
log-adjacency-changes
redistribute connected subnets
network 200.0.1.0 0.0.0.3 area 0
router bgp 7738
no synchronization
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 192.168.1.3 remote-as 7738
neighbor 192.168.1.3 update-source Loopback0
no auto-summary
address-family vpnv4
neighbor 192.168.1.3 activate
neighbor 192.168.1.3 send-community both
no auto-summary
exit-address-family
address-family ipv4 vrf CLIENTE
neighbor 200.2.1.2 remote-as 65001
neighbor 200.2.1.2 activate
no auto-summary
no synchronization
exit-address-family
ip classless
no ip http server
ip bgp-community new-format
end

wr

********* RR *********

conf t

service tcp-keepalives-in
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service compress-config
hostname RR
logging buffered 16000 debugging
no logging console
ip subnet-zero
no ip source-route
no ip domain lookup
no ip bootp server
ip cef
mpls label protocol ldp
mpls ldp logging neighbor-changes
no tag-switching ip propagate-ttl forwarded
interface Loopback0
ip address 192.168.1.3 255.255.255.255
interface FastEthernet0/0
ip address 200.0.0.2 255.255.255.252
duplex full
speed 100
mpls label protocol tdp
tag-switching mtu 1508
tag-switching ip
interface FastEthernet1/0
ip address 200.0.1.2 255.255.255.252
duplex full
speed 100
mpls label protocol tdp
tag-switching mtu 1508
tag-switching ip
router ospf 2000
log-adjacency-changes
redistribute connected subnets
network 200.0.0.0 0.0.0.3 area 0
network 200.0.1.0 0.0.0.3 area 0
router bgp 7738
synchronization
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor VPNRR peer-group
neighbor VPNRR remote-as 7738
neighbor VPNRR description Route-Reflector para MPLS
neighbor 192.168.1.1 peer-group VPNRR
neighbor 192.168.1.2 peer-group VPNRR
auto-summary
address-family vpnv4
neighbor VPNRR activate
neighbor VPNRR route-reflector-client
neighbor VPNRR send-community both
neighbor 192.168.1.1 peer-group VPNRR
neighbor 192.168.1.2 peer-group VPNRR
auto-summary
exit-address-family
ip classless
no ip http server
ip bgp-community new-format
end

wr

arquivo Dynamips (este arquivo foi gerado para o dynamips padrão, caso resolva utilizar o GNS será necessário montar a topologia na hora, não esqueça de corrigir o caminho do IOS e de fazer o idlepc)

autostart = False

[localhost]

[[7200]]
image = .\c7200-jk8s-mz.122-15.T17.bin
npe = npe-400
nvram = 96
ram = 128
ghostios = True
sparsemem = True

[[ROUTER PEA]]
f0/0 = LAN 1
S1/0 = CEA S1/0
model = 7200

[[ROUTER PEB]]
f0/0 = LAN 2
S1/0 = CEB S1/0
model = 7200

[[ROUTER RR]]
f0/0 = LAN 1
f1/0 = LAN 2
model = 7200

[[3640]]
image = .\c3640-is-mz.122-17a.bin
ram = 128
nvram = 128
disk0 = 20

[[ROUTER CEA]]
f0/0 = LAN 3
model = 3640

[[ROUTER CEB]]
f0/0 = LAN 4
model = 3640

IOS para download:
7200
http://www.4shared.com/file/9914030/50c618/c7200-jk8s-mz122-15T17.html

3640
http://www.4shared.com/file/56196256/e7dd23d/c3640-is-mz122-17a.html

Dica: 3 erros de configuração e 2 faltando

Assunto: Re: DESAFIO OSPF+BGP+RR+MPLS NIVEL 2 Sex Ago 15, 2008 1:37 pm

##### Boa tarde, Entao pessoal acho que esse foi em... #####

CONFIGURAÇÃO DO CEA

CEA#SH RUN
Building configuration...

Current configuration : 1622 bytes
!
version 12.3
service tcp-keepalives-in
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service compress-config
!
hostname CEA
!
!
resource policy
!
memory-size iomem 5
ip subnet-zero
no ip source-route
!
!
ip cef
no ip domain lookup
no ip dhcp use vrf connected
!
!
no ip ips deny-action ips-interface
!
no ftp-server write-enable
!
!
interface Loopback0
ip address 192.168.1.4 255.255.255.255
!
interface Multilink1
bandwidth 128
ip address 200.1.1.2 255.255.255.252
ppp multilink
ppp multilink fragment delay 10
ppp multilink interleave
ppp multilink group 1
!
interface FastEthernet0/0
ip address 10.0.0.1 255.255.255.0
speed 100
full-duplex
!
interface Serial1/0
bandwidth 128
no ip address
encapsulation ppp
serial restart-delay 0
ppp multilink
ppp multilink group 1
!
!
router bgp 65001
no synchronization
bgp log-neighbor-changes
redistribute connected
neighbor 200.1.1.1 remote-as 7738
neighbor 200.1.1.1 allowas-in
no auto-summary
!
!
end

CONFIGURAÇÃO DO PEA

Building configuration...

Current configuration : 2801 bytes
!
version 12.2
service tcp-keepalives-in
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service compress-config
!
hostname PEA
!
logging queue-limit 100
logging buffered 16000 debugging
no logging console
!
ip subnet-zero
no ip source-route
!
!
no ip domain lookup
!
ip vrf CLIENTE
rd 65001:1
route-target export 65001:1
route-target import 65001:1
!
ip vrf forwarding
!
ip cef
mpls label protocol ldp
mpls ldp logging neighbor-changes
no tag-switching ip propagate-ttl forwarded
!
no voice hpi capture buffer
no voice hpi capture destination
!
!
mta receive maximum-recipients 0
!
!
!
!
interface Loopback0
ip address 192.168.1.1 255.255.255.255
!
interface Multilink1
bandwidth 128
ip vrf forwarding CLIENTE
ip address 200.1.1.1 255.255.255.252
max-reserved-bandwidth 95
ppp multilink
ppp multilink fragment-delay 10
ppp multilink interleave
multilink-group 1
!
interface FastEthernet0/0
ip address 200.0.0.1 255.255.255.252
duplex full
speed 100
mpls label protocol ldp
tag-switching mtu 1508
tag-switching ip
!
!
interface Serial1/0
bandwidth 128
no ip address
encapsulation ppp
serial restart_delay 0
ppp multilink
multilink-group 1
!
!
router ospf 2000
log-adjacency-changes
redistribute connected subnets
network 200.0.0.0 0.0.0.3 area 0
!
router bgp 7738
no synchronization
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 192.168.1.3 remote-as 7738
neighbor 192.168.1.3 update-source Loopback0
no auto-summary
!
address-family ipv4 multicast
no auto-summary
no synchronization
exit-address-family
!
address-family vpnv4
neighbor 192.168.1.3 activate
neighbor 192.168.1.3 next-hop-self
neighbor 192.168.1.3 send-community both
no auto-summary
exit-address-family
!
address-family ipv4
no auto-summary
no synchronization
exit-address-family
!
address-family ipv4 vrf forwarding
no auto-summary
no synchronization77
exit-address-family
!
address-family ipv4 vrf CLIENTE
neighbor 200.1.1.2 remote-as 65001
neighbor 200.1.1.2 activate
neighbor 200.1.1.2 allowas-in
no auto-summary
no synchronization
exit-address-family
!
ip classless
no ip http server
no ip http secure-server
!
ip bgp-community new-format
!
end

CONFIGURAÇÃO DO RR

hostname RR
!
logging queue-limit 100
logging buffered 16000 debugging
no logging console
!
ip subnet-zero
no ip source-route
!
!
no ip domain lookup
!
no ip bootp server
ip cef
mpls label protocol ldp
mpls ldp logging neighbor-changes
no tag-switching ip propagate-ttl forwarded
!

no voice hpi capture buffer
no voice hpi capture destination
!
!
mta receive maximum-recipients 0
!
!
!
!
interface Loopback0
ip address 192.168.1.3 255.255.255.255
!
interface FastEthernet0/0
ip address 200.0.0.2 255.255.255.252
duplex full
speed 100
mpls label protocol ldp
tag-switching mtu 1508
tag-switching ip
!
interface FastEthernet0/1
ip address 200.0.1.2 255.255.255.252
duplex full
speed 100
mpls label protocol ldp
tag-switching mtu 1508
tag-switching ip
!
!
router ospf 2000
log-adjacency-changes
redistribute connected subnets
network 200.0.0.0 0.0.0.3 area 0
network 200.0.1.0 0.0.0.3 area 0
!
router bgp 7738
no synchronization
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor VPNRR peer-group
neighbor VPNRR remote-as 7738
neighbor VPNRR description Route-Reflector para MPLS
neighbor 192.168.1.1 peer-group VPNRR
neighbor 192.168.1.2 peer-group VPNRR
auto-summary
!
address-family ipv4 multicast
no auto-summary
no synchronization
exit-address-family
!
address-family vpnv4
neighbor VPNRR activate
neighbor VPNRR route-reflector-client
neighbor VPNRR send-community both
neighbor 192.168.1.1 peer-group VPNRR
neighbor 192.168.1.2 peer-group VPNRR
auto-summary
exit-address-family
!
ip classless
no ip http server
no ip http secure-server
!
ip bgp-community new-format
!
!
end

CONFIGURAÇÃO DO PEB

hostname PEB
!
logging queue-limit 100
logging buffered 16000 debugging
no logging console
!
ip subnet-zero
no ip source-route
!
!
no ip domain lookup
!
no ip bootp server
ip vrf CLIENTE
rd 65001:1
route-target export 65001:1
route-target import 65001:1
!
ip cef
mpls label protocol ldp
mpls ldp logging neighbor-changes
no tag-switching ip propagate-ttl forwarded
!
!
no voice hpi capture buffer
no voice hpi capture destination
!
!
mta receive maximum-recipients 0
!
!
interface Loopback0
ip address 192.168.1.2 255.255.255.255
!
interface Multilink10
bandwidth 128
ip vrf forwarding CLIENTE
ip address 200.2.1.1 255.255.255.252
max-reserved-bandwidth 95
ppp multilink
ppp multilink fragment-delay 10
ppp multilink interleave
multilink-group 10
!
!
interface FastEthernet0/1
ip address 200.0.1.1 255.255.255.252
duplex full
speed 100
mpls label protocol ldp
tag-switching mtu 1508
tag-switching ip
!
router ospf 2000
log-adjacency-changes
redistribute connected subnets
network 200.0.1.0 0.0.0.3 area 0
!
router bgp 7738
no synchronization
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 192.168.1.3 remote-as 7738
neighbor 192.168.1.3 update-source Loopback0
no auto-summary
!
address-family ipv4 multicast
no auto-summary
no synchronization
exit-address-family
!
address-family vpnv4
neighbor 192.168.1.3 activate
neighbor 192.168.1.3 next-hop-self
neighbor 192.168.1.3 send-community both
no auto-summary
exit-address-family
!
address-family ipv4
no auto-summary
no synchronization
exit-address-family
!
address-family ipv4 vrf CLIENTE
neighbor 200.2.1.2 remote-as 65001
neighbor 200.2.1.2 activate
neighbor 200.2.1.2 allowas-in
no auto-summary
no synchronization
exit-address-family
!
ip classless
no ip http server
no ip http secure-server
!
ip bgp-community new-format
!
!
end

CONFIGURAÇÃO DO CEB
hostname CEB
!
boot-start-marker
boot-end-marker
!
logging buffered 16000 debugging
no logging console
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
ip subnet-zero
no ip source-route
!
!
ip cef
no ip domain lookup
no ip dhcp use vrf connected
!
!
no ip ips deny-action ips-interface
!
no ftp-server write-enable
!
!
interface Loopback0
ip address 192.168.1.5 255.255.255.255
!
interface Multilink1
bandwidth 128
ip address 200.2.1.2 255.255.255.252
ppp multilink
ppp multilink fragment delay 10
ppp multilink interleave
ppp multilink group 1
max-reserved-bandwidth 95
!
interface FastEthernet0/0
ip address 11.0.0.1 255.255.255.0
speed 100
full-duplex
!
interface Serial1/0
no ip address
encapsulation ppp
serial restart-delay 0
ppp multilink
ppp multilink group 1
max-reserved-bandwidth 95
!
!
router bgp 65001
no synchronization
bgp log-neighbor-changes
redistribute connected
neighbor 200.2.1.1 remote-as 7738
neighbor 200.2.1.1 allowas-in
no auto-summary
!
no ip http server
no ip http secure-server
!
ip classless
!
ip bgp-community new-format
!
end
-----------------------------------------------------

Resposta !!!

1 - O CEA estiver recebendo 3 prefixos
R: CEA#sh ip bgp summary
BGP router identifier 192.168.1.4, local AS number 65001
BGP activity 32/25 prefixes, 32/25 paths, scan interval 60 secs
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
200.1.1.1 4 7738 210 211 8 0 0 00:44:07 3

2 - O CEB estiver recebendo 3 prefixos
R: CEB#sh ip bgp summary
BGP router identifier 192.168.1.5, local AS number 65001
BGP activity 14/7 prefixes, 17/10 paths, scan interval 60 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
200.2.1.1 4 7738 199 195 20 0 0 03:01:05 3

3 - Com source em sua FastEthernet0/0 o CEA conseguir pingar a FastEthernet0/0 do CEB e vice-versa
R(CEA -- CEB):
CEA#ping 11.0.0.1 source FastEthernet0/0
Sending 5, 100-byte ICMP Echos to 11.0.0.1, timeout is 2 seconds:
Packet sent with a source address of 10.0.0.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 136/193/256 ms

R(CEB -- CEA):
CEB#ping 10.0.0.1 source FastEthernet0/0
Sending 5, 100-byte ICMP Echos to 10.0.0.1, timeout is 2 seconds:
Packet sent with a source address of 11.0.0.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 200/216/232 ms

Concluido: (Show de Bola este Lab RR X MPLS)

Protocolo tdp MPLS divergente da Topologia ldp, que estava configurada na Interface o que apresentava “Untagged “, onde foi substituído pelo ldp.

O synchronization no RR, foi retirado onde deixei como no synchronization

Então Nakano você neste LAB informou que existe 3 erros de configurações e duas faltando, porém somente alterei 2 erros e esta funcionando, vamos ver se a Galera responde ou complementa, entao depois você responde ou senao da mais uma dica ai.

Abraços.
Marcelo Guerra

Assunto: Re: DESAFIO OSPF+BGP+RR+MPLS NIVEL 2 Sex Ago 15, 2008 5:20 pm

Marcelo, realmente você encontrou a maior parte do LAB.

Quando eu coloquei as falhas no LAB e não cheguei a testa-las.
Sabe q estou achando interessante, sem estas duas configurações no RR não era para ter subido:

CONFIGURAÇÃO DO RR

router bgp 7738
address-family vpnv4
no auto-summary
neighbor VPNRR update-source Loopback0

A primeira devido ao anuncio das Loopbacks.
A segunda pois estamos utilizando uma loopback para fechar a vizinhança BGP.

De qualquer modo parabéns, ve se dorme agora hahahahhaa

Vou ver se arrumo um tempinho e coloco um mais dificil

abs