********************************* Lab 0 - Base Setup ********************************* ================================================ 1. Configure BGP between AS 100 & AS 200 ================================================ ------- R1 ------- ip route 192.168.2.2 255.255.255.255 192.1.11.2 ip route 192.168.2.2 255.255.255.255 192.1.12.2 ! router bgp 100 network 1.0.0.0 network 11.1.1.0 mask 255.255.255.0 neighbor 192.168.2.2 remote-as 200 neighbor 192.168.2.2 update-source loopback99 neighbor 192.168.2.2 ebgp-multihop ------- R2 ------- ip route 192.168.1.1 255.255.255.255 192.1.11.1 ip route 192.168.1.1 255.255.255.255 192.1.12.1 ! router bgp 200 network 2.0.0.0 network 22.2.2.0 mask 255.255.255.0 neighbor 192.168.1.1 remote-as 100 neighbor 192.168.1.1 update-source loopback99 neighbor 192.168.1.1 ebgp-multihop ================================================ 2. Configure BGP between AS 200 & AS 500 ================================================ ------- R5 ------- router bgp 500 network 5.0.0.0 network 55.5.5.0 mask 255.255.255.0 neighbor 192.1.35.3 remote-as 200 ------- R3 ------- router bgp 200 network 3.0.0.0 network 33.3.3.0 mask 255.255.255.0 neighbor 192.1.35.5 remote-as 500 ================================================ 3. Configure BGP between AS 200 & AS 600 ================================================ ------- R6 ------- router bgp 600 network 6.0.0.0 network 66.6.6.0 mask 255.255.255.0 neighbor 192.1.46.4 remote-as 200 ------- R4 ------- router bgp 200 network 4.0.0.0 network 44.4.4.0 mask 255.255.255.0 neighbor 192.1.46.6 remote-as 600 =================================================== 4. Configure iBGP within AS 200 with R3 as the RR =================================================== ------- R2 ------- router eigrp 200 network 192.168.23.0 network 192.168.24.0 network 10.0.0.0 ! router bgp 200 neighbor 10.3.3.3 remote-as 200 neighbor 10.3.3.3 update-source Loopback10 neighbor 10.3.3.3 next-hop-self ------- R3 ------- router eigrp 200 network 192.168.23.0 network 192.168.34.0 network 10.0.0.0 ! router bgp 200 neighbor IBGP peer-group neighbor IBGP remote-as 200 neighbor IBGP update-source Loopback10 neighbor IBGP next-hop-self neighbor IBGP route-reflector-client neighbor 10.2.2.2 peer-group IBGP neighbor 10.3.3.3 peer-group IBGP ------- R4 ------- router eigrp 200 network 192.168.24.0 network 192.168.34.0 network 10.0.0.0 ! router bgp 200 neighbor 10.3.3.3 remote-as 200 neighbor 10.3.3.3 update-source Loopback10 neighbor 10.3.3.3 next-hop-self ********************************* Lab 1 - Filtering using an ACL ********************************* ============================================================ 1. Configure the loopbacks on R2 and advertise them in BGP ============================================================ ------ R2 ------ interface Loopback1 ip address 192.2.1.1 255.255.255.0 ! interface Loopback2 ip address 192.2.2.1 255.255.255.0 ! interface Loopback3 ip address 192.2.3.1 255.255.255.0 ! interface Loopback4 ip address 192.2.4.1 255.255.255.0 ! interface Loopback5 ip address 192.2.5.1 255.255.255.0 ! interface Loopback6 ip address 192.2.6.1 255.255.255.0 ! interface Loopback7 ip address 192.2.7.1 255.255.255.0 ! interface Loopback8 ip address 192.2.8.1 255.255.255.0 ! Access-list 1 permit 192.2.1.1 0.0.0.255 Access-list 1 permit 192.2.2.1 0.0.0.255 Access-list 1 permit 192.2.3.1 0.0.0.255 Access-list 1 permit 192.2.4.1 0.0.0.255 Access-list 1 permit 192.2.5.1 0.0.0.255 Access-list 1 permit 192.2.6.1 0.0.0.255 Access-list 1 permit 192.2.7.1 0.0.0.255 Access-list 1 permit 192.2.8.1 0.0.0.255 ! Route-map RC permit 10 Match address 1 Set origin igp ! Router bgp 200 Redistribute connected route-map RC =============================================================================== 2. Configure R2 to block the networks with an Odd # in the 192.2.X.0/24 range. This should be done towards External Neighbors. Don't use a Prefix-list for the task. Use Minimum number of lines in the filter. =============================================================================== ------ R2 ------ access-list 2 deny 192.2.1.0 0.0.254.255 access-list 2 permit any ! router bgp 200 neighbor 192.168.1.1 distribute-list 2 out =============================================================================== 2. Configure R3 to block the networks with an even # in the 192.2.X.0/24 range coming in from R2. Don't use a Prefix-list for the task. Use Minimum number of lines in the filter. =============================================================================== ------ R3 ------ access-list 1 deny 192.2.0.0 0.0.254.255 access-list 1 permit any ! router bgp 200 neighbor 10.2.2.2 distribute-list 1 in ***************************************** Lab 2 - Filtering using an Prefix-list ***************************************** ============================================================ 1. Configure the loopbacks on R3 and advertise them in BGP ============================================================ ------ R3 ------ interface Loopback1 ip address 150.3.16.1 255.255.240.0 ! interface Loopback2 ip address 150.3.36.1 255.255.252.0 ! interface Loopback3 ip address 150.3.40.1 255.255.252.0 ! interface Loopback4 ip address 150.3.50.1 255.255.254.0 ! interface Loopback5 ip address 150.3.65.1 255.255.255.0 ! interface Loopback6 ip address 150.13.0.1 255.255.0.0 ! interface Loopback7 ip address 150.14.64.1 255.255.192.0 ! Router bgp 200 Network 150.3.16.0 mask 255.255.240.0 Network 150.3.36.0 mask 255.255.252.0 Network 150.3.40.0 mask 255.255.252.0 Network 150.3.50.0 mask 255.255.254.0 Network 150.3.65.0 mask 255.255.255.0 Network 150.13.0.0 Network 150.14.64.0 mask 255.255.192.0 ======================================================================== 2. Configure R2 such that it blocks all the 150.X.X.0 routes that have a subnet mask greater than 17 and less than 23 bits coming in from R3. ======================================================================== ------ R2 ------ ip prefix-list PL1 deny 150.0.0.0/8 ge 18 le 22 ip prefix-list PL1 permit 0.0.0.0/0 le 32 ! router bgp 200 neighbor 10.2.2.2 prefix-list PL1 in ******************************************** Lab 3 - Filtering using the AS-Path Filter ******************************************** ++++++++++++++++++++++++++++++++++++++++ Regular Expression Special Characters ++++++++++++++++++++++++++++++++++++++++ ^ - Begining of the Line (AS Path) $ - End of the Line (AS Path) _ - ' ' OR '^' OR '$' .* - Any ============================================================ 1. Configure R6 to block any routes originating in AS 500 ============================================================ ------ R6 ------ ip as-path access-list 1 deny _500$ ip as-path access-list 1 permit .* ! router bgp 600 neighbor 192.1.46.4 filter-list 1 in ========================================================================= 2. AS 200 should not be a transit AS. Configuration can be done only on R1, R3 & R4 ========================================================================= ------ R1 ------ ip as-path access-list 1 permit ^200$ ! router bgp 100 neighbor 192.168.2.2 filter-list 1 in ------ R3 ------ ip as-path access-list 1 permit ^$ ! router bgp 200 neighbor 192.1.35.5 filter-list 1 out ------ R4 ------ ip as-path access-list 1 permit ^$ ! router bgp 200 neighbor 192.1.46.6 filter-list 1 out ******************************************** Lab 4 - Route Aggregation with Filtering ******************************************** ============================================================ 1. Configure the loopbacks on R2 and advertise them in BGP ============================================================ ------ R2 ------ interface Loopback101 ip address 202.1.4.1 255.255.255.0 ! interface Loopback102 ip address 202.1.5.1 255.255.255.0 ! interface Loopback103 ip address 202.1.6.1 255.255.255.0 ! interface Loopback104 ip address 202.1.7.1 255.255.255.0 ! Router bgp 200 network 202.1.4.0 network 202.1.5.0 network 202.1.6.0 network 202.1.7.0 ============================================================================ 2. Configure R2 such that is summarizes the 202.1.X.0/24 range towards R1. Configure R2 such that it only sends the specifics towards R3. ============================================================================ ------ R2 ------ router bgp 200 aggregate-address 202.1.4.0 255.255.252.0 ! Filter towards External Neighbors ip prefix-list PL1-OUT deny 202.1.4.0/22 ge 24 ip prefix-list PL1-OUT permit 0.0.0.0/0 le 32 ! router bgp 200 neighbor 192.168.1.1 prefix-list PL1-OUT out ! Filter towards Internal Neighbors ip prefix-list PL1-INT deny 202.1.4.0/22 ip prefix-list PL1-INT permit 0.0.0.0/0 le 32 ! router bgp 200 neighbor 10.3.3.3 prefix-list PL1-INT out ******************************************** Lab 5 - Route Aggregation with Summary-Only ******************************************** ============================================================ 1. Configure the loopbacks on R3 and advertise them in BGP ============================================================ ------ R3 ------ interface Loopback101 ip address 203.1.4.1 255.255.255.0 ! interface Loopback102 ip address 203.1.5.1 255.255.255.0 ! interface Loopback103 ip address 203.1.6.1 255.255.255.0 ! interface Loopback104 ip address 203.1.7.1 255.255.255.0 ! Router bgp 200 network 203.1.4.0 network 203.1.5.0 network 203.1.6.0 network 203.1.7.0 ============================================================================ 2. Configure R3 such that is summarizes the 203.1.X.0/24. All the specifics should be suppressed towards all neighbors. ============================================================================ ------ R3 ------ router bgp 200 aggregate-address 202.1.4.0 255.255.252.0 summary-only ******************************************** Lab 6 - Route Aggregation with Supress-Map ******************************************** ============================================================ 1. Configure the loopbacks on R4 and advertise them in BGP ============================================================ ------ R4 ------ interface Loopback101 ip address 204.1.4.1 255.255.255.0 ! interface Loopback102 ip address 204.1.5.1 255.255.255.0 ! interface Loopback103 ip address 204.1.6.1 255.255.255.0 ! interface Loopback104 ip address 204.1.7.1 255.255.255.0 ! Router bgp 200 network 204.1.4.0 network 204.1.5.0 network 204.1.6.0 network 204.1.7.0 ============================================================================ 2. Configure R4 such that is summarizes the 204.1.X.0/24. All the specifics should be suppressed towards all neighbors except for 204.1.5.0/24. ============================================================================ ------ R4 ------ access-list 44 deny 204.1.5.0 0.0.0.255 access-list 44 permit any or access-list 44 permit 204.1.4.0 0.0.0.255 access-list 44 permit 204.1.6.0 0.0.0.255 access-list 44 permit 204.1.7.0 0.0.0.255 ! route-map SM match ip address 44 ! router bgp 200 aggregate-address 204.1.4.0 255.255.252.0 suppress-map SM ******************************************** Lab 7 - Confederation ******************************************** ++++++++++++++++++++++ 1. Configure 65001 ++++++++++++++++++++++ ============================================================ 1. Configure EIGRP as the IGP ============================================================ ------ R1 ------ router eigrp 65001 network 192.168.14.0 network 192.168.15.0 network 172.16.0.0 ------ R4 ------ router eigrp 65001 network 192.168.14.0 network 192.168.45.0 network 172.16.0.0 ------ R5 ------ router eigrp 65001 network 192.168.15.0 network 192.168.45.0 network 172.16.0.0 ============================================================ 2. Configure iBGP with R1 being the RR ============================================================ ------ R1 ------ router bgp 65001 bgp confederation identifier 1000 network 1.0.0.0 neighbor IBGP peer-group neighbor IBGP remote-as 65001 neighbor IBGP update-source loopback10 neighbor IBGP next-hop-self neighbor IBGP route-reflector-client neighbor 172.16.1.4 peer-group IBGP neighbor 172.16.1.5 peer-group IBGP ------ R4 ------ router bgp 65001 bgp confederation identifier 1000 network 4.0.0.0 neighbor 172.16.1.1 remote-as 65001 neighbor 172.16.1.1 update-source loopback10 neighbor 172.16.1.1 next-hop-self ------ R5 ------ router bgp 65001 bgp confederation identifier 1000 network 5.0.0.0 neighbor 172.16.1.1 remote-as 65001 neighbor 172.16.1.1 update-source loopback10 neighbor 172.16.1.1 next-hop-self ============================================================ 2. Configure eBGP with AS 10 & AS 11 ============================================================ ------ R4 ------ router bgp 65001 neighbor 192.1.40.10 remote-as 10 ------ R10 ------ router bgp 10 neighbor 192.1.40.4 remote-as 1000 network 100.0.0.0 ------ R5 ------ router bgp 65001 neighbor 192.1.50.11 remote-as 11 ------ R11 ------ router bgp 11 neighbor 192.1.50.5 remote-as 1000 network 111.0.0.0 ++++++++++++++++++++++ 1. Configure 65002 ++++++++++++++++++++++ ============================================================ 1. Configure OSPF as the IGP ============================================================ ------ R2 ------ router ospf 1 router-id 0.0.0.2 network 192.168.26.0 0.0.0.255 area 0 network 192.168.27.0 0.0.0.255 area 0 network 172.16.0.0 0.0.255.255 area 0 ------ R6 ------ router ospf 1 router-id 0.0.0.6 network 192.168.26.0 0.0.0.255 area 0 network 192.168.67.0 0.0.0.255 area 0 network 172.16.0.0 0.0.255.255 area 0 ------ R7 ------ router ospf 1 router-id 0.0.0.7 network 192.168.27.0 0.0.0.255 area 0 network 192.168.67.0 0.0.0.255 area 0 network 172.16.0.0 0.0.255.255 area 0 ============================================================ 2. Configure iBGP with R2 being the RR ============================================================ ------ R1 ------ router bgp 65002 bgp confederation identifier 1000 network 2.0.0.0 neighbor IBGP peer-group neighbor IBGP remote-as 65002 neighbor IBGP update-source loopback10 neighbor IBGP next-hop-self neighbor IBGP route-reflector-client neighbor 172.16.1.6 peer-group IBGP neighbor 172.16.1.7 peer-group IBGP ------ R6 ------ router bgp 65002 bgp confederation identifier 1000 network 6.0.0.0 neighbor 172.16.1.2 remote-as 65002 neighbor 172.16.1.2 update-source loopback10 neighbor 172.16.1.2 next-hop-self ------ R7 ------ router bgp 65002 bgp confederation identifier 1000 network 7.0.0.0 neighbor 172.16.1.2 remote-as 65002 neighbor 172.16.1.2 update-source loopback10 neighbor 172.16.1.2 next-hop-self ============================================================ 3. Configure eBGP with AS 12 & AS 13 ============================================================ ------ R6 ------ router bgp 65002 neighbor 192.1.60.12 remote-as 12 ------ R12 ------ router bgp 12 neighbor 192.1.60.6 remote-as 1000 network 112.0.0.0 ------ R7 ------ router bgp 65002 neighbor 192.1.70.13 remote-as 13 ------ R13 ------ router bgp 13 neighbor 192.1.70.7 remote-as 1000 network 113.0.0.0 ++++++++++++++++++++++ 1. Configure 65003 ++++++++++++++++++++++ ============================================================ 1. Configure IS-IS as the IGP ============================================================ ------ R3 ------ router isis net 49.0000.0000.0000.0003.00 is-type level-2 metric-style wide ! interface E 0/2 ip router isis ! interface E 0/3 ip router isis ! interface loopback 10 ip router isis ------ R8 ------ router isis net 49.0000.0000.0000.0008.00 is-type level-2 metric-style wide ! interface E 0/0 ip router isis ! interface E 0/1 ip router isis ! interface loopback 10 ip router isis ------ R9 ------ router isis net 49.0000.0000.0000.0009.00 is-type level-2 metric-style wide ! interface E 0/0 ip router isis ! interface E 0/1 ip router isis ! interface loopback 10 ip router isis ============================================================ 2. Configure iBGP with R3 being the RR ============================================================ ------ R3 ------ router bgp 65003 bgp confederation identifier 1000 network 3.0.0.0 neighbor IBGP peer-group neighbor IBGP remote-as 65003 neighbor IBGP update-source loopback10 neighbor IBGP next-hop-self neighbor IBGP route-reflector-client neighbor 172.16.1.8 peer-group IBGP neighbor 172.16.1.9 peer-group IBGP ------ R8 ------ router bgp 65003 bgp confederation identifier 1000 network 8.0.0.0 neighbor 172.16.1.3 remote-as 65003 neighbor 172.16.1.3 update-source loopback10 neighbor 172.16.1.3 next-hop-self ------ R9 ------ router bgp 65003 bgp confederation identifier 1000 network 9.0.0.0 neighbor 172.16.1.3 remote-as 65003 neighbor 172.16.1.3 update-source loopback10 neighbor 172.16.1.3 next-hop-self ============================================================ 3. Configure eBGP with AS 14 & AS 15 ============================================================ ------ R8 ------ router bgp 65003 neighbor 192.1.80.14 remote-as 14 ------ R14 ------ router bgp 14 neighbor 192.1.80.8 remote-as 1000 network 114.0.0.0 ------ R9 ------ router bgp 65003 neighbor 192.1.90.15 remote-as 15 ------ R15 ------ router bgp 15 neighbor 192.1.90.9 remote-as 1000 network 115.0.0.0 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 4. Configure the Confederation peer to exchange routes +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ============================================================ 1. Configure EIGRP as the IGP ============================================================ ------ R1 ------ router eigrp 1000 network 192.168.12.0 network 192.168.13.0 network 172.16.0.0 ------ R2 ------ router eigrp 1000 network 192.168.12.0 network 192.168.23.0 network 172.16.0.0 ------ R3 ------ router eigrp 1000 network 192.168.13.0 network 192.168.23.0 network 172.16.0.0 ============================================================ 2. Configure eBGP between 65001, 65002 & 65003 ============================================================ ------ R1 ------ router bgp 65001 bgp confederation peer 65002 65003 neighbor 172.16.1.3 remote-as 65003 neighbor 172.16.1.3 update-source loopback10 neighbor 172.16.1.3 next-hop-self neighbor 172.16.1.3 ebgp-multihop neighbor 172.16.1.2 remote-as 65002 neighbor 172.16.1.2 update-source loopback10 neighbor 172.16.1.2 next-hop-self neighbor 172.16.1.2 ebgp-multihop ------ R2 ------ router bgp 65002 bgp confederation peer 65001 65003 neighbor 172.16.1.3 remote-as 65003 neighbor 172.16.1.3 update-source loopback10 neighbor 172.16.1.3 next-hop-self neighbor 172.16.1.3 ebgp-multihop neighbor 172.16.1.1 remote-as 65001 neighbor 172.16.1.1 update-source loopback10 neighbor 172.16.1.1 next-hop-self neighbor 172.16.1.1 ebgp-multihop ------ R3 ------ router bgp 65003 bgp confederation peer 65001 65002 neighbor 172.16.1.1 remote-as 65001 neighbor 172.16.1.1 update-source loopback10 neighbor 172.16.1.1 next-hop-self neighbor 172.16.1.1 ebgp-multihop neighbor 172.16.1.2 remote-as 65002 neighbor 172.16.1.2 update-source loopback10 neighbor 172.16.1.2 next-hop-self neighbor 172.16.1.2 ebgp-multihop