For instance I want to send traffic in this direction only during these specific times of day. Anyone ever tried this or know if it even works? I have never seen this used and can't think of a reason it wouldn't work. Curious.
Thanks.
↧
PBR w/ time based ACLs
↧
Any Transport over MPLS (AToMPLS)
Hi. I want to enable communication between R7 and R9 over SP network that consists of R8, R10, R12 and R13. I've enabled BGP 100 and MPLS between SP routers. this is my topology and config. the Ethernet over MPLS does not work. do I need to create a direct tunnel link between R8 and R10 with MPLS on it to make it work?
R8 config: --------------------
interface Loopback0
ip address 8.8.8.8 255.255.255.255
ip ospf 2 area 0
!
interface FastEthernet0/0.1
encapsulation dot1Q 1 native
xconnect 10.10.10.1 100 encapsulation mpls
!
interface Serial0/0
ip address 100.1.128.8 255.255.255.0
ip ospf 2 area 0
mpls ip
!
mpls ldp router-id Loopback0 force
R10 config -----------------------------------------
interface Loopback0
ip address 10.10.10.1 255.255.255.255
ip ospf 2 area 0
!
interface FastEthernet0/0.1
encapsulation dot1Q 1 native
xconnect 8.8.8.8 100 encapsulation mpls
!
interface Serial0/0
ip address 100.1.131.10 255.255.255.0
ip ospf 2 area 0
mpls ip
!
mpls ldp router-id Loopback0 force
some show commands:---------------------------------
R8(config-router)#do sh mpls l2 vc
Local intf Local circuit Dest address VC ID Status
------------- -------------------------- --------------- ---------- ----------
Fa0/0.1 Eth VLAN 1 10.10.10.1 100 UP
R10#sh mpls l2 vc
Local intf Local circuit Dest address VC ID Status
------------- -------------------------- --------------- ---------- ----------
Fa0/0.1 Eth VLAN 1 8.8.8.8 100 UP
R10#sh mpls ldp neigh | inc Iden
Peer LDP Ident: 13.13.13.1:0; Local LDP Ident 10.10.10.1:0
Addresses bound to peer LDP Ident:
Peer LDP Ident: 8.8.8.8:0; Local LDP Ident 10.10.10.1:0
Addresses bound to peer LDP Ident:
R8(config-router)#do sh mpls ldp neigh | inc Iden
Peer LDP Ident: 12.12.12.1:0; Local LDP Ident 8.8.8.8:0
Addresses bound to peer LDP Ident:
Peer LDP Ident: 10.10.10.1:0; Local LDP Ident 8.8.8.8:0
Addresses bound to peer LDP Ident:
↧
↧
MDT problem on IOS-XR
Hi everyone!
I'm having hard time to understand why IOS-XR rouetr is not working properly with MDT. Here is my topology:
XR2 is RP for the provider multicast domain. R4 is RP for the customer multicast domain. The table below the topology shows the outcome of ping tests between the routes. R4 can only reach XR2 group, XR2 can only reach R4 group. The rest of the routers can reach all groups. Groups are numbered as follows: 239.0.0.X, where X is the number of the router.
Here is what is seen on R4:
R4#show ip mroute
IP Multicast Routing Table
Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected,
L - Local, P - Pruned, R - RP-bit set, F - Register flag,
T - SPT-bit set, J - Join SPT, M - MSDP created entry, E - Extranet,
X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement,
U - URD, I - Received Source Specific Host Report,
Z - Multicast Tunnel, z - MDT-data group sender,
Y - Joined MDT-data group, y - Sending to MDT-data group,
V - RD & Vector, v - Vector
Outgoing interface flags: H - Hardware switched, A - Assert winner
Timers: Uptime/Expires
Interface state: Interface, Next-Hop or VCD, State/Mode
(*, 239.0.0.20), 00:37:59/00:02:34, RP 172.9.0.4, flags: S
Incoming interface: Null, RPF nbr 0.0.0.0
Outgoing interface list:
Ethernet1/1, Forward/Sparse, 00:37:59/00:02:34
(*, 239.0.0.1), 00:45:09/00:03:24, RP 172.9.0.4, flags: S
Incoming interface: Null, RPF nbr 0.0.0.0
Outgoing interface list:
Ethernet1/1, Forward/Sparse, 00:45:09/00:03:24
(*, 239.0.0.2), 00:29:35/00:02:54, RP 172.9.0.4, flags: S
Incoming interface: Null, RPF nbr 0.0.0.0
Outgoing interface list:
Ethernet1/1, Forward/Sparse, 00:29:35/00:02:54
(*, 239.0.0.3), 00:38:44/00:02:44, RP 172.9.0.4, flags: S
Incoming interface: Null, RPF nbr 0.0.0.0
Outgoing interface list:
Ethernet1/1, Forward/Sparse, 00:38:44/00:02:44
(*, 239.0.0.4), 00:37:26/00:02:40, RP 172.9.0.4, flags: SJCL
Incoming interface: Null, RPF nbr 0.0.0.0
Outgoing interface list:
Loopback0, Forward/Sparse, 00:37:26/00:02:40
(*, 224.0.1.40), 01:04:43/00:02:25, RP 0.0.0.0, flags: DPL
Incoming interface: Null, RPF nbr 0.0.0.0
Outgoing interface list: Null
R4#show ip pim int
Address Interface Ver/ Nbr Query DR DR
Mode Count Intvl Prior
172.9.204.4 Ethernet1/1 v2/S 1 30 1 172.9.204.20
172.9.0.4 Loopback0 v2/S 0 30 1 172.9.0.4
PIM Neighbor Table
Mode: B - Bidir Capable, DR - Designated Router, N - Default DR Priority,
P - Proxy Capable, S - State Refresh Capable, G - GenID Capable
Neighbor Interface Uptime/Expires Ver DR
Address Prio/Mode
172.9.204.20 Ethernet1/1 00:57:06/00:01:19 v2 1 / DR P G
Here is XR2:
RP/0/0/CPU0:XR2#show pim vrf ABC topology
Wed Oct 15 19:26:29.683 UTC
IP PIM Multicast Topology Table
Entry state: (*/S,G)[RPT/SPT] Protocol Uptime Info
Entry flags: KAT - Keep Alive Timer, AA - Assume Alive, PA - Probe Alive
RA - Really Alive, IA - Inherit Alive, LH - Last Hop
DSS - Don't Signal Sources, RR - Register Received
SR - Sending Registers, SNR - Sending Null Registers
E - MSDP External, EX - Extranet
MFA - Mofrr Active, MFP - Mofrr Primary, MFB - Mofrr Backup
DCC - Don't Check Connected, ME - MDT Encap, MD - MDT Decap
MT - Crossed Data MDT threshold, MA - Data MDT Assigned
SAJ - BGP Source Active Joined, SAR - BGP Source Active Received,
SAS - BGP Source Active Sent, IM - Inband mLDP
Interface state: Name, Uptime, Fwd, Info
Interface flags: LI - Local Interest, LD - Local Dissinterest,
II - Internal Interest, ID - Internal Dissinterest,
LH - Last Hop, AS - Assert, AB - Admin Boundary, EX - Extranet,
BGP - BGP C-Multicast Join, BP - BGP Source Active Prune,
MVS - MVPN Safi Learned, MV6S - MVPN IPv6 Safi Learned
(*,224.0.1.40) DM Up: 00:57:46 RP: 0.0.0.0
JP: Null(never) RPF: Null,0.0.0.0 Flags: LH DSS
GigabitEthernet0/0/0/0.101 00:57:46 off LI II LH
(*,239.0.0.1) SM Up: 00:46:03 RP: 172.9.0.4
JP: Join(00:00:49) RPF: GigabitEthernet0/0/0/0.101,172.9.204.4 Flags:
mdtABC 00:46:03 fwd Join(00:02:44)
(*,239.0.0.2) SM Up: 00:30:30 RP: 172.9.0.4
JP: Join(00:00:19) RPF: GigabitEthernet0/0/0/0.101,172.9.204.4 Flags:
mdtABC 00:30:30 fwd Join(00:02:34)
(*,239.0.0.3) SM Up: 00:39:38 RP: 172.9.0.4
JP: Join(00:00:09) RPF: GigabitEthernet0/0/0/0.101,172.9.204.4 Flags:
mdtABC 00:39:38 fwd Join(00:02:36)
(*,239.0.0.20) SM Up: 00:38:54 RP: 172.9.0.4
JP: Join(now) RPF: GigabitEthernet0/0/0/0.101,172.9.204.4 Flags: LH
Loopback1 00:38:54 fwd LI II LH
RP/0/0/CPU0:XR2#show pim vrf ABC interface
Wed Oct 15 19:26:42.422 UTC
PIM interfaces in VRF ABC
Address Interface PIM Nbr Hello DR DR
Count Intvl Prior
9.9.0.20 mdtABC on 3 30 1 this system
172.9.0.20 Loopback1 on 1 30 1 this system
172.9.204.20 GigabitEthernet0/0/0/0.101 on 2 30 1 this system
RP/0/0/CPU0:XR2#show pim vrf ABC neighbor
Wed Oct 15 19:29:24.811 UTC
PIM neighbors in VRF ABC
Flag: B - Bidir capable, P - Proxy capable, DR - Designated Router,
E - ECMP Redirect capable
* indicates the neighbor created for this router
Neighbor Address Interface Uptime Expires DR pri Flags
172.9.204.4 GigabitEthernet0/0/0/0.101 01:00:40 00:01:36 1 P
172.9.204.20* GigabitEthernet0/0/0/0.101 01:00:41 00:01:18 1 (DR) B P E
172.9.0.20* Loopback1 01:09:30 00:01:20 1 (DR) B P E
9.9.0.2 mdtABC 00:55:06 00:01:31 1 P
9.9.0.3 mdtABC 00:50:29 00:01:23 1 P
9.9.0.20* mdtABC 00:55:12 00:01:29 1 (DR) P
RP/0/0/CPU0:XR2#show pim topology
Wed Oct 15 19:26:55.521 UTC
IP PIM Multicast Topology Table
Entry state: (*/S,G)[RPT/SPT] Protocol Uptime Info
Entry flags: KAT - Keep Alive Timer, AA - Assume Alive, PA - Probe Alive
RA - Really Alive, IA - Inherit Alive, LH - Last Hop
DSS - Don't Signal Sources, RR - Register Received
SR - Sending Registers, SNR - Sending Null Registers
E - MSDP External, EX - Extranet
MFA - Mofrr Active, MFP - Mofrr Primary, MFB - Mofrr Backup
DCC - Don't Check Connected, ME - MDT Encap, MD - MDT Decap
MT - Crossed Data MDT threshold, MA - Data MDT Assigned
SAJ - BGP Source Active Joined, SAR - BGP Source Active Received,
SAS - BGP Source Active Sent, IM - Inband mLDP
Interface state: Name, Uptime, Fwd, Info
Interface flags: LI - Local Interest, LD - Local Dissinterest,
II - Internal Interest, ID - Internal Dissinterest,
LH - Last Hop, AS - Assert, AB - Admin Boundary, EX - Extranet,
BGP - BGP C-Multicast Join, BP - BGP Source Active Prune,
MVS - MVPN Safi Learned, MV6S - MVPN IPv6 Safi Learned
(*,224.0.1.40) DM Up: 01:08:41 RP: 0.0.0.0
JP: Null(never) RPF: Null,0.0.0.0 Flags: LH DSS
Loopback0 01:08:41 off LI II LH
(*,239.111.111.111) SM Up: 01:07:26 RP: 9.9.0.20*
JP: Join(never) RPF: Decapstunnel0,9.9.0.20 Flags: LH
Loopback0 00:52:43 fwd LI LH
GigabitEthernet0/0/0/0.100 00:48:01 fwd Join(00:02:46)
GigabitEthernet0/0/0/0.102 01:07:26 fwd Join(00:03:00)
(9.9.0.2,239.111.111.111)RPT SM Up: 01:07:16 RP: 9.9.0.20*
JP: Prune(never) RPF: Decapstunnel0,9.9.0.20 Flags: KAT(00:02:14) RA RR (00:03:18)
GigabitEthernet0/0/0/0.100 00:47:37 off Prune(00:02:46)
GigabitEthernet0/0/0/0.102 01:07:16 off Prune(00:03:00)
(9.9.0.2,239.111.111.111)SPT SM Up: 01:07:16
JP: Join(00:00:03) RPF: GigabitEthernet0/0/0/0.102,9.9.202.2 Flags: KAT(00:02:14) RA RR (00:03:18)
No interfaces in immediate olist
(9.9.0.3,239.111.111.111)RPT SM Up: 00:48:00 RP: 9.9.0.20*
JP: Prune(never) RPF: Decapstunnel0,9.9.0.20 Flags: KAT(00:03:18) RA RR (00:04:20)
GigabitEthernet0/0/0/0.100 00:48:00 off Prune(00:02:46)
GigabitEthernet0/0/0/0.102 00:48:00 off Prune(00:03:00)
(9.9.0.3,239.111.111.111)SPT SM Up: 00:48:00
JP: Join(now) RPF: GigabitEthernet0/0/0/0.100,9.9.203.3 Flags: KAT(00:03:18) RA RR (00:04:20)
No interfaces in immediate olist
(9.9.0.20,239.111.111.111)SPT SM Up: 00:52:43
JP: Join(never) RPF: Loopback0,9.9.0.20* Flags: KAT(00:00:18) RA RR (00:04:16)
GigabitEthernet0/0/0/0.100 00:47:58 fwd Join(00:02:45)
GigabitEthernet0/0/0/0.102 00:52:37 fwd Join(00:03:06)
RP/0/0/CPU0:XR2#show pim interface
Wed Oct 15 19:27:18.869 UTC
PIM interfaces in VRF default
Address Interface PIM Nbr Hello DR DR
Count Intvl Prior
9.9.0.20 Loopback0 on 1 30 1 this system
9.9.203.20 GigabitEthernet0/0/0/0.100 on 2 30 1 this system
9.9.202.20 GigabitEthernet0/0/0/0.102 on 2 30 1 this system
Here is XR2 config:
hostname XR2
telnet vrf default ipv4 server max-servers 10
telnet vrf Management ipv4 server max-servers 10
cdp
vrf ABC
address-family ipv4 unicast
import route-target
1:1
!
export route-target
1:1
!
!
!
vrf Management
!
line console
exec-timeout 0 0
!
line default
exec-timeout 0 0
!
vty-pool default 0 99 line-template TELNET
interface Loopback0
ipv4 address 9.9.0.20 255.255.255.255
!
interface Loopback1
vrf ABC
ipv4 address 172.9.0.20 255.255.255.255
!
interface MgmtEth0/0/CPU0/0
vrf Management
ipv4 address 172.16.33.161 255.255.255.0
!
interface GigabitEthernet0/0/0/0
cdp
!
interface GigabitEthernet0/0/0/0.100
ipv4 address 9.9.203.20 255.255.255.0
encapsulation dot1q 100
!
interface GigabitEthernet0/0/0/0.101
vrf ABC
ipv4 address 172.9.204.20 255.255.255.0
encapsulation dot1q 101
!
interface GigabitEthernet0/0/0/0.102
ipv4 address 9.9.202.20 255.255.255.0
encapsulation dot1q 102
!
route-policy PASS
pass
end-policy
!
router static
vrf Management
address-family ipv4 unicast
0.0.0.0/0 172.16.33.254
!
!
!
router ospf 1
mpls ldp auto-config
area 0
interface Loopback0
passive enable
!
interface GigabitEthernet0/0/0/0.100
!
interface GigabitEthernet0/0/0/0.102
!
!
!
router ospf 10
vrf ABC
redistribute bgp 1
area 0
interface Loopback1
!
interface GigabitEthernet0/0/0/0.101
!
!
!
!
router bgp 1
address-family vpnv4 unicast
!
neighbor 9.9.0.2
remote-as 1
update-source Loopback0
address-family vpnv4 unicast
!
!
neighbor 9.9.0.3
remote-as 1
update-source Loopback0
address-family vpnv4 unicast
!
!
vrf ABC
rd 1:1
address-family ipv4 unicast
redistribute connected
redistribute ospf 10
!
!
!
mpls ldp
!
multicast-routing
address-family ipv4
mdt source Loopback0
interface all enable
!
vrf ABC
address-family ipv4
mdt default ipv4 239.111.111.111
interface all enable
!
!
!
router igmp
vrf ABC
interface Loopback1
join-group 239.0.0.20
!
!
!
router pim
address-family ipv4
bsr candidate-bsr 9.9.0.20 hash-mask-len 30 priority 1
bsr candidate-rp 9.9.0.20 priority 192 interval 60
!
!
end
Here is R4 config
hostname R4
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
ip source-route
no ip icmp rate-limit unreachable
!
!
!
!
no ip domain lookup
ip multicast-routing
ip cef
no ipv6 cef
!
!
multilink bundle-name authenticated
!
!
!
!
ip tcp synwait-time 5
!
!
!
!
!
!
interface Loopback0
ip address 172.9.0.4 255.255.255.255
ip pim sparse-mode
ip igmp join-group 239.0.0.4
!
interface Loopback1
no ip address
!
interface FastEthernet0/0
no ip address
shutdown
duplex half
!
interface Ethernet1/0
no ip address
shutdown
duplex half
!
interface Ethernet1/1
ip address 172.9.204.4 255.255.255.0
ip pim sparse-mode
duplex half
!
interface Ethernet1/2
no ip address
shutdown
duplex half
!
interface Ethernet1/3
no ip address
shutdown
duplex half
!
router ospf 1
log-adjacency-changes
network 0.0.0.0 255.255.255.255 area 0
!
!
!
no ip http server
no ip http secure-server
ip pim bsr-candidate Loopback0 0
ip pim rp-candidate Loopback0
!
!
!
!
control-plane
!
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
stopbits 1
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
stopbits 1
line vty 0 4
login
!
end
When I am doing the tests from XR2 or from R4 no multicast packets reach other routes, as if XR2 was not forwarding them via mdtABC interface.
RP/0/0/CPU0:XR2#sho pim vrf ABC top 239.0.0.1
Wed Oct 15 19:33:51.352 UTC
IP PIM Multicast Topology Table
Entry state: (*/S,G)[RPT/SPT] Protocol Uptime Info
Entry flags: KAT - Keep Alive Timer, AA - Assume Alive, PA - Probe Alive
RA - Really Alive, IA - Inherit Alive, LH - Last Hop
DSS - Don't Signal Sources, RR - Register Received
SR - Sending Registers, SNR - Sending Null Registers
E - MSDP External, EX - Extranet
MFA - Mofrr Active, MFP - Mofrr Primary, MFB - Mofrr Backup
DCC - Don't Check Connected, ME - MDT Encap, MD - MDT Decap
MT - Crossed Data MDT threshold, MA - Data MDT Assigned
SAJ - BGP Source Active Joined, SAR - BGP Source Active Received,
SAS - BGP Source Active Sent, IM - Inband mLDP
Interface state: Name, Uptime, Fwd, Info
Interface flags: LI - Local Interest, LD - Local Dissinterest,
II - Internal Interest, ID - Internal Dissinterest,
LH - Last Hop, AS - Assert, AB - Admin Boundary, EX - Extranet,
BGP - BGP C-Multicast Join, BP - BGP Source Active Prune,
MVS - MVPN Safi Learned, MV6S - MVPN IPv6 Safi Learned
(*,239.0.0.1) SM Up: 00:53:25 RP: 172.9.0.4
JP: Join(00:00:28) RPF: GigabitEthernet0/0/0/0.101,172.9.204.4 Flags:
mdtABC 00:53:25 fwd Join(00:03:15)
(172.9.0.20,239.0.0.1)SPT SM Up: 00:03:03
JP: Join(00:00:48) RPF: Loopback1,172.9.0.20* Flags: KAT(00:00:26) RA
No interfaces in immediate olist
R4#show ip mroute 239.0.0.1
IP Multicast Routing Table
Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected,
L - Local, P - Pruned, R - RP-bit set, F - Register flag,
T - SPT-bit set, J - Join SPT, M - MSDP created entry, E - Extranet,
X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement,
U - URD, I - Received Source Specific Host Report,
Z - Multicast Tunnel, z - MDT-data group sender,
Y - Joined MDT-data group, y - Sending to MDT-data group,
V - RD & Vector, v - Vector
Outgoing interface flags: H - Hardware switched, A - Assert winner
Timers: Uptime/Expires
Interface state: Interface, Next-Hop or VCD, State/Mode
(*, 239.0.0.1), 00:53:48/00:02:45, RP 172.9.0.4, flags: S
Incoming interface: Null, RPF nbr 0.0.0.0
Outgoing interface list:
Ethernet1/1, Forward/Sparse, 00:53:48/00:02:45
(172.9.0.20, 239.0.0.1), 00:03:24/00:02:00, flags: PT
Incoming interface: Ethernet1/1, RPF nbr 172.9.204.20
Outgoing interface list: Null
Any help is really appreciated!
↧
I'd like to add you to my professional network on LinkedIn
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||
↧
OSPF filtering with route-maps - anyone get it working filtering on route-source?
I spent ages on this - tried to get it working using a route-map that matched routes advertised by R4 using the route-source in the route-map, but no joy whatsoever. Anyone else have any success using this method?
I know this doesn't fulfil the task correctly btw, but it should work no?
ip prefix-list r4 seq 5 permit 150.1.4.4/32
route-map 146 deny 10
match ip route-source prefix-list r4
!
route-map 146 permit 20
router ospf 1
distribute-list route-map 146 in
↧
↧
MPLS BGP VPNv4 Loopback Addressing
Hey Guys,
Playing with MPLS recently I have found an interesting error message and troubleshooting problem that I would like some help with. If the loopback interface of a PE router has anything other than a /32 netmask the VPNv4 dosn't work. In fact, the router spits out an error message indicating that you might not have connectivity. From the customer routers I have routes in the routing table but no reachability until I fix the loopback interface to have a /32 netmask. Is this an MPLS requirement or a BGPv4 requirement? LDP protocl requirement? Is there a way around it?
Also, it appears that there is no way around using loopback interfaces for VPNv4 PE - PE peering. What's the reason for this?
From a troubleshooting perspective, any hints? Everything appears normal from what I can see. Of course, I'm sure I'm not looking at the right table output...
Thanks,
Micah
↧
6509 VSS Setup
Hello community,
I came across a VSS setup where the etherchannel ports used for VSS communication are configured as L3 ports and the Port-Channel interface is configured without an IP address:
int t1/1/1
no switchport
channel-group 11 mode on
!
interface Port-channel11
no switchport
no ip address
switch virtual link 1
Is this an acceptable configuration? I seems to work but I am a bit confused as to how the VSS members are maintaining the link by communicating with each other without an IP. Thoughts anyone?
Thanks in advance
↧
CCIE R&S study partner in Ottawa/Gatineau area
Hi there,
I just started studying for the lab and was wondering if there's anyone here in the Ottawa/Gatineau area who are interested in a study partner.
I use IOU and GNS3 for labs/mini-labs, have the INE CCIE Bundle, books, safarionline, etc but don't have hardware equipment, although work with switches and routers daily.
I'll be very honest and say that I don't want someone who will bail out in the middle of the journey.
Once we start I expect us to dedicate days, nights and weekends on this purpose, so please only contact me if you are *really* interested.
I plan to go for the lab in Aug/Sep 2015.
If you are game, just let me know!
M
↧
EIGRP not including connected routes when redistributing (IOU)
Hey Guys, I've been runnning into this problem a few times whilst labbing where if I redistribute EIGRP into OSPF, it doesn't include the connected links. I've just labbed this up using as simple a topology as I can;
R1 in the middle running EIGRP on the left and OSPF on the right
R6 on the left running EIGRP with R1 and advertising a loopback into EIGRP
R2 on the right running OSPF with R1 and advertising a loopback into OSPF
R1 is performing mutual redistribution between EIGRP and OSPF
From R2 in the OSPF domain, I can't see the link between R1 and R6 which I would have expected to be redistributed from EIGRP to OSPF
From R6 in EIGRP domain, I can see the link between R1 and R2, which is what I would expect
Am I missing something obvious here? I wouldn't expect something so fundamental to be a bug in IOU
Here's the relevant outputs from R6, R1 and R2 for anyone who's inclined :)
Using version 153-1.3.T
Any help appreciated
Cheers, Dom
R6#
R6#sh ip int brief | e unas
Interface IP-Address OK? Method Status Protocol
Ethernet0/0.16 172.16.61.6 YES TFTP up up
Loopback106 172.16.106.1 YES TFTP up up
R6#
R6#sh ip eigrp int
EIGRP-IPv4 Interfaces for AS(100)
Xmit Queue PeerQ Mean Pacing Time Multicast Pending
Interface Peers Un/Reliable Un/Reliable SRTT Un/Reliable Flow Timer Routes
Lo106 0 0/0 0/0 0 0/0 0 0
Et0/0.16 1 0/0 0/0 13 0/2 60 0
R6#
R6#
R6# sh ip eigrp neigh
EIGRP-IPv4 Neighbors for AS(100)
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
0 172.16.61.1 Et0/0.16 14 00:00:42 9 100 0 15
R6#
R6#
R6#
R6#sh run | s router eigrp
router eigrp 100
network 172.16.61.6 0.0.0.0
network 172.16.106.1 0.0.0.0
R6#
R6#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override
Gateway of last resort is not set
172.16.0.0/16 is variably subnetted, 8 subnets, 3 masks
D EX 172.16.12.0/24
[170/2560025856] via 172.16.61.1, 00:01:49, Ethernet0/0.16
C 172.16.61.0/24 is directly connected, Ethernet0/0.16
L 172.16.61.6/32 is directly connected, Ethernet0/0.16
D EX 172.16.102.1/32
[170/2560025856] via 172.16.61.1, 00:01:45, Ethernet0/0.16
C 172.16.106.0/24 is directly connected, Loopback106
L 172.16.106.1/32 is directly connected, Loopback106
R6#
R1#
R1#sh ip int brief | e unas
Interface IP-Address OK? Method Status Protocol
Ethernet0/1.12 172.16.12.1 YES TFTP up up
Ethernet0/1.16 172.16.61.1 YES TFTP up up
R1#
R1#sh ip eigrp int
EIGRP-IPv4 Interfaces for AS(100)
Xmit Queue PeerQ Mean Pacing Time Multicast Pending
Interface Peers Un/Reliable Un/Reliable SRTT Un/Reliable Flow Timer Routes
Et0/1.16 1 0/0 0/0 9 0/2 50 0
R1#
R1#sh ip eigrp neigh
EIGRP-IPv4 Neighbors for AS(100)
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
0 172.16.61.6 Et0/1.16 12 00:03:10 9 100 0 14
R1#
R1#sh run | s router eigrp
router eigrp 100
network 172.16.61.1 0.0.0.0
redistribute ospf 100 metric 1 1 1 1 1
R1#
R1#
R1#sh ip ospf int b
Interface PID Area IP Address/Mask Cost State Nbrs F/C
Et0/1.12 100 0 172.16.12.1/24 10 BDR 1/1
R1#
R1#
R1#sh ip ospf ne
Neighbor ID Pri State Dead Time Address Interface
172.16.241.2 1 FULL/DR 00:00:29 172.16.12.2 Ethernet0/1.12
R1#
R1#
R1#sh run | s router ospf
router ospf 100
redistribute eigrp 100 subnets
network 172.16.12.1 0.0.0.0 area 0
R1#
R1#
R1#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override
Gateway of last resort is not set
172.16.0.0/16 is variably subnetted, 6 subnets, 2 masks
C 172.16.12.0/24 is directly connected, Ethernet0/1.12
L 172.16.12.1/32 is directly connected, Ethernet0/1.12
C 172.16.61.0/24 is directly connected, Ethernet0/1.16
L 172.16.61.1/32 is directly connected, Ethernet0/1.16
O 172.16.102.1/32 [110/11] via 172.16.12.2, 00:06:43, Ethernet0/1.12
D 172.16.106.0/24 [90/409600] via 172.16.61.6, 00:00:35, Ethernet0/1.16
R1#
R1#
R2#sh ip int brief | e unas
Interface IP-Address OK? Method Status Protocol
Ethernet0/0.12 172.16.12.2 YES TFTP up up
Loopback102 172.16.102.1 YES TFTP up up
R2#
R2#
R2#sh ip ospf int b
Interface PID Area IP Address/Mask Cost State Nbrs F/C
Lo102 100 0 172.16.102.1/24 1 LOOP 0/0
Et0/0.12 100 0 172.16.12.2/24 10 DR 1/1
R2#
R2#
R2#
R2#sh ip ospf ne
Neighbor ID Pri State Dead Time Address Interface
172.16.241.1 1 FULL/BDR 00:00:38 172.16.12.1 Ethernet0/0.12
R2#
R2#
R2#sh run | s router ospf
router ospf 100
network 172.16.12.2 0.0.0.0 area 0
network 172.16.102.1 0.0.0.0 area 0
R2#
R2#
R2#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override
Gateway of last resort is not set
172.16.0.0/16 is variably subnetted, 5 subnets, 2 masks
C 172.16.12.0/24 is directly connected, Ethernet0/0.12
L 172.16.12.2/32 is directly connected, Ethernet0/0.12
C 172.16.102.0/24 is directly connected, Loopback102
L 172.16.102.1/32 is directly connected, Loopback102
O E2 172.16.106.0/24 [110/20] via 172.16.12.1, 00:13:16, Ethernet0/0.12
R2#
R2#
R2#
R2#sh ip ospf data | b Type-5
Type-5 AS External Link States
Link ID ADV Router Age Seq# Checksum Tag
172.16.106.0 172.16.241.1 274 0x80000009 0x008938 0
R2#
R2#
↧
↧
INE advanced tech lab generator spreadsheet
Hi all!
Props to user sdallspach (Steven) for creating this.
From any tab press F9 to generate a new list randomly. This is currently based off the labs that aren't pending updates.
↧
BGP 4-byte support
Hi all,
How can you tell from the output below if the router or the neighbors from which is learning the prefix is 4-byte aware?
I've seen this question somewere and I simultated this behavior on 2 routers, one being 4-byte aware and the other not. Its the same output, no difference.
Router#sh ip bgp
BGP table version is 3, local router ID is 150.1.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 150.1.2.2/32 1.2.3.4 0 100 0 65001 23231 10 i
r> 150.1.3.3/32 155.1.23.3 0 100 0 65001 23231 i
↧
INE's Wireshark Advanced Technologies Course
INE's Wireshark Advanced Technologies course is now available for download - only $299. All Access Pass members can stream within their accounts for free! This course will help prepare you for the WCNA exam!
Kind Regards,
Kristen Hansen
Technical Marketing | INE, Inc.
↧
How do you know which vlans to add?
Hi,
I have the first lab workbook for routing and switching and on the first exercise it says to add the vlan's to the switches. We are given a physical diagram and a layer 3 diagram but no layer 2 diagram. So I understand that I have to create one myself but there is no explanation as to how you do this in the lab. I've taken the CIERS class and they show you how to do this but it is a combination of looking at the layer 3 diagram and the layer 2 switching tasks which are not provided for this lab. Can someone please explain what process the INE instructor is expecting us to follow in order to know which VLANs go where?
↧
↧
VMWare NPIV and Cisco UCS
Hello Team,
I have one UCS Blade Running ESXi and I was trying to enable NPIV on a Virtual Machine in order to see the VM Flogi on the Fabric.
But I’m getting this error on the vmkernel every time I power up the VM:
~ # more /var/log/vmkernel.log | grep NPIV
2014-10-17T14:19:32.020Z cpu2:1239292)ScsiNpiv: 1149: NPIV vport rescan complete, [14:0] (0x4100060e96c0) [0x410012804260] status=0xbad0003
2014-10-17T16:26:05.647Z cpu14:1244751)ScsiNpiv: 1149: NPIV vport rescan complete, [14:0] (0x4100060e96c0) [0x410012804260] status=0xbad0003
2014-10-17T16:49:21.933Z cpu10:1245748)ScsiNpiv: 1149: NPIV vport rescan complete, [14:0] (0x4100060e96c0) [0x410012804260] status=0xbad0003
~ #
I found this document about the subject:
But I have the zoning correctly configured.
Is this supported ? I have the CNA M71KR-Q.
I see the FI and the EXSi Flogis on the Fabric.
Thanks.
Regards,
Antonio Soares, CCIE #18473 (RS/SP)
amsoares@netcabo.pt
↧
Phase 2 not coming up
Cant get phase 2 to come up between a cisco and checkpoint firewall. The proxy ACL and transform set seem to match but yet no workie. Anyone have an idea why?
Oct 17 15:11:10: ISAKMP:(42743):Total payload length: 12
Oct 17 15:11:10: ISAKMP:(42743): sending packet to 1.1.1.1 my_port 500 peer_port 500 (R) MM_KEY_EXCH
Oct 17 15:11:10: ISAKMP:(42743):Sending an IKE IPv4 Packet.
Oct 17 15:11:10: ISAKMP:(42743):Input = IKE_MESG_INTERNAL, IKE_PROCESS_COMPLETE
Oct 17 15:11:10: ISAKMP:(42743):Old State = IKE_R_MM5 New State = IKE_P1_COMPLETE
Oct 17 15:11:10: ISAKMP:(42743):Input = IKE_MESG_INTERNAL, IKE_PHASE1_COMPLETE
Oct 17 15:11:10: ISAKMP:(42743):Old State = IKE_P1_COMPLETE New State = IKE_P1_COMPLETE
Oct 17 15:11:10: ISAKMP (42743): received packet from 1.1.1.1 dport 500 sport 500 Global (R) QM_IDLE
Oct 17 15:11:10: ISAKMP: set new node 2928898679 to QM_IDLE
Oct 17 15:11:10: ISAKMP:(42743): processing HASH payload. message ID = 2928898679
Oct 17 15:11:10: ISAKMP:(42743): processing SA payload. message ID = 2928898679
Oct 17 15:11:10: ISAKMP:(42743):Checking IPSec proposal 1
Oct 17 15:11:10: ISAKMP: transform 1, ESP_AES
Oct 17 15:11:10: ISAKMP: attributes in transform:
Oct 17 15:11:10: ISAKMP: SA life type in seconds
Oct 17 15:11:10: ISAKMP: SA life duration (VPI) of 0x0 0x0 0xE 0x10
Oct 17 15:11:10: ISAKMP: authenticator is HMAC-SHA
Oct 17 15:11:10: ISAKMP: encaps is 1 (Tunnel)
Oct 17 15:11:10: ISAKMP: key length is 256
Oct 17 15:11:10: ISAKMP:(42743):atts are acceptable.
Oct 17 15:11:10: IPSEC(ipsec_process_proposal): peer address 1.1.1.1 not found
Oct 17 15:11:10: ISAKMP:(42743): IPSec policy invalidated proposal with error 64
Oct 17 15:11:10: ISAKMP:(42743): phase 2 SA policy not acceptable! (local 2.2.2.2 remote 1.1.1.1)
Oct 17 15:11:10: ISAKMP: set new node 2706240197 to QM_IDLE
Oct 17 15:11:10: ISAKMP:(42743):Sending NOTIFY PROPOSAL_NOT_CHOSEN protocol 3
spi 139643081102792, message ID = 2706240197
Oct 17 15:11:10: ISAKMP:(42743): sending packet to 1.1.1.1 my_port 500 peer_port 500 (R) QM_IDLE
Oct 17 15:11:10: ISAKMP:(42743):Sending an IKE IPv4 Packet.
Oct 17 15:11:10: ISAKMP:(42743):purging node 2706240197
Oct 17 15:11:10: %CRYPTO-5-IPSEC_SETUP_FAILURE: IPSEC SETUP FAILED for local:1.1.1.1 local_id:1.1.1.1 remote:2.2.2.2 remote_id:2.2.2.2 IKE profile:None fvrf:None fail_reason:IPSec Proposal failure fail_class_cnt:1
Oct 17 15:11:10: ISAKMP:(42743):deleting node 2928898679 error TRUE reason "QM rejected"
Oct 17 15:11:10: ISAKMP:(42743):Node 2928898679, Input = IKE_MESG_FROM_PEER, IKE_QM_EXCH
Oct 17 15:11:10: ISAKMP:(42743):Old State = IKE_QM_READY New State = IKE_QM_READY
Oct 17 15:11:10: ISAKMP (42743): received packet from 1.1.1.1 dport 500 sport 500 Global (R) QM_IDLE
Oct 17 15:11:10: ISAKMP: set new node 3169756681 to QM_IDLE
Oct 17 15:11:10: ISAKMP:(42743): processing HASH payload. message ID = 3169756681
Oct 17 15:11:10: ISAKMP:(42743): processing SA payload. message ID = 3169756681
Oct 17 15:11:10: ISAKMP:(42743):Checking IPSec proposal 1
Oct 17 15:11:10: ISAKMP: transform 1, ESP_AES
Oct 17 15:11:10: ISAKMP: attributes in transform:
Oct 17 15:11:10: ISAKMP: SA life type in seconds
Oct 17 15:11:10: ISAKMP: SA life duration (VPI) of 0x0 0x0 0xE 0x10
Oct 17 15:11:10: ISAKMP: authenticator is HMAC-SHA
Oct 17 15:11:10: ISAKMP: encaps is 1 (Tunnel)
Oct 17 15:11:10: ISAKMP: key length is 256
Oct 17 15:11:10: ISAKMP:(42743):atts are acceptable.
Oct 17 15:11:10: IPSEC(ipsec_process_proposal): peer address 1.1.1.1 not found
Oct 17 15:11:10: ISAKMP:(42743): IPSec policy invalidated proposal with error 64
Oct 17 15:11:10: ISAKMP:(42743): phase 2 SA policy not acceptable! (local 2.2.2.2 remote 1.1.1.1)
Oct 17 15:11:10: ISAKMP: set new node 1941872296 to QM_IDLE
Oct 17 15:11:10: ISAKMP:(42743):Sending NOTIFY PROPOSAL_NOT_CHOSEN protocol 3
spi 139643081102792, message ID = 1941872296
Oct 17 15:11:10: ISAKMP:(42743): sending packet to 1.1.1.1 my_port 500 peer_port 500 (R) QM_IDLE
Oct 17 15:11:10: ISAKMP:(42743):Sending an IKE IPv4 Packet.
Oct 17 15:11:10: ISAKMP:(42743):purging node 1941872296
Oct 17 15:11:10: ISAKMP:(42743):deleting node 3169756681 error TRUE reason "QM rejected"
Oct 17 15:11:10: ISAKMP:(42743):Node 3169756681, Input = IKE_MESG_FROM_PEER, IKE_QM_EXCH
Oct 17 15:11:10: ISAKMP:(42743):Old State = IKE_QM_READY New State = IKE_QM_READY
Oct 17 15:11:17: IPSEC(delete_sa): SA found saving DEL kmi
Oct 17 15:11:29: ISAKMP:(42742):purging node 1673756212
↧
6.1 IPv6 IGPs
ok this one has me stump.
I am not advertising the g1.210 interface of R10 into eigrpv6 but it shows up in eigrpv6 topology of R10 and also gets redistributed from eigrpv6 into ospfv3 and shows up on R11 - R15.
I can also ping this IPv6 prefix from R15. My question is how is this ipv6 prefix getting advertise into eigrpv6, redistributed into ospfv3 without me advertising it.
I have look everywhere but cannot find anything that would explain this behavior in eigrpv6. Anyone else reah this far in the lab and experience this. I am using CSR1000v`s running on ESXi 5.1.
Am I missing something?
R10#sh run | sec router
router eigrp EIGRP2
!
address-family ipv4 unicast autonomous-system 789
!
af-interface default
passive-interface
exit-af-interface
!
af-interface GigabitEthernet1.102
bfd
no passive-interface
exit-af-interface
!
topology base
redistribute bgp 65100 metric 1000000 10 255 1 1500 route-map REDIST-BGP
exit-af-topology
network 172.19.102.10 0.0.0.0
network 192.122.3.0
metric rib-scale 116
exit-address-family
!
address-family ipv6 unicast autonomous-system 789
!
af-interface default
passive-interface
exit-af-interface
!
af-interface GigabitEthernet1.102
no passive-interface
exit-af-interface
!
topology base
exit-af-topology
exit-address-family
R10#sh ipv6 eigrp topology
EIGRP-IPv6 VR(EIGRP2) Topology Table for AS(789)/ID(192.122.3.10)
Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,
r - reply Status, s - sia Status
P 2001:202:4:210::/64, 1 successors, FD is 1310720
via Connected, GigabitEthernet1.210
R10#sh run int g1.210
Building configuration...
Current configuration : 138 bytes
!
interface GigabitEthernet1.210
encapsulation dot1Q 210
ip address 202.4.210.10 255.255.255.0
ipv6 address 2001:202:4:210::10/64
R15#sh ipv6 route 2001:202:4:210::/64
Routing entry for 2001:202:4:210::/64
Known via "ospf 5", distance 110, metric 20, type extern 2
Route count is 2/2, share count 0
Routing paths:
FE80::250:56FF:FEB5:4596, GigabitEthernet1.134
Last updated 00:39:52 ago
FE80::250:56FF:FEB5:965, GigabitEthernet1.134
Last updated 00:26:40 ago
R15#ping ipv6 2001:202:4:210::10
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:202:4:210::10, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/2 ms
R15#
↧
"Future bookings need to be 35 minutes in advance."
It is currently 7:57.. :(
↧
↧
7.47 BGP Filtering with Extended Access-Lists
Hi,
We were told to deny prefixes with an even 3rd octet and that has a subnetmask of greater than /22.
SG says 0.0.0.0 255.255.254.255 255.255.252.0 0.0.3.255
Wouldn't this match on exactly a /22 as well? So it is Ge 22 instead of Ge 23?
Shouldn't we use 255.255.254.0 0.0.1.255?
↧
7.35 - BGP Aggregation - Attribute-Map
Hi,
I used set community internet. SG used set community none. Both should be valid answers right?
↧
Automatic reply: How do you know which vlans to add?
I'm out of the office on customer sites with limited access to email.
For engineering requests please email the EBS work Management mailbox (mailto: ebsworkmanagment@eircom.ie) and your request will be dealt with during normal business hours If you have a support contract and an urgent support issues please contact servicedesk@eircom.ie 1800 255 255
↧