Tag Archives: 3.7d

3.7.d Implement optimize and troubleshoot routing policies

3.7.d [iii] Outbound route filtering

screenshot

down arrow smaller

bgp_orf

read the opening paragraph from rfc5291 in the diagram:

or read the whole thing here: https://tools.ietf.org/html/rfc5291

configure bgp between AS 100 and AS 200; advertise the lo’s from PE1. debug bgp updates.

bgp_orf_01

bgp_cap_orf.type

turn on the orf capability for both sides:

bgp_orf_02

set up a prefix-list and make PE1 send only the routes you want.

bgp_orf_03

 what i like about the debug is you don’t need to check the bgp table…

if you don’t want to be all godzilla when you clear bgp, (like if it’s a production network) the softer way is illustrated below:

bgp_orf_04

have fun orf’ing off…

3.7.d Implement, optimize and troubleshoot routing policies

3.7.d [i] Attribute manipulation

tasks are on the diagram:

screenshot

the topology is here:

down arrow smaller

bgp_more_med

bgp_more_med_01

BGP doesn’t care that the serial link is slower. in this case the ethernet link was older.

bgp_more-med02

challenge!!!

reduce the routing table of AS-2000 so that it is only permitted 192.168.12.0 and 1.1.1.0 from R2, and only 1.1.1.0 from R3.  it’s routing table will look like this:

bgp_more-med_final_as200_table

the final config is below if needed.

bgp_more-med_final_cfg

3.7.d Implement, optimize and troubleshoot routing policies

3.7.d [i] Attribute manipulation

the tasks are on the diagram:

screenshot

download this:

down arrow smaller

bgp_as_path

before AS-PATH manipulation:

bgp_as-path_shows01

note the ttl from ebgp multi-hop set for 2

AS-11#sh run | i multi
neighbor 22.22.22.22 ebgp-multihop 2
neighbor 55.55.55.55 ebgp-multihop 2
AS-11#

bgp_wireshark_ttl_ebgp-multi

go to this link to analyze the cap yourself:

down arrow smaller

https://www.cloudshark.org/captures/c8eb006afb36

and this is the disable-connected:

https://www.cloudshark.org/captures/15a5b0847502

the next task is to change the path to 33.33.33.0 to use AS-55 using the AS-PATH attribute from AS-22:

AS-22(config-router)#neigh 11.11.11.11 route-map AS-PATH out
AS-22(config-router)#route-map AS-PATH permit 10
AS-22(config-route-map)#set as-path prepend 22 22 22 22 22
AS-22(config-route-map)#match ip add 33.33.33.0 0.0.0.255
AS-22(config-route-map)#route-map AS-PATH permit 20
AS-22(config-route-map)#access-list 1 permit 33.33.33.0 0.0.0.255
AS-22(config)#router bgp 22
AS-22(config-router)#neigh 11.11.11.11 route-map AS-PATH out
AS-22(config-router)#

bgp_as-path-prepend-result

below is an excellent tutorial from cisco.com:

http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_bgp/configuration/xe-3se/3850/irg-xe-3se-3850-book/irg-prefix-filter.html#topichead2

AS-33 will be set up in similar fashion; AS-11 will be slightly different.

i think the concept of inbound and outbound concerning these manipulations gives people headaches. i know it did me. and i also think it’s not explained very well.  try to think of it from the perspective of the advertising router. for instance, AS-11 will receive the 33 route directly from two sources, AS-22 and AS-55 (and indirectly from AS-33, the originator). however, from AS-22’s perspective it is receiving the route in from AS-33, and then advertising the route out, or toward AS-11. conversely, if we want to manipulate the route at AS-11, then the route will be incoming to AS-11 but the policy will be toward neighbor AS-22.

as in:

bgp_as-path-in

as with access-lists if desired, DO NOT FORGET the route-map permit at the end. that’ll bite you in the ass…

3.7.d Implement, optimize and troubleshoot routing policies

3.7.d [i] Attribute manipulation

questions, comments: arteq_2015@outlook.com

screenshot

download this…

down arrow smaller

bgp_med_always-compare-med

begin with the IGP; verify connectivity.

R1#sh cdp neigh det | i Device|IP
Device ID: R2
IP address: 192.168.12.2
Device ID: R3
IP address: 192.168.13.3

configure eigrp 100; include ONLY the directly connected networks, and loopback ZERO’s.

R1(config-router)#do sh ip route eigrp
2.0.0.0/24 is subnetted, 1 subnets
D       2.2.2.0 [90/156160] via 192.168.12.2, 00:00:53, FastEthernet0/0
3.0.0.0/24 is subnetted, 1 subnets
D       3.3.3.0 [90/156160] via 192.168.13.3, 00:00:26, FastEthernet1/0
R1(config-router)#

configure BGP for 65001; use the lo0‘s as update sources; ONLY advertise the loopbacks that are NOT lo0.

bgp_med_sh_bgp

configure R2 to send a metric of 200 for it’s advertised networks.

configure R3 to send a metric of 300 for it’s advertised networks.

either clear bgp or wait for rapture.

bgp_med_01

swap the metric values between R2 and R3. note that R1 now prefers the 100 network of R3, and the metric values of the other two networks have also changed.

bgp_3net_preferred.

specify that R2 and R3 send these metrics for the 100 network ONLY.

bgp_med_w_acl

note the 0 metrics for the 2 and 3 networks.

swap the metrics back so that R2 is again preferred by R1 for the 100 network, but this time use a network statement in BGP; no acl’s allowed.

bgp_med_net_statement

IBGP will always adhere to the metric set within it’s confines. if a better metric is set by EBGP, it will be ignored, unless… this is the point of always-compare-med…