Configure OSPF and verify connectivity on Cisco routers

6/16/2014
CCNP SP
SPROUTE
Mohammad Khalil
CCIE #35484 (R&S , SP)
WWW.NMSBOOST.COM
Abstract
The operating system used on most Cisco routers and switches is

IOS ,Cisco has introduced their new operating system : IOS XR
The main aim of this course is to provide hands-on experience to the

attendees of how to use the new IOS XR operating system with well
known technologies and protocols such as ISIS , OSPF , BGP and IPv6
in addition to the original IOS software
Candidates can prepare for this exam by taking the Deploying Cisco
Service Provider Network Routing (SPROUTE) course and can
practice technologies listed in the course topics by walking through
the labs presented here
The lab environment used consist of a powerful Desktop with Cisco

IOS XR .ova file which can be downbloaded from www.cisco.com ,
GNS3 , virtualBox and Cisco IOS image for both 3725 and 7200
series
To download softwares mentioned above
VirtualBox :
http://download.virtualbox.org/virtualbox/4.3.12/VirtualBox-
4.3.12-93733-Win.exe
GNS3 :
http://sourceforge.net/projects/gns-3/files/GNS3/0.8.6/GNS3-
0.8.6-all-in-one.exe/download
1
Table of Contents
OSPF I .................................................................................................................... 3
OSPF II.................................................................................................................. 40
ISIS ....................................................................................................................... 77
BGP .................................................................................................................... 100
Redistribution .................................................................................................... 130
Full Scale Lab ..................................................................................................... 144
2
OSPF I
Network Diagram
R1 192.168.102.0/24 XR1
19
2.
16
8.
21
.0
/
24
XR2 192.168.202.0/24
192.168.104.0/24
lo1
R2
Area 2
24
Area 1
0/
4.
20
8.
16
2.
19
R4
Area 0
Initial Configurations
R1
interface Loopback0
ip address 1.1.1.1 255.255.255.0
ipv6 address 2001::1/128
interface FastEthernet1/0
ip address 192.168.102.1 255.255.255.0
speed auto
duplex auto
ipv6 address 2001:192:102::1/64
no shutdown
R2
interface Loopback0
3
ip address 2.2.2.2 255.255.255.0
ip address 192.168.202.2 255.255.255.0
speed auto
duplex auto
ipv6 address 2001:192:202::2/64
no shutdown
R4
interface Loopback0
ip address 4.4.4.4 255.255.255.0
ip address 192.168.104.4 255.255.255.0
speed auto
duplex auto
ipv6 address 2001:192:104::4/64
no shutdown
ip address 192.168.204.4 255.255.255.0
speed auto
duplex auto
ipv6 address 2001:192:204::4/64
no shutdown
XR1
hostname XR1
cdp
interface Loopback0
ipv4 address 10.10.10.10 255.255.255.0
interface GigabitEthernet0/0/0/0
cdp
ipv4 address 192.168.102.10 255.255.255.0
ipv6 address 2001:192:102::10/64
duplex full
cdp
ipv4 address 192.168.104.10 255.255.255.0
ipv6 address 2001:192:104::10/64
4
cdp
ipv4 address 192.168.21.10 255.255.255.0
ipv6 address 2001:192:21::10/64
XR2
hostname XR2
cdp
interface Loopback0
ipv4 address 20.20.20.20 255.255.255.0
cdp
ipv4 address 192.168.202.20 255.255.255.0
ipv6 address 2001:192:202::20/64
cdp
ipv4 address 192.168.204.20 255.255.255.0
ipv6 address 2001:192:204::20/64
cdp
ipv4 address 192.168.21.20 255.255.255.0
ipv6 address 2001:192:21::20/64
5
Tasks
Task 1
Configure OSPFv2 accordning to the diagram and make sure you have full
connectivity
R1
router ospf 1
router-id 1.1.1.1
network 1.1.1.1 0.0.0.0 area 0
network 192.168.102.1 0.0.0.0 area 0
interface Loopback0
ip ospf network point-to-point
R2
router ospf 1
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 1
network 192.168.202.2 0.0.0.0 area 1
interface Loopback0
R4
router ospf 1
router-id 4.4.4.4
network 4.4.4.4 0.0.0.0 area 0
network 192.168.104.4 0.0.0.0 area 0
network 192.168.204.4 0.0.0.0 area 0
interface Loopback0
XR1
router ospf 1
router-id 10.10.10.10
area 0
interface Loopback0
network point-to-point
6
XR2
router ospf 1
router-id 20.20.20.20
area 0
interface Loopback0
area 1
Verifications
R1#sh ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface

10.10.10.10 1 FULL/BDR 00:00:33 192.168.102.10 FastEthernet1/0
R1#sh ip route ospf

Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
4.0.0.0/24 is subnetted, 1 subnets

O 4.4.4.0 [110/3] via 192.168.102.10, 00:03:24, FastEthernet1/0
O 192.168.21.0/24 [110/2] via 192.168.102.10, 00:03:34, FastEthernet1/0
O IA 192.168.202.0/24 [110/3] via 192.168.102.10, 00:02:01, FastEthernet1/0
7
R1#sh ip ospf database
OSPF Router with ID (1.1.1.1) (Process ID 1)
Router Link States (Area 0)
Link ID ADV Router Age Seq# Checksum Link count

1.1.1.1 1.1.1.1 223 0x80000004 0x00660C 2
4.4.4.4 4.4.4.4 137 0x80000006 0x007F41 3
10.10.10.10 10.10.10.10 129 0x80000003 0x0026F3 4
20.20.20.20 20.20.20.20 130 0x80000003 0x001668 3
Net Link States (Area 0)
Link ID ADV Router Age Seq# Checksum

192.168.21.10 10.10.10.10 129 0x80000001 0x00B55B
192.168.102.1 1.1.1.1 223 0x80000001 0x0077C1
192.168.104.4 4.4.4.4 225 0x80000001 0x004FCC
192.168.204.4 4.4.4.4 136 0x80000001 0x00F49A
Summary Net Link States (Area 0)

192.168.202.0 20.20.20.20 138 0x80000001 0x00D0E6

R2#sh ip route ospf


O IA 1.1.1.0 [110/4] via 192.168.202.20, 00:00:17, FastEthernet1/0
8

2.2.2.2 2.2.2.2 28 0x80000003 0x008219 2
20.20.20.20 20.20.20.20 29 0x80000002 0x004CC5 1

192.168.202.2 2.2.2.2 28 0x80000001 0x00178C

1.1.1.0 20.20.20.20 29 0x80000001 0x0029BD
4.4.4.0 20.20.20.20 29 0x80000001 0x00B22C
10.10.10.10 20.20.20.20 29 0x80000001 0x00754D
20.20.20.20 20.20.20.20 29 0x80000001 0x009DFD
192.168.21.0 20.20.20.20 29 0x80000001 0x009FCD
192.168.102.0 20.20.20.20 29 0x80000001 0x002BEF
192.168.104.0 20.20.20.20 29 0x80000001 0x001504
192.168.204.0 20.20.20.20 29 0x80000001 0x00BAFA

R4#sh ip route ospf

9

[110/2] via 192.168.104.10, 00:20:37, FastEthernet2/0

1.1.1.1 1.1.1.1 1246 0x80000004 0x00660C 2
4.4.4.4 4.4.4.4 1156 0x80000006 0x007F41 3
10.10.10.10 10.10.10.10 1151 0x80000003 0x0026F3 4
20.20.20.20 20.20.20.20 61 0x80000005 0x00126A 3

192.168.21.10 10.10.10.10 1151 0x80000001 0x00B55B
192.168.102.1 1.1.1.1 1247 0x80000001 0x0077C1
192.168.104.4 4.4.4.4 1245 0x80000001 0x004FCC
192.168.204.4 4.4.4.4 1156 0x80000001 0x00F49A

2.2.2.2 20.20.20.20 60 0x80000001 0x00E6FB
192.168.202.0 20.20.20.20 60 0x80000002 0x00CEE7
10
RP/0/0/CPU0:XR1#sh ospf neighbor
Tue May 27 13:25:25.687 UTC
* Indicates MADJ interface
Neighbors for OSPF 1

1.1.1.1 1 FULL/DR 00:00:34 192.168.102.1 GigabitEthernet0/0/0/0
Neighbor is up for 20:05:12
20.20.20.20 1 FULL/BDR 00:00:31 192.168.21.20
GigabitEthernet0/0/0/2
RP/0/0/CPU0:XR1#sh route ospf

Tue May 27 13:25:30.857 UTC
O 1.1.1.0/24 [110/2] via 192.168.102.1, 20:05:16, GigabitEthernet0/0/0/0

O IA 2.2.2.2/32 [110/3] via 192.168.21.20, 19:45:31, GigabitEthernet0/0/0/2
[110/2] via 192.168.104.4, 20:03:41, GigabitEthernet0/0/0/1
RP/0/0/CPU0:XR1#sh ospf database

Tue May 27 13:25:34.467 UTC

1.1.1.1 1.1.1.1 40 0x80000028 0x001e30 2
4.4.4.4 4.4.4.4 153 0x8000002a 0x003765 3
10.10.10.10 10.10.10.10 75 0x80000027 0x00dd18 4
20.20.20.20 20.20.20.20 762 0x80000028 0x00cb8d 3

192.168.21.10 10.10.10.10 75 0x80000025 0x006d7f
192.168.102.1 1.1.1.1 40 0x80000025 0x002fe5
192.168.104.4 4.4.4.4 406 0x80000025 0x0007f0
192.168.204.4 4.4.4.4 153 0x80000025 0x00acbe
11

2.2.2.2 20.20.20.20 762 0x80000024 0x00a01f
192.168.202.0 20.20.20.20 762 0x80000025 0x00880b

Tue May 27 13:25:57.255 UTC


Tue May 27 13:26:00.485 UTC

1.1.1.1 1.1.1.1 65 0x80000028 0x001e30 2
4.4.4.4 4.4.4.4 176 0x8000002a 0x003765 3
10.10.10.10 10.10.10.10 100 0x80000027 0x00dd18 4
20.20.20.20 20.20.20.20 785 0x80000028 0x00cb8d 3

192.168.21.10 10.10.10.10 100 0x80000025 0x006d7f
192.168.102.1 1.1.1.1 65 0x80000025 0x002fe5
192.168.104.4 4.4.4.4 429 0x80000025 0x0007f0
192.168.204.4 4.4.4.4 176 0x80000025 0x00acbe

2.2.2.2 20.20.20.20 785 0x80000024 0x00a01f
192.168.202.0 20.20.20.20 785 0x80000025 0x00880b
12
2.2.2.2 2.2.2.2 347 0x80000027 0x003a3d 2
20.20.20.20 20.20.20.20 785 0x80000025 0x0006e8 1

192.168.202.2 2.2.2.2 835 0x80000024 0x00d0af

1.1.1.0 20.20.20.20 785 0x80000024 0x00e2e0
4.4.4.0 20.20.20.20 785 0x80000024 0x006c4f
10.10.10.10 20.20.20.20 785 0x80000024 0x002f70
20.20.20.20 20.20.20.20 785 0x80000024 0x005721
192.168.21.0 20.20.20.20 785 0x80000024 0x0059f0
192.168.102.0 20.20.20.20 785 0x80000024 0x00e413
192.168.104.0 20.20.20.20 785 0x80000024 0x00ce27
192.168.204.0 20.20.20.20 785 0x80000024 0x00741e
Now , let us write a small TCL script to check connectivity to all active interfaces on all
routers in the OSPF domain
R1#tclsh
R1(tcl)#foreach x {
+>(tcl)#192.168.102.1
+>(tcl)#1.1.1.1
+>(tcl)#192.168.202.2
+>(tcl)#2.2.2.2
+>(tcl)#192.168.104.4
+>(tcl)#192.168.204.4
+>(tcl)#4.4.4.4
+>(tcl)#10.10.10.10
+>(tcl)#192.168.102.10
+>(tcl)#192.168.104.10
+>(tcl)#192.168.21.10
+>(tcl)#20.20.20.20
+>(tcl)#192.168.202.20
+>(tcl)#192.168.204.20
+>(tcl)#192.168.21.20
+>(tcl)#} { ping $x source lo0 }
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.102.1, timeout is 2 seconds:
Packet sent with a source address of 1.1.1.1
!!!!!
13
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/6/16 ms
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
14
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
RP/0/0/CPU0:XR1#run tclsh
Tue May 27 13:33:53.222 UTC
% foreach x {
192.168.102.1
1.1.1.1
192.168.202.2
2.2.2.2
192.168.104.4
192.168.204.4
4.4.4.4
10.10.10.10
192.168.102.10
192.168.104.10
192.168.21.10
20.20.20.20
192.168.202.20
192.168.204.20
192.168.21.20
} { ping $x }
!!!!!
15
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
16
!!!!!
!!!!!
!!!!!
Task 2
Configure OSPFv3 accordning to the diagram and make sure you have full
connectivity
R1
router ospfv3 1
router-id 1.1.1.1
int lo0
ospfv3 1 ipv6 area 0
int f1/0
R2
router ospfv3 1
router-id 2.2.2.2
int lo0
int f1/0
R4
router ospfv3 1
router-id 4.4.4.4
int lo0
int f2/1
int f2/0
XR1
router ospfv3 1
router-id 10.10.10.10
17
area 0
interface Loopback0
XR2
router ospfv3 1
router-id 20.20.20.20
area 0
interface Loopback0
area 1
Verifications
R1#sh ospfv3 neighbor
OSPFv3 1 address-family ipv6 (router-id 1.1.1.1)
Neighbor ID Pri State Dead Time Interface ID Interface

10.10.10.10 1 FULL/BDR 00:00:32 4 FastEthernet1/0
R1#sh ipv6 route ospf

IPv6 Routing Table - default - 12 entries
Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
B - BGP, R - RIP, H - NHRP, I1 - ISIS L1
I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary, D - EIGRP
EX - EIGRP external, ND - ND Default, NDp - ND Prefix, DCE - Destination
NDr - Redirect, O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1
OE2 - OSPF ext 2, ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2, l - LISP
OI 2001::2/128 [110/3]
via FE80::A00:27FF:FE35:643D, FastEthernet1/0
O 2001::4/128 [110/2]
O 2001::10/128 [110/1]
O 2001::20/128 [110/2]
18
O 2001:192:21::/64 [110/2]
O 2001:192:104::/64 [110/2]
OI 2001:192:202::/64 [110/3]
O 2001:192:204::/64 [110/3]
R1#sh ospfv3 database
ADV Router Age Seq# Fragment ID Link count Bits

1.1.1.1 1187 0x80000003 0 1 None
4.4.4.4 953 0x80000004 0 2 None
10.10.10.10 1032 0x80000004 0 3 None
20.20.20.20 991 0x80000003 0 2 B
ADV Router Age Seq# Link ID Rtr count

1.1.1.1 1187 0x80000002 3 2
4.4.4.4 1206 0x80000002 5 2
4.4.4.4 953 0x80000002 6 2
10.10.10.10 1032 0x80000002 6 2
Inter Area Prefix Link States (Area 0)
ADV Router Age Seq# Prefix

20.20.20.20 991 0x80000002 2001:192:202::/64
20.20.20.20 991 0x80000002 2001::2/128
Link (Type-8) Link States (Area 0)
ADV Router Age Seq# Link ID Interface

1.1.1.1 1430 0x80000002 3 Fa1/0
10.10.10.10 1032 0x80000002 4 Fa1/0
Intra Area Prefix Link States (Area 0)
ADV Router Age Seq# Link ID Ref-lstype Ref-LSID

1.1.1.1 1187 0x80000004 0 0x2001 0
1.1.1.1 1187 0x80000002 3072 0x2002 3
4.4.4.4 953 0x80000006 0 0x2001 0
19
4.4.4.4 1206 0x80000002 5120 0x2002 5
4.4.4.4 953 0x80000002 6144 0x2002 6
10.10.10.10 1670 0x80000001 0 0x2001 0
10.10.10.10 1032 0x80000002 6144 0x2002 6
20.20.20.20 1393 0x80000001 0 0x2001 0


OI 2001::1/128 [110/3]
via FE80::A00:27FF:FEDC:8C08, FastEthernet1/0
OI 2001::4/128 [110/2]
OI 2001::10/128 [110/2]
OI 2001::20/128 [110/1]
OI 2001:192:21::/64 [110/2]
OI 2001:192:102::/64 [110/3]
OI 2001:192:104::/64 [110/3]
OI 2001:192:204::/64 [110/2]

2.2.2.2 987 0x80000003 0 1 None
20.20.20.20 1046 0x80000003 0 1 B
20

2.2.2.2 987 0x80000002 3 2

20.20.20.20 1045 0x80000002 2001:192:21::/64
20.20.20.20 1045 0x80000002 2001:192:204::/64
20.20.20.20 1045 0x80000002 2001:192:102::/64
20.20.20.20 1045 0x80000002 2001:192:104::/64
20.20.20.20 1045 0x80000002 2001::1/128
20.20.20.20 1045 0x80000002 2001::4/128
20.20.20.20 1726 0x80000001 2001::10/128
20.20.20.20 1447 0x80000001 2001::20/128

2.2.2.2 1237 0x80000002 3 Fa1/0
20.20.20.20 1045 0x80000002 3 Fa1/0

2.2.2.2 987 0x80000004 0 0x2001 0
2.2.2.2 987 0x80000002 3072 0x2002 3


O 2001::1/128 [110/2]
21
via FE80::A00:27FF:FEE6:12E, FastEthernet2/0
OI 2001::2/128 [110/2]
via FE80::A00:27FF:FE6F:8FE6, FastEthernet2/1
O 2001::10/128 [110/1]
O 2001::20/128 [110/1]
O 2001:192:21::/64 [110/2]
O 2001:192:102::/64 [110/2]
OI 2001:192:202::/64 [110/2]

1.1.1.1 1272 0x80000003 0 1 None
4.4.4.4 1034 0x80000004 0 2 None
10.10.10.10 1115 0x80000004 0 3 None
20.20.20.20 1073 0x80000003 0 2 B

1.1.1.1 1272 0x80000002 3 2
4.4.4.4 1286 0x80000002 5 2
4.4.4.4 1034 0x80000002 6 2
10.10.10.10 1115 0x80000002 6 2

20.20.20.20 1073 0x80000002 2001:192:202::/64
20.20.20.20 1073 0x80000002 2001::2/128

4.4.4.4 1286 0x80000002 5 Fa2/0
10.10.10.10 1114 0x80000002 5 Fa2/0
4.4.4.4 1286 0x80000002 6 Fa2/1
22
20.20.20.20 1073 0x80000002 4 Fa2/1

1.1.1.1 1272 0x80000004 0 0x2001 0
1.1.1.1 1272 0x80000002 3072 0x2002 3
4.4.4.4 1034 0x80000006 0 0x2001 0
4.4.4.4 1286 0x80000002 5120 0x2002 5
4.4.4.4 1034 0x80000002 6144 0x2002 6
10.10.10.10 1753 0x80000001 0 0x2001 0
10.10.10.10 1114 0x80000002 6144 0x2002 6
20.20.20.20 1474 0x80000001 0 0x2001 0
RP/0/0/CPU0:XR1#sh ospfv3 neighbor

Tue May 27 14:48:51.234 UTC
Neighbors for OSPFv3 1

1.1.1.1 1 FULL/DR 00:00:35 3 GigabitEthernet0/0/0/0
20.20.20.20 1 FULL/BDR 00:00:34 5 GigabitEthernet0/0/0/2
Total neighbor count: 3
RP/0/0/CPU0:XR1#sh ospfv3 routes

Tue May 27 14:48:55.794 UTC
Topology Table for OSPFv3 1 with ID 10.10.10.10
* 2001::1/128, Intra, cost 1/0, area 0

GigabitEthernet0/0/0/0, fe80::c800:aaff:fe60:1c
* 2001::2/128, Inter, cost 2/0, area 0
GigabitEthernet0/0/0/2, fe80::a00:27ff:fe59:7f87
20.20.20.20/1
* 2001::4/128, Intra, cost 1/0, area 0
GigabitEthernet0/0/0/1, fe80::c802:69ff:fec0:38
* 2001::10/128, Intra, cost 0/0, area 0
Loopback0, connected
* 2001::20/128, Intra, cost 1/0, area 0
* 2001:192:21::/64, Intra, cost 1/0, area 0
GigabitEthernet0/0/0/2, connected
23
* 2001:192:102::/64, Intra, cost 1/0, area 0
* 2001:192:104::/64, Intra, cost 1/0, area 0
* 2001:192:202::/64, Inter, cost 2/0, area 0
20.20.20.20/0
* 2001:192:204::/64, Intra, cost 2/0, area 0
RP/0/0/CPU0:XR1#sh ospfv3 database

Tue May 27 14:49:01.824 UTC
OSPFv3 Router with ID (10.10.10.10) (Process ID 1)

1.1.1.1 31 0x80000004 0 1 None
4.4.4.4 1808 0x80000004 0 2 None
10.10.10.10 1887 0x80000004 0 3 None
20.20.20.20 1846 0x80000003 0 2 B

1.1.1.1 31 0x80000003 3 2
4.4.4.4 19 0x80000003 5 2
4.4.4.4 1808 0x80000002 6 2
10.10.10.10 1887 0x80000002 6 2

20.20.20.20 1846 0x80000002 2001:192:202::/64
20.20.20.20 1846 0x80000002 2001::2/128

1.1.1.1 288 0x80000003 3 Gi0/0/0/0
10.10.10.10 1887 0x80000002 4 Gi0/0/0/0
4.4.4.4 19 0x80000003 5 Gi0/0/0/1
10.10.10.10 1887 0x80000002 5 Gi0/0/0/1
10.10.10.10 1887 0x80000002 6 Gi0/0/0/2
20.20.20.20 1846 0x80000002 5 Gi0/0/0/2
24

1.1.1.1 31 0x80000005 0 0x2001 0
1.1.1.1 31 0x80000003 3072 0x2002 3
4.4.4.4 1808 0x80000006 0 0x2001 0
4.4.4.4 19 0x80000003 5120 0x2002 5
4.4.4.4 1808 0x80000002 6144 0x2002 6
10.10.10.10 606 0x80000002 0 0x2001 0
10.10.10.10 1887 0x80000002 6144 0x2002 6
20.20.20.20 332 0x80000002 0 0x2001 0
RP/0/0/CPU0:XR2#sh ospfv3 neighbor

Tue May 27 14:49:37.471 UTC
Neighbors for OSPFv3 1

RP/0/0/CPU0:XR2#sh ospfv3 routes

Tue May 27 14:49:43.361 UTC
Topology Table for OSPFv3 1 with ID 20.20.20.20
* 2001::1/128, Intra, cost 2/0, area 0

GigabitEthernet0/0/0/2, fe80::a00:27ff:fe1f:7011
* 2001::2/128, Intra, cost 1/0, area 1
GigabitEthernet0/0/0/0, fe80::c801:aaff:fe60:1c
* 2001::4/128, Intra, cost 1/0, area 0
* 2001::10/128, Intra, cost 1/0, area 0
* 2001::20/128, Intra, cost 0/0, area 0
Loopback0, connected
* 2001:192:21::/64, Intra, cost 1/0, area 0
* 2001:192:102::/64, Intra, cost 2/0, area 0
25
* 2001:192:104::/64, Intra, cost 2/0, area 0
* 2001:192:202::/64, Intra, cost 1/0, area 1
* 2001:192:204::/64, Intra, cost 1/0, area 0
RP/0/0/CPU0:XR2#sh ospfv3 database

Tue May 27 14:49:46.390 UTC
OSPFv3 Router with ID (20.20.20.20) (Process ID 1)

1.1.1.1 73 0x80000004 0 1 None
4.4.4.4 1850 0x80000004 0 2 None
10.10.10.10 1930 0x80000004 0 3 None
20.20.20.20 1887 0x80000003 0 2 B

1.1.1.1 73 0x80000003 3 2
4.4.4.4 61 0x80000003 5 2
4.4.4.4 1850 0x80000002 6 2
10.10.10.10 1930 0x80000002 6 2

20.20.20.20 1887 0x80000002 2001:192:202::/64
20.20.20.20 1887 0x80000002 2001::2/128

4.4.4.4 61 0x80000003 6 Gi0/0/0/1
20.20.20.20 1887 0x80000002 4 Gi0/0/0/1
10.10.10.10 1929 0x80000002 6 Gi0/0/0/2
20.20.20.20 1887 0x80000002 5 Gi0/0/0/2

1.1.1.1 73 0x80000005 0 0x2001 0
26
1.1.1.1 73 0x80000003 3072 0x2002 3
4.4.4.4 1850 0x80000006 0 0x2001 0
4.4.4.4 61 0x80000003 5120 0x2002 5
4.4.4.4 1850 0x80000002 6144 0x2002 6
10.10.10.10 648 0x80000002 0 0x2001 0
10.10.10.10 1929 0x80000002 6144 0x2002 6
20.20.20.20 372 0x80000002 0 0x2001 0

2.2.2.2 1830 0x80000003 0 1 None
20.20.20.20 1887 0x80000003 0 1 B

2.2.2.2 1830 0x80000002 3 2

20.20.20.20 1887 0x80000002 2001:192:21::/64
20.20.20.20 1887 0x80000002 2001:192:204::/64
20.20.20.20 1887 0x80000002 2001:192:102::/64
20.20.20.20 1887 0x80000002 2001:192:104::/64
20.20.20.20 1887 0x80000002 2001::1/128
20.20.20.20 1887 0x80000002 2001::4/128
20.20.20.20 617 0x80000002 2001::10/128
20.20.20.20 372 0x80000002 2001::20/128

2.2.2.2 61 0x80000003 3 Gi0/0/0/0
20.20.20.20 1887 0x80000002 3 Gi0/0/0/0

2.2.2.2 1830 0x80000004 0 0x2001 0
2.2.2.2 1830 0x80000002 3072 0x2002 3
R1#tclsh
R1(tcl)#foreach x {
+>(tcl)#2001:192:102::1
+>(tcl)#2001:192:102::10
27
+>(tcl)#2001:192:21::10
+>(tcl)#2001:192:21::20
+>(tcl)#2001:192:104::10
+>(tcl)#2001:192:104::4
+>(tcl)#2001:192:204::20
+>(tcl)#2001:192:204::4
+>(tcl)#2001:192:202::2
+>(tcl)#2001:192:202::20
+>(tcl)#2001::1
+>(tcl)#2001::2
+>(tcl)#2001::4
+>(tcl)#2001::10
+>(tcl)#2001::20
Sending 5, 100-byte ICMP Echos to 2001:192:102::1, timeout is 2 seconds:
Packet sent with a source address of 2001::1
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
28
!!!!!
!!!!!
!!!!!
!!!!!
Sending 5, 100-byte ICMP Echos to 2001::1, timeout is 2 seconds:
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
29
Task 3
R1 is the DR for the shared segment with XR1 , configure XR1 in order for it to
take the DR role for OSPFv2 process

XR1
router ospf 1
area 0
interface Gi0/0/0/0
priority 10
R1#clear ip ospf process

Reset ALL OSPF processes? [no]: yes

10.10.10.10 10 FULL/DR 00:00:39 192.168.102.10 FastEthernet1/0
RP/0/0/CPU0:XR1#sh ospf interface gigabitEthernet 0/0/0/0

Tue May 27 14:55:48.316 UTC
GigabitEthernet0/0/0/0 is up, line protocol is up

Internet Address 192.168.102.10/24, Area 0
Process ID 1, Router ID 10.10.10.10, Network Type BROADCAST, Cost: 1
Transmit Delay is 1 sec, State DR, Priority 10, MTU 1500, MaxPktSz 1500
Designated Router (ID) 10.10.10.10, Interface address 192.168.102.10
Backup Designated router (ID) 1.1.1.1, Interface address 192.168.102.1
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
Hello due in 00:00:07
Index 2/2, flood queue length 0
Next 0(0)/0(0)
Last flood scan length is 2, maximum is 2
Last flood scan time is 0 msec, maximum is 0 msec
LS Ack List: current length 0, high water mark 5
Neighbor Count is 1, Adjacent neighbor count is 1
Adjacent with neighbor 1.1.1.1 (Backup Designated Router)
Suppress hello for 0 neighbor(s)
Multi-area interface Count is 0
30
Task 4
R2 is elected as the DR for the shared segment with XR2 , configure XR2 to
take the DR role for the OSPFv3 process

XR2
router ospfv3 1
area 1
interface Gi0/0/0/0
priority 10
R2#clear ospfv3 process

Reset selected OSPFv3 processes? [no]: yes

20.20.20.20 10 FULL/DR 00:00:37 3 FastEthernet1/0
RP/0/0/CPU0:XR2#sh ospfv3 interface gigabitEthernet 0/0/0/0

Tue May 27 14:58:28.285 UTC

Link Local address fe80::a00:27ff:fedc:8c08, Interface ID 3
Area 1, Process ID 1, Instance ID 0, Router ID 20.20.20.20
Network Type BROADCAST, Cost: 1
Transmit Delay is 1 sec, State DR, Priority 10
Designated Router (ID) 20.20.20.20, local address fe80::a00:27ff:fedc:8c08
Backup Designated router (ID) 2.2.2.2, local address fe80::c801:aaff:fe60:1c
Index 0/1/1, flood queue length 0
Next 0(0)/0(0)/0(0)
31
Reference count is 5
Task 5
XR2 is learning the prefix 192.168.104.0/24 via two equal cost paths

Tue May 27 15:53:28.149 UTC

RP/0/0/CPU0:XR2#sh route 192.168.104.0/24

Tue May 27 15:54:17.115 UTC
Routing entry for 192.168.104.0/24

Known via "ospf 1", distance 110, metric 2, type intra area
Installed May 26 17:21:50.974 for 22:32:26
Routing Descriptor Blocks
192.168.204.4, from 4.4.4.4, via GigabitEthernet0/0/0/1
Route metric is 2
Route metric is 2
No advertising protos.
Make sure that XR2 is preferring the link via R4 , changes should be done on the IOS
XR routers
The change we are going to make is related to the OSPF interface cost
RP/0/0/CPU0:XR2#sh ospf interface Gi0/0/0/1 | include Cost

Tue May 27 15:59:11.315 UTC
RP/0/0/CPU0:XR2#sh ospf interface Gi0/0/0/2 | include Cost
Tue May 27 15:59:15.055 UTC
XR2
router ospf 1
area 0
interface Gi0/0/0/2
32
cost 10
XR1
router ospf 1
area 0
interface Gi0/0/0/2
cost 10

Tue May 27 16:00:40.799 UTC

RP/0/0/CPU0:XR2#sh route 192.168.104.0/24

Tue May 27 16:00:58.158 UTC

Route metric is 2
Task 6
Enable MD5 authentication between XR2 and R4 for OSPFv2 process
R4
int fastEthernet 2/1
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 cisco
R4#
*May 27 16:05:55.246: %OSPF-5-ADJCHG: Process 1, Nbr 20.20.20.20 on
FastEthernet2/1 from FULL to DOWN, Neighbor Down: Dead timer expired
XR2
router ospf 1
area 0
authentication message-digest
message-digest-key 1 md5 cisco
33
R4#
FastEthernet2/1 from LOADING to FULL, Loading Done
R4#sh ip ospf interface fastEthernet 2/1

FastEthernet2/1 is up, line protocol is up
Internet Address 192.168.204.4/24, Area 0, Attached via Network Statement
Topology-MTID Cost Disabled Shutdown Topology Name
0 1 no no Base
Transmit Delay is 1 sec, State BDR, Priority 1
Flush timer for old DR LSA due in 00:02:19
oob-resync timeout 40
Supports Link-local Signaling (LLS)
Cisco NSF helper support enabled
IETF NSF helper support enabled
Next 0x0(0)/0x0(0)
Adjacent with neighbor 20.20.20.20 (Designated Router)
Message digest authentication enabled
Youngest key id is 1
RP/0/0/CPU0:XR2#sh ospf interface GigabitEthernet0/0/0/1

Tue May 27 16:08:28.087 UTC

Next 0(0)/0(0)
34
Task 7
Enable clear text authentication between XR1 and R1 for OSPFv2 process
R1
int f1/0
ip ospf authentication
ip ospf authentication-key cisco
R1#
XR1
router ospf 1
area 0
authentication
authentication-key cisco
R1#

0 1 no no Base
35
Next 0x0(0)/0x0(0)
Simple password authentication enabled

Tue May 27 16:12:44.049 UTC

Next 0(0)/0(0)
Clear text authentication enabled
Task 8
Enable MD5 authentication between XR1 and R1 for OSPFv3 process
R1
ospfv3 authentication ipsec spi 256 md5 ABCABCABCABCABCABCABCABCABCABCAB
R1#
*May 27 16:14:53.142: %OSPFv3-5-ADJCHG: Process 1, IPv6, Nbr 10.10.10.10 on
XR1
router ospfv3 1
area 0
authentication ipsec spi 256 md5 ABCABCABCABCABCABCABCABCABCABCAB
36
R1#
*May 27 16:15:39.274: %OSPFv3-5-ADJCHG: Process 1, IPv6, Nbr 10.10.10.10 on
R1#sh ospfv3 interface fastEthernet 1/0

Link Local Address FE80::C800:AAFF:FE60:1C, Interface ID 3
MD5 authentication SPI 256, secure socket UP (errors: 0)
Designated Router (ID) 10.10.10.10, local address FE80::A00:27FF:FE35:643D
Backup Designated router (ID) 1.1.1.1, local address FE80::C800:AAFF:FE60:1C
Graceful restart helper support enabled
Next 0x0(0)/0x0(0)/0x0(0)
RP/0/0/CPU0:XR1#sh ospfv3 interface GigabitEthernet0/0/0/0

Tue May 27 16:17:04.612 UTC
GigabitEthernet0/0/0/0 is up, line protocol is up, ipsec is up

Link Local address fe80::a00:27ff:fe35:643d, Interface ID 4
AH Authentication MD5, SPI 256
Transmit Delay is 1 sec, State DR, Priority 1
Designated Router (ID) 10.10.10.10, local address fe80::a00:27ff:fe35:643d
Backup Designated router (ID) 1.1.1.1, local address fe80::c800:aaff:fe60:1c
Next 0(0)/0(0)/0(0)
Reference count is 5
37
Task 9
Configure new loopback interface on R2 , advertise it in area 2 and make sure
R1 install it in its routing table
R2
int lo1
ip add 22.22.22.22 255.255.255.255
router ospf 1
network 22.22.22.22 0.0.0.0 area 2
R2#sh ip ospf interface brief | inc Lo1

Lo1 1 2 22.22.22.22/32 1 LOOP 0/0
R1#sh ip route ospf | inc 22.

R1#
As we can see , the prefix is not installed in R1 routing table
If we looked deep the topology , we can find that we have discontiguos area (area 2 is
not connected directly the backbone area)
This is solved using virtual links , in order for us to correctly establish virtual links , we
have to determine the ABR and their respective router-IDs and the transit area
In our topology we have XR2 as ABR and R2 as well , the transit area will be area 1
R2#sh ip ospf | inc ID

Routing Process "ospf 1" with ID 2.2.2.2
RP/0/0/CPU0:XR2#sh ospf | inc ID

Tue May 27 16:24:55.119 UTC
R2
router ospf 1
area 1 virtual-link 20.20.20.20
RP/0/0/CPU0:XR2#RP/0/0/CPU0:May 27 16:25:18.458 : ospf[1014]: %ROUTING-

OSPF-4-ERRRCV : Received invalid packet: mismatch area ID, from backbone area
must be virtual-link but not found from 192.168.202.2, GigabitEthernet0/0/0/0
XR2
router ospf 1
area 1
virtual-link 2.2.2.2
38
R2#
*May 27 16:26:13.805: %OSPF-5-ADJCHG: Process 1, Nbr 20.20.20.20 on OSPF_VL0
from LOADING to FULL, Loading Done

20.20.20.20 0 FULL/ - - 192.168.202.20 OSPF_VL0

Tue May 27 16:27:09.650 UTC

2.2.2.2 1 FULL/ - - 192.168.202.2 OSPF_VL0
4.4.4.4 1 FULL/BDR 00:00:35 192.168.204.4 GigabitEthernet0/0/0/1
R1#sh ip route ospf | inc 22.

R1#ping 22.22.22.22 source lo0

!!!!!
39
OSPF II
Network Diagram
R1 192.168.102.0/24 XR1
Area 1
19
2.
16
8.
21
.0
/
24
XR2 192.168.202.0/24
192.168.104.0/24
R2
24
Area 2
0/
4.
20
8.
16
2.
19
R4
Area 0
R1
interface Loopback0
ip address 1.1.1.1 255.255.255.0
ip address 192.168.102.1 255.255.255.0
speed auto
duplex auto
no shutdown
R2
interface Loopback0
ip address 2.2.2.2 255.255.255.0
40
ip address 192.168.202.2 255.255.255.0
speed auto
duplex auto
no shutdown
R4
interface Loopback0
ip address 4.4.4.4 255.255.255.0
ip address 192.168.104.4 255.255.255.0
speed auto
duplex auto
no shutdown
ip address 192.168.204.4 255.255.255.0
speed auto
duplex auto
no shutdown
XR1
hostname XR1
cdp
interface Loopback0
ipv4 address 10.10.10.10 255.255.255.0
cdp
ipv4 address 192.168.102.10 255.255.255.0
duplex full
cdp
ipv4 address 192.168.104.10 255.255.255.0
cdp
ipv4 address 192.168.21.10 255.255.255.0
XR2
hostname XR2
cdp
interface Loopback0
41
ipv4 address 20.20.20.20 255.255.255.0
cdp
ipv4 address 192.168.202.20 255.255.255.0
cdp
ipv4 address 192.168.204.20 255.255.255.0
cdp
ipv4 address 192.168.21.20 255.255.255.0
42
Tasks
Task 1
Configure OSPF on all routers according to the respective areas
Configure the loopback interface 172.16.111.1/24 on R1 and redistribute it in
the OSPF process
Configure the loopback interfaces 192.168.32.2/24 and 192.168.33.2/24 on
R2 and redistribute it in the OSPF process
R4 and advertise it in the OSPF process in Area 4
XR2 and advertise it the OSPF process in Area 3
Configure the loopback interfaces 192.168.200.20/24 and 192.168.201.20/24
on XR2 and redistribute it in the OSPF process
R1
interface Loopback0
ip address 1.1.1.1 255.255.255.0
interface Loopback1
ip address 172.16.111.1 255.255.255.0
route-map LO1 permit 10

match interface Loopback1
router ospf 1
router-id 1.1.1.1
redistribute connected subnets route-map LO1
network 1.1.1.1 0.0.0.0 area 1
network 192.168.102.1 0.0.0.0 area 1
R2
interface Loopback0
ip address 2.2.2.2 255.255.255.0
interface Loopback1
ip address 192.168.32.2 255.255.255.0
interface Loopback2
ip address 192.168.33.2 255.255.255.0
route-map LOOPs permit 10

match interface Loopback1 Loopback2
43
router ospf 1
router-id 2.2.2.2
redistribute connected subnets route-map LOOPs
network 2.2.2.2 0.0.0.0 area 2
network 192.168.202.2 0.0.0.0 area 2
R4
interface Loopback0
ip address 4.4.4.4 255.255.255.0
interface Loopback1
ip address 192.168.12.4 255.255.255.0
interface Loopback2
ip address 192.168.13.4 255.255.255.0
router ospf 1
router-id 4.4.4.4
network 4.4.4.4 0.0.0.0 area 0
network 192.168.12.4 0.0.0.0 area 4
network 192.168.13.4 0.0.0.0 area 4
network 192.168.104.4 0.0.0.0 area 0
network 192.168.204.4 0.0.0.0 area 0
XR1
router ospf 1
router-id 10.10.10.10
area 0
interface Loopback0
area 1
XR2
route-policy CONNECTED
if destination in (192.168.200.0/24, 192.168.201.0/24) then
pass
endif
end-policy
44
router ospf 1
router-id 20.20.20.20
redistribute connected route-policy CONNECTED
area 0
interface Loopback0
area 2
area 3
interface Loopback1
interface Loopback2
Verifications

R1#sh ip route ospf


O IA 4.4.4.0 [110/3] via 192.168.102.10, 1d03h, FastEthernet1/0
45
O IA 192.168.21.0/24 [110/2] via 192.168.102.10, 1d04h, FastEthernet1/0
O E2 192.168.32.0/24 [110/20] via 192.168.102.10, 01:36:35, FastEthernet1/0

1.1.1.1 1.1.1.1 1652 0x80000037 0x000637 2
10.10.10.10 10.10.10.10 995 0x80000035 0x00A959 1

192.168.102.1 1.1.1.1 1652 0x80000034 0x0011F4

2.2.2.0 10.10.10.10 1734 0x80000004 0x002CDC
4.4.4.0 10.10.10.10 243 0x80000032 0x007D58
10.10.10.10 10.10.10.10 995 0x80000034 0x003286
20.20.20.20 10.10.10.10 1734 0x80000004 0x00CEF0
192.168.12.4 10.10.10.10 243 0x80000032 0x00AFB8
192.168.13.4 10.10.10.10 243 0x80000032 0x00A4C2
192.168.21.0 10.10.10.10 995 0x80000034 0x0066FB
192.168.40.20 10.10.10.10 1734 0x80000004 0x003634
192.168.41.20 10.10.10.10 1734 0x80000004 0x002B3E
192.168.104.0 10.10.10.10 995 0x80000034 0x00D13D
192.168.202.0 10.10.10.10 1734 0x80000004 0x0002D9
192.168.204.0 10.10.10.10 243 0x80000032 0x008F1C
46
Summary ASB Link States (Area 1)

2.2.2.2 10.10.10.10 1734 0x80000004 0x00FF07
20.20.20.20 10.10.10.10 1216 0x80000001 0x00BC06
Type-5 AS External Link States
Link ID ADV Router Age Seq# Checksum Tag

172.16.111.0 1.1.1.1 1652 0x80000034 0x00E7A8 0
192.168.32.0 2.2.2.2 1436 0x80000034 0x0032A9 0
192.168.33.0 2.2.2.2 1436 0x80000034 0x0027B3 0
192.168.200.0 20.20.20.20 1217 0x80000001 0x003BE2 0
192.168.201.0 20.20.20.20 1217 0x80000001 0x0030EC 0
R1# sh ip ospf route
Base Topology (MTID 0)
Area 1
Intra-area Route List

* 192.168.102.0/24, Intra, cost 1, area 1, Connected
via 192.168.102.1, FastEthernet1/0
via 1.1.1.1, Loopback0
Intra-area Router Path List

i 10.10.10.10 [1] via 192.168.102.10, FastEthernet1/0, ABR, Area 1, SPF 4
Inter-area Route List

*> 20.20.20.20/32, Inter, cost 3, area 1
*> 192.168.40.20/32, Inter, cost 3, area 1
*> 192.168.41.20/32, Inter, cost 3, area 1
*> 2.2.2.0/24, Inter, cost 4, area 1
*> 192.168.202.0/24, Inter, cost 3, area 1
*> 192.168.12.4/32, Inter, cost 3, area 1
*> 192.168.13.4/32, Inter, cost 3, area 1
47
*> 192.168.204.0/24, Inter, cost 3, area 1
*> 4.4.4.0/24, Inter, cost 3, area 1
*> 10.10.10.10/32, Inter, cost 2, area 1
*> 192.168.21.0/24, Inter, cost 2, area 1
*> 192.168.104.0/24, Inter, cost 2, area 1
Inter-area Router Path List

I 20.20.20.20 [2] via 192.168.102.10, FastEthernet1/0, ASBR, Area 1, SPF 4
External Route List

*> 192.168.32.0/24, Ext2, cost 20, tag 0
*> 192.168.33.0/24, Ext2, cost 20, tag 0
*> 192.168.200.0/24, Ext2, cost 20, tag 0
*> 192.168.201.0/24, Ext2, cost 20, tag 0
R1# sh ip ospf border-routers
Internal Router Routing Table

Codes: i - Intra-area route, I - Inter-area route


R2#sh ip route ospf

48

R2# sh ip ospf database

2.2.2.2 2.2.2.2 1485 0x80000038 0x000A5C 2
20.20.20.20 20.20.20.20 1269 0x80000005 0x004CC0 1

192.168.202.2 2.2.2.2 1983 0x80000003 0x00138E
49

1.1.1.0 20.20.20.20 1817 0x80000004 0x0023C0
4.4.4.0 20.20.20.20 1817 0x80000003 0x00AE2E
10.10.10.10 20.20.20.20 1817 0x80000004 0x006F50
20.20.20.20 20.20.20.20 1817 0x80000003 0x0099FF
192.168.12.4 20.20.20.20 1817 0x80000003 0x00E08E
192.168.13.4 20.20.20.20 1817 0x80000003 0x00D598
192.168.21.0 20.20.20.20 1817 0x80000003 0x009BCF
192.168.40.20 20.20.20.20 1817 0x80000003 0x000143
192.168.41.20 20.20.20.20 1817 0x80000003 0x00F54D
192.168.102.0 20.20.20.20 1817 0x80000004 0x0025F2
192.168.104.0 20.20.20.20 1817 0x80000003 0x001106
192.168.204.0 20.20.20.20 1817 0x80000005 0x00B2FE

1.1.1.1 20.20.20.20 1817 0x80000004 0x0001E1

172.16.111.0 1.1.1.1 1707 0x80000034 0x00E7A8 0
192.168.32.0 2.2.2.2 1485 0x80000034 0x0032A9 0
192.168.33.0 2.2.2.2 1485 0x80000034 0x0027B3 0
192.168.200.0 20.20.20.20 1269 0x80000001 0x003BE2 0
192.168.201.0 20.20.20.20 1269 0x80000001 0x0030EC 0
R2# sh ip osp
R2# sh ip ospf route
Area 2


i 20.20.20.20 [1] via 192.168.202.20, FastEthernet1/0, ABR/ASBR, Area 2, SPF 5
50
*> 1.1.1.0/24, Inter, cost 4, area 2
*> 4.4.4.0/24, Inter, cost 3, area 2
*> 192.168.21.0/24, Inter, cost 2, area 2
*> 192.168.102.0/24, Inter, cost 3, area 2
*> 192.168.104.0/24, Inter, cost 3, area 2
*> 192.168.204.0/24, Inter, cost 2, area 2
*> 10.10.10.10/32, Inter, cost 3, area 2
*> 20.20.20.20/32, Inter, cost 2, area 2
*> 192.168.12.4/32, Inter, cost 3, area 2
*> 192.168.13.4/32, Inter, cost 3, area 2
*> 192.168.40.20/32, Inter, cost 2, area 2
*> 192.168.41.20/32, Inter, cost 2, area 2

External Route List

*> 172.16.111.0/24, Ext2, cost 20, tag 0
*> 192.168.200.0/24, Ext2, cost 20, tag 0
*> 192.168.201.0/24, Ext2, cost 20, tag 0
R2#sh ip ospf border-routers

51

R4#sh ip route ospf


O 10.10.10.10 [110/2] via 192.168.104.10, 1d03h, FastEthernet2/0
[110/2] via 192.168.104.10, 1d03h, FastEthernet2/0
O E2 172.16.111.0/24 [110/20] via 192.168.104.10, 1d03h, FastEthernet2/0
52

4.4.4.4 4.4.4.4 1826 0x80000036 0x00EE9A 3
10.10.10.10 10.10.10.10 1819 0x80000036 0x004D4D 3
20.20.20.20 20.20.20.20 1301 0x80000006 0x001663 3

192.168.21.10 10.10.10.10 1819 0x80000003 0x00B15D
192.168.104.10 10.10.10.10 328 0x80000032 0x00FBD0
192.168.204.4 4.4.4.4 1826 0x80000003 0x00F09C

1.1.1.0 10.10.10.10 1080 0x80000034 0x00E5F6
2.2.2.0 20.20.20.20 1849 0x80000003 0x00F6EB
192.168.12.4 4.4.4.4 833 0x80000032 0x005A27
192.168.13.4 4.4.4.4 833 0x80000032 0x004F31
192.168.40.20 20.20.20.20 1849 0x80000003 0x000143
192.168.41.20 20.20.20.20 1849 0x80000003 0x00F54D
192.168.102.0 10.10.10.10 1080 0x80000034 0x00E729
192.168.202.0 20.20.20.20 1850 0x80000005 0x00C8EA

1.1.1.1 10.10.10.10 1080 0x80000034 0x00C318
2.2.2.2 20.20.20.20 1849 0x80000003 0x00CA16

4.4.4.4 4.4.4.4 833 0x80000033 0x00FADE 2

1.1.1.0 4.4.4.4 833 0x80000032 0x00A84D
2.2.2.0 4.4.4.4 1826 0x80000003 0x00E23F
4.4.4.0 4.4.4.4 833 0x80000032 0x0028C6
10.10.10.10 4.4.4.4 833 0x80000032 0x00F4DC
20.20.20.20 4.4.4.4 1826 0x80000003 0x008553
192.168.21.0 4.4.4.4 833 0x80000032 0x002952
53
192.168.40.20 4.4.4.4 1826 0x80000003 0x00EC96
192.168.41.20 4.4.4.4 1826 0x80000003 0x00E1A0
192.168.102.0 4.4.4.4 833 0x80000032 0x00AA7F
192.168.104.0 4.4.4.4 833 0x80000032 0x008A9E
192.168.202.0 4.4.4.4 1826 0x80000003 0x00B83C
192.168.204.0 4.4.4.4 833 0x80000032 0x003A8A

1.1.1.1 4.4.4.4 833 0x80000032 0x00866E
2.2.2.2 4.4.4.4 1826 0x80000003 0x00B669
20.20.20.20 4.4.4.4 1295 0x80000001 0x007169

172.16.111.0 1.1.1.1 1739 0x80000034 0x00E7A8 0
192.168.32.0 2.2.2.2 1520 0x80000034 0x0032A9 0
192.168.33.0 2.2.2.2 1520 0x80000034 0x0027B3 0
192.168.200.0 20.20.20.20 1301 0x80000001 0x003BE2 0
192.168.201.0 20.20.20.20 1301 0x80000001 0x0030EC 0
R4#sh ip ospf route
Area BACKBONE(0)

*> 192.168.21.0/24, Intra, cost 2, area 0
*> 10.10.10.10/32, Intra, cost 2, area 0
*> 20.20.20.20/32, Intra, cost 2, area 0
54

*> 1.1.1.0/24, Inter, cost 3, area 0
*> 2.2.2.0/24, Inter, cost 3, area 0
*> 192.168.102.0/24, Inter, cost 2, area 0
*> 192.168.202.0/24, Inter, cost 2, area 0
*> 192.168.40.20/32, Inter, cost 2, area 0
*> 192.168.41.20/32, Inter, cost 2, area 0

Area 4

External Route List

*> 192.168.32.0/24, Ext2, cost 20, tag 0
*> 192.168.33.0/24, Ext2, cost 20, tag 0
*> 172.16.111.0/24, Ext2, cost 20, tag 0
*> 192.168.200.0/24, Ext2, cost 20, tag 0
*> 192.168.201.0/24, Ext2, cost 20, tag 0
R4#sh ip ospf border-routers
55


Thu May 29 15:16:01.765 UTC

4.4.4.4 1 FULL/BDR 00:00:31 192.168.104.4 GigabitEthernet0/0/0/1
Neighbor is up for 1d03h
20.20.20.20 1 FULL/BDR 00:00:36 192.168.21.20

Thu May 29 15:16:04.575 UTC
O 1.1.1.0/24 [110/2] via 192.168.102.1, 1d04h, GigabitEthernet0/0/0/0

O IA 192.168.12.4/32 [110/2] via 192.168.104.4, 1d03h, GigabitEthernet0/0/0/1
O E2 192.168.32.0/24 [110/20] via 192.168.21.20, 01:38:35, GigabitEthernet0/0/0/2
O E2 172.16.111.0/24 [110/20] via 192.168.102.1, 1d04h, GigabitEthernet0/0/0/0
56
RP/0/0/CPU0:XR1# sh ospf database
Thu May 29 15:16:08.514 UTC

4.4.4.4 4.4.4.4 1866 0x80000036 0x00ee9a 3
10.10.10.10 10.10.10.10 1857 0x80000036 0x004d4d 3
20.20.20.20 20.20.20.20 1340 0x80000006 0x001663 3

192.168.21.10 10.10.10.10 1857 0x80000003 0x00b15d
192.168.104.10 10.10.10.10 366 0x80000032 0x00fbd0
192.168.204.4 4.4.4.4 1866 0x80000003 0x00f09c

1.1.1.0 10.10.10.10 1119 0x80000034 0x00e5f6
2.2.2.0 20.20.20.20 1889 0x80000003 0x00f6eb
192.168.12.4 4.4.4.4 873 0x80000032 0x005a27
192.168.13.4 4.4.4.4 873 0x80000032 0x004f31
192.168.40.20 20.20.20.20 1889 0x80000003 0x000143
192.168.41.20 20.20.20.20 1889 0x80000003 0x00f54d
192.168.102.0 10.10.10.10 1119 0x80000034 0x00e729
192.168.202.0 20.20.20.20 1889 0x80000005 0x00c8ea

1.1.1.1 10.10.10.10 1119 0x80000034 0x00c318
2.2.2.2 20.20.20.20 1889 0x80000003 0x00ca16

1.1.1.1 1.1.1.1 1777 0x80000037 0x000637 2
10.10.10.10 10.10.10.10 1119 0x80000035 0x00a959 1

192.168.102.1 1.1.1.1 1777 0x80000034 0x0011f4
57

2.2.2.0 10.10.10.10 1857 0x80000004 0x002cdc
4.4.4.0 10.10.10.10 366 0x80000032 0x007d58
10.10.10.10 10.10.10.10 1119 0x80000034 0x003286
20.20.20.20 10.10.10.10 1857 0x80000004 0x00cef0
192.168.12.4 10.10.10.10 366 0x80000032 0x00afb8
192.168.13.4 10.10.10.10 366 0x80000032 0x00a4c2
192.168.21.0 10.10.10.10 1119 0x80000034 0x0066fb
192.168.40.20 10.10.10.10 1857 0x80000004 0x003634
192.168.41.20 10.10.10.10 1857 0x80000004 0x002b3e
192.168.104.0 10.10.10.10 1119 0x80000034 0x00d13d
192.168.202.0 10.10.10.10 1857 0x80000004 0x0002d9
192.168.204.0 10.10.10.10 366 0x80000032 0x008f1c

2.2.2.2 10.10.10.10 1857 0x80000004 0x00ff07
20.20.20.20 10.10.10.10 1339 0x80000001 0x00bc06

172.16.111.0 1.1.1.1 1777 0x80000034 0x00e7a8 0
192.168.32.0 2.2.2.2 1559 0x80000034 0x0032a9 0
192.168.33.0 2.2.2.2 1559 0x80000034 0x0027b3 0
192.168.200.0 20.20.20.20 1340 0x80000001 0x003be2 0
192.168.201.0 20.20.20.20 1340 0x80000001 0x0030ec 0
RP/0/0/CPU0:XR1#sh ospf border-routers

Thu May 29 15:16:13.774 UTC
OSPF 1 Internal Routing Table
i 1.1.1.1 [1] via 192.168.102.1, GigabitEthernet0/0/0/0, ASBR , Area 1, SPF 4

I 2.2.2.2 [2] via 192.168.21.20, GigabitEthernet0/0/0/2, ASBR , Area 0, SPF 10
i 4.4.4.4 [1] via 192.168.104.4, GigabitEthernet0/0/0/1, ABR , Area 0, SPF 11
i 20.20.20.20 [1] via 192.168.21.20, GigabitEthernet0/0/0/2, ABR/ASBR , Area 0, SPF
11

Thu May 29 15:22:37.778 UTC
58


Thu May 29 15:22:41.018 UTC


Thu May 29 15:22:42.737 UTC

4.4.4.4 4.4.4.4 1906 0x80000036 0x00ee9a 3
10.10.10.10 10.10.10.10 1898 0x80000036 0x004d4d 3
20.20.20.20 20.20.20.20 1379 0x80000006 0x001663 3

192.168.21.10 10.10.10.10 1898 0x80000003 0x00b15d
59
192.168.104.10 10.10.10.10 406 0x80000032 0x00fbd0
192.168.204.4 4.4.4.4 1906 0x80000003 0x00f09c

1.1.1.0 10.10.10.10 1159 0x80000034 0x00e5f6
2.2.2.0 20.20.20.20 1927 0x80000003 0x00f6eb
192.168.12.4 4.4.4.4 912 0x80000032 0x005a27
192.168.13.4 4.4.4.4 912 0x80000032 0x004f31
192.168.40.20 20.20.20.20 1927 0x80000003 0x000143
192.168.41.20 20.20.20.20 1927 0x80000003 0x00f54d
192.168.102.0 10.10.10.10 1159 0x80000034 0x00e729
192.168.202.0 20.20.20.20 1927 0x80000005 0x00c8ea

1.1.1.1 10.10.10.10 1159 0x80000034 0x00c318
2.2.2.2 20.20.20.20 1927 0x80000003 0x00ca16

2.2.2.2 2.2.2.2 1597 0x80000038 0x000a5c 2
20.20.20.20 20.20.20.20 1379 0x80000005 0x004cc0 1

192.168.202.2 2.2.2.2 72 0x80000004 0x00118f

1.1.1.0 20.20.20.20 1927 0x80000004 0x0023c0
4.4.4.0 20.20.20.20 1927 0x80000003 0x00ae2e
10.10.10.10 20.20.20.20 1927 0x80000004 0x006f50
20.20.20.20 20.20.20.20 1927 0x80000003 0x0099ff
192.168.12.4 20.20.20.20 1927 0x80000003 0x00e08e
192.168.13.4 20.20.20.20 1927 0x80000003 0x00d598
192.168.21.0 20.20.20.20 1927 0x80000003 0x009bcf
192.168.40.20 20.20.20.20 1927 0x80000003 0x000143
192.168.41.20 20.20.20.20 1927 0x80000003 0x00f54d
192.168.102.0 20.20.20.20 1927 0x80000004 0x0025f2
192.168.104.0 20.20.20.20 1927 0x80000003 0x001106
192.168.204.0 20.20.20.20 1927 0x80000005 0x00b2fe
60

1.1.1.1 20.20.20.20 1927 0x80000004 0x0001e1

20.20.20.20 20.20.20.20 1379 0x80000004 0x00e746 2

1.1.1.0 20.20.20.20 1927 0x80000004 0x0023c0
2.2.2.0 20.20.20.20 1927 0x80000003 0x00f6eb
4.4.4.0 20.20.20.20 1927 0x80000003 0x00ae2e
10.10.10.10 20.20.20.20 1927 0x80000004 0x006f50
20.20.20.20 20.20.20.20 1927 0x80000003 0x0099ff
192.168.12.4 20.20.20.20 1927 0x80000003 0x00e08e
192.168.13.4 20.20.20.20 1927 0x80000003 0x00d598
192.168.21.0 20.20.20.20 1927 0x80000003 0x009bcf
192.168.102.0 20.20.20.20 1927 0x80000004 0x0025f2
192.168.104.0 20.20.20.20 1927 0x80000003 0x001106
192.168.202.0 20.20.20.20 1927 0x80000005 0x00c8ea
192.168.204.0 20.20.20.20 1927 0x80000005 0x00b2fe

1.1.1.1 20.20.20.20 1927 0x80000004 0x0001e1
2.2.2.2 20.20.20.20 1927 0x80000003 0x00ca16

192.168.32.0 2.2.2.2 1597 0x80000034 0x0032a9 0
192.168.33.0 2.2.2.2 1597 0x80000034 0x0027b3 0
172.16.111.0 1.1.1.1 11 0x80000035 0x00e5a9 0
192.168.200.0 20.20.20.20 1379 0x80000001 0x003be2 0
192.168.201.0 20.20.20.20 1379 0x80000001 0x0030ec 0
RP/0/0/CPU0:XR2# sh ospf border-routers

Thu May 29 15:22:47.687 UTC
OSPF 1 Internal Routing Table
61
I 1.1.1.1 [2] via 192.168.21.10, GigabitEthernet0/0/0/2, ASBR , Area 0, SPF 4

i 2.2.2.2 [1] via 192.168.202.2, GigabitEthernet0/0/0/0, ASBR , Area 2, SPF 4
Task 2
Wrtie a TCL script to check connectivity between all prefixes in the OSPF
domain
R1#tclsh
R1(tcl)#foreach x {
+>(tcl)#192.168.102.1
+>(tcl)#1.1.1.1
+>(tcl)#172.16.111.1
+>(tcl)#192.168.202.2
+>(tcl)#2.2.2.2
+>(tcl)#192.168.32.2
+>(tcl)#192.168.33.2
+>(tcl)#192.168.104.4
+>(tcl)#192.168.204.4
+>(tcl)#4.4.4.4
+>(tcl)#192.168.12.4
+>(tcl)#192.168.13.4
+>(tcl)#10.10.10.10
+>(tcl)#192.168.102.10
+>(tcl)#192.168.104.10
+>(tcl)#192.168.21.10
+>(tcl)#20.20.20.20
+>(tcl)#192.168.40.20
+>(tcl)#192.168.41.20
+>(tcl)#192.168.200.20
+>(tcl)#192.168.201.20
+>(tcl)#192.168.202.20
+>(tcl)#192.168.204.20
+>(tcl)#192.168.21.20
+>(tcl)#} { ping $x }
!!!!!
!!!!!
62
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
63
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
Thu May 29 16:40:33.337 UTC
% foreach x {
192.168.102.1
1.1.1.1
192.168.111.1
64
192.168.202.2
2.2.2.2
192.168.32.2
192.168.33.2
192.168.104.4
192.168.204.4
4.4.4.4
192.168.12.4
192.168.13.4
10.10.10.10
192.168.102.10
192.168.104.10
192.168.21.10
20.20.20.20
192.168.40.20
192.168.41.20
192.168.200.20
192.168.201.20
192.168.202.20
192.168.204.20
192.168.21.20
} { ping $x }
!!!!!
!!!!!
UUUUU
Success rate is 0 percent (0/5)
!!!!!
!!!!!
!!!!!
65
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
66
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
Task 3
Summarize the networks 192.168.12.0/24 and 192.168.13.0/24 on R4 and
make sure the new summary route exists in all routers among the OSPF
domain
R4
router ospf 1
area 4 range 192.168.12.0 255.255.254.0
R4#sh ip route ospf | inc summary

O 192.168.12.0/23 is a summary, 00:00:47, Null0
R4#sh ip route 192.168.12.0 255.255.254.0

Routing entry for 192.168.12.0/23, supernet
Routing Descriptor Blocks:
* directly connected, via Null0
Route metric is 1, traffic share count is 1
R1#sh ip route ospf | inc /23

67
R1#sh ip route 192.168.12.0 255.255.254.0
Routing entry for 192.168.12.0/23, supernet
Known via "ospf 1", distance 110, metric 3, type inter area
Last update from 192.168.102.10 on FastEthernet1/0, 00:01:36 ago
Routing Descriptor Blocks:
* 192.168.102.10, from 10.10.10.10, 00:01:36 ago, via FastEthernet1/0
Route metric is 3, traffic share count is 1
RP/0/0/CPU0:XR2#sh route ospf | inc /23

Thu May 29 16:52:58.946 UTC
RP/0/0/CPU0:XR2#sh route 192.168.12.0/23

Thu May 29 16:53:24.375 UTC

Known via "ospf 1", distance 110, metric 2, type inter area
Route metric is 2
And still we have connectivity to the individual prefixes
R1#ping 192.168.12.4
!!!!!
R1#ping 192.168.13.4
!!!!!
Task 4
Summarize the networks 192.168.40.0/24 and 192.168.41.0/24 on XR2 and
domain
XR2
router ospf 1
area 3
range 192.168.40.0/23
68
RP/0/0/CPU0:XR2#sh route 192.168.40.0/23
Thu May 29 16:57:31.218 UTC

Known via "ospf 1", distance 254, metric 0 (summary), type inter area
directly connected, via Null0
Route metric is 0
R1#sh ip route ospf | inc 192.168.40

R2# sh ip route ospf | inc 192.168.40

And we still have connectivity to the individual routes
R1#ping 192.168.40.20
!!!!!
R1#ping 192.168.41.20
!!!!!
Task 5
Summarize the networks 192.168.32.0/24 and 192.168.33.0/24 on R2 and
domain
R2
router ospf 1
summary-address 192.168.32.0 255.255.254.0
RP/0/0/CPU0:XR2#sh route ospf | inc 23

Thu May 29 17:04:27.179 UTC
O IA 192.168.40.0/23 [254/0] via 0.0.0.0, 00:07:47, Null0
R1#sh ip route ospf | inc 23

69
R1#ping 192.168.32.2
!!!!!
R1#ping 192.168.33.2
!!!!!
Task 6
Summarize the 172.16.111.0 subnet to its base on R1
R1
router ospf 1
summary-address 172.16.111.0 255.255.0.0
R2#sh ip route ospf | inc 172.16.

RP/0/0/CPU0:XR2#sh route ospf | inc 172.16.

Thu May 29 17:10:15.905 UTC
And we still have connectivity to the individual route
RP/0/0/CPU0:XR1#ping 172.16.111.1
Thu May 29 17:04:34.889 UTC
!!!!!
Task 7
Summerize the networks 192.168.200.0/24 and 192.168.201.0/24 on XR2 and
domain
XR2
router ospf 1
summary-prefix 192.168.200.0/23
70
RP/0/0/CPU0:XR2#sh route 192.168.200.0/23
Thu May 29 17:13:23.892 UTC

Known via "ospf 1", distance 254, metric 0 (summary), type extern 2
directly connected, via Null0
Route metric is 0
R1#sh ip route ospf | inc 192.168.200.

R1#ping 192.168.200.20
!!!!!
R1#ping 192.168.201.20
!!!!!
Task 8
Configure Area 2 as a stub area
R2
router ospf 1
area 2 stub
XR2
router ospf 1
area 2
stub
R2#sh ip route ospf

71
Gateway of last resort is 192.168.202.20 to network 0.0.0.0
O*IA 0.0.0.0/0 [110/2] via 192.168.202.20, 00:01:03, FastEthernet1/0

R2#sh ip ospf
Start time: 1d18h, Time elapsed: 1d07h
Supports only single TOS(TOS0) routes
Supports opaque LSA
Supports area transit capability
Supports NSSA (compatible with RFC 3101)
Event-log enabled, Maximum number of events: 1000, Mode: cyclic
It is an autonomous system boundary router
Redistributing External Routes from,
connected, includes subnets in redistribution
Router is not originating router-LSAs with maximum metric
Initial SPF schedule delay 5000 msecs
Minimum hold time between two consecutive SPFs 10000 msecs
Maximum wait time between two consecutive SPFs 10000 msecs
Incremental-SPF disabled
Minimum LSA interval 5 secs
Minimum LSA arrival 1000 msecs
LSA group pacing timer 240 secs
Interface flood pacing timer 33 msecs
Retransmission pacing timer 66 msecs
Number of external LSA 0. Checksum Sum 0x000000
Number of opaque AS LSA 0. Checksum Sum 0x000000
Number of DCbitless external and opaque AS LSA 0
72
Number of DoNotAge external and opaque AS LSA 0
Number of areas in this router is 1. 0 normal 1 stub 0 nssa
Number of areas transit capable is 0
External flood list length 0
Reference bandwidth unit is 100 mbps
Area 2
Number of interfaces in this area is 2 (1 loopback)
It is a stub area
Area has no authentication
SPF algorithm last executed 00:02:44.252 ago
SPF algorithm executed 9 times
Area ranges are
Number of LSA 14. Checksum Sum 0x066234
Number of opaque link LSA 0. Checksum Sum 0x000000
Number of DCbitless LSA 0
Number of indication LSA 0
Number of DoNotAge LSA 0
Flood list length 0
Task 9
Configure Area 1 to be NSSA area
R1
router ospf 1
area 1 nssa
R1#
*Jun 1 15:01:12.736: %OSPF-5-ADJCHG: Process 1, Nbr 10.10.10.10 on
FastEthernet1/0 from FULL to DOWN, Neighbor Down: Adjacency forced to reset
XR1
router ospf 1
area 1
nssa
R1#
R1#sh ip route ospf

73

172.16.0.0/16 is variably subnetted, 3 subnets, 3 masks
R1#sh ip ospf
Start time: 1d18h, Time elapsed: 4d04h
Supports only single TOS(TOS0) routes
Supports opaque LSA
Supports area transit capability
Supports NSSA (compatible with RFC 3101)
Event-log enabled, Maximum number of events: 1000, Mode: cyclic
It is an autonomous system boundary router
Redistributing External Routes from,
connected, includes subnets in redistribution
Router is not originating router-LSAs with maximum metric
Initial SPF schedule delay 5000 msecs
Minimum hold time between two consecutive SPFs 10000 msecs
Maximum wait time between two consecutive SPFs 10000 msecs
Incremental-SPF disabled
Minimum LSA interval 5 secs
Minimum LSA arrival 1000 msecs
LSA group pacing timer 240 secs
Interface flood pacing timer 33 msecs
Retransmission pacing timer 66 msecs
Number of external LSA 0. Checksum Sum 0x000000
Number of opaque AS LSA 0. Checksum Sum 0x000000
Number of DCbitless external and opaque AS LSA 0
74
Number of DoNotAge external and opaque AS LSA 0
Number of areas in this router is 1. 0 normal 0 stub 1 nssa
Number of areas transit capable is 0
External flood list length 0
Reference bandwidth unit is 100 mbps
Area 1
Number of interfaces in this area is 2
It is a NSSA area
Area has no authentication
SPF algorithm last executed 00:01:10.744 ago
SPF algorithm executed 8 times
Area ranges are
Number of LSA 14. Checksum Sum 0x07A004
Number of opaque link LSA 0. Checksum Sum 0x000000
Number of DCbitless LSA 0
Number of indication LSA 0
Number of DoNotAge LSA 0
Flood list length 0

Sun Jun 1 14:54:28.817 UTC

O N2 172.16.0.0/16 [110/20] via 192.168.102.1, 00:00:56, GigabitEthernet0/0/0/0
O E2 192.168.200.0/23 [110/20] via 192.168.21.20, 2d21h, GigabitEthernet0/0/0/2
[110/2] via 192.168.104.4, 3d01h, GigabitEthernet0/0/0/1
R2#sh ip route ospf

75
Gateway of last resort is 192.168.202.20 to network 0.0.0.0
O*IA 0.0.0.0/0 [110/2] via 192.168.202.20, 2d21h, FastEthernet1/0

O 192.168.32.0/23 is a summary, 2d21h, Null0
Task 10
Adjust the OSPF cost of the default route on the ABR (XR2)
R2#sh ip route ospf | inc 0.0.0.0/0

XR2
router ospf 1
area 2
default-cost 10
R2#sh ip route ospf | inc 0.0.0.0/0

76
ISIS
Network Diagram
R1 192.168.102.0/24 XR1
L2 L2 19
2.
16
8.
21.
0/
24
XR2 192.168.202.0/24
192.168.104.0/24
L1/L2 R2
L1 Area
49.0002
24
0/
4.
20
8.
16
2.
19
Area R4
49.0001 L2
R1
interface Loopback0
ip address 1.1.1.1 255.255.255.0
ip address 192.168.102.1 255.255.255.0
speed auto
duplex auto
ipv6 address 2001:192:102::1/64
no shutdown
R2
77
interface Loopback0
ip address 2.2.2.2 255.255.255.0
ip address 192.168.202.2 255.255.255.0
speed auto
duplex auto
ipv6 address 2001:192:202::2/64
no shutdown
R4
interface Loopback0
ip address 4.4.4.4 255.255.255.0
ip address 192.168.104.4 255.255.255.0
speed auto
duplex auto
ipv6 address 2001:192:104::4/64
no shutdown
ip address 192.168.204.4 255.255.255.0
speed auto
duplex auto
ipv6 address 2001:192:204::4/64
no shutdown
XR1
hostname XR1
cdp
interface Loopback0
ipv4 address 10.10.10.10 255.255.255.0
cdp
ipv4 address 192.168.102.10 255.255.255.0
ipv6 address 2001:192:102::10/64
duplex full
cdp
ipv4 address 192.168.104.10 255.255.255.0
ipv6 address 2001:192:104::10/64
78
cdp
ipv4 address 192.168.21.10 255.255.255.0
ipv6 address 2001:192:21::10/64
XR2
hostname XR2
cdp
interface Loopback0
ipv4 address 20.20.20.20 255.255.255.0
cdp
ipv4 address 192.168.202.20 255.255.255.0
ipv6 address 2001:192:202::20/64
cdp
ipv4 address 192.168.204.20 255.255.255.0
ipv6 address 2001:192:204::20/64
cdp
ipv4 address 192.168.21.20 255.255.255.0
ipv6 address 2001:192:21::20/64
79
Tasks
Task 1
Enable ISIS on all routers according to the diagram
R1
router isis 1
net 49.0001.0000.0000.0001.00
is-type level-2-only
int lo0
ip router isis 1
int fas1/0
ip router isis 1
R2
router isis 1
net 49.0001.0000.0000.0002.00
is-type level-1
int lo0
ip router isis 1
int fas1/0
ip router isis 1
R4
router isis 1
net 49.0001.0000.0000.0004.00
int lo0
ip router isis 1
int f2/0
ip router isis 1
int f2/1
ip router isis 1
XR1
router isis 1
net 49.0001.0000.0000.0010.00
interface lo0
address-family ipv4 unicast
80
interface Gi0/0/0/0
interface Gi0/0/0/1
interface Gi0/0/0/2
XR2
router isis 1
net 49.0001.0000.0000.0020.00
interface lo0
circuit-type level-2-only
interface Gi0/0/0/0
circuit-type level-1
interface Gi0/0/0/1
interface Gi0/0/0/2
Verifications
R1#sh isis neighbors
Tag 1:
System Id Type Interface IP Address State Holdtime Circuit Id
XR1 L2 Fa1/0 192.168.102.10 UP 29 R1.01
R1#sh clns neighbors

Tag 1:
System Id Interface SNPA State Holdtime Type Protocol
XR1 Fa1/0 0800.2735.643d Up 26 L2 IS-IS
R1#sh ip route isis

81

i L2 2.2.2.0 [115/40] via 192.168.102.10, 00:00:14, FastEthernet1/0
i L2 192.168.21.0/24 [115/20] via 192.168.102.10, 16:09:30, FastEthernet1/0
Tag 1:
XR2 L1 Fa1/0 192.168.202.20 UP 21 R2.01

Tag 1:
XR2 Fa1/0 0800.27dc.8c08 Up 28 L1 IS-IS
R2#sh ip route isis

As we can see R2 routing table is empty , because the relation between R2 and XR2 is
level-1 relation , and all the routes XR2 is learning from the rest of the network is level-
2 routes
82
So , we have to redistribute level-2 into level-1 (in IOS XR propagate is redistribute)
We start by defining a prefix-set that matches all routes (we are not going to select
anything here)
XR2
prefix-set MSSK
0.0.0.0/0 le 32
end-set
Which is equal to (in IOS) : ip prefix-list MSSK seq 5 permit 0.0.0.0/0 le 32
Then we define our route-policy
XR2
route-policy PERMIT_ALL
if destination in MSSK then
pass
endif
end-policy
Which is equal to :
route-map PERMIT_ALL permit 10
match ip address prefix MSSK
Then we attach it to our ISIS configuration
XR2
propagate level 2 into level 1 route-policy PERMIT_ALL
Now , checking R2 routing table
R2#sh ip route isis


i ia 1.1.1.0 [115/168] via 192.168.202.20, 00:00:02, FastEthernet1/0
83
i ia 192.168.21.0/24 [115/148] via 192.168.202.20, 00:00:02, FastEthernet1/0
Tag 1:
XR1 L2 Fa2/0 192.168.104.10 UP 24 R4.01
XR2 L2 Fa2/1 192.168.204.20 UP 28 R4.02

Tag 1:
XR1 Fa2/0 0800.27e6.012e Up 29 L2 IS-IS
XR2 Fa2/1 0800.276f.8fe6 Up 24 L2 IS-IS
R4#sh ip route isis


84
RP/0/0/CPU0:XR1#sh isis neighbors

Mon Jun 2 12:28:55.754 UTC
IS-IS 1 neighbors:
System Id Interface SNPA State Holdtime Type IETF-NSF
R1 Gi0/0/0/0 ca00.f4bc.001c Up 7 L2 Capable
R4 Gi0/0/0/1 ca02.9b78.0038 Up 8 L2 Capable
XR2 Gi0/0/0/2 0800.2759.7f87 Up 8 L2 Capable
RP/0/0/CPU0:XR1#sh route isis

Mon Jun 2 12:29:13.863 UTC
i L2 1.1.1.0/24 [115/20] via 192.168.102.1, 00:00:08, GigabitEthernet0/0/0/0


Mon Jun 2 12:29:29.852 UTC
IS-IS 1 neighbors:
R2 Gi0/0/0/0 ca01.f4bc.001c Up 7 L1 Capable
R4 Gi0/0/0/1 ca02.9b78.0039 Up 9 L2 Capable
XR1 Gi0/0/0/2 0800.271f.7011 Up 26 L2 Capable

Mon Jun 2 12:29:32.742 UTC

85
Task 2
Write a TCL script to check connectivity between all elements in ISIS routing
domain
R1#tclsh
R1(tcl)#foreach x {
+>(tcl)#192.168.102.1
+>(tcl)#1.1.1.1
+>(tcl)#192.168.202.2
+>(tcl)#2.2.2.2
+>(tcl)#192.168.104.4
+>(tcl)#192.168.204.4
+>(tcl)#4.4.4.4
+>(tcl)#10.10.10.10
+>(tcl)#192.168.102.10
+>(tcl)#192.168.104.10
+>(tcl)#192.168.21.10
+>(tcl)#20.20.20.20
+>(tcl)#192.168.202.20
+>(tcl)#192.168.204.20
+>(tcl)#192.168.21.20
!!!!!
!!!!!
!!!!!
!!!!!
86
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
87
!!!!!
Mon Jun 2 12:35:07.649 UTC
% foreach x {
192.168.102.1
1.1.1.1
192.168.202.2
2.2.2.2
192.168.104.4
192.168.204.4
4.4.4.4
10.10.10.10
192.168.102.10
192.168.104.10
192.168.21.10
20.20.20.20
192.168.202.20
192.168.204.20
192.168.21.20
} { ping $x }
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
88
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
Task 3
Configure two new loopback interfaces on R2 with IP addresses of
172.16.12.2/24 and 172.16.13.2/24 and advertise them in the ISIS process
R2
int lo1
ip add 172.16.12.2 255.255.255.0
ip router isis 1
89
int lo2
ip add 172.16.13.2 255.255.255.0
ip router isis 1
R1#sh ip route isis | inc 172.

Task 4
Summarize the loopbacks mentioned in the previous task on the approbriate
device
XR2
router isis 1
summary-prefix 172.16.12.0/23 level 2

R1#ping 172.16.12.2
!!!!!
R1#ping 172.16.13.2
!!!!!
RP/0/0/CPU0:XR1#sh route isis | include 172.

Mon Jun 2 12:48:29.044 UTC
RP/0/0/CPU0:XR1#ping 172.16.12.2
Mon Jun 2 12:48:40.093 UTC
!!!!!
RP/0/0/CPU0:XR1#ping 172.16.13.2
Mon Jun 2 12:48:42.793 UTC
90
!!!!!

R2#
As we can see the routes did not reach R2 because we summarized using level-2
Task 5
Enable IPv6 routing on all routers and make sure full connectivity is achieved
R1
router isis 1
metric-style wide
multi-topology
int f1/0
ipv6 router isis 1
int lo0
ipv6 router isis 1
R2
router isis 1
metric-style wide
multi-topology
int lo0
ipv6 router isis 1
int f1/0
ipv6 router isis 1
R4
router isis 1
metric-style wide
multi-topology
int lo0
ipv6 router isis 1
int f2/0
ipv6 router isis 1
int f2/1
ipv6 router isis 1
91
XR1
router isis 1
interface Loopback0
XR2
router isis 1
interface Loopback0
Verifications
R1#sh isis ipv6 topology
Tag 1:
IS-IS TID 2 paths to level-2 routers

System Id Metric Next-Hop Interface SNPA
R1 --
R4 20 XR1 Fa1/0 0800.2735.643d
XR1 10 XR1 Fa1/0 0800.2735.643d
XR2 20 XR1 Fa1/0 0800.2735.643d
R1#sh ipv6 route isis

92
I2 2001::2/128 [115/40]
I2 2001::4/128 [115/30]
I2 2001::10/128 [115/20]
I2 2001::20/128 [115/30]
I2 2001:192:21::/64 [115/20]
I2 2001:192:104::/64 [115/20]
I2 2001:192:202::/64 [115/30]
I2 2001:192:204::/64 [115/30]
Tag 1:
R2 --
XR2 10 XR2 Fa1/0 0800.27dc.8c08
Tag 1:

R1 20 XR1 Fa2/0 0800.27e6.012e
R4 --
XR1 10 XR1 Fa2/0 0800.27e6.012e
XR2 10 XR2 Fa2/1 0800.276f.8fe6
93
I2 2001::1/128 [115/30]
I2 2001::2/128 [115/30]
I2 2001::10/128 [115/20]
I2 2001::20/128 [115/20]
I2 2001:192:21::/64 [115/20]
I2 2001:192:102::/64 [115/20]
I2 2001:192:202::/64 [115/20]
RP/0/0/CPU0:XR1#sh isis ipv6 topology

Tue Jun 3 13:55:58.758 UTC
IS-IS 1 paths to IPv6 Unicast (Level-2) routers

0000.0000.0000 **
R1 10 R1 Gi0/0/0/0 ca00.f4bc.001c
R4 10 R4 Gi0/0/0/1 ca02.9b78.0038
XR1 --
XR2 10 XR2 Gi0/0/0/2 0800.2759.7f87
0000.00ff.ffff **
RP/0/0/CPU0:XR1#sh route ipv6 isis

Tue Jun 3 13:56:08.247 UTC
i L2 2001::1/128
[115/20] via fe80::c800:f4ff:febc:1c, 00:00:02, GigabitEthernet0/0/0/0
i L2 2001::2/128
[115/30] via fe80::a00:27ff:fe59:7f87, 00:02:25, GigabitEthernet0/0/0/2
i L2 2001::4/128
[115/20] via fe80::c802:9bff:fe78:38, 00:29:04, GigabitEthernet0/0/0/1
i L2 2001::20/128
94
i L2 2001:192:202::/64
i L2 2001:192:204::/64
RP/0/0/CPU0:XR2#sh isis ipv6 topology

Tue Jun 3 13:56:42.755 UTC

R2 10 R2 Gi0/0/0/0 ca01.f4bc.001c
XR2 --

R1 20 XR1 Gi0/0/0/2 0800.271f.7011
R4 10 R4 Gi0/0/0/1 ca02.9b78.0039
XR1 10 XR1 Gi0/0/0/2 0800.271f.7011
XR2 --
Tue Jun 3 13:56:53.234 UTC
i L2 2001::1/128
[115/30] via fe80::a00:27ff:fe1f:7011, 00:01:05, GigabitEthernet0/0/0/2
i L1 2001::2/128
i L2 2001::4/128
i L2 2001::10/128
i L2 2001:192:102::/64
i L2 2001:192:104::/64
Also , we can see that R2 does not have any route installed , so we will do the same as
we did with IPv4 , we will leak all routes to be installed on R2 IPv6 routing table
XR2
prefix-set MSSK6
0::0/0 le 128
route-policy PERMIT_ALL6
if destination in MSSK6 then pass endif
95
router isis 1
propagate level 2 into level 1 route-policy PERMIT_ALL6

IA 2001::1/128 [115/40]
IA 2001::4/128 [115/30]
IA 2001::10/128 [115/30]
IA 2001::20/128 [115/20]
IA 2001:192:21::/64 [115/20]
IA 2001:192:102::/64 [115/30]
IA 2001:192:104::/64 [115/30]
IA 2001:192:204::/64 [115/20]
Task 7
Write a TCL script to ensure full connectivity for all IPv6 loopback interfaces
R1#tclsh
R1(tcl)#foreach x {
+>(tcl)#2001::1
+>(tcl)#2001::2
+>(tcl)#2001::4
+>(tcl)#2001::10
+>(tcl)#2001::20
+>(tcl)#} { ping $x }
!!!!!
96
!!!!!
!!!!!
!!!!!
!!!!!
Task 8
The route is learned on XR2 IPv6 routing table via two paths as can be seen
from the output below
RP/0/0/CPU0:XR2#sh route ipv6 2001:192:104::/64

Tue Jun 3 14:01:15.776 UTC

Tue Jun 3 14:46:44.949 UTC
i L2 2001::1/128
i L1 2001::2/128
i L2 2001::4/128
i L2 2001::10/128
i L2 2001:192:102::/64
i L2 2001:192:104::/64
Routing entry for 2001:192:104::/64

Known via "isis 1", distance 115, metric 20, type level-2
Installed Jun 3 13:28:04.372 for 00:33:11
fe80::c802:9bff:fe78:39, from 2001::4, via GigabitEthernet0/0/0/1
Route metric is 20
fe80::a00:27ff:fe1f:7011, from 2001::10, via GigabitEthernet0/0/0/2
Route metric is 20
97
Do the necessary to make the route installed via R4
XR1
router isis 1
metric 15
XR2
router isis 1
metric 15

Tue Jun 3 14:58:04.392 UTC
i L2 2001::1/128
i L1 2001::2/128
i L2 2001::4/128
i L2 2001::10/128
i L2 2001:192:102::/64
i L2 2001:192:104::/64
Tue Jun 3 14:58:06.212 UTC

fe80::c802:9bff:fe78:39, from 2001::4, via GigabitEthernet0/0/0/1
Route metric is 20
Let us shutdown the GigabitEthernet0/0/0/1 interface
XR2
98
shutdown
Tue Jun 3 14:58:31.151 UTC
i L2 2001::1/128
i L1 2001::2/128
i L2 2001::4/128
i L2 2001::10/128
i L2 2001:192:102::/64
i L2 2001:192:104::/64
i L2 2001:192:204::/64

Tue Jun 3 14:58:48.309 UTC

fe80::a00:27ff:fe1f:7011, from 2001::10, via GigabitEthernet0/0/0/2
Route metric is 25
99
BGP
Network Diagram
AS #3 R1 192.168.12.0/24
R2 AS #4
192.168.202.0/24
192.168.101.0/24
XR1 XR2
192.168.21.0/24
EIGRP MSSK
AS #1
100
R1
interface Loopback1
ip address 192.168.3.1 255.255.255.0
interface Loopback2
ip address 192.168.33.1 255.255.255.0
interface Loopback3
ip address 192.168.133.1 255.255.255.0
ip address 192.168.101.1 255.255.255.0
speed auto
duplex auto
no shut
ip address 192.168.12.1 255.255.255.0
speed 100
duplex full
no shut
R2
interface Loopback1
ip address 192.168.4.1 255.255.255.0
interface Loopback2
ip address 192.168.44.1 255.255.255.0
interface Loopback3
ip address 192.168.144.1 255.255.255.0
ip address 192.168.202.2 255.255.255.0
speed auto
duplex auto
no shut
ip address 192.168.12.2 255.255.255.0
speed 100
duplex full
101
no shut
XR1
interface Loopback0
ipv4 address 10.10.10.10 255.255.255.255
cdp
ipv4 address 192.168.101.10 255.255.255.0
duplex full
cdp
ipv4 address 192.168.21.10 255.255.255.0
XR2
interface Loopback0
ipv4 address 20.20.20.20 255.255.255.255
cdp
ipv4 address 192.168.202.20 255.255.255.0
cdp
ipv4 address 192.168.21.20 255.255.255.0
102
Tasks
Task 1
Configure EIGRP on both XR1 and XR2 and advertise their loopback 0
interfaces in EIGRP and make sure updates are exchanged only on the physical
interfaces
XR1
router eigrp MSSK
address-family ipv4
autonomous-system 1
interface Loopback0
passive-interface
XR2
router eigrp MSSK
address-family ipv4
autonomous-system 1
interface Loopback0
passive-interface
Task 2
Configure BGP according to the diagram shown above and advertise loopback
1, 2, 3 interfaces in BGP
Task 3
Advertise the transit link between R1 and R2 in BGP on both routers
Advertise the transit link between R1 and R3 in BGP on R1
Advertise the transit link between R2 and R4 in BGP on R2
Advertise the transit link between R3 and R4 in BGP on both routers
R1
router bgp 3
no bgp default ipv4-unicast
neighbor 192.168.12.2 remote-as 4
address-family ipv4
network 192.168.3.0
network 192.168.12.0
network 192.168.33.0
103
network 192.168.133.0
neighbor 192.168.12.2 activate
exit-address-family
R2
router bgp 4
address-family ipv4
network 192.168.4.0
network 192.168.12.0
network 192.168.44.0
network 192.168.144.0
exit-address-family
XR1
router bgp 1
network 192.168.1.0/24
network 192.168.11.0/24
network 192.168.21.0/24
network 192.168.101.0/24
network 192.168.111.0/24
neighbor 20.20.20.20
remote-as 1
update-source Loopback0
neighbor 192.168.101.1
remote-as 3
XR2
router bgp 1
network 192.168.2.0/24
network 192.168.21.0/24
network 192.168.22.0/24
network 192.168.202.0/24
network 192.168.222.0/24
104
remote-as 1
update-source Loopback0
neighbor 192.168.202.2
remote-as 4
If we checked our BGP neighbor and route tables
R1#sh ip bgp summary

BGP router identifier 192.168.133.1, local AS number 3
BGP table version is 8, main routing table version 8
7 network entries using 1008 bytes of memory
8 path entries using 640 bytes of memory
2/2 BGP path/bestpath attribute entries using 272 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1944 total bytes of memory
BGP activity 7/0 prefixes, 8/0 paths, scan interval 60 secs
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down

State/PfxRcd
192.168.12.2 4 4 73 72 8 0 0 01:03:23 4
192.168.101.10 4 1 64 74 8 0 0 01:01:33 0
R1#sh ip bgp
BGP table version is 8, local router ID is 192.168.133.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path

*> 192.168.3.0 0.0.0.0 0 32768 i
*> 192.168.4.0 192.168.12.2 0 04i
* 192.168.12.0 192.168.12.2 0 04i
*> 0.0.0.0 0 32768 i
*> 192.168.33.0 0.0.0.0 0 32768 i
*> 192.168.44.0 192.168.12.2 0 04i
*> 192.168.133.0 0.0.0.0 0 32768 i
*> 192.168.144.0 192.168.12.2 0 04i
105

State/PfxRcd
192.168.12.1 4 3 73 73 8 0 0 01:03:35 4
192.168.202.20 4 1 61 69 8 0 0 00:59:11 0
R2#sh ip bgp

*> 192.168.3.0 192.168.12.1 0 03i
*> 192.168.4.0 0.0.0.0 0 32768 i
* 192.168.12.0 192.168.12.1 0 03i
*> 0.0.0.0 0 32768 i
*> 192.168.33.0 192.168.12.1 0 03i
*> 192.168.44.0 0.0.0.0 0 32768 i
*> 192.168.133.0 192.168.12.1 0 03i
*> 192.168.144.0 0.0.0.0 0 32768 i
RP/0/0/CPU0:XR1#sh bgp ipv4 unicast summary

Wed Jun 4 11:46:20.122 UTC
BGP generic scan interval 60 secs
BGP table state: Active
Table ID: 0xe0000000 RD version: 5
BGP main routing table version 5
BGP scan interval 60 secs
BGP is operating in STANDALONE mode.
Process RcvTblVer bRIB/RIB LabelVer ImportVer SendTblVer StandbyVer

Speaker 5 5 5 5 5 5
106
Some configured eBGP neighbors (under default or non-default vrfs)
do not have both inbound and outbound policies configured for IPv4 Unicast
address family. These neighbors will default to sending and/or
receiving no routes and are marked with '!' in the output below.
Use the 'show bgp neighbor <nbr_address>' command for details.
Neighbor Spk AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down St/PfxRcd

20.20.20.20 0 1 63 63 5 0 0 00:59:35 2
192.168.101.1 0 3 74 65 5 0 0 01:02:16 0!
RP/0/0/CPU0:XR1#sh bgp ipv4 unicast

Wed Jun 4 11:46:23.322 UTC
Status codes: s suppressed, d damped, h history, * valid, > best

i - internal, r RIB-failure, S stale, N Nexthop-discard
*> 192.168.21.0/24 0.0.0.0 0 32768 i
*i 20.20.20.20 0 100 0i
*> 192.168.101.0/24 0.0.0.0 0 32768 i
*>i192.168.202.0/24 20.20.20.20 0 100 0i
Processed 3 prefixes, 4 paths

Wed Jun 4 11:46:20.122 UTC

Speaker 5 5 5 5 5 5

107

20.20.20.20 0 1 63 63 5 0 0 00:59:35 2
192.168.101.1 0 3 74 65 5 0 0 01:02:16 0!

Wed Jun 4 11:46:23.322 UTC

*> 192.168.21.0/24 0.0.0.0 0 32768 i
*i 20.20.20.20 0 100 0i
*> 192.168.101.0/24 0.0.0.0 0 32768 i
*>i192.168.202.0/24 20.20.20.20 0 100 0i

RP/0/0/CPU0:XR1#sh bgp neighbor 192.168.101.1
Wed Jun 4 11:46:52.490 UTC
As we can see, R1 and R2 do not receive any routes from XR1 and XR2 respectively and
we can see from the show bgp ipv4 unicast summary output on XR1 the! Mark and it
asks us to check the show bgp neighbor <> command for more details, let us do that
BGP neighbor is 192.168.101.1

Remote AS 3, local AS 1, external link
Remote router ID 192.168.133.1
BGP state = Established, up for 01:02:48
Last read 00:00:27, Last read before reset 00:00:00
Hold time is 180, keepalive interval is 60 seconds
Configured hold time: 180, keepalive: 60, min acceptable hold time: 3
Last write 00:00:47, attempted 19, written 19
Second last write 00:01:47, attempted 19, written 19
Last write before reset 00:00:00, attempted 0, written 0
Second last write before reset 00:00:00, attempted 0, written 0
Last write pulse rcvd Jun 4 11:46:25.191 last full not set pulse count 139
Last write pulse rcvd before reset 00:00:00
108
Socket not armed for io, armed for read, armed for write
Last write thread event before reset 00:00:00, second last 00:00:00
Last KA expiry before reset 00:00:00, second last 00:00:00
Last KA error before reset 00:00:00, KA not sent 00:00:00
Last KA start before reset 00:00:00, second last 00:00:00
Precedence: internet
Enforcing first AS is enabled
Multi-protocol capability received
Neighbor capabilities:
Route refresh: advertised (old + new) and received (old + new)
4-byte AS: advertised and received
Address family IPv4 Unicast: advertised and received
Received 75 messages, 0 notifications, 0 in queue
Sent 65 messages, 0 notifications, 0 in queue
Minimum time between advertisement runs is 30 secs
For Address Family: IPv4 Unicast

BGP neighbor version 5
Update group: 0.3 Filter-group: 0.1 No Refresh request being processed
eBGP neighbor with no inbound or outbound policy; defaults to 'drop'
Route refresh request: received 0, sent 0
0 accepted prefixes, 0 are bestpaths
Cumulative no. of prefixes denied: 7.
No policy: 7, Failed RT match: 0
By ORF policy: 0, By policy: 0
Prefix advertised 0, suppressed 0, withdrawn 0
Maximum prefixes allowed 1048576
Threshold for warning message 75%, restart interval 0 min
An EoR was received during read-only mode
Last ack version 5, Last synced ack version 0
Outstanding version objects: current 0, max 0
Additional-paths operation: None
Connections established 1; dropped 0

Local host: 192.168.101.10, Local port: 37941, IF Handle: 0x00000200
Foreign host: 192.168.101.1, Foreign port: 179
Last reset 00:00:00
As we can see from the red lighted line from the output above that the default policy
when dealing with eBGP relations on IOS XR is to drop, so we have to define a policy
that will allow us to receive as well as advertise routes
XR1
route-policy PASS
pass
end-policy
109
router bgp 1
neighbor 192.168.101.1
route-policy PASS in
route-policy PASS out
XR2
route-policy PASS
pass
end-policy
router bgp 1
neighbor 192.168.202.2
Let us check now


State/PfxRcd
192.168.12.2 4 4 82 80 11 0 0 01:10:01 7
192.168.101.10 4 1 74 85 11 0 0 01:08:11 6
R1#sh ip bgp

*> 192.168.3.0 0.0.0.0 0 32768 i
* 192.168.4.0 192.168.101.10 014i
110
*> 192.168.12.2 0 04i
* 192.168.12.0 192.168.12.2 0 04i
*> 0.0.0.0 0 32768 i
* 192.168.21.0 192.168.12.2 041i
*> 192.168.101.10 0 01i
*> 192.168.33.0 0.0.0.0 0 32768 i
* 192.168.44.0 192.168.101.10 014i
*> 192.168.12.2 0 04i
r 192.168.101.0 192.168.12.2 041i
r> 192.168.101.10 0 01i
*> 192.168.133.0 0.0.0.0 0 32768 i
* 192.168.144.0 192.168.101.10 014i
*> 192.168.12.2 0 04i
* 192.168.202.0 192.168.12.2 041i
*> 192.168.101.10 01i


State/PfxRcd
192.168.12.1 4 3 81 82 14 0 0 01:10:10 7
192.168.202.20 4 1 72 81 14 0 0 01:05:47 6
R2#sh ip bgp

* 192.168.3.0 192.168.202.20 013i
*> 192.168.12.1 0 03i
*> 192.168.4.0 0.0.0.0 0 32768 i
* 192.168.12.0 192.168.12.1 0 03i
111
*> 0.0.0.0 0 32768 i
*> 192.168.21.0 192.168.202.20 0 01i
* 192.168.12.1 031i
* 192.168.33.0 192.168.202.20 013i
*> 192.168.12.1 0 03i
*> 192.168.44.0 0.0.0.0 0 32768 i
*> 192.168.101.0 192.168.202.20 01i
* 192.168.12.1 031i
* 192.168.133.0 192.168.202.20 013i
*> 192.168.12.1 0 03i
*> 192.168.144.0 0.0.0.0 0 32768 i
r> 192.168.202.0 192.168.202.20 0 01i
r 192.168.12.1 031i

Wed Jun 4 11:52:38.696 UTC

Speaker 12 12 12 12 12 12

20.20.20.20 0 1 70 70 12 0 0 01:05:53 6
192.168.101.1 0 3 85 74 12 0 0 01:08:34 4

Wed Jun 4 11:52:39.556 UTC

*> 192.168.3.0/24 192.168.101.1 0 03i
112
*>i192.168.4.0/24 192.168.202.2 0 100 04i
* i192.168.12.0/24 192.168.202.2 0 100 04i
*> 192.168.101.1 0 03i
*> 192.168.21.0/24 0.0.0.0 0 32768 i
*i 20.20.20.20 0 100 0i
*> 192.168.33.0/24 192.168.101.1 0 03i
*>i192.168.44.0/24 192.168.202.2 0 100 04i
*> 192.168.101.0/24 0.0.0.0 0 32768 i
*> 192.168.133.0/24 192.168.101.1 0 03i
*>i192.168.144.0/24 192.168.202.2 0 100 04i
*>i192.168.202.0/24 20.20.20.20 0 100 0i

Wed Jun 4 11:52:54.955 UTC

Speaker 13 13 13 13 13 13

10.10.10.10 0 1 70 71 13 0 0 01:06:08 6
192.168.202.2 0 4 82 72 13 0 0 01:06:15 7

Wed Jun 4 11:52:55.605 UTC

*>i192.168.3.0/24 192.168.101.1 0 100 03i
* 192.168.202.2 043i
113
*> 192.168.4.0/24 192.168.202.2 0 04i
* i192.168.12.0/24 192.168.101.1 0 100 03i
*> 192.168.202.2 0 04i
*> 192.168.21.0/24 0.0.0.0 0 32768 i
*i 10.10.10.10 0 100 0i
*>i192.168.33.0/24 192.168.101.1 0 100 03i
* 192.168.202.2 043i
*> 192.168.44.0/24 192.168.202.2 0 04i
*>i192.168.101.0/24 10.10.10.10 0 100 0i
*>i192.168.133.0/24 192.168.101.1 0 100 03i
* 192.168.202.2 043i
*> 192.168.144.0/24 192.168.202.2 0 04i
*> 192.168.202.0/24 0.0.0.0 0 32768 i
Task 4
Write a TCL script to make sure that connectivity is achieved
R1#tclsh
R1(tcl)#foreach x {
+>(tcl)#192.168.101.10
+>(tcl)#192.168.21.10
+>(tcl)#192.168.202.20
+>(tcl)#192.168.21.20
+>(tcl)#192.168.101.1
+>(tcl)#192.168.12.1
+>(tcl)#192.168.3.1
+>(tcl)#192.168.33.1
+>(tcl)#192.168.133.1
+>(tcl)#192.168.202.2
+>(tcl)#192.168.12.2
+>(tcl)#192.168.4.1
+>(tcl)#192.168.44.1
+>(tcl)#192.168.144.1
+>(tcl)#} { ping $x }
!!!!!
!!!!!
!!!!!
114
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
115
Note
As we can see, some routes are shown in XR1 bgp table with a next-hop of
192.168.20.2 which is R2 interface connected to XR2, if we were not to advertise the
transit link, we could not reach because this next-hop is not known for us
What we can do in this case is to implement next-hop-self; we will apply it on both XR1
and XR2
RP/0/0/CPU0:XR1#sh bgp ipv4 unicas

Wed Jun 4 16:42:41.764 UTC

*> 192.168.3.0/24 192.168.101.1 0 03i
*>i192.168.4.0/24 192.168.202.2 0 100 04i
* i192.168.12.0/24 192.168.202.2 0 100 04i
*> 192.168.101.1 0 03i
*> 192.168.21.0/24 0.0.0.0 0 32768 i
*i 20.20.20.20 0 100 0i
*> 192.168.33.0/24 192.168.101.1 0 03i
*>i192.168.44.0/24 192.168.202.2 0 100 04i
*> 192.168.101.0/24 0.0.0.0 0 32768 i
*> 192.168.133.0/24 192.168.101.1 0 03i
*>i192.168.144.0/24 192.168.202.2 0 100 04i
*>i192.168.202.0/24 20.20.20.20 0 100 0i

Wed Jun 4 16:43:00.043 UTC
116
*>i192.168.3.0/24 192.168.101.1 0 100 03i
* 192.168.202.2 043i
*> 192.168.4.0/24 192.168.202.2 0 04i
* i192.168.12.0/24 192.168.101.1 0 100 03i
*> 192.168.202.2 0 04i
*> 192.168.21.0/24 0.0.0.0 0 32768 i
*i 10.10.10.10 0 100 0i
*>i192.168.33.0/24 192.168.101.1 0 100 03i
* 192.168.202.2 043i
*> 192.168.44.0/24 192.168.202.2 0 04i
*>i192.168.101.0/24 10.10.10.10 0 100 0i
*>i192.168.133.0/24 192.168.101.1 0 100 03i
* 192.168.202.2 043i
*> 192.168.144.0/24 192.168.202.2 0 04i
*> 192.168.202.0/24 0.0.0.0 0 32768 i
XR1
router bgp 1
next-hop-self
XR2
router bgp 1
next-hop-self

Wed Jun 4 16:44:11.237 UTC

*> 192.168.3.0/24 192.168.101.1 0 03i
117
*>i192.168.4.0/24 20.20.20.20 0 100 04i
* i192.168.12.0/24 20.20.20.20 0 100 04i
*> 192.168.101.1 0 03i
*> 192.168.21.0/24 0.0.0.0 0 32768 i
*i 20.20.20.20 0 100 0i
*> 192.168.33.0/24 192.168.101.1 0 03i
*>i192.168.44.0/24 20.20.20.20 0 100 04i
*> 192.168.101.0/24 0.0.0.0 0 32768 i
*> 192.168.133.0/24 192.168.101.1 0 03i
*>i192.168.144.0/24 20.20.20.20 0 100 04i
*>i192.168.202.0/24 20.20.20.20 0 100 0i

Wed Jun 4 16:44:25.147 UTC

*>i192.168.3.0/24 10.10.10.10 0 100 03i
* 192.168.202.2 043i
*> 192.168.4.0/24 192.168.202.2 0 04i
* i192.168.12.0/24 10.10.10.10 0 100 03i
*> 192.168.202.2 0 04i
*> 192.168.21.0/24 0.0.0.0 0 32768 i
*i 10.10.10.10 0 100 0i
*>i192.168.33.0/24 10.10.10.10 0 100 03i
* 192.168.202.2 043i
*> 192.168.44.0/24 192.168.202.2 0 04i
*>i192.168.101.0/24 10.10.10.10 0 100 0i
*>i192.168.133.0/24 10.10.10.10 0 100 03i
* 192.168.202.2 043i
*> 192.168.144.0/24 192.168.202.2 0 04i
*> 192.168.202.0/24 0.0.0.0 0 32768 i
118
Task 5
R2 advertises three networks into BGP, traceroute to R2 192.168.4.0 network
should match the below output (the configuration should be done on XR1
using local preference)
RP/0/0/CPU0:XR2#traceroute 192.168.4.1
Wed Jun 4 16:47:27.194 UTC

Tracing the route to 192.168.4.1
1 192.168.21.10 0 msec 0 msec 0 msec

2 192.168.101.1 19 msec 19 msec 9 msec
3 192.168.12.2 49 msec 19 msec 19 msec
XR1
prefix-set R2Lo1
192.168.4.0/24
end-set
route-policy LP
if destination in R2Lo1 then
set local-preference 200
else
pass
endif
end-policy
router bgp 1
neighbor 192.168.101.1
route-policy LP in
RP/0/0/CPU0:XR2#traceroute 192.168.4.1
Wed Jun 4 16:47:27.194 UTC

1 192.168.21.10 0 msec 0 msec 0 msec

2 192.168.101.1 19 msec 19 msec 9 msec
3 192.168.12.2 49 msec 19 msec 19 msec

Wed Jun 4 16:47:52.762 UTC
119

*> 192.168.3.0/24 192.168.101.1 0 03i
*> 192.168.4.0/24 192.168.101.1 200 034i
* i192.168.12.0/24 20.20.20.20 0 100 04i
*> 192.168.101.1 0 03i
*> 192.168.21.0/24 0.0.0.0 0 32768 i
*i 20.20.20.20 0 100 0i
*> 192.168.33.0/24 192.168.101.1 0 03i
*>i192.168.44.0/24 20.20.20.20 0 100 04i
* 192.168.101.1 034i
*> 192.168.101.0/24 0.0.0.0 0 32768 i
*> 192.168.133.0/24 192.168.101.1 0 03i
*>i192.168.144.0/24 20.20.20.20 0 100 04i
* 192.168.101.1 034i
*>i192.168.202.0/24 20.20.20.20 0 100 0i

Wed Jun 4 16:48:07.052 UTC

*>i192.168.3.0/24 10.10.10.10 0 100 03i
* 192.168.202.2 043i
*>i192.168.4.0/24 10.10.10.10 200 034i
* 192.168.202.2 0 04i
* i192.168.12.0/24 10.10.10.10 0 100 03i
*> 192.168.202.2 0 04i
120
*> 192.168.21.0/24 0.0.0.0 0 32768 i
*i 10.10.10.10 0 100 0i
*>i192.168.33.0/24 10.10.10.10 0 100 03i
* 192.168.202.2 043i
*> 192.168.44.0/24 192.168.202.2 0 04i
*>i192.168.101.0/24 10.10.10.10 0 100 0i
*>i192.168.133.0/24 10.10.10.10 0 100 03i
* 192.168.202.2 043i
*> 192.168.144.0/24 192.168.202.2 0 04i
*> 192.168.202.0/24 0.0.0.0 0 32768 i
RP/0/0/CPU0:XR2#sh bgp ipv4 unicast 192.168.4.0/24

Wed Jun 4 16:48:22.891 UTC
BGP routing table entry for 192.168.4.0/24
Versions:
Process bRIB/RIB SendTblVer
Speaker 17 17
Last Modified: Jun 4 16:47:18.832 for 00:01:04
Paths: (2 available, best #1)
Advertised to peers (in unique update groups):
192.168.202.2
Path #1: Received by speaker 0
192.168.202.2
34
10.10.10.10 (metric 10752) from 10.10.10.10 (10.10.10.10)
Origin IGP, localpref 200, valid, internal, best, group-best, import-candidate, import
suspect
Received Path ID 0, Local Path ID 1, version 17
Not advertised to any peer
4
192.168.202.2 from 192.168.202.2 (192.168.144.1)
Origin IGP, metric 0, localpref 100, valid, external, group-best, import suspect
Origin-AS validity: not-found
Task 6
Configure new three loopback interfaces on XR1 and advertise them into BGP
XR1
interface Loopback0
ipv4 address 10.10.10.10 255.255.255.255
interface Loopback1
121
ipv4 address 192.168.1.1 255.255.255.0
interface Loopback2
ipv4 address 192.168.11.1 255.255.255.0
interface Loopback3
ipv4 address 192.168.111.1 255.255.255.0
router bgp 1
network 192.168.1.0/24
network 192.168.11.0/24
network 192.168.111.0/24
RP/0/0/CPU0:XR1#sh bgp ipv4 unicast regexp ^$

Wed Jun 4 17:13:06.629 UTC

*> 192.168.1.0/24 0.0.0.0 0 32768 i
*> 192.168.11.0/24 0.0.0.0 0 32768 i
*> 192.168.21.0/24 0.0.0.0 0 32768 i
*i 20.20.20.20 0 100 0i
*> 192.168.101.0/24 0.0.0.0 0 32768 i
*> 192.168.111.0/24 0.0.0.0 0 32768 i
*>i192.168.202.0/24 20.20.20.20 0 100 0i
Task 7
XR1 advertises three networks into BGP, traceroute to XR1 192.168.1.0
network should match the output below (The configuration should be done on
XR1 using AS-path)
R1#traceroute 192.168.11.1 numeric

VRF info: (vrf in name/id, vrf out name/id)
1 192.168.12.2 40 msec 28 msec 24 msec
122
2 192.168.202.20 [AS 1] 40 msec 44 msec 36 msec
3 192.168.21.10 [AS 1] 36 msec * 24 msec
XR1
prefix-set XR1Lo1
192.168.11.0/24
end-set
route-policy PREPEND
if destination in XR1Lo1 then
prepend as-path 1 2
endif
pass
end-policy
router bgp 1
neighbor 192.168.101.1
route-policy PREPEND out
R1#sh ip bgp

* 192.168.1.0 192.168.12.2 041i
*> 192.168.101.10 0 01i
*> 192.168.3.0 0.0.0.0 0 32768 i
*> 192.168.4.0 192.168.12.2 0 04i
*> 192.168.11.0 192.168.12.2 041i
* 192.168.101.10 0 0111i
* 192.168.12.0 192.168.12.2 0 04i
*> 0.0.0.0 0 32768 i
* 192.168.21.0 192.168.12.2 041i
*> 192.168.101.10 0 01i
*> 192.168.33.0 0.0.0.0 0 32768 i
* 192.168.44.0 192.168.101.10 014i
*> 192.168.12.2 0 04i
r 192.168.101.0 192.168.12.2 041i
r> 192.168.101.10 0 01i
* 192.168.111.0 192.168.12.2 041i
*> 192.168.101.10 0 01i
123
*> 192.168.133.0 0.0.0.0 0 32768 i
* 192.168.144.0 192.168.101.10 014i
*> 192.168.12.2 0 04i
* 192.168.202.0 192.168.12.2 041i
*> 192.168.101.10 01i
Task 8
Configure new three loopback interfaces on XR2 and advertise them into BGP
XR2
interface Loopback0
ipv4 address 20.20.20.20 255.255.255.255
interface Loopback1
ipv4 address 192.168.2.1 255.255.255.0
interface Loopback2
ipv4 address 192.168.22.1 255.255.255.0
interface Loopback3
ipv4 address 192.168.222.1 255.255.255.0
router bgp 1
network 192.168.2.0/24
network 192.168.22.0/24
network 192.168.222.0/24
RP/0/0/CPU0:XR2#sh bgp ipv4 unicast regexp ^$

Wed Jun 4 17:23:15.617 UTC

*>i192.168.1.0/24 10.10.10.10 0 100 0i
*>i192.168.11.0/24 10.10.10.10 0 100 0i
*> 192.168.21.0/24 0.0.0.0 0 32768 i
*i 10.10.10.10 0 100 0i
*>i192.168.101.0/24 10.10.10.10 0 100 0i
*>i192.168.111.0/24 10.10.10.10 0 100 0i
124
*> 192.168.202.0/24 0.0.0.0 0 32768 i
Task 9
Change the origin for the 192.168.22.0 prefix to incomplete (configuration
should be done on XR2)
R2#sh ip bgp
*> 192.168.22.0 192.168.24.2 0 0 100 ?
R2#sh ip bgp
Output Omitted
* 192.168.22.0 192.168.12.1 031i

*> 192.168.202.20 0 01i
XR2
prefix-set XR2Lo2
192.168.22.0/24
end-set
route-policy ORIGIN
set origin incomplete
else
pass
endif
router bgp 1
neighbor 192.168.202.2
route-policy ORIGIN out
R2#sh ip bgp
Output Omitted
* 192.168.22.0 192.168.12.1 031i

*> 192.168.202.20 0 01?
Task 10
Match the output below (configuration done on XR2)
R2#sh ip bgp
* 192.168.222.0 192.168.34.3 0 300 100 i
125
*> 192.168.24.2 222 0 100 i
R2#sh ip bgp
* 192.168.222.0 192.168.12.1 031i
*> 192.168.202.20 0 01i
XR2
prefix-set XR2Lo3
192.168.222.0/24
end-set
route-policy ORIGIN
set origin incomplete
endif
set med 222
else
pass
endif
end-policy
R2#sh ip bgp
* 192.168.222.0 192.168.12.1 031i
*> 192.168.202.20 222 01i
Task 11
Filter the prefix 192.168.144.0/24 from routes advertised from XR2 to XR1
using prefix-lists (Match the output below)
RP/0/0/CPU0:XR2#sh bgp ipv4 unicast neighbors 10.10.10.10 advertised-

routes
Thu Jun 5 10:04:20.883 UTC
Network Next Hop From AS Path
192.168.2.0/24 20.20.20.20 Local i
192.168.12.0/24 20.20.20.20 192.168.202.2 4i
192.168.21.0/24 20.20.20.20 Local i
192.168.22.0/24 20.20.20.20 Local i
192.168.44.0/24 20.20.20.20 192.168.202.2 4i
192.168.202.0/24 20.20.20.20 Local i
192.168.222.0/24 20.20.20.20 Local i
Let us check what XR2 is advertising to XR1
126
RP/0/0/CPU0:XR2#sh bgp ipv4 unicast neighbors 10.10.10.10 advertised-routes
Wed Jun 4 17:36:58.381 UTC
192.168.2.0/24 20.20.20.20 Local i
192.168.12.0/24 20.20.20.20 192.168.202.2 4i
192.168.21.0/24 20.20.20.20 Local i
192.168.22.0/24 20.20.20.20 Local i
192.168.44.0/24 20.20.20.20 192.168.202.2 4i
192.168.144.0/24 20.20.20.20 192.168.202.2 4i
192.168.202.0/24 20.20.20.20 Local i
192.168.222.0/24 20.20.20.20 Local i
XR2
prefix-set R2Lo3
192.168.144.0/24
end-set
route-policy NOADV
if destination in R2Lo3 then
drop
else
pass
endif
end-policy
router bgp 1
route-policy NOADV out
RP/0/0/CPU0:XR2#sh bgp ipv4 unicast neighbors 10.10.10.10 advertised-routes

Thu Jun 5 10:04:20.883 UTC
192.168.2.0/24 20.20.20.20 Local i
192.168.12.0/24 20.20.20.20 192.168.202.2 4i
192.168.21.0/24 20.20.20.20 Local i
192.168.22.0/24 20.20.20.20 Local i
192.168.44.0/24 20.20.20.20 192.168.202.2 4i
192.168.202.0/24 20.20.20.20 Local i
192.168.222.0/24 20.20.20.20 Local i
127
Task 12
Enable authentication for the BGP relation between XR1 and R1
R1
router bgp 3
neighbor 192.168.101.10 password cisco
*Jun 5 11:03:09.777: %TCP-6-BADAUTH: No MD5 digest from

192.168.101.10(64288) to 192.168.101.1(179) tableid - 0
R1#
*Jun 5 11:03:13.797: %TCP-6-BADAUTH: No MD5 digest from
192.168.101.10(64288) to 192.168.101.1(179) tableid 0
XR1
router bgp 1
neighbor 192.168.101.1
password cisco
R1#
*Jun 5 11:03:21.909: %BGP-5-ADJCHANGE: neighbor 192.168.101.10 Up
Task 13
Attach the community 111:1 to the prefix 192.168.111.0/24 (configuration
should be done on XR1)
XR1
prefix-set XR1Lo2
192.168.111.0/24
end-set
community-set COMM_SET
111:1
end-set
route-policy COMM
set community COMM_SET
else
pass
endif
end-policy
router bgp 1
128
route-policy COMM out
RP/0/0/CPU0:XR2#sh bgp ipv4 unicast 192.168.111.0/24

Thu Jun 5 13:05:35.468 UTC
BGP routing table entry for 192.168.111.0/24
Versions:
Process bRIB/RIB SendTblVer
Speaker 32 32
Last Modified: Jun 5 13:05:21.832 for 00:00:13
Paths: (1 available, best #1)
192.168.202.2
192.168.202.2
Local
10.10.10.10 (metric 10752) from 10.10.10.10 (10.10.10.10)
Origin IGP, metric 0, localpref 100, valid, internal, best, group-best, import-
candidate
Community: 111:1
129
Redistribution
Network Diagram
R4 192.168.104.0/24 XR1
19
2 .1
68
. 10
1.0
/ 24
192.168.24.0/24
192.168.21.0/24
R1
4
.0 /2
02
8.1
. 16
92 ISIS
R2 192.168.202.0/24 XR2 1
Level 2
OSPF
Area 0
R1
interface Loopback0
ip address 1.1.1.1 255.255.255.255
ip address 192.168.101.1 255.255.255.0
speed auto
duplex auto
no shutdown
ip address 192.168.102.1 255.255.255.0
130
speed auto
duplex auto
no shutdown
R2
interface Loopback0
ip address 2.2.2.2 255.255.255.255
ip address 192.168.202.2 255.255.255.0
speed auto
duplex auto
no shutdown
ip address 192.168.24.2 255.255.255.0
speed 100
duplex full
no shutdown
R4
interface Loopback0
ip address 4.4.4.4 255.255.255.255
ip address 192.168.24.4 255.255.255.0
speed 100
duplex full
no shutdown
ip address 192.168.104.4 255.255.255.0
speed auto
duplex auto
no shutdown
XR1
hostname XR1
cdp
interface Loopback0
ipv4 address 10.10.10.10 255.255.255.0
cdp
ipv4 address 192.168.101.10 255.255.255.0
duplex full
131
cdp
ipv4 address 192.168.104.10 255.255.255.0
cdp
ipv4 address 192.168.21.10 255.255.255.0
XR2
hostname XR2
cdp
interface Loopback0
ipv4 address 20.20.20.20 255.255.255.255
cdp
ipv4 address 192.168.202.20 255.255.255.0
cdp
ipv4 address 192.168.102.20 255.255.255.0
cdp
ipv4 address 192.168.21.20 255.255.255.0
132
Tasks
Task 1
Configure OSPF on all routers according to the above diagram
R2
router ospf 1
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
network 192.168.24.2 0.0.0.0 area 0
network 192.168.202.2 0.0.0.0 area 0
R4
router ospf 1
router-id 4.4.4.4
network 4.4.4.4 0.0.0.0 area 0
network 192.168.24.4 0.0.0.0 area 0
network 192.168.104.4 0.0.0.0 area 0
XR1
router ospf 1
router-id 10.10.10.10
area 0
XR2
router ospf 1
router-id 20.20.20.20
area 0

R2#sh ip route ospf
133

O 192.168.21.0/24 [110/2] via 192.168.202.20, 1d20h, FastEthernet1/0

R4#sh ip route ospf


Sat Jun 7 12:31:02.277 UTC

134
20.20.20.20 1 FULL/BDR 00:00:39 192.168.21.20

Sat Jun 7 12:31:05.287 UTC

Sat Jun 7 13:26:09.521 UTC


Sat Jun 7 13:26:12.490 UTC

Task 2
Configure ISIS level 2 area 49.0001 according to the above diagram (XR1 and
XR2 loopbacks should be advertised only in the ISIS process)
R1
router isis 1
net 49.0001.0000.0000.0001.00
135
interface Loopback0
ip router isis 1
ip router isis 1
ip router isis 1
XR1
router isis 1
net 49.0001.0000.0000.0010.00
interface Loopback0
XR2
router isis 1
net 49.0001.0000.0000.0020.00
interface Loopback0
R1#sh ip route isis


136
Sat Jun 7 12:33:31.557 UTC
IS-IS 1 neighbors:
R1 Gi0/0/0/0 ca00.ab48.001c Up 8 L2 Capable

Sat Jun 7 12:33:34.287 UTC

Sat Jun 7 13:28:31.651 UTC
IS-IS 1 neighbors:
R1 Gi0/0/0/1 ca00.ab48.001d Up 8 L2 Capable

Sat Jun 7 13:28:39.160 UTC

Task 3
Perform mutual redistribution between OSPF and ISIS on both XR1 ands XR2
XR1
router ospf 1
redistribute isis 1 level-2
router isis 1
redistribute ospf 1 level-2
XR2
router ospf 1
router isis 1
137
After we did the redistribution , let us check the routing tables
R2#sh ip route ospf


O E2 1.1.1.1 [110/20] via 192.168.202.20, 00:00:41, FastEthernet1/0
R4#sh ip route ospf


138
R1#sh ip route isis


RP/0/0/CPU0:XR1#sh route
Sat Jun 7 18:50:45.196 UTC
139
Codes: C - connected, S - static, R - RIP, B - BGP, (>) - Diversion path
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - ISIS, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, su - IS-IS summary null, * - candidate default
U - per-user static route, o - ODR, L - local, G - DAGR
A - access/subscriber, a - Application route, (!) - FRR Backup path

C 10.10.10.0/24 is directly connected, 2d03h, Loopback0
L 10.10.10.10/32 is directly connected, 2d03h, Loopback0
C 192.168.21.0/24 is directly connected, 2d03h, GigabitEthernet0/0/0/2
L 192.168.21.10/32 is directly connected, 2d03h, GigabitEthernet0/0/0/2
Sat Jun 7 19:39:22.667 UTC


140
L 20.20.20.20/32 is directly connected, 2d04h, Loopback0
Now , if we looked closely at the routing tables of both XR1 and XR2 especially on the
external routes
RP/0/0/CPU0:XR1#sh route ospf | inc E

Sat Jun 7 18:51:40.073 UTC
RP/0/0/CPU0:XR2#sh route ospf | inc E

Sat Jun 7 19:40:35.582 UTC
We can see that XR1 is learning XR2 loopback 0 interface from OSPF as well as the link
between R1 and XR2 and the same applies for XR2 which is learning the loopback 0
interface of XR1 from OSPF as well as the link between XR1 and R1
So , we have to define some filtering technique to avoid sub optimal routing
What we will do it to set the administrative distance of external OSPF route to a value
higher than 115 (which is the AD of ISIS routing protocol)
XR1
router ospf 1
distance ospf external 116
141
XR2
router ospf 1
Sun Jun 8 07:29:34.058 UTC

RP/0/0/CPU0:XR1#sh route 20.20.20.20/32

Sun Jun 8 07:31:34.779 UTC

Known via "ospf 1", distance 116, metric 20, type extern 2
Route metric is 20

Sun Jun 8 08:35:59.794 UTC

RP/0/0/CPU0:XR2#sh route 10.10.10.0/24

Sun Jun 8 08:38:44.293 UTC

Route metric is 30
Sun Jun 8 07:32:36.015 UTC
% foreach x {
1.1.1.1
142
2.2.2.2
4.4.4.4
20.20.20.20
} { ping $x }
!!!!!
!!!!!
!!!!!
!!!!!
143
Full Scale Lab
Network Diagram
R1 R2
2 4
. 0/
02 AS #2
192.168.104.0/24 8.1
. 16
192.168.202.0/24
2
19
XR1
192.168.14.0/24
19
2.1
68
. 21
. 0/
XR2
24
R4 AS #1
OSPF A0 AS #20
ISIS L2
R1
interface Loopback0
ip address 1.1.1.1 255.255.255.0
ip address 192.168.104.1 255.255.255.0
speed auto
144
duplex auto
ipv6 address 2001:192:104::1/64
no shutdown
ip address 192.168.14.1 255.255.255.0
speed 100
duplex full
ipv6 address 2001:192:14::1/64
no shutdown
R2
interface Loopback0
ip address 2.2.2.2 255.255.255.0
ip address 192.168.202.2 255.255.255.0
speed auto
duplex auto
ipv6 address 2001:192:202::2/64
no shutdown
ip address 192.168.102.2 255.255.255.0
speed auto
duplex auto
ipv6 address 2001:192:102::2/64
no shutdown
R4
interface Loopback0
ip address 4.4.4.4 255.255.255.0
ip address 192.168.104.4 255.255.255.0
speed auto
duplex auto
ipv6 address 2001:192:104::4/64
no shutdown
ip address 192.168.14.4 255.255.255.0
speed 100
duplex full
ipv6 address 2001:192:14::4/64
145
no shutdown
XR1
hostname XR1
cdp
interface Loopback0
ipv4 address 10.10.10.10 255.255.255.0
cdp
ipv4 address 192.168.104.10 255.255.255.0
ipv6 address 2001:192:104::10/64
duplex full
no shutdown
cdp
ipv4 address 192.168.102.10 255.255.255.0
ipv6 address 2001:192:102::10/64
no shutdown
cdp
ipv4 address 192.168.21.10 255.255.255.0
ipv6 address 2001:192:21::10/64
no shutdown
XR2
hostname XR2
cdp
interface Loopback0
ipv4 address 20.20.20.20 255.255.255.0
cdp
ipv4 address 192.168.202.20 255.255.255.0
ipv6 address 2001:192:202::20/64
no shutdown
cdp
ipv4 address 192.168.21.20 255.255.255.0
ipv6 address 2001:192:21::20/64
no shutdown
146
Tasks
Task 1
Configure OSPF on the segments between XR1 , R1 and R1 , R4 (no DR/BDR
election should take place)
R1
router ospf 1
router-id 1.1.1.1
network 1.1.1.1 0.0.0.0 area 0
network 192.168.14.1 0.0.0.0 area 0
network 192.168.104.1 0.0.0.0 area 0
int lo0
int f1/0
int f1/1
R4
router ospf 1
router-id 4.4.4.4
network 192.168.14.4 0.0.0.0 area 0
int f1/1
XR1
router ospf 1
router-id 10.10.10.10
area 0

4.4.4.4 0 FULL/ - 00:00:33 192.168.14.4 FastEthernet1/1
147
R1#sh ip route ospf
R1#sh ip ospf interface brief

Interface PID Area IP Address/Mask Cost State Nbrs F/C
Lo0 1 0 1.1.1.1/24 1 P2P 0/0
Fa1/1 1 0 192.168.14.1/24 1 P2P 1/1
Fa1/0 1 0 192.168.104.1/24 1 P2P 1/1

R4#sh ip route ospf


R4#ping 1.1.1.1
!!!!!
R4#sh ip ospf interface brief

Fa1/1 1 0 192.168.14.4/24 1 P2P 1/1
148
Wed Jun 11 10:48:04.828 UTC

1.1.1.1 1 FULL/ - 00:00:33 192.168.104.1 GigabitEthernet0/0/0/0

Wed Jun 11 10:48:07.918 UTC

RP/0/0/CPU0:XR1#ping 1.1.1.1
Wed Jun 11 10:48:12.208 UTC
!!!!!
RP/0/0/CPU0:XR1#sh ospf interface brief
Wed Jun 11 10:48:16.628 UTC
* Indicates MADJ interface, (P) Indicates fast detect hold down state
Interfaces for OSPF 1

Gi0/0/0/0 1 0 192.168.104.10/24 1 P2P 1/1
Task 2
Enable Clear text authentication for OSPF between R1 and R4 with a password
of cisco
R1
int Fas 1/1
R4
int Fas 1/1
149

Process ID 1, Router ID 1.1.1.1, Network Type POINT_TO_POINT, Cost: 1
0 1 no no Base
Transmit Delay is 1 sec, State POINT_TO_POINT
Next 0x0(0)/0x0(0)
Adjacent with neighbor 4.4.4.4

0 1 no no Base
Next 0x0(0)/0x0(0)
Task 3
150
Enable MD5 authentication for OSPF between XR1 and R1 with a password of
Cisco
R1
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 Cisco
R1#
XR1
router ospf 1
area 0
authentication message-digest
message-digest-key 1 md5 Cisco
R1#

0 1 no no Base
Next 0x0(0)/0x0(0)
151
Wed Jun 11 10:55:23.538 UTC

Transmit Delay is 1 sec, State POINT_TO_POINT, MTU 1500, MaxPktSz 1500
Next 0(0)/0(0)
Task 4
Change the hello-timer for the OSPF segment between R1 and R4 to 20
R1#sh ip ospf interface fastEthernet 1/1 | inc Hello


R1
ip ospf hello-interval 20
R1
*Jun 11 11:00:57.607: %OSPF-5-ADJCHG: Process 1, Nbr 4.4.4.4 on FastEthernet1/1
from FULL to DOWN, Neighbor Down: Dead timer expired
R4
R1
*Jun 11 11:01:20.875: %OSPF-5-ADJCHG: Process 1, Nbr 4.4.4.4 on FastEthernet1/1
from LOADING to FULL, Loading Done
152

Task 5
Change the hello-timer for the OSPF segment between R1 and XR1 to 15
R1
R1#debug ip ospf adj
R1#
*Jun 11 11:07:18.503: OSPF-1 ADJ Fa1/0: Send with youngest Key 1
R1#
R1#
*Jun 11 11:07:43.939: OSPF-1 ADJ Fa1/0: Nbr 10.10.10.10: Clean-up dbase
exchange
R1#
R1#
*Jun 11 11:07:53.679: OSPF-1 ADJ Fa1/0: 10.10.10.10 address 192.168.104.10 is
dead
*Jun 11 11:07:53.679: OSPF-1 ADJ Fa1/0: 10.10.10.10 address 192.168.104.10 is
dead, state DOWN
R1#
XR1
router ospf 1
area 0
hello-interval 15
*Jun 11 11:40:01.843: OSPF-1 ADJ Fa1/0: 2 Way Communication to 10.10.10.10,

state 2WAY
*Jun 11 11:40:01.847: OSPF-1 ADJ Fa1/0: Nbr 10.10.10.10: Prepare dbase exchange
*Jun 11 11:40:01.851: OSPF-1 ADJ Fa1/0: Send DBD to 10.10.10.10 seq 0x10E1 opt
0x52 flag 0x7 len 32
153
*Jun 11 11:40:01.871: OSPF-1 ADJ Fa1/0: Rcv DBD from 10.10.10.10 seq 0x72C0
opt 0x52 flag 0x7 len 32 mtu 1500 state EXSTART
*Jun 11 11:40:01.871: OSPF-1 ADJ Fa1/0: NBR Negotiation Done. We are the SLAVE
*Jun 11 11:40:01.871: OSPF-1 ADJ Fa1/0: Nbr 10.10.10.10: Summary list built, size
3
*Jun 11 11:40:01.875: OSPF-1 ADJ Fa1/0: Send DBD to 10.10.10.10 seq 0x72C0 opt
*Jun 11 11:40:01.891: OSPF-1 ADJ Fa1/0: Rcv DBD from 10.10.10.10 seq 0x72C1
opt 0x52 flag 0x1 len 92 mtu 1500 stat
R1#e EXCHANGE
*Jun 11 11:40:01.891: OSPF-1 ADJ Fa1/0: Exchange Done with 10.10.10.10
*Jun 11 11:40:01.899: OSPF-1 ADJ Fa1/0: Send LS REQ to 10.10.10.10 length 36
LSA count 1
*Jun 11 11:40:01.903: OSPF-1 ADJ Fa1/0: Send DBD to 10.10.10.10 seq 0x72C1 opt
*Jun 11 11:40:01.935: OSPF-1 ADJ Fa1/0: Rcv LS UPD from 10.10.10.10 length 64
LSA count 1
*Jun 11 11:40:01.939: OSPF-1 ADJ Fa1/0: Synchronized with 10.10.10.10, state
FULL
*Jun 11 11:40:01.959: OSPF-1 ADJ Fa1/0: Rcv LS REQ from 10.10.10.10 length 48
LSA count 2
*Jun 11 11:40:02.939: OSPF-1 ADJ Fa1/0: Send with you
R1#ngest Key 1
R1#
R1#
LSA count 1
R1#
LSA count 1
R1#
R1#
RP/0/0/CPU0:XR1#sh ospf interface gigabitEthernet 0/0/0/0 | inc Hello
154
Wed Jun 11 11:40:35.173 UTC
Task 6
Configure ISIS level-2 area 49.0001 on the segment between XR1 and R4
(XR1 and R4 loopback 0 interfaces should be advertised in ISIS process)
R4
router isis 1
net 49.0001.0000.0000.0004.00
interface Loopback0
ip router isis 1
ip router isis 1
XR1
router isis 1
net 49.0001.0000.0000.0010.00
interface Loopback0
Tag 1:
XR1 L2 Fa1/0 192.168.104.10 UP 23 R4.01

Tag 1:
XR1 Fa1/0 0800.2735.643d Up 25 L2 IS-IS
R4#sh ip route isis

155


!!!!!

Wed Jun 11 11:50:15.363 UTC
IS-IS 1 neighbors:
R4 Gi0/0/0/0 ca02.06f8.001c Up 8 L2 Capable

Wed Jun 11 11:50:17.743 UTC

RP/0/0/CPU0:XR1#ping 4.4.4.4 source lo0
Wed Jun 11 11:50:22.522 UTC
!!!!!
Task 7
Enable MD5 authentication for ISIS between R4 and XR1
R4
key chain ISIS_KEY
key 1
key-string cisco
int f1/0
isis authentication mode md5 level-2
isis authentication key-chain ISIS_KEY level-2
156
R4#
*Jun 11 12:21:56.559: %CLNS-4-AUTH_FAIL: ISIS: LAN IIH authentication failed
XR1
router isis 1
hello-password hmac-md5 cisco
Tag 1:
XR1 L2 Fa1/0 192.168.104.10 UP 27 R4.01
R4#sh ip route isis


Task 8
Perform mutual redistribution on the boundary routers between ISIS and
OSPF
R4
router ospf 1
redistribute isis 1 level-2 subnets
router isis 1
XR1
router ospf 1
area 0
router isis 1
157
R4#sh ip route

C 4.4.4.0/24 is directly connected, Loopback0
L 4.4.4.4/32 is directly connected, Loopback0
C 192.168.14.0/24 is directly connected, FastEthernet1/1
L 192.168.14.4/32 is directly connected, FastEthernet1/1
R1#sh ip route

158
Wed Jun 11 15:30:03.959 UTC


C 10.10.10.0/24 is directly connected, 22:24:47, Loopback0
L 10.10.10.10/32 is directly connected, 22:24:47, Loopback0
C 192.168.21.0/24 is directly connected, 22:24:47, GigabitEthernet0/0/0/2
L 192.168.21.10/32 is directly connected, 22:24:47, GigabitEthernet0/0/0/2
As can be noted from the red highlighted line above that R4 is receiving XR1 loopback 0
network via OSPF and before redistribution it learned it via ISIS
So , let us filter this network or prevent this behavior
R4#sh ip route ospf | inc E2

Let us start by the option of increasing the AD of external OSPF routes on R4
R4
159
router ospf 1


R4#sh ip route isis | inc 10.10.10.

Let us define an access-list that will prevent this prefix from being learned via OSPF
R4
router ospf 1
no distance ospf external 116

R4
access-list 10 deny 10.10.10.0 0.0.0.255
access-list 10 permit any
router ospf 1
distribute-list 10 in
R4#sh access-lists
Standard IP access list 10
10 deny 10.10.10.0, wildcard bits 0.0.0.255 (1 match)
20 permit any (3 matches)

R4#sh ip route isis | inc 10.10.10.

Task 9
Establish eBGP relations according to the above diagram
XR1
router bgp 1
160
neighbor 192.168.102.2
remote-as 2
neighbor 192.168.21.20
remote-as 20
XR2
router bgp 20
neighbor 192.168.21.10
remote-as 1
R2
router bgp 2


State/PfxRcd
192.168.102.10 4 1 4 6 1 0 0 00:02:16 0

Sun Jun 15 12:45:18.608 UTC

Speaker 2 2 2 2 2 2
161

192.168.21.20 0 20 4 4 2 0 0 00:01:47 0!
192.168.102.2 0 2 6 4 2 0 0 00:02:27 0!

Sun Jun 15 13:25:05.875 UTC

Speaker 2 2 2 2 2 2


192.168.21.10 0 1 44 44 2 0 0 00:41:34 0!
As can be noticed the ! mark in the IOS XR outputs , that means that we did not
configure a route policy that will allow advertising or receiving any routes
RP/0/0/CPU0:XR1#sh bgp ipv4 unicast neighbors 192.168.21.20 | include policy

Sun Jun 15 13:35:20.873 UTC
RP/0/0/CPU0:XR1#sh bgp ipv4 unicast neighbors 192.168.102.2 | include policy

Sun Jun 15 13:36:51.557 UTC
XR1
route-policy PASS
pass
162
router bgp 1
neighbor 192.168.102.2
neighbor 192.168.21.20
XR2
route-policy PASS
pass
router bgp 20
neighbor 192.168.21.10

Sun Jun 15 13:40:13.853 UTC
Sun Jun 15 13:40:21.742 UTC

Speaker 2 2 2 2 2 2

192.168.21.20 0 20 60 60 2 0 0 00:56:51 0
192.168.102.2 0 2 67 60 2 0 0 00:57:30 0
Task 10
Advertise the transit link between R2 and XR2 into BGP on both routers
R2
router bgp 2
163
network 192.168.202.0 mask 255.255.255.0
XR2
router bgp 20
network 192.168.202.0/24

Sun Jun 15 13:56:44.125 UTC

* 192.168.202.0/24 192.168.21.20 0 0 20 i
*> 192.168.102.2 0 02i
Task 11
Configure XR1 to prefer XR2 as the exit point
XR2
router bgp 1
neighbor 192.168.21.20
weight 1000

Sun Jun 15 14:04:49.422 UTC

164
*> 192.168.202.0/24 192.168.21.20 0 1000 20 i
* 192.168.102.2 0 02i
Task 13
Perform mutual redistribution between BGP and IGPs inside AS #1
XR1
router ospf 1
redistribute bgp 1
router isis 1
redistribute bgp 1 level-2
router bgp 1
redistribute ospf 1
redistribute isis 1 level 2
R1#sh ip route ospf


R4#sh ip route
165

R2#sh ip bgp

*> 1.1.1.0/24 192.168.102.10 2 01?
*> 4.4.4.0/24 192.168.102.10 20 01?
*> 192.168.14.0 192.168.102.10 2 01?
*> 192.168.202.0 0.0.0.0 0 32768 i

Mon Jun 16 10:56:59.665 UTC

166
*> 1.1.1.0/24 192.168.21.10 2 01?
*> 4.4.4.0/24 192.168.21.10 20 01?
*> 192.168.14.0/24 192.168.21.10 2 01?
*> 192.168.202.0/24 0.0.0.0 0 32768 i
* 192.168.21.10 012i

!!!!!
R4#ping 192.168.202.20 source lo0

!!!!!
167

Configure OSPF and verify connectivity on Cisco routers

Загружено:

Сведения о документе

Исходное описание:

Оригинальное название

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

Configure OSPF and verify connectivity on Cisco routers

Загружено:

Авторское право:

Доступные форматы

6/16/2014

The operating system used on most Cisco routers and switches is

The main aim of this course is to provide hands-on experience to the

The lab environment used consist of a powerful Desktop with Cisco

To download softwares mentioned above

R1#sh ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface

R1#sh ip route ospf

Gateway of last resort is not set

4.0.0.0/24 is subnetted, 1 subnets

OSPF Router with ID (1.1.1.1) (Process ID 1)

Router Link States (Area 0)

Link ID ADV Router Age Seq# Checksum Link count

Net Link States (Area 0)

Link ID ADV Router Age Seq# Checksum

Summary Net Link States (Area 0)

Link ID ADV Router Age Seq# Checksum

R2#sh ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface

R2#sh ip route ospf

Gateway of last resort is not set

1.0.0.0/24 is subnetted, 1 subnets

R2#sh ip ospf database

OSPF Router with ID (2.2.2.2) (Process ID 1)

Router Link States (Area 1)

Link ID ADV Router Age Seq# Checksum Link count

Net Link States (Area 1)

Link ID ADV Router Age Seq# Checksum

Summary Net Link States (Area 1)

Link ID ADV Router Age Seq# Checksum

R4#sh ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface

R4#sh ip route ospf

Gateway of last resort is not set

1.0.0.0/24 is subnetted, 1 subnets

R4#sh ip ospf database

OSPF Router with ID (4.4.4.4) (Process ID 1)

Router Link States (Area 0)

Link ID ADV Router Age Seq# Checksum Link count

Net Link States (Area 0)

Link ID ADV Router Age Seq# Checksum

Summary Net Link States (Area 0)

Link ID ADV Router Age Seq# Checksum

* Indicates MADJ interface

Neighbors for OSPF 1

Neighbor ID Pri State Dead Time Address Interface

RP/0/0/CPU0:XR1#sh route ospf

O 1.1.1.0/24 [110/2] via 192.168.102.1, 20:05:16, GigabitEthernet0/0/0/0

RP/0/0/CPU0:XR1#sh ospf database

OSPF Router with ID (10.10.10.10) (Process ID 1)

Router Link States (Area 0)

Link ID ADV Router Age Seq# Checksum Link count

Net Link States (Area 0)

Link ID ADV Router Age Seq# Checksum

Link ID ADV Router Age Seq# Checksum

RP/0/0/CPU0:XR2#sh route ospf

O 1.1.1.0/24 [110/3] via 192.168.21.10, 20:04:06, GigabitEthernet0/0/0/2

RP/0/0/CPU0:XR2#sh ospf database

OSPF Router with ID (20.20.20.20) (Process ID 1)

Router Link States (Area 0)

Link ID ADV Router Age Seq# Checksum Link count

Net Link States (Area 0)