14.1.2 Lab – Troubleshooting BGP (Answers)

14.1.2 Lab – Troubleshooting BGP (Answers)

Instructor Note: Red font color or gray highlights indicate text that appears in the instructor copy only.

Topology

Note: The advertised prefixes in AS 65100, 65200 and in the “the cloud” are associated with the interface addresses shown (.1 and ::1) for verification purpose. These prefixes are advertised by D1 and D2 to their respective BGP peers.

Note: AS 65100 advertises a shorter AS path to 2001::db8:cafe::/48.

Addressing Table

Note: To make it easier to recognize IPv6 prefixes, familiarize yourself with the IPv6 GUA and LLA address formats.

• GUA: The GUA has a 16-bit subnet-ID, a<area-id><router><network> (“a” for area). For example, subnet-ID a021 is area 0, router 2, network 1.
• LLA: Following best practice the LLA is unique on each interface. The LLA interface-ID uses the GUA subnet-ID:interface-ID for the last 64 bits. For example, fe80::a201:1 has a LLA interface-ID a201 (the subnet-ID of the GUA) and :1 (the interface ID of the GUA).

Objectives

Troubleshoot network issues related to the configuration and operation of MP-BGP with address families.

Background / Scenario

Lombardia Cocoa Company (AS 65000) peers with two ISPs (AS 65100 and AS 65200) and receives the following prefixes from each:

• From ISP1 Hopper Cable ISP (AS 65100):
– 10.1.1.0/24, 10.1.10.0/24, 10.1.20.0/24, 10.1.30.0/24
– 2001:db8:cab:f002::/64, 2001:db8:cab1::/48, 2001:db8:cab2::/48, 2001:db8:cab3::/48, 2001:db8:cafe::/48 (shorter AS path)

• From ISP2 Bob’s ISP (AS 65200):
– 10.2.1.0/24, 10.2.10.0/24, 10.2.20.0/24, 10.2.30.0/24
– 2001:db8:b0b:f002::/64, 2001:db8:b0b2::/48, 2001:db8:b0b2::/48, 2001:db8:b0b3::/48, 2001:db8:cafe::/48 (longer AS path)

Both ISPs also receive specific prefixes from Lombardia.
• Lombardia advertises to both ISPs:
– 192.168.1.0/24, 192.168.3.0/24, 192.168.4.0/24, 192.168.6.0/24
– 2001:db8:c0c0:a011::/64, 2001:db8:c0c0:a021::/64, 2001:db8:c0c0:a022::/64, 2001:db8:c0c0:a031::/64

Note: Inter-router links are not advertised by BGP.

Note: Lombardia iBGP peering is done using loopback 0 addresses.

Although the topology has a limited number of routers, you should use the appropriate troubleshooting commands to help find and solve the problems in the three trouble tickets as if this were a much more complex topology with many more routers and networks.

You will be loading configurations with intentional errors onto the network. Your tasks are to FIND the error(s), document your findings and the command(s) or method(s) used to fix them, FIX the issue(s) presented here, and then test the network to ensure both of the following conditions are met:

1) the complaint received in the ticket is resolved
2) full reachability is restored

Note: The routers used with CCNP hands-on labs are Cisco 4221 with Cisco IOS XE Release 16.9.4 (universalk9 image). The switches used in the labs are Cisco Catalyst 3650 with Cisco IOS XE Release 16.9.4 (universalk9 image). Other routers, switches, and Cisco IOS versions can be used. Depending on the model and Cisco IOS version, the commands available and the output produced might vary from what is shown in the labs. Refer to the Router Interface Summary Table at the end of the lab for the correct interface identifiers.

Note: Make sure that the devices have been erased and have no startup configurations. If you are unsure, contact your instructor.

Instructor Note: Refer to the Instructor Lab Manual for the procedures to initialize and reload devices.

Required Resources

• 3 Routers (Cisco 4221 with Cisco IOS XE Release 16.9.4 universal image or comparable)
• 2 Switches (Cisco 3560 with Cisco IOS XE Release 16.9.4 universal image or comparable)
• Console cables to configure the Cisco IOS devices via the console ports
• Ethernet cables as shown in the topology

Instructions

Part 1: Trouble Ticket 14.1.2.1

Scenario:

Lombardia Cocoa Company recently added router R2 between routers R1 and R3. Previously, R1 and R3 were connected directly. Routers R1, R2 and R3 were reconfigured to implement these changes. During testing and validation, the network team noticed that routers R1 and R3 only have BGP routes from their directly connected eBGP peers. All three AS 65000 routers should be receiving routes indicated in the network documentation (see the previous Background / Scenario section).

You have been asked to help find the problem and implement any necessary changes.

Use the commands listed below to load the configuration files for this trouble ticket:

Instructor Note: Commands for uploading the configuration are provided at the end of this document.

– All routers should receive the prefixes shown in the previous Background / Scenario section.
– Verification: The following pings should be successful. If a ping does not work, the ticket is not resolved:

R1# ping 10.2.1.1 source lo1
R1# ping 2001:db8:b0b:f002::1 source lo1
R3# ping 10.1.1.1 source lo1
R3# ping 2001:db8:cab:f002::1 source lo1

– When you have fixed the ticket, change the MOTD on EACH DEVICE using the following command:

banner motd # This is $(hostname) FIXED from ticket <ticket number> #

– Then save the configuration by issuing the wri command (on each device).
– Inform your instructor that you are ready for the next ticket.
– After the instructor approves your solution for this ticket, issue the reset.now privileged EXEC command. This script will clear your configurations and reload the devices.

Instructor Notes:

This trouble ticket contains intentional errors on both R1 and R3:

Because the networks between eBGP peers are not being advertised, R1 and R3 require using the next-hop-self option when iBGP peering with routers in AS 65000.

These changes must be done for peering relationships in both the IPv4 and IPv6 address families. The commands used to fix these errors should be:

R1(config)# router bgp 65000
R1(config-router)# address-family ipv4 unicast
R1(config-router-af)# neighbor 192.168.99.3 next-hop-self
R1(config-router-af)# exit
R1(config-router)# address-family ipv6 unicast
R1(config-router-af)# neighbor 2001:db8:c0c0:99::3 next-hop-self
R1(config-router-af)# end

R3(config)# router bgp 65000
R3(config-router)# address-family ipv4 unicast
R3(config-router-af)# neighbor 192.168.99.1 next-hop-self
R3(config-router-af)# exit
R3(config-router)# address-family ipv6 unicast
R3(config-router-af)# neighbor 2001:db8:c0c0:99::1 next-hop-self
R3(config-router-af)# end

Part 2: Trouble Ticket 14.1.2.2

Scenario:

The preferred default path to the 2001:db8:cafe::/48 prefix is via AS 65100 because it is a shorter AS path. Your peering agreements with both ISPs state that you have to pay for traffic transiting via AS 65100 but not through AS 65200. To decrease costs, management has tasked the network team to send traffic for 2001:db8:cafe::/48 to AS 65200.

Policy changes were made to forward traffic to the 2001:db8:cafe::/48 prefix to AS 65200. However, verification commands indicate that only router R3 is forwarding traffic to the 2001:db8:cafe::/48 prefix to AS 65200. Routers R1 and R2 are still forwarding traffic for the 2001:db8:cafe::/48 prefix to AS 65100.

You have been tasked to find and resolve the issue.

Use the commands listed below to load the configuration files for this trouble ticket:

Instructor Note: Commands for creating these files are at the end of this document.

• All AS 65000 routers should forward traffic for 2001:db8:cafe::/48 via AS 65200.
• IPv6 BGP tables in all AS 65000 routers should verify that AS 65200 is the preferred (best) path.
• When you have fixed the ticket, change the MOTD on EACH DEVICE using the following command:

banner motd # This is $(hostname) FIXED from ticket <ticket number> #

• Then save the configuration by issuing the wri command (on each device).
• Inform your instructor that you are ready for the next ticket.
• After the instructor approves your solution for this ticket, issue the reset.now privileged EXEC command. This script will clear your configurations and reload the devices.

Instructor Notes:

This trouble ticket contains an intentional error on R1 and R3. Both routers have been configured with a route map that modifies the weight attribute. The weight attribute is local only and is not advertised in BGP updates. R1 and R3 need their route maps changed to use the local preference attribute which is transitive. R3 needs to be configured with the larger local preference value. BGP process will need to reset on all AS 65000 routers.

The commands used to fix these errors should be:

R1(config)# no route-map AS65100-CAFE permit 10
R1(config)# route-map AS65100-CAFE permit 10
R1(config-route-map)# match ipv6 address prefix-list CAFE-POLICY
R1(config-route-map)# set local-preference 100
R1(config-route-map)# end
R1# clear bgp all 65000

R3(config)# no route-map AS65200-CAFE permit 10
R3(config)# route-map AS65200-CAFE permit 10
R3(config-route-map)# match ipv6 address prefix-list CAFE-POLICY
R3(config-route-map)# set local-preference 400
R3(config-route-map)# end
R3# clear bgp all 65000

R2# clear bgp all 65000

Router Interface Summary Table

Note: To find out how the router is configured, look at the interfaces to identify the type of router and how many interfaces the router has. There is no way to effectively list all the combinations of configurations for each router class. This table includes identifiers for the possible combinations of Ethernet and Serial interfaces in the device. The table does not include any other type of interface, even though a specific router may contain one. An example of this might be an ISDN BRI interface. The string in parenthesis is the legal abbreviation that can be used in Cisco IOS commands to represent the interface.

Uploading Configuration Files

Use the commands below to create the configuration files for each trouble ticket in this lab on the lab devices. The TCL script commands help create and copy the configurations. However, the configuration commands could also be copied and pasted directly into global config mode on each device. Simply remove the TCL script commands, enter the enable and configure t commands on the device, and copy and paste the configuration commands.

Important: The device requires a folder in flash named enarsi. Use the dir command to verify. If the folder is missing, then create it using the mkdir flash:/enarsi privileged EXEC command. For all switches, make sure the vlan.dat file is set to the default. Use the delete vlan.dat privileged EXEC command, if necessary.

Reset scripts

These TCL scripts will completely clear and reload the device in preparation for the next ticket. Copy and paste the appropriate script to the appropriate device.

Router Reset Script

tclsh
puts [ open "flash:/enarsi/reset.tcl" w+ ] {
typeahead "\n"
copy running-config startup-config
typeahead "\n"
erase startup-config
puts "Reloading the router"
typeahead "\n"
reload
}
tclquit

D1/D2 (Cisco 3650) Reset Script – The default 3650 SDM template supports IPv6 by default, so it is not set by this script.

tclsh
puts [ open "flash:/enarsi/reset.tcl" w+ ] {
typeahead "\n"
copy running-config startup-config
typeahead "\n"
erase startup-config
delete /force vlan.dat
puts "Reloading the switch"
typeahead "\n"
reload
}
tclquit

A1 (Cisco 2960 Script) – The default 2960 SDM template does not support IPv6, so this script includes that setting.

tclsh
puts [ open "flash:reset.tcl" w+ ] {
typeahead "\n"
copy running-config startup-config
typeahead "\n"
erase startup-config
delete /force vlan.dat
delete /force multiple-fs
ios_config "sdm prefer lanbase-routing"
typeahead "\n"
puts "Reloading the switch in 1 minute, type reload cancel to halt"
typeahead "\n"
reload
}
tclquit

R1 Configuration File Scripts

!R1 – Trouble Ticket # 1

tclsh
puts [ open "flash:/enarsi/14.1.2.1-r1-config.txt" w+ ] {
hostname R1
banner motd # This is R1, Trouble Ticket 14.1.2.1 #
no ip domain lookup
ipv6 unicast-routing
line con 0
logg sync
exec-time 0 0
exit
inter g 0/0/0
ipv6 add 2001:db8:c0c0:a001::1/64
ipv6 add fe80::a001:1 link-local
ip add 192.168.2.1 255.255.255.0
ospfv3 1 ipv4 area 0
ospfv3 1 ipv6 area 0
no shut
inter g 0/0/1
ipv6 add 2001:db8:cab:f001::2/64
ipv6 add fe80::f001:2 link-local
ip add 172.16.1.2 255.255.255.252
no shut
int lo1
ipv6 add 2001:db8:c0c0:a011::1/64
ipv6 add fe80::a011:1 link-local
ip add 192.168.1.1 255.255.255.0
ospfv3 1 ipv4 area 0
ospfv3 1 ipv6 area 0
ospfv3 1 ipv4 network point-to-point
ospfv3 1 ipv6 network point-to-point
exit
inter lo0
description Loopback for BGP peering
ip add 192.168.99.1 255.255.255.255
ipv6 add 2001:db8:c0c0:99::1/128
ipv6 add fe80::99:1 link-local
ospfv3 1 ipv4 area 0
ospfv3 1 ipv6 area 0
exit
router ospfv3 1
address-family ipv4 unicast
router-id 1.1.1.1
exit
address-family ipv6 unicast
router-id 1.1.1.1
exit
exit
router bgp 65000
bgp router-id 1.1.1.1
neighbor 172.16.1.1 remote-as 65100
neighbor 2001:db8:cab:f001::1 remote-as 65100
neighbor 192.168.99.2 remote-as 65000
neighbor 192.168.99.2 update-source loopback0
neighbor 2001:db8:c0c0:99::2 remote-as 65000
neighbor 2001:db8:c0c0:99::2 update-source loopback0
neighbor 192.168.99.3 remote-as 65000
neighbor 192.168.99.3 update-source loopback0
neighbor 2001:db8:c0c0:99::3 remote-as 65000
neighbor 2001:db8:c0c0:99::3 update-source loopback0
address-family ipv4 unicast
network 192.168.1.0 mask 255.255.255.0
neighbor 172.16.1.1 activate
neighbor 192.168.99.2 activate
neighbor 192.168.99.2 next-hop-self
neighbor 192.168.99.3 activate
exit
address-family ipv6 unicast
network 2001:db8:c0c0:a011::/64
neighbor 2001:db8:cab:f001::1 activate
neighbor 2001:db8:c0c0:99::2 activate
neighbor 2001:db8:c0c0:99::2 next-hop-self
neighbor 2001:db8:c0c0:99::3 activate
alias exec reset.now tclsh flash:/enarsi/reset.tcl
}
tclquit

!R1 – Trouble Ticket # 2

tclsh
puts [ open "flash:/enarsi/14.1.2.2-r1-config.txt" w+ ] {
hostname R1
banner motd # This is R1, Trouble Ticket 14.1.2.2 #
no ip domain lookup
ipv6 unicast-routing
line con 0
logg sync
exec-time 0 0
exit
inter g 0/0/0
ipv6 add 2001:db8:c0c0:a001::1/64
ipv6 add fe80::a001:1 link-local
ip add 192.168.2.1 255.255.255.0
ospfv3 1 ipv4 area 0
ospfv3 1 ipv6 area 0
no shut
inter g 0/0/1
ipv6 add 2001:db8:cab:f001::2/64
ipv6 add fe80::f001:2 link-local
ip add 172.16.1.2 255.255.255.252
no shut
int lo1
ipv6 add 2001:db8:c0c0:a011::1/64
ipv6 add fe80::a011:1 link-local
ip add 192.168.1.1 255.255.255.0
ospfv3 1 ipv4 area 0
ospfv3 1 ipv6 area 0
ospfv3 1 ipv4 network point-to-point
ospfv3 1 ipv6 network point-to-point
exit
inter lo0
description Loopback for BGP peering
ip add 192.168.99.1 255.255.255.255
ipv6 add 2001:db8:c0c0:99::1/128
ipv6 add fe80::99:1 link-local
ospfv3 1 ipv4 area 0
ospfv3 1 ipv6 area 0
exit
router ospfv3 1
address-family ipv4 unicast
router-id 1.1.1.1
exit
address-family ipv6 unicast
router-id 1.1.1.1
exit
exit
ipv6 prefix-list CAFE-POLICY permit 2001:db8:cafe::/48 
route-map AS65100-CAFE permit 10
match ipv6 address prefix-list CAFE-POLICY
set weight 100
exit
route-map AS65100-CAFE permit 20
exit
router bgp 65000
bgp router-id 1.1.1.1
neighbor 172.16.1.1 remote-as 65100
neighbor 2001:db8:cab:f001::1 remote-as 65100
neighbor 192.168.99.2 remote-as 65000
neighbor 192.168.99.2 update-source loopback0
neighbor 2001:db8:c0c0:99::2 remote-as 65000
neighbor 2001:db8:c0c0:99::2 update-source loopback0
neighbor 192.168.99.3 remote-as 65000
neighbor 192.168.99.3 update-source loopback0
neighbor 2001:db8:c0c0:99::3 remote-as 65000
neighbor 2001:db8:c0c0:99::3 update-source loopback0
address-family ipv4 unicast
network 192.168.1.0 mask 255.255.255.0
neighbor 172.16.1.1 activate
neighbor 192.168.99.2 activate
neighbor 192.168.99.2 next-hop-self
neighbor 192.168.99.3 activate
neighbor 192.168.99.3 next-hop-self
exit
address-family ipv6 unicast
network 2001:db8:c0c0:a011::/64
neighbor 2001:db8:cab:f001::1 activate
neighbor 2001:db8:cab:f001::1 route-map AS65100-CAFE in
neighbor 2001:db8:c0c0:99::2 activate
neighbor 2001:db8:c0c0:99::2 next-hop-self
neighbor 2001:db8:c0c0:99::3 activate
neighbor 2001:db8:c0c0:99::3 next-hop-self
exit
exit
alias exec reset.now tclsh flash:/enarsi/reset.tcl
}
tclquit

R2 Configuration File Scripts

!R2 – Trouble Ticket # 1

tclsh
puts [ open "flash:/enarsi/14.1.2.1-r2-config.txt" w+ ] {
hostname R2
banner motd # This is R2, Trouble Ticket 14.1.2.1 #
no ip domain lookup
ipv6 unicast-routing
line con 0
logg sync
exec-time 0 0
exit
inter g 0/0/0
ipv6 add 2001:db8:c0c0:a001::2/64
ipv6 add fe80::a001:2 link-local
ip add 192.168.2.2 255.255.255.0
ospfv3 1 ipv4 area 0
ospfv3 1 ipv6 area 0
no shut
inter g 0/0/1
ipv6 add 2001:db8:c0c0:a002::2/64
ipv6 add fe80::a002:2 link-local
ip add 192.168.5.2 255.255.255.0
ospfv3 1 ipv4 area 0
ospfv3 1 ipv6 area 0
no shut
int lo1
ipv6 add 2001:db8:c0c0:a021::1/64
ipv6 add fe80::a021:1 link-local
ip add 192.168.3.1 255.255.255.0
ospfv3 1 ipv4 area 0
ospfv3 1 ipv6 area 0
ospfv3 1 ipv4 network point-to-point
ospfv3 1 ipv6 network point-to-point
exit
int lo2
ipv6 add 2001:db8:c0c0:a022::1/64
ipv6 add fe80::a022:1 link-local
ip add 192.168.4.1 255.255.255.0
ospfv3 1 ipv4 area 0
ospfv3 1 ipv6 area 0
ospfv3 1 ipv4 network point-to-point
ospfv3 1 ipv6 network point-to-point
exit
inter lo0
description Loopback for BGP peering
ip add 192.168.99.2 255.255.255.255
ipv6 add 2001:db8:c0c0:99::2/128
ipv6 add fe80::99:2 link-local
ospfv3 1 ipv4 area 0
ospfv3 1 ipv6 area 0
exit
router ospfv3 1
address-family ipv4 unicast
router-id 2.2.2.2
exit
address-family ipv6 unicast
router-id 2.2.2.2
exit
router bgp 65000
bgp router-id 2.2.2.2
neighbor 192.168.99.1 remote-as 65000
neighbor 192.168.99.1 update-source loopback0
neighbor 2001:db8:c0c0:99::1 remote-as 65000
neighbor 2001:db8:c0c0:99::1 update-source loopback0
neighbor 192.168.99.3 remote-as 65000
neighbor 192.168.99.3 update-source loopback0
neighbor 2001:db8:c0c0:99::3 remote-as 65000
neighbor 2001:db8:c0c0:99::3 update-source loopback0
address-family ipv4 unicast
network 192.168.3.0 mask 255.255.255.0
network 192.168.4.0 mask 255.255.255.0
neighbor 192.168.99.1 activate
neighbor 192.168.99.3 activate
exit
address-family ipv6 unicast
network 2001:db8:c0c0:a021::/64
network 2001:db8:c0c0:a022::/64
neighbor 2001:db8:c0c0:99::1 activate
neighbor 2001:db8:c0c0:99::3 activate
exit
exit
alias exec reset.now tclsh flash:/enarsi/reset.tcl
}
tclquit

!R2 – Trouble Ticket # 2

tclsh
puts [ open "flash:/enarsi/14.1.2.2-r2-config.txt" w+ ] {
hostname R2
banner motd # This is R2, Trouble Ticket 14.1.2.2 #
no ip domain lookup
ipv6 unicast-routing
line con 0
logg sync
exec-time 0 0
exit
inter g 0/0/0
ipv6 add 2001:db8:c0c0:a001::2/64
ipv6 add fe80::a001:2 link-local
ip add 192.168.2.2 255.255.255.0
ospfv3 1 ipv4 area 0
ospfv3 1 ipv6 area 0
no shut
inter g 0/0/1
ipv6 add 2001:db8:c0c0:a002::2/64
ipv6 add fe80::a002:2 link-local
ip add 192.168.5.2 255.255.255.0
ospfv3 1 ipv4 area 0
ospfv3 1 ipv6 area 0
no shut
int lo1
ipv6 add 2001:db8:c0c0:a021::1/64
ipv6 add fe80::a021:1 link-local
ip add 192.168.3.1 255.255.255.0
ospfv3 1 ipv4 area 0
ospfv3 1 ipv6 area 0
ospfv3 1 ipv4 network point-to-point
ospfv3 1 ipv6 network point-to-point
exit
int lo2
ipv6 add 2001:db8:c0c0:a022::1/64
ipv6 add fe80::a022:1 link-local
ip add 192.168.4.1 255.255.255.0
ospfv3 1 ipv4 area 0
ospfv3 1 ipv6 area 0
ospfv3 1 ipv4 network point-to-point
ospfv3 1 ipv6 network point-to-point
exit
inter lo0
description Loopback for BGP peering
ip add 192.168.99.2 255.255.255.255
ipv6 add 2001:db8:c0c0:99::2/128
ipv6 add fe80::99:2 link-local
ospfv3 1 ipv4 area 0
ospfv3 1 ipv6 area 0
exit
router ospfv3 1
address-family ipv4 unicast
router-id 2.2.2.2
exit
address-family ipv6 unicast
router-id 2.2.2.2
exit
router bgp 65000
bgp router-id 2.2.2.2
neighbor 192.168.99.1 remote-as 65000
neighbor 192.168.99.1 update-source loopback0
neighbor 2001:db8:c0c0:99::1 remote-as 65000
neighbor 2001:db8:c0c0:99::1 update-source loopback0
neighbor 192.168.99.3 remote-as 65000
neighbor 192.168.99.3 update-source loopback0
neighbor 2001:db8:c0c0:99::3 remote-as 65000
neighbor 2001:db8:c0c0:99::3 update-source loopback0
address-family ipv4 unicast
network 192.168.3.0 mask 255.255.255.0
network 192.168.4.0 mask 255.255.255.0
neighbor 192.168.99.1 activate
neighbor 192.168.99.3 activate
exit
address-family ipv6 unicast
network 2001:db8:c0c0:a021::/64
network 2001:db8:c0c0:a022::/64
neighbor 2001:db8:c0c0:99::1 activate
neighbor 2001:db8:c0c0:99::3 activate
exit
exit
alias exec reset.now tclsh flash:/enarsi/reset.tcl
}
tclquit

R3 Configuration File Scripts

!R3 – Trouble Ticket # 1

tclsh
puts [ open "flash:/enarsi/14.1.2.1-r3-config.txt" w+ ] {
hostname R3
banner motd # This is R3, Trouble Ticket 14.1.2.1 #
no ip domain lookup
ipv6 unicast-routing
line con 0
logg sync
exec-time 0 0
exit
inter g 0/0/0
ipv6 add 2001:db8:c0c0:a002::1/64
ipv6 add fe80::a002:1 link-local
ip add 192.168.5.1 255.255.255.0
ospfv3 1 ipv4 area 0
ospfv3 1 ipv6 area 0
no shut
inter g 0/0/1
ipv6 add 2001:db8:b0b:f001::2/64
ipv6 add fe80::f001:2 link-local
ip add 172.16.2.2 255.255.255.252
no shut
int lo1
ipv6 add 2001:db8:c0c0:a031::1/64
ipv6 add fe80::a031:1 link-local
ip add 192.168.6.1 255.255.255.0
ospfv3 1 ipv4 area 0
ospfv3 1 ipv6 area 0
ospfv3 1 ipv4 network point-to-point
ospfv3 1 ipv6 network point-to-point
exit
inter lo0
description Loopback for BGP peering
ip add 192.168.99.3 255.255.255.255
ipv6 add 2001:db8:c0c0:99::3/128
ipv6 add fe80::99:3 link-local
ospfv3 1 ipv4 area 0
ospfv3 1 ipv6 area 0
exit
router ospfv3 1
address-family ipv4 unicast
router-id 3.3.3.3
exit
address-family ipv6 unicast
router-id 3.3.3.3
exit
router bgp 65000
bgp router-id 3.3.3.3
neighbor 172.16.2.1 remote-as 65200
neighbor 2001:db8:b0b:f001::1 remote-as 65200
neighbor 192.168.99.1 remote-as 65000
neighbor 192.168.99.1 update-source loopback0
neighbor 2001:db8:c0c0:99::1 remote-as 65000
neighbor 2001:db8:c0c0:99::1 update-source loopback0
neighbor 192.168.99.2 remote-as 65000
neighbor 192.168.99.2 update-source loopback0
neighbor 2001:db8:c0c0:99::2 remote-as 65000
neighbor 2001:db8:c0c0:99::2 update-source loopback0
address-family ipv4 unicast
network 192.168.6.0 mask 255.255.255.0
neighbor 172.16.2.1 activate
neighbor 192.168.99.1 activate
neighbor 192.168.99.2 activate
neighbor 192.168.99.2 next-hop-self
exit
address-family ipv6 unicast
network 2001:db8:c0c0:a031::/64
neighbor 2001:db8:b0b:f001::1 activate
neighbor 2001:db8:c0c0:99::1 activate
neighbor 2001:db8:c0c0:99::2 activate
neighbor 2001:db8:c0c0:99::2 next-hop-self
exit
exit
alias exec reset.now tclsh flash:/enarsi/reset.tcl
}
tclquit

!R3 – Trouble Ticket # 2

tclsh
puts [ open "flash:/enarsi/14.1.2.2-r3-config.txt" w+ ] {
hostname R3
banner motd # This is R3, Trouble Ticket 14.1.2.2 #
no ip domain lookup
ipv6 unicast-routing
line con 0
logg sync
exec-time 0 0
exit
inter g 0/0/0
ipv6 add 2001:db8:c0c0:a002::1/64
ipv6 add fe80::a002:1 link-local
ip add 192.168.5.1 255.255.255.0
ospfv3 1 ipv4 area 0
ospfv3 1 ipv6 area 0
no shut
inter g 0/0/1
ipv6 add 2001:db8:b0b:f001::2/64
ipv6 add fe80::f001:2 link-local
ip add 172.16.2.2 255.255.255.252
no shut
int lo1
ipv6 add 2001:db8:c0c0:a031::1/64
ipv6 add fe80::a031:1 link-local
ip add 192.168.6.1 255.255.255.0
ospfv3 1 ipv4 area 0
ospfv3 1 ipv6 area 0
ospfv3 1 ipv4 network point-to-point
ospfv3 1 ipv6 network point-to-point
exit
inter lo0
description Loopback for BGP peering
ip add 192.168.99.3 255.255.255.255
ipv6 add 2001:db8:c0c0:99::3/128
ipv6 add fe80::99:3 link-local
ospfv3 1 ipv4 area 0
ospfv3 1 ipv6 area 0
exit
router ospfv3 1
address-family ipv4 unicast
router-id 3.3.3.3
exit
address-family ipv6 unicast
router-id 3.3.3.3
exit
ipv6 prefix-list CAFE-POLICY permit 2001:db8:cafe::/48 
route-map AS65200-CAFE permit 10
match ipv6 address prefix-list CAFE-POLICY
set weight 400
exit
route-map AS65200-CAFE permit 20
exit
router bgp 65000
bgp router-id 3.3.3.3
neighbor 172.16.2.1 remote-as 65200
neighbor 2001:db8:b0b:f001::1 remote-as 65200
neighbor 192.168.99.1 remote-as 65000
neighbor 192.168.99.1 update-source loopback0
neighbor 2001:db8:c0c0:99::1 remote-as 65000
neighbor 2001:db8:c0c0:99::1 update-source loopback0
neighbor 192.168.99.2 remote-as 65000
neighbor 192.168.99.2 update-source loopback0
neighbor 2001:db8:c0c0:99::2 remote-as 65000
neighbor 2001:db8:c0c0:99::2 update-source loopback0
address-family ipv4 unicast
network 192.168.6.0 mask 255.255.255.0
neighbor 172.16.2.1 activate
neighbor 192.168.99.1 activate
neighbor 192.168.99.1 next-hop-self
neighbor 192.168.99.2 activate
neighbor 192.168.99.2 next-hop-self
exit
address-family ipv6 unicast
network 2001:db8:c0c0:a031::/64
neighbor 2001:db8:b0b:f001::1 activate
neighbor 2001:db8:b0b:f001::1 route-map AS65200-CAFE in
neighbor 2001:db8:c0c0:99::1 activate
neighbor 2001:db8:c0c0:99::1 next-hop-self
neighbor 2001:db8:c0c0:99::2 activate
neighbor 2001:db8:c0c0:99::2 next-hop-self
exit
exit
alias exec reset.now tclsh flash:/enarsi/reset.tcl
}
tclquit

D1 Configuration File Scripts

!D1 – Trouble Ticket # 1

tclsh
puts [ open "flash:/enarsi/14.1.2.1-d1-config.txt" w+ ] {
hostname D1
banner motd # This is D1, Trouble Ticket 14.1.2.1 #
no ip domain lookup
ip routing
ipv6 unicast-routing
line con 0
logg sync
exec-time 0 0
exit
inter g 1/0/11
no switchport
ipv6 add 2001:db8:cab:f001::1/64
ipv6 add fe80::cab:f001:1 link-local
ip add 172.16.1.1 255.255.255.252
no shut
exit
interface lo1
ipv6 add 2001:db8:cab:f002::1/64
ipv6 add fe80::cab:f002:1 link-local
ip add 10.1.1.1 255.255.255.0
exit
interface lo10
ipv6 add 2001:db8:cab1::1/48
ip add 10.1.10.1 255.255.255.0
no shut
exit
interface lo20
ipv6 add 2001:db8:cab2::1/48
ip add 10.1.20.1 255.255.255.0
no shut
exit
interface lo30
ipv6 add 2001:db8:cab3::1/48
ip add 10.1.30.1 255.255.255.0
no shut
exit
interface lo48
ipv6 add 2001:db8:cafe::1/48
no shut
exit
inter range g1/0/6-10, g1/0/12-24
shut
exit
router bgp 65100
bgp router-id 1.0.0.1
neighbor 172.16.1.2 remote-as 65000
neighbor 2001:db8:cab:f001::2 remote-as 65000
address-family ipv4 unicast
network 10.1.1.0 mask 255.255.255.0
network 10.1.10.0 mask 255.255.255.0
network 10.1.20.0 mask 255.255.255.0
network 10.1.30.0 mask 255.255.255.0
neighbor 172.16.1.2 activate
exit
address-family ipv6 unicast
network 2001:db8:cab:f002::/64
network 2001:db8:cab1::/48
network 2001:db8:cab2::/48
network 2001:db8:cab3::/48
network 2001:db8:cafe::/48
neighbor 2001:db8:cab:f001::2 activate
exit
exit
alias exec reset.now tclsh flash:/enarsi/reset.tcl
}
tclquit

!D1 – Trouble Ticket # 2

tclsh
puts [ open "flash:/enarsi/14.1.2.2-d1-config.txt" w+ ] {
hostname D1
banner motd # This is D1, Trouble Ticket 14.1.2.2 #
no ip domain lookup
ip routing
ipv6 unicast-routing
line con 0
logg sync
exec-time 0 0
exit
inter g 1/0/11
no switchport
ipv6 add 2001:db8:cab:f001::1/64
ipv6 add fe80::cab:f001:1 link-local
ip add 172.16.1.1 255.255.255.252
no shut
exit
interface lo1
ipv6 add 2001:db8:cab:f002::1/64
ipv6 add fe80::cab:f002:1 link-local
ip add 10.1.1.1 255.255.255.0
exit
interface lo10
ipv6 add 2001:db8:cab1::1/48
ip add 10.1.10.1 255.255.255.0
no shut
exit
interface lo20
ipv6 add 2001:db8:cab2::1/48
ip add 10.1.20.1 255.255.255.0
no shut
exit
interface lo30
ipv6 add 2001:db8:cab3::1/48
ip add 10.1.30.1 255.255.255.0
no shut
exit
interface lo48
ipv6 add 2001:db8:cafe::1/48
no shut
exit
inter range g1/0/6-10, g1/0/12-24
shut
exit
router bgp 65100
bgp router-id 1.0.0.1
neighbor 172.16.1.2 remote-as 65000
neighbor 2001:db8:cab:f001::2 remote-as 65000
address-family ipv4 unicast
network 10.1.1.0 mask 255.255.255.0
network 10.1.10.0 mask 255.255.255.0
network 10.1.20.0 mask 255.255.255.0
network 10.1.30.0 mask 255.255.255.0
neighbor 172.16.1.2 activate
exit
address-family ipv6 unicast
network 2001:db8:cab:f002::/64
network 2001:db8:cab1::/48
network 2001:db8:cab2::/48
network 2001:db8:cab3::/48
network 2001:db8:cafe::/48
neighbor 2001:db8:cab:f001::2 activate
exit
exit
alias exec reset.now tclsh flash:/enarsi/reset.tcl
}
tclquit

D2 Configuration File Scripts

!D2 – Trouble Ticket # 1

tclsh
puts [ open "flash:/enarsi/14.1.2.1-d2-config.txt" w+ ] {
hostname D2
banner motd # This is D2, Trouble Ticket 14.1.2.1 #
no ip domain lookup
ip routing
ipv6 unicast-routing
line con 0
logg sync
exec-time 0 0
exit
inter g 1/0/11
no switchport
ipv6 add 2001:db8:b0b:f001::1/64
ipv6 add fe80::b0b:f001:1 link-local
ip add 172.16.2.1 255.255.255.252
no shut
exit
interface lo1
ipv6 add 2001:db8:b0b:f002::1/64
ipv6 add fe80::b0b:f002:1 link-local
ip add 10.2.1.1 255.255.255.0
exit
interface lo10
ipv6 add 2001:db8:b0b1::1/48
ip add 10.2.10.1 255.255.255.0
no shut
exit
interface lo20
ipv6 add 2001:db8:b0b2::1/48
ip add 10.2.20.1 255.255.255.0
no shut
exit
interface lo30
ipv6 add 2001:db8:b0b3::1/48
ip add 10.2.30.1 255.255.255.0
no shut
exit
interface lo48
ipv6 add 2001:db8:cafe::1/48
no shut
exit
inter range g1/0/6-10, g1/0/12-24
shut
exit
ipv6 prefix-list CAFE-POLICY permit 2001:db8:cafe::/48 
route-map SET-AS-PATH-CAFE permit 10
match ipv6 address prefix-list CAFE-POLICY
set as-path prepend 65200 65200 65200 65200
exit
route-map SET-AS-PATH-CAFE permit 20
exit
router bgp 65200
bgp router-id 2.0.0.2
neighbor 172.16.2.2 remote-as 65000
neighbor 2001:db8:b0b:f001::2 remote-as 65000
address-family ipv4 unicast
network 10.2.1.0 mask 255.255.255.0
network 10.2.10.0 mask 255.255.255.0
network 10.2.20.0 mask 255.255.255.0
network 10.2.30.0 mask 255.255.255.0
neighbor 172.16.2.2 activate
exit
address-family ipv6 unicast
network 2001:db8:b0b:f002::/64
network 2001:db8:b0b1::/48
network 2001:db8:b0b2::/48
network 2001:db8:b0b3::/48
network 2001:db8:cafe::/48
neighbor 2001:db8:b0b:f001::2 activate
neighbor 2001:db8:b0b:f001::2 route-map SET-AS-PATH-CAFE out
exit
exit
alias exec reset.now tclsh flash:/enarsi/reset.tcl
}
tclquit

!D2 – Trouble Ticket # 2

tclsh
puts [ open "flash:/enarsi/14.1.2.2-d2-config.txt" w+ ] {
hostname D2
banner motd # This is D2, Trouble Ticket 14.1.2.2 #
no ip domain lookup
ip routing
ipv6 unicast-routing
line con 0
logg sync
exec-time 0 0
exit
inter g 1/0/11
no switchport
ipv6 add 2001:db8:b0b:f001::1/64
ipv6 add fe80::b0b:f001:1 link-local
ip add 172.16.2.1 255.255.255.252
no shut
exit
interface lo1
ipv6 add 2001:db8:b0b:f002::1/64
ipv6 add fe80::b0b:f002:1 link-local
ip add 10.2.1.1 255.255.255.0
exit
interface lo10
ipv6 add 2001:db8:b0b1::1/48
ip add 10.2.10.1 255.255.255.0
no shut
exit
interface lo20
ipv6 add 2001:db8:b0b2::1/48
ip add 10.2.20.1 255.255.255.0
no shut
exit
interface lo30
ipv6 add 2001:db8:b0b3::1/48
ip add 10.2.30.1 255.255.255.0
no shut
exit
interface lo48
ipv6 add 2001:db8:cafe::1/48
no shut
exit
inter range g1/0/6-10, g1/0/12-24
shut
exit
ipv6 prefix-list CAFE-POLICY permit 2001:db8:cafe::/48 
route-map SET-AS-PATH-CAFE permit 10
match ipv6 address prefix-list CAFE-POLICY
set as-path prepend 65200 65200 65200 65200
exit
route-map SET-AS-PATH-CAFE permit 20
exit
router bgp 65200
bgp router-id 2.0.0.2
neighbor 172.16.2.2 remote-as 65000
neighbor 2001:db8:b0b:f001::2 remote-as 65000
address-family ipv4 unicast
network 10.2.1.0 mask 255.255.255.0
network 10.2.10.0 mask 255.255.255.0
network 10.2.20.0 mask 255.255.255.0
network 10.2.30.0 mask 255.255.255.0
neighbor 172.16.2.2 activate
exit
address-family ipv6 unicast
network 2001:db8:b0b:f002::/64
network 2001:db8:b0b1::/48
network 2001:db8:b0b2::/48
network 2001:db8:b0b3::/48
network 2001:db8:cafe::/48
neighbor 2001:db8:b0b:f001::2 activate
neighbor 2001:db8:b0b:f001::2 route-map SET-AS-PATH-CAFE out
exit
exit
alias exec reset.now tclsh flash:/enarsi/reset.tcl
}
tclquit

A1 Configuration File Scripts – Not Used In This Lab

Download 14.1.2 Lab – Troubleshooting BGP .PDF file:

14.1.2 Lab - Troubleshooting BGP .PDF 613.83 KB 705 downloads

...

Download