3.6.1.3 Lab – Configure a Branch Connection (Instructor Version)
Instructor Note: Red font color or gray highlights indicate text that appears in the instructor copy only.
Topology
Addressing Table
Device | Interface | IP Address | Subnet Mask |
---|---|---|---|
R1 | G0/0 | 192.168.1.1 | 255.255.255.0 |
G0/1 | PPPoE Client | ||
Lo1 | 209.165.200.49 | 255.255.255.240 | |
S0/0/0 (DCE) | 209.165.200.81 | 255.255.255.252 | |
R2 | G0/0 | PPPoE Provider | |
Lo1 | 209.165.200.65 | 255.255.255.240 | |
S0/0/0 | 209.165.200.82 | 255.255.255.252 | |
S0/0/1 (DCE) | 209.165.200.85 | 255.255.255.252 | |
R3 | G0/1 | 192.168.3.1 | 255.255.255.0 |
S0/0/1 (DCE) | 209.165.200.86 | 255.255.255.252 |
Objectives
Part 1: Build the Network and Load Device Configurations
Part 2: Configure a PPPoE Client Connection
Part 3: Configure a GRE Tunnel
Part 4: Configure BGP over PPPoE and BGP over a GRE Tunnel
Background / Scenario
In this lab, you will configure two separate WAN connections, a BGP route over a PPPoE connection, and a BGP route over a GRE tunnel. This lab is a test case scenario and does not represent a realistic BGP implementation.
Note: The routers used with CCNA hands-on labs are Cisco 1941 Integrated Services Routers (ISRs) with Cisco IOS, Release 15.2(4)M3 (universalk9 image). Other routers and Cisco IOS versions can be used. Depending on the model and Cisco IOS version, the commands available and output produced might vary from what is shown in the labs. Refer to the Router Interface Summary Table at the end of this lab for the correct interface identifiers.
Note: Ensure that the routers have been erased and have no startup configurations. If you are unsure, contact your instructor.
Instructor Note: Refer to the Instructor Lab Manual for the procedures to initialize and reload devices.
Required Resources
- 3 Routers (Cisco 1941 with Cisco IOS Release 15.2(4)M3 universal image or comparable)
- 3 Switches (Cisco 2960 with Cisco IOS Release 15.0(2) lanbasek9 image or comparable)
- Console cables to configure the Cisco IOS devices via the console ports
- Ethernet cables and Serial cables as shown in the topology
Part 1: Build the Network and Load Device Configurations
Step 1: Cable the network as shown in the topology.
Step 2: Load router configurations.
Copy and paste the following configurations into the appropriate routers and switch.
Cust 1 (R1) Configuration:
conf t hostname Cust1 no cdp run interface Loopback1 ip address 209.165.200.49 255.255.255.240 interface GigabitEthernet0/0 ip address 192.168.1.1 255.255.255.0 no shut interface Serial0/0/0 ip address 209.165.200.81 255.255.255.252 no shut ip route 0.0.0.0 0.0.0.0 s0/0/0 25 end
Note: In the Cust1 configuration above, CDP is disabled with the no cdp run command. The static default route with an administrative distance is manually configured to 25 instead of the default 1. The significance of these configurations will be explained later in the lab.
ISP (R2) Configuration:
conf t hostname ISP username Cust1 password 0 ciscopppoe bba-group pppoe global virtual-template 1 interface Loopback 1 ip address 209.165.200.65 255.255.255.240 interface GigabitEthernet0/0 ip tcp adjust-mss 1452 pppoe enable group global no shut interface Serial0/0/0 ip address 209.165.200.82 255.255.255.252 no shut interface Serial0/0/1 ip address 209.165.200.85 255.255.255.252 no shut interface Virtual-Template1 mtu 1492 ip address 209.165.200.30 255.255.255.224 peer default ip address pool PPPoEPOOL ppp authentication chap callin router bgp 65001 network 0.0.0.0 neighbor 209.165.200.1 remote-as 65000 ip local pool PPPoEPOOL 209.165.200.1 209.165.200.20 ip route 0.0.0.0 0.0.0.0 Loopback1 end
Branch1 (R3) Configuration:
conf t hostname Branch1 interface GigabitEthernet0/1 ip address 192.168.3.1 255.255.255.0 no shut interface Serial0/0/1 ip address 209.165.200.86 255.255.255.252 no shut ip route 0.0.0.0 0.0.0.0 Serial0/0/1 end
S1 Configuration:
conf t hostname S1 vlan 111 interface f0/6 switchport mode access switchport access vlan 111 end
Note: Because S1 connects to two separate networks, G0/0 and G0/1 on Cust1, it is necessary to segment the switch into two separate VLANs, in this case VLAN111, and VLAN1.
Step 3: Save the configuration on all configured routers and switches.
Part 2: Configure a PPPoE Client Connection
In Part 2, following the PPPoE requirements listed below, you will configure Cust1 as the PPPoE client. The ISP router configuration is already complete.
PPPoE requirements for the Cust1 router:
– Configure an interface Dialer1 with the following settings:
- a negotiated ip address
- mtu 1492
- ppp encapsulation
- dialer pool 1
- ppp chap callin authentication
- ppp chap hostname Cust1
- ppp chap password ciscopppoe (unencrypted)
– Configure G0/1 with the following settings:
- enable global pppoe
- adjust the TCP maximum segment size to 1452
- set the pppoe-client to dialer pool 1
List the commands used to configure Cust1 as the PPPoE Client:
_______________________________________________________
Cust1(config)# interface GigabitEthernet0/1
Cust1(config-if)# ip tcp adjust-mss 1452
Cust1(config-if)# pppoe enable group global
Cust1(config-if)# pppoe-client dial-pool-number 1
Cust1(config-if)# no shut
Cust1(config-if)# interface Dialer1
Cust1(config-if)# mtu 1492
Cust1(config-if)# ip address negotiated
Cust1(config-if)# encapsulation ppp
Cust1(config-if)# dialer pool 1
Cust1(config-if)# ppp authentication chap callin
Cust1(config-if)# ppp chap hostname Cust1
Cust1(config-if)# ppp chap password ciscopppoe
If the Cust1 router is configured correctly, it should receive an IP address from the ISP router. What IP address did Cust1 receive and on what interface? What command did you use to check for the IP address and interface?
______________________________________________________
209.165.200.1 on interface Dialer1. The show command show ip interface brief or show interface dialer1
Note: If Cust1 had CDP running on interface dialer1, it could produce the following repeating log message: PPP: Outbound cdp packet dropped, NCP not negotiated. To prevent this, CDP was globally turned off.
Part 3: Configure a GRE Tunnel
In Part 3, following the GRE requirements listed below, you will configure a GRE tunnel between Cust1 and Branch1.
GRE tunnel requirements:
– On Cust1 and Branch1, configure interface Tunnel 0 with the following settings:
- IP address 192.168.2.1/24 and 192.168.2.2/24 respectively
- Tunnel mode GRE over IP
- Tunnel source interface and destination address using serial interfaces
List the commands used to configure a GRE tunnel between Cust1 and Branch1:
_________________________________________________________
Cust1(config)# interface Tunnel0
Cust1(config-if)# ip address 192.168.2.1 255.255.255.0
Cust1(config-if)# tunnel mode gre ip
Cust1(config-if)# tunnel source s0/0/0
Cust1(config-if)# tunnel dest 209.165.200.86
Branch1(config)# interface Tunnel0
Branch1(config-if)# ip address 192.168.2.2 255.255.255.0
Branch1(config-if)# tunnel mode gre ip
Branch1(config-if)# tunnel source s0/0/1
Branch1(config-if)# tunnel dest 209.165.200.81
How can you tell if the tunnel was created successfully? What command could you use to test the tunnel?
_______________________________________________________
Answers will vary, but may include the following: a console message will display when the tunnel is up, an ICMP Ping can be used to test each end of the tunnel, as well as show interface tunnel0 and show ip interface brief.
What would happen if Cust1 did not have a static default route? Test it by removing the static default route. What was the result? Make sure to replace the static default route, as shown in the Cust1 configuration in Part 1 Step2, before moving on.
_______________________________________________________
The GRE tunnel goes down without the presence of the default route. The tunnel goes back up when the static default route is replaced.
Part 4: Configure BGP over PPPoE and BGP over a GRE Tunnel
In Part 4, following the BGP requirements listed below, you will configure BGP on Cust1 and Branch1. The ISP router configuration is already complete.
BGP requirements:
– On Cust1:
- Create a BGP routing process AS 65000
- Advertise networks attached to Loopback 1 and G0/0
- Configure BGP neighbors to the ISP and Branch1 routers
– On Branch1:
- Create a BGP routing process AS 65010
- Advertise the network attached to G0/1
- Configure BGP neighbor to Cust1 only
List the commands used to configure BGP on Cust1 and Branch1:
__________________________________________________________
Cust1(config)# router bgp 65000
Cust1(config-router)# network 192.168.1.0 mask 255.255.255.0
Cust1(config-router)# network 209.165.200.48 mask 255.255.255.240
Cust1(config-router)# neighbor 192.168.2.2 remote-as 65010
Cust1(config-router)# neighbor 209.165.200.30 remote-as 65001
Branch1(config)# router bgp 65010
Branch1(config-router)# network 192.168.3.0 mask 255.255.255.0
Branch1(config-router)# neighbor 192.168.2.1 remote-as 65000
On Cust1, did you receive console messages regarding BGP neighbor relationships to ISP and Branch1?
_______________________________________________________
Yes.
On Cust1, can you ping the ISP at 209.165.200.30 over PPPoE? Can you ping the Branch1 local network at 192.168.3.1?
_______________________________________________________
Yes and yes.
Check the routing table of Cust1. What routes were learned by BGP? There should be a route learned from both ISP and Branch1.
_______________________________________________________
B* 0.0.0.0/0 [20/0] via 209.165.200.30, 19:41:23
B 192.168.3.0/24 [20/0] via 192.168.2.2, 21:30:16.
Cust1# show ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is 209.165.200.30 to network 0.0.0.0
B* 0.0.0.0/0 [20/0] via 209.165.200.30, 00:15:25
192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.1.0/24 is directly connected, GigabitEthernet0/0
L 192.168.1.1/32 is directly connected, GigabitEthernet0/0
192.168.2.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.2.0/24 is directly connected, Tunnel0
L 192.168.2.1/32 is directly connected, Tunnel0
B 192.168.3.0/24 [20/0] via 192.168.2.2, 00:15:24
209.165.200.0/24 is variably subnetted, 6 subnets, 3 masks
C 209.165.200.1/32 is directly connected, Dialer1
C 209.165.200.30/32 is directly connected, Dialer1
C 209.165.200.48/28 is directly connected, Loopback1
L 209.165.200.49/32 is directly connected, Loopback1
C 209.165.200.80/30 is directly connected, Serial0/0/0
L 209.165.200.81/32 is directly connected, Serial0/0/0
Examine the two routes learned by BGP in the Cust1 routing table. What do they show about routes in the network now?
_______________________________________________________
The BGP candidate default route has an administrative distance of 20, which means it replaced the less desirable manually configured default route with an administrative distance of 25. The BGP default route is via 209.165.200.30 which means it routes over the PPPoE connection to the ISP G0/1 interface, instead of the S0/0/0 interface used by the previous manually configured default route.
The BGP route to the 192.168.3.0 network is via the Branch1 tunnel0 interface at 192.168.2.2 proving that BGP routing information is being carried across the GRE tunnel.
Router Interface Summary Table
Router Interface Summary | ||||
---|---|---|---|---|
Router Model | Ethernet Interface #1 | Ethernet Interface #2 | Serial Interface #1 | Serial Interface #2 |
1800 | Fast Ethernet 0/0 (F0/0) | Fast Ethernet 0/1 (F0/1) | Serial 0/0/0 (S0/0/0) | Serial 0/0/1 (S0/0/1) |
1900 | Gigabit Ethernet 0/0 (G0/0) | Gigabit Ethernet 0/1 (G0/1) | Serial 0/0/0 (S0/0/0) | Serial 0/0/1 (S0/0/1) |
2801 | Fast Ethernet 0/0 (F0/0) | Fast Ethernet 0/1 (F0/1) | Serial 0/1/0 (S0/1/0) | Serial 0/1/1 (S0/1/1) |
2811 | Fast Ethernet 0/0 (F0/0) | Fast Ethernet 0/1 (F0/1) | Serial 0/0/0 (S0/0/0) | Serial 0/0/1 (S0/0/1) |
2900 | Gigabit Ethernet 0/0 (G0/0) | Gigabit Ethernet 0/1 (G0/1) | Serial 0/0/0 (S0/0/0) | Serial 0/0/1 (S0/0/1) |
Note: To find out how the router is configured, look at the interfaces to identify the type of router and how many interfaces the router has. There is no way to effectively list all the combinations of configurations for each router class. This table includes identifiers for the possible combinations of Ethernet and Serial interfaces in the device. The table does not include any other type of interface, even though a specific router may contain one. An example of this might be an ISDN BRI interface. The string in parenthesis is the legal abbreviation that can be used in Cisco IOS commands to represent the interface. |
Device Configs
Cust1 (Final)
Cust1# show run version 15.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname Cust1 ! boot-start-marker boot-end-marker ! no aaa new-model memory-size iomem 10 ! ip cef ! no ipv6 cef ! multilink bundle-name authenticated ! redundancy ! interface Loopback1 ip address 209.165.200.49 255.255.255.240 ! interface Tunnel0 ip address 192.168.2.1 255.255.255.0 tunnel source Serial0/0/0 tunnel destination 209.165.200.86 ! interface Embedded-Service-Engine0/0 no ip address shutdown ! interface GigabitEthernet0/0 ip address 192.168.1.1 255.255.255.0 duplex auto speed auto ! interface GigabitEthernet0/1 no ip address ip tcp adjust-mss 1452 duplex auto speed auto pppoe enable group global pppoe-client dial-pool-number 1 ! interface Serial0/0/0 ip address 209.165.200.81 255.255.255.252 clock rate 2000000 ! interface Serial0/0/1 no ip address shutdown ! interface Dialer1 mtu 1492 ip address negotiated encapsulation ppp dialer pool 1 ppp authentication chap callin ppp chap hostname Cust1 ppp chap password 0 ciscopppoe no cdp enable ! router bgp 65000 bgp log-neighbor-changes network 192.168.1.0 network 209.168.200.48 mask 255.255.255.240 neighbor 192.168.2.2 remote-as 65010 neighbor 209.165.200.30 remote-as 65001 ! ip forward-protocol nd ! no ip http server no ip http secure-server ! ip route 0.0.0.0 0.0.0.0 Serial0/0/0 25 ! no cdp run ! control-plane ! line con 0 line aux 0 line 2 no activation-character no exec transport preferred none transport input all transport output pad telnet rlogin lapb-ta mop udptn v120 ssh stopbits 1 line vty 0 4 login transport input all ! scheduler allocate 20000 1000 ! end
ISP (Final)
ISP# show run version 15.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname ISP ! boot-start-marker boot-end-marker ! no aaa new-model ! ip cef ! no ipv6 cef multilink bundle-name authenticated ! username Cust1 password 0 ciscopppoe ! bba-group pppoe global virtual-template 1 ! interface Loopback1 ip address 209.165.200.65 255.255.255.240 ! interface Embedded-Service-Engine0/0 no ip address shutdown ! interface GigabitEthernet0/0 no ip address ip tcp adjust-mss 1452 duplex auto speed auto pppoe enable group global ! interface GigabitEthernet0/1 no ip address shutdown duplex auto speed auto ! interface Serial0/0/0 ip address 209.165.200.82 255.255.255.252 ! interface Serial0/0/1 ip address 209.165.200.85 255.255.255.252 clock rate 2000000 ! interface Virtual-Template1 mtu 1492 ip address 209.165.200.30 255.255.255.224 peer default ip address pool PPPoEPOOL ppp authentication chap callin ! router bgp 65001 bgp log-neighbor-changes network 0.0.0.0 neighbor 209.165.200.1 remote-as 65000 ! ip local pool PPPoEPOOL 209.165.200.1 209.165.200.20 ip forward-protocol nd ! no ip http server no ip http secure-server ! ip route 0.0.0.0 0.0.0.0 Loopback1 ! control-plane ! line con 0 line aux 0 line 2 no activation-character no exec transport preferred none transport input all transport output pad telnet rlogin lapb-ta mop udptn v120 ssh stopbits 1 line vty 0 4 login transport input all ! scheduler allocate 20000 1000 ! end
Branch1 (Final)
Branch1# show run version 15.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname Branch1 ! boot-start-marker boot-end-marker ! no aaa new-model memory-size iomem 10 ! ip cef ! no ipv6 cef multilink bundle-name authenticated ! interface Tunnel0 ip address 192.168.2.2 255.255.255.0 tunnel source Serial0/0/1 tunnel destination 209.165.200.81 ! interface Embedded-Service-Engine0/0 no ip address shutdown ! interface GigabitEthernet0/0 no ip address shutdown duplex auto speed auto ! interface GigabitEthernet0/1 ip address 192.168.3.1 255.255.255.0 duplex auto speed auto ! interface Serial0/0/0 no ip address shutdown clock rate 2000000 ! interface Serial0/0/1 ip address 209.165.200.86 255.255.255.252 ! router bgp 65010 bgp log-neighbor-changes network 192.168.3.0 neighbor 192.168.2.1 remote-as 65000 ! ip forward-protocol nd ! no ip http server no ip http secure-server ! ip route 0.0.0.0 0.0.0.0 Serial0/0/1 ! control-plane ! line con 0 line aux 0 line 2 no activation-character no exec transport preferred none transport input all transport output pad telnet rlogin lapb-ta mop udptn v120 ssh stopbits 1 line vty 0 4 login transport input all ! scheduler allocate 20000 1000 ! end