******************************************************** Lab 1 - Configuring eBGP between AS 200 & AS 500 ******************************************************** ++++++++++++++++++++++++++++++++++ alias exec sir sh ip route alias exec sirc sh ip route | inc C alias exec sib sh ip bgp alias exec cib clear ip bgp * soft alias exec srr sh run | s router ++++++++++++++++++++++++++++++++++ =========================================================================================== 1. Configure a neighbor relationship between AS 200 & AS 500 using the appropriate router =========================================================================================== ----- R3 ----- router bgp 200 neighbor 192.1.35.5 remote-as 500 ----- R5 ----- router bgp 500 neighbor 192.1.35.3 remote-as 200 =========================================================================================== 2. Advertise Loopback 0 & 1 in BGP =========================================================================================== ----- R3 ----- router bgp 200 network 3.0.0.0 network 33.3.3.0 mask 255.255.255.0 ----- R5 ----- router bgp 500 network 5.0.0.0 network 55.5.5.0 mask 255.255.255.0 ******************************************************** Lab 2 - Configuring eBGP between AS 200 & AS 600 ******************************************************** =========================================================================================== 1. Configure a neighbor relationship between AS 200 & AS 600 using the appropriate router =========================================================================================== ----- R4 ----- router bgp 200 neighbor 192.1.46.6 remote-as 600 ----- R6 ----- router bgp 600 neighbor 192.1.46.4 remote-as 200 =========================================================================================== 2. Advertise Loopback 0 & 1 in BGP. Don't use the network statement to accomplish this task Make sure that the routes show up with an origin code of "i". =========================================================================================== ----- R4 ----- route-map RC match interface loopback0 loopback1 set origin igp ! router bgp 200 redistribute connected route-map RC ----- R6 ----- route-map RC match interface loopback0 loopback1 set origin igp ! router bgp 600 redistribute connected route-map RC ******************************************************** Lab 3 - Configuring eBGP between AS 100 & AS 200 ******************************************************** =========================================================================================== 1. Configure reachability between the loopbacks to be used for eBGP neighbor relationships =========================================================================================== ------ R1 ------ Interface loopback99 ip address 192.168.1.1 255.255.255.255 ! ip route 192.168.2.2 255.255.255.255 192.1.11.2 ip route 192.168.2.2 255.255.255.255 192.1.12.2 ------ R2 ------ Interface loopback99 ip address 192.168.2.2 255.255.255.255 ! ip route 192.168.1.1 255.255.255.255 192.1.11.1 ip route 192.168.1.1 255.255.255.255 192.1.12.1 ================================================================================================= 2. Configure a neighbor relationship between AS 100 & AS 200 using the appropriate router with redundancy ================================================================================================= ----- R1 ----- router bgp 100 neighbor 192.168.2.2 remote-as 200 neighbor 192.168.2.2 ebgp-multihop 2 neighbor 192.168.2.2 update-source loopback99 ----- R2 ----- router bgp 200 neighbor 192.168.1.1 remote-as 100 neighbor 192.168.1.1 ebgp-multihop neighbor 192.168.1.1 update-source loopback99 =========================================================================================== 3. Advertise Loopback 0 & 1 in BGP =========================================================================================== ----- R1 ----- router bgp 100 network 1.0.0.0 network 11.1.1.0 mask 255.255.255.0 ----- R2 ----- router bgp 200 network 2.0.0.0 network 22.2.2.0 mask 255.255.255.0 ******************************************************** Lab 4 - Configuring BGP authentication ******************************************************** ============================================================================================== 1. Configure all eBGP devices to authenticate their neighbors using Cisco123 as the password ============================================================================================== ------ R1 ------ router bgp 100 neighbor 192.168.2.2 password Cisco123 ------ R2 ------ router bgp 200 neighbor 192.168.1.1 password Cisco123 ------ R3 ------ router bgp 200 neighbor 192.1.35.5 password Cisco123 ------ R5 ------ router bgp 500 neighbor 192.1.35.3 password Cisco123 ------ R4 ------ router bgp 200 neighbor 192.1.46.6 password Cisco123 ------ R6 ------ router bgp 600 neighbor 192.1.46.4 password Cisco123 ******************************************************** Lab 5 - Configuring iBGP within AS 200 ******************************************************** ============================================================================================== 1. Configure the underlay routing of Loopback10's for iBGP ============================================================================================== ------ R2 ------ Interface loopback10 ip address 10.1.1.2 255.255.255.255 ! router eigrp 200 network 192.168.23.0 network 192.168.24.0 network 10.0.0.0 ------ R3 ------ Interface loopback10 ip address 10.1.1.3 255.255.255.255 ! router eigrp 200 network 192.168.23.0 network 192.168.34.0 network 10.0.0.0 ------ R4 ------ Interface loopback10 ip address 10.1.1.4 255.255.255.255 ! router eigrp 200 network 192.168.24.0 network 192.168.34.0 network 10.0.0.0 ============================================================================================== 2. Configure iBGP between R2 & R3 to allow AS 100 and AS 500 to communicate to each other ============================================================================================== ------ R2 ------ router bgp 200 neighbor 10.1.1.3 remote-as 200 neighbor 10.1.1.3 update-source loopback10 neighbor 10.1.1.3 next-hop-self ------ R3 ------ router bgp 200 neighbor 10.1.1.2 remote-as 200 neighbor 10.1.1.2 update-source loopback10 neighbor 10.1.1.2 next-hop-self ============================================================================================== 2. Configure iBGP between R2 & R3 to allow AS 100 and AS 500 to communicate to each other ============================================================================================== ------ R2 ------ router bgp 200 neighbor 10.1.1.3 remote-as 200 neighbor 10.1.1.3 update-source loopback10 neighbor 10.1.1.3 next-hop-self ------ R3 ------ router bgp 200 neighbor 10.1.1.2 remote-as 200 neighbor 10.1.1.2 update-source loopback10 neighbor 10.1.1.2 next-hop-self ============================================================================================== 3. Configure iBGP between R3 & R4 to allow AS 500 and AS 600 to communicate to each other ============================================================================================== ------ R3 ------ router bgp 200 neighbor 10.1.1.4 remote-as 200 neighbor 10.1.1.4 update-source loopback10 neighbor 10.1.1.4 next-hop-self ------ R4 ------ router bgp 200 neighbor 10.1.1.3 remote-as 200 neighbor 10.1.1.3 update-source loopback10 neighbor 10.1.1.3 next-hop-self ============================================================================================== 4. Configure iBGP such that AS 100 & AS 600 can communicate to each other. Do not configure a neighbor relationship between R2 & R4 ============================================================================================== ------ R3 ------ router bgp 200 neighbor 10.1.1.2 route-reflector-client neighbor 10.1.1.4 route-reflector-client ******************************************************** Lab 6 - Configuring Route Filtering using ACLs ******************************************************** ============================================================================================== 1. Create and advertise network on R1 in BGP ============================================================================================== ------ R1 ------ Interface loopback101 ip address 101.1.1.1 255.255.255.0 ! Interface loopback102 ip address 101.1.2.1 255.255.255.0 ! Interface loopback103 ip address 101.1.3.1 255.255.255.0 ! Interface loopback104 ip address 101.1.4.1 255.255.255.0 ! Interface loopback105 ip address 101.1.5.1 255.255.255.0 ! Interface loopback106 ip address 101.1.6.1 255.255.255.0 ! Interface loopback107 ip address 101.1.7.1 255.255.255.0 ! Interface loopback108 ip address 101.1.8.1 255.255.255.0 ! router bgp 100 network 101.1.1.0 mask 255.255.255.0 network 101.1.2.0 mask 255.255.255.0 network 101.1.3.0 mask 255.255.255.0 network 101.1.4.0 mask 255.255.255.0 network 101.1.5.0 mask 255.255.255.0 network 101.1.6.0 mask 255.255.255.0 network 101.1.7.0 mask 255.255.255.0 network 101.1.8.0 mask 255.255.255.0 ============================================================================================== 2. Configure R1 such that it does not send any 101.1.X.0/24 with an even number in the 3rd Octet toward R2. ============================================================================================== ------ R1 ------ access-list 1 deny 101.1.0.0 0.0.254.255 access-list 1 permit any ! router bgp 100 neighbor 192.168.2.2 distribute-list 1 out ******************************************************** Lab 7 - Configuring Route Filtering using Prefix-Lists ******************************************************** ============================================================================================== 1. Create and advertise network on R5 in BGP ============================================================================================== ------ R5 ------ Interface loopback101 ip address 150.5.16.1 255.255.255.0 ! Interface loopback102 ip address 150.5.32.1 255.255.255.240 ! Interface loopback103 ip address 150.5.32.17 255.255.255.240 ! Interface loopback104 ip address 150.5.32.33 255.255.255.248 ! Interface loopback105 ip address 150.5.32.49 255.255.255.248 ! Interface loopback106 ip address 150.5.32.65 255.255.255.252 ! access-list 1 permit 150.5.0.0 0.0.255.255 ! route-map RC match ip address 1 set origin igp ! router bgp 500 redistribute connected route-map RC =================================================================================================== 2. Configure R5 such that it does not send any 105.5.0.0/16 with a mask greater than 28 towards R3 =================================================================================================== ------ R5 ------ ip prefix-list PL-1 deny 150.5.0.0/16 ge 29 ip prefix-list PL-1 permit 0.0.0.0/0 le 32 ! router bgp 500 neighbor 192.1.35.3 prefix-list PL-1 out ********************************************************** Lab 8 - Configuring Route Filtering using AS-Path Filters ********************************************************** ++++++++++++++++++++++++++++++++++++ Special Characters ++++++++++++++++++++++++++++++++++++ ^ - Begining of line $ - End onf Line _ - "^" or "$" or " " .* - Any ============================================================================================== 1. R6 wants to block all routes originating from AS 500 ============================================================================================== ------ R6 ------ ip as-path access-list 55 deny _500$ ip as-path access-list 55 permit .* ! router bgp 600 neighbor 192.1.46.4 filter-list 55 in ============================================================================================== 2. Configure AS 200 such that it does not become a Transit AS ============================================================================================== ------ R2 ------ ip as-path access-list 1 permit ^$ ! router bgp 200 neighbor 192.168.1.1 filter-list 1 out ------ R3 ------ ip as-path access-list 1 permit ^$ ! router bgp 200 neighbor 192.1.35.5 filter-list 1 out ------ R4 ------ ip as-path access-list 1 permit ^$ ! router bgp 200 neighbor 192.1.46.6 filter-list 1 out ************************************************************** Lab 9 - Configuring Route Aggregation with Manual Filtering ************************************************************** ============================================================================================== 1. Configure loopbacks and advertise in BGP on R2 ============================================================================================== ------ R2 ------ Interface loopback201 ip address 202.1.4.1 255.255.255.0 ! Interface loopback202 ip address 202.1.5.1 255.255.255.0 ! Interface loopback203 ip address 202.1.6.1 255.255.255.0 ! Interface loopback204 ip address 202.1.7.1 255.255.255.0 ! router bgp 200 network 202.1.4.0 network 202.1.5.0 network 202.1.6.0 network 202.1.7.0 ============================================================================================== 2. Configure R2 such that it only sends the summary address towards eBGP neighbors & it only sends the specific routes towards iBGP neighbors ============================================================================================== ------ R2 ------ ip prefix-list PL-EBGP deny 202.1.4.0/22 ge 24 ip prefix-list PL-EBGP permit 0.0.0.0/0 le 32 ! ip prefix-list PL-IBGP deny 202.1.4.0/22 ip prefix-list PL-IBGP permit 0.0.0.0/0 le 32 ! router bgp 200 aggregate-address 202.1.4.0 255.255.252.0 neighbor 192.168.1.1 prefix-list PL-EBGP out neighbor 10.1.1.3 prefix-list PL-IBGP out ************************************************************** Lab 10 - Configuring Route Aggregation with Summary Only ************************************************************** ============================================================================================== 1. Configure loopbacks and advertise in BGP on R3 ============================================================================================== ------ R3 ------ Interface loopback201 ip address 203.1.4.1 255.255.255.0 ! Interface loopback202 ip address 203.1.5.1 255.255.255.0 ! Interface loopback203 ip address 203.1.6.1 255.255.255.0 ! Interface loopback204 ip address 203.1.7.1 255.255.255.0 ! router bgp 200 network 203.1.4.0 network 203.1.5.0 network 203.1.6.0 network 203.1.7.0 ============================================================================================== 2. Configure R3 such that it only sends the summary address towards all the neighbors ============================================================================================== ------ R3 ------ router bgp 200 aggregate-address 203.1.4.0 255.255.252.0 summary-only ************************************************************** Lab 11 - Configuring Route Aggregation with Suppress Map ************************************************************** ============================================================================================== 1. Configure loopbacks and advertise in BGP on R4 ============================================================================================== ------ R4 ------ Interface loopback201 ip address 204.1.4.1 255.255.255.0 ! Interface loopback202 ip address 204.1.5.1 255.255.255.0 ! Interface loopback203 ip address 204.1.6.1 255.255.255.0 ! Interface loopback204 ip address 204.1.7.1 255.255.255.0 ! router bgp 200 network 204.1.4.0 network 204.1.5.0 network 204.1.6.0 network 204.1.7.0 ============================================================================================== 2. Configure R4 such that it sends the summary address towards all the neighbors. Alongwith the summary it should also send the 204.1.6.0/24 route. ============================================================================================== ------ R4 ------ access-list 44 permit 204.1.4.0 0.0.0.255 access-list 44 permit 204.1.5.0 0.0.0.255 access-list 44 permit 204.1.7.0 0.0.0.255 or access-list 44 deny 204.1.6.0 0.0.0.255 access-list 44 permit any route-map SM match ip address 44 ! router bgp 200 aggregate-address 204.1.4.0 255.255.252.0 suppress-map SM ************************************************************** Lab 12 - Configuring Route Aggregation with Unsuppress Map ************************************************************** ============================================================================================== 1. Configure R3 such that it sends the summary address and the 203.1.7.0/24 route towards R5. The rest of the neighbors should only get the summary. ============================================================================================== ------ R3 ------ access-list 33 permit 203.1.7.0 0.0.0.255 route-map USM match ip address 33 ! router bgp 200 neighbor 192.1.35.5 unsuppress-map USM