Wednesday, December 30, 2015

BGP task #3. Best path selection

Topology:



Use configuration from BGP task #2 as initial configuration for this task.

Requirements: 

*You may need to remove or alter parts of configuration from the previous task. 

1. Routers in AS12 should send traffic towards AS8 using link R3-R7 as primary option, R3-R6 as         secondary option and R1-R5 as last resort. 
2. AS67 should be able to signal to AS12 the preferred entry point (R7 or R6), for network 67.0/16.       Use  an optional nontransitive path attribute to complete this task. 
3. AS67 and AS5 are the service-providers for AS12. AS67 and AS5 should not use AS12 to reach         any networks, except networks owned by AS12. 
4. AS5, AS8 and AS67 shall use link R3-R7  to reach AS12 as primary option. If this link is                   unavailable, use link R3-R6. Use link R1-R5 as last resort. Use a well-known mandatory path             attribute to complete this requirement. 

Solution:

Highlight the text below to reveal the solution.

This task requires understanding of best-path selection using AS-PATH, Local-Preference & MED attributes. It also requires understanding of well-known communities.

Requirement #1 - change the inbound policy on R3 and R1 from the previous task, to only set local-preference for prefix 8.0/16. 
Requirement #2 - routers R6 and R7 should set a MED attribute when advertising prefix 67.0/16 to AS12. Lower MED value is preferred. 
Requirement #3 - to prevent the "client" autonomous-system from being used as a transit, service-providers should set a well-known "no-export" community to prefixes advertised to the client. 
Requirement #4 - configure outbound policy on R1 and R3 to set as-path prepend on prefixes advertised to AS5 and AS67. 

R1:

!
route-map LAST permit 100
 set as-path prepend 12 12 12 12 12
!
router bgp 12
 bgp log-neighbor-changes
 neighbor IBGP peer-group
 neighbor IBGP remote-as 12
 neighbor IBGP update-source Loopback0
 neighbor IBGP send-community
 neighbor 5.0.15.5 remote-as 5
 neighbor 5.0.15.5 route-map LAST out
 neighbor 12.0.2.2 peer-group IBGP
 neighbor 12.0.3.3 peer-group IBGP
 neighbor 12.0.4.4 peer-group IBGP
!

R2:

!
router bgp 12
 bgp log-neighbor-changes
 network 12.0.0.0 mask 255.255.0.0
 neighbor IBGP peer-group
 neighbor IBGP remote-as 12
 neighbor IBGP update-source Loopback0
 neighbor IBGP send-community
 neighbor 12.0.1.1 peer-group IBGP
 neighbor 12.0.3.3 peer-group IBGP
 neighbor 12.0.4.4 peer-group IBGP
!

R3:

!
route-policy BGP_ALL
  pass
end-policy
!
route-policy PRIMARY_IN
  if destination in AS8 then
    set local-preference 300
  else
    pass
  endif
end-policy
!
route-policy SECONDARY_IN
  if destination in AS8 then
    set local-preference 200
  else
    pass
  endif
end-policy
!
route-policy SECONDARY_OUT
  prepend as-path 12 3
end-policy
!
router bgp 12
 address-family ipv4 unicast
 !
 neighbor-group IBGP
  remote-as 12
  update-source Loopback0
  address-family ipv4 unicast
  !
 !
 neighbor 12.0.1.1
  use neighbor-group IBGP
 !
 neighbor 12.0.2.2
  use neighbor-group IBGP
 !
 neighbor 12.0.4.4
  use neighbor-group IBGP
 !
 neighbor 67.0.36.6
  remote-as 67
  address-family ipv4 unicast
   route-policy SECONDARY_IN in
   route-policy SECONDARY_OUT out
  !
 !
 neighbor 67.0.37.7
  remote-as 67
  address-family ipv4 unicast
   route-policy PRIMARY_IN in
   route-policy BGP_ALL out
  !
 !
!

R6:

!
route-map NO_TRANSIT permit 10
 match ip address prefix-list AS67
 set metric 10000
 set community no-export
route-map NO_TRANSIT permit 100
 set community no-export
!
router bgp 67
 bgp log-neighbor-changes
 network 67.0.0.0 mask 255.255.0.0
 neighbor 8.0.68.8 remote-as 8
 neighbor 67.0.36.3 remote-as 12
 neighbor 67.0.36.3 send-community
 neighbor 67.0.36.3 route-map NO_TRANSIT out
 neighbor 67.0.67.7 remote-as 67
!

R7:

!
route-map NO_TRANSIT permit 10
 match ip address prefix-list AS67
 set metric 1000
 set community no-export
route-map NO_TRANSIT permit 100
 set community no-export
!
router bgp 67
 bgp log-neighbor-changes
 network 67.0.0.0 mask 255.255.0.0
 neighbor 8.0.78.8 remote-as 8
 neighbor 67.0.37.3 remote-as 12
 neighbor 67.0.37.3 send-community
 neighbor 67.0.37.3 route-map NO_TRANSIT out
 neighbor 67.0.67.6 remote-as 67
!

Verification:

RP/0/0/CPU0:R3#show bgp
Mon Dec 21 12:46:08.600 UTC
BGP router identifier 12.0.3.3, local AS number 12
BGP generic scan interval 60 secs
BGP table state: Active
Table ID: 0xe0000000   RD version: 46
BGP main routing table version 46
BGP scan interval 60 secs

Status codes: s suppressed, d damped, h history, * valid, > best
              i - internal, r RIB-failure, S stale, N Nexthop-discard
Origin codes: i - IGP, e - EGP, ? - incomplete
   Network            Next Hop            Metric LocPrf Weight Path
*>i5.0.0.0/16         5.0.15.5                 0    100      0 5 i
*                     67.0.36.6                              0 67 8 5 i
*                     67.0.37.7                              0 67 8 5 i
*  8.0.0.0/16         67.0.36.6                     200      0 67 8 ?
*>                    67.0.37.7                     300      0 67 8 ?
*>i12.0.0.0/16        12.0.2.2                 0    100      0 i
* i                   12.0.4.4                 0    100      0 i
*  67.0.0.0/16        67.0.36.6            10000             0 67 i
*>                    67.0.37.7             1000             0 67 i


R1#show bgp
BGP table version is 25, local router ID is 12.0.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
              x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

     Network          Next Hop            Metric LocPrf Weight Path
 *>  5.0.0.0/16       5.0.15.5                 0             0 5 i
 *>i 8.0.0.0/16       67.0.37.7                     300      0 67 8 ?
 *                    5.0.15.5                               0 5 8 ?
 *>i 12.0.0.0/16      12.0.2.2                 0    100      0 i
 * i                  12.0.4.4                 0    100      0 i
 *>i 67.0.0.0/16      67.0.37.7             1000    100      0 67 i
 *                    5.0.15.5                               0 5 8 67 i


R5#sho
R5#show bgp
BGP table version is 7, local router ID is 5.0.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
              x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

     Network          Next Hop            Metric LocPrf Weight Path
 *>  5.0.0.0/16       0.0.0.0                  0         32768 i
 *>  8.0.0.0/16       8.0.58.8                 0             0 8 ?
 *   12.0.0.0/16      5.0.15.1                               0 12 12 12 12 12 12 i
 *>                   8.0.58.8                               0 8 67 12 i
 *>  67.0.0.0/16      8.0.58.8                               0 8 67 i


R6#show bgp
BGP table version is 5, local router ID is 67.0.6.6
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
              x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

     Network          Next Hop            Metric LocPrf Weight Path
 * i 5.0.0.0/16       8.0.78.8                 0    100      0 8 5 i
 *>                   8.0.68.8                               0 8 5 i
 * i 8.0.0.0/16       8.0.78.8                 0    100      0 8 ?
 *>                   8.0.68.8                 0             0 8 ?
 *   12.0.0.0/16      67.0.36.3                              0 12 12 12 12 i
 *>i                  67.0.37.3                0    100      0 12 i
 *>  67.0.0.0/16      0.0.0.0                  0         32768 i
 * i                  67.0.67.7                0    100      0 i

R7#show bgp
BGP table version is 10, local router ID is 67.0.7.7
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
              x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

     Network          Next Hop            Metric LocPrf Weight Path
 * i 5.0.0.0/16       8.0.68.8                 0    100      0 8 5 i
 *>                   8.0.78.8                               0 8 5 i
 * i 8.0.0.0/16       8.0.68.8                 0    100      0 8 ?
 *>                   8.0.78.8                 0             0 8 ?
 *>  12.0.0.0/16      67.0.37.3                              0 12 i
 * i 67.0.0.0/16      67.0.67.6                0    100      0 i
 *>                   0.0.0.0                  0         32768 i

R8# show bgp
BGP table version is 7, local router ID is 8.0.8.8
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
              x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

     Network          Next Hop            Metric LocPrf Weight Path
 *>  5.0.0.0/16       8.0.58.5                 0             0 5 i
 *>  8.0.0.0/16       0.0.0.0                  0         32768 ?
 *   12.0.0.0/16      8.0.68.6                               0 67 12 i
 *>                   8.0.78.7                               0 67 12 i
 *   67.0.0.0/16      8.0.68.6                 0             0 67 i
 *>                   8.0.78.7                 0             0 67 i

No comments:

Post a Comment