Professional Documents
Culture Documents
Nokia Scalable IP Networks LabGuide v3.1.1
Nokia Scalable IP Networks LabGuide v3.1.1
Revision 3.1.1
Scalable IP Networks Lab Guide
This Nokia Scalable IP Networks v3.1.1 is for the exclusive use of Rahish KHAN - ALCATEL-LUCENT
This Nokia Scalable IP Networks v3.1.1 is for the exclusive use of Rahish KHAN - ALCATEL-LUCENT
Table of Contents
Lab 1 Lab Infrastructure Configuration and Verification ................................................................... 5
Legend
CE Customer edge
router
PE Provider edge router
P Provider core router
Objective
Verify the physical connectivity of a network. No configuration commands are required for this
exercise.
Management Address
Pod Number
Pod 1 - P1 (R1)
PE1 (R5)
CE1 (R9)
Pod 2 - P2 (R2)
PE2 (R6)
CE2 (R10)
Pod 3 - P3 (R3)
PE3 (R7)
CE3 (R11)
Pod 4 - P4 (R4)
PE4 (R8)
CE4 (R12)
Your instructor should provide a diagram with the lab topology and management addresses.
Establish a remote connection to the routers. The username and password for all routers is
‘student’.
Verification
If you are unable to connect or login to any of the routers, notify your instructor.
Objective
Configure the system date, time and the system name for all routers in your Pod. Also, verify the
content of the Boot Option File (BOF).
Exercise
1. Configure the system date and time by using the command admin set-time (For
example, admin set-time 2014/10/10 09:00. You can also use admin set-time
? command to find out date/time format). Note that you can also change the time zone
using the command configure system time zone <time-zone>.
2. Verify that the date and time have been updated using the command show time.
3. Based on Table 2-2: System Names assigned to routersTable 2-2: System Names
assigned to routers, configure the system name to ASIN_Rxx(yy) (xx is your router
number from value 01 to 12, and yy is used to identify P, PE, and CE routers) by using the
command configure system name. The CLI system prompt should now display the
system name.
Verification
Verify the primary image file location, primary configuration file location, and management IP
address.
Objective
Configure the Input/Output Module (IOM), Media Dependent Adapter (MDA), and the ports for all
routers in your pod.
1. Configure the card type of the IOM card slot 1 to match the equipped card type.
Shown below is a sample IOM configuration for router R1. Your equipped card type may
be different from the one shown.
2. Configure all MDAs on IOM card slot 1 to match the equipped MDA type.
A sample MDA configuration for router R1 is shown below. Your equipped MDA type may
be different from the one shown.
3. Configure the first four ports on the MDAs. Make sure all ports on the MDA are
operationally up. Unlike cards using a hierarchical configuration structure, the ports are
not configured as part of the MDA hierarchy. You must return to the root context and
enter the port configuration context. The ports are identified by first identifying the IOM,
then the MDA and then the port (1/1/1, for example).
Verification
1. Verify that the configurations are done correctly by using the commands show card
and show mda. The equipped card type and the provisioned card type should be
identical.
2. Verify that all ports with physical connections to other routers are operationally up using
the command show port.
Objective
Configure four event logs on the P routers (P1, P2, P3 and P4) on your Pod. Specify a log source
and a log destination for each event log.
Exercise
1. Configure an event log with log ID 21. Capture all events from the “main” stream to the
memory.
A sample event log configuration for the P router in Pod 1 is shown below.
Verification
6. Log out of the active telnet session and then open a new session to the router. What has
changed in the output of the info command under the configure log context? Why?
7. View alarms from the two default alarm logs (log 99 and log 100). What is the difference
between the two alarm logs?
15 of 166
© Nokia 2016
This Nokia Scalable IP Networks v3.1.1 is for the exclusive use of Rahish KHAN - ALCATEL-LUCENT
16 of 166
© Nokia 2016
This Nokia Scalable IP Networks v3.1.1 is for the exclusive use of Rahish KHAN - ALCATEL-LUCENT
This Nokia Scalable IP Networks v3.1.1 is for the exclusive use of Rahish KHAN - ALCATEL-LUCENT
Lab 2 IP Addressing and Services
Objective
© Nokia 2016
This Nokia Scalable IP Networks v3.1.1 is for the exclusive use of Rahish KHAN - ALCATEL-LUCENT
This Nokia Scalable IP Networks v3.1.1 is for the exclusive use of Rahish KHAN - ALCATEL-LUCENT
2.1 Section 2-1 IP Address Plan Design
Objective
Design an IP network addressing scheme to support the communications between the routers,
as shown in the diagram below. The IP addressing schema will be used in subsequent lab
exercises.
There are two ISPs in the above diagram. ISP 1 consists of routers PE1, PE2, P1 and P2. ISP 2
consists of routers PE3, PE4, P3 and P4.
P1 and P2 in ISP 1, and P3 and P4 in ISP 2, are provider (P) routers and serve as transit points to
other core routers. PE1 and PE2 in ISP 1, and PE3 and PE4 in ISP 2, are provider edge (PE)
routers and connect to the ISP customers. These routers provide Internet and other network
access to the ISP customers.
Routers CE1 and CE2 are customer edge (CE) routers that represent customers of ISP 1. Routers
CE3 and CE4 are customer edge routers that represent customers of ISP 2. These routers
provide traffic from the ISP to the various customer entities.
Your task is to design an IP subnetwork based on the address space provided, and assign the
subnetworks to the various routers based on the following requirements, which are the same for
both ISPs.
Note: All students assigned to the same ISP must collaborate together.
Hint: It will be easier to divide each ISP address space into eight /27 address blocks.
1. The first 32 addresses in the assigned IP address space for both ISPs are reserved for
system interfaces on the P, PE, and CE routers. Each system interface should be assigned
a /32 address.
2. The next 64 addresses in the assigned IP address space for both ISPs are reserved for
future use.
3. All links (PE-CE, PE-PE, PE-P, P-P links) are point-to-point links. However, for the sake of
convenience they are assigned ‘/30’ based addresses.
4. ISP 1 and ISP 2 provider (P) routers are physically connected to each other but are not
peering to each other. Therefore, no IP addresses are assigned to the links between
routers that belong to different ISPs.
5. Each CE router is connected to a maximum of 60 hosts. There are two CE routers on
each ISP, so each ISP needs to assign two 60-host addresses to represent all customers.
Use route summarization to assign one subnet to each CE router.
1/1/1 toP1
1/1/3 toPE2
1/1/2 toCE1
P1 N/A system
(R1)
1/1/2 toP2
1/1/1 toPE1
1/1/2 toPE1
N/A customerNet
PE2 N/A system
(R6)
1/1/1 toP2
1/1/3 toPE1
1/1/2 toCE2
P2 N/A system
(R2)
1/1/1 toPE2
1/1/2 toP1
CE2 N/A System
(R10)
1/1/2 toPE2
N/A customerNet
1/1/2 toCE3
P3 N/A system
(R3)
1/1/2 toP4
1/1/1 toPE3
CE3 N/A System
(R11)
1/1/2 toPE3
N/A customerNet
PE4 N/A system
(R8)
1/1/1 toP4
1/1/3 toPE3
1/1/2 toCE4
P4 N/A system
(R4)
1/1/1 toPE4
1/1/2 toP3
CE4 N/A System
(R12)
1/1/2 toPE4
N/A customerNet
Objective
Students will configure router interfaces on all routers based on the IP addressing scheme, as
shown in Figure 2-2 below.
Note that interfaces are not configured between the two ISPs (P1-P3 and P2-P4).
Exercise
1. Use the command show router interface to view any existing Layer 3 interfaces on
the router. Notice that the system interface has already been created. This interface
exists by default and cannot be removed. Assign the system interface an IP address.
b. Configure the router interface for each point-to-point link in your Pod. Make sure
to associate each interface with a port number. A sample point-to-point link
configuration for router P1 is shown below.
Verification
1. Verify the status of the router interfaces using the command show router interface. Note
that the system interface and the loopback interface do not have port association.
2. Verify that the administrative status and operational status are up.
If an interface is operationally down, use the info command to check if the router interface
configuration was performed correctly.
4. Using the ping command, check connectivity from a router to the neighboring router’s
interface. The following is an example of how to check the connectivity between routers
PE1 and P1.
=================================================================
Interface Table (Router: Base)
=================================================================
Interface-Name Adm Opr(v4/v6) Mode Port/SapId
IP-Address PfxState
-----------------------------------------------------------------
toPE1 Up Up/Down Network 1/1/1
140.10.0.98/30 n/a
-----------------------------------------------------------------
Interfaces: 1
=================================================================
Objective
In this lab, students will observe the behavior and operation of ICMP and ARP.
Internet Control Message Protocol (ICMP) is used to report on errors that occur while delivering
an IP datagram. When a destination address is unreachable, the router that cannot find the
destination sends an ICMP destination unreachable to the source of the IP datagram.
Address Resolution Protocol (ARP) is a mechanism used to find out the MAC address
corresponding to a specific IP address.
Exercise
1. Configure a debug trace log on the P router with the following parameters. Recall that
the debug-trace log was removed in 1.4 Section 1-4 Event Log Configuration when the
telnet session was terminated.
Description: Debug Trace Log
Log-ID: 24
Log Source: debug-trace
Destination: memory
4. View the ICMP messages on your P router using the command show log log-id 24.
You should see a series of ICMP echo request and echo reply messages in the debug
trace log.
Turn on debug trace for ARP packets and clear all ARP entries on the P router in your Pod.
The sample configuration on router R1 is shown below.
NOTE: Wait until all students in your Pod are at this point before proceeding.
6. From your P router, ping the IP address of the far-end interface to your PE router (use
the same command as in step 3).
Verification
1. Why are ARP messages sent from the P router when executing a ping command?
2. How many ARP entries are seen on the P router using the command show router arp
dynamic? When does an ARP entry populate into the ARP table?
3. Verify that the MAC address belongs to the interface on the PE router. You can find the
interface MAC address from the hardware address of the associated port (use the
command show port 1/1/1, for example).
4. Clear all events in the debug log and ping from your P router to the PE router again. Do
you see ARP messages in the debug log? Why?
5. From your P router, ping the IP address of the far-end interface to the neighboring P
router. For example, router P1 will ping the far-end interface to router P2.
31 of 166
© Nokia 2016
This Nokia Scalable IP Networks v3.1.1 is for the exclusive use of Rahish KHAN - ALCATEL-LUCENT
32 of 166
© Nokia 2016
This Nokia Scalable IP Networks v3.1.1 is for the exclusive use of Rahish KHAN - ALCATEL-LUCENT
This Nokia Scalable IP Networks v3.1.1 is for the exclusive use of Rahish KHAN - ALCATEL-LUCENT
Lab 3 Static Routing
Objective
Objective
Configure a static route from the PE router to the system address of the P router and vice-
versa.
At this point, the operator can only ping the interfaces that are directly connected to the router.
This is because those are the only networks that are known by the router. If the operator
attempts to ping the system interface of the neighboring router, the ping will fail because there
is no route to the destination.
Exercise
1. On the PE router, configure a static route using the command configure router
static-route with the following parameters:
Destination address: router P’s system interface address
2. View the status of the static route on the PE router using the command show router
static-route. Make sure the static route that you configured is active.
3. From the PE router ping to the system address of the P router in your Pod.
For example, on PE1, execute the command ping 140.10.0.1 count 1.
4. The ping in the previous step should fail because the P router does not have a route to
reach to the system address of the PE router.
In order for the ping to work between routers P and PE, configure another static route
with the following parameters on the P router:
Destination address: router PE’s system interface address
Nexthop address: router PE’s interface address towards the P router
Verification
5. View the status of the static route on the P router and make sure the static route that
you have configured is active.
7. Verify connectivity between the routers P and PE by performing a ping from the P router
to the system interface of the PE router and vice-versa.
8. View the content of the routing table using the command show router route-
table. Do you see the static route in the routing table?
9. What is the preference and metric value of the static route? What is the preference and
metric value of the local route?
10. Which value is used to determine one type of route is preferred over another type of
route?
Objective
In this lab, students will configure a default route on the CE router. The purpose of this default
route is to allow IP connectivity from the CE router to the rest of network. This is possible
because the CE router has only one interface facing the ISP core. Therefore, if the destination of
a packet is not local, the packet must be forwarded out to that interface.
Exercise
1. On the CE router, configure a default route using the command configure router
static-route with the following parameters:
Destination address: 0.0.0.0/0
2. View the status of the static route on the PE router using the command show router
static-route. Make sure the static route that you configured is active.
3. Verify that the default route is added to the routing table using the command show
router route-table.
4. On the CE router, configure a debug trace log and turn on an ICMP debug trace.
Attempting to ping the PE router’s system interface address should fail.
5. Find the source address of the ICMP echo request messagesent from the CE router.
6. On the CE router, ping the PE router’s system interface address and specify the source
address to the CE interface address towards the PE router.
By default, the source address of the ICMP message is the sender’s system interface
address. Without specifying the source address, the CE router will send the ICMP echo
request to the PE router with the CE router’s system interface address. However, the PE
router cannot respond with the ICMP echo reply message because the PE router does
not have a route to the CE router’s system interface address.
The following output is a ping from CE1 to PE1’s system address.
8. On the PE router, configure two static routes. One static route is used to reach to the CE
router’s system interface address and another static route is used to reach to the CE
router’s customer network with the following parameters:
9. On the CE router, ping the PE router’s system interface address without specifying the
source address. The ping should work now.
10. Verify that the PE router can reach the CE customer network subnet by pinging the CE
router’s loopback interface address.
Verification
The CE router does not have the PE router’s system interface address in its routing table.
How does the CE router reach the PE router’s system interface?
39 of 166
© Nokia 2016
This Nokia Scalable IP Networks v3.1.1 is for the exclusive use of Rahish KHAN - ALCATEL-LUCENT
40 of 166
© Nokia 2016
This Nokia Scalable IP Networks v3.1.1 is for the exclusive use of Rahish KHAN - ALCATEL-LUCENT
This Nokia Scalable IP Networks v3.1.1 is for the exclusive use of Rahish KHAN - ALCATEL-LUCENT
Lab 4 Open Shortest Path First (OSPF)
4.1 Section 4-1 OSPF
Objective
In this lab, students will configure OSPF in the provider core network (P and PE routers).
1. Remove all static routes configured in the P and PE routers using the command
configure router no static-route <ip-prefix/length> next-hop
<next-hop-address>.
2. Enable OSPF on the P and PE routers using the command configure router ospf.
3. Define a backbone area on the P and PE routers using the command area 0 under the
configure router ospf context.
4. On the P router, add two OSPF point-to-point interfaces to the backbone area as follows:
a. One interface toward the neighboring P router within the same ISP
b. Another interface toward the directly connected PE router
*A:ASIN_R01(P1)>config>router>ospf$ info
----------------------------------------------
area 0.0.0.0
interface "toP2"
interface-type point-to-point
no shutdown
exit
interface "toPE1"
interface-type point-to-point
no shutdown
exit
exit
no shutdown
5. On the PE router, add two OSPF point-to-point interfaces to the backbone area as
follows:
a. One interface toward the directly connected P router
b. Another interface toward the directly connected PE router
1. Verify the OSPF neighbor status of the P and PE routers using the command show
router ospf neighbor.
a. How many neighbors do you see on the P router? PE router? CE router?
b. What is the OSPF adjacency state? What does this adjacency state mean?
2. On the P router, ping its directly connected PE router’s system address. Does the ping
work?
3. On the P and PE routers, add the system interface to the OSPF backbone area. Does the
ping from the P router to the PE router work, and vice-versa?
4. On the PE router, verify the ping to neighboring PE router’s system address was
successful.
5. Examine the OSPF routes in the routing table on the P and PE routers using the
command show router route-table protocol ospf.
a. How is the OSPF metric value determined?
b. When is an OSPF route added to the routing table?
6. Examine the OSPF link state database using the command show router ospf database
and show router ospf database detail. This database contains a listing of all Link
State Advertisements (LSAs). These LSAs are used to create a forwarding table.
a. What types of LSA are in the LSDB?
b. Is the LSDB consistent on all routers within an ISP?
c. What will a router perform when there is a topology change on one of its directly
connected links?
44 of 166
© Nokia 2016
This Nokia Scalable IP Networks v3.1.1 is for the exclusive use of Rahish KHAN - ALCATEL-LUCENT
45 of 166
© Nokia 2016
This Nokia Scalable IP Networks v3.1.1 is for the exclusive use of Rahish KHAN - ALCATEL-LUCENT
This Nokia Scalable IP Networks v3.1.1 is for the exclusive use of Rahish KHAN - ALCATEL-LUCENT
Lab 5 BGP (instructor demonstration)
5.1 Section 5-1 BGP
Objective
In this lab, your instructor will configure internal BGP (iBGP) and external BGP (eBGP). iBGP is
used between BGP peers in the same Autonomous System (AS). eBGP is used between BGP
peers in different autonomous systems.
Exercise
1. Assign autonomous system 65001 to all P routers in ISP 1. Assign autonomous system
65002 to all P routers in ISP 2.
2. Configure routers P1 and P2, and routers P3 and P4 as internal BGP peers (iBGP). Note
that iBGP peers typically use the system interface address as the neighbor address.
Verification
1. Verify the BGP sessions are established in the P routers using the commands show
router bgp summary and show router bgp neighbor.
c. How many BGP sessions are in each P router?
d. What is the BGP neighbor state?
2. Verify BGP routes in the routing table on router P1 using the command show router
route-table.
3. On the P1 router, remove the system interface from the OSPF backbone area. Wait for
90 seconds.
a. Is the iBGP session established in each of the P routers?
b. Is the eBGP session established?
4. On router P1, add the system interface address back to the OSPF backbone area. Make
sure all iBGP and eBGP sessions are established on all P routers.
49 of 166
© Nokia 2016
This Nokia Scalable IP Networks v3.1.1 is for the exclusive use of Rahish KHAN - ALCATEL-LUCENT
50 of 166
© Nokia 2016
This Nokia Scalable IP Networks v3.1.1 is for the exclusive use of Rahish KHAN - ALCATEL-LUCENT
This Nokia Scalable IP Networks v3.1.1 is for the exclusive use of Rahish KHAN - ALCATEL-LUCENT
Lab 6 IP Filters
6.1 Section 6-1 IP Filters
Objective
In this lab, students will configure an IP filter on the routers to block ICMP echo request access
to an IP address range.
Exercise
1. On the PE router, create an IP filter policy with filter-id 77 using the command
configure filter ip-filter 77 create. Add a description for this filter: “Block
ICMP message to system address”.
2. On the PE router, configure the IP filter policy with the following requirements (create an
entry within the IP filter and configure the entry with a matching critieria):
3. There are two possible equal cost paths to go from a P router to the non-directly
connected PE router within the ISP. In order to make sure the ICMP request message
follows a specific path, one path must have a lower cost than the other path.
On the P router, lower the OSPF metric value on the interface toward the neighboring P
router in your ISP to 10. This makes the link toward the neighboring P router MORE
preferred. The following is the sample configuration on the P1 router.
4. From the P router, ping the non-directly connected PE router’s system address within
your ISP (for example, ping from router P1 to PE2’s system address). Does the ping
work? Why?
5. On the PE router, associate the IP filter policy to the interface connected to the P router.
All ICMP echo request messages received on that interface with the router’s own system
address should be discarded. The following is the sample configuration on PE1.
1. From the P router, ping the non-directly connected PE router’s system address within
your ISP. Does the ping work? Why?
2. On the P router, increase the OSPF metric value on the interface toward the neighboring
P router within your ISP to 500. This makes the link toward the neighboring P router LESS
preferred. The following is the sample configuration on the P1 router.
a. Perform the ping command as in step 1. Does the ping work? Why?
b. On the PE router, associate the IP filter policy to the interface towards the
neighborinig PE router. Perform the ping command as in step 1 again. Does the
ping work? Why?
55 of 166
© Nokia 2016
This Nokia Scalable IP Networks v3.1.1 is for the exclusive use of Rahish KHAN - ALCATEL-LUCENT
56 of 166
© Nokia 2016
This Nokia Scalable IP Networks v3.1.1 is for the exclusive use of Rahish KHAN - ALCATEL-LUCENT
This Nokia Scalable IP Networks v3.1.1 is for the exclusive use of Rahish KHAN - ALCATEL-LUCENT
Lab 7 Services (instructor demonstration)
7.1 Section 7-1 Services Framework
Objective
In this lab, your instructor will configure Label Distribution Protocol (LDP) within the provider
core network (P and PE routers). LDP is one of the MPLS signaling protocols. Service Distribution
Points (SDPs) will also be configured.
Running an IP/MPLS-based service such as Virtual Private Leased Line Service (VPLS) requires
MPLS signaling.
For demonstration, VPLS is configured on ISP 1 only.
Exercise
1. On each P router in ISP 1, enable LDP to ALL interfaces within its own ISP.
3. On each CE router,
a. Remove the port association on the existing router interface to the PE router
b. Create a router interface named “toVPLS” towards the neighboring PE router. Use
IP address 192.168.1.1/29 for CE1 and 192.168.1.2/29 for CE2.
c. Assocate port 1/1/2 to the router interface “toVPLS”
Verification
1. Verify that link LDP sessions are established on the P and PE routers using the command
show router ldp session.
2. Verify the Label Forwarding Information Base (LFIB) on all routers using the command
show router ldp bindings active.
a. Does a CE router have a LFIB? Why?
b. Explain what action is performed by a router when a prefix received is associated
with the PUSH operation in the LFIB.
c. Explain what action is performed by a router when a prefix received is associated
with the SWAP operation in the LFIB.
d. Explain what action is performed by a router when a prefix received is associated
with the POP operation in the LFIB.
3. Verify that all SDPs on the PE routers are operationally up using the command show
service sdp.
Objective
VPLS is a Layer 2 multipoint service that emulates a Layer 2 LAN switch between two or more
locations. In this lab, your instructor will configure all services components (SAP and SDP)
required for a VPLS on ISP 1. Once completed, CE1 will be able to reach CE2 using the VPLS
service.
Exercise
1. Create a VPLS service on the PE routers with service-id 1 on ISP 1. Use a default
customer-id.
1. Verify the VPLS service is operational using the command show service id 1 base. If
not, ensure that the VPLS is administrative up.
2. On PE1, view the MAC Forwarding Database (FDB) using the command show service id
1 fdb detail. Are there any MAC entries in the MAC FDB?
61 of 166
© Nokia 2016
This Nokia Scalable IP Networks v3.1.1 is for the exclusive use of Rahish KHAN - ALCATEL-LUCENT
62 of 166
© Nokia 2016
This Nokia Scalable IP Networks v3.1.1 is for the exclusive use of Rahish KHAN - ALCATEL-LUCENT
This Nokia Scalable IP Networks v3.1.1 is for the exclusive use of Rahish KHAN - ALCATEL-LUCENT
Lab Solutions
Configure the date, time and the system name for all the routers in your Pod. Also, verify the
content of the Boot Option File (BOF).
1. Configure the system date and time by using the command admin set-time (For
example, admin set-time 2014/10/10 09:00. You can also use admin set-time ?
command to find out the date/time format). Note that you can also change the time
zone using the command configure system time zone <time-zone>.
2. Verify that the date and time have been updated using the command show time.
3. Based on Error! Reference source not found., configure system name ASIN_Rxx(yy) (xx is
your router number from value 01 to 12 and, yy is used to identify P, PE, and CE routers)
by using the command configure system name. The CLI system prompt should now
display the system name.
Configure the Input/Output Module (IOM), Media Dependent Adapter (MDA), and the ports for all
routers in your Pod).
1. Configure the card type of the IOM card slot 1 to match the equipped card type.
===========================================================
2. Configure all MDAs on the IOM card slot 1 to match the equipped MDA type.
======
3. Configure the first four ports on the MDAs. Make sure all ports on the MDA are
operationally up. Unlike cards using a hierarchical configuration structure, the ports are
not configured as part of the MDA hierarchy. You must return to the root context and
enter into the port configuration context. The ports are identified by first identifying the
IOM, then the MDA and then the port (1/1/1, for example).
Verification
1. Verify that the configurations were performed correctly by using the commands show
card and show mda. The equipped card type and the provisioned card type should be
identical.
=================================================================
Card Summary
=================================================================
Slot Provisioned Type Admin Operational Comments
Equipped Type(if different) State State
-----------------------------------------------------------------
1 iom3-xp up up
A sfm4-12 up up/active
B sfm4-12 up down/standby
(not equipped)
=================================================================
=================================================================
MDA Summary
=================================================================
Slot Mda Provisioned Type Admin Operational
Equipped Type(if different) State State
-----------------------------------------------------------------
1 1 m10-1gb-xp-sfp up up
2 m10-1gb-xp-sfp up up
=================================================================
2. Verify that all ports with physical connections to other routers are operationally up using
the command show port.
=================================================================
Ports on Slot 1
=================================================================
Port Admin Link Port Cfg Oper LAG/ Port Port Port C/QS/S/XFP/
Id State State MTU MTU Bndl Mode Encp Type MDIMDX
-----------------------------------------------------------------
1/1/1 Up Yes Up 8936 8936 - netw null xcme GIGE-LX 10KM
1/1/2 Up Yes Up 8936 8936 - netw null xcme GIGE-LX 10KM
1/1/3 Up Yes Up 8936 8936 - netw null xcme GIGE-LX 10KM
1/1/4 Up Yes Up 8936 8936 - netw null xcme GIGE-LX 10KM
1/1/5 Down No Down 8936 8936 - netw null xcme GIGE-LX 10KM
1/1/6 Down No Down 8936 8936 - netw null xcme GIGE-LX 10KM
1/1/7 Down No Down 8936 8936 - netw null xcme GIGE-LX 10KM
1/1/8 Down No Down 8936 8936 - netw null xcme GIGE-LX 10KM
1/1/9 Down No Down 8936 8936 - netw null xcme GIGE-LX 10KM
1/1/10 Down No Down 8936 8936 - netw null xcme GIGE-LX 10KM
:
:
Configure four event logs on the P routers (P1, P2, P3 and P4) on your Pod. Specify a log source
and a log destination for each event log.
1. Configure an event log with log ID 21. Capture all events from the “main” stream to the
memory.
2. Using the same configuration steps that you completed in step 1, repeat the process to
configure three other log files using the following parameters:
Verification
=================================================================
Event Log 22
=================================================================
Description : Security Log
Memory Log contents [size=100 next event=2 (not wrapped)]
A log with log destination of session will last until the CLI session is terminated. After
logging out from the active telnet session, the CLI session is terminated and the log (log-
id 24) with the log destination of session is removed from the system.
7. View alarms from the two default alarm logs (log 99 and log 100). What is the difference
between the two alarm logs?
Log 99 is a pre-configured memory-based log, which logs events from the main event source. Log
100 is a pre-configured memory-based log, which logs events from the main event source with
severity of major or higher. Both log 99 and log 100 exist in the system by default.
Below is the IP addressing schema for ISP 1. A similar addressing schema is used for ISP 2.
Prefix 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32
Length
Value 128 64 32 16 8 4 2 1 128 64 32 16 8 4 2 1
1(System) 0 0 0 0 0 0 0 0 0 0 0 X X X X X
2(Reserved) 0 0 1 X X X X X
0 1 0 X X X X X
3(P2P) 0 1 1 X X
5(CE1) 1 0 0 X X X X X
1 0 1 X X X X X
5(CE2) 1 1 0 X X X X X
1 1 1 X X X X X
1. The first 32 addresses in the assigned IP address space for both ISPs are reserved for
system interfaces on the P, PE and CE routers. Each system interface should be assigned
a /32 address.
To provide 32 addresses, 5 bits (25=32) are required from the existing host bits of the
network address of 140.10.0.0/24. Since each system interface and loopback interface
should be assigned a /32 address, there will be no broadcast addresses or network
addresses needed.
With 5 bits used to provide 32 addresses, the first subnet 140.10.0.0/27 (32-5) is used
for the system interfaces and loopback interfaces.
2. The next 64 addresses in the assigned IP address space for both ISPs are reserved for
future use.
Since each /27 subnet provides 32 addresses, two /27 subnets are needed to provide 64
addresses. Therefore, 140.10.0.32/27 and 140.10.0.64/27 are reserved for future use.
3. All links (PE-CE, PE-PE, PE-P, P-P links) are point-to-point links. However, for the sake of
convenience, they are assigned ‘/30’ based addresses.
4. ISP 1 and ISP 2 provider (P) routers are physically connected to each other but are not
peering to each other. Therefore, no IP addresses are assigned to the links between
routers that belong to different ISPs.
There are multiple solutions. Your solution may not be the same as the ones shown above.
1. Assign 140.10.0.0/27 to all system interfaces for ISP 1.
2. Assign 140.10.0.96/27 to all point-to-point links for ISP 1. Remember that the host
address of all zeroes is reserved for the network address, and the host address of all
ones is reserved for the broadcast address.
a. Assign 140.10.0.96/30 to PE1-P1 link.
b. Assign 140.10.0.100/30 to PE1-PE2 link.
c. Assign 140.10.0.104/30 to PE1-CE1 link.
d. Assign 140.10.0.108/30 to P1-P2 link.
e. Assign 140.10.0.112/30 to PE2-P2 link.
f. Assign 140.10.0.116/30 to PE2-CE2 link.
3. Assign 140.10.0.128/26 to CE1’s customerNet.
4. Assign 140.10.0.192/26 to CE2’s customerNet.
5. The next 64 addresses in the assigned IP address space for both ISPs are reserved for
future use.
The interface configurations for P, PE and CE routers in Pod 1 are shown below. Similar
configurations are performed on routers in other pods.
Verification
1. Verify the status of the router interfaces using the command show router
interface. Note that system interface and loopback interface do not have port
association.
=================================================================
Interface Table (Router: Base)
=================================================================
Interface-Name Adm Opr(v4/v6) Mode Port/SapId
IP-Address PfxState
-----------------------------------------------------------------
system Up Up/Down Network system
140.10.0.1/32 n/a
toP2 Up Up/Down Network 1/1/2
140.10.0.109/30 n/a
toPE1 Up Up/Down Network 1/1/1
140.10.0.98/30 n/a
-----------------------------------------------------------------
Interfaces : 3
=================================================================
*A:ASIN_R01(P1)#
2. Verify that the administrative status and operational status are up.
If an interface is operationally down, use the info command to check if the router
interface configuration was performed correctly.
3. Using the show router route-table command, check the route tables for all routers
in your Pod. How many routes are in the PE, P and CE routers? What is the protocol type
for the route entry shown in the routing table?
All route entries have a protocol type of “local”. These routes are locally connected
routes that are added to the route table whenever an interface is configured with an IP
address and it is operationally up.
=================================================================
Route Table (Router: Base)
=================================================================
Dest Prefix[Flags] Type Proto Age Pref
Next Hop[Interface Name] Metric
-----------------------------------------------------------------
140.10.0.1/32 Local Local 01d22h19m 0
system 0
140.10.0.96/30 Local Local 16h45m03s 0
toPE1 0
140.10.0.108/30 Local Local 01d18h57m 0
toP2 0
-----------------------------------------------------------------
No. of Routes: 3
Flags: n = Number of times nexthop is repeated
B = BGP backup route available
L = LFA nexthop available
S = Sticky ECMP requested
=================================================================
=================================================================
Route Table (Router: Base)
=================================================================
Dest Prefix[Flags] Type Proto Age Pref
Next Hop[Interface Name] Metric
-----------------------------------------------------------------
140.10.0.0/32 Local Local 01d19h00m 0
system 0
140.10.0.96/30 Local Local 01d18h59m 0
toP1 0
140.10.0.100/30 Local Local 01d18h59m 0
toPE2 0
140.10.0.104/30 Local Local 01d18h59m 0
toCE1 0
-----------------------------------------------------------------
No. of Routes: 4
Flags: n = Number of times nexthop is repeated
B = BGP backup route available
L = LFA nexthop available
S = Sticky ECMP requested
=================================================================
=================================================================
Route Table (Router: Base)
=================================================================
Dest Prefix[Flags] Type Proto Age Pref
Next Hop[Interface Name] Metric
-----------------------------------------------------------------
140.10.0.4/32 Local Local 00h09m43s 0
system 0
140.10.0.104/30 Local Local 01d19h00m 0
toPE1 0
140.10.0.128/26 Local Local 01d19h16m 0
customerNet 0
-----------------------------------------------------------------
No. of Routes: 3
Flags: n = Number of times nexthop is repeated
B = BGP backup route available
L = LFA nexthop available
S = Sticky ECMP requested
=================================================================
4. Using the ping command, check connectivity from a router to the neighboring router’s
interface. The following is an example of how to check connectivity between routers PE1
and P1.
1. Configure a debug trace log on the P router with the following parameters. Recall that
the debug-trace log was removed in 1.4 Section 1-4 Event Log Configuration when the
telnet session was terminated
3. From your P router, ping the IP address of the far-end interface to your PE router. The
sample output ping performed from P1 to PE1 is shown below.
*A:ASIN_R01(P1)# ping 140.10.0.97 count 1
PING 140.10.0.97 56 data bytes
64 bytes from 140.10.0.97: icmp_seq=1 ttl=64 time=3.38ms.
4. View the ICMP messages on your P router using the command show log log-id 24.
You should see a series of ICMP echo request and echo reply messages in the debug
trace log.
=================================================================
Event Log 24
=================================================================
Description : Debug Trace Log
Memory Log contents [size=100 next event=3 (not wrapped)]
Turn on debug trace for ARP packets and clear all ARP entries on the P router in your pod.
The sample configuration on router R1 is shown below.
6. From your P router, ping the IP address of the far-end interface to your PE router (use
the same command as in step 3).
7. View the ICMP and ARP messages on your P router using the command show log log-
id 24. In addition to the ICMP echo request and echo reply messages, you should see an
ARP request message and an ARP reply message in the debug trace log.
=================================================================
Event Log 24
=================================================================
Description : Debug Trace Log
Memory Log contents [size=100 next event=5 (not wrapped)]
1. Why are ARP messages sent from the P router when executing a ping command?
When the P router sends an ICMP echo request message to the PE router, the P router
needs to know the MAC address of the PE router. To do so, the P router broadcasts an
ARP request message requesting the system with the specified IP address to respond
with its MAC address. When PE router sees the ARP request message with its IP address,
the PE router sends an ARP response message containing its MAC address.
2. How many ARP entries are seen on the P router using the command show router arp
dynamic? When does an ARP entry populate into the ARP table?
There is one ARP entry showing the MAC address of the far-end interface of the PE
router.
An ARP entry is populated when an ARP response is received. The ARP entry contains the
IP address and the associated MAC address.
=================================================================
ARP Table (Router: Base)
=================================================================
IP Address MAC Address Expiry Type Interface
-----------------------------------------------------------------
140.10.0.97 7a:68:01:01:00:01 03h23m52s Dyn[I] toPE1
-----------------------------------------------------------------
No. of ARP Entries: 1
=================================================================
3. Verify that the MAC address belongs to the interface on the PE router. You can find the
interface MAC address from the hardware address of the associated port (use the
command show port 1/1/1, for example).
The hardware address of the port associated with the PE router interface is the same as
the MAC address seen in the P router’s ARP table.
=================================================================
Interface Table (Router: Base)
=================================================================
Interface-Name Adm Opr(v4/v6) Mode Port/SapId
IP-Address PfxState
-----------------------------------------------------------------
toP1 Up Up/Down Network 1/1/1
140.10.0.97/30 n/a
-----------------------------------------------------------------
Interfaces : 1
=================================================================
*A:ASIN_R05(PE1)# show port 1/1/1
=================================================================
Ethernet Interface
=================================================================
Description : 10/100/Gig Ethernet SFP
:
:
Configured Address : 7a:68:01:01:00:01
Hardware Address : 7a:68:01:01:00:01
4. Clear all events in the debug log and ping from your P router to the PE router again. Do
you see ARP messages in the debug log? Why?
No ARP messages are seen this time because the P router already knows the PE router
interface address from the ARP table.
=================================================================
ARP Table (Router: Base)
=================================================================
IP Address MAC Address Expiry Type Interface
-----------------------------------------------------------------
140.10.0.97 7a:68:01:01:00:01 03h31m10s Dyn[I] toPE1
-----------------------------------------------------------------
No. of ARP Entries: 1
=================================================================
*A:ASIN_R01(P1)# ping 140.10.0.97 count 1
PING 140.10.0.97 56 data bytes
64 bytes from 140.10.0.97: icmp_seq=1 ttl=64 time=1.41ms.
=================================================================
Event Log 24
=================================================================
Description : Debug Trace Log
Memory Log contents [size=100 next event=3 (not wrapped)]
5. From your P router, ping the IP address of the far-end interface to the neighboring P
router. For example, P1 router will ping the far-end interface to P2 router.
=================================================================
ARP Table (Router: Base)
=================================================================
IP Address MAC Address Expiry Type Interface
-----------------------------------------------------------------
140.10.0.110 7a:65:01:01:00:02 03h59m57s Dyn[I] toP2
140.10.0.97 7a:68:01:01:00:01 03h14m33s Dyn[I] toPE1
-----------------------------------------------------------------
No. of ARP Entries: 2
=================================================================
1. On the PE router, configure a static route using the command configure router
static-route with the following parameters:
Destination address: router P’s system interface address
Nexthop address: router P’s interface address towards the PE router
2. View the status of the static route on the PE router using the command show router
static-route. Make sure the static route that you configured is active.
=================================================================
Static Route Table (Router: Base) Family: IPv4
=================================================================
Prefix Tag Met Pref Type Act
Next Hop Interface
-----------------------------------------------------------------
140.10.0.1/32 0 1 5 NH Y
140.10.0.98 toP1
-----------------------------------------------------------------
No. of Static Routes: 1
=================================================================
3. Ping from the PE router to the system address of the P router in your Pod.
For example, on PE1, execute the command ping 140.10.0.1 count 1.
4. The ping in the previous step should fail because the P router does not have a route to
reach to the system address of the PE router.
In order for the ping to work between the P router and the PE router, configure another
static route with the following parameters on the P router:
Destination address: router PE’s system interface address
Next hop address: router PE’s interface address towards the P router
Verification
1. View the status of the static route on the P router and make sure the static route that
you have configured is active.
=================================================================
Static Route Table (Router: Base) Family: IPv4
=================================================================
Prefix Tag Met Pref Type Act
Next Hop Interface
-----------------------------------------------------------------
140.10.0.0/32 0 1 5 NH Y
140.10.0.97 toPE1
-----------------------------------------------------------------
No. of Static Routes: 1
=================================================================
2. Verify connectivity between the P router and the PE router by performing a ping from
the P router to the system interface of the PE router and vice-versa.
=================================================================
Route Table (Router: Base)
=================================================================
Dest Prefix[Flags] Type Proto Age Pref
Next Hop[Interface Name] Metric
-----------------------------------------------------------------
140.10.0.0/32 Remote Static 01h12m45s 5
140.10.0.97 1
140.10.0.1/32 Local Local 02d07h52m 0
system 0
140.10.0.96/30 Local Local 01d02h18m 0
toPE1 0
140.10.0.108/30 Local Local 02d04h30m 0
toP2 0
-----------------------------------------------------------------
No. of Routes: 4
Flags: n = Number of times nexthop is repeated
B = BGP backup route available
L = LFA nexthop available
S = Sticky ECMP requested
=================================================================
4. What is the preference and metric value of the static route? What is the preference and
metric value of the local route?
The preference and metric value of the static route is, by default, 5 and 1 respectively.
The preference and metric value of the local route are both 0.
5. Which value is used to determine one type of route is preferred over another type of
route?
1. On the CE router, configure a default route using the command configure router
static-route with the following parameters:
Destination address: 0.0.0.0/0
Next hop address: router PE’s interface address towards the CE router
2. View the status of the static route on the PE router using the command show router
static-route. Make sure the static route that you configured is active.
=================================================================
Static Route Table (Router: Base) Family: IPv4
=================================================================
Prefix Tag Met Pref Type Act
Next Hop Interface
-----------------------------------------------------------------
0.0.0.0/0 0 1 5 NH Y
140.10.0.105 toPE1
-----------------------------------------------------------------
No. of Static Routes: 1
=================================================================
3. Verify the default route is added to the routing table using the command show router
route-table.
=================================================================
Route Table (Router: Base)
=================================================================
Dest Prefix[Flags] Type Proto Age Pref
Next Hop[Interface Name] Metric
-----------------------------------------------------------------
0.0.0.0/0 Remote Static 03h37m21s 5
140.10.0.105 1
5. Find the source address of the ICMP echo request message sent from the CE router.
The ICMP echo request message uses the CE router’s system interface address as the
source address by default. However, the PE router cannot respond with the ICMP echo
reply message because the PE router does not have a route to the CE router’s system
interface address.
=================================================================
Event Log 24
=================================================================
Description : (Not Specified)
Memory Log contents [size=100 next event=43 (not wrapped)]
6. On the CE router, ping the PE router’s system interface address and specify the source
address to the CE interface address towards the PE router
By default, the source address of the ICMP message is the sender’s system interface
address. Without specifying the source address, the CE router will send the ICMP echo
request to the PE router using the CE router’s system interface address as a source IP
address. However, the PE router cannot respond with the ICMP echo reply message
because the PE router does not have a route to the CE router’s system interface
address.
The following output is a ping from CE1 to PE1’s system address.
=================================================================
Event Log 24
=================================================================
Description: (Not Specified)
Memory Log contents [size=100 next event=45 (not wrapped)]
9. On the CE router, ping the PE router’s system interface address without specifying the
source address. The ping should work now.
Verification
1. The CE router does not have the PE router’s system interface address in its routing table.
How does the CE router reach tthe PE’s system interface?
When the CE router needs to reach to the PE router’s system interface address, the CE
router does a forwarding table lookup and finds a route entry with the longest match,
which is a default route.
1. Remove all static routes configured in the P and PE routers using the command
configure router no static-route <ip-prefix/length> next-hop
<next-hop-address>.
=================================================================
Static Route Table (Router: Base) Family: IPv4
=================================================================
Prefix Tag Met Pref Type Act
Next Hop Interface
-----------------------------------------------------------------
140.10.0.0/32 0 1 5 NH Y
140.10.0.97 toPE1
-----------------------------------------------------------------
No. of Static Routes: 1
=================================================================
*A:ASIN_R01(P1)# configure router no static-route 140.10.0.0/32
next-hop 140.10.0.97
=================================================================
Static Route Table (Router: Base) Family: IPv4
=================================================================
Prefix Tag Met Pref Type Act
Next Hop Interface
-----------------------------------------------------------------
140.10.0.1/32 0 1 5 NH Y
140.10.0.98 toP1
140.10.0.4/32 0 1 5 NH Y
140.10.0.106 toCE1
140.10.0.128/26 0 1 5 NH Y
140.10.0.106 toCE1
-----------------------------------------------------------------
No. of Static Routes: 3
=================================================================
*A:ASIN_R05(PE1)# configure router no static-route 140.10.0.1/32
next-hop 140.10.0.98
*A:ASIN_R05(PE1)# configure router no static-route 140.10.0.4/32
next-hop 140.10.0.106
*A:ASIN_R05(PE1)# configure router no static-route
140.10.0.128/26 next-hop 140.10.0.106
2. Enable OSPF on the P and PE routers using the command configure router ospf.
3. Define a backbone area on the P and PE routers using the command area 0 under the
configure router ospf context.
4. On the P router, add two OSPF point-to-point interfaces to the backbone area as follows:
a. One interface toward the neighboring P router within the same ISP
b. Another interface toward the directly connected PE router
5. On the PE router, add two OSPF point-to-point interfaces to the backbone area as
follows:
a. One interface toward the directly connected P router
b. Another interface toward the directly connected PE router
*A:ASIN_R05(PE1)>config>router>ospf# info
----------------------------------------------
area 0.0.0.0
interface "toP1"
interface-type point-to-point
no shutdown
exit
interface "toPE2"
interface-type point-to-point
no shutdown
exit
exit
no shutdown
1. Verify the OSPF neighbor status of the P and PE routers using the command show
router ospf neighbor.
=================================================================
Rtr Base OSPFv2 Instance 0 Neighbors
=================================================================
Interface-Name Rtr Id State Pri RetxQ TTL
Area-Id
-----------------------------------------------------------------
toP2 140.10.0.3 Full 1 0 35
0.0.0.0
toPE1 140.10.0.0 Full 1 0 36
0.0.0.0
-----------------------------------------------------------------
No. of Neighbors: 2
=================================================================
=================================================================
Rtr Base OSPFv2 Instance 0 Neighbors
=================================================================
Interface-Name Rtr Id State Pri RetxQ TTL
Area-Id
-----------------------------------------------------------------
toP1 140.10.0.1 Full 1 0 32
0.0.0.0
toPE2 140.10.0.2 Full 1 0 39
0.0.0.0
-----------------------------------------------------------------
No. of Neighbors: 2
=================================================================
b. What is the OSPF adjacency state? What does this adjacency state mean?
The state is Full state, meaning that the routers are fully adjacent and have an
identical link state database.
2. On the P router, ping its directly connected PE router’s system address. Does the ping
work?
The ping fails because the P router does not have a route to the PE router’s system
address.
5. Examine the OSPF routes in the routing table on the P and PE routers using the
command show router route-table protocol ospf.
=================================================================
Route Table (Router: Base)
=================================================================
Dest Prefix[Flags] Type Proto Age Pref
Next Hop[Interface Name] Metric
-----------------------------------------------------------------
140.10.0.0/32 Remote OSPF 00h37m05s 10
140.10.0.97 100
140.10.0.2/32 Remote OSPF 00h28m09s 10
140.10.0.97 200
140.10.0.3/32 Remote OSPF 00h37m05s 10
140.10.0.110 100
140.10.0.100/30 Remote OSPF 00h37m05s 10
140.10.0.97 200
140.10.0.112/30 Remote OSPF 00h37m05s 10
140.10.0.110 200
-----------------------------------------------------------------
No. of Routes: 5
Flags: n = Number of times nexthop is repeated
B = BGP backup route available
L = LFA nexthop available
S = Sticky ECMP requested
=================================================================
=================================================================
Route Table (Router: Base)
=================================================================
Dest Prefix[Flags] Type Proto Age Pref
Next Hop[Interface Name] Metric
-----------------------------------------------------------------
140.10.0.1/32 Remote OSPF 00h30m17s 10
140.10.0.98 100
140.10.0.2/32 Remote OSPF 00h30m05s 10
140.10.0.102 100
140.10.0.3/32 Remote OSPF 00h39m02s 10
140.10.0.98 200
140.10.0.108/30 Remote OSPF 00h39m02s 10
140.10.0.98 200
140.10.0.112/30 Remote OSPF 01h14m34s 10
140.10.0.102 200
-----------------------------------------------------------------
No. of Routes: 5
Flags: n = Number of times nexthop is repeated
B = BGP backup route available
L = LFA nexthop available
S = Sticky ECMP requested
=================================================================
6. Examine the OSPF link state database using the commands show router ospf
database and show router ospf database detail. This database contains a listing of
all link state advertisements (LSAs). These LSAs are used to create a forwarding table.
a. What types of LSAs are in the LSDB?
All LSAs in the LSDB are router LSAs.
c. What will a router perform when there is a topology change on one of its directly
connected links?
The router will flood to all OSPF routers every time there is a topology change.
This ensures all OSPF routers have an identical LSDB.
=================================================================
Rtr Base OSPFv2 Instance 0 Link State Database (Type: All)
=================================================================
Type Area Id Link State Id Adv Rtr Id Age Sequence Cksum
-----------------------------------------------------------------
Router 0.0.0.0 140.10.0.0 140.10.0.0 167 0x8000000a 0x4464
Router 0.0.0.0 140.10.0.1 140.10.0.1 1153 0x80000007 0x1681
Router 0.0.0.0 140.10.0.2 140.10.0.2 1019 0x80000007 0x2262
Router 0.0.0.0 140.10.0.3 140.10.0.3 1558 0x8000000a 0x75f7
-----------------------------------------------------------------
No. of LSAs: 4
=================================================================
*A:ASIN_R01(P1)# show router ospf database detail
=================================================================
Rtr Base OSPFv2 Instance 0 Link State Database (type:All)(detail)
=================================================================
-----------------------------------------------------------------
Router LSA for Area 0.0.0.0
-----------------------------------------------------------------
Area Id : 0.0.0.0 Adv Router Id : 140.10.0.0
Link State Id : 140.10.0.0 (2349465600)
LSA Type : Router
Sequence No : 0x8000000a Checksum : 0x4464
Age : 171 Length : 84
Options : E
Flags : None Link Count : 5
Link Type (1) : Point To Point
Nbr Rtr Id (1) : 140.10.0.2 I/F Address(1): 140.10.0.101
No of TOS (1) : 0 Metric-0 (1) : 100
Link Type (2) : Stub Network
Network (2) : 140.10.0.100 Mask (2) : 255.255.255.252
No of TOS (2) : 0 Metric-0 (2) : 100
Link Type (3) : Point To Point
Nbr Rtr Id (3) : 140.10.0.1 I/F Address(3): 140.10.0.97
No of TOS (3) : 0 Metric-0 (3) : 100
114 of 166 Link Type (4) : Stub Network © Nokia 2016
1. Assign autonomous system 65001 to all P routers in ISP 1. Assign autonomous system
65002 to all P routers in ISP 2.
2. Configure routers P1 and P2, and routers P3 and P4 as internal BGP peers (iBGP). Note
that iBGP peers typically use the system interface address as the neighbor address.
4. Configure routers P1 and P3 as external BGP peers (eBGP). Note that eBGP peers
typically use the next hop interface address as the neighbor address.
*A:ASIN_R03(P3)# config>router#info
:
:
#--------------------------------------------------
echo "Policy Configuration"
#--------------------------------------------------
policy-options
begin
policy-statement "export-direct-to-bgp"
entry 10
from
protocol direct
exit
to
protocol bgp
exit
action accept
exit
exit
exit
commit
exit
:
:
Verification
1. Verify the BGP sessions are established in the P routers using the commands show
router bgp summary and show router bgp neighbor.
a. How many BGP sessions are in each P router?
In each P router, there is one iBGP session to the neighboring P router within the
same Autonomous System (AS). There is one eBGP session to the neighboring P1
and P3 routers in a different AS.
=================================================================
BGP Neighbor
=================================================================
-----------------------------------------------------------------
Peer : 140.10.0.3
Description : (Not Specified)
Group : iBGP
-----------------------------------------------------------------
Peer AS : 65001 Peer Port : 52303
Peer Address : 140.10.0.3
Local AS : 65001 Local Port : 179
Local Address : 140.10.0.1
122 of 166 © Nokia 2016
Peer Type : Internal Dynamic Peer : No
This Nokia Scalable IP Networks v3.1.1 is for the exclusive use of Rahish KHAN - ALCATEL-LUCENT
Local AS : 65001 Local Port : 179
Local Address : 140.10.0.1
Peer Type : Internal Dynamic Peer : No
State : Established Last State : Established
:
:----------------------------------------------------------------
Peer : 145.0.0.11
Description : (Not Specified)
Group : eBGP
-----------------------------------------------------------------
Peer AS : 65002 Peer Port : 53683
Peer Address : 145.0.0.11
Local AS : 65001 Local Port : 179
Local Address : 145.0.0.10
Peer Type : External Dynamic Peer : No
State : Established Last State : Established
:
:
2. Verify BGP routes in the routing table on router P1 using the show router route-
table
====================================================================
Route Table (Router: Base)
124 of 166
B = BGP backup route available © Nokia 2016
L = LFA nexthop available
This Nokia Scalable IP Networks v3.1.1 is for the exclusive use of Rahish KHAN - ALCATEL-LUCENT
No. of Routes: 12
3. On router P1, remove the system interface from the OSPF backbone area. Wait 90
seconds.
a. Is the iBGP session established in each of the P routers?
After the hold timer expires (the default for an Nokia 7750 SR is 90 seconds), the
iBGP session between routers P1 and P2 is no longer established. The iBGP
neighbor address is configured as the peer’s system address. When routerP1’s
system address is removed from OSPF, router P2 will no longer have a route to its
iBGP peer’s system address. Since router P2 cannot send BGP messages to its
BGP peer, the iBGP session is down.
This only impacts the iBGP session between routers P1 and P2. The iBGP session
between routers P3 and P4 is still established.
4. On router P1, add the system interface address to the OSPF backbone area. Make sure
all iBGP and eBGP sessions are established on all P routers.
1. On the PE router, create an IP filter policy with filter-id 77 using the command
configure filter ip-filter 77 create. Add a description for this filter: “Block
ICMP message to system address.
2. On the PE router, configure the IP filter policy with the following requirements (create an
entry within the IP filter and configure the entry with a matching critieria):
a. Discard all ICMP echo request messages if the destination IP address is the PE’s
own system address.
b. Allow all other traffic to go through by setting default-action forward.
3. There are two possible equal cost paths to go from a P router to the non-directly
connected PE router within the ISP. In order to make sure the ICMP request message
follows a specific path, one path must have a lower cost than the other path.
On the P router, lower the OSPF metric value on the interface toward the neighboring P
router in your ISP to 10. This makes the link toward the neighboring P router MORE
preferred. The following is the sample configuration on the P1 router.
*A:ASIN_R01(P1)>config>router>ospf# info
----------------------------------------------
area 0.0.0.0
:
:
interface "toP2"
interface-type point-to-point
metric 10
no shutdown
exit
*A:ASIN_R03(P3)>config>router>ospf# info
----------------------------------------------
area 0.0.0.0
:
:
interface "toP4"
interface-type point-to-point
metric 10
no shutdown
exit
The P router can still ping to the PE router because the filter has not yet been applied.
5. On the PE router, associate the IP filter policy to the interface connected to the P router.
All ICMP echo request messages received on that interface with the router’s own system
address should be discarded. The following is the sample configuration on PE1.
Verification
1. From the P router, ping the non-directly connected PE router’s system address within
your ISP. Does the ping work? Why?
After the IP filter policy is applied to the PE router, the PE router will discard all ICMP echo
request messages that contain the router’s own system address as the destination
address AND if the messages are received through the neighboring P router.
2. On the P router, increase the OSPF metric value on the interface toward the neighboring
P router within your ISP to 500. This makes the link toward the neighboring P router LESS
preferred.
*A:ASIN_R04(P4)>config>router>ospf# info
----------------------------------------------
area 0.0.0.0
:
:
interface "toP3"
interface-type point-to-point
metric 500
a. Perform the ping command as in step 1. Does the ping work? Why?
The ping works again because the best path has been changed. The PE router
now receives the ICMP echo request message from the PE router instead of from
the P router. The IP filter is applied on the interface toward the P router only.
1. On each P router in ISP 1, enable LDP to ALL interfaces within its own ISP.
3. On each CE router:
a. Remove the port association on the existing router interface to the PE router
b. Create a router interface named “toVPLS” towards the neighboring PE router. Use
IP address 192.168.1.1/29 for CE1, and 192.168.1.2/29 for CE2.
c. Assocate port 1/1/2 to the router interface “toVPLS”
Verification
1. Verify that link LDP sessions are established on the P and PE routers using the command
show router ldp session.
=================================================================
LDP IPv4 Sessions
=================================================================
Peer LDP Id Adj Type State Msg Sent Msg Recv Up Time
-----------------------------------------------------------------
140.10.0.0:0 Link Established 21 21 0d 00:00:40
140.10.0.3:0 Link Established 45 47 0d 00:01:51
-----------------------------------------------------------------
No. of IPv4 Sessions: 2
=================================================================
2. Verify the Label Forwarding Information Base (LFIB) on all routers in your Pod using the
command show router ldp bindings active.
=================================================================
LDP Bindings (IPv4 LSR ID 140.10.0.1:0)
(IPv6 LSR ID ::[0])
=================================================================
Legend: U –Label In Use, N -Label Not In Use, W –Label Withdrawn
WP -Label Withdraw Pending, BU-Alternate For Fast Re-Route
(S) - Static (M) - Multi-homed Secondary Support
(B) -BGP Next Hop (BU)-Alternate Next-hop for Fast Re-Route
(C) - FEC resolved for class-based-forwarding
=================================================================
LDP IPv4 Prefix Bindings (Active)
=================================================================
Prefix Op IngLbl EgrLbl
EgrNextHop EgrIf/LspId
-----------------------------------------------------------------
140.10.0.0/32 Push -- 262143
140.10.0.97 1/1/1
140.10.0.3/32
150 of 166
Swap 262142 © Nokia 2016
262141
This Nokia Scalable IP Networks v3.1.1 is for the exclusive use of Rahish KHAN - ALCATEL-LUCENT
140.10.0.3/32 Swap 262142 262141
140.10.0.97 1/1/1
-----------------------------------------------------------------
No. of IPv4 Prefix Active Bindings: 7
=================================================================
=================================================================
LDP Bindings (IPv4 LSR ID 140.10.0.0:0)
(IPv6 LSR ID::[0])
=================================================================
Legend: U –Label In Use, N -Label Not In Use, W –Label Withdrawn
WP -Label Withdraw Pending, BU-Alternate For Fast Re-Route
(S) - Static (M) - Multi-homed Secondary Support
(B)-BGP Next Hop (BU) -Alternate Next-hop for Fast Re-Route
(C) - FEC resolved for class-based-forwarding
=================================================================
LDP IPv4 Prefix Bindings (Active)
=================================================================
Prefix Op IngLbl EgrLbl
EgrNextHop EgrIf/LspId
-----------------------------------------------------------------
140.10.0.0/32 Pop 262143 --
-- --
3. Verify that all SDPs on the PE routers are operationally up using the command show
service sdp.
=================================================================
Services: Service Destination Points
=================================================================
SdpId AdmMTU OprMTU Far End Adm Opr Del LSP Sig
-----------------------------------------------------------------
10 0 8914 140.10.0.2 Up Up MPLS L TLDP
-----------------------------------------------------------------
Number of SDPs: 1
-----------------------------------------------------------------
Legend: R = RSVP, L = LDP, B = BGP, M = MPLS-TP, n/a = Not
Applicable, I = SR-ISIS, O = SR-OSPF
=================================================================
1. Create a VPLS service on the PE routers with service-id 1 on ISP 1. Use a default
customer-id.
i. Is there an error when adding the SAP to the VPLS service? Why?
ii. Correct the problem.
1. Verify that VPLS service is operational using the command show service id 1 base.
If not, ensure that the VPLS is administrative up.
=================================================================
Service Basic Information
=================================================================
Service Id : 1 Vpn Id : 0
Service Type : VPLS
Name : (Not Specified)
Description : (Not Specified)
Customer Id : 1 Creation Origin : manual
Last Status Change: 03/24/2016 09:21:48
Last Mgmt Change : 03/24/2016 09:21:48
Etree Mode : Disabled
Admin State : Up Oper State : Up
MTU : 1514 Def. Mesh VC Id : 1
SAP Count : 1 SDP Bind Count : 1
Snd Flush on Fail : Disabled Host Conn Verify : Disabled
SHCV pol IPv4 : None
Propagate MacFlush: Disabled Per Svc Hashing : Disabled
Allow IP Intf Bind: Disabled Fwd-IPv4-Mcast-To*: Disabled
Def. Gateway IP : None
Def. Gateway MAC : None
Temp Flood Time : Disabled Temp Flood : Inactive
Temp Flood Chg Cnt: 0
VSD Domain : <none>
SPI load-balance : Disabled
TEID load-balance : Disabled
-----------------------------------------------------------
------
Service
158 of 166 Access & Destination Points © Nokia 2016
-----------------------------------------------------------
This Nokia Scalable IP Networks v3.1.1 is for the exclusive use of Rahish KHAN - ALCATEL-LUCENT
-----------------------------------------------------------------
Service Access & Destination Points
-----------------------------------------------------------------
Identifier Type AdmMTU OprMTU Adm Opr
-----------------------------------------------------------------
sap:1/1/2 null 1514 1514 Up Up
sdp:10:1 M(140.10.0.2) Mesh 0 8914 Up Up
=================================================================
2. On router PE1, view the MAC Forwarding Database (FDB) using the command show
service id 1 fdb detail. Are there any MAC entries in the MAC FDB?
=================================================================
Forwarding Database, Service 1
=================================================================
ServId MAC Source-Identifier Type Last Change
Age
-----------------------------------------------------------------
No Matching Entries
=================================================================
3. On router CE1, ping the far-end CE router’s “toVPLS” interface address, 192.168.1.2.
=================================================================
Forwarding Database, Service 1
=================================================================
ServId MAC Source-Identifier Type Last Change
Age
-----------------------------------------------------------------
1 6c:8c:01:01:00:02 sap:1/1/2 L/60 03/23/15 16:32:11
1 6c:8d:01:01:00:02 sdp:10:1 L/60 03/23/15 16:32:11
-----------------------------------------------------------------
No. of MAC Entries: 2
-----------------------------------------------------------------
Legend: L=Learned O=Oam P=Protected-MAC C=Conditional S=Static
=================================================================
The configuration rollback feature enables you to revert to or compare with previously saved
final configurations without rebooting the router. This is very useful so that students can quickly
get to a correct configuration and redo lab exercises when required, and compare configuration
between labs. The following shows examples of using the configuration rollback feature.
1. To change the router back to the original base configuration (the configuration used at the
beginning of the ASIN Lab), use admin rollback revert rescue command.
2. Before reverting, rolling back, or redoing any lab configuration use the show system
rollback command to find out the rollback file index first.
=================================================================
Rollback Information
=================================================================
Rollback Location :
ftp://*:*@192.168.181.81/home/cfgs/ASIN/R01/
rollback
Max Local Rollback Files : 10
Max Remote Rollback Files : 50
Save
Last Rollback Save Result : None
Last Save Completion Time : N/A
Revert
In Progress : No
Last Revert Initiated User : N/A
Last Revert Checkpoint File: N/A
Last Revert Result : None
Last Revert Initiated Time : N/A
Last Revert Completion Time: N/A
Delete
Last Rollback Delete Result: None
=================================================================
Rollback Files
=================================================================
Idx Suffix Creation Time Release User
Comment
-----------------------------------------------------------------
latest .rb 2014/10/16 18:23:38 UTC B-10.0.R5 student
ASIN_Lab7_2_VPLS.cfg
1 .rb.1 2014/10/16 17:59:02 UTC B-10.0.R5 student
ASIN_Lab7_1_ServicesFramework.cfg
2 .rb.2 2014/10/16 16:06:32 UTC B-10.0.R5 student
ASIN_Lab6_IPFilters.cfg
3 .rb.3 2014/10/16 15:14:41 UTC B-10.0.R5 student
ASIN_Lab5_BGP.cfg
4 .rb.4 2014/10/16 14:35:49 UTC B-10.0.R5
student
162 of 166 © Nokia 2016
ASIN_Lab4_OSPF.cfg
This Nokia Scalable IP Networks v3.1.1 is for the exclusive use of Rahish KHAN - ALCATEL-LUCENT
4 .rb.4 2014/10/16 14:35:49 UTC B-10.0.R5
student
ASIN_Lab4_OSPF.cfg
5 .rb.5 2014/10/15 20:50:27 UTC B-10.0.R5
student
ASIN_Lab3_StaticRouting.cfg
6 .rb.6 2014/10/15 20:34:53 UTC B-10.0.R5
student
ASIN_Lab2_IPAddressing.cfg
7 .rb.7 2014/10/15 20:04:30 UTC B-10.0.R5
student
ASIN_Lab1_LabInfrastructure.cfg
8 .rb.8 2014/10/15 19:46:45 UTC B-10.0.R5
student
base.cfg
---------------------------------------------------------------
3. To revert to the final configuration for a particular lab, use admin rollback revert
<rollback file index> command.
In the following example, router R1 has been reverted to the final configuration of Lab 3:
Static Routing. The number 5 is the rollback file index found in the show system
rollback command.
5. To identify configuration differences between two lab exercises, use the command admin
rollback compare <rollback file index> to <rollback file index>.
The following example compares the configuration differences between Lab 3: Static
Routing (rollback file index 5) and Lab 4: OSPF Routing (rollback file index 4).