Shafagh.com

27 Nov

Catalyst to ProCurve

Posted by Shafagh in Ethernet Switching, ProCurve. 4 Comments

Two months ago, as I blogged about it I passed HP ProCurve AIS exam and shared a summary of my preparation notes, Last week I passed Master ASE – HP ProCurve Campus LANs [2010] online exam (HP2-Z04) and became HP Master ASE – MASE, so I thought to share parts of my study notes as some customers are buying ProCurve instead of Cisco Catalyst (Budget reasons) it’s good to know equivalent terminologies and commands. Do I recommend HP ProCurve over Cisco Catalyst? No.

Cisco vs. HP terminology

Trunk Port = Tagged Port
Port Channel Interface = Trunk Port
Access port = Untagged Port
Auxiliary VLAN (voice) = tagged/untagged
Access port with Auxiliary = tagged (voice) + untagged (data)
                     vlan11
            untagged a1
        vlan12
            voice
            tagged a1
Interface Gigabitethernet0/1 = interface 1
Modular switches = interface a1 "Module name: a,b,c… from top left"
HP does not send CDP (can receive) – HP speaks LLDP – IEEE802.1AB
BPDU Guard = BPDU protection
Keepalive = Loop protection
SPAN = traffic mirroring

HP ProCurve software license

Edge License Features:

IPv4 RIP + Static Routes
IGMP
ACLs
QoS
Bandwidth Control
Edge Security
Basic IPv6

Premium Features:

OSPF + ECMP
PIM
IPv6 RIP + OSPFv3
VRRP
QinQ VLANs

WLAN Evolution

1st Gen: Standalone Access Points
2nd Gen: Centralized WLAN Management with Thin APs
3rd Gen: Multiservice Controller
4th Gen: Unified WLAN Architecture (Controller Blades) Mobility Controller
- Multi-Service Mobility Solution (MSM7xx)
  - Mobility License: Guest Roaming
- Mobility Manager Software (on top of ProCurve Manager – PCM)
  - Software updates
  - WLAN Security settings
  - Radio settings
  - Rogue detection
  - Monitoring and Troubleshooting
- ProCurve Guest Management Software
  - Authentication
  - Temporary Credentials + expiration + Printable Vouchers
- RF Manager
  - IDS/IPS
- RF Planner
  - Windows based WLAN planning software

PoE Devices

PD – Powered Device
PSE – Power Sourcing Equipment
- IEEE802.3af
- IEEE802.3at (PoE+) up to 24W
- Keep higher priority ports on lower port numbers
- We can use power shelf (zl switch) or RPS for additional power

LLDP vs. LLDP-MED

LLDP
- Network Management + Inventory data + IP/speed/duplex
LLDP-MED
- Voice VLAN, QoS, Location services, advanced PoE. detailed inventory management:
  - Class I IP communications controller
  - Class II IP phones, end user IP communication
  - Class III media streams, conference bridges

Quality of Service

Queues per port: 8
Rate limits: ingress & egress
GMB (guaranteed minimum bandwidth): egress only
Classification
- CoS
- DSCP/IPP
- VLAN
- Interface
- L2 Protocol
- IP Address/port
Marking
- 802.1p
- DSCP

Configurations

CLI
Menu Interface
GUI (HTTP/HTTPS)
PCM/PCM+
User Level:
- Operator Level
- Manager Level
  #password operator user-name operator plaintext password
  #password manager user-name manager plaintext password
  #include-credentials > to include security hashed texts in configuration views (Passwords/SSH key/RADIUS key, etc)
  show front-panel-security > to check reset/clear button setting

Port Configurations
#speed-duplex 1000-full

Aggregated Port (Trunk)
    #trunk 47-48 trunk1 trunk
    #trunk 47-48 trunk1 lacp
    #vlan 11 tagged trunk1
    #interface 47 name ‘link to other switch’
    show trunk
        Once the trunk is configured ports will become "untagged vlan1"

Spanning Tree
    #spanning tree
    #spanning tree 1-3 admin-edge-port (default is auto-edge-port which will wait for 3 seconds to see if there’s any BPDU)
    #no spanning tree 4 edge-port
    #spanning tree protocol-version mstp
    reload
    #spanning tree config-name "name"
    #spanning tree config-revision 1
    #spanning tree instance 1 vlan 1,2
    #spanning tree instance 2 vlan 3,4
    show spanning tree mst-config
    #spanning tree priority 0 (on root switch)
    #spanning tree priority 1 (on secondary root switch)
    #spanning tree instance 1 priority 0 (on root switch)
    #spanning tree instance 2 priority 1 (on secondary root/instance)

PoE
    show power-management
    show power-management brief
    #power threshold n (1-99) to alert if power usage raises

DHCP
    #dhcp-snooping
    #dhcp-snooping vlan 2
    #dhcp-snooping trust a1 (trusted port)
    #dhcp-snooping authorized-server 1.1.1.1 (DHCP server)

Traffic Mirroring
    #interface a1 monitor all both mirror 1
    #vlan 2 monitor ip access-group acl1 mirror 1
    #mirror 1 port a2
    show monitor

VLAN sample
    vlan 11
        name "VLAN11"
        untagged a9-a12
        ip helper-address 10.10.10.10
        ip address 10.11.11.11 255.255.255.0
        exit

IP Routing
    #ip routing
    #interface loopback 1 ip address 10.1.1.1
    #ip route 10.0.0.0/24 10.1.1.254

    router ospf
        area backbone
    vlan 2
        ip address 10.1.1.1 255.255.255.0
        ip ospf 10.1.1.1 passive
        ip ospf 10.1.1.1 area backbone
        ip ospf cost 10

10 Nov

Internet Through MPLS – Default Route Propagation

Posted by Shafagh in IP Routing, MPLS, SP. 6 Comments

Yesterday we had a customer network migration from IPsec VPN to MPLS. Customer’s headquarter network wanted to be the point of internet sharing so that all branch offices use that point for internet browsing. OSPF was chosen to be the dynamic routing protocol between CE and PE, as ASA is deaf to BGP. We configured everything on CE side and contacted customer’s service provider to check their configuration, everything was fine, but the default route. We had injected a default route at HQ but the branch offices were unable to get that particular 0.0.0.0/0 route through MPLS.

The service provider (DU) told me that OSPF is not able to inject default route from one CE to another CE… and you have to migrate to BGP! what!? It’s not true… I’ve sent them a sample configuration to set on their PE LSRs, now it’s time to explain the problem in detail:

Customer 1 is injecting default-information via OSPF by “default-information originate” command to the service provider’s PE router.
Service provider receives LSA type 5 and should “redistribute ospf x vrf Customer1 match external” into MP-BGP to other PE.
BGP will not redistribute default-information unless we configure “default-information originate” under bgp address-family ipv4 vrf Customer1 (Tricky)
The other PE receives 0.0.0.0/0 via BGP from the first PE and should redistribute it to OSPF but it won’t unless we configure “default-information originate” under OSPF process.

In our example R7 is connected to internet using a static route. R7 injects internet to PE (R3) by “redistribute static subnets”. R3 redistribute that to BGP by “default-information originate” to the other PE (R2). Now R2 has 0.0.0.0/0 in the BGP and should redistribute it into OSPF and use “default-information originate” to send it to its own connected CE.

So I sent the following diagram to the provider for their reference:

Example (based on the first topology):

R7 (CE-Internet):
router ospf 1
redistribute static subnets
network 172.16.37.7 0.0.0.0 area 0
default-information originate
!
ip route 0.0.0.0 0.0.0.0 172.16.69.68
!

R3 (PE):
router ospf 147 vrf VPN1
redistribute bgp 666 subnets
network 0.0.0.0 255.255.255.255 area 0
!
router bgp 666
no synchronization
bgp log-neighbor-changes
neighbor 2.2.2.2 remote-as 666
neighbor 2.2.2.2 update-source Loopback0
no auto-summary
!
address-family vpnv4
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community extended
exit-address-family
!
address-family ipv4 vrf VPN1
redistribute ospf 147 vrf VPN1 match internal external 1 external 2
default-information originate
no synchronization
exit-address-family
!

R2 (PE):

router ospf 147 vrf VPN1
redistribute bgp 666 subnets
network 0.0.0.0 255.255.255.255 area 0
default-information originate
!
router bgp 666
no synchronization
bgp log-neighbor-changes
neighbor 3.3.3.3 remote-as 666
neighbor 3.3.3.3 update-source Loopback0
no auto-summary
!
address-family vpnv4
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community extended
exit-address-family
!
address-family ipv4 vrf VPN1
redistribute ospf 147 vrf VPN1 match internal external 1 external 2
no synchronization
exit-address-family

Verification:

R3#show ip ospf 147 database

OSPF Router with ID (172.16.37.3) (Process ID 147)

Router Link States (Area 0)

Link ID         ADV Router      Age         Seq#
172.16.37.3     172.16.37.3     1047        0×8000
172.16.37.7     172.16.37.7     1021        0×8000

Net Link States (Area 0)

Link ID ADV Router Age Seq#
172.16.37.3 172.16.37.3 1047 0×8000

Summary Net Link States (Area 0)

Link ID ADV Router Age Seq#
172.16.24.0 172.16.37.3 1047 0×8000

Type-5 AS External Link States

Link ID         ADV Router      Age         Seq#
0.0.0.0         172.16.37.7     482         0×8000
47.47.47.4      172.16.37.3     1047        0×8000
47.47.47.7      172.16.37.7     1021        0×8000

R3#show ip route vrf VPN1

Routing Table: VPN1
Gateway of last resort is 172.16.37.7 to network 0.0.0.0

     172.16.0.0/24 is subnetted, 2 subnets
C       172.16.37.0 is directly connected, Ethernet0/2
B       172.16.24.0 [200/0] via 2.2.2.2, 01:27:35
     47.0.0.0/32 is subnetted, 2 subnets
O E2    47.47.47.7 [110/20] via 172.16.37.7, 01:24:49, Ethernet0/2
B       47.47.47.4 [200/20] via 2.2.2.2, 01:27:35
O*E2 0.0.0.0/0 [110/1] via 172.16.37.7, 00:09:39, Ethernet0/2

R2#show ip bgp vpnv4 vrf VPN1
BGP table version is 41, local router ID is 2.2.2.2
   Network          Next Hop            Metric LocPrf Weight Path
Route Distinguisher: 172.16.12.2:1 (default for vrf VPN1)
*>i0.0.0.0          3.3.3.3                  1    100      0 ?
*> 47.47.47.4/32    172.16.24.4             20         32768 ?
*>i47.47.47.7/32    3.3.3.3                 20    100      0 ?
*> 172.16.24.0/24   0.0.0.0                  0         32768 ?
*>i172.16.37.0/24   3.3.3.3                  0    100      0 ?

R4#show ip route
Gateway of last resort is 172.16.24.2 to network 0.0.0.0

     172.16.0.0/24 is subnetted, 2 subnets
O IA    172.16.37.0 [110/11] via 172.16.24.2, 03:32:41, Ethernet0/0
C       172.16.24.0 is directly connected, Ethernet0/0
     47.0.0.0/32 is subnetted, 2 subnets
O E2    47.47.47.7 [110/20] via 172.16.24.2, 01:27:21, Ethernet0/0
C       47.47.47.4 is directly connected, Loopback0
O*E2 0.0.0.0/0 [110/1] via 172.16.24.2, 00:12:15, Ethernet0/0

Note that branch offices still have their own internet as backup, so whenever MPLS goes down, they can use their own internet with IPsec capability to connect to the headquarter automatically, if I would use “default-information originate always” then CE would always advertise default route regardless of it’s existence in the routing table but in our case we have IP SLA monitored static route to the internet, and whenever it goes down OSPF will take back default-route advertisement (default-information originate – without always!) and branch office will use the higher administrative distance static route to its own internet (floating route). Then it will use IPsec to HQ as the crypto-map on internet interface will be triggered.

1 Nov

CCIE SP – MPLS Traffic Engineering

Posted by Shafagh in IP Routing, MPLS, Quality of Service, SP, WAN Technologies. Leave a Comment

TE was the main driver and reason for MPLS invention. To utilize bandwidth of unused links, to have flexibility in path selection just like previous WAN switching technologies. To create Virtual circuits on top of IP networks. IP Routing is performed hop by hop and you can not dictate a policy to other hops. TE is configured on Head-End LSR and gets/uses a particular label for a particular path. (Explicit Routing/Source-based routing)

RSVP is used to prepare a path and create a tunnel and label to route packets through the network. Link State routing protocols are required as well to report available bandwidth on each link and also other extra information such as Maximum reserve-able bandwidth and so on. Extensions were made to RSVP (Carry Label, Record Route), OSPF and ISIS (Constrained Metric) to be able to do Traffic Engineering. So once that we want to enable Traffic Engineering on our SP backbone, we have to enable specific technologies in order to run TE, such as:

Enable TE (mpls traffic-engineering tunnels) on routers and ports.
Adjust reversable bandwidth with “ip rsvp bandwidth” on ports.
Tune your link state routing protocol to deliver TE attributes.
Create your tunnel on the head-end LSR (uni-directional) and send packets through it.

Example:

MPLSTE

In our example, we will configure a TE tunnel from R3 to R4, and from R4 to R3 (reverse direction) to transit our traffic through R3 – R1 – R2 – R4.

Configuration

R3:

mpls traffic-eng tunnels
!
interface Tunnel1000
ip unnumbered Loopback0
tunnel destination 10.10.4.4
tunnel mode mpls traffic-eng
tunnel mpls traffic-eng autoroute announce
tunnel mpls traffic-eng priority 7 7
tunnel mpls traffic-eng bandwidth 100
tunnel mpls traffic-eng path-option 5 explicit name myway
!
interface Loopback0
ip address 10.10.3.3 255.255.255.255
!
interface FastEthernet0/0
ip address 10.10.35.3 255.255.255.0
mpls ip
!
interface FastEthernet0/1
ip address 10.10.34.3 255.255.255.0
mpls traffic-eng tunnels
mpls ip
ip rsvp bandwidth 1000
!
interface ATM2/0
ip address 10.10.13.3 255.255.255.0
ip ospf network point-to-point
mpls traffic-eng tunnels
mpls ip
ip rsvp bandwidth 1000
pvc 100/0
protocol ip 10.10.13.1 broadcast
!
!
router ospf 10
network 10.10.0.0 0.0.255.255 area 0
mpls traffic-eng router-id Loopback0
mpls traffic-eng area 0
!
ip explicit-path name myway enable
next-address 10.10.1.1
next-address 10.10.12.2
next-address 10.10.24.4
!

R1:

mpls traffic-eng tunnels
!
interface Loopback0
ip address 10.10.1.1 255.255.255.255
!
interface FastEthernet0/0
ip address 10.10.12.1 255.255.255.0
mpls traffic-eng tunnels
mpls ip
ip rsvp bandwidth 1000
!
interface ATM2/0
ip address 10.10.13.1 255.255.255.0
ip ospf network point-to-point
mpls traffic-eng tunnels
mpls ip
ip rsvp bandwidth 1000
pvc 100/0
protocol ip 10.10.13.3 broadcast
!
!
router ospf 10
network 0.0.0.0 255.255.255.255 area 0
mpls traffic-eng router-id Loopback0
mpls traffic-eng area 0
!

R2:

mpls traffic-eng tunnels
!
interface Loopback0
ip address 10.10.2.2 255.255.255.255
!
interface Ethernet0/0
ip address 10.10.12.2 255.255.255.0
mpls label protocol ldp
mpls ip
mpls traffic-eng tunnels
ip rsvp bandwidth 1000
!
interface Serial1/0
ip address 10.10.24.2 255.255.255.0
encapsulation frame-relay
ip ospf network point-to-point
mpls ip
mpls traffic-eng tunnels
frame-relay map ip 10.10.24.2 204
frame-relay map ip 10.10.24.4 204 broadcast
no frame-relay inverse-arp
ip rsvp bandwidth 1000
!
router ospf 10
mpls traffic-eng router-id Loopback0
mpls traffic-eng area 0
network 0.0.0.0 255.255.255.255 area 0
!

R4:

mpls traffic-eng tunnels
!
interface Loopback0
ip address 10.10.4.4 255.255.255.255
!
interface Tunnel1000
ip unnumbered Loopback0
tunnel destination 10.10.3.3
tunnel mode mpls traffic-eng
tunnel mpls traffic-eng autoroute announce
tunnel mpls traffic-eng path-option 5 explicit name myway
no routing dynamic
!
interface Ethernet0/0
ip address 10.10.46.4 255.255.255.0
mpls ip
!
interface Ethernet0/1
ip address 10.10.34.4 255.255.255.0
mpls ip
mpls traffic-eng tunnels
ip rsvp bandwidth 1000
!
interface Serial1/0
ip address 10.10.24.4 255.255.255.0
encapsulation frame-relay
ip ospf network point-to-point
mpls ip
mpls traffic-eng tunnels
frame-relay map ip 10.10.24.2 402 broadcast
frame-relay map ip 10.10.24.4 402
no frame-relay inverse-arp
ip rsvp bandwidth 1000
!
router ospf 10
mpls traffic-eng router-id Loopback0
mpls traffic-eng area 0
log-adjacency-changes
network 10.10.0.0 0.0.255.255 area 0
!
ip explicit-path name myway enable
next-address 10.10.24.2
next-address 10.10.12.1
next-address 10.10.13.3
!

R3#show mpls traffic tunnel

Name: R3_t1000 (Tunnel1000) Destination: 10.10.4.4

Status: Admin: up Oper: up Path: valid Signalling: connected

path option 5, type explicit myway (Basis for Setup, path weight 66)

Config Parameters:
Bandwidth: 100   kbps (Global) Priority: 7 7   Affinity: 0×0/0xFFFF
    Metric Type: TE (default)
    AutoRoute: enabled   LockDown: disabled Loadshare: 100   bw-based
    auto-bw: disabled

InLabel : –
OutLabel : ATM2/0, 26
RSVP Signalling Info:
Src 10.10.3.3, Dst 10.10.4.4, Tun_Id 1000, Tun_Instance 176
RSVP Path Info:
My Address: 10.10.13.3
Explicit Route: 10.10.13.1 10.10.12.1 10.10.12.2 10.10.24.4 10.10.4.4
      Record   Route:   NONE
      Tspec: ave rate=100 kbits, burst=1000 bytes, peak rate=100 kbits
    RSVP Resv Info:
      Record   Route:   NONE
      Fspec: ave rate=100 kbits, burst=1000 bytes, peak rate=100 kbits

LSP Tunnel R4_t1000 is signalled, connection is up
InLabel : ATM2/0, implicit-null
OutLabel : –
RSVP Signalling Info:
Src 10.10.4.4, Dst 10.10.3.3, Tun_Id 1000, Tun_Instance 131

Verification

Before:

R5#trace 10.10.6.6

Type escape sequence to abort.
Tracing the route to 10.10.6.6

1 10.10.35.3 [MPLS: Label 23 Exp 0]
2 10.10.34.4 [MPLS: Label 17 Exp 0]
3 10.10.46.6

After:

R5#trace 10.10.6.6

Type escape sequence to abort.
Tracing the route to 10.10.6.6

1 10.10.35.3 [MPLS: Labels 23 Exp 0]
2 10.10.13.1 [MPLS: Label 26 Exp 0]
3 10.10.12.2 [MPLS: Label 25 Exp 0]
4 10.10.24.4
5 10.10.46.6

Dynamic Path Configuration:

interface Tunnel1000
ip unnumbered Loopback0
tunnel destination 10.10.4.4
tunnel mode mpls traffic-eng
tunnel mpls traffic-eng autoroute announce
tunnel mpls traffic-eng priority 7 7
tunnel mpls traffic-eng bandwidth 100
tunnel mpls traffic-eng path-option 10 dynamic
!

R3(config-if)#do sh mpls traf tu

Name: R3_t1000 (Tunnel1000) Destination: 10.10.4.4
Status:
Admin: up Oper: up Path: valid Signalling: connected

path option 10, type dynamic (Basis for Setup, path weight 1)

Config Parameters:
    Bandwidth: 100 kbps (Global) Priority: 7 7   Affinity: 0×0/0xFFFF
    Metric Type: TE (default)
    AutoRoute: enabled   LockDown: disabled Loadshare: 100 bw-based
    auto-bw: disabled

InLabel : –
OutLabel : FastEthernet0/1, implicit-null
RSVP Signalling Info:
       Src 10.10.3.3, Dst 10.10.4.4, Tun_Id 1000, Tun_Instance 178
    RSVP Path Info:
      My Address: 10.10.34.3
      Explicit Route: 10.10.34.4 10.10.4.4
      Record   Route:   NONE

R5#trace 10.10.6.6

Type escape sequence to abort.
Tracing the route to 10.10.6.6

1 10.10.35.3 [MPLS: Labels 23 Exp 0]
2 10.10.34.4
3 10.10.46.6

R3(config-if)#int fa 0/1
R3(config-if)#no mpls tra tun

R3#sh mpls tra tun

Name: R3_t1000 (Tunnel1000) Destination: 10.10.4.4
Status:
Admin: up Oper: up Path: valid Signalling: connected

path option 10, type dynamic (Basis for Setup, path weight 66)

Config Parameters:
    Bandwidth: 100 kbps (Global) Priority: 7 7   Affinity: 0×0/0xFFFF
    Metric Type: TE (default)
    AutoRoute: enabled   LockDown: disabled Loadshare: 100   bw-based
    auto-bw: disabled

InLabel : –
OutLabel : ATM2/0, 26
RSVP Signalling Info:
       Src 10.10.3.3, Dst 10.10.4.4, Tun_Id 1000, Tun_Instance 180
    RSVP Path Info:
      My Address: 10.10.13.3
      Explicit Route: 10.10.13.1 10.10.12.1 10.10.12.2 10.10.24.4
                      10.10.4.4
      Record   Route:   NONE
      Tspec: ave rate=100 kbits, burst=1000 bytes, peak rate=100 kbits
    RSVP Resv Info:
      Record   Route:   NONE
      Fspec: ave rate=100 kbits, burst=1000 bytes, peak rate=100 kbits
History:
    Tunnel:
      Time since created: 2 hours, 42 minutes
      Time since path change: 12 seconds
    Current LSP:
      Uptime: 12 seconds
    Prior LSP:
      ID: path option 10 [179]
      Removal Trigger: tunnel shutdown

LSP Tunnel R4_t1000 is signalled, connection is up
InLabel : ATM2/0, implicit-null
OutLabel : –
RSVP Signalling Info:
Src 10.10.4.4, Dst 10.10.3.3, Tun_Id 1000, Tun_Instance 136

29 Oct

CCIE Magazine

Posted by Shafagh in CCIE General-Info. Leave a Comment

For those of you who haven’t heard about CCIE flyer magazine, is not a bad idea to check their website: http://www.ccieflyer.com. They have CCIE related stories, interviews, CCIE training boot camps with special pricing and also workbook promotions. CCIE Agent, Eman (Emmanuel Conde) is a CCIE recruiter promoted by Worldwide Channels of Cisco Systems.

24 Oct

Cisco VPN Client for Windows 7

Posted by Shafagh in Security. Leave a Comment

October 2009 seems to be a super active month for Cisco, after introducing IOS 15, ISR 2nd Generation and the new version of CCIE, (and rumors of new catalysts), it’s time for Windows 7 and MacOS Snow Leopard to have Cisco VPN Client and Cisco SSL AnyConnect VPN Client versions, available to download. Here are some cool new features:

Split DNS Fallback: AnyConnect tunnels only DNS queries that match specific domains, sending other request to a public DNS server.
Log-on/off Scripting
Proxy Support Enhancements
Trusted Network Detection: AnyConnect automatically disconnect a VPN connection inside the trusted network.

Cisco VPN Client 5.0.06

vpnclient-win-msi-5.0.06.0110-k9.exe

Release Date: 19/Oct/2009

VPN Client Software for x86 version of 2000/XP/Vista/Windows 7 – Microsoft Installer

Note:

Win7 64bit and Vista 64bit are still not supported by Cisco VPN Client (IPsec), Cisco is pushing customers toward SSL VPN solution.

Cisco AnyConnect VPN Client 2.4

anyconnect-dart-win-2.4.0202-k9.pkg for Windows platforms.

anyconnect-linux-2.4.0202-k9.tar.gz tarball package for Linux platforms.

anyconnect-wince-ARMv4I-2.4.0202-k9.cab for Windows Mobile platforms.

anyconnect-macosx-i386-2.4.0202-k9.dmg for Mac OS X “Intel” platforms.

22 Oct

CCIE SP – L2TPv3

Posted by Shafagh in MPLS, SP. Leave a Comment

Layer2 Tunneling protocol version 3 (L2TPv3) has the capability to tunnel any Layer 2 payload over IP networks. L2TPv3 uses IP as transport so it can be used in any IP-aware network including MPLS. L2TPv3 tunnels are point to point.

Pseudowire = like a wire, but not really, emulates Layer2 over a packet switched network.
No IP or VRF configuration is required between PE-CE.

Example:

In this example R5 and R6 are provider’s PE routers. R7 and R8 are CE routers connected to R5 and R6. Using psudeowire R7 can connect to R8 just like a regular point-to-point ethernet connection.

R5:
!
pseudowire-class Customer1
encapsulation l2tpv3
ip local interface Loopback0
!
interface Loopback0
ip address 10.10.5.5 255.255.255.255
!
interface Ethernet0/3
no ip address
xconnect 10.10.6.6 1 pw-class Customer1
!

R6:
!
pseudowire-class Customer1
encapsulation l2tpv3
ip local interface Loopback0
!
interface Loopback0
ip address 10.10.6.6 255.255.255.255
!
interface Ethernet0/3
no ip address
xconnect 10.10.5.5 1 pw-class Customer1
!

R7#sh cdp neighbor

Device ID Local Intrfce Holdtme Capability Platform Port ID
R8 Eth 0/0 161 R S I 3640 Eth 0/0

19 Oct

CCIE SP – Multicast for MPLS VPNs (MVPN)

Posted by Shafagh in MPLS, Multicast, SP. Leave a Comment

The MPLS VPN network needs to be carefully designed and the service provider core must be configured for native multicast service: PIM-SM, Source specific multicast (PIM-SSM), or Bidirectional PIM (PIM-BIDIR) are required at core. PIM-DM is not supported as core protocol for MVPN services, but all multicast protocols are supported within multicast VRF for customers (CE).

Note: Dense mode PIM (PIM-DM) is not supported as core protocol in MVPN configurations.

An MDT default configuration is mandatory for MVPN to work (Multicast Distribution Tree).
Configuring data MDT is optional.
The IP address of the default MDT determines which multicast domain VRF belongs to (to share multicast packets with other VRFs)
Multicast needs to be enabled on MBGP peers loopbacks (between PEs)

Reference:

http://www.cisco.com/en/US/tech/tk436/tk428/
technologies_configuration_example09186a0080242aa8.shtml

Example:

Configuration

R5:

ip vrf A
rd 10.10.5.5:1
route-target export 666:1
route-target import 666:1
mdt default 232.10.10.10
!
ip multicast-routing
ip multicast-routing vrf A
!
interface Loopback0
ip address 10.10.5.5 255.255.255.255
ip pim sparse-dense-mode
!
interface Ethernet0/0
ip address 10.10.35.5 255.255.255.0
ip pim sparse-mode
!
interface Ethernet0/3
ip vrf forwarding A
ip address 10.10.57.5 255.255.255.0
ip pim dense-mode
!
router ospf 1
mpls ldp autoconfig area 0
log-adjacency-changes
network 10.10.0.0 0.0.255.255 area 0
!
router bgp 666
bgp log-neighbor-changes
neighbor 10.10.6.6 remote-as 666
neighbor 10.10.6.6 update-source Loopback0
!
address-family ipv4
neighbor 10.10.6.6 activate
no auto-summary
no synchronization
exit-address-family
!
address-family vpnv4
neighbor 10.10.6.6 activate
neighbor 10.10.6.6 send-community extended
exit-address-family
!
address-family ipv4 vrf A
redistribute connected
no synchronization
exit-address-family
!

R6:

ip vrf A
rd 10.10.6.6:1
route-target export 666:1
route-target import 666:1
mdt default 232.10.10.10
!
ip multicast-routing
ip multicast-routing vrf A
!
interface Loopback0
ip address 10.10.6.6 255.255.255.255
ip pim sparse-dense-mode
!
interface Ethernet0/0
ip address 10.10.46.6 255.255.255.0
ip pim sparse-mode
!
interface Ethernet0/3
ip vrf forwarding A
ip address 10.10.68.6 255.255.255.0
ip pim dense-mode
!
router ospf 1
mpls ldp autoconfig area 0
log-adjacency-changes
network 10.10.0.0 0.0.255.255 area 0
!
router bgp 666
bgp log-neighbor-changes
neighbor 10.10.5.5 remote-as 666
neighbor 10.10.5.5 update-source Loopback0
!
address-family ipv4
neighbor 10.10.5.5 activate
no auto-summary
no synchronization
exit-address-family
!
address-family vpnv4
neighbor 10.10.5.5 activate
neighbor 10.10.5.5 send-community extended
exit-address-family
!
address-family ipv4 vrf A
redistribute connected
no synchronization
exit-address-family
!

Verification

R5#deb ip mpacket

IP(1): s=10.10.57.7 (Ethernet0/3) d=224.69.69.69 (Tunnel0) id=820, ttl=254, prot=1, len=100(100), mforward

IP(0): s=10.10.5.5 (Loopback0) d=232.10.10.10 (Ethernet0/0) id=563, ttl=255, prot=47, len=124(124), mforward

R5#sh ip mroute
IP Multicast Routing Table
Flags: D – Dense, S – Sparse, C – Connected,
L – Local, T – SPT-bit set, Z – Multicast Tunnel,
z – MDT-data group sender…

(10.10.5.5, 232.10.10.10), 00:28:22/00:03:23, flags: sT
Incoming interface: Loopback0, RPF nbr 0.0.0.0
Outgoing interface list:
Ethernet0/0, Forward/Sparse, 00:01:04/00:02:26

(10.10.6.6, 232.10.10.10), 01:25:37/00:02:53, flags: sTIZ
Incoming interface: Ethernet0/0, RPF nbr 10.10.35.3
Outgoing interface list:
MVRF A, Forward/Sparse-Dense, 01:22:53/00:00:00

(*, 224.0.1.40), 12:23:16/00:02:34, RP 0.0.0.0, flags: DCL
Incoming interface: Null, RPF nbr 0.0.0.0
Outgoing interface list:
Ethernet0/0, Forward/Sparse, 12:23:16/00:00:00

R5#sh ip pim mdt
* implies group is the MDT default group
MDT Group Interface Source VRF
* 232.10.10.10 Tunnel0 Loopback0 A

R5#sh ip pim mdt bgp
Peer (Route Distinguisher + IPv4) Next Hop
MDT group 232.10.10.10
2:2570:101056513:10.10.6.6 10.10.6.6

18 Oct

CCIE SP – IP Multicast Anycast RP

Posted by Shafagh in Multicast, SP. Leave a Comment

In the previous port, we reviewed MSDP, Multicast Source Discovery Protocol (MSDP) is the key protocol that makes Anycast RP possible. The Anycast RP uses MSDP for redundancy and failover between RPs in Protocol Independent Multicast sparse mode (PIM-SM) networks. Rendezvous Points can share one IP address (same-address allocated to their loopback) and load-balance multicast traffic within the network. Data is routed to the nearest and the best destination as viewed by the routing topology. RP can be configured statically by “ip pim rp-address” command or dynamically using Auto-RP or PIMv2 (BSR).

Note: adding a new loopback can change your OSPF/BGP/LDP Router-ID, it’s always recommended to hard-code your router-ID by router-id command.

Example:

Multicast path is: R7-> R5 –> R3 –> R1 –> R2 –> R4 –> R6 –> R8

R1:
interface Loopback0
ip address 10.10.1.1 255.255.255.255
ip pim sparse-mode
!
interface Loopback69
ip address 10.10.69.69 255.255.255.255
ip pim sparse-mode
!
interface FastEthernet0/0
ip pim sparse-mode
!
interface ATM2/0
ip pim sparse-mode
!
!
router ospf 1
router-id 10.10.1.1
network 10.10.0.0 0.0.255.255 area 0
!
ip pim autorp listener
ip pim send-rp-announce Loopback69 scope 255
ip pim send-rp-discovery Loopback69 scope 255
ip msdp peer 10.10.12.2 connect-source FastEthernet0/0
!

R2:
interface Loopback0
ip address 10.10.2.2 255.255.255.255
ip pim sparse-mode
!
interface Loopback69
ip address 10.10.69.69 255.255.255.255
ip pim sparse-mode
!
interface Ethernet0/0
ip pim sparse-mode
!
interface Serial1/0
ip pim sparse-mode
!
router ospf 1
router-id 10.10.2.2
network 10.10.0.0 0.0.255.255 area 0
!
ip pim bsr-candidate Loopback69 0
ip pim rp-candidate Loopback69
ip msdp peer 10.10.12.1 connect-source Ethernet0/0
!

R2#sh ip msdp sa-cache
MSDP Source-Active Cache – 1 entries
(10.10.57.7, 224.100.100.100), RP 10.10.69.69,
AS ?,00:00:15/00:05:44, Peer 10.10.12.1

R5#sh ip pim rp mapping
PIM Group-to-RP Mappings

Group(s) 224.0.0.0/4
RP 10.10.69.69 (?), v2v1
Info source: 10.10.69.69 (?), elected via Auto-RP

R6#sh ip pim rp mapping
PIM Group-to-RP Mappings

Group(s) 224.0.0.0/4
RP 10.10.69.69 (?), v2
Info source: 10.10.69.69 (?), via bootstrap

For more information:

http://www.cisco.com/en/US/docs/ios/solutions_docs/
ip_multicast/White_papers/anycast.html

18 Oct

CCIE SP – Multicast BGP

Posted by Shafagh in MPLS, Multicast, SP. Leave a Comment

Multicast BGP feature adds capabilities to BGP to enable multicast routing to connect multicast topologies within and between BGP autonomous systems. MBGP is an enhanced BGP that carries IP multicast routes. PIM uses the multicast BGP database to perform Reverse Path Forwarding (RPF) lookups for multicast-capable sources. In our example, we will create a simple RPF failure in the network and then we will solve it by the multicast BGP. Example:

All routers are configured with PIM dense mode end-to-end. The multicast traffic path is:

R7 –> R5 –> R3 –> R1 –> R2 –> R4 –> R6 –> R8

Due to existence of eBGP between R3 and R4, Unicast path is:

R7 –> R5 –> R3 –> R4 –> R6 –> R8

So there’s an RPF failure, detected by R4… We can solve it either statically by “ip mroute” command or dynamically by MBGP.

Note: MBGP’s duty is to solve RPF failure, In fact multicast BGP routes are preferred over BGP unicast routes. We still need PIM for end to end delivery of IP multicast packets.

Configuration

R5:
ip multicast-routing
!
interface Ethernet0/0
ip pim dense-mode
!
interface Ethernet0/3
ip pim dense-mode
!

R3:
ip multicast-routing
!
interface FastEthernet0/0
ip pim dense-mode
!
interface ATM2/0
ip pim dense-mode
!

R1:
ip multicast-routing
!
interface FastEthernet0/0
ip pim dense-mode
!
interface ATM2/0
ip pim dense-mode
!
router bgp 135
neighbor 10.10.12.2 remote-as 246
neighbor 10.10.13.3 remote-as 135
!
address-family ipv4
neighbor 10.10.12.2 activate
neighbor 10.10.13.3 activate
no auto-summary
no synchronization
exit-address-family
!
address-family ipv4 multicast
neighbor 10.10.12.2 activate
no auto-summary
network 10.10.57.0 mask 255.255.255.0
exit-address-family
!
R2:
ip multicast-routing
!
interface Ethernet0/0
ip pim dense-mode
!
interface Serial1/0
ip pim dense-mode
!
router bgp 246
neighbor 10.10.12.1 remote-as 135
neighbor 10.10.24.4 remote-as 246
!
address-family ipv4
neighbor 10.10.12.1 activate
neighbor 10.10.24.4 activate
no auto-summary
no synchronization
exit-address-family
!
address-family ipv4 multicast
neighbor 10.10.12.1 activate
neighbor 10.10.24.4 activate
no auto-summary
no synchronization
exit-address-family
!
R4:
ip multicast-routing
!
interface Ethernet0/0
ip pim dense-mode
!
interface Serial1/0
ip pim dense-mode
!
router bgp 246
neighbor 10.10.24.2 remote-as 246
neighbor 10.10.34.3 remote-as 135
neighbor 10.10.46.6 remote-as 246
!
address-family ipv4
neighbor 10.10.24.2 activate
neighbor 10.10.24.2 route-reflector-client
neighbor 10.10.34.3 activate
neighbor 10.10.46.6 activate
neighbor 10.10.46.6 route-reflector-client
no auto-summary
no synchronization
exit-address-family
!
address-family ipv4 multicast
neighbor 10.10.24.2 activate
no auto-summary
no synchronization
exit-address-family
!
R6:
ip multicast-routing
!
interface Ethernet0/0
ip pim dense-mode
!
interface Ethernet0/3
ip pim dense-mode
!
R8:
interface Ethernet0/0
ip address 10.10.68.8 255.255.255.0
ip igmp join-group 224.69.69.69
!

Verification

R7#ping
Protocol [ip]:
Target IP address: 224.69.69.69
Repeat count [1]: 100
Extended commands [n]: y
Interface [All]: ethernet0/0
Time to live [255]:
Source address: 10.10.57.7
Sending 100, 100-byte ICMP Echos to 224.69.69.69:
Packet sent with a source address of 10.10.57.7

Reply to request 0 from 10.10.68.8
Reply to request 1 from 10.10.68.8
Reply to request 2 from 10.10.68.8

R2#sh ip bgp ipv4 multicast

Network Next Hop Metric LocPrf Weight Path
*> 10.10.57.0/24 10.10.12.1 12 0 135 i

R2#sh ip bgp

   Network          Next Hop   Metric LocPrf Weight Path
* i10.10.57.0/24    10.10.34.3 0    100      0 135 i
*>                  10.10.12.1                0 135 i
r>i10.10.68.0/24    10.10.46.6 0    100      0 i

R4#sh ip bgp ipv4 multicast

Network Next Hop Metric LocPrf Weight Path
*>i10.10.57.0/24 10.10.12.1 12 100 0 135 i

R4#sh ip rpf event
Last 15 triggered multicast RPF check events

RPF backoff delay: 500 msec
RPF maximum delay: 5 sec

DATE/TIME          BACKOFF PROTOCOL   EVENT      RPF CHANGES
Mar 1 00:20:24.767 500 msec BGP        Route Modified 1
Mar 1 00:05:08.631 500 msec OSPF       Route UP        0
Mar 1 00:05:05.851 500 msec BGP        Route UP        0
Mar 1 00:05:01.595 500 msec PIM        Nbr UP          0
Mar 1 00:03:08.263 500 msec OSPF       Route UP        0
Mar 1 00:03:00.531 500 msec PIM        Nbr UP          0
Mar 1 00:01:22.611 500 msec Connected Route UP        0
Mar 1 00:01:02.747 500 msec Connected Route Down      0
Mar 1 00:00:51.635 500 msec PIM        Nbr UP          0
Mar 1 00:00:44.995 500 msec OSPF       Route UP        0
Mar 1 00:00:28.915 500 msec Connected Route UP        0

R4#sh ip rpf 10.10.57.7
RPF information for ? (10.10.57.7)
RPF interface: Serial1/0
RPF neighbor: ? (10.10.24.2)
RPF route/mask: 10.10.57.0/24
RPF type: mbgp
RPF recursion count: 0
Doing distance-preferred lookups across tables

R4#sh ip mroute
IP Multicast Routing Table

(*, 224.0.1.40), 01:34:08/00:02:39, RP 0.0.0.0, flags: DCL
Incoming interface: Null, RPF nbr 0.0.0.0
Outgoing interface list:
Ethernet0/0, Forward/Dense, 01:19:37/00:00:00

(*, 224.69.69.69), 00:10:43/stopped, RP 0.0.0.0, flags: D
Incoming interface: Null, RPF nbr 0.0.0.0
Outgoing interface list:
Serial1/0, Forward/Dense, 00:10:43/00:00:00
Ethernet0/0, Forward/Dense, 00:10:43/00:00:00

(10.10.57.7, 224.69.69.69), 00:10:43/00:00:02, flags: T
Incoming interface: Serial1/0, RPF nbr 10.10.24.2, Mbgp
Outgoing interface list:
Ethernet0/0, Forward/Dense, 00:10:23/00:00:00

17 Oct

CCIE SP – MSDP

Posted by Shafagh in MPLS, Multicast, SP. Leave a Comment

MSDP or Multicast Source Distribution Protocol allows multicast sources for a group to be known to all rendezvous points (RPs) in different domains. Each PIM-SM domain uses its own RP and MSDP connects source based trees to destination trees. MSDP uses TCP as control protocol and you will require end to end multicast routing protocol such as PIM. At boundries (Autonomous systems) we will filter RP announcements from other autonomous systems. Example:

Our example is very simple, two multicast domains with no RPF failure and end-to-end PIM sparse mode between R5 and R6. Multicast source is R7 (sending Ping to multicast group) and R8 as multicast member (IGMP join). R1 is Auto-RP MA and RP for AS135 and R2 is BSR for AS246. R1 and R2 communicate with MSDP language and deliver SA (Source Active) messages to each-others as peers, in this way each RP is infromed about active sources in different domain and can join its memebers to that multicast tree (S,G) to (*,G). To debug MSDP messages we can use “debug ip msdp peer” and “debug ip msdp routes”

Multicast path from source to member is:

R7 –> R5 –> R3 -> R1 –> R2 –> R4 –> R6 –> R8

R7#trace 10.10.68.8

1 10.10.57.5
2 10.10.35.3
3 10.10.13.1
4 10.10.12.2
5 10.10.24.4
6 10.10.46.6
7 10.10.68.8

Configuration

R7:

R7#ping
Protocol [ip]:
Target IP address: 224.69.69.69
Repeat count [1]: 10
Extended commands [n]: y
Interface [All]: ethernet0/0
Source address: 10.10.57.7

Sending 10, 100-byte ICMP Echos to 224.69.69.69, timeout is 2 seconds:
Packet sent with a source address of 10.10.57.7
..

R5:

ip multicast-routing
!
interface Ethernet0/0
ip address 10.10.35.5 255.255.255.0
ip pim sparse-mode
!
interface Ethernet0/3
ip address 10.10.57.5 255.255.255.0
ip pim sparse-mode
!
ip pim autorp listener
!

R3:

ip multicast-routing
!
interface FastEthernet0/0
ip address 10.10.35.3 255.255.255.0
ip pim sparse-mode
!
interface ATM2/0
ip address 10.10.13.3 255.255.255.0
ip pim sparse-mode
!
ip pim autorp listener
!

R1:

ip multicast-routing
!
interface Loopback0
ip address 10.10.1.1 255.255.255.255
ip pim sparse-mode
!
interface FastEthernet0/0
ip address 10.10.12.1 255.255.255.0
ip pim bsr-border
ip pim sparse-mode
ip multicast boundary 1
!
interface ATM2/0
ip address 10.10.13.1 255.255.255.0
ip pim sparse-mode
!
ip pim autorp listener
ip pim send-rp-announce Loopback0 scope 255
ip pim send-rp-discovery Loopback0 scope 255
ip msdp peer 10.10.12.2 connect-source FastEthernet0/0
!
access-list 1 deny 224.0.1.39
access-list 1 deny 224.0.1.40
access-list 1 permit any
!

R2:

ip multicast-routing
!
interface Loopback0
ip address 10.10.2.2 255.255.255.255
ip pim sparse-mode
!
interface Ethernet0/0
ip address 10.10.12.2 255.255.255.0
ip pim bsr-border
ip pim sparse-mode
ip multicast boundary 1
!
interface Serial1/0
ip address 10.10.24.2 255.255.255.0
ip pim sparse-mode
!
ip pim bsr-candidate Loopback0 0
ip pim rp-candidate Loopback0
ip msdp peer 10.10.12.1 connect-source Ethernet0/0
!
access-list 1 deny 224.0.1.39
access-list 1 deny 224.0.1.40
access-list 1 permit any
!

R4:

ip multicast-routing
!
interface Ethernet0/0
ip address 10.10.46.4 255.255.255.0
ip pim sparse-mode
!
interface Serial1/0
ip address 10.10.24.4 255.255.255.0
ip pim sparse-mode
!

R6:

ip multicast-routing
!
interface Ethernet0/0
ip address 10.10.46.6 255.255.255.0
ip pim sparse-mode
!
interface Ethernet0/3
ip address 10.10.68.6 255.255.255.0
ip pim sparse-mode
!

R8:

interface Ethernet0/0
ip address 10.10.68.8 255.255.255.0
ip igmp join-group 224.69.69.69
!

Verification

At this point, R8 joins multicast tree and R2 is aware of multicast source through MSDP SA messages from R1 and can responses are sent back from R8 to R7:

R7#ping
Protocol [ip]:
Target IP address: 224.69.69.69
Repeat count [1]: 10
Extended commands [n]: y
Interface [All]: ethernet0/0
Source address: 10.10.57.7

Sending 10, 100-byte ICMP Echos to 224.69.69.69, timeout is 2 seconds:
Packet sent with a source address of 10.10.57.7
..
Reply to request 3 from 10.10.68.8
Reply to request 4 from 10.10.68.8
Reply to request 5 from 10.10.68.8
Reply to request 6 from 10.10.68.8
Reply to request 7 from 10.10.68.8
Reply to request 8 from 10.10.68.8
Reply to request 9 from 10.10.68.8

R1#sh ip pim rp mapping
PIM Group-to-RP Mappings
This system is an RP (Auto-RP)
This system is an RP-mapping agent (Loopback0)

Group(s) 224.0.0.0/4
RP 10.10.1.1 (?), v2v1
Info source: 10.10.1.1 (?), elected via Auto-RP
Uptime: 17:03:06, expires: 00:02:52

R1#sh ip mroute
IP Multicast Routing Table
Flags: D – Dense, S – Sparse, B – Bidir Group, C – Connected,
       L – Local, P – Pruned, T – SPT-bit set, J – Join SPT,
       M – MSDP created entry,
       A – Candidate for MSDP Advertisement

(*, 224.0.1.39), 17:04:10/stopped, RP 0.0.0.0, flags: DCL
Incoming interface: Null, RPF nbr 0.0.0.0
Outgoing interface list:
Loopback0, Forward/Sparse, 17:03:11/00:00:00
ATM2/0, Forward/Sparse, 17:04:10/00:00:00

(10.10.1.1, 224.0.1.39), 17:04:10/00:02:49, flags: LTA
Incoming interface: Loopback0, RPF nbr 0.0.0.0
Outgoing interface list:
ATM2/0, Forward/Sparse, 17:03:11/00:00:00

(*, 224.0.1.40), 17:06:10/stopped, RP 0.0.0.0, flags: DCL
Incoming interface: Null, RPF nbr 0.0.0.0
Outgoing interface list:
Loopback0, Forward/Sparse, 17:03:11/00:00:00
ATM2/0, Forward/Sparse, 17:06:10/00:00:00

(10.10.1.1, 224.0.1.40), 17:03:10/00:02:54, flags: LTA
Incoming interface: Loopback0, RPF nbr 0.0.0.0
Outgoing interface list:
ATM2/0, Forward/Sparse, 17:03:11/00:00:00

(*, 224.69.69.69), 00:01:50/stopped, RP 10.10.1.1, flags: SP
Incoming interface: Null, RPF nbr 0.0.0.0
Outgoing interface list: Null

(10.10.57.7, 224.69.69.69), 00:01:50/00:01:54, flags: TA
Incoming interface: ATM2/0, RPF nbr 10.10.13.3
Outgoing interface list:
FastEthernet0/0, Forward/Sparse, 00:01:49/00:02:39

R1#sh ip msdp peer
MSDP Peer 10.10.12.2 (?), AS 246
Description:
Connection status:
    State: Up, Resets: 0,
    Connection source: FastEthernet0/0 (10.10.12.1)
    Uptime(Downtime): 14:14:08, Messages sent/received: 922/854
    Output messages discarded: 0
    Connection and counters cleared 14:16:09 ago
SA Filtering:
    Input (S,G) filter: none, route-map: none
    Input RP filter: none, route-map: none
    Output (S,G) filter: none, route-map: none
    Output RP filter: none, route-map: none
SA-Requests:
    Input filter: none
Peer ttl threshold: 0
SAs learned from this peer: 0
Input queue size: 0, Output queue size: 0

R2 Verification

R2#sh ip pim rp mapping
PIM Group-to-RP Mappings
This system is a candidate RP (v2)
This system is the Bootstrap Router (v2)

Group(s) 224.0.0.0/4
RP 10.10.2.2 (?), v2
Info source: 10.10.2.2 (?), via bootstrap, priority 0
holdtime 150 Uptime: 16:13:59, expires: 00:01:27

R2#sh ip msdp summary
MSDP Peer Status Summary
Peer Address     AS    State    Uptime/ Reset SA    Peer Name
                                Downtime Count Count
10.10.12.1       135   Up       14:15:47 0     1     ?

R2#sh ip mroute

(*, 224.0.1.40), 16:22:23/00:02:02, RP 0.0.0.0, flags: DPL
Incoming interface: Null, RPF nbr 0.0.0.0
Outgoing interface list: Null

(*, 224.69.69.69), 01:17:15/stopped, RP 10.10.2.2, flags: S
Incoming interface: Null, RPF nbr 0.0.0.0
Outgoing interface list:
Serial1/0, Forward/Sparse, 01:17:15/00:03:03

(10.10.57.7, 224.69.69.69), 00:00:02/00:02:57, flags: M
Incoming interface: Ethernet0/0, RPF nbr 10.10.12.1
Outgoing interface list:
Serial1/0, Forward/Sparse, 00:00:02/00:03:28

R6 Verification

R6#sh ip mroute

(*, 224.0.1.40), 16:17:35/00:02:49, RP 0.0.0.0, flags: DCL
Incoming interface: Null, RPF nbr 0.0.0.0
Outgoing interface list:
Ethernet0/0, Forward/Sparse, 16:17:35/00:02:49

(*, 224.69.69.69), 01:13:28/stopped, RP 10.10.2.2, flags: SJC
Incoming interface: Ethernet0/0, RPF nbr 10.10.46.4
Outgoing interface list:
Ethernet0/3, Forward/Sparse, 01:13:28/00:02:30

(10.10.57.7, 224.69.69.69), 00:00:02/00:02:57, flags: JT
Incoming interface: Ethernet0/0, RPF nbr 10.10.46.4
Outgoing interface list:
Ethernet0/3, Forward/Sparse, 00:00:02/00:02:57

R6#sh ip pim rp mapping
PIM Group-to-RP Mappings

Group(s) 224.0.0.0/4
RP 10.10.2.2 (?), v2
Info source: 10.10.2.2 (?), via bootstrap, priority 0, holdtime 150
Uptime: 16:15:26, expires: 00:02:27

« Older Entries

	Michael on Catalyst to ProCurve
	Achiko on CCIE Security – DMVPN ma…
	Irfan on Internet Through MPLS – …
	Irfan on Catalyst to ProCurve
	Shafagh on HP ProCurve AIS

Shafagh.com Shafagh Zandi Official Blog

Catalyst to ProCurve

Internet Through MPLS – Default Route Propagation

Example (based on the first topology):

Verification:

CCIE SP – MPLS Traffic Engineering

Configuration

Verification

Dynamic Path Configuration:

CCIE Magazine

Cisco VPN Client for Windows 7

CCIE SP – L2TPv3

CCIE SP – Multicast for MPLS VPNs (MVPN)

Configuration

Verification

CCIE SP – IP Multicast Anycast RP

CCIE SP – Multicast BGP

Configuration

Verification

CCIE SP – MSDP

Configuration

Verification

R2 Verification

R6 Verification

Author:

Recent Posts

Categories

Archives

Recent Comments

RSS Feed

Blogroll

Links

CCIE Training