Friday , February 28 2025

basic BGP in Huawei CLI – part 2

7 Mar, 2013 0

This article is a continuation of the basic BGP with Huawei CLI.

Today I want to explain you, why labnarioR5 router cannot ping BGP prefixes advertised by BGP AS50. Do you remember our BGP topology? I have configured BGP protocol as in the picture below:

 

There are three BGP Autonomous Systems: AS50, AS100 and AS55. All are connected via EBGP peering sessions. AS100 has three routers forming IBGP full mesh. LabnarioR1 router in AS50 advertises three prefixes:

  • 11.10.10.0/24
  • 12.10.10.0/24
  • 13.10.10.0/24

All these prefixes are advertised by the routers in AS100 and pass to AS55. LabnarioR5 router has these prefixes in its BGP and routing tables, but cannot ping them. Why is it like that?

As the first step I want to check labnarioR5 router’s routing and BGP tables:

<labnarioR5>dis ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
         Destinations : 10       Routes : 10       

Destination/Mask    Proto   Pre  Cost      Flags NextHop         Interface

     11.10.10.0/24  EBGP    255  0           D   155.100.35.3    Serial0/0/0  
     12.10.10.0/24  EBGP    255  0           D   155.100.35.3    Serial0/0/0 
     13.10.10.0/24  EBGP    255  0           D   155.100.35.3    Serial0/0/0 
      127.0.0.0/8   Direct  0    0           D   127.0.0.1       InLoopBack0
      127.0.0.1/32  Direct  0    0           D   127.0.0.1       InLoopBack0
   155.100.35.0/24  Direct  0    0           D   155.100.35.5    Serial0/0/0
   155.100.35.3/32  Direct  0    0           D   155.100.35.3    Serial0/0/0
   155.100.35.5/32  Direct  0    0           D   127.0.0.1       Serial0/0/0
   155.100.45.0/24  Direct  0    0           D   155.100.45.5    Ethernet0/0/0
   155.100.45.5/32  Direct  0    0           D   127.0.0.1       Ethernet0/0/0

It looks like labnarioR5 has all three prefixes installed in its routing table. Let’s see BGP table:

<labnarioR5>dis bgp routing-table 

 BGP Local router ID is 155.100.45.5 
 Status codes: * - valid, > - best, d - damped,
               h - history,  i - internal, s - suppressed, S - Stale
               Origin : i - IGP, e - EGP, ? - incomplete

 Total Number of Routes: 6
      Network            NextHop        MED        LocPrf    PrefVal Path/Ogn

 *>   11.10.10.0/24     155.100.35.3                          0      100 50i
 *                      155.100.45.4                          0      100 50i
 *>   12.10.10.0/24     155.100.35.3                          0      100 50i
 *                      155.100.45.4                          0      100 50i
 *>   13.10.10.0/24     155.100.35.3                          0      100 50i
 *                      155.100.45.4                          0      100 50i

It looks like labnarioR5 has all three prefixes installed in its both BGP and routing tables. So, is my BGP protocol configured correctly? Yes it is.

When troubleshooting routing issues, it is helpful to use the ICMP protocol with the ICMP debugging. I will try to debug ICMP on labnarioR1 and check, what the source IP address of the ICMP packet sent by the labnarioR5 router is:

<labnarioR1>debugging ip icmp
<labnarioR1>terminal monitor
<labnarioR1>terminal debugging

Now I can ping BGP prefix from R5 router:

[labnarioR5]ping 11.10.10.1
  PING 11.10.10.1: 56  data bytes, press CTRL_C to break
    Request time out
    Request time out
    Request time out

Let’s check debugging output on labnarioR1:

<labnarioR1>
Mar  4 2013 21:44:46.710.1-08:00 labnarioR1 IP/7/debug_icmp:
ICMP Receive: echo(Type=8, Code=0), Src = 155.100.35.5, Dst = 11.10.10.1, ICMP I
d = 0xabd3, ICMP Seq = 3

Mar  4 2013 21:44:46.710.2-08:00 labnarioR1 IP/7/debug_icmp:
ICMP Send: echo-reply(Type=0, Code=0), Src = 11.10.10.1, Dst = 155.100.35.5, ICM
P Id = 0xabd3, ICMP Seq = 3

To successfully send ICMP reply packet, labnarioR1 has to be able to reach the source IP address of the packet. Let’s check if 155.100.35.0/24 prefix exists in its routing table:

<labnarioR1>dis ip routing-table 
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
         Destinations : 10       Routes : 10       

Destination/Mask    Proto   Pre  Cost      Flags NextHop         Interface

     11.10.10.0/24  Direct  0    0           D   11.10.10.1      LoopBack0
     11.10.10.1/32  Direct  0    0           D   127.0.0.1       LoopBack0
     12.10.10.0/24  Direct  0    0           D   12.10.10.1      LoopBack1
     12.10.10.1/32  Direct  0    0           D   127.0.0.1       LoopBack1
     13.10.10.0/24  Direct  0    0           D   13.10.10.1      LoopBack2
     13.10.10.1/32  Direct  0    0           D   127.0.0.1       LoopBack2
      127.0.0.0/8   Direct  0    0           D   127.0.0.1       InLoopBack0
      127.0.0.1/32  Direct  0    0           D   127.0.0.1       InLoopBack0
   150.100.12.0/24  Direct  0    0           D   150.100.12.1    Ethernet0/0/0
   150.100.12.1/32  Direct  0    0           D   127.0.0.1       Ethernet0/0/0

LabnarioR1 does not know how to reach the 155.100.35.0/24 network. How to solve this problem?

There are two different solutions. The easiest way is to just advertise 155.100.35.0/24 network in the BGP protocol. The second one is to configure additional IGP protocol between our routers and advertise all the connected networks. I will use the first solution:

[labnarioR5]bgp 55
[labnarioR5-bgp]network 155.100.35.0 255.255.255.0
[labnarioR5-bgp]

Now I can try to ping BGP network once again:

[labnarioR5-bgp]ping 11.10.10.1
  PING 11.10.10.1: 56  data bytes, press CTRL_C to break
    Reply from 11.10.10.1: bytes=56 Sequence=1 ttl=253 time=110 ms
    Reply from 11.10.10.1: bytes=56 Sequence=2 ttl=253 time=80 ms
    Reply from 11.10.10.1: bytes=56 Sequence=3 ttl=253 time=60 ms
    Reply from 11.10.10.1: bytes=56 Sequence=4 ttl=253 time=70 ms
    Reply from 11.10.10.1: bytes=56 Sequence=5 ttl=253 time=70 ms

  --- 11.10.10.1 ping statistics ---
    5 packet(s) transmitted
    5 packet(s) received
    0.00% packet loss
    round-trip min/avg/max = 60/78/110 ms

Now labnarioR5 can successfully ping BGP networks advertised by labnarioR1.

Read More »

connection to ssh server by stelnet and sftp

4 Mar, 2013 0

Today I would like to focus on SSH application. What I want to do is to configure SSH connection between two switches, using password and RSA authentication:

  • Connection between stelnet client and SSH server
  • Connection between SFTP client and SSH server.

Let’s look at the simple SSH topology:

Ensure IP connection based on the above topology:

#
sysname SSH_client
#
vlan batch 100
#
interface Vlanif100
 ip address 10.0.0.1 255.255.255.0
#
interface GigabitEthernet0/0/1
 port hybrid tagged vlan 100
#
sysname SSH_server
#
vlan batch 100
#
interface Vlanif100
 ip address 10.0.0.2 255.255.255.0
#
interface GigabitEthernet0/0/1
 port hybrid tagged vlan 100

Create a local key pair on the SSH_server:

[SSH_server]rsa local-key-pair create 
The key name will be: SSH_server_Host
The range of public key size is (512 ~ 2048). 
NOTES: If the key modulus is greater than 512, 
       it will take a few minutes.
Input the bits in the modulus[default = 512]:
Generating keys...
....................++++++++++++
...........++++++++++++
.........++++++++
........................++++++++

Configure a VTY user-interface:

[SSH_server]user-interface vty 0 4
[SSH_server-ui-vty0-4]authentication-mode aaa	
[SSH_server-ui-vty0-4]protocol inbound ssh

Configure two local users:

[SSH_server-aaa]local-user labnario_pass password simple labnario
Info: Add a new user.
[SSH_server-aaa]local-user labnario_pass service-type ssh
[SSH_server-aaa]local-user labnario_pass privilege level 15
[SSH_server-aaa]
[SSH_server-aaa]local-user labnario_rsa password cipher labnario
Info: Add a new user.
[SSH_server-aaa]local-user labnario_rsa service-type ssh
[SSH_server-aaa]local-user labnario_rsa privilege level 15

Create an SSH user named labnario_pass and configure the authentication mode as password for the user:

[SSH_server]ssh user labnario_pass authentication-type password
Info: Succeeded in adding a new SSH user.

Create an SSH user named labnario_rsa and configure the authentication mode as RSA for the user:

[SSH_server]ssh user labnario_rsa authentication-type rsa 
Info: Succeeded in adding a new SSH user.

Create a local key pair on the client:

[SSH_client]rsa local-key-pair create 
The key name will be: SSH_client_Host
The range of public key size is (512 ~ 2048). 
NOTES: If the key modulus is greater than 512, 
       it will take a few minutes.
Input the bits in the modulus[default = 512]:
Generating keys...
...++++++++++++
.............++++++++++++
.........++++++++
...................++++++++

Send the RSA public key, generated on the client, to the server:

[SSH_client]display rsa local-key-pair public 

=====================================================
Time of Key pair created: 12:14:00  2013/3/4
Key name: SSH_client_Host
Key type: RSA encryption Key
=====================================================
Key code:
3047
  0240
    E3A7DD2A 41619DB8 87C393E6 37F8EC7F FE3CCC99
    648127E9 5CB55853 682B6769 6A1A29AC F14C4B6C
    BB42D341 FFACE436 72629F6D 83BA629D 820EB648
    FED5D523 
  0203
    010001
...

[SSH_server]rsa peer-public-key labnario 
Enter "RSA public key" view, return system view with "peer-public-key end".	
[SSH_server-rsa-public-key]public-key-code begin 
Enter "RSA key code" view, return last view with "public-key-code end".

[SSH_server-rsa-key-code]3047
[SSH_server-rsa-key-code]  0240
[SSH_server-rsa-key-code]    E3A7DD2A 41619DB8 87C393E6 37F8EC7F FE3CCC99
[SSH_server-rsa-key-code]    648127E9 5CB55853 682B6769 6A1A29AC F14C4B6C
[SSH_server-rsa-key-code]    BB42D341 FFACE436 72629F6D 83BA629D 820EB648
[SSH_server-rsa-key-code]    FED5D523 
[SSH_server-rsa-key-code]  0203
[SSH_server-rsa-key-code]    010001	
[SSH_server-rsa-key-code]public-key-code end
[SSH_server-rsa-public-key]peer-public-key end

Bind the RSA public key of the SSH_client to labnario_rsa on the SSH_server:

[SSH_server]ssh user labnario_rsa assign rsa-key labnario

Enable stelnet service on the SSH server:

[SSH_server]stelnet server enable
Info: Succeeded in starting the Stelnet server.

Set the service type of labnario_pass and labnario_rsa to stelnet:

[SSH_server]ssh user labnario_pass service-type stelnet
[SSH_server]ssh user labnario_rsa service-type stelnet

You must enable the initial authentication on the SSH_client for the first login:

[SSH_client] ssh client first-time enable

Initiate stelnet connection from SSH_client to SSH_server using password:

[SSH_client]stelnet 10.0.0.2
Please input the username:labnario_pass
Trying 10.0.0.2 ...
Press CTRL+K to abort
Connected to 10.0.0.2 ...
The server is not authenticated. Continue to access it? [Y/N] :y
Save the server's public key? [Y/N] :y
The server's public key will be saved with the name 10.0.0.2. Please wait...

Enter password:
Info: The max number of VTY users is 5, and the number
      of current VTY users on line is 1.
      The current login time is 2013-03-04 12:22:52.
<SSH_server>

Initiate stelnet connection from SSH_client to SSH_server using RSA:

[SSH_client]stelnet 10.0.0.2
Please input the username:labnario_rsa
Trying 10.0.0.2 ...
Press CTRL+K to abort
Connected to 10.0.0.2 ...
Info: The max number of VTY users is 5, and the number
      of current VTY users on line is 1.
      The current login time is 2013-03-04 12:23:10.
<SSH_server>

To use SFTP to connect to SSH_server just add the following configuration to SSH_server:

[SSH_server-aaa]local-user labnario_pass service-type ftp ssh
[SSH_server-aaa]local-user labnario_rsa service-type ftp ssh
[SSH_server-aaa]local-user labnario_pass ftp-directory flash:
[SSH_server-aaa]local-user labnario_rsa ftp-directory flash:

[SSH_server]ssh user labnario_pass service-type all
[SSH_server]ssh user labnario_rsa service-type all

[SSH_server]sftp server enable
Info: Succeeded in starting the SFTP server.

Use SFTP on SSH_client to initiate SFTP connection to SSH_server:

[SSH_client]sftp 10.0.0.2
Please input the username:labnario_pass
Trying 10.0.0.2 ...
Press CTRL+K to abort
Connected to 10.0.0.2 ...
Enter password:
<sftp-client>dir
drwxrwxrwx   1 noone    nogroup         0 Mar 04 12:04 src
drwxrwxrwx   1 noone    nogroup         0 Mar 04 12:05 compatible
-rwxrwxrwx   1 noone    nogroup       890 Mar 04 12:23 vrpcfg.zip
<sftp-client>quit
Bye
[SSH_client]
[SSH_client]
[SSH_client]sftp 10.0.0.2
Please input the username:labnario_rsa
Trying 10.0.0.2 ...
Press CTRL+K to abort
Connected to 10.0.0.2 ...
<sftp-client>dir
drwxrwxrwx   1 noone    nogroup         0 Mar 04 12:04 src
drwxrwxrwx   1 noone    nogroup         0 Mar 04 12:05 compatible
-rwxrwxrwx   1 noone    nogroup       890 Mar 04 12:23 vrpcfg.zip
<sftp-client>quit
Bye

Read More »

from Huawei CLI – virtual-cable-test

26 Feb, 2013 0

My friend found an interesting command while he was searching Huawei S3700 documentation. It looks like it is possible to check (by command) a state of physical cable, connected to electrical Ethernet or GigabitEthernet interfaces. I have never used it but as soon as I get such switch I promise to test it.

Short description from Hedex:

  • When the checked cable is in normal state, the total length of the cable is displayed in the output information.
  • If the cable is abnormal, the distance between the interface and the faulty point is displayed.
[Quidway] interface Ethernet 0/0/1
[Quidway-Ethernet0/0/1] virtual-cable-test
Warning: The command will stop service for a while, Continue [Y/N]?y
Pair A length: 189meter(s)
Pair B length: 189meter(s)
Pair C length: 189meter(s)
Pair D length: 189meter(s)
Pair A state: Ok
Pair B state: Ok
Pair C state: Ok
Pair D state: Ok

Description of the virtual-cable-test command output (by Hedex):

  • Pair A/B/C/D – Four pairs of circuits in a network cable.
  • Pair A length: 189meter(s) – Length of a network cable.

The length is the distance between the interface and the faulty point if a fault occurs.
The length is the actual length of the cable when the cable is in normal state.
The length is the default length 0 m if the interface is not connected to any network cable.

  • Pair A state: Ok – Status of a circuit pair of the cable.

OK – indicates that the circuit pair is terminated normally.
Open – indicates that the circuit pair is not terminated.
Short – indicates that the circuit pair is short circuited.
Crosstalk – indicates that the circuit pairs interfere with each other.
Unknown – indicates that the circuit pair has an unknown fault.

I also found this command in Hedex for AR12/22/32 routers.

If you have got any experience with this command just let me know.

Read More »

basic BGP in Huawei CLI

20 Feb, 2013 0

BGP stands for Border Gateway Protocol. It is widely used among Internet Service Providers to make core routing decisions on the Internet. The current BGP version is BGP-4 defined in RFC 4271.

BGP uses TCP port 179 as its underlying delivery mechanism to increase the reliability of the peer connection. BGP is called a path vector routing protocol. It uses a list of AS numbers through which the packet must pass in order to reach the destination. This list of AS numbers is associated with a BGP route and is called the AS_Path attribute. AS_Path is one of several path attributes associated with each BGP route. How does a BGP select best path to a destination network, you can read at how does BGP select routes.

I do not want to describe BGP in details, as this is out of the scope of this article. What I want to do is to show you, how to configure basic BGP features using Huawei CLI. Especially I want to show you how to:

  • run BGP protocol
  • configure IBGP peering sessions using peer groups
  • configure EBGP peering
  • advertise networks.

Let’s assume that we have three Autonomous Systems (see topology below):

  • AS50 with only one BGP router, terminating EBGP peering with AS100
  • AS100 with three routers forming IBGP full mesh using peer group
  • AS55 where labnarioR5 router will form two EBGP peering sessions with AS100.

LabnarioR1 in AS50 will be advertising three prefixes, which will pass through AS100 to AS55. I want labnarioR5 router to be able to receive these three routes and reach them (be able to ping them).

So let’s start with BGP configuration. First I want to configure labnarioR1 router to run BGP AS50 and form EBGP peering session with labnarioR2 router in AS100 (interface IP addressing configuration is omitted):

[labnarioR1]bgp 50
[labnarioR1-bgp]undo synchronization
[labnarioR1-bgp]undo summary automatic
[labnarioR1-bgp]peer 150.100.12.2 as-number 100

Now I can configure AS100. I want my three routers to form an IBGP full mesh. I will use physical interfaces to establish peering sessions for simplicity. Usually it is better to use loopback interfaces when multiple physical links exist inside AS. First I will configure EBGP session to AS50:

[labnarioR2]bgp 100
[labnarioR2-bgp]undo synchronization
[labnarioR2-bgp]undo summary automatic
[labnarioR2-bgp]peer 150.100.12.1 as-number 50

Let’s check if our EBGP session between AS50 and AS100 is established:

[labnarioR2-bgp]display bgp peer 

 BGP local router ID : 150.100.12.2
 Local AS number : 100
 Total number of peers : 1		  Peers in established state : 1

  Peer            V          AS  MsgRcvd  MsgSent  OutQ  Up/Down  State    PrefRcv

  150.100.12.1    4          50       11       11     0  01:51:01 Established    0

EBGP session between AS50 and 100 is established, so I can start configuring my IBGP peering sessions in AS100. I will do that using a peer group named iBGP. Of course it is possible to specify every single peer and assign BGP specific parameters to it, but I want to use a peer group, where every BGP parameter will be assigned to it, including peering routers.

[labnarioR2-bgp]bgp 100
[labnarioR2-bgp] group iBGP internal
[labnarioR2-bgp] peer iBGP next-hop-local
[labnarioR2-bgp] peer 172.16.23.3 group iBGP
[labnarioR2-bgp] peer 172.16.24.4 group iBGP

As you see above, my iBGP peer group definition includes group type internal. When configuring peer group type internal, there is no need to assign AS number to this group. Every peer belonging to a group type internal, inherits AS number of the local AS. It is also possible to define a peer group type external. Let’s check BGP configuration on labnarioR2 router:

#
bgp 100
 peer 150.100.12.1 as-number 50
 group iBGP internal
 peer 172.16.23.3 as-number 100
 peer 172.16.23.3 group iBGP
 peer 172.16.24.4 as-number 100
 peer 172.16.24.4 group iBGP
 #
 ipv4-family unicast
  undo synchronization
  peer 150.100.12.1 enable
  peer iBGP enable
  peer iBGP next-hop-local
  peer 172.16.23.3 enable
  peer 172.16.23.3 group iBGP
  peer 172.16.24.4 enable
  peer 172.16.24.4 group iBGP
#

All the iBGP group parameters are assigned to peering routers. Now labnarioR3 and labnarioR4 routers can be configured in the same way. Both also should be configured to peer with AS55 and labnarioR5 router:

[labnarioR3]bgp 100
[labnarioR3-bgp] undo synchronization
[labnarioR3-bgp] undo summary automatic
[labnarioR3-bgp] group iBGP internal
[labnarioR3-bgp] peer iBGP next-hop-local
[labnarioR3-bgp] peer 172.16.23.2 group iBGP
[labnarioR3-bgp] peer 172.16.34.4 group iBGP
[labnarioR3-bgp] peer 155.100.35.5 as-number 55

[labnarioR4]bgp 100
[labnarioR4-bgp] undo synchronization
[labnarioR4-bgp] undo summary automatic
[labnarioR4-bgp] group iBGP internal
[labnarioR4-bgp] peer iBGP next-hop-local
[labnarioR4-bgp] peer 172.16.24.2 group iBGP
[labnarioR4-bgp] peer 172.16.34.3 group iBGP
[labnarioR4-bgp] peer 155.100.45.5 as-number 55

Let’s check BGP configuration and IBGP peering sessions on labnarioR3 and labnarioR4:

[labnarioR3-bgp]dis this
#
bgp 100
 peer 155.100.35.5 as-number 55
 group iBGP internal
 peer 172.16.23.2 as-number 100
 peer 172.16.23.2 group iBGP
 peer 172.16.34.4 as-number 100
 peer 172.16.34.4 group iBGP
 #
 ipv4-family unicast
  undo synchronization
  peer 155.100.35.5 enable
  peer iBGP enable
  peer iBGP next-hop-local
  peer 172.16.23.2 enable
  peer 172.16.23.2 group iBGP
  peer 172.16.34.4 enable
  peer 172.16.34.4 group iBGP
#
return

[labnarioR3-bgp]dis bgp peer 

 BGP local router ID : 172.16.23.3
 Local AS number : 100
 Total number of peers : 3		  Peers in established state : 3

  Peer            V          AS  MsgRcvd  MsgSent  OutQ  Up/Down       State PrefRcv

  155.100.35.5    4          55        0        0     0 00:00:16        Idle    0
  172.16.23.2     4         100       41       41     0 00:37:50 Established    0
  172.16.34.4     4         100       95       96     0 01:32:49 Established    0

[labnarioR4-bgp]dis this
#
bgp 100
 peer 155.100.45.5 as-number 55
 group iBGP internal
 peer 172.16.24.2 as-number 100
 peer 172.16.24.2 group iBGP
 peer 172.16.34.3 as-number 100
 peer 172.16.34.3 group iBGP
 #
 ipv4-family unicast
  undo synchronization
  peer 155.100.45.5 enable
  peer iBGP enable
  peer iBGP next-hop-local
  peer 172.16.24.2 enable
  peer 172.16.24.2 group iBGP
  peer 172.16.34.3 enable
  peer 172.16.34.3 group iBGP
#
return

[labnarioR4-bgp]dis bgp peer

 BGP local router ID : 172.16.24.4
 Local AS number : 100
 Total number of peers : 3		  Peers in established state : 3

  Peer            V          AS  MsgRcvd  MsgSent  OutQ  Up/Down       State PrefRcv

  155.100.45.5    4          55        0        0     0 00:00:17        Idle    0
  172.16.24.2     4         100       47       46     0 00:43:39 Established    0
  172.16.34.3     4         100      101      101     0 01:38:38 Established    0

Of course to have EBGP session established, labnarioR5 should be configured first ;).

[labnarioR5]bgp 55
[labnarioR5-bgp] undo summary automatic 
[labnarioR5-bgp] undo synchronization 
[labnarioR5-bgp] peer 155.100.35.3 as-number 100
[labnarioR5-bgp] peer 155.100.45.4 as-number 100
[labnarioR5-bgp]

[labnarioR5-bgp]dis bgp peer

 BGP local router ID : 155.100.35.5
 Local AS number : 55
 Total number of peers : 2		  Peers in established state : 2

  Peer            V          AS  MsgRcvd  MsgSent  OutQ  Up/Down       State PrefRcv

  155.100.35.3    4         100       46       46     0 00:43:55 Established    0
  155.100.45.4    4         100       46       46     0 00:43:54 Established    0

All my BGP peering sessions are configured now.

As the next step I want my AS50 to advertise some prefixes. These prefixes should pass to AS55. I will use loopback interfaces to simulate some networks:

[labnarioR1]interface LoopBack0
[labnarioR1-LoopBack0] ip address 11.10.10.1 255.255.255.0
[labnarioR1-LoopBack0] interface LoopBack1
[labnarioR1-LoopBack1] ip address 12.10.10.1 255.255.255.0
[labnarioR1-LoopBack1] interface LoopBack2
[labnarioR1-LoopBack2] ip address 13.10.10.1 255.255.255.0

[labnarioR1]bgp 50
[labnarioR1-bgp] network 11.10.10.0 255.255.255.0
[labnarioR1-bgp] network 12.10.10.0 255.255.255.0
[labnarioR1-bgp] network 13.10.10.0 255.255.255.0

Remember to use the same network mask under the BGP process and the corresponding interface.

Let’s check if labnarioR1 is advertising my prefixes:

[labnarioR1]dis bgp routing-table 

 BGP Local router ID is 150.100.12.1 
 Status codes: * - valid, > - best, d - damped,
               h - history,  i - internal, s - suppressed, S - Stale
               Origin : i - IGP, e - EGP, ? - incomplete

 Total Number of Routes: 3
      Network            NextHop        MED        LocPrf    PrefVal Path/Ogn

 *>   11.10.10.0/24      0.0.0.0         0                     0      i
 *>   12.10.10.0/24      0.0.0.0         0                     0      i
 *>   13.10.10.0/24      0.0.0.0         0                     0      i

LabnarioR1 now advertises three prefixes. These prefixes should pass through AS100 to AS55. Let’s check labnarioR5 BGP table:

[labnarioR5]dis bgp routing-table 

 BGP Local router ID is 155.100.35.5 
 Status codes: * - valid, > - best, d - damped,
               h - history,  i - internal, s - suppressed, S - Stale
               Origin : i - IGP, e - EGP, ? - incomplete

 Total Number of Routes: 6
      Network            NextHop        MED        LocPrf    PrefVal Path/Ogn

 *>   11.10.10.0/24      155.100.35.3                          0      100 50i
 *                       155.100.45.4                          0      100 50i
 *>   12.10.10.0/24      155.100.35.3                          0      100 50i
 *                       155.100.45.4                          0      100 50i
 *>   13.10.10.0/24      155.100.35.3                          0      100 50i
 *                       155.100.45.4                          0      100 50i

LabnarioR5 router has all three prefixes in its BGP table. It prefers labnarioR3 router as its next hop to reach these prefixes. Does this mean that labnarioR5 can ping these networks? Let’s check:

<labnarioR5>ping 11.10.10.1
  PING 11.10.10.1: 56  data bytes, press CTRL_C to break
    Request time out
    Request time out
    Request time out
    Request time out
    Request time out

  --- 11.10.10.1 ping statistics ---
    5 packet(s) transmitted
    0 packet(s) received
    100.00% packet loss

Why is it like that? Read my next article about BGP.

Read More »

OSPF virtual link – update

13 Feb, 2013 0

Do you remember our quiz regarding OSPF Virtual Links?

I have asked you, how many OSPF Virtual Links are required in order to avoid Area0 partitioning, while still maintaining full IP connectivity through the OSPF topology.

Look at the topology in the picture below:

Assuming that we cannot change this topology, OSPF Virtual Links have to be implemented because:

  • Area2 has no connectivity with Area0
  • In case of Area0 Ethernet link failure, Area0 will be partitioned.

Let’s imagine, how our topology will look like, in case of Area0 Ethernet link failure.

To solve the first issue, OSFP Virtual Link connecting Area2 to Area0 is required.

To overcome the second issue, labnarioR1 and labnarioR2 routers have to be connected via Virtual Link going through Area1. As a result, Virtual Links can be implemented as in the picture below:

Read More »
Design By: ThemeTen