Moblie

Sunday, November 6, 2011

GLBP Issue


• The GLBP will not work in this scenario, if the firewall having route traffic toward switch
• Firewall having Mac address issue in this scenario.
• Use HSRP for pass traffic to gateway and routers.
• If you use HSRP in switch again one more issue occur. The both MPLS Link will not work parallel or active & active. You have to create dynamic routing between switch and Router. The other second option is to use Two default static route toward routers.




  • This scenario is tested on Cisco ASA and its not work.


  • The Same scenario was working on Netscreen Firewalls. Different algorithms.

Posted by at No comments:

BGP Remote Site Router Config

***** Configuration Base On Diagram -5 & 6 *****
Diagram Link
http://cisconetlabs.blogspot.in/2011/11/network-diagram-topology-5.html
and
http://cisconetlabs.blogspot.in/2011/11/network-diagram-topology-6.html


-----------Branch Site Configuration-----------

router bgp 65200
no synchronization
bgp log-neighbor-changes
network 3.x.x.x mask 255.255.255.255 // Local Network Advertisednetwork 172.31.1.0 mask 255.255.255.0 // Local Network Advertisednetwork 172.31.2.0 mask 255.255.255.0 // Local Network Advertised
neighbor 200.10.x.x remote-as 10333 //EBGP Neighbor Routerneighbor 200.10.x.x description ISP-2 MPLS PE router
neighbor 200.10.x.x allowas-in
neighbor 172.31.1. 5 remote-as 65200 //IBGP Neighbor Router
neighbor 172.31.1. 5 description Neighbour IBGP Peer
neighbor 172.31.1. 5 next-hop-self
neighbor 172.31.1. 5 allowas-in
no auto-summary


ip route 172.31.1.0 255.255.255.0 172.31.1. 254 name Vlan1  /// Static Route coming from LAN
ip route 172.31.2.0 255.255.255.0 172.31.1. 254 name VLAN2 /// Static Route coming from LAN
Posted by at No comments:

BGP Core Router Config

****Configuration Base On Diagram -5 & 6 ****

Diagram Link
http://cisconetlabs.blogspot.in/2011/11/network-diagram-topology-5.html
and
http://cisconetlabs.blogspot.in/2011/11/network-diagram-topology-6.html
-----------------------------Core Router Config Hub site---------------------
router bgp 65200
no synchronization
bgp log-neighbor-changes
network 0.0.0.0 //Default Network route
 network 10.x.x.x mask 255.255.255.0 // Local Network Advertised
network 172.x.x.x mask 255.255.255.0 // Local Network Advertised
redistribute static // Local Network Advertised Static Route
 neighbor 10.X.X.X remote-as 65200 //IBGP Neighbor Router
neighbor 10.X.X.X description IBGP_Router 2
neighbor 10.X.X.X next-hop-self
neighbor 200.X.X.X remote-as 10333 //EBGP Neighbor Router
neighbor 200.X.X.X description ISP-2 MPLS PE router
neighbor 200.X.X.X default-originate
neighbor 200.X.X.X allowas-in  // Optional command depend on scenario
no auto-summary

ip route 0.0.0.0 0.0.0.0 10.x.x.x
ip route 172.X.X.0 255.255.255.0 10.0.0.X
Posted by at No comments:

Data Centre Diagram Topology -7



Posted by at No comments:

Network Diagram Topology -6



---------------------------Core Router Config Hub site---------------------
router bgp 65200
no synchronization
bgp log-neighbor-changes
network 0.0.0.0 //Default Network route
 network 10.x.x.x mask 255.255.255.0 // Local Network Advertised
network 172.x.x.x mask 255.255.255.0 // Local Network Advertised
redistribute static // Local Network Advertised Static Route
 neighbor 10.X.X.X remote-as 65200 //IBGP Neighbor Router
neighbor 10.X.X.X description IBGP_Router 2
neighbor 10.X.X.X next-hop-self
neighbor 200.X.X.X remote-as 10333 //EBGP Neighbor Router
neighbor 200.X.X.X description ISP-2 MPLS PE router
neighbor 200.X.X.X default-originate
neighbor 200.X.X.X allowas-in  // Optional command depend on scenario
no auto-summary

ip route 0.0.0.0 0.0.0.0 10.x.x.x
ip route 172.X.X.0 255.255.255.0 10.0.0.X

-------------------------------------

-----------Branch Site Configuration-----------

router bgp 65200
no synchronization
bgp log-neighbor-changes
network 3.x.x.x mask 255.255.255.255 // Local Network Advertisednetwork 172.31.1.0 mask 255.255.255.0 // Local Network Advertisednetwork 172.31.2.0 mask 255.255.255.0 // Local Network Advertised
neighbor 200.10.x.x remote-as 10333 //EBGP Neighbor Routerneighbor 200.10.x.x description ISP-2 MPLS PE router
neighbor 200.10.x.x allowas-in
neighbor 172.31.1. 5 remote-as 65200 //IBGP Neighbor Router
neighbor 172.31.1. 5 description Neighbour IBGP Peer
neighbor 172.31.1. 5 next-hop-self
neighbor 172.31.1. 5 allowas-in
no auto-summary


ip route 172.31.1.0 255.255.255.0 172.31.1. 254 name Vlan1  /// Static Route coming from LAN
ip route 172.31.2.0 255.255.255.0 172.31.1. 254 name VLAN2 /// Static Route coming from LAN

Posted by at No comments:

Network Diagram Topology -5


---------------------------Core Router Config Hub site---------------------
router bgp 65200
no synchronization
bgp log-neighbor-changes
network 0.0.0.0 //Default Network route
 network 10.x.x.x mask 255.255.255.0 // Local Network Advertised
network 172.x.x.x mask 255.255.255.0 // Local Network Advertised
redistribute static // Local Network Advertised Static Route
 neighbor 10.X.X.X remote-as 65200 //IBGP Neighbor Router
neighbor 10.X.X.X description IBGP_Router 2
neighbor 10.X.X.X next-hop-self
neighbor 200.X.X.X remote-as 10333 //EBGP Neighbor Router
neighbor 200.X.X.X description ISP-2 MPLS PE router
neighbor 200.X.X.X default-originate
neighbor 200.X.X.X allowas-in  // Optional command depend on scenario
no auto-summary

ip route 0.0.0.0 0.0.0.0 10.x.x.x
ip route 172.X.X.0 255.255.255.0 10.0.0.X

-------------------------------------

-----------Branch Site Configuration-----------

router bgp 65200
no synchronization
bgp log-neighbor-changes
network 3.x.x.x mask 255.255.255.255 // Local Network Advertisednetwork 172.31.1.0 mask 255.255.255.0 // Local Network Advertisednetwork 172.31.2.0 mask 255.255.255.0 // Local Network Advertised
neighbor 200.10.x.x remote-as 10333 //EBGP Neighbor Routerneighbor 200.10.x.x description ISP-2 MPLS PE router
neighbor 200.10.x.x allowas-in
neighbor 172.31.1. 5 remote-as 65200 //IBGP Neighbor Router
neighbor 172.31.1. 5 description Neighbour IBGP Peer
neighbor 172.31.1. 5 next-hop-self
neighbor 172.31.1. 5 allowas-in
no auto-summary


ip route 172.31.1.0 255.255.255.0 172.31.1. 254 name Vlan1  /// Static Route coming from LAN
ip route 172.31.2.0 255.255.255.0 172.31.1. 254 name VLAN2 /// Static Route coming from LAN

Posted by at No comments:

Data Centre Diagram Topology -4



Posted by at No comments:

Data Centre Diagram Topology -3



Posted by at No comments:

Data Centre Diagram Topology -2



Posted by at No comments:

Data Centre Diagram Topology -1



Posted by at No comments:

Network Icon 3.2



Posted by at No comments:

Network Icon Used in post 3.1 Version



Posted by at No comments:

Sunday, September 11, 2011

BGP Backdoor


 BGP Backdoor work with EBGP











Note:
1. The EBGP is by Default preferred routing path as compare to other routing Protocol.
2. BGP backdoor will preferred if we use the command BGP backdoor in BGP routing.
3. The BGP routing table should match with Network statement.
4. Summary route should not use. The recommended is use particuler route.
5. Other IGP routing will prefer if we use BGP backdoor command.
6. EIGRP is most usable in Backdoor (recommended). Some other open standard OSPF could have problem in some Cisco IOS , you have to check the cisco IOS compatibility.

7. Using my EIGRP Green link  for Backdoor network
----------------------------------------R1-------------------------------

router eigrp 100
 network 172.22.1.253 0.0.0.0
  network 10.10.10.128 0.0.0.3
 network 11.11.11.11 0.0.0.0
 redistribute static route-map ONK
!
router bgp 65001
 no synchronization
 bgp log-neighbor-changes

 network 10.10.11.0 mask 255.255.255.0

 network 172.23.3.64 mask 255.255.255.192 backdoor
 network 172.23.3.128 mask 255.255.255.128 backdoor
 network 172.25.94.0 mask 255.255.255.192
 network 172.31.102.1 mask 255.255.255.255
 neighbor 10.10.10.17 remote-as 10201
 neighbor 10.10.10.17 description  ISP-1 MPLS PE router
 neighbor 10.10.10.17 allowas-in
 neighbor 172.22.1.252 remote-as 65001
 neighbor 172.22.1.252 description 1841 IBGP Peer
 neighbor 172.22.1.252 next-hop-self

route-map ONK permit 10
 match ip address 16

access-list 16 permit 172.22.11.128 0.0.0.127
access-list 16 permit 172.22.18.0 0.0.0.127

-------------------------------------------------------
----------------------------R2-----------------------

 !
router eigrp 100
 network 10.10.10.128 0.0.0.3
 network 22.22.22.22 0.0.0.0
 network 172.22.1.252 0.0.0.0
 redistribute static route-map ONK
!
router bgp 65001
 no synchronization
 bgp log-neighbor-changes

 network 10.10.11.0 mask 255.255.255.0
 network 172.23.3.64 mask 255.255.255.192 backdoor
 network 172.23.3.128 mask 255.255.255.128 backdoor
 network 172.25.94.0 mask 255.255.255.192
 network 172.31.102.2 mask 255.255.255.255
 neighbor 172.22.1.253 remote-as 65001
 neighbor 172.22.1.253 description 2811 IBGP Peer
 neighbor 172.22.1.253 next-hop-self
 neighbor 172.34.87.185 remote-as 9730
 neighbor 172.34.87.185 description ISP-2 MPLS PE router
 neighbor 172.34.87.185 allowas-in
 no auto-summary

route-map ONK permit 10
 match ip address 16

access-list 16 permit 172.22.11.128 0.0.0.127
access-list 16 permit 172.22.18.0 0.0.0.127

----------------------------------R3----------------------------

router eigrp 100
 redistribute static route-map ONK
 network 33.33.33.33 0.0.0.0
 network 172.23.0.252 0.0.0.0
 no auto-summary
!
router bgp 65001
 no synchronization
 bgp log-neighbor-changes

 network 172.22.11.128 mask 255.255.255.128 backdoor
 network 172.22.18.0 mask 255.255.255.128 backdoor
 network 172.31.106.1 mask 255.255.255.255
 neighbor 10.0.0.5 remote-as 10201
 neighbor 10.0.0.5 description ISP-1 MPLS PE Router
 neighbor 10.0.0.5 allowas-in
 neighbor 172.23.0.253 remote-as 65001
 neighbor 172.23.0.253 description 2811 IBGP Peer
 neighbor 172.23.0.253 next-hop-self
 no auto-summary

route-map ONK permit 10
 match ip address 16

access-list 16 permit 172.23.3.64 0.0.0.63
access-list 16 permit 172.23.3.128 0.0.0.127

----------------------------------R4---------------

router eigrp 100
 network 10.10.10.128 0.0.0.3
 network 172.23.0.253 0.0.0.0
 redistribute static route-map ONK
!
router bgp 65001
 no synchronization
 bgp log-neighbor-changes
 network 3.8.8.8 mask 255.255.255.255
 network 172.22.11.128 mask 255.255.255.128 backdoor
 network 172.22.18.0 mask 255.255.255.128 backdoor

 network 172.23.88.0 mask 255.255.255.0
 network 172.31.106.1 mask 255.255.255.255
 neighbor 172.23.0.252 remote-as 65001
 neighbor 172.23.0.252 description 1841 IBGP Peer
 neighbor 172.23.0.252 next-hop-self
 neighbor 172.34.125.21 remote-as 9730
 neighbor 172.34.125.21 description ISP-2 MPLS PE router
 neighbor 172.34.125.21 allowas-in
 no auto-summary
!
route-map ONK permit 10
 match ip address 16
access-list 16 permit 172.23.3.64 0.0.0.63
access-list 16 permit 172.23.3.128 0.0.0.127
 match ip address 16
!


BGP Backdoor work with EBGP








Posted by at No comments:
Subscribe to: Posts (Atom)