2013/11/14

WB1 7.13 BGP over GRE

• Configure R4 in AS 100, with an EBGP peering to BB3 in AS 54.
• Configure R2 in AS 200, with an EBGP peering to BB2 in AS 254 using the password CISCO.
• Configure an EBGP peering between R2 and R4.
• Advertise the Loopback0 networks of R2 and R4 into BGP.
• Ensure that R2 can reach prefixes learned from AS 54, and R4 can reach prefixes learned from AS 254 when sourcing traffic from their Loopback0 networks.
• Do not redistribute between BGP and IGP to accomplish this.

Note
Using automatic tunneling techniques along with BGP is the core of MPLS VPNs.
While those are not yet covered within the score of CCIE R&S blueprint, it worth seeing the effect of using simple manual tunnels along with BGP.
Two devices peer BGP (this could be eBGP or iBGP session) across non-BGP capable router cloud. This configuration would mean that any attempt to reach a BGP prefix across the non-BGP cloud would result in prefix black-holing.

However, if we establish a direct tunnel between the BGP peers and force all packets go across the tunnel, the non-BGP devices will never ever notice those packets. Thus, the “unknown” addresses will be hidden from the “core” network, only appearing at the edges routers that know about them.

Notice the trick used in the solution. While the “core” IP addresses are used for BGP peering, next-hops in BGP prefixes are modified to point to the tunnel endpoints. Alternatively, you could have peer directly off the tunnel endpoints or even used policy routing to divert packets to the tunnel interfaces.

Configuration

R2:
interface Tunnel0
ip address 10.0.0.2 255.255.255.0
tunnel source 155.1.23.2
tunnel destination 155.1.146.4
!
router bgp 200
neighbor 155.1.146.4 remote-as 100
neighbor 155.1.146.4 ebgp-multihop 255
neighbor 192.10.1.254 remote-as 254
neighbor 192.10.1.254 password CISCO
network 150.1.2.0 mask 255.255.255.0

R4:
interface Tunnel0
ip address 10.0.0.4 255.255.255.0
tunnel source 155.1.146.4
tunnel destination 155.1.23.2
!
route-map SET_NEXT_HOP_TO_TUNNEL_OUT permit 10
set ip next-hop 10.0.0.4
!
route-map SET_NEXT_HOP_TO_TUNNEL_IN permit 10
set ip next-hop 10.0.0.2
!
router bgp 100
neighbor 155.1.23.2 remote-as 200
neighbor 155.1.23.2 ebgp-multihop 255
neighbor 155.1.23.2 route-map SET_NEXT_HOP_TO_TUNNEL_OUT out
neighbor 155.1.23.2 route-map SET_NEXT_HOP_TO_TUNNEL_IN in
neighbor 204.12.1.254 remote-as 54
network 150.1.4.0 mask 255.255.255.0
張貼者:
標籤: ,

沒有留言:

張貼留言

訂閱: 張貼留言 (Atom)