Vaibhava Networking Forum: Implementing Internet Access In MPLS VPN Using GRE Tunnel between PE-CE with NAT LAB

Config Guidelines
****************************************************************************************
ISP AS used 64513
IGP in ISP is ISIS with Loopbacks in Level-1 and Core Links in Level-2
EBGP used with Internet Router
Customer AS Used 64514
PE-CE Routing Protocol EBGP
Internet AS 64515
Lo0 and Lo1 used for Dummy Traffic
VRF Used CEA
rd 64513:1
rt 6413:100
CE1B is Normal IP Customer in AS 64516 running EBGP with PE2
CE1A and CE2A are VPN Sites with CE1A only having Internet Access.
GRE Tunnel Setup between Tunnel Interface 100 on CE1A and PE1 and Used
NAT Inside on Tu100 at PE1 and NAT Outisde on Core Link towards P
NAT Pool Used GRE_Internet 192.168.1/0/30
Extended ACL used 134 Denying 10.0.1.1/32 and Allowing anything else
CE1A has a default Route towards Tu100
ANy Non-VPN Traffic from CE1A comes to PE1 via Tu100 and get Natted Outbound to 192.168.1.1 and Goes to Internet Router
Internet Router has Reverse Route till PE1 and from there Reverse NAT Happens towards CE1A
***************************************************************************************
CE1A#sh running-config
Building configuration...
Current configuration : 1613 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname CE1A
!
boot-start-marker
boot-end-marker
!
no logging console
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
!
!
ip cef
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Tunnel100
description <>
ip address 192.168.1.17 255.255.255.252
tunnel source Serial1/0
tunnel destination 10.0.2.9
!
interface Loopback0
description <>
ip address 10.0.10.1 255.255.255.0
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial1/0
description <>
ip address 10.0.2.10 255.255.255.252
serial restart-delay 0
no dce-terminal-timing-enable
!
interface Serial1/1
no ip address
shutdown
serial restart-delay 0
no dce-terminal-timing-enable
!
interface Serial1/2
no ip address
shutdown
serial restart-delay 0
no dce-terminal-timing-enable
!
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
no dce-terminal-timing-enable
!
!
router bgp 64514
no synchronization
bgp log-neighbor-changes
redistribute connected route-map Local
neighbor 10.0.2.9 remote-as 64513
neighbor 10.0.2.9 description <>
neighbor 10.0.2.9 allowas-in 5
neighbor 10.0.2.9 soft-reconfiguration inbound
no auto-summary
!
ip http server
ip route 0.0.0.0 0.0.0.0 Tunnel100
!
!
!
!
route-map Local permit 10
match interface Loopback0
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
!
!
end
CE1A#
CE2A#sh running-config
Building configuration...
Current configuration : 1405 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname CE2A
!
boot-start-marker
boot-end-marker
!
no logging console
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
!
!
ip cef
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
description <>
ip address 10.0.20.1 255.255.255.0
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial1/0
description <>
ip address 10.0.2.6 255.255.255.252
serial restart-delay 0
no dce-terminal-timing-enable
!
interface Serial1/1
no ip address
shutdown
serial restart-delay 0
no dce-terminal-timing-enable
!
interface Serial1/2
no ip address
shutdown
serial restart-delay 0
no dce-terminal-timing-enable
!
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
no dce-terminal-timing-enable
!
!
router bgp 64514
no synchronization
bgp log-neighbor-changes
redistribute connected route-map Local
neighbor 10.0.2.5 remote-as 64513
neighbor 10.0.2.5 description <>
neighbor 10.0.2.5 allowas-in 5
neighbor 10.0.2.5 soft-reconfiguration inbound
no auto-summary
!
ip http server
!
!
!
!
route-map Local permit 10
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
!
!
end
CE2A#
CE1B#sh running-config
Building configuration...
Current configuration : 1418 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname CE1B
!
boot-start-marker
boot-end-marker
!
no logging console
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
!
!
ip cef
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
description <>
ip address 192.168.10.1 255.255.255.0
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial1/0
description <>
ip address 192.168.1.9 255.255.255.252
serial restart-delay 0
no dce-terminal-timing-enable
!
interface Serial1/1
no ip address
shutdown
serial restart-delay 0
no dce-terminal-timing-enable
!
interface Serial1/2
no ip address
shutdown
serial restart-delay 0
no dce-terminal-timing-enable
!
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
no dce-terminal-timing-enable
!
!
router bgp 64516
no synchronization
bgp log-neighbor-changes
redistribute connected route-map Local
neighbor 192.168.1.10 remote-as 64513
neighbor 192.168.1.10 description <>
neighbor 192.168.1.10 soft-reconfiguration inbound
no auto-summary
!
ip http server
!
!
!
!
route-map Local permit 10
match interface Loopback0
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
!
!
end
CE1B#
PE1#sh running-config
Building configuration...
Current configuration : 2825 bytes
!
version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname PE1
!
boot-start-marker
boot-end-marker
!
no logging console
!
no aaa new-model
ip subnet-zero
ip vrf CEA
description <>
rd 64513:1
route-target export 64513:100
route-target import 64513:100
!
!
!
!
!
ip cef
!
!
multilink bundle-name authenticated
mpls label protocol ldp
call rsvp-sync
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Tunnel100
description <>
ip address 192.168.1.18 255.255.255.252
ip nat inside
tunnel source Serial1/0
tunnel destination 10.0.2.10
tunnel vrf CEA
!
interface Loopback0
description <>
ip address 10.0.1.1 255.255.255.255
ip router isis
isis circuit-type level-1
!
interface FastEthernet0/0
no ip address
shutdown
duplex half
!
interface Serial1/0
description <>
ip vrf forwarding CEA
ip address 10.0.2.9 255.255.255.252
serial restart-delay 0
!
interface Serial1/1
description <>
ip address 192.168.1.1 255.255.255.252
ip nat outside
ip router isis
mpls label protocol ldp
mpls ip
serial restart-delay 0
isis circuit-type level-2-only
!
interface Serial1/2
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/4
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/5
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/6
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/7
no ip address
shutdown
serial restart-delay 0
!
router isis
net 49.0001.1111.2222.3333.00
!
router bgp 64513
no synchronization
bgp log-neighbor-changes
neighbor 10.0.2.1 remote-as 64513
neighbor 10.0.2.1 description <>
neighbor 10.0.2.1 update-source Loopback0
neighbor 10.0.3.1 remote-as 64513
neighbor 10.0.3.1 description <>
neighbor 10.0.3.1 next-hop-self
neighbor 10.0.3.1 soft-reconfiguration inbound
no auto-summary
!
address-family vpnv4
neighbor 10.0.2.1 activate
neighbor 10.0.2.1 send-community extended
exit-address-family
!
address-family ipv4 vrf CEA
no synchronization
redistribute connected
neighbor 10.0.2.10 remote-as 64514
neighbor 10.0.2.10 description <>
neighbor 10.0.2.10 activate
neighbor 10.0.2.10 soft-reconfiguration inbound
exit-address-family
!
ip nat pool GRE_Internet 192.168.1.1 192.168.1.2 netmask 255.255.255.252
ip nat inside source list 134 pool GRE_Internet overload
ip classless
!
!
no ip http server
no ip http secure-server
!
access-list 134 deny ip host 10.0.1.1 any
access-list 134 permit ip any any
!
!
mpls ldp router-id Loopback0
!
control-plane
!
!
dial-peer cor custom
!
!
!
!
gatekeeper
shutdown
!
!
line con 0
stopbits 1
line aux 0
line vty 0 4
!
end
PE1#
PE2#sh running-config
Building configuration...
Current configuration : 2770 bytes
!
version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname PE2
!
boot-start-marker
boot-end-marker
!
no logging console
!
no aaa new-model
ip subnet-zero
ip vrf CEA
description <>
rd 64513:1
route-target export 64513:100
route-target import 64513:100
!
!
!
!
!
ip cef
!
!
multilink bundle-name authenticated
mpls label protocol ldp
call rsvp-sync
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
description <>
ip address 10.0.2.1 255.255.255.255
ip router isis
isis circuit-type level-1
!
interface FastEthernet0/0
no ip address
shutdown
duplex half
!
interface Serial1/0
description <>
ip address 192.168.1.5 255.255.255.252
ip router isis
mpls label protocol ldp
mpls ip
serial restart-delay 0
isis circuit-type level-2-only
!
interface Serial1/1
description <>
ip address 192.168.1.10 255.255.255.252
serial restart-delay 0
!
interface Serial1/2
description <>
ip vrf forwarding CEA
ip address 10.0.2.5 255.255.255.252
!
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/4
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/5
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/6
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/7
no ip address
shutdown
serial restart-delay 0
!
router isis
net 49.0002.2222.3333.4444.00
redistribute connected route-map Local
!
router bgp 64513
no synchronization
bgp log-neighbor-changes
neighbor 10.0.1.1 remote-as 64513
neighbor 10.0.1.1 description <>
neighbor 10.0.1.1 update-source Loopback0
neighbor 10.0.3.1 remote-as 64513
neighbor 10.0.3.1 description <>
neighbor 10.0.3.1 update-source Loopback0
neighbor 10.0.3.1 next-hop-self
neighbor 10.0.3.1 soft-reconfiguration inbound
neighbor 192.168.1.9 remote-as 64516
neighbor 192.168.1.9 description <>
neighbor 192.168.1.9 default-originate
neighbor 192.168.1.9 soft-reconfiguration inbound
no auto-summary
!
address-family vpnv4
neighbor 10.0.1.1 activate
neighbor 10.0.1.1 send-community extended
exit-address-family
!
address-family ipv4 vrf CEA
no synchronization
redistribute connected
neighbor 10.0.2.6 remote-as 64514
neighbor 10.0.2.6 description <>
neighbor 10.0.2.6 activate
neighbor 10.0.2.6 send-community extended
neighbor 10.0.2.6 soft-reconfiguration inbound
exit-address-family
!
ip classless
!
!
no ip http server
no ip http secure-server
!
!
route-map Local permit 10
match interface Serial1/1
!
!
!
control-plane
!
!
dial-peer cor custom
!
!
!
!
gatekeeper
shutdown
!
!
line con 0
stopbits 1
line aux 0
line vty 0 4
!
end
PE2#
P#sh running-config
Building configuration...
Current configuration : 2460 bytes
!
version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname P
!
boot-start-marker
boot-end-marker
!
no logging console
!
no aaa new-model
ip subnet-zero
!
!
!
!
ip cef
!
!
multilink bundle-name authenticated
mpls label protocol ldp
call rsvp-sync
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
description <>
ip address 10.0.3.1 255.255.255.255
ip router isis
isis circuit-type level-1
!
interface FastEthernet0/0
no ip address
shutdown
duplex half
!
interface Serial1/0
description <>
ip address 192.168.1.2 255.255.255.252
ip router isis
mpls label protocol ldp
mpls ip
serial restart-delay 0
isis circuit-type level-2-only
!
interface Serial1/1
description <>
ip address 172.16.1.1 255.255.255.252
serial restart-delay 0
!
interface Serial1/2
description <>
ip address 192.168.1.6 255.255.255.252
ip router isis
mpls label protocol ldp
mpls ip
serial restart-delay 0
isis circuit-type level-2-only
!
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/4
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/5
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/6
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/7
no ip address
shutdown
serial restart-delay 0
!
router isis
net 49.0003.3333.2222.1111.00
redistribute connected route-map Local
!
router bgp 64513
no synchronization
bgp log-neighbor-changes
aggregate-address 192.168.0.0 255.255.0.0 summary-only
neighbor 10.0.1.1 remote-as 64513
neighbor 10.0.1.1 description <>
neighbor 10.0.1.1 update-source Loopback0
neighbor 10.0.1.1 next-hop-self
neighbor 10.0.1.1 soft-reconfiguration inbound
neighbor 10.0.2.1 remote-as 64513
neighbor 10.0.2.1 description <>
neighbor 10.0.2.1 update-source Loopback0
neighbor 10.0.2.1 next-hop-self
neighbor 10.0.2.1 soft-reconfiguration inbound
neighbor 172.16.1.2 remote-as 64515
neighbor 172.16.1.2 description <>
neighbor 172.16.1.2 soft-reconfiguration inbound
no auto-summary
!
ip classless
!
!
no ip http server
no ip http secure-server
!
!
route-map Local permit 10
match interface Serial1/1
!
!
mpls ldp router-id Loopback0
!
control-plane
!
!
dial-peer cor custom
!
!
!
!
gatekeeper
shutdown
!
!
line con 0
stopbits 1
line aux 0
line vty 0 4
!
end
P#
P#
Internet_Router#sh running-config
Building configuration...
Current configuration : 1560 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Internet_Router
!
boot-start-marker
boot-end-marker
!
no logging console
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
!
!
ip cef
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
description <>
ip address 172.16.10.1 255.255.255.0
!
interface Loopback1
description <>
ip address 172.16.20.1 255.255.255.0
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial1/0
description <>
ip address 172.16.1.2 255.255.255.252
serial restart-delay 0
no dce-terminal-timing-enable
!
interface Serial1/1
no ip address
shutdown
serial restart-delay 0
no dce-terminal-timing-enable
!
interface Serial1/2
no ip address
shutdown
serial restart-delay 0
no dce-terminal-timing-enable
!
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
no dce-terminal-timing-enable
!
!
router bgp 64515
no synchronization
bgp log-neighbor-changes
redistribute connected route-map Local
neighbor 172.16.1.1 remote-as 64513
neighbor 172.16.1.1 description <>
neighbor 172.16.1.1 default-originate
neighbor 172.16.1.1 soft-reconfiguration inbound
no auto-summary
!
ip http server
!
!
!
!
route-map Local permit 10
match interface Loopback0
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
!
!
end
Internet_Router#
Internet_Router#
************************************************************************************************
OUTPUT
*************************************************************************************************
CE1A#ping 172.16.20.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.20.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 112/232/340 ms
CE1A#tra
CE1A#traceroute 172.16.20.1
Type escape sequence to abort.
Tracing the route to 172.16.20.1
1 192.168.1.18 96 msec 100 msec 152 msec
2 192.168.1.2 244 msec 224 msec 300 msec
3 172.16.1.2 372 msec 244 msec *
CE1A#
CE1A#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is 0.0.0.0 to network 0.0.0.0
10.0.0.0/8 is variably subnetted, 4 subnets, 2 masks
C 10.0.10.0/24 is directly connected, Loopback0
C 10.0.2.8/30 is directly connected, Serial1/0
B 10.0.2.4/30 [20/0] via 10.0.2.9, 00:12:01
B 10.0.20.0/24 [20/0] via 10.0.2.9, 00:12:01
192.168.1.0/30 is subnetted, 1 subnets
C 192.168.1.16 is directly connected, Tunnel100
S* 0.0.0.0/0 is directly connected, Tunnel100
CE1A#
CE1A#ping 10.0.20.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.20.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 100/224/368 ms
CE1A#tra
CE1A#traceroute 10.0.20.1
Type escape sequence to abort.
Tracing the route to 10.0.20.1
1 10.0.2.9 112 msec 80 msec 180 msec
2 192.168.1.2 292 msec 492 msec 140 msec
3 10.0.2.5 [AS 64513] 168 msec 140 msec 260 msec
4 10.0.2.6 [AS 64513] 156 msec 232 msec *
CE1A#
PE1#show ip nat translations
Pro Inside global Inside local Outside local Outside global
udp 192.168.1.1:4501 192.168.1.1:646 224.0.0.2:646 224.0.0.2:646
udp 192.168.1.1:4502 192.168.1.17:49157 172.16.20.1:33437 172.16.20.1:33437
udp 192.168.1.1:4503 192.168.1.17:49158 172.16.20.1:33438 172.16.20.1:33438
udp 192.168.1.1:4504 192.168.1.17:49159 172.16.20.1:33439 172.16.20.1:33439
udp 192.168.1.1:4505 192.168.1.17:49160 172.16.20.1:33440 172.16.20.1:33440
udp 192.168.1.1:4506 192.168.1.17:49161 172.16.20.1:33441 172.16.20.1:33441
udp 192.168.1.1:4507 192.168.1.17:49162 172.16.20.1:33442 172.16.20.1:33442
PE1#
PE1#show access-lists
Extended IP access list 134
10 deny ip host 10.0.1.1 any (51 matches)
20 permit ip any any (11 matches)
PE1#
PE1#show ip nat statistics
Total active translations: 7 (0 static, 7 dynamic; 7 extended)
Outside interfaces:
Serial1/1
Inside interfaces:
Tunnel100
Hits: 245 Misses: 0
CEF Translated packets: 46, CEF Punted packets: 19
Expired translations: 9
Dynamic mappings:
#NAME?
[Id: 5] access-list 134 pool GRE_Internet refcount 7
pool GRE_Internet: netmask 255.255.255.252
start 192.168.1.1 end 192.168.1.2
type generic, total addresses 2, allocated 1 (50%), misses 0
PE1#
PE1#sh ip route vrf CEA
Routing Table: CEA
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, + - replicated route
Gateway of last resort is not set
10.0.0.0/8 is variably subnetted, 5 subnets, 3 masks
B 10.0.2.4/30 [200/0] via 10.0.2.1, 00:11:10
C 10.0.2.8/30 is directly connected, Serial1/0
L 10.0.2.9/32 is directly connected, Serial1/0
B 10.0.10.0/24 [20/0] via 10.0.2.10, 00:53:14
B 10.0.20.0/24 [200/0] via 10.0.2.1, 00:11:10
PE1#
PE1#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, + - replicated route
Gateway of last resort is 10.0.3.1 to network 0.0.0.0
B* 0.0.0.0/0 [200/0] via 10.0.3.1, 00:12:27
10.0.0.0/32 is subnetted, 3 subnets
C 10.0.1.1 is directly connected, Loopback0
i L2 10.0.2.1 [115/30] via 192.168.1.2, Serial1/1
i L2 10.0.3.1 [115/20] via 192.168.1.2, Serial1/1
172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
i L2 172.16.1.0/30 [115/10] via 192.168.1.2, Serial1/1
B 172.16.10.0/24 [200/0] via 10.0.3.1, 00:12:27
B 192.168.0.0/16 [200/0] via 10.0.3.1, 00:12:27
192.168.1.0/24 is variably subnetted, 6 subnets, 2 masks
C 192.168.1.0/30 is directly connected, Serial1/1
L 192.168.1.1/32 is directly connected, Serial1/1
i L2 192.168.1.4/30 [115/20] via 192.168.1.2, Serial1/1
i L2 192.168.1.8/30 [115/20] via 192.168.1.2, Serial1/1
C 192.168.1.16/30 is directly connected, Tunnel100
L 192.168.1.18/32 is directly connected, Tunnel100
B 192.168.10.0/24 [200/0] via 192.168.1.9, 00:12:33
PE1#
PE1#
CE2A#ping 10.0.10.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.10.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 120/220/284 ms
CE2A#sh ip rou
CE2A#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
10.0.0.0/8 is variably subnetted, 4 subnets, 2 masks
B 10.0.10.0/24 [20/0] via 10.0.2.5, 00:10:13
B 10.0.2.8/30 [20/0] via 10.0.2.5, 00:10:13
C 10.0.2.4/30 is directly connected, Serial1/0
C 10.0.20.0/24 is directly connected, Loopback0
CE2A#
CE2A#ping 172.16.20.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.20.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
CE2A#
CE1B#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is 192.168.1.10 to network 0.0.0.0
C 192.168.10.0/24 is directly connected, Loopback0
172.16.0.0/24 is subnetted, 1 subnets
B 172.16.10.0 [20/0] via 192.168.1.10, 01:33:46
192.168.1.0/30 is subnetted, 1 subnets
C 192.168.1.8 is directly connected, Serial1/0
B* 0.0.0.0/0 [20/0] via 192.168.1.10, 01:37:33
B 192.168.0.0/16 [20/0] via 192.168.1.10, 01:20:11
CE1B#ping 172.16.20.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.20.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 104/164/268 ms
CE1B#tra
CE1B#traceroute 172.16.20.1
Type escape sequence to abort.
Tracing the route to 172.16.20.1
1 192.168.1.10 [AS 64513] 144 msec 140 msec 64 msec
2 192.168.1.6 [AS 64513] 84 msec 148 msec 40 msec
3 172.16.1.2 [AS 64513] 216 msec 176 msec *
CE1B#
CE1B#ping 10.0.10.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.10.1, timeout is 2 seconds:
U.U.U
Success rate is 0 percent (0/5)
CE1B#
PE2#sh ip route vrf CEA
Routing Table: CEA
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, + - replicated route
Gateway of last resort is not set
10.0.0.0/8 is variably subnetted, 5 subnets, 3 masks
C 10.0.2.4/30 is directly connected, Serial1/2
L 10.0.2.5/32 is directly connected, Serial1/2
B 10.0.2.8/30 [200/0] via 10.0.1.1, 00:13:24
B 10.0.10.0/24 [200/0] via 10.0.1.1, 00:13:24
B 10.0.20.0/24 [20/0] via 10.0.2.6, 01:08:07
PE2#sh ip rou
PE2#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, + - replicated route
Gateway of last resort is 10.0.3.1 to network 0.0.0.0
B* 0.0.0.0/0 [200/0] via 10.0.3.1, 01:35:08
10.0.0.0/32 is subnetted, 3 subnets
i L2 10.0.1.1 [115/30] via 192.168.1.6, Serial1/0
C 10.0.2.1 is directly connected, Loopback0
i L2 10.0.3.1 [115/20] via 192.168.1.6, Serial1/0
172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
i L2 172.16.1.0/30 [115/10] via 192.168.1.6, Serial1/0
B 172.16.10.0/24 [200/0] via 10.0.3.1, 01:34:17
B 192.168.0.0/16 [200/0] via 10.0.3.1, 01:21:55
192.168.1.0/24 is variably subnetted, 5 subnets, 2 masks
i L2 192.168.1.0/30 [115/20] via 192.168.1.6, Serial1/0
C 192.168.1.4/30 is directly connected, Serial1/0
L 192.168.1.5/32 is directly connected, Serial1/0
C 192.168.1.8/30 is directly connected, Serial1/1
L 192.168.1.10/32 is directly connected, Serial1/1
B 192.168.10.0/24 [20/0] via 192.168.1.9, 01:39:16
PE2#
PE2#
PE2#
P#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, + - replicated route
Gateway of last resort is 172.16.1.2 to network 0.0.0.0
B* 0.0.0.0/0 [20/0] via 172.16.1.2, 01:47:06
10.0.0.0/32 is subnetted, 3 subnets
i L2 10.0.1.1 [115/20] via 192.168.1.1, Serial1/0
i L2 10.0.2.1 [115/20] via 192.168.1.5, Serial1/2
C 10.0.3.1 is directly connected, Loopback0
172.16.0.0/16 is variably subnetted, 3 subnets, 3 masks
C 172.16.1.0/30 is directly connected, Serial1/1
L 172.16.1.1/32 is directly connected, Serial1/1
B 172.16.10.0/24 [20/0] via 172.16.1.2, 01:47:29
B 192.168.0.0/16 [200/0] via 0.0.0.0, 01:22:53, Null0
192.168.1.0/24 is variably subnetted, 5 subnets, 2 masks
C 192.168.1.0/30 is directly connected, Serial1/0
L 192.168.1.2/32 is directly connected, Serial1/0
C 192.168.1.4/30 is directly connected, Serial1/2
L 192.168.1.6/32 is directly connected, Serial1/2
i L2 192.168.1.8/30 [115/10] via 192.168.1.5, Serial1/2
B 192.168.10.0/24 [200/0] via 10.0.2.1, 01:36:26
P#
P#
P#sh ip bgp summary
BGP router identifier 10.0.3.1, local AS number 64513
BGP table version is 18, main routing table version 18
4 network entries using 484 bytes of memory
4 path entries using 208 bytes of memory
5/4 BGP path/bestpath attribute entries using 380 bytes of memory
2 BGP AS-PATH entries using 48 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1120 total bytes of memory
BGP activity 7/3 prefixes, 7/3 paths, scan interval 60 secs
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
10.0.1.1 4 64513 19 22 18 0 0 00:14:22 0
10.0.2.1 4 64513 110 117 18 0 0 01:36:47 1
172.16.1.2 4 64515 114 128 18 0 0 01:48:20 2
P#
Internet_Router#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
172.16.0.0/16 is variably subnetted, 3 subnets, 2 masks
C 172.16.20.0/24 is directly connected, Loopback1
C 172.16.10.0/24 is directly connected, Loopback0
C 172.16.1.0/30 is directly connected, Serial1/0
B 192.168.0.0/16 [20/0] via 172.16.1.1, 01:24:15
Internet_Router#

Vaibhava Networking Forum

Saturday, December 19, 2009

Implementing Internet Access In MPLS VPN Using GRE Tunnel between PE-CE with NAT LAB

No comments:

Post a Comment

Followers

Blog Archive

About Me