Confgiguration Guidelines
*************************************************************************
Scenario - A Multihomed MPLS VPN Customer wants to do Split Routing for Internet
Access with the /24 Public IP Block Provided by One of the ISP. He wants to use 2 /25s
on his LAN for his two departments and have one department using ISPA for Forward/Reverse
Traffic and other department using ISPB for Forward/Reverse Traffic
Design Considerations and Soultions:
Both the ISPs can only announce the /24 to Internet Peerings as /24 is the Lowest Prefix
allowed over Public Internet.
To Provide this Kind of Service a must is for
both of the ISPs to have a Peering between them accepting More Specific Prefixes than /24
so that Internally they can accept the /25s and manipulate Local Pref higher on one of the
/25s to direct the return traffic via another ISP.
For Forward traffic diversion on each ISP Links we need to use Policy Based Routing on the
LAN Side and set the Next Hop for each /25 towards each ISP.
In case of PBR when the Next Hop is unavailable the routing is automatically switched over to
the best available path in the routing table for the destination in Question.
For WAN Redundancy between ISPs both the ISPs share Internet Traffic on their Peering Links.
Also since this MPLS VPN Services Both ISPs are providing Internet Access over the Public
IP Block via Global Route Leaking.
Caveats: This design will suffer from having a Dedicated peering between ISPs to achieve the
desired traffic optimization. Also they both should agree to accept >/24 Prefixes.
ISP A AS used 64514-
VRF USed CEA
rd 64514:1
rt 64514:100
ISP B AS used 64513-
VRF USed CEA
rd 64513:1
rt 64513:100
Customer AS used 64514
PE-CE ROuting Protocol is EBGP
IGP is OSPF
Traffic Optimized as:
Normal Condition- CE1A SendS Forward Traffic via ISPA
and Recives Return via ISPA
CE2A SendS Forward Traffic via ISPB
and Recives Return via ISPA-ISPB
Problem Condition 1- ISP A WAN Connection to CEA Down.
CE1A SendS Forward Traffic via ISPB through PBR Failing and
automatic Switchover to ISPB WAN Link and Recives Return via ISPB.
This Switchover will cause Traffic Disruption for ~30 Seconds for CE1A Users
CE2A SendS Forward Traffic via ISPB
and Recives Return via ISPB Normally as Before
Problem Condition3- ISP A WAN Connection to Internet Down.
CE1A SendS Forward Traffic via ISPA-ISPB through BGP Failover Redundancy in ISP Core
and automatic Switchover to ISPB WAN Link and Recives Return via ISPB.
This Switchover will cause Traffic Disruption for ~30 Seconds for CE1A Users
CE2A SendS Forward Traffic via ISPB
and Recives Return via ISPB Normally as Before
Problem Condition3- ISP A WAN Connection to Internet Down.
CE1A SendS Forward Traffic via ISPA-ISPB through BGP Failover Redundancy in ISP Core
and automatic Switchover to ISPB WAN Link and Recives Return via ISPB.
This Switchover will cause Traffic Disruption for ~30 Seconds for CE1A Users
CE2A SendS Forward Traffic via ISPB
and Recives Return via ISPB Normally as Before
Problem Condition4- ISP B WAN Connection to Internet Down.
CE2A SendS Forward Traffic via ISPB-ISPA through BGP Failover Redundancy in ISP Core
and automatic Switchover to ISPA WAN Link and Recives Return via ISPA-ISPB.
This Switchover will cause Traffic Disruption for ~30 Seconds for CE2A Users
CE1A SendS Forward Traffic via ISPA
and Recives Return via ISPA Normally as Before
*********************************************************
****************************************************************************
CE1A#sh running-config
Building configuration...
Current configuration : 685 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname CE1A
!
boot-start-marker
boot-end-marker
!
no logging console
!
memory-size iomem 15
no aaa new-model
ip subnet-zero
ip cef
!
!
!
no ip domain lookup
no ftp-server write-enable
!
!
!
!
interface FastEthernet0/0
ip address 10.0.100.2 255.255.255.128
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
router ospf 1
log-adjacency-changes
network 10.0.0.0 0.255.255.255 area 0
!
ip classless
ip route 0.0.0.0 0.0.0.0 FastEthernet0/0
ip http server
!
!
line con 0
line aux 0
line vty 0 4
!
!
!
end
CE1A#
CE2A#sh running-config
Building configuration...
Current configuration : 687 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname CE2A
!
boot-start-marker
boot-end-marker
!
no logging console
!
memory-size iomem 15
no aaa new-model
ip subnet-zero
ip cef
!
!
!
no ip domain lookup
no ftp-server write-enable
!
!
!
!
interface FastEthernet0/0
ip address 10.0.100.130 255.255.255.128
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
router ospf 1
log-adjacency-changes
network 10.0.0.0 0.255.255.255 area 0
!
ip classless
ip route 0.0.0.0 0.0.0.0 FastEthernet0/0
ip http server
!
!
line con 0
line aux 0
line vty 0 4
!
!
!
end
CE2A#
CE2A#
CEA#sh running-config
Building configuration...
Current configuration : 1949 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname CEA
!
boot-start-marker
boot-end-marker
!
no logging console
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
!
!
ip cef
no ip domain lookup
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface FastEthernet0/0
description CE1A
ip address 10.0.100.1 255.255.255.128
ip policy route-map ISPA
duplex auto
speed auto
!
interface FastEthernet0/1
description CE2A
ip address 10.0.100.129 255.255.255.128
ip policy route-map ISPB
duplex auto
speed auto
!
interface Serial1/0
description ISPA
ip address 10.0.2.1 255.255.255.252
serial restart-delay 0
no dce-terminal-timing-enable
no fair-queue
!
interface Serial1/1
description <
ip address 10.0.1.1 255.255.255.252
serial restart-delay 0
no dce-terminal-timing-enable
!
interface Serial1/2
no ip address
shutdown
serial restart-delay 0
no dce-terminal-timing-enable
!
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
no dce-terminal-timing-enable
!
!
router ospf 1
log-adjacency-changes
network 10.0.0.0 0.255.255.255 area 0
!
router bgp 64515
no synchronization
bgp log-neighbor-changes
network 10.0.100.0 mask 255.255.255.0
network 10.0.100.0 mask 255.255.255.128
network 10.0.100.128 mask 255.255.255.128
neighbor 10.0.1.2 remote-as 64513
neighbor 10.0.1.2 soft-reconfiguration inbound
neighbor 10.0.2.2 remote-as 64514
neighbor 10.0.2.2 soft-reconfiguration inbound
no auto-summary
!
ip http server
ip route 10.0.100.0 255.255.255.0 Null0
!
!
!
access-list 113 permit ip 10.0.100.128 0.0.0.127 any
access-list 114 permit ip 10.0.100.0 0.0.0.127 any
!
route-map ISPB permit 10
match ip address 113
set ip next-hop 10.0.1.2
!
route-map ISPA permit 10
match ip address 114
set ip next-hop 10.0.2.2
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
line con 0
exec-timeout 0 0
line aux 0
line vty 0 4
!
!
end
CEA#
ISPB#sh running-config
Building configuration...
Current configuration : 3394 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname ISPB
!
boot-start-marker
boot-end-marker
!
no logging console
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
!
!
ip cef
no ip domain lookup
!
!
ip vrf CEA
rd 64513:1
route-target export 64513:100
route-target import 64513:100
!
mpls label protocol ldp
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
ip address 192.168.1.254 255.255.255.255
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial1/0
description <
ip address 192.168.1.1 255.255.255.252
serial restart-delay 0
no dce-terminal-timing-enable
no fair-queue
!
interface Serial1/1
ip address 192.168.1.5 255.255.255.252
no dce-terminal-timing-enable
!
interface Serial1/2
ip vrf forwarding CEA
ip address 10.0.1.2 255.255.255.252
serial restart-delay 0
no dce-terminal-timing-enable
!
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
no dce-terminal-timing-enable
!
!
router bgp 64513
no bgp default ipv4-unicast
no bgp default route-target filter
bgp log-neighbor-changes
neighbor 192.168.1.2 remote-as 64516
neighbor 192.168.1.6 remote-as 64514
!
address-family ipv4
neighbor 192.168.1.2 activate
neighbor 192.168.1.2 soft-reconfiguration inbound
neighbor 192.168.1.2 route-map From_Internet in
neighbor 192.168.1.2 route-map Internet out
neighbor 192.168.1.6 activate
neighbor 192.168.1.6 soft-reconfiguration inbound
neighbor 192.168.1.6 route-map From_ISPA in
neighbor 192.168.1.6 route-map To_ISPA out
no auto-summary
no synchronization
network 10.0.100.0 mask 255.255.255.0
network 10.0.100.0 mask 255.255.255.128
network 10.0.100.128 mask 255.255.255.128
network 192.168.1.0
exit-address-family
!
address-family ipv4 vrf CEA
neighbor 10.0.1.1 remote-as 64515
neighbor 10.0.1.1 activate
neighbor 10.0.1.1 default-originate
neighbor 10.0.1.1 soft-reconfiguration inbound
no synchronization
exit-address-family
!
ip http server
ip route 10.0.100.0 255.255.255.0 Null0
ip route 10.0.100.0 255.255.255.128 Serial1/2
ip route 10.0.100.128 255.255.255.128 Serial1/2
ip route 192.168.1.0 255.255.255.0 Null0
ip route vrf CEA 0.0.0.0 0.0.0.0 Serial1/0 192.168.1.2 global
ip route vrf CEA 0.0.0.0 0.0.0.0 192.168.1.5 global 14
!
!
ip bgp-community new-format
ip community-list 113 permit 64513:999
!
!
ip prefix-list Aggregates seq 5 permit 192.168.1.0/24
!
ip prefix-list Internet seq 5 deny 10.0.100.0/25
ip prefix-list Internet seq 10 deny 10.0.100.128/25
ip prefix-list Internet seq 15 permit 10.0.100.0/24
!
ip prefix-list To_ISPA seq 5 permit 10.0.100.128/25
ip prefix-list To_ISPA seq 10 permit 10.0.100.0/25
ip prefix-list To_ISPA seq 15 permit 192.168.1.0/24
!
route-map Internet permit 10
match ip address prefix-list Internet
set as-path prepend 64513 64513
!
route-map Internet permit 20
match ip address prefix-list Aggregates
!
route-map Internet permit 30
match community 113 64513:999
!
route-map From_Internet permit 10
set community 64513:999
!
route-map From_ISPA permit 10
set community 64513:999
!
route-map To_ISPA permit 10
match ip address prefix-list To_ISPA
!
route-map To_ISPA permit 20
match community 113
!
!
mpls ldp router-id Loopback0
!
!
control-plane
!
!
!
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
!
!
end
ISPB#
ISPB#
ISPA#sh running-config
Building configuration...
% MPLS not supported on interface Loopback0
Current configuration : 2858 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname ISPA
!
boot-start-marker
boot-end-marker
!
no logging console
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
!
!
ip cef
no ip domain lookup
!
!
ip vrf CEA
rd 64514:1
route-target export 64514:100
route-target import 64514:100
!
mpls label protocol ldp
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
ip address 172.16.1.254 255.255.255.255
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial1/0
ip vrf forwarding CEA
ip address 10.0.2.2 255.255.255.252
serial restart-delay 0
no dce-terminal-timing-enable
no fair-queue
!
interface Serial1/1
ip address 172.16.1.1 255.255.255.252
no dce-terminal-timing-enable
!
interface Serial1/2
ip address 192.168.1.6 255.255.255.252
serial restart-delay 0
no dce-terminal-timing-enable
!
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
no dce-terminal-timing-enable
!
!
router bgp 64514
bgp router-id 172.16.1.254
no bgp default ipv4-unicast
no bgp default route-target filter
bgp log-neighbor-changes
neighbor 172.16.1.2 remote-as 64516
neighbor 192.168.1.5 remote-as 64513
!
address-family ipv4
neighbor 172.16.1.2 activate
neighbor 172.16.1.2 soft-reconfiguration inbound
neighbor 172.16.1.2 route-map Internet out
neighbor 192.168.1.5 activate
neighbor 192.168.1.5 soft-reconfiguration inbound
neighbor 192.168.1.5 route-map From_ISPB in
no auto-summary
no synchronization
network 10.0.100.0 mask 255.255.255.0
network 10.0.100.0 mask 255.255.255.128
network 10.0.100.128 mask 255.255.255.128
network 172.16.1.0 mask 255.255.255.0
exit-address-family
!
address-family ipv4 vrf CEA
neighbor 10.0.2.1 remote-as 64515
neighbor 10.0.2.1 activate
neighbor 10.0.2.1 default-originate
neighbor 10.0.2.1 soft-reconfiguration inbound
no synchronization
exit-address-family
!
ip http server
ip route 10.0.100.0 255.255.255.0 Null0
ip route 10.0.100.0 255.255.255.128 Serial1/0
ip route 10.0.100.128 255.255.255.128 Serial1/0 254
ip route 172.16.1.0 255.255.255.0 Null0
ip route vrf CEA 0.0.0.0 0.0.0.0 Serial1/1 172.16.1.2 global
ip route vrf CEA 0.0.0.0 0.0.0.0 192.168.1.6 global 13
!
!
!
!
ip prefix-list From_ISPB seq 5 permit 10.0.100.128/25
!
ip prefix-list Internet seq 5 permit 10.0.100.0/24
ip prefix-list Internet seq 10 permit 172.16.1.0/24
ip prefix-list Internet seq 15 permit 192.168.1.0/24
!
route-map Internet permit 10
match ip address prefix-list Internet
!
route-map From_ISPB permit 10
match ip address prefix-list From_ISPB
set local-preference 160
set weight 32769
!
route-map From_ISPB permit 20
!
!
mpls ldp router-id Loopback0
!
!
control-plane
!
!
!
!
!
!
!
!
line con 0
exec-timeout 0 0
line aux 0
line vty 0 4
!
!
end
ISPA#
ISPA#
Internet#sh running-config
Building configuration...
Current configuration : 1596 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Internet
!
boot-start-marker
boot-end-marker
!
no logging console
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
!
!
ip cef
no ip domain lookup
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
ip address 10.0.254.1 255.255.255.0
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial1/0
description <
ip address 172.16.1.2 255.255.255.252
serial restart-delay 0
no dce-terminal-timing-enable
no fair-queue
!
interface Serial1/1
description <
ip address 192.168.1.2 255.255.255.252
serial restart-delay 0
no dce-terminal-timing-enable
!
interface Serial1/2
no ip address
shutdown
serial restart-delay 0
no dce-terminal-timing-enable
!
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
no dce-terminal-timing-enable
!
!
router bgp 64516
bgp router-id 10.0.254.1
bgp log-neighbor-changes
neighbor 172.16.1.1 remote-as 64514
neighbor 192.168.1.1 remote-as 64513
!
address-family ipv4
neighbor 172.16.1.1 activate
neighbor 172.16.1.1 soft-reconfiguration inbound
neighbor 192.168.1.1 activate
neighbor 192.168.1.1 soft-reconfiguration inbound
no auto-summary
no synchronization
network 10.0.254.0 mask 255.255.255.0
exit-address-family
!
ip http server
!
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
line con 0
exec-timeout 0 0
line aux 0
line vty 0 4
!
!
end
Internet#
*************************************************
OUTPUT
*************************************************
SHOW COMMANDS
*************************************************
PBR
****************************************************
CEA#show route-map
route-map ISPB, permit, sequence 10
Match clauses:
ip address (access-lists): 113
Set clauses:
ip next-hop 10.0.1.2
Policy routing matches: 313 packets, 25144 bytes
route-map ISPA, permit, sequence 10
Match clauses:
ip address (access-lists): 114
Set clauses:
ip next-hop 10.0.2.2
Policy routing matches: 315 packets, 24494 bytes
CEA#
CEA#show access-lists
Extended IP access list 113
10 permit ip 10.0.100.128 0.0.0.127 any (862 matches)
Extended IP access list 114
10 permit ip 10.0.100.0 0.0.0.127 any (831 matches)
CEA#
CEA#sh ip int bri
Interface IP-Address OK? Method Status Prot
ocol
FastEthernet0/0 10.0.100.1 YES manual up up
FastEthernet0/1 10.0.100.129 YES manual up up
Serial1/0 10.0.2.1 YES manual up up
Serial1/1 10.0.1.1 YES manual up up
Serial1/2 unassigned YES unset administratively down down
Serial1/3 unassigned YES unset administratively down down
CEA#sh int des
Interface Status Protocol Description
Fa0/0 up up CE1A
Fa0/1 up up CE2A
Se1/0 up up ISPA
Se1/1 up up <
Se1/2 admin down down
Se1/3 admin down down
CEA#
****************************************************************
CE1A#sh ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
10.0.100.129 1 FULL/DR 00:00:35 10.0.100.1 FastEthernet0/
0
CE1A#
CE1A#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is 0.0.0.0 to network 0.0.0.0
10.0.0.0/8 is variably subnetted, 4 subnets, 2 masks
O 10.0.2.0/30 [110/65] via 10.0.100.1, 00:06:04, FastEthernet0/0
O 10.0.1.0/30 [110/65] via 10.0.100.1, 00:06:04, FastEthernet0/0
C 10.0.100.0/25 is directly connected, FastEthernet0/0
O 10.0.100.128/25 [110/2] via 10.0.100.1, 00:06:04, FastEthernet0/0
S* 0.0.0.0/0 is directly connected, FastEthernet0/0
CE1A#
CE2A#sh ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
10.0.100.129 1 FULL/BDR 00:00:30 10.0.100.129 FastEthernet0/
0
CE2A#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is 0.0.0.0 to network 0.0.0.0
10.0.0.0/8 is variably subnetted, 4 subnets, 2 masks
O 10.0.2.0/30 [110/65] via 10.0.100.129, 00:06:37, FastEthernet0/0
O 10.0.1.0/30 [110/65] via 10.0.100.129, 00:06:37, FastEthernet0/0
O 10.0.100.0/25 [110/2] via 10.0.100.129, 00:06:37, FastEthernet0/0
C 10.0.100.128/25 is directly connected, FastEthernet0/0
S* 0.0.0.0/0 is directly connected, FastEthernet0/0
CE2A#
CEA#sh ip ospf nei
Neighbor ID Pri State Dead Time Address Interface
10.0.100.130 1 FULL/DR 00:00:33 10.0.100.130 FastEthernet0/
1
10.0.100.2 1 FULL/BDR 00:00:32 10.0.100.2 FastEthernet0/
0
CEA#sh ip bgp sum
BGP router identifier 10.0.1.1, local AS number 64515
BGP table version is 11, main routing table version 11
4 network entries using 468 bytes of memory
5 path entries using 260 bytes of memory
4/2 BGP path/bestpath attribute entries using 496 bytes of memory
2 BGP AS-PATH entries using 48 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1272 total bytes of memory
BGP activity 5/1 prefixes, 12/7 paths, scan interval 60 secs
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
10.0.1.2 4 64513 99 106 11 0 0 00:06:49 1
10.0.2.2 4 64514 92 101 11 0 0 00:09:45 1
CEA#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is 10.0.2.2 to network 0.0.0.0
10.0.0.0/8 is variably subnetted, 5 subnets, 3 masks
C 10.0.2.0/30 is directly connected, Serial1/0
C 10.0.1.0/30 is directly connected, Serial1/1
C 10.0.100.0/25 is directly connected, FastEthernet0/0
S 10.0.100.0/24 is directly connected, Null0
C 10.0.100.128/25 is directly connected, FastEthernet0/1
B* 0.0.0.0/0 [20/0] via 10.0.2.2, 00:09:02
CEA#
ISPB#sh ip route vrf CEA
Routing Table: CEA
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is 192.168.1.2 to network 0.0.0.0
10.0.0.0/8 is variably subnetted, 4 subnets, 3 masks
C 10.0.1.0/30 is directly connected, Serial1/2
B 10.0.100.0/25 [20/0] via 10.0.1.1, 00:10:14
B 10.0.100.0/24 [20/0] via 10.0.1.1, 00:10:14
B 10.0.100.128/25 [20/0] via 10.0.1.1, 00:10:14
S* 0.0.0.0/0 [1/0] via 192.168.1.2
ISPB#show route-map
route-map Internet, permit, sequence 10
Match clauses:
ip address prefix-lists: Internet
Set clauses:
as-path prepend 64513 64513
Policy routing matches: 0 packets, 0 bytes
route-map Internet, permit, sequence 20
Match clauses:
ip address prefix-lists: Aggregates
Set clauses:
Policy routing matches: 0 packets, 0 bytes
route-map Internet, permit, sequence 30
Match clauses:
community (community-list filter): 113 64513:999
Set clauses:
Policy routing matches: 0 packets, 0 bytes
route-map From_Internet, permit, sequence 10
Match clauses:
Set clauses:
community 64513:999
Policy routing matches: 0 packets, 0 bytes
route-map From_ISPA, permit, sequence 10
Match clauses:
Set clauses:
community 64513:999
Policy routing matches: 0 packets, 0 bytes
route-map To_ISPA, permit, sequence 10
Match clauses:
ip address prefix-lists: To_ISPA
Set clauses:
Policy routing matches: 0 packets, 0 bytes
route-map To_ISPA, permit, sequence 20
Match clauses:
community (community-list filter): 113
Set clauses:
Policy routing matches: 0 packets, 0 bytes
ISPB#
ISPB#
ISPB#
ISPB#sh ip bgp summary
BGP router identifier 192.168.1.1, local AS number 64513
BGP table version is 45, main routing table version 45
6 network entries using 702 bytes of memory
18 path entries using 936 bytes of memory
14/3 BGP path/bestpath attribute entries using 1736 bytes of memory
6 BGP AS-PATH entries using 144 bytes of memory
1 BGP community entries using 24 bytes of memory
1 BGP extended community entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 3566 total bytes of memory
7 received paths for inbound soft reconfiguration
BGP activity 28/18 prefixes, 97/71 paths, scan interval 60 secs
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
192.168.1.2 4 64516 205 204 45 0 0 00:03:27 3
192.168.1.6 4 64514 130 112 45 0 0 01:37:15 4
ISPB#sh ip bgp
BGP table version is 45, local router ID is 192.168.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 10.0.100.0/25 0.0.0.0 0 32768 i
* 192.168.1.6 0 0 64514 i
* 10.0.100.0/24 192.168.1.2 0 64516 64514 i
* 192.168.1.6 0 0 64514 i
*> 0.0.0.0 0 32768 i
*> 10.0.100.128/25 0.0.0.0 0 32768 i
*> 10.0.254.0/24 192.168.1.2 0 0 64516 i
* 192.168.1.6 0 64514 64516 i
* 172.16.1.0/24 192.168.1.2 0 64516 64514 i
*> 192.168.1.6 0 0 64514 i
*> 192.168.1.0 0.0.0.0 0 32768 i
ISPB#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
172.16.0.0/24 is subnetted, 1 subnets
B 172.16.1.0 [20/0] via 192.168.1.6, 00:36:04
10.0.0.0/8 is variably subnetted, 4 subnets, 2 masks
S 10.0.100.0/25 is directly connected, Serial1/2
S 10.0.100.0/24 is directly connected, Null0
S 10.0.100.128/25 is directly connected, Serial1/2
B 10.0.254.0/24 [20/0] via 192.168.1.2, 00:02:16
192.168.1.0/24 is variably subnetted, 4 subnets, 3 masks
C 192.168.1.0/30 is directly connected, Serial1/0
S 192.168.1.0/24 is directly connected, Null0
C 192.168.1.4/30 is directly connected, Serial1/1
C 192.168.1.254/32 is directly connected, Loopback0
ISPB#
ISPA#sh ip route vrf CEA
Routing Table: CEA
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is 172.16.1.2 to network 0.0.0.0
10.0.0.0/8 is variably subnetted, 4 subnets, 3 masks
C 10.0.2.0/30 is directly connected, Serial1/0
B 10.0.100.0/25 [20/0] via 10.0.2.1, 00:14:14
B 10.0.100.0/24 [20/0] via 10.0.2.1, 00:14:14
B 10.0.100.128/25 [20/0] via 10.0.2.1, 00:14:14
S* 0.0.0.0/0 [1/0] via 172.16.1.2
ISPA#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
172.16.0.0/16 is variably subnetted, 3 subnets, 3 masks
C 172.16.1.254/32 is directly connected, Loopback0
C 172.16.1.0/30 is directly connected, Serial1/1
S 172.16.1.0/24 is directly connected, Null0
10.0.0.0/8 is variably subnetted, 4 subnets, 2 masks
S 10.0.100.0/25 is directly connected, Serial1/0
S 10.0.100.0/24 is directly connected, Null0
B 10.0.100.128/25 [20/0] via 192.168.1.5, 00:14:06
B 10.0.254.0/24 [20/0] via 172.16.1.2, 00:04:24
192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks
B 192.168.1.0/24 [20/0] via 192.168.1.5, 00:52:13
C 192.168.1.4/30 is directly connected, Serial1/2
ISPA#sh ip bgp
BGP table version is 45, local router ID is 172.16.1.254
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
* 10.0.100.0/25 192.168.1.5 0 0 64513 i
*> 0.0.0.0 0 32768 i
*> 10.0.100.0/24 0.0.0.0 0 32768 i
*> 10.0.100.128/25 192.168.1.5 0 160 32769 64513 i
* 10.0.254.0/24 192.168.1.5 0 64513 64516 i
*> 172.16.1.2 0 0 64516 i
*> 172.16.1.0/24 0.0.0.0 0 32768 i
* 192.168.1.0 172.16.1.2 0 64516 64513 i
*> 192.168.1.5 0 0 64513 i
ISPA#sh ip bgp sum
BGP router identifier 172.16.1.254, local AS number 64514
BGP table version is 45, main routing table version 45
6 network entries using 702 bytes of memory
10 path entries using 520 bytes of memory
9/4 BGP path/bestpath attribute entries using 1116 bytes of memory
5 BGP AS-PATH entries using 120 bytes of memory
1 BGP extended community entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 2482 total bytes of memory
1 received paths for inbound soft reconfiguration
BGP activity 31/22 prefixes, 79/63 paths, scan interval 60 secs
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
172.16.1.2 4 64516 175 165 45 0 0 00:04:30 2
192.168.1.5 4 64513 113 131 45 0 0 01:38:13 4
ISPA#
ISPA#show route-map
route-map Internet, permit, sequence 10
Match clauses:
ip address prefix-lists: Internet
Set clauses:
Policy routing matches: 0 packets, 0 bytes
route-map From_ISPB, permit, sequence 10
Match clauses:
ip address prefix-lists: From_ISPB
Set clauses:
local-preference 160
weight 32769
Policy routing matches: 0 packets, 0 bytes
route-map From_ISPB, permit, sequence 20
Match clauses:
Set clauses:
Policy routing matches: 0 packets, 0 bytes
ISPA#sh ip prefix-list
ip prefix-list From_ISPB: 1 entries
seq 5 permit 10.0.100.128/25
ip prefix-list Internet: 3 entries
seq 5 permit 10.0.100.0/24
seq 10 permit 172.16.1.0/24
seq 15 permit 192.168.1.0/24
ISPA#
Internet#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
C 172.16.1.0/30 is directly connected, Serial1/0
B 172.16.1.0/24 [20/0] via 172.16.1.1, 00:12:59
10.0.0.0/24 is subnetted, 2 subnets
B 10.0.100.0 [20/0] via 172.16.1.1, 00:42:31
C 10.0.254.0 is directly connected, Loopback0
192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.1.0/30 is directly connected, Serial1/1
B 192.168.1.0/24 [20/0] via 192.168.1.1, 00:15:34
Internet#sh ip bgp sum
BGP router identifier 10.0.254.1, local AS number 64516
BGP table version is 31, main routing table version 31
4 network entries using 468 bytes of memory
7 path entries using 364 bytes of memory
7/3 BGP path/bestpath attribute entries using 868 bytes of memory
5 BGP AS-PATH entries using 120 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1820 total bytes of memory
BGP activity 13/9 prefixes, 19/12 paths, scan interval 60 secs
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
172.16.1.1 4 64514 129 135 31 0 0 01:14:28 3
192.168.1.1 4 64513 152 156 31 0 0 02:11:18 3
Internet#sh ip bgp
BGP table version is 31, local router ID is 10.0.254.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 10.0.100.0/24 172.16.1.1 0 0 64514 i
* 192.168.1.1 0 0 64513 64513 64513 i
*> 10.0.254.0/24 0.0.0.0 0 32768 i
* 172.16.1.0/24 192.168.1.1 0 64513 64514 i
*> 172.16.1.1 0 0 64514 i
* 192.168.1.0 172.16.1.1 0 64514 64513 i
*> 192.168.1.1 0 0 64513 i
Internet#
**************************************************
TRACE OUTPUT
**************************************************
Normal Condition- CE1A SendS Forward Traffic via ISPA
and Recives Return via ISPA
CE1A#traceroute 10.0.254.1
Type escape sequence to abort.
Tracing the route to 10.0.254.1
1 10.0.100.1 292 msec 28 msec 120 msec
2 10.0.2.2 240 msec 72 msec 100 msec
3 172.16.1.2 456 msec * 392 msec
CE1A#
Internet#traceroute 10.0.100.2
Type escape sequence to abort.
Tracing the route to 10.0.100.2
1 172.16.1.1 [AS 64514] 72 msec 184 msec 48 msec
2 10.0.2.1 168 msec 136 msec 160 msec
3 10.0.100.2 [AS 64514] 216 msec * 136 msec
Internet#
Normal Condition- CE2A SendS Forward Traffic via ISPB
and Recives Return via ISPA-ISPB
CE2A#traceroute 10.0.254.1
Type escape sequence to abort.
Tracing the route to 10.0.254.1
1 10.0.100.129 320 msec 240 msec 136 msec
2 10.0.1.2 156 msec 88 msec 156 msec
3 192.168.1.2 248 msec * 388 msec
CE2A#
Internet#traceroute 10.0.100.130
Type escape sequence to abort.
Tracing the route to 10.0.100.130
1 172.16.1.1 [AS 64514] 88 msec 100 msec 48 msec
2 192.168.1.5 [AS 64513] 156 msec 60 msec 176 msec
3 10.0.1.1 168 msec 128 msec 128 msec
4 10.0.100.130 [AS 64514] 176 msec * 176 msec
Internet#
**********************************************************
Problem Condition 1- ISP A WAN Connection to CEA Down.
CE1A SendS Forward Traffic via ISPB through PBR Failing and
automatic Switchover to ISPB WAN Link and Recives Return via ISPB.
This Switchover will cause Traffic Disruption for ~30 Seconds for CE1A Users
CE2A SendS Forward Traffic via ISPB
and Recives Return via ISPB Normally as Before
ISPA#sh ip int brief
Interface IP-Address OK? Method Status Prot
ocol
FastEthernet0/0 unassigned YES unset administratively down down
FastEthernet0/1 unassigned YES unset administratively down down
Serial1/0 10.0.2.2 YES manual administratively down down
Serial1/1 172.16.1.1 YES manual up up
Serial1/2 192.168.1.6 YES manual up up
Serial1/3 unassigned YES unset administratively down down
Loopback0 172.16.1.254 YES manual up up
ISPA#
CE1A#traceroute 10.0.254.1
Type escape sequence to abort.
Tracing the route to 10.0.254.1
1 10.0.100.1 200 msec 64 msec 84 msec
2 10.0.1.2 156 msec 200 msec 168 msec
3 192.168.1.2 264 msec * 556 msec
CE1A#
Internet#traceroute 10.0.100.2
Type escape sequence to abort.
Tracing the route to 10.0.100.2
1 172.16.1.1 [AS 64514] 112 msec 152 msec 48 msec
2 172.16.1.1 [AS 64514] !H * !H
Internet#traceroute 10.0.100.2
Type escape sequence to abort.
Tracing the route to 10.0.100.2
1 172.16.1.1 [AS 64514] 120 msec 120 msec 72 msec
2 192.168.1.5 [AS 64513] 336 msec 96 msec 288 msec
3 10.0.1.1 120 msec 672 msec 120 msec
4 10.0.100.2 [AS 64514] 264 msec * 168 msec
Internet#
CE2A#traceroute 10.0.254.1
Type escape sequence to abort.
Tracing the route to 10.0.254.1
1 10.0.100.129 200 msec 288 msec 136 msec
2 10.0.1.2 144 msec 288 msec 124 msec
3 192.168.1.2 528 msec * 488 msec
CE2A#
Internet#traceroute 10.0.100.130
Type escape sequence to abort.
Tracing the route to 10.0.100.130
1 172.16.1.1 [AS 64514] 124 msec 68 msec 48 msec
2 192.168.1.5 [AS 64513] 264 msec 236 msec 88 msec
3 10.0.1.1 140 msec 216 msec 208 msec
4 10.0.100.130 [AS 64514] 160 msec * 208 msec
Internet#
******************************************************************
Problem Condition 2- ISB WAN Connection to CEA Down.
CE2A SendS Forward Traffic via ISPA through PBR Failing and
automatic Switchover to ISPA WAN Link and Recives Return via ISPA.
This Switchover will cause Traffic Disruption for ~30 Seconds for CE2A Users
CE1A SendS Forward Traffic via ISPA
and Recives Return via ISPA Normally as Before
ISPB#sh ip int brief
Interface IP-Address OK? Method Status Prot
ocol
FastEthernet0/0 unassigned YES unset administratively down down
FastEthernet0/1 unassigned YES unset administratively down down
Serial1/0 192.168.1.1 YES SLARP up up
Serial1/1 192.168.1.5 YES manual up up
Serial1/2 10.0.1.2 YES manual administratively down down
Serial1/3 unassigned YES unset administratively down down
Loopback0 192.168.1.254 YES manual up up
ISPB#
CE2A#traceroute 10.0.254.1
Type escape sequence to abort.
Tracing the route to 10.0.254.1
1 10.0.100.129 140 msec 108 msec 120 msec
2 10.0.2.2 220 msec 72 msec 172 msec
3 172.16.1.2 308 msec * 364 msec
CE2A#
Internet#traceroute 10.0.100.130
Type escape sequence to abort.
Tracing the route to 10.0.100.130
1 172.16.1.1 [AS 64514] 124 msec 52 msec 48 msec
2 192.168.1.5 [AS 64513] 200 msec 220 msec 208 msec
3 192.168.1.5 [AS 64513] !H * !H
Internet#traceroute 10.0.100.130
Type escape sequence to abort.
Tracing the route to 10.0.100.130
1 172.16.1.1 [AS 64514] 72 msec 168 msec 216 msec
2 10.0.2.1 120 msec 104 msec 160 msec
3 10.0.100.130 [AS 64514] 176 msec * 132 msec
Internet#
CE1A#traceroute 10.0.254.1
Type escape sequence to abort.
Tracing the route to 10.0.254.1
1 10.0.100.1 64 msec 44 msec 88 msec
2 10.0.2.2 228 msec 132 msec 244 msec
3 172.16.1.2 320 msec * 380 msec
CE1A#
Internet#traceroute 10.0.100.2
Type escape sequence to abort.
Tracing the route to 10.0.100.2
1 192.168.1.1 [AS 64513] 92 msec 200 msec 48 msec
2 192.168.1.6 [AS 64513] 128 msec 152 msec 96 msec
3 10.0.2.1 152 msec 152 msec 172 msec
4 10.0.100.2 [AS 64514] 212 msec * 136 msec
Internet#
*************************************************************
Problem Condition3- ISP A WAN Connection to Internet Down.
CE1A SendS Forward Traffic via ISPA-ISPB through BGP Failover Redundancy in ISP Core
and automatic Switchover to ISPB WAN Link and Recives Return via ISPB.
This Switchover will cause Traffic Disruption for ~30 Seconds for CE1A Users
CE2A SendS Forward Traffic via ISPB
and Recives Return via ISPB Normally as Before
CE2A#traceroute 10.0.254.1
Type escape sequence to abort.
Tracing the route to 10.0.254.1
1 10.0.100.129 68 msec 64 msec 20 msec
2 10.0.1.2 224 msec 96 msec 272 msec
3 192.168.1.2 220 msec * 276 msec
CE2A#
Internet#traceroute 10.0.100.130
Type escape sequence to abort.
Tracing the route to 10.0.100.130
1 192.168.1.1 [AS 64513] 72 msec 120 msec 160 msec
2 * * *
3 10.0.100.130 [AS 64513] 128 msec * 144 msec
Internet#
******************************************************************
Problem Condition4- ISP B WAN Connection to Internet Down.
CE2A SendS Forward Traffic via ISPB-ISPA through BGP Failover Redundancy in ISP Core
and automatic Switchover to ISPA WAN Link and Recives Return via ISPA-ISPB.
This Switchover will cause Traffic Disruption for ~30 Seconds for CE2A Users
CE1A SendS Forward Traffic via ISPA
and Recives Return via ISPA Normally as Before
*********************************************************
