Controlling BGP routes

Provider AS

AS12*(Regional)
AS34*(BackBone)
AS8(Tier1)
AS9(SH)
AS10(ST)
AS13(Tier1)

* Under a Single ISP

AS12(Regional) Import Community tag definition

12:110(Routes learn from ST)
12:19(Routes learn from SH)
12:134(Routes learn from BB)
12:111(Transit route)
12:112(Routes learn from full route customer)*1
12:113(Routes learn from Local route customer)*2
12:11(Routes learn from R1 POP)
12:12(Routes learn from R2 POP)

*1 full route means domestic routes + international route
*2 Local customer doesn't have international route

AS12(Regional) Export Community tag definition

12:210(Going to ST via local peering)
12:29(Going to SH via local peering)
12:234(Going to BB via local peering)
12:221(Going to Local route customer)
12:220(Going to Local+International)
12:222(Going to International route customer)


AS34(BB) Import Community tag definition

34:1012(Routes learn from Regional AS)
34:111(International routes)
34:112(Routes learn from full route customer)*1
34:113(Routes learn from Local route customer)*2

*1 full route means domestic routes + international route
*2 Local customer doesn't have international route

AS34(BB) Export Community tag definition

34:221(Going to Local route customer)
34:220(Going to Local+International)
34:222(Going to International route customer)
34:34(Specific routes)

AS9(SH)  Import and Export Community tag definition

9:111(Routes learn from International)
9:113(Routes learn from Local peering)
9:222(Routes going to International)
10:222(International routes learn from ST)

AS10(ST)  Import and Export Community tag definition

10:111(Routes learn from International)
10:113(Routes learn from Local peering)
10:222(Routes going to International)
9:222(International routes learn from SH)

BGP Peering

AS12
R1<IBGP>R2

AS34
R3<IBGP>R4

AS12 and AS9
R2<Local Peering>R9

AS12 and AS10
R1<Local Peering>R10
R2<Local Peering>R10

AS12 and AS34
R1<Local Peering>R4
R2<Local Peering>R3
R1<International Peering>R3

AS9 and AS10
R9<Local+International Peering>R10

AS34 and AS8
R4<International Peering>R8

AS9 and AS8
R9<International Peering>R8

AS10 and AS13
R10<International Peering>R13

AS8 and AS13
R8<International Peering>R13

Local Route Customer Peering
R1<>R7
R4<>R17

Full Route Customer Peering
R1<>R5
R2<>R12
R3<>R6
R9<>R11
R10<>R11

Peering Policy

Peering policy of AS12(Regional)

1.Local Peering with AS9(SH)

-AS9 sends routes originated locally,routes from its customers, and routes from ST peering
-AS12 sends routes originated locally, routes from customers(both Local route customer and Full route customer) and routes learn from AS34(BB)

Customization

- routes originated from AS9 are set higher LP on R2
-AS12 doesn't send to AS9 international routes learn from AS34
-R2 set lower local preference for the routes learn from AS 9 if the routes has as-path ^9_10
-AS9 alos doesn't send to AS12 international routes learn from AS8 and AS10(ST)
-AS9 sets higher local preference to routes learn from AS12 compared to routes learn from ST peering

2.Local Peering with AS10(ST)

..To be continued..

Full Configuration

R1 Config

interface Loopback0
 ip address 1.1.1.1 255.255.255.255
!
interface Loopback1
 ip address 1.1.11.1 255.255.255.0
!
interface FastEthernet0/0
 ip address 192.168.12.1 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet0/1
 ip address 192.168.17.1 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet1/0
 ip address 192.168.13.1 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet2/0
 ip address 192.168.14.1 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet3/0
 ip address 192.168.101.1 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet4/0
 ip address 192.168.15.1 255.255.255.0
 duplex auto
 speed auto
!
router ospf 1
 log-adjacency-changes
 network 1.1.1.1 0.0.0.0 area 0
 network 192.168.12.1 0.0.0.0 area 0
!
router bgp 12
 no synchronization
 bgp log-neighbor-changes
 network 1.1.11.0 mask 255.255.255.0
 neighbor 2.2.2.2 remote-as 12
 neighbor 2.2.2.2 update-source Loopback0
 neighbor 2.2.2.2 next-hop-self
 neighbor 2.2.2.2 send-community
 neighbor 192.168.13.3 remote-as 34
 neighbor 192.168.13.3 send-community
 neighbor 192.168.13.3 soft-reconfiguration inbound
 neighbor 192.168.13.3 route-map IPT_IN in
 neighbor 192.168.13.3 route-map IPT_OUT out
 neighbor 192.168.14.4 remote-as 34
 neighbor 192.168.14.4 send-community
 neighbor 192.168.14.4 soft-reconfiguration inbound
 neighbor 192.168.14.4 route-map BB_PEERING_IN in
 neighbor 192.168.14.4 route-map BB_PEERING_OUT out
 neighbor 192.168.15.5 remote-as 5
 neighbor 192.168.15.5 send-community
 neighbor 192.168.15.5 route-map FULL_CUST_IN in
 neighbor 192.168.15.5 route-map FULL_CUST_OUT out
 neighbor 192.168.17.7 remote-as 7
 neighbor 192.168.17.7 send-community
 neighbor 192.168.17.7 route-map LOCAL_CUST_IN in
 neighbor 192.168.17.7 route-map LOCAL_CUST_OUT out
 neighbor 192.168.101.10 remote-as 10
 neighbor 192.168.101.10 route-map ST_IN in
 neighbor 192.168.101.10 route-map ST_OUT out
 no auto-summary
!
ip forward-protocol nd
!
ip bgp-community new-format
ip community-list standard BB_OUT permit 12:234
ip community-list standard R2_POP permit 12:2 12:234
ip community-list standard FULL_ROUTE_CUST permit 12:220
ip community-list standard LOCAL_IN permit 12:113
ip community-list expanded ST_OUT permit 12:2[1-2]0
ip community-list expanded SH_OUT permit 12:2[2|9].
ip community-list expanded LOCAL_OUT permit 12:22[0|1]
ip community-list expanded FULL_OUT permit 12:2[0-9][0-9]
ip as-path access-list 1 deny ^$
ip as-path access-list 1 permit .*
ip as-path access-list 2 permit ^9_10
ip as-path access-list 3 permit ^10_9
ip as-path access-list 4 permit ^10$
ip as-path access-list 5 permit ^9$
!
no ip http server
no ip http secure-server
!
!
ip prefix-list AS11_1 seq 5 permit 11.11.0.0/17 le 24
!
ip prefix-list DEFAULT seq 5 permit 0.0.0.0/0
!
ip prefix-list SMALL_PREFIXES seq 5 permit 0.0.0.0/0 ge 25
!
route-map FULL_CUST_IN deny 10
 match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map FULL_CUST_IN permit 20
 set community 12:112 12:220
!
route-map BB_PEERING_OUT deny 10
 match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map BB_PEERING_OUT permit 20
 match community R2_POP
 set metric 100
!
route-map BB_PEERING_OUT permit 30
 match community BB_OUT
!
route-map BB_PEERING_OUT deny 40
 match as-path 1
!
route-map BB_PEERING_OUT permit 50
 set metric 100
!
route-map LOCAL_CUST_OUT deny 10
 match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map LOCAL_CUST_OUT permit 20
 match community LOCAL_OUT
!
route-map LOCAL_CUST_OUT deny 30
 match as-path 1
!
route-map LOCAL_CUST_OUT permit 40
!
route-map IPT_IN deny 10
 match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map IPT_IN permit 20
 set community 12:111 12:222
!
route-map ST_OUT deny 10
 match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map ST_OUT permit 20
 match community ST_OUT
!
route-map ST_OUT deny 30
 match as-path 1
!
route-map ST_OUT permit 40
!
route-map BB_PEERING_IN deny 10
 match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map BB_PEERING_IN permit 20
 set local-preference 150
 set community 12:29 12:134 12:210 12:221
!
route-map FULL_CUST_OUT deny 10
 match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map FULL_CUST_OUT permit 20
 match community FULL_OUT
!
route-map FULL_CUST_OUT deny 30
 match as-path 1
!
route-map FULL_CUST_OUT permit 40
!
route-map LOCAL_CUST_IN deny 10
 match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map LOCAL_CUST_IN permit 20
 set community 12:29 12:113 12:210 12:221 12:234
!
route-map IPT_OUT deny 10
 match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map IPT_OUT deny 20
 match community LOCAL_IN
!
route-map IPT_OUT permit 30
 match community FULL_ROUTE_CUST
!
route-map IPT_OUT deny 40
 match as-path 1
!
route-map IPT_OUT permit 50
!
route-map ST_IN deny 10
 match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map ST_IN permit 20
 match ip address prefix-list AS11_1
 set local-preference 200
 set community 12:1 12:110 12:221 12:234
!
route-map ST_IN permit 30
 match as-path 4
 set local-preference 200
 set community 12:1 12:110 12:221 12:234
!
route-map ST_IN permit 40
 match as-path 3
 set local-preference 140
 set community 12:1 12:110 12:221 12:234
!
route-map ST_IN permit 50
 set local-preference 150
 set community 12:1 12:110 12:221 12:234

R2 Config

interface Loopback0
 ip address 2.2.2.2 255.255.255.255
!
interface FastEthernet0/0
 ip address 192.168.12.2 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet0/1
 ip address 192.168.212.2 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet1/0
 ip address 192.168.23.2 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet2/0
 ip address 192.168.102.2 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet3/0
 ip address 192.168.29.2 255.255.255.0
 duplex auto
 speed auto
!
router ospf 1
 log-adjacency-changes
 network 2.2.2.2 0.0.0.0 area 0
 network 192.168.12.2 0.0.0.0 area 0
!
router bgp 12
 no synchronization
 bgp log-neighbor-changes
 neighbor 1.1.1.1 remote-as 12
 neighbor 1.1.1.1 update-source Loopback0
 neighbor 1.1.1.1 next-hop-self
 neighbor 1.1.1.1 send-community
 neighbor 192.168.23.3 remote-as 34
 neighbor 192.168.23.3 send-community
 neighbor 192.168.23.3 soft-reconfiguration inbound
 neighbor 192.168.23.3 route-map BB_PEERING_IN in
 neighbor 192.168.23.3 route-map BB_PEERING_OUT out
 neighbor 192.168.29.9 remote-as 9
 neighbor 192.168.29.9 send-community
 neighbor 192.168.29.9 route-map SH_IN in
 neighbor 192.168.29.9 route-map SH_OUT out
 neighbor 192.168.102.10 remote-as 10
 neighbor 192.168.102.10 send-community
 neighbor 192.168.102.10 route-map ST_IN in
 neighbor 192.168.102.10 route-map ST_OUT out
 neighbor 192.168.212.12 remote-as 12
 neighbor 192.168.212.12 send-community
 neighbor 192.168.212.12 route-map FULL_CUST_IN in
 neighbor 192.168.212.12 route-map FULL_CUST_OUT out
 no auto-summary
!
ip forward-protocol nd
!
ip bgp-community new-format
ip community-list standard BB_OUT permit 12:234
ip community-list standard R1_POP permit 12:1 12:234
ip community-list expanded LOCAL_OUT permit 12:22[0|1]
ip community-list expanded ST_OUT permit 12:2[1-2]0
ip community-list expanded SH_OUT permit 12:2(9)|(20)
ip community-list expanded FULL_OUT permit 12:2[0-9][0-9]
ip as-path access-list 1 deny ^$
ip as-path access-list 1 permit .*
ip as-path access-list 2 permit ^9_10
ip as-path access-list 3 permit ^10_9
ip as-path access-list 4 permit ^10$
ip as-path access-list 5 permit ^9$
!
no ip http server
no ip http secure-server
!
!
ip prefix-list AS11 seq 5 permit 11.11.0.0/16 le 24
!
ip prefix-list AS11_2 seq 5 permit 11.11.128.0/17 le 24
!
ip prefix-list DEFAULT seq 5 permit 0.0.0.0/0
!
ip prefix-list SMALL_PREFIXES seq 5 permit 0.0.0.0/0 ge 25
!
route-map FULL_CUST_IN deny 10
 match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map FULL_CUST_IN permit 20
 set community 12:112 12:220
!
route-map SH_OUT deny 10
 match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map SH_OUT permit 20
 match community SH_OUT
!
route-map SH_OUT deny 30
 match as-path 1
!
route-map SH_OUT permit 40
!
route-map BB_PEERING_OUT deny 10
 match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map BB_PEERING_OUT permit 20
 match community R1_POP
 set metric 100
!
route-map BB_PEERING_OUT permit 30
 match community BB_OUT
!
route-map BB_PEERING_OUT deny 40
 match as-path 1
!
route-map BB_PEERING_OUT permit 50
 set metric 100
!
route-map ST_OUT deny 10
 match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map ST_OUT permit 20
 match community ST_OUT
!
route-map ST_OUT deny 30
 match as-path 1
!
route-map ST_OUT permit 40
!
route-map SH_IN deny 10
 match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map SH_IN permit 20
 match ip address prefix-list AS11
 set local-preference 140
 set community 12:2 12:19 12:221 12:234
!
route-map SH_IN permit 30
 match as-path 5
 set local-preference 200
 set community 12:2 12:19 12:221 12:234
!
route-map SH_IN permit 40
 match as-path 2
 set local-preference 130
 set community 12:2 12:19 12:221 12:234
!
route-map SH_IN permit 50
 set local-preference 200
 set community 12:2 12:19 12:221 12:234
!
route-map BB_PEERING_IN deny 10
 match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map BB_PEERING_IN permit 20
 set local-preference 200
 set community 12:29 12:134 12:210 12:221
!
route-map FULL_CUST_OUT deny 10
 match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map FULL_CUST_OUT permit 20
 match community FULL_OUT
!
route-map FULL_CUST_OUT deny 30
 match as-path 1
!
route-map FULL_CUST_OUT permit 40
!
route-map ST_IN deny 10
 match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map ST_IN permit 20
 match ip address prefix-list AS11_2
 set local-preference 200
 set community 12:2 12:110 12:221 12:234
!
route-map ST_IN permit 30
 match as-path 4
 set local-preference 200
 set community 12:2 12:110 12:221 12:234
!
route-map ST_IN permit 40
 match as-path 3
 set local-preference 140
 set community 12:2 12:110 12:221 12:234
!
route-map ST_IN permit 50
 set local-preference 200
 set community 12:2 12:110 12:221 12:234

R3 Config

interface Loopback0
 ip address 3.3.3.3 255.255.255.255
!
interface Loopback1
 ip address 3.4.34.3 255.255.255.0
!
interface FastEthernet0/0
 ip address 192.168.36.3 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet0/1
 ip address 192.168.34.3 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet1/0
 ip address 192.168.13.3 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet2/0
 ip address 192.168.23.3 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet3/0
 no ip address
 shutdown
 duplex auto
 speed auto
!
router ospf 1
 log-adjacency-changes
 network 3.3.3.3 0.0.0.0 area 0
 network 192.168.34.3 0.0.0.0 area 0
!
router bgp 34
 no synchronization
 bgp log-neighbor-changes
 redistribute connected route-map REDIS_CONNECTED
 redistribute static route-map REDIS_STATIC
 neighbor 4.4.4.4 remote-as 34
 neighbor 4.4.4.4 update-source Loopback0
 neighbor 4.4.4.4 next-hop-self
 neighbor 4.4.4.4 send-community
 neighbor 192.168.13.1 remote-as 12
 neighbor 192.168.13.1 send-community
 neighbor 192.168.13.1 remove-private-as
 neighbor 192.168.13.1 soft-reconfiguration inbound
 neighbor 192.168.13.1 route-map REG_IPT_IN in
 neighbor 192.168.13.1 route-map REG_IPT_OUT out
 neighbor 192.168.23.2 remote-as 12
 neighbor 192.168.23.2 send-community
 neighbor 192.168.23.2 remove-private-as
 neighbor 192.168.23.2 soft-reconfiguration inbound
 neighbor 192.168.23.2 route-map LOCAL_PEERING_IN in
 neighbor 192.168.23.2 route-map LOCAL_PEERING_OUT out
 neighbor 192.168.36.6 remote-as 6
 neighbor 192.168.36.6 send-community
 neighbor 192.168.36.6 remove-private-as
 neighbor 192.168.36.6 route-map FULL_CUST_IN in
 neighbor 192.168.36.6 route-map FULL_CUST_OUT out
 no auto-summary
!
ip forward-protocol nd
ip route 3.3.0.0 255.255.192.0 Null0
!
ip bgp-community new-format
ip community-list standard IPT_OUT permit 34:111 34:222
ip community-list standard IPT_IN permit 34:111
ip community-list standard SPECIFIC permit 34:34
ip community-list standard LOCAL_IN permit 34:113
ip community-list standard FULL_ROUTE_CUST permit 12:220
ip community-list expanded LOCAL_OUT permit 34:22[0|1]
ip community-list expanded FULL_OUT permit 34:2[0-9][0-9]
ip as-path access-list 1 deny ^$
ip as-path access-list 1 permit .*
ip as-path access-list 2 permit ^$
ip as-path access-list 3 permit _12_
!
no ip http server
no ip http secure-server
!
!
ip prefix-list DEFAULT seq 5 permit 0.0.0.0/0
!
ip prefix-list SMALL_PREFIXES seq 5 permit 0.0.0.0/0 ge 25
!
route-map FULL_CUST_IN deny 10
 match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map FULL_CUST_IN permit 20
 set community 34:112 34:220
!
route-map LOCAL_PEERING_IN deny 10
 match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map LOCAL_PEERING_IN permit 20
 set local-preference 200
 set community 34:113 34:221
!
route-map REDIS_STATIC permit 10
 match source-protocol static
 set community 34:220 34:221 34:222
!
route-map REG_IPT_IN deny 10
 match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map REG_IPT_IN permit 20
 set community 34:220 34:1012
!
route-map LOCAL_PEERING_OUT deny 10
 match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map LOCAL_PEERING_OUT deny 20
 match community IPT_IN
!
route-map LOCAL_PEERING_OUT deny 30
 match community SPECIFIC
!
route-map LOCAL_PEERING_OUT permit 40
 match community LOCAL_OUT
!
route-map LOCAL_PEERING_OUT permit 50
 match as-path 2
!
route-map REDIS_CONNECTED permit 10
 match interface Loopback1
 set community 34:34
!
route-map FULL_CUST_OUT deny 10
 match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map FULL_CUST_OUT deny 15
 match community SPECIFIC
!
route-map FULL_CUST_OUT permit 20
 match community FULL_OUT
!
route-map FULL_CUST_OUT permit 30
 match as-path 2
!
route-map REG_IPT_OUT deny 10
 match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map REG_IPT_OUT deny 20
 match community SPECIFIC
!
route-map REG_IPT_OUT deny 30
 match community LOCAL_IN
!
route-map REG_IPT_OUT permit 40
 match community IPT_OUT
!
route-map REG_IPT_OUT permit 50
 match community FULL_ROUTE_CUST
!
route-map REG_IPT_OUT permit 60
 match as-path 2

R4 Config

interface Loopback0
 ip address 4.4.4.4 255.255.255.255
!
interface FastEthernet0/0
 ip address 192.168.174.4 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet0/1
 ip address 192.168.34.4 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet1/0
 ip address 192.168.14.4 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet2/0
 ip address 192.168.48.4 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet3/0
 no ip address
 shutdown
 duplex auto
 speed auto
!
router ospf 1
 log-adjacency-changes
 network 4.4.4.4 0.0.0.0 area 0
 network 192.168.34.4 0.0.0.0 area 0
!
router bgp 34
 no synchronization
 bgp log-neighbor-changes
 neighbor 3.3.3.3 remote-as 34
 neighbor 3.3.3.3 update-source Loopback0
 neighbor 3.3.3.3 next-hop-self
 neighbor 3.3.3.3 send-community
 neighbor 192.168.14.1 remote-as 12
 neighbor 192.168.14.1 send-community
 neighbor 192.168.14.1 remove-private-as
 neighbor 192.168.14.1 soft-reconfiguration inbound
 neighbor 192.168.14.1 route-map LOCAL_PEERING_IN in
 neighbor 192.168.14.1 route-map LOCAL_PEERING_OUT out
 neighbor 192.168.48.8 remote-as 8
 neighbor 192.168.48.8 remove-private-as
 neighbor 192.168.48.8 route-map IPT_IN in
 neighbor 192.168.48.8 route-map IPT_OUT out
 neighbor 192.168.174.17 remote-as 65535
 neighbor 192.168.174.17 route-map LOCAL_CUST_IN in
 neighbor 192.168.174.17 route-map LOCAL_CUST_OUT out
 no auto-summary
!
ip forward-protocol nd
!
ip bgp-community new-format
ip community-list standard IPT_IN permit 34:111
ip community-list standard SPECIFIC permit 34:34
ip community-list standard FULL_ROUTE_CUST permit 34:220
ip community-list standard TRANSIT permit 34:220 34:1012
ip community-list standard LOCAL_IN permit 34:113
ip community-list expanded LOCAL_OUT permit 34:22[0|1]
ip as-path access-list 1 deny ^$
ip as-path access-list 1 permit .*
ip as-path access-list 2 permit ^$
ip as-path access-list 3 permit _12_
!
no ip http server
no ip http secure-server
!
!
ip prefix-list DEFAULT seq 5 permit 0.0.0.0/0
!
ip prefix-list SMALL_PREFIXES seq 5 permit 0.0.0.0/0 ge 25
!
route-map LOCAL_PEERING_IN deny 10
 match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map LOCAL_PEERING_IN permit 20
 set local-preference 200
 set community 34:113 34:221
!
route-map LOCAL_CUST_OUT deny 10
 match ip address prefix-list DEFAULT
!
route-map LOCAL_CUST_OUT deny 15
 match community SPECIFIC
!
route-map LOCAL_CUST_OUT permit 20
 match community LOCAL_OUT
!
route-map LOCAL_CUST_OUT permit 30
 match as-path 2
!
route-map IPT_IN deny 10
 match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map IPT_IN deny 20
 match as-path 3
!
route-map IPT_IN permit 30
 set community 34:111 34:222
!
route-map LOCAL_PEERING_OUT deny 10
 match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map LOCAL_PEERING_OUT deny 20
 match community IPT_IN
!
route-map LOCAL_PEERING_OUT deny 30
 match community SPECIFIC
!
route-map LOCAL_PEERING_OUT permit 40
 match community LOCAL_OUT
!
route-map LOCAL_PEERING_OUT deny 50
 match as-path 1
!
route-map LOCAL_PEERING_OUT permit 60
!
route-map LOCAL_CUST_IN deny 10
 match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map LOCAL_CUST_IN permit 20
 set community 34:113 34:221
!
route-map IPT_OUT deny 10
 match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map IPT_OUT deny 20
 match community SPECIFIC
!
route-map IPT_OUT deny 30
 match community LOCAL_IN
!
route-map IPT_OUT permit 40
 match community FULL_ROUTE_CUST
!
route-map IPT_OUT permit 50
 match community TRANSIT
!
route-map IPT_OUT deny 60
 match as-path 1
!
route-map IPT_OUT permit 70

R5 Config

interface Loopback1
 ip address 5.5.1.5 255.255.255.0
!
interface FastEthernet0/0
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface FastEthernet0/1
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface FastEthernet1/0
 ip address 192.168.15.5 255.255.255.0
 duplex auto
 speed auto
!
router bgp 5
 no synchronization
 bgp log-neighbor-changes
 network 5.5.1.0 mask 255.255.255.0
 neighbor 192.168.15.1 remote-as 12
 no auto-summary

R6 Config

interface Loopback1
 ip address 6.6.1.6 255.255.255.0
!
interface FastEthernet0/0
 ip address 192.168.36.6 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet0/1
 no ip address
 shutdown
 duplex auto
 speed auto
!
router bgp 6
 no synchronization
 bgp log-neighbor-changes
 network 6.6.1.0 mask 255.255.255.0
 neighbor 192.168.36.3 remote-as 34
 no auto-summary

R7 Config

interface Loopback1
 ip address 7.7.1.7 255.255.255.0
!
interface FastEthernet0/0
 ip address 192.168.17.7 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet0/1
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface FastEthernet1/0
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface FastEthernet2/0
 no ip address
 shutdown
 duplex auto
 speed auto
!
router bgp 7
 no synchronization
 bgp log-neighbor-changes
 network 7.7.1.0 mask 255.255.255.0
 neighbor 192.168.17.1 remote-as 12
 no auto-summary

R8 Config

interface Loopback1
 ip address 8.8.1.8 255.255.255.0
!
interface FastEthernet0/0
 ip address 192.168.138.8 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet0/1
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface FastEthernet1/0
 ip address 192.168.48.8 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet2/0
 ip address 192.168.89.8 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet3/0
 ip address 192.168.108.8 255.255.255.0
 duplex auto
 speed auto
!
router bgp 8
 no synchronization
 bgp log-neighbor-changes
 network 8.8.1.0 mask 255.255.255.0
 neighbor 192.168.48.4 remote-as 34
 neighbor 192.168.89.9 remote-as 9
 neighbor 192.168.138.13 remote-as 13
 no auto-summary

R9 Config

interface Loopback1
 ip address 9.9.1.9 255.255.255.0
!
interface FastEthernet0/0
 ip address 192.168.119.9 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet0/1
 ip address 192.168.109.9 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet1/0
 ip address 192.168.29.9 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet2/0
 ip address 192.168.89.9 255.255.255.0
 duplex auto
 speed auto
!
router bgp 9
 no synchronization
 bgp log-neighbor-changes
 network 9.9.1.0 mask 255.255.255.0
 neighbor 192.168.29.2 remote-as 12
 neighbor 192.168.29.2 route-map LOCAL_PEERING_IN in
 neighbor 192.168.29.2 route-map LOCAL_PEERING_OUT out
 neighbor 192.168.89.8 remote-as 8
 neighbor 192.168.89.8 route-map IPT_IN in
 neighbor 192.168.89.8 route-map IPT_OUT out
 neighbor 192.168.109.10 remote-as 10
 neighbor 192.168.109.10 send-community
 neighbor 192.168.109.10 soft-reconfiguration inbound
 neighbor 192.168.109.10 route-map ST_PEERING_IN in
 neighbor 192.168.109.10 route-map ST_PEERING_OUT out
 neighbor 192.168.119.11 remote-as 11
 neighbor 192.168.119.11 route-map CUST in
 no auto-summary
!
ip forward-protocol nd
!
ip bgp-community new-format
ip community-list standard IPT_IN permit 9:111
ip community-list standard LOCAL_IN permit 9:113
ip community-list standard IPT_OUT permit 9:222
ip community-list standard ST_IPT permit 10:222
ip as-path access-list 1 permit ^10_12
ip as-path access-list 2 permit ^11$
!
no ip http server
no ip http secure-server
!
!
ip prefix-list DEFAULT seq 5 permit 0.0.0.0/0
!
ip prefix-list SMALL_PREFIXES seq 5 permit 0.0.0.0/0 ge 25
!
route-map LOCAL_PEERING_IN deny 10
 match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map LOCAL_PEERING_IN permit 20
 set local-preference 200
 set community 9:113
!
route-map ST_PEERING_OUT deny 10
 match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map ST_PEERING_OUT permit 20
 match community IPT_IN
 set comm-list IPT_IN delete
!
route-map ST_PEERING_OUT permit 30
 set community none
!
route-map CUST permit 10
 match as-path 2
 set local-preference 200
!
route-map IPT_IN deny 10
 match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map IPT_IN permit 20
 set local-preference 150
 set community 9:111 9:222
!
route-map LOCAL_PEERING_OUT deny 10
 match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map LOCAL_PEERING_OUT deny 20
 match community IPT_IN
!
route-map LOCAL_PEERING_OUT permit 30
!
route-map ST_PEERING_IN deny 10
 match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map ST_PEERING_IN permit 20
 match community ST_IPT
 set local-preference 140
 set community 9:111 9:113
!
route-map ST_PEERING_IN permit 30
 match as-path 1
 set local-preference 160
!
route-map ST_PEERING_IN permit 40
 set local-preference 150
!
route-map IPT_OUT deny 10
 match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map IPT_OUT deny 20
 match community LOCAL_IN
!
route-map IPT_OUT permit 30

R10 Config

interface FastEthernet0/0
 ip address 192.168.110.10 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet0/1
 ip address 192.168.109.10 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet1/0
 ip address 192.168.101.10 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet2/0
 ip address 192.168.102.10 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet3/0
 ip address 192.168.113.10 255.255.255.0
 duplex auto
 speed auto
!
router bgp 10
 no synchronization
 bgp log-neighbor-changes
 neighbor 192.168.101.1 remote-as 12
 neighbor 192.168.101.1 route-map LOCAL_PEERING_IN in
 neighbor 192.168.101.1 route-map LOCAL_PEERING_OUT out
 neighbor 192.168.102.2 remote-as 12
 neighbor 192.168.102.2 route-map LOCAL_PEERING_IN in
 neighbor 192.168.102.2 route-map LOCAL_PEERING_OUT out
 neighbor 192.168.109.9 remote-as 9
 neighbor 192.168.109.9 send-community
 neighbor 192.168.109.9 soft-reconfiguration inbound
 neighbor 192.168.109.9 route-map SH_PEERING_IN in
 neighbor 192.168.109.9 route-map SH_PEERING_OUT out
 neighbor 192.168.110.11 remote-as 11
 neighbor 192.168.110.11 route-map CUST in
 neighbor 192.168.113.13 remote-as 13
 neighbor 192.168.113.13 route-map IPT_IN in
 neighbor 192.168.113.13 route-map IPT_OUT out
 no auto-summary
!
ip forward-protocol nd
!
ip bgp-community new-format
ip community-list standard IPT_IN permit 10:111
ip community-list standard LOCAL_IN permit 10:113
ip community-list standard IPT_OUT permit 10:222
ip community-list standard SH_IPT permit 9:222
ip as-path access-list 1 permit ^9_12_
ip as-path access-list 2 permit ^11$
!
ip http server
no ip http secure-server
!
!
ip prefix-list DEFAULT seq 5 permit 0.0.0.0/0
!
ip prefix-list SMALL_PREFIXES seq 5 permit 0.0.0.0/0 ge 25
!
route-map LOCAL_PEERING_IN deny 10
 match ip address prefix-list DEFAULT SMALL_PREFIXES
 set local-preference 200
!
route-map LOCAL_PEERING_IN permit 20
 set local-preference 200
 set community 10:113
!
route-map CUST permit 10
 match as-path 2
 set local-preference 200
!
route-map IPT_IN deny 10
 match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map IPT_IN permit 20
 set local-preference 150
 set community 10:111 10:222
!
route-map SH_PEERING_OUT deny 10
 match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map SH_PEERING_OUT permit 20
 match community IPT_IN
 set comm-list IPT_IN delete
!
route-map SH_PEERING_OUT permit 30
 set community none
!
route-map LOCAL_PEERING_OUT deny 10
 match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map LOCAL_PEERING_OUT deny 20
 match community IPT_IN
!
route-map LOCAL_PEERING_OUT permit 30
!
route-map IPT_OUT deny 10
 match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map IPT_OUT deny 20
 match community LOCAL_IN
!
route-map IPT_OUT permit 30
!
route-map SH_PEERING_IN deny 10
 match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map SH_PEERING_IN permit 20
 match community SH_IPT
 set local-preference 140
 set community 10:111 10:113
!
route-map SH_PEERING_IN permit 30
 match as-path 1
 set local-preference 160
!
route-map SH_PEERING_IN permit 40
 set local-preference 150

R11 Config

interface Loopback1
 ip address 11.11.1.11 255.255.255.0
!
interface Loopback129
 ip address 11.11.129.11 255.255.255.0
!
interface FastEthernet0/0
 ip address 192.168.110.11 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet0/1
 ip address 192.168.119.11 255.255.255.0
 duplex auto
 speed auto
!
router bgp 11
 no synchronization
 bgp log-neighbor-changes
 network 11.11.1.0 mask 255.255.255.0
 network 11.11.129.0 mask 255.255.255.0
 neighbor 192.168.110.10 remote-as 10
 neighbor 192.168.110.10 route-map OUT out
 neighbor 192.168.119.9 remote-as 9
 neighbor 192.168.119.9 route-map OUT out
 no auto-summary
!
ip forward-protocol nd
!
ip bgp-community new-format
ip as-path access-list 1 permit ^$
!
ip http server
no ip http secure-server
!
!
route-map OUT permit 10
 match as-path 1

R12 Config

interface FastEthernet0/0
 ip address 192.168.212.12 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet0/1
 no ip address
 shutdown
 duplex auto
 speed auto
!
router bgp 12
 no synchronization
 bgp log-neighbor-changes
 neighbor 192.168.212.2 remote-as 12
 no auto-summary

R13 Config

interface FastEthernet0/0
 ip address 192.168.138.13 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet0/1
 ip address 192.168.113.13 255.255.255.0
 speed 100
 full-duplex
!
router bgp 13
 no synchronization
 bgp log-neighbor-changes
 neighbor 192.168.113.10 remote-as 10
 neighbor 192.168.138.8 remote-as 8
 no auto-summary

R17 Config

interface Loopback1
 ip address 17.17.1.17 255.255.255.0
!
interface FastEthernet0/0
 ip address 192.168.174.17 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet0/1
 no ip address
 shutdown
 duplex auto
 speed auto
!
router bgp 65535
 no synchronization
 bgp log-neighbor-changes
 network 17.17.1.0 mask 255.255.255.0
 neighbor 192.168.174.4 remote-as 34
 no auto-summary

BGP path manipulation with community tag, local-preference and ...

Physical topology

Layer 3 topology

BGP topology

The objective of this lab is to manipulate the traffic path of R5 going to and from R6 and R7.
If the packet from R5 going to R6, it should go through R5>R4>R1>R6, R6>R1>R4>R5.
If the destination is to R7, R5 could take either R3 or R4, but for the return path, it should take the path R7>R2>R3>R5.

R1 Config

interface Loopback0
 ip address 1.1.1.1 255.255.255.255
!
interface Loopback1
 ip address 1.1.1.11 255.255.255.255
!
interface FastEthernet0/0
 ip address 192.168.134.1 255.255.255.0
!
interface FastEthernet0/1
 ip address 192.168.16.1 255.255.255.0
!
router ospf 1
 log-adjacency-changes
 redistribute connected subnets route-map connected
 network 1.1.1.1 0.0.0.0 area 0
 network 192.168.134.1 0.0.0.0 area 0
!
router bgp 1234
 no synchronization
 bgp log-neighbor-changes
 network 1.1.1.11 mask 255.255.255.255
 neighbor 2.2.2.2 remote-as 1234
 neighbor 2.2.2.2 update-source Loopback0
 neighbor 2.2.2.2 route-map lower-lp in
 neighbor 4.4.4.4 remote-as 1234
 neighbor 4.4.4.4 update-source Loopback0
 neighbor 4.4.4.4 route-reflector-client
 neighbor 4.4.4.4 route-map domestic out
 neighbor 192.168.16.6 remote-as 6
 no auto-summary
!
ip bgp-community new-format
ip community-list standard 1234:5 permit 1234:5
ip as-path access-list 1 deny ^$
ip as-path access-list 1 permit .*
ip as-path access-list 2 permit ^7_
!
route-map domestic permit 10
 match as-path 2
!
route-map domestic deny 20
 match as-path 1
!
route-map domestic permit 100
!
route-map lower-lp permit 10
 match community 1234:5
 set local-preference 200
!
route-map lower-lp permit 100
!
route-map testing permit 10
!
route-map connected permit 10
 match interface FastEthernet0/1

R2 Config

interface Loopback0
 ip address 2.2.2.2 255.255.255.255
!
interface Loopback1
 ip address 2.2.2.21 255.255.255.255
!
interface FastEthernet1/0
 ip address 192.168.27.2 255.255.255.0
!
interface FastEthernet4/1
 switchport access vlan 134
!
interface FastEthernet4/3
 switchport access vlan 134
!
interface FastEthernet4/4
 switchport access vlan 134
!
interface FastEthernet4/5
 switchport access vlan 45
!
interface Vlan134
 ip address 192.168.134.2 255.255.255.0
!
router ospf 1
 log-adjacency-changes
 network 2.2.2.2 0.0.0.0 area 0
 network 192.168.134.2 0.0.0.0 area 0
 default-information originate
!
router bgp 1234
 no synchronization
 bgp log-neighbor-changes
 network 2.2.2.21 mask 255.255.255.255
 neighbor 1.1.1.1 remote-as 1234
 neighbor 1.1.1.1 update-source Loopback0
 neighbor 1.1.1.1 send-community
 neighbor 3.3.3.3 remote-as 1234
 neighbor 3.3.3.3 update-source Loopback0
 neighbor 3.3.3.3 route-reflector-client
 neighbor 3.3.3.3 send-community
 neighbor 192.168.27.7 remote-as 7
 neighbor 192.168.27.7 route-map tag in
 no auto-summary
!
ip route 0.0.0.0 0.0.0.0 1.1.1.1
!
ip bgp-community new-format
!
route-map tag permit 10
 set community 1234:7

R3 Config

interface Loopback0
 ip address 3.3.3.3 255.255.255.255
!
interface Loopback1
 ip address 3.3.3.31 255.255.255.255
!
interface FastEthernet0/0
 ip address 192.168.134.3 255.255.255.0
!
interface FastEthernet0/1
 ip address 192.168.35.3 255.255.255.0
!
router ospf 1
 log-adjacency-changes
 redistribute connected subnets route-map connected
 network 3.3.3.3 0.0.0.0 area 0
 network 192.168.134.3 0.0.0.0 area 0
!
router bgp 1234
 no synchronization
 bgp log-neighbor-changes
 network 3.3.3.31 mask 255.255.255.255
 neighbor 2.2.2.2 remote-as 1234
 neighbor 2.2.2.2 update-source Loopback0
 neighbor 2.2.2.2 send-community
 neighbor 192.168.35.5 remote-as 5
 neighbor 192.168.35.5 route-map lp in
 neighbor 192.168.35.5 route-map domestic+local out
 no auto-summary
!
ip bgp-community new-format
ip community-list standard 1234:7 permit 1234:7
ip as-path access-list 1 permit ^$
!
route-map lp permit 10
 set local-preference 400
 set community 1234:5
!
route-map domestic+local permit 10
 match community 1234:7
!
route-map domestic+local permit 20
 match as-path 1
!
route-map connected permit 10
 match interface FastEthernet0/1

R4 Config

interface Loopback0
 ip address 4.4.4.4 255.255.255.255
!
interface Loopback1
 ip address 4.4.4.41 255.255.255.255
!
interface FastEthernet0/0
 ip address 192.168.45.4 255.255.255.0
!
interface FastEthernet1/0
 ip address 192.168.134.4 255.255.255.0
!
router ospf 1
 log-adjacency-changes
 redistribute connected subnets route-map connected
 network 4.4.4.4 0.0.0.0 area 0
 network 192.168.134.4 0.0.0.0 area 0
!
router bgp 1234
 no synchronization
 bgp log-neighbor-changes
 network 4.4.4.41 mask 255.255.255.255
 neighbor 1.1.1.1 remote-as 1234
 neighbor 1.1.1.1 update-source Loopback0
 neighbor 192.168.45.5 remote-as 5
 neighbor 192.168.45.5 default-originate
 neighbor 192.168.45.5 route-map lp in
 no auto-summary
!
route-map lp permit 10
 set local-preference 300
!
route-map connected permit 10
 match interface FastEthernet0/0

R5 Config

interface Loopback0
 ip address 5.5.5.5 255.255.255.255
!
interface FastEthernet0/0
 ip address 192.168.35.5 255.255.255.0
!
interface FastEthernet1/0
 ip address 192.168.45.5 255.255.255.0
!
router bgp 5
 no synchronization
 bgp log-neighbor-changes
 network 5.5.5.5 mask 255.255.255.255
 neighbor 192.168.35.3 remote-as 1234
 neighbor 192.168.45.4 remote-as 1234
 no auto-summary

R6 Config

interface Loopback0
 ip address 6.6.6.6 255.255.255.255
!
interface FastEthernet0/0
 ip address 192.168.16.6 255.255.255.0
!
router bgp 6
 no synchronization
 bgp log-neighbor-changes
 network 6.6.6.6 mask 255.255.255.255
 neighbor 192.168.16.1 remote-as 1234
 no auto-summary

R7 Config

interface Loopback0
 ip address 7.7.7.7 255.255.255.255
!
interface FastEthernet1/0
 ip address 192.168.27.7 255.255.255.0
!
router bgp 7
 no synchronization
 bgp log-neighbor-changes
 network 7.7.7.7 mask 255.255.255.255
 neighbor 192.168.27.2 remote-as 1234
 no auto-summary

Scenario 1:

Since R4 is not a powerful routing device, it should not have all the bgp updates except local and domestic bgp routes. R4 is the route-reflector-client of R1, by default R4 will receive all bgp updates.
So we need to control on R1 to filter unwanted bgp updates.

R1 configuration

route-map domestic permit 10
match as-path 2
!
route-map domestic deny 20
match as-path 1
!
route-map domestic permit 100
!
ip as-path access-list 1 deny ^$
ip as-path access-list 1 permit .*
ip as-path access-list 2 permit ^7_

Verification

R4#show ip bgp
   Network          Next Hop            Metric LocPrf Weight Path
*>i1.1.1.11/32      1.1.1.1                  0    100      0 i
*>i2.2.2.21/32      2.2.2.2                  0    100      0 i
*>i3.3.3.31/32      3.3.3.3                  0    100      0 i
*> 4.4.4.41/32      0.0.0.0                  0         32768 i
*> 5.5.5.5/32       192.168.45.5             0    300      0 5 i
*>i7.7.7.7/32       192.168.27.7             0    100      0 7 i

Scenario 2:

In order for R4 to reach R6 prefix, R2 will inject default default in OSPF.

R2 configuration

ip route 0.0.0.0 0.0.0.0 1.1.1.1
!
router ospf 1
default-information originate

Verification

R4#show ip route
Gateway of last resort is 192.168.134.2 to network 0.0.0.0

O*E2 0.0.0.0/0 [110/1] via 192.168.134.2, 02:55:26, FastEthernet1/0

Scenarion 3:

R5 should use only R4 if destination is going to International.
So R3 need to filter international routes bgp updates to R5.
Whatever bgp updates received from R7, R2 will tag community tag of 1234:7, so that later on R3 can match that community tag and filter the advertisement to R5 based on the community tag.

R2 configuration

router bgp 1234
neighbor 3.3.3.3 send-community
neighbor 192.168.27.7 route-map tag in
!
route-map tag permit 10
set community 1234:7

R3 configuration

router bgp 1234
neighbor 192.168.35.5 route-map domestic+local out
!
route-map domestic+local permit 10
match community 1234:7
!
route-map domestic+local permit 20
match as-path 1
!
ip community-list standard 1234:7 permit 1234:7
ip as-path access-list 1 permit ^$
*Note: In order to use bgp new community format, we neet to use the command #ip bgp new-format

R3#show ip bgp neighbors 192.168.35.5 advertised-routes

   Network          Next Hop            Metric LocPrf Weight Path
*>i1.1.1.11/32      1.1.1.1                  0    100      0 i
*>i2.2.2.21/32      2.2.2.2                  0    100      0 i
*> 3.3.3.31/32      0.0.0.0                  0         32768 i
*>i4.4.4.41/32      4.4.4.4                  0    100      0 i
*>i7.7.7.7/32       192.168.27.7             0    100      0 7 i

Scenario 4:

For the return packet from R7 to R5 to use the path R7>R2>R3>R5, bgp updates of R5 received from R3 should always be the best on R2. In this case, local-preference of 400 from R3 versus 300 from R4.

R3 configuration

router bgp 1234
neighbor 192.168.35.5 route-map lp in
!
route-map lp permit 10
set local-preference 400
R4 configuration

router bgp 1234
neighbor 192.168.45.5 route-map lp in
!
route-map lp permit 10
set local-preference 400

Verification

R2#show ip bgp 5.5.5.5
BGP routing table entry for 5.5.5.5/32, version 5
Paths: (2 available, best #2, table Default-IP-Routing-Table)
  Advertised to update-groups:
     1          3
  5
    192.168.45.5 (metric 20) from 1.1.1.1 (1.1.1.1)
      Origin IGP, metric 0, localpref 300, valid, internal
      Originator: 4.4.4.4, Cluster list: 1.1.1.1
  5, (Received from a RR-client)
    192.168.35.5 (metric 20) from 3.3.3.3 (3.3.3.3)
      Origin IGP, metric 0, localpref 400, valid, internal, best
      Community: 1234:5

Scenarion 4:

Up to this point, R1 also use R3 as the prefer exit if the pacet is coming from R6 towards R5 due to the higher local preference of 400 from R3 compared to 300 from R4.
We need a way to configure not to prefer R3 as the prefer exit in order to fulfill the requirement of taking the path R7>R1>R4>R5.
So whatever routes R3 learns from R5, we will tag the community 1234:5 to the bgp updates, so that when the updates reach R1, R1 will match those bgp updates based on community tag 1234:5 and lower the original local-preference value to 200 becoming not a better value comparing with 300 from R4.

R3 configuration

router bgp 1234
neighbor 2.2.2.2 send-community
neighbor 192.168.35.5 route-map lp in
!
route-map lp permit 10
set local-preference 400
set community 1234:5

R2 configuration

router bgp 1234
neighbor 1.1.1.1 send-community

R1 configuration

router bgp 1234
neighbor 2.2.2.2 route-map lower-lp in
!
route-map lower-lp permit 10
match community 1234:5
set local-preference 200
!
route-map lower-lp permit 100
!
ip community-list standard 1234:5 permit 1234:5

Verification

R1#show ip bgp 5.5.5.5
BGP routing table entry for 5.5.5.5/32, version 32
Paths: (2 available, best #2, table Default-IP-Routing-Table)
  Advertised to update-groups:
     1          2
  5
    192.168.35.5 (metric 20) from 2.2.2.2 (2.2.2.21)
      Origin IGP, metric 0, localpref 200, valid, internal
      Community: 1234:5
      Originator: 3.3.3.3, Cluster list: 2.2.2.21
  5, (Received from a RR-client)
    192.168.45.5 (metric 20) from 4.4.4.4 (4.4.4.4)
      Origin IGP, metric 0, localpref 300, valid, internal, best

IPv6 Tunnels

Automatic 6to4 Tunnel

Tunnel format

2002(16 bits) + IPv4 address(32 bits) + Subnet(16 bits) + Interface ID(64 bits)

First 16 bits of 6to4 tunnel always starts with 2002.
Tunnel is point-to-multipoint in nature.
IPv4 address bits are written in HEX value here, for example, 1.1.1.1 = 0101:0101
When routed a packet through the tunnel, router looks at the IPv4 bits portion and forwards to the appropriate destination router.

R1 Config

interface Loopback0
 ip address 1.1.1.1 255.255.255.255
 ipv6 address 2002:101:101:1::1/64
!
interface Tunnel0
 ipv6 address 2002:101:101::1/64
 tunnel source Loopback0
 tunnel mode ipv6ip 6to4
!
interface FastEthernet0/0
 ip address 192.168.12.1 255.255.255.0
!
router ospf 1
 log-adjacency-changes
 network 1.1.1.1 0.0.0.0 area 0
 network 192.168.12.1 0.0.0.0 area 0
!
ipv6 route 2002::/16 Tunnel0

R2 Config

interface Loopback0
 ip address 2.2.2.2 255.255.255.255
!
interface FastEthernet0/0
 ip address 192.168.12.2 255.255.255.0
!
interface FastEthernet0/1
 ip address 192.168.23.2 255.255.255.0
!
router ospf 1
 log-adjacency-changes
 network 2.2.2.2 0.0.0.0 area 0
 network 192.168.12.2 0.0.0.0 area 0
 network 192.168.23.2 0.0.0.0 area 0

R3 Config

interface Loopback0
 ip address 3.3.3.3 255.255.255.255
 ipv6 address 2002:303:303:3::3/64
!
interface Tunnel0
 ipv6 address 2002:303:303::3/64
 tunnel source Loopback0
 tunnel mode ipv6ip 6to4
!
interface FastEthernet0/0
 ip address 192.168.23.3 255.255.255.0
!
router ospf 1
 log-adjacency-changes
 network 3.3.3.3 0.0.0.0 area 0
 network 192.168.23.3 0.0.0.0 area 0
!
ipv6 route 2002::/16 Tunnel0

Verification

R1#show ipv6 route

S   2002::/16 [1/0]
     via ::, Tunnel0
C   2002:101:101::/64 [0/0]
     via ::, Tunnel0
L   2002:101:101::1/128 [0/0]
     via ::, Tunnel0
C   2002:101:101:1::/64 [0/0]
     via ::, Loopback0
L   2002:101:101:1::1/128 [0/0]
     via ::, Loopback0
L   FE80::/10 [0/0]
     via ::, Null0
L   FF00::/8 [0/0]
     via ::, Null0

R1#ping 2002:0303:0303:3::3 source loopback 0
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 32/43/60 ms


-----------------------------------------------------------------------------------------------------

ISATAP Tunnel

Tunnel format

Prefix ID(64 bits) + 0000(16 bits) + 5EFE + IPv4 address(32 bits)

R1 Config

interface Loopback1
 ipv6 address 2001:1::1/64
!
interface Tunnel1
 no ip address
 no ip redirects
 ipv6 address 2001:13::/64 eui-64
 tunnel source Loopback0
 tunnel mode ipv6ip isatap
!
ipv6 route 2001:3::/64 2001:13::5EFE:303:303


R3 Config

interface Loopback1
 ipv6 address 2001:3::3/64
!
interface Tunnel1
 no ip address
 no ip redirects
 ipv6 address 2001:13::/64 eui-64
 tunnel source Loopback0
 tunnel mode ipv6ip isatap
!
ipv6 route 2001:1::/64 2001:13::5EFE:101:101

Verification


R1#show ipv6 interface brief | in Tunnel1

  Tunnel1                    [up/up]
    FE80::5EFE:101:101
    2001:13::5EFE:101:101


R3#show ipv6 interface brief | in Tunnel1

Tunnel1                    [up/up]
    FE80::5EFE:303:303
    2001:13::5EFE:303:303


R1#show ipv6 route | in 2001:3

S   2001:3::/64 [1/0]
     via 2001:13::5EFE:303:303

R1#ping 2001:3::3 source loopback 1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 24/36/48 ms

QinQ Tunneling

2811 Config

interface FastEthernet0/1.400
 encapsulation dot1Q 1400 second-dot1q 400
 ip address 172.16.40.1 255.255.255.0
!
interface FastEthernet0/1.401
 encapsulation dot1Q 1400 second-dot1q 401
 ip address 172.16.41.1 255.255.255.0
!
interface FastEthernet0/1.402
 encapsulation dot1Q 1400 second-dot1q 402
 ip address 172.16.42.1 255.255.255.0

3750 Config

interface FastEthernet3/0/48
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 1400
 switchport mode trunk
 speed 100
 duplex full
!
interface GigabitEthernet3/0/3
 switchport access vlan 1400
 switchport mode dot1q-tunnel
 speed nonegotiate
 mls qos trust ip-precedence
 no cdp enable
 spanning-tree bpdufilter enable

3560 Config

interface GigabitEthernet0/28
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 400-402
 switchport mode trunk
 speed nonegotiate
end
!
interface Vlan400
 ip address 172.16.40.2 255.255.255.0
!
interface Vlan401
 ip address 172.16.41.2 255.255.255.0
!
interface Vlan402
 ip address 172.16.42.2 255.255.255.0

Verification

3750#show dot1q-tunnel
dot1q-tunnel mode LAN Port(s)
-----------------------------
Gi3/0/3

3750#show spanning-tree vlan 1400
VLAN1400
  Spanning tree enabled protocol ieee
  Root ID    Priority    34368
             Address     0022.be7a.8480
             This bridge is the root
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
  Bridge ID  Priority    34368  (priority 32768 sys-id-ext 1400)
             Address     0022.be7a.8480
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time 300
Interface        Role Sts Cost      Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Gi3/0/3          Desg FWD 4         128.135  P2p
Fa3/0/48         Desg FWD 19        128.160  P2p

3560#ping 172.16.40.1
!!!!!

c3560#ping 172.16.41.1
!!!!!

c3560#ping 172.16.42.1
!!!!!

IPv6 routing with RIPng, OSPFv3 and BGP(all routers configuration)

 

R1 Config

ipv6 unicast-routing
!
interface FastEthernet0/0
 ipv6 address 2001:12::1/64
 ipv6 ospf 1 area 0
!
interface FastEthernet0/1
 ipv6 address 2001:13::1/64
 ipv6 ospf 1 area 13
!
ipv6 route 2001:1::1/128 Null0
!
ipv6 router ospf 1
 router-id 1.1.1.1
 log-adjacency-changes
 summary-prefix 2001:1::/64
 redistribute static

R2 Config

ipv6 unicast-routing
!
interface Loopback0
 ipv6 address 2001:2::2/128
 ipv6 ospf 1 area 0
!
interface FastEthernet0/0
 ipv6 address 2001:12::2/64
 ipv6 ospf 1 area 0
!
interface FastEthernet0/1
 ipv6 address 2001:24::2/64
 ipv6 ospf 1 area 24
!
ipv6 router ospf 1
 router-id 2.2.2.2
 log-adjacency-changes
 area 24 range 2001:4::/64

R3 Config

ipv6 unicast-routing
!
interface Loopback0
 ipv6 address 2001:3::3/128
 ipv6 ospf 1 area 13
!
interface FastEthernet0/0
 ipv6 address 2001:13::3/64
 ipv6 ospf 1 area 13
!
interface FastEthernet0/1
 ipv6 address 2001:35::3/64
 ipv6 rip 35 enable
!
ipv6 router ospf 1
 router-id 3.3.3.3
 log-adjacency-changes
 redistribute rip 35 tag 120 include-connected
!
ipv6 router rip 35
 distribute-list prefix-list R4-NETWORK out
 redistribute ospf 1 metric 1 route-map TO-RIP
!
ipv6 prefix-list R4-NETWORK seq 5 deny 2001:4::/64
ipv6 prefix-list R4-NETWORK seq 10 permit ::/0 le 128
!
route-map TO-RIP permit 10
 match tag 6
!
route-map TO-RIP deny 20
 match route-type external
!
route-map TO-RIP permit 100

R4 Config

ipv6 unicast-routing
!
interface Loopback0
 ipv6 address 2001:4::4/128
 ipv6 ospf 1 area 24
!
interface FastEthernet0/0
 ipv6 address 2001:24::4/64
 ipv6 ospf 1 area 24
!
interface FastEthernet0/1
 ipv6 address 2001:46::4/64
!
router bgp 1
 no synchronization
 bgp router-id 4.4.4.4
 bgp log-neighbor-changes
 neighbor 2001:46::6 remote-as 6
 no neighbor 2001:46::6 activate
 no auto-summary
 !
 address-family ipv6
  neighbor 2001:46::6 activate
  redistribute ospf 1 match external 1 external 2 route-map TO-BGP
  no synchronization
 exit-address-family
!
ipv6 router ospf 1
 router-id 4.4.4.4
 log-adjacency-changes
 redistribute bgp 1 route-map FROM-BGP
!
ipv6 prefix-list FROM-BGP seq 5 permit 2001:6::/57
!
route-map TO-BGP permit 10
 match tag 120
!
route-map FROM-BGP permit 10
 match ipv6 address prefix-list FROM-BGP
 set tag 6

R5 Config

ipv6 unicast-routing
!
interface Loopback0
 ipv6 address 2001:5::5/128
 ipv6 rip 35 enable
!
interface FastEthernet0/0
 ipv6 address 2001:35::5/64
 ipv6 rip 35 enable
!
ipv6 router rip 35

R6 Config

ipv6 unicast-routing
!
interface Loopback0
 ipv6 address 2001:6:0:6::6/64
!
interface Loopback1
 ipv6 address 2001:6:0:60::6/58
!
interface FastEthernet0/0
 ipv6 address 2001:46::6/64
!
router bgp 6
 no synchronization
 bgp router-id 6.6.6.6
 bgp log-neighbor-changes
 neighbor 2001:46::4 remote-as 1
 no neighbor 2001:46::4 activate
 no auto-summary
 !
 address-family ipv6
  neighbor 2001:46::4 activate
  network 2001:6:0:6::/64
  network 2001:6:0:60::/58
  aggregate-address 2001:6::/57 summary-only
 exit-address-family

OSPFv3 section

R1 Config

ipv6 unicast-routing
!
interface FastEthernet0/0
 ipv6 address 2001:12::1/64
 ipv6 ospf 1 area 0
!
interface FastEthernet0/1
 ipv6 address 2001:13::1/64
 ipv6 ospf 1 area 13
!
ipv6 route 2001:1::1/128 Null0
!
ipv6 router ospf 1
 router-id 1.1.1.1
 log-adjacency-changes
 summary-prefix 2001:1::/64
 redistribute static

R2 Config

ipv6 unicast-routing
!
interface Loopback0
 ipv6 address 2001:2::2/128
 ipv6 ospf 1 area 0
!
interface FastEthernet0/0
 ipv6 address 2001:12::2/64
 ipv6 ospf 1 area 0
!
interface FastEthernet0/1
 ipv6 address 2001:24::2/64
 ipv6 ospf 1 area 24
!
ipv6 router ospf 1
 router-id 2.2.2.2
 log-adjacency-changes
 area 24 range 2001:4::/64

R3 Config

ipv6 unicast-routing
!
interface Loopback0
 ipv6 address 2001:3::3/128
 ipv6 ospf 1 area 13
!
interface FastEthernet0/0
 ipv6 address 2001:13::3/64
 ipv6 ospf 1 area 13
!
ipv6 router ospf 1
 router-id 3.3.3.3

R4 Config

ipv6 unicast-routing
!
interface Loopback0
 ipv6 address 2001:4::4/128
 ipv6 ospf 1 area 24
!
interface FastEthernet0/0
 ipv6 address 2001:24::4/64
 ipv6 ospf 1 area 24
!
ipv6 router ospf 1
 router-id 4.4.4.4
 log-adjacency-changes

Verification

R1#show ipv6 route ospf

O   2001:1::/64 [110/0]
     via ::, Null0
O   2001:2::2/128 [110/10]
     via FE80::C603:AFF:FE64:0, FastEthernet0/0
O   2001:3::3/128 [110/10]
     via FE80::C605:CFF:FED4:0, FastEthernet0/1
OI  2001:4::/64 [110/20]
     via FE80::C603:AFF:FE64:0, FastEthernet0/0
OI  2001:24::/64 [110/20]
     via FE80::C603:AFF:FE64:0, FastEthernet0/0

R2#show ipv6 route ospf

OE2  2001:1::/64 [110/20]
     via FE80::C602:AFF:FE64:0, FastEthernet0/0
OI  2001:3::3/128 [110/20]
     via FE80::C602:AFF:FE64:0, FastEthernet0/0
O   2001:4::/64 [110/0]
     via ::, Null0
O   2001:4::4/128 [110/10]
     via FE80::C604:CFF:FED4:0, FastEthernet0/1
OI  2001:13::/64 [110/20]
     via FE80::C602:AFF:FE64:0, FastEthernet0/0

R3#show ipv6 route ospf

OE2  2001:1::/64 [110/20]
     via FE80::C602:AFF:FE64:1, FastEthernet0/0
OI  2001:2::2/128 [110/20]
     via FE80::C602:AFF:FE64:1, FastEthernet0/0
OI  2001:4::/64 [110/30]
     via FE80::C602:AFF:FE64:1, FastEthernet0/0
OI  2001:12::/64 [110/20]
     via FE80::C602:AFF:FE64:1, FastEthernet0/0
OI  2001:24::/64 [110/30]
     via FE80::C602:AFF:FE64:1, FastEthernet0/0

R4#show ipv6 route ospf

OE2  2001:1::/64 [110/20]
     via FE80::C603:AFF:FE64:1, FastEthernet0/0
OI  2001:2::2/128 [110/10]
     via FE80::C603:AFF:FE64:1, FastEthernet0/0
OI  2001:3::3/128 [110/30]
     via FE80::C603:AFF:FE64:1, FastEthernet0/0
OI  2001:12::/64 [110/20]
     via FE80::C603:AFF:FE64:1, FastEthernet0/0
OI  2001:13::/64 [110/30]
     via FE80::C603:AFF:FE64:1, FastEthernet0/0

RIPng Section

R3 Config

ipv6 unicast-routing
!
interface FastEthernet0/1
 ipv6 address 2001:35::3/64
 ipv6 rip 35 enable
!
ipv6 router rip 35

R5 Config

ipv6 unicast-routing
!
interface Loopback0
 ipv6 address 2001:5::5/128
 ipv6 rip 35 enable
!
interface FastEthernet0/0
 ipv6 address 2001:35::5/64
 ipv6 rip 35 enable
!
ipv6 router rip 35

Verification

R3#show ipv6 route rip

R   2001:5::5/128 [120/2]
     via FE80::C600:4FF:FE80:0, FastEthernet0/1

IPv6 BGP section(route advertising and aggregation)

R4 Config

 ipv6 unicast-routing
!
interface FastEthernet0/1
 ipv6 address 2001:46::4/64
!
router bgp 1
 no synchronization
 bgp router-id 4.4.4.4
 bgp log-neighbor-changes
 neighbor 2001:46::6 remote-as 6
 no neighbor 2001:46::6 activate
 no auto-summary
 !
 address-family ipv6
  neighbor 2001:46::6 activate
  no synchronization
 exit-address-family

R6 Config

ipv6 unicast-routing
!
interface Loopback0
 ipv6 address 2001:6:0:6::6/64
!
interface Loopback1
 ipv6 address 2001:6:0:60::6/58
!
interface FastEthernet0/0
 ipv6 address 2001:46::6/64
!
router bgp 6
 no synchronization
 bgp router-id 6.6.6.6
 bgp log-neighbor-changes
 neighbor 2001:46::4 remote-as 1
 no neighbor 2001:46::4 activate
 no auto-summary
 !
 address-family ipv6
  neighbor 2001:46::4 activate
  network 2001:6:0:6::/64
  network 2001:6:0:60::/58
  aggregate-address 2001:6::/57 summary-only
 exit-address-family


Verification


R6 is advertising 2001:6:0:6::/64 and 2001:6:0:60::/58.
But those prefixes are suppressed when aggregate with 2001:6:0:60::/57 since those are fall with the aggregate prefix.

R4#show bgp ipv6 unicast

   Network          Next Hop            Metric LocPrf Weight Path
*> 2001:6::/57      2001:46::6               0             0 6 i

R6#show bgp ipv6 unicast

   Network          Next Hop            Metric LocPrf Weight Path
*> 2001:6::/57      ::                                 32768 i
s> 2001:6:0:6::/64  ::                       0         32768 i
s> 2001:6:0:60::/58 ::                       0         32768 i

Redistribution into OSPFv3 section

R1 Config

ipv6 router ospf 1
 router-id 1.1.1.1
 log-adjacency-changes
 summary-prefix 2001:1::/64
 redistribute static
 !
 ipv6 route 2001:1::1/128 Null0

R3 Config

ipv6 router ospf 1
 router-id 3.3.3.3
 log-adjacency-changes
 redistribute rip 35 tag 120 include-connected

R4 Config

ipv6 router ospf 1
 router-id 4.4.4.4
 log-adjacency-changes
 redistribute bgp 1 route-map FROM-BGP
!
route-map FROM-BGP permit 10
 match ipv6 address prefix-list FROM-BGP
 set tag 6
!
ipv6 prefix-list FROM-BGP seq 5 permit 2001:6::/57

Verification

R2#show ipv6 route ospf

OE2  2001:1::/64 [110/20]
     via FE80::C602:2CFF:FE20:0, FastEthernet0/0
OI  2001:3::3/128 [110/20]
     via FE80::C602:2CFF:FE20:0, FastEthernet0/0
O   2001:4::4/128 [110/10]
     via FE80::C604:27FF:FE28:0, FastEthernet0/1
OE2  2001:5::5/128 [110/20], tag 120
     via FE80::C602:2CFF:FE20:0, FastEthernet0/0
OE2  2001:6::/57 [110/1], tag 6
     via FE80::C604:27FF:FE28:0, FastEthernet0/1
OI  2001:13::/64 [110/20]
     via FE80::C602:2CFF:FE20:0, FastEthernet0/0
OE2  2001:35::/64 [110/20], tag 120
     via FE80::C602:2CFF:FE20:0, FastEthernet0/0

Redistribution into RIPng section

R3 Config

ipv6 router rip 35
 distribute-list prefix-list R4-NETWORK out
 redistribute ospf 1 metric 1 route-map TO-RIP
!
ipv6 prefix-list R4-NETWORK seq 5 deny 2001:4::/64
ipv6 prefix-list R4-NETWORK seq 10 permit ::/0 le 128
!
route-map TO-RIP permit 10
 match tag 6
!
route-map TO-RIP deny 20
 match route-type external

Verification

R5#show ipv6 route rip

R   2001:2::2/128 [120/2]
     via FE80::C605:27FF:FE28:1, FastEthernet0/0
R   2001:6::/57 [120/2], tag 6
     via FE80::C605:27FF:FE28:1, FastEthernet0/0
R   2001:12::/64 [120/2]
     via FE80::C605:27FF:FE28:1, FastEthernet0/0
R   2001:24::/64 [120/2]
     via FE80::C605:27FF:FE28:1, FastEthernet0/0

Redistribution into BGP section

R4 Config

router bgp 1
 bgp router-id 4.4.4.4
 bgp log-neighbor-changes
 neighbor 2001:46::6 remote-as 6
 !
 address-family ipv6
  neighbor 2001:46::6 activate
  redistribute ospf 1 match external 1 external 2 route-map TO-BGP
  no synchronization
 exit-address-family
!
route-map TO-BGP permit 10
 match tag 120

Verification

 R6#show bgp ipv6 unicast

   Network          Next Hop            Metric LocPrf Weight Path
*> 2001:5::5/128    2001:46::4              20             0 1 ?
*> 2001:6::/57      ::                                 32768 i
s> 2001:6:0:6::/64  ::                       0         32768 i
s> 2001:6:0:60::/58 ::                       0         32768 i
*> 2001:35::/64     2001:46::4              20             0 1 ?

IPv6 Routing with OSPFv3(Summarization and virtual-link)

In this lab, R4 will announce 2001:4::4/128 prefix into area 24.
When the advertisment reach ABR(R2) of area 24, R2 will summarize it into /64.
Likewise, R1 is also redistributing 2001:1::1/128 route into OSPF domain, since R1 is the ASBR itself, we can summarize it on R1. In this case, we will summarize it into /64.
R3 is not connecting to backbone area, R3 is announcing 2001::3/128 into area 3. The advertisement cannot reach to the rest of the OSPF domain.
In order to reach every other routers, R3 needs to be connected to backbone area which is area 0, so we will build virtual link between R1 and R3 to extend the backbone area to R3.

R1 Config

ipv6 unicast-routing
!
interface FastEthernet0/0
 ipv6 address 2001:12::1/64
 ipv6 ospf 1 area 0
!
interface FastEthernet0/1
 ipv6 address 2001:13::1/64
 ipv6 ospf 1 area 13
!
ipv6 route 2001:1::1/128 Null0
ipv6 router ospf 1
 router-id 1.1.1.1
 log-adjacency-changes
 area 13 virtual-link 3.3.3.3
 summary-prefix 2001:1::/64
 redistribute static
R2 Config

ipv6 unicast-routing
!
interface FastEthernet0/0
 ipv6 address 2001:12::2/64
 ipv6 ospf 1 area 0
!
interface FastEthernet0/1
 ipv6 address 2001:24::2/64
 ipv6 ospf 1 area 24
!
ipv6 router ospf 1
 router-id 2.2.2.2
 log-adjacency-changes
 area 24 range 2001:4::/64
R3 Config

ipv6 unicast-routing
!
interface Loopback0
 ipv6 address 2001::3/128
 ipv6 ospf 1 area 3
!
interface FastEthernet0/0
 ipv6 address 2001:13::3/64
 ipv6 ospf 1 area 13
!
ipv6 router ospf 1
 router-id 3.3.3.3
 log-adjacency-changes
 area 13 virtual-link 1.1.1.1
 redistribute static

R4 Config

ipv6 unicast-routing
!
interface Loopback0
 ipv6 address 2001:4::4/128
 ipv6 ospf 1 area 24
!
interface FastEthernet0/0
 ipv6 address 2001:24::4/64
 ipv6 ospf 1 area 24
!
ipv6 router ospf 1
 router-id 4.4.4.4

Verification

R1#show ipv6 route ospf
IPv6 Routing Table - 11 entries
O   2001::3/128 [110/10]
     via FE80::C602:11FF:FE5C:0, FastEthernet0/1
O   2001:1::/64 [110/0]
     via ::, Null0
OI  2001:4::/64 [110/20]
     via FE80::C601:1EFF:FE74:0, FastEthernet0/0
OI  2001:24::/64 [110/20]
     via FE80::C601:1EFF:FE74:0, FastEthernet0/0

R2#show ipv6 route ospf
OI  2001::3/128 [110/20]
     via FE80::C600:1EFF:FE74:0, FastEthernet0/0
OE2  2001:1::/64 [110/20]
     via FE80::C600:1EFF:FE74:0, FastEthernet0/0
O   2001:4::/64 [110/0]
     via ::, Null0
O   2001:4::4/128 [110/10]
     via FE80::C603:11FF:FE5C:0, FastEthernet0/1
OI  2001:12::1/128 [110/10]
     via FE80::C600:1EFF:FE74:0, FastEthernet0/0
OI  2001:13::/64 [110/20]
     via FE80::C600:1EFF:FE74:0, FastEthernet0/0

R3#show ipv6 route ospf
OE2  2001:1::/64 [110/20]
     via FE80::C600:1EFF:FE74:1, FastEthernet0/0
OI  2001:4::/64 [110/30]
     via FE80::C600:1EFF:FE74:1, FastEthernet0/0
O   2001:12::/64 [110/20]
     via FE80::C600:1EFF:FE74:1, FastEthernet0/0
O   2001:12::1/128 [110/10]
     via FE80::C600:1EFF:FE74:1, FastEthernet0/0
OI  2001:24::/64 [110/30]
     via FE80::C600:1EFF:FE74:1, FastEthernet0/0

R4#show ipv6 route ospf
OI  2001::3/128 [110/30]
     via FE80::C601:1EFF:FE74:1, FastEthernet0/0
OE2  2001:1::/64 [110/20]
     via FE80::C601:1EFF:FE74:1, FastEthernet0/0
OI  2001:12::/64 [110/20]
     via FE80::C601:1EFF:FE74:1, FastEthernet0/0
OI  2001:12::1/128 [110/20]
     via FE80::C601:1EFF:FE74:1, FastEthernet0/0
OI  2001:13::/64 [110/30]
     via FE80::C601:1EFF:FE74:1, FastEthernet0/0

ISP Connectioin Overview and Configuration of all Nodes

R1 Config

ip vrf one
 rd 1:1
 route-target export 1:1
 route-target import 1:1
!
interface Loopback0
 ip address 1.1.1.1 255.255.255.255
!
interface FastEthernet1/0
 ip address 192.168.12.1 255.255.255.0
 mpls ip
!
interface FastEthernet2/0
 ip vrf forwarding one
 ip address 192.168.14.1 255.255.255.0
 mpls ip
!
router ospf 2 vrf one
 log-adjacency-changes
 redistribute bgp 1 subnets
 network 192.168.14.1 0.0.0.0 area 0
!
router ospf 1
 log-adjacency-changes
 network 1.1.1.1 0.0.0.0 area 0
 network 192.168.12.1 0.0.0.0 area 0
 network 192.168.13.1 0.0.0.0 area 0
 mpls traffic-eng router-id Loopback0
 mpls traffic-eng area 0
!
router bgp 1
 no bgp default ipv4-unicast
 bgp log-neighbor-changes
 neighbor 3.3.3.3 remote-as 1
 neighbor 3.3.3.3 update-source Loopback0
 !
 address-family ipv4
  no synchronization
  no auto-summary
 exit-address-family
 !
 address-family vpnv4
  neighbor 3.3.3.3 activate
  neighbor 3.3.3.3 send-community extended
 exit-address-family
 !
 address-family ipv4 vrf one
  no synchronization
  redistribute ospf 2 vrf one
 exit-address-family

R2 Config

interface Loopback0
 ip address 2.2.2.2 255.255.255.255
!
interface FastEthernet0/0
 ip address 192.168.12.2 255.255.255.0
 mpls ip
!
interface FastEthernet0/1
 ip address 192.168.23.2 255.255.255.0
 mpls ip
!
router ospf 1
 log-adjacency-changes
 network 2.2.2.2 0.0.0.0 area 0
 network 192.168.12.2 0.0.0.0 area 0
 network 192.168.23.2 0.0.0.0 area 0

R3 Config

ip vrf one
 rd 1:1
 route-target export 1:1
 route-target import 1:1
!
interface Loopback0
 ip address 3.3.3.3 255.255.255.255
!
interface FastEthernet1/1
 ip address 192.168.23.3 255.255.255.0
 speed auto
 duplex auto
 mpls ip
!
interface FastEthernet2/0
 ip vrf forwarding one
 ip address 192.168.36.3 255.255.255.0
 mpls bgp forwarding
!
router ospf 1
 log-adjacency-changes
 network 3.3.3.3 0.0.0.0 area 0
 network 192.168.13.3 0.0.0.0 area 0
 network 192.168.23.3 0.0.0.0 area 0
 mpls traffic-eng router-id Loopback0
 mpls traffic-eng area 0
!
router bgp 1
 no bgp default ipv4-unicast
 bgp log-neighbor-changes
 neighbor 1.1.1.1 remote-as 1
 neighbor 1.1.1.1 update-source Loopback0
 !
 address-family ipv4
  no synchronization
  no auto-summary
 exit-address-family
 !
 address-family vpnv4
  neighbor 1.1.1.1 activate
  neighbor 1.1.1.1 send-community extended
 exit-address-family
 !
 address-family ipv4 vrf one
  no synchronization
  neighbor 192.168.36.6 remote-as 2
  neighbor 192.168.36.6 activate
  neighbor 192.168.36.6 send-label
 exit-address-family

R4 Config

interface Loopback0
 ip address 4.4.4.4 255.255.255.255
!
interface FastEthernet0/0
 ip address 192.168.14.4 255.255.255.0
 mpls ip
!
interface FastEthernet0/1
 ip address 192.168.45.4 255.255.255.0
 mpls ip
!
router ospf 1
 log-adjacency-changes
 network 4.4.4.4 0.0.0.0 area 0
 network 192.168.14.4 0.0.0.0 area 0
 network 192.168.45.4 0.0.0.0 area 0

R5 Config

ip vrf two
 rd 2:2
 route-target export 2:2
 route-target import 2:2
!
pseudowire-class AS3-AS4
 encapsulation mpls
!
interface Loopback0
 ip address 5.5.5.5 255.255.255.255
!
interface FastEthernet1/0
 ip address 192.168.45.5 255.255.255.0
 mpls ip
!
interface FastEthernet1/1
 xconnect 7.7.7.7 34 pw-class AS3-AS4
!
interface FastEthernet2/0
 ip vrf forwarding two
 ip address 192.168.155.5 255.255.255.0
!
router ospf 1
 log-adjacency-changes
 network 5.5.5.5 0.0.0.0 area 0
 network 192.168.45.5 0.0.0.0 area 0
!
router bgp 2
 no bgp default ipv4-unicast
 bgp log-neighbor-changes
 neighbor 7.7.7.7 remote-as 2
 neighbor 7.7.7.7 update-source Loopback0
 !
 address-family ipv4
  no synchronization
  no auto-summary
 exit-address-family
 !
 address-family vpnv4
  neighbor 7.7.7.7 activate
  neighbor 7.7.7.7 send-community extended
 exit-address-family
 !
 address-family ipv4 vrf two
  no synchronization
  redistribute connected
  redistribute static
 exit-address-family
!
ip route vrf two 15.15.15.15 255.255.255.255 192.168.155.15

R6 Config

interface Loopback0
 ip address 6.6.6.6 255.255.255.255
!
interface FastEthernet0/0
 ip address 192.168.36.6 255.255.255.0
!
interface FastEthernet0/1
 ip address 192.168.67.6 255.255.255.0
 mpls ip
!
router ospf 1
 log-adjacency-changes
 redistribute bgp 2 subnets route-map AS2LOOPBACKS
 network 6.6.6.6 0.0.0.0 area 0
 network 192.168.67.6 0.0.0.0 area 0
!
router bgp 2
 bgp log-neighbor-changes
 neighbor 192.168.36.3 remote-as 1
 !
 address-family ipv4
  redistribute ospf 1 route-map AS2LOOPBACKS
  neighbor 192.168.36.3 activate
  neighbor 192.168.36.3 send-label
  no auto-summary
  no synchronization
 exit-address-family
!
ip prefix-list AS2LOOPBACKS seq 5 permit 4.4.4.4/32
ip prefix-list AS2LOOPBACKS seq 10 permit 5.5.5.5/32
ip prefix-list AS2LOOPBACKS seq 15 permit 6.6.6.6/32
ip prefix-list AS2LOOPBACKS seq 20 permit 7.7.7.7/32
!
route-map AS2LOOPBACKS permit 10
 match ip address prefix-list AS2LOOPBACKS

R7 Config

ip vrf two
 rd 2:2
 route-target export 2:2
 route-target import 2:2
!
pseudowire-class AS3-AS4
 encapsulation mpls
!
interface Loopback0
 ip address 7.7.7.7 255.255.255.255
!
interface FastEthernet1/0
 ip address 192.168.67.7 255.255.255.0
 mpls ip
!
interface FastEthernet1/1
 xconnect 5.5.5.5 34 pw-class AS3-AS4
!
interface FastEthernet2/0
 ip vrf forwarding two
 ip address 192.168.167.7 255.255.255.0
!
router ospf 1
 log-adjacency-changes
 network 7.7.7.7 0.0.0.0 area 0
 network 192.168.67.7 0.0.0.0 area 0
!
router bgp 2
 no bgp default ipv4-unicast
 bgp log-neighbor-changes
 neighbor 5.5.5.5 remote-as 2
 neighbor 5.5.5.5 update-source Loopback0
 !
 address-family ipv4
  no synchronization
  no auto-summary
 exit-address-family
 !
 address-family vpnv4
  neighbor 5.5.5.5 activate
  neighbor 5.5.5.5 send-community extended
 exit-address-family
 !
 address-family ipv4 vrf two
  no synchronization
  redistribute connected
  redistribute static
 exit-address-family
!
ip route vrf two 16.16.16.16 255.255.255.255 192.168.167.16

R8 Config

ip vrf 34
 rd 34:34
 route-target export 34:34
 route-target import 34:34
!
interface Loopback0
 ip address 8.8.8.8 255.255.255.255
!
interface Loopback1
 ip address 8.8.8.81 255.255.255.255
!
interface Tunnel0
 ip address 3.4.34.8 255.255.255.0
 mpls bgp forwarding
 tunnel source Loopback1
 tunnel destination 10.10.10.11
!
interface FastEthernet1/0
 ip address 192.168.89.8 255.255.255.0
 mpls ip
!
interface FastEthernet1/1
 ip address 192.168.128.8 255.255.255.0
!
interface FastEthernet2/0
 ip vrf forwarding 34
 ip address 192.168.138.8 255.255.255.0
!
router ospf 1
 log-adjacency-changes
 network 8.8.8.8 0.0.0.0 area 0
 network 192.168.89.8 0.0.0.0 area 0
!
router bgp 3
 bgp log-neighbor-changes
 neighbor 3.4.34.10 remote-as 4
 neighbor 10.10.10.10 remote-as 4
 neighbor 10.10.10.10 ebgp-multihop 4
 neighbor 10.10.10.10 update-source Loopback0
 neighbor 192.168.128.12 remote-as 12
 !
 address-family ipv4
  no synchronization
  network 8.8.8.81 mask 255.255.255.255
  no neighbor 3.4.34.10 activate
  no neighbor 10.10.10.10 activate
  neighbor 192.168.128.12 activate
  no auto-summary
 exit-address-family
 !
 address-family vpnv4
  neighbor 3.4.34.10 activate
  neighbor 3.4.34.10 send-community extended
  neighbor 10.10.10.10 activate
  neighbor 10.10.10.10 send-community extended
  neighbor 10.10.10.10 route-map LOCAL-PREFERENCE-200 in
 exit-address-family
 !
 address-family ipv4 vrf 34
  no synchronization
  redistribute connected
  redistribute static
 exit-address-family
!
ip route vrf 34 13.13.13.13 255.255.255.255 192.168.138.13
!
route-map LOCAL-PREFERENCE-200 permit 10
 set local-preference 200
!
mpls ldp router-id Loopback0 force

R9 Config

interface Loopback0
 ip address 9.9.9.9 255.255.255.255
!
interface FastEthernet0/0
 ip address 192.168.119.9 255.255.255.0
!
interface FastEthernet0/1
 ip address 192.168.89.9 255.255.255.0
 mpls ip
!
router ospf 1
 log-adjacency-changes
 redistribute bgp 3 subnets route-map AS4-LOOPBACKS
 network 9.9.9.9 0.0.0.0 area 0
 network 192.168.89.9 0.0.0.0 area 0
!
router bgp 3
 no synchronization
 bgp log-neighbor-changes
 redistribute ospf 1 route-map AS3-LOOPBACKS
 neighbor 192.168.119.11 remote-as 4
 neighbor 192.168.119.11 send-label
 no auto-summary
!
ip prefix-list AS3-LOOPBACKS seq 5 permit 8.8.8.8/32
!
ip prefix-list AS4-LOOPBACKS seq 5 permit 10.10.10.10/32
!
route-map AS3-LOOPBACKS permit 10
 match ip address prefix-list AS3-LOOPBACKS
!
route-map AS4-LOOPBACKS permit 10
 match ip address prefix-list AS4-LOOPBACKS
!
mpls ldp router-id Loopback0 force

R10 Config

ip vrf 34
 rd 34:34
 route-target export 34:34
 route-target import 34:34
!
interface Loopback0
 ip address 10.10.10.10 255.255.255.255
!
interface Loopback1
 ip address 10.10.10.11 255.255.255.255
!
interface Tunnel0
 ip address 3.4.34.10 255.255.255.0
 mpls bgp forwarding
 tunnel source Loopback1
 tunnel destination 8.8.8.81
!
interface FastEthernet1/0
 ip address 192.168.110.10 255.255.255.0
 mpls ip
!
interface FastEthernet1/1
 ip address 192.168.112.10 255.255.255.0
!
interface FastEthernet2/0
 ip vrf forwarding 34
 ip address 192.168.114.10 255.255.255.0
!
router ospf 1
 log-adjacency-changes
 network 10.10.10.10 0.0.0.0 area 0
 network 192.168.110.10 0.0.0.0 area 0
!
router bgp 4
 bgp log-neighbor-changes
 neighbor 3.4.34.8 remote-as 3
 neighbor 8.8.8.8 remote-as 3
 neighbor 8.8.8.8 ebgp-multihop 4
 neighbor 8.8.8.8 update-source Loopback0
 neighbor 192.168.112.12 remote-as 12
 !
 address-family ipv4
  no synchronization
  network 10.10.10.11 mask 255.255.255.255
  no neighbor 3.4.34.8 activate
  no neighbor 8.8.8.8 activate
  neighbor 192.168.112.12 activate
  no auto-summary
 exit-address-family
 !
 address-family vpnv4
  neighbor 3.4.34.8 activate
  neighbor 3.4.34.8 send-community extended
  neighbor 8.8.8.8 activate
  neighbor 8.8.8.8 send-community extended
  neighbor 8.8.8.8 route-map LOCAL-PREFERENCE-200 in
 exit-address-family
 !
 address-family ipv4 vrf 34
  no synchronization
  redistribute connected
  redistribute static
 exit-address-family
!
ip route vrf 34 14.14.14.14 255.255.255.255 192.168.114.14
!
route-map LOCAL-PREFERENCE-200 permit 10
 set local-preference 200
!
mpls ldp router-id Loopback0 force

R11 Config

interface Loopback0
 ip address 11.11.11.11 255.255.255.255
!
interface FastEthernet0/0
 ip address 192.168.119.11 255.255.255.0
!
interface FastEthernet0/1
 ip address 192.168.110.11 255.255.255.0
 mpls ip
!
router ospf 1
 log-adjacency-changes
 redistribute bgp 4 subnets route-map AS3LOOPBACKS
 network 11.11.11.11 0.0.0.0 area 0
 network 192.168.110.11 0.0.0.0 area 0
!
router bgp 4
 no synchronization
 bgp log-neighbor-changes
 redistribute ospf 1 route-map AS4LOOPBACKS
 neighbor 192.168.119.9 remote-as 3
 neighbor 192.168.119.9 send-label
 no auto-summary
!
ip prefix-list AS3LOOPBACKS seq 5 permit 8.8.8.8/32
!
ip prefix-list AS4LOOPBACKS seq 5 permit 10.10.10.10/32
!
route-map AS4LOOPBACKS permit 10
 match ip address prefix-list AS4LOOPBACKS
!
route-map AS3LOOPBACKS permit 10
 match ip address prefix-list AS3LOOPBACKS
!
mpls ldp router-id Loopback0 force

R12 Config

interface FastEthernet0/0
 ip address 192.168.112.12 255.255.255.0
!
interface FastEthernet0/1
 ip address 192.168.128.12 255.255.255.0
!
router bgp 12
 no synchronization
 bgp log-neighbor-changes
 neighbor 192.168.112.10 remote-as 4
 neighbor 192.168.128.8 remote-as 3
 no auto-summary

R13 Config

interface Loopback0
 ip address 13.13.13.13 255.255.255.255
!
interface FastEthernet0/0
 ip address 192.168.138.13 255.255.255.0
!
ip route 0.0.0.0 0.0.0.0 192.168.138.8

R14 Config

interface Loopback0
 ip address 14.14.14.14 255.255.255.255
!
interface FastEthernet0/0
 ip address 192.168.114.14 255.255.255.0
!
ip route 0.0.0.0 0.0.0.0 192.168.114.10

R15 Config

interface Loopback0
 ip address 15.15.15.15 255.255.255.255
!
interface FastEthernet0/0
 ip address 192.168.155.15 255.255.255.0
!
ip route 0.0.0.0 0.0.0.0 192.168.155.5

R16 Config

interface Loopback0
 ip address 16.16.16.16 255.255.255.255
!
interface FastEthernet0/0
 ip address 192.168.167.16 255.255.255.0
!
ip route 0.0.0.0 0.0.0.0 192.168.167.7