Studying the Routing Bits: bgp

Showing posts with label bgp. Show all posts

Friday, 8 February 2013

BGP Routes Aggregation, Suppression

Tasks

1. Prefix 10.0.0.0/24 generated by R1 should not leak out to beyond AS234
2. R2 generate aggregated prefix that covers the prefixes from AS1 and AS234
3. The aggregated prefix should provide all the AS paths information
4. 10.0.1.0/24 to 10.0.3.0/24 need to be suppressed globally on R2
5. But 10.0.3.0/24 prefix should be sent out to R4 and subsequently to R6
6. R2 will conditionally inject the host route 10.0.1.12/32 as long as R2 receive 10.0.1.0/24 from R1
7. Since AS1 request to black-hole the traffic coming to 10.0.1.12, R2 will drop into null0
8. In order for the host route 10.0.1.12 not to leak out to AS5 and AS6, R2 will tag with community value 234:234. So that R3 and R4 interpret any route tagged with 234:234 should not be advertiested to other ASs.

Configuration

R1

interface Loopback0
ip address 10.0.0.1 255.255.255.0
!
interface Loopback1
ip address 10.0.1.1 255.255.255.0
!
interface Loopback2
ip address 10.0.2.1 255.255.255.0
!
interface Loopback3
ip address 10.0.3.1 255.255.255.0
!
interface FastEthernet0/0
ip address 192.168.12.1 255.255.255.0
!
router bgp 1
no synchronization
bgp log-neighbor-changes
redistribute connected route-map LOOPBACKS
neighbor 192.168.12.2 remote-as 234
neighbor 192.168.12.2 send-community
neighbor 192.168.12.2 route-map NO-EXPORT out
no auto-summary
!
ip prefix-list LOOPBACKS seq 5 permit 10.0.0.0/22 le 24
!
ip prefix-list NET0 seq 5 permit 10.0.0.0/24
!
route-map NO-EXPORT permit 10
match ip address prefix-list NET0
set community no-export
!
route-map NO-EXPORT permit 100
!
route-map LOOPBACKS permit 10
match ip address prefix-list LOOPBACKS

R2

interface Loopback0
ip address 2.2.2.2 255.255.255.255
!
interface Loopback4
ip address 10.0.4.2 255.255.255.0
!
interface Loopback5
ip address 10.0.5.2 255.255.255.0
!
interface Loopback6
ip address 10.0.6.2 255.255.255.0
!
interface Loopback7
ip address 10.0.7.2 255.255.255.0
!
interface FastEthernet0/0
ip address 192.168.12.2 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 192.168.23.2 255.255.255.0
ip router isis
duplex auto
speed auto
!
interface FastEthernet1/0
ip address 192.168.24.2 255.255.255.0
ip router isis
duplex auto
speed auto
!
router isis
net 49.0000.0000.0002.00
is-type level-2-only
metric-style wide transition
passive-interface Loopback0
!
router bgp 234
no synchronization
bgp log-neighbor-changes
bgp inject-map INJECT exist-map EXIST
aggregate-address 10.0.0.0 255.255.248.0 as-set advertise-map ADV suppress-map SUP
redistribute connected route-map LOOPBACKS
neighbor 3.3.3.3 remote-as 234
neighbor 3.3.3.3 update-source Loopback0
neighbor 3.3.3.3 route-reflector-client
neighbor 3.3.3.3 next-hop-self
neighbor 3.3.3.3 send-community
neighbor 4.4.4.4 remote-as 234
neighbor 4.4.4.4 update-source Loopback0
neighbor 4.4.4.4 route-reflector-client
neighbor 4.4.4.4 next-hop-self
neighbor 4.4.4.4 send-community
neighbor 4.4.4.4 unsuppress-map UNSUP
neighbor 192.168.12.1 remote-as 1
no auto-summary
!
ip forward-protocol nd
ip route 10.0.1.12 255.255.255.255 Null0
!
ip bgp-community new-format
ip community-list standard 234:234 permit 234:234
!
ip prefix-list HOST seq 5 permit 0.0.0.0/0 ge 32
!
ip prefix-list INJECT seq 5 permit 10.0.1.12/32
!
ip prefix-list LOOPBACKS seq 5 permit 10.0.4.0/22 le 24
!
ip prefix-list NET0 seq 5 permit 10.0.0.0/24
!
ip prefix-list NET1 seq 5 permit 10.0.1.0/24
!
ip prefix-list NET3 seq 5 permit 10.0.3.0/24
!
ip prefix-list R1 seq 5 permit 192.168.12.1/32
!
ip prefix-list R1LOOPBACKS seq 5 permit 10.0.1.0/24
ip prefix-list R1LOOPBACKS seq 10 permit 10.0.2.0/23 le 24
!
route-map INJECT permit 10
set ip address prefix-list INJECT
set community 234:234
!
route-map LOOPBACKS permit 10
match ip address prefix-list LOOPBACKS
!
route-map UNSUP permit 10
match ip address prefix-list NET3
!
route-map ADV deny 10
match ip address prefix-list NET0
!
route-map ADV deny 20
match ip address prefix-list HOST
!
route-map ADV deny 30
match community 234:234
!
route-map ADV permit 100
!
route-map EXIST permit 10
match ip address prefix-list NET1
match ip route-source prefix-list R1
!
route-map SUP permit 10
match ip address prefix-list R1LOOPBACKS

R3

interface Loopback0
ip address 3.3.3.3 255.255.255.255
!
interface FastEthernet0/0
ip address 192.168.23.3 255.255.255.0
ip router isis
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 192.168.35.3 255.255.255.0
duplex auto
speed auto
!
router isis
net 49.0000.0000.0003.00
is-type level-2-only
metric-style wide transition
passive-interface Loopback0
!
router bgp 234
no synchronization
bgp log-neighbor-changes
neighbor 2.2.2.2 remote-as 234
neighbor 2.2.2.2 update-source Loopback0
neighbor 2.2.2.2 next-hop-self
neighbor 192.168.35.5 remote-as 5
neighbor 192.168.35.5 route-map OUTBOUND out
no auto-summary
!
ip bgp-community new-format
ip community-list standard 234:234 permit 234:234
!
route-map OUTBOUND deny 10
match community 234:234
!
route-map OUTBOUND permit 100

R4

interface Loopback0
ip address 4.4.4.4 255.255.255.255
!
interface FastEthernet0/0
ip address 192.168.24.4 255.255.255.0
ip router isis
speed 100
full-duplex
!
interface FastEthernet0/1
ip address 192.168.46.4 255.255.255.0
duplex auto
speed auto
!
router isis
net 49.0000.0000.0004.00
is-type level-2-only
metric-style wide transition
passive-interface Loopback0
!
router bgp 234
no synchronization
bgp log-neighbor-changes
neighbor 2.2.2.2 remote-as 234
neighbor 2.2.2.2 update-source Loopback0
neighbor 2.2.2.2 next-hop-self
neighbor 192.168.46.6 remote-as 6
neighbor 192.168.46.6 route-map OUTBOUND out
no auto-summary
!
ip bgp-community new-format
ip community-list standard 234:234 permit 234:234
!
route-map OUTBOUND deny 10
match community 234:234
!
route-map OUTBOUND permit 100

R5

interface FastEthernet0/0
ip address 192.168.35.5 255.255.255.0
!
router bgp 5
no synchronization
bgp log-neighbor-changes
neighbor 192.168.35.3 remote-as 234
no auto-summary

R6

interface FastEthernet0/0
ip address 192.168.46.6 255.255.255.0
!
router bgp 6
no synchronization
bgp log-neighbor-changes
neighbor 192.168.46.4 remote-as 234
no auto-summary
Verification

R2#show ip bgp
   Network          Next Hop            Metric LocPrf Weight Path
*> 10.0.0.0/24      192.168.12.1             0             0 1 ?
*> 10.0.0.0/21      0.0.0.0                       100 32768 1 ?
s> 10.0.1.0/24      192.168.12.1             0             0 1 ?
r> 10.0.1.12/32     192.168.12.1                           0 ?
s> 10.0.2.0/24      192.168.12.1             0             0 1 ?
s> 10.0.3.0/24      192.168.12.1             0             0 1 ?
*> 10.0.4.0/24      0.0.0.0                  0         32768 ?
*> 10.0.5.0/24      0.0.0.0                  0         32768 ?
*> 10.0.6.0/24      0.0.0.0                  0         32768 ?
*> 10.0.7.0/24      0.0.0.0                  0         32768 ?
R3#show ip bgp
   Network          Next Hop            Metric LocPrf Weight Path
*>i10.0.0.0/24      2.2.2.2                  0    100      0 1 ?
*>i10.0.0.0/21      2.2.2.2                  0    100      0 1 ?
*>i10.0.1.12/32     2.2.2.2                  0    100      0 ?
*>i10.0.4.0/24      2.2.2.2                  0    100      0 ?
*>i10.0.5.0/24      2.2.2.2                  0    100      0 ?
*>i10.0.6.0/24      2.2.2.2                  0    100      0 ?
*>i10.0.7.0/24      2.2.2.2                  0    100      0 ?
R4#show ip bgp
   Network          Next Hop            Metric LocPrf Weight Path
*>i10.0.0.0/24      2.2.2.2                  0    100      0 1 ?
*>i10.0.0.0/21      2.2.2.2                  0    100      0 1 ?
*>i10.0.1.12/32     2.2.2.2                  0    100      0 ?
*>i10.0.3.0/24      2.2.2.2                  0    100      0 1 ?
*>i10.0.4.0/24      2.2.2.2                  0    100      0 ?
*>i10.0.5.0/24      2.2.2.2                  0    100      0 ?
*>i10.0.6.0/24      2.2.2.2                  0    100      0 ?
*>i10.0.7.0/24      2.2.2.2                  0    100      0 ?
R5#show ip bgp
   Network          Next Hop            Metric LocPrf Weight Path
*> 10.0.0.0/21      192.168.35.3                           0 234 1 ?
*> 10.0.4.0/24      192.168.35.3                           0 234 ?
*> 10.0.5.0/24      192.168.35.3                           0 234 ?
*> 10.0.6.0/24      192.168.35.3                           0 234 ?
*> 10.0.7.0/24      192.168.35.3                           0 234 ?
R6#show ip bgp
   Network          Next Hop            Metric LocPrf Weight Path
*> 10.0.0.0/21      192.168.46.4                           0 234 1 ?
*> 10.0.3.0/24      192.168.46.4                           0 234 1 ?
*> 10.0.4.0/24      192.168.46.4                           0 234 ?
*> 10.0.5.0/24      192.168.46.4                           0 234 ?
*> 10.0.6.0/24      192.168.46.4                           0 234 ?
*> 10.0.7.0/24      192.168.46.4                           0 234 ?
GNS File : http://www.4shared.com/rar/0a9U6KXC/BGP_Routes_Aggregation_Suppres.html

Thursday, 7 February 2013

BGP Conditional Route Injection

Prefer path to reach 123.123.123.123/32 is R6>R5>R2>R3 without manipulating bgp attributes of path selection.

Configuration

R1

interface Loopback0
ip address 1.1.1.1 255.255.255.255
!
interface FastEthernet0/0
ip address 192.168.13.1 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 192.168.14.1 255.255.255.0
duplex auto
speed auto
!
router ospf 1
log-adjacency-changes
network 1.1.1.1 0.0.0.0 area 0
network 192.168.13.1 0.0.0.0 area 0
!
router bgp 123
no synchronization
bgp log-neighbor-changes
neighbor IBGP peer-group
neighbor IBGP remote-as 123
neighbor IBGP update-source Loopback0
neighbor IBGP next-hop-self
neighbor 2.2.2.2 peer-group IBGP
neighbor 3.3.3.3 peer-group IBGP
neighbor 192.168.14.4 remote-as 4
no auto-summary

R2

interface Loopback0
ip address 2.2.2.2 255.255.255.255
!
interface FastEthernet0/0
ip address 192.168.23.2 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 192.168.25.2 255.255.255.0
duplex auto
speed auto
!
router ospf 1
log-adjacency-changes
network 2.2.2.2 0.0.0.0 area 0
network 192.168.23.2 0.0.0.0 area 0
!
router bgp 123
no synchronization
bgp log-neighbor-changes
bgp inject-map INJECT exist-map EXIST
neighbor IBGP peer-group
neighbor IBGP remote-as 123
neighbor IBGP update-source Loopback0
neighbor IBGP next-hop-self
neighbor 1.1.1.1 peer-group IBGP
neighbor 3.3.3.3 peer-group IBGP
neighbor 192.168.25.5 remote-as 5
no auto-summary
!
ip prefix-list EXIST seq 5 permit 123.123.0.0/16
!
ip prefix-list INJECT seq 5 permit 123.123.123.0/24
!
ip prefix-list SOURCE seq 5 permit 3.3.3.3/32
!
route-map INJECT permit 10
set ip address prefix-list INJECT
!
route-map EXIST permit 10
match ip address prefix-list EXIST
match ip route-source prefix-list SOURCE

R3

interface Loopback0
ip address 3.3.3.3 255.255.255.255
!
interface Loopback1
ip address 123.123.123.123 255.255.255.255
!
interface FastEthernet0/0
ip address 192.168.13.3 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 192.168.23.3 255.255.255.0
duplex auto
speed auto
!
router ospf 1
log-adjacency-changes
network 3.3.3.3 0.0.0.0 area 0
network 192.168.13.3 0.0.0.0 area 0
network 192.168.23.3 0.0.0.0 area 0
!
router bgp 123
no synchronization
bgp log-neighbor-changes
network 123.123.0.0 mask 255.255.0.0
neighbor IBGP peer-group
neighbor IBGP remote-as 123
neighbor IBGP update-source Loopback0
neighbor 1.1.1.1 peer-group IBGP
neighbor 2.2.2.2 peer-group IBGP
no auto-summary
!
ip forward-protocol nd
ip route 123.123.0.0 255.255.0.0 Null0

R4

interface FastEthernet0/0
ip address 192.168.14.4 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 192.168.46.4 255.255.255.0
duplex auto
speed auto
!
router bgp 4
no synchronization
bgp log-neighbor-changes
neighbor 192.168.14.1 remote-as 123
neighbor 192.168.46.6 remote-as 6
no auto-summary

R5

interface FastEthernet0/0
ip address 192.168.25.5 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 192.168.56.5 255.255.255.0
duplex auto
speed auto
!
router bgp 5
no synchronization
bgp log-neighbor-changes
neighbor 192.168.25.2 remote-as 123
neighbor 192.168.56.6 remote-as 6
no auto-summary

R6

interface Loopback0
ip address 6.6.6.6 255.255.255.255
!
interface FastEthernet0/0
ip address 192.168.46.6 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 192.168.56.6 255.255.255.0
duplex auto
speed auto
!
router bgp 6
no synchronization
bgp log-neighbor-changes
network 6.6.6.6 mask 255.255.255.255
neighbor 192.168.46.4 remote-as 4
neighbor 192.168.46.4 route-map OUT out
neighbor 192.168.56.5 remote-as 5
neighbor 192.168.56.5 route-map OUT out
no auto-summary
!
ip as-path access-list 1 permit ^$
!
route-map OUT permit 10
match as-path 1

Verification

R6#show ip bgp
   Network          Next Hop            Metric LocPrf Weight Path
*> 6.6.6.6/32       0.0.0.0                  0         32768 i
*> 123.123.0.0/16   192.168.46.4                           0 4 123 i
*                   192.168.56.5                           0 5 123 i
*> 123.123.123.0/24 192.168.56.5                           0 5 123 ?
R6#traceroute 123.123.123.123 source loopback 0
Type escape sequence to abort.
Tracing the route to 123.123.123.123
1 192.168.56.5 16 msec 48 msec 20 msec
2 192.168.25.2 44 msec 44 msec 28 msec
3 192.168.23.3 68 msec * 100 msec
GNS File : http://www.4shared.com/rar/sQJLhAdW/bgp_conditional_route_injectio.html

Saturday, 8 December 2012

Controlling BGP routes

Provider AS

AS12*(Regional)
AS34*(BackBone)
AS8(Tier1)
AS9(SH)
AS10(ST)
AS13(Tier1)

* Under a Single ISP

AS12(Regional) Import Community tag definition

12:110(Routes learn from ST)
12:19(Routes learn from SH)
12:134(Routes learn from BB)
12:111(Transit route)
12:112(Routes learn from full route customer)*1
12:113(Routes learn from Local route customer)*2
12:11(Routes learn from R1 POP)
12:12(Routes learn from R2 POP)

*1 full route means domestic routes + international route
*2 Local customer doesn't have international route

AS12(Regional) Export Community tag definition

12:210(Going to ST via local peering)
12:29(Going to SH via local peering)
12:234(Going to BB via local peering)
12:221(Going to Local route customer)
12:220(Going to Local+International)
12:222(Going to International route customer)

AS34(BB) Import Community tag definition

34:1012(Routes learn from Regional AS)
34:111(International routes)
34:112(Routes learn from full route customer)*1
34:113(Routes learn from Local route customer)*2

*1 full route means domestic routes + international route
*2 Local customer doesn't have international route

AS34(BB) Export Community tag definition

34:221(Going to Local route customer)
34:220(Going to Local+International)
34:222(Going to International route customer)
34:34(Specific routes)

AS9(SH) Import and Export Community tag definition

9:111(Routes learn from International)
9:113(Routes learn from Local peering)
9:222(Routes going to International)
10:222(International routes learn from ST)

AS10(ST) Import and Export Community tag definition

10:111(Routes learn from International)
10:113(Routes learn from Local peering)
10:222(Routes going to International)
9:222(International routes learn from SH)

BGP Peering

AS12
R1<IBGP>R2

AS34
R3<IBGP>R4

AS12 and AS9
R2<Local Peering>R9

AS12 and AS10
R1<Local Peering>R10
R2<Local Peering>R10

AS12 and AS34
R1<Local Peering>R4
R2<Local Peering>R3
R1<International Peering>R3

AS9 and AS10
R9<Local+International Peering>R10

AS34 and AS8
R4<International Peering>R8

AS9 and AS8
R9<International Peering>R8

AS10 and AS13
R10<International Peering>R13

AS8 and AS13
R8<International Peering>R13

Local Route Customer Peering
R1<>R7
R4<>R17

Full Route Customer Peering
R1<>R5
R2<>R12
R3<>R6
R9<>R11
R10<>R11

Peering Policy

Peering policy of AS12(Regional)

1.Local Peering with AS9(SH)

-AS9 sends routes originated locally,routes from its customers, and routes from ST peering
-AS12 sends routes originated locally, routes from customers(both Local route customer and Full route customer) and routes learn from AS34(BB)

Customization

- routes originated from AS9 are set higher LP on R2
-AS12 doesn't send to AS9 international routes learn from AS34
-R2 set lower local preference for the routes learn from AS 9 if the routes has as-path ^9_10
-AS9 alos doesn't send to AS12 international routes learn from AS8 and AS10(ST)
-AS9 sets higher local preference to routes learn from AS12 compared to routes learn from ST peering

2.Local Peering with AS10(ST)

..To be continued..

Full Configuration

R1 Config

interface Loopback0
ip address 1.1.1.1 255.255.255.255
!
interface Loopback1
ip address 1.1.11.1 255.255.255.0
!
interface FastEthernet0/0
ip address 192.168.12.1 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 192.168.17.1 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet1/0
ip address 192.168.13.1 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet2/0
ip address 192.168.14.1 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet3/0
ip address 192.168.101.1 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet4/0
ip address 192.168.15.1 255.255.255.0
duplex auto
speed auto
!
router ospf 1
log-adjacency-changes
network 1.1.1.1 0.0.0.0 area 0
network 192.168.12.1 0.0.0.0 area 0
!
router bgp 12
no synchronization
bgp log-neighbor-changes
network 1.1.11.0 mask 255.255.255.0
neighbor 2.2.2.2 remote-as 12
neighbor 2.2.2.2 update-source Loopback0
neighbor 2.2.2.2 next-hop-self
neighbor 2.2.2.2 send-community
neighbor 192.168.13.3 remote-as 34
neighbor 192.168.13.3 send-community
neighbor 192.168.13.3 soft-reconfiguration inbound
neighbor 192.168.13.3 route-map IPT_IN in
neighbor 192.168.13.3 route-map IPT_OUT out
neighbor 192.168.14.4 remote-as 34
neighbor 192.168.14.4 send-community
neighbor 192.168.14.4 soft-reconfiguration inbound
neighbor 192.168.14.4 route-map BB_PEERING_IN in
neighbor 192.168.14.4 route-map BB_PEERING_OUT out
neighbor 192.168.15.5 remote-as 5
neighbor 192.168.15.5 send-community
neighbor 192.168.15.5 route-map FULL_CUST_IN in
neighbor 192.168.15.5 route-map FULL_CUST_OUT out
neighbor 192.168.17.7 remote-as 7
neighbor 192.168.17.7 send-community
neighbor 192.168.17.7 route-map LOCAL_CUST_IN in
neighbor 192.168.17.7 route-map LOCAL_CUST_OUT out
neighbor 192.168.101.10 remote-as 10
neighbor 192.168.101.10 route-map ST_IN in
neighbor 192.168.101.10 route-map ST_OUT out
no auto-summary
!
ip forward-protocol nd
!
ip bgp-community new-format
ip community-list standard BB_OUT permit 12:234
ip community-list standard R2_POP permit 12:2 12:234
ip community-list standard FULL_ROUTE_CUST permit 12:220
ip community-list standard LOCAL_IN permit 12:113
ip community-list expanded ST_OUT permit 12:2[1-2]0
ip community-list expanded SH_OUT permit 12:2[2|9].
ip community-list expanded LOCAL_OUT permit 12:22[0|1]
ip community-list expanded FULL_OUT permit 12:2[0-9][0-9]
ip as-path access-list 1 deny ^$
ip as-path access-list 1 permit .*
ip as-path access-list 2 permit ^9_10
ip as-path access-list 3 permit ^10_9
ip as-path access-list 4 permit ^10$
ip as-path access-list 5 permit ^9$
!
no ip http server
no ip http secure-server
!
!
ip prefix-list AS11_1 seq 5 permit 11.11.0.0/17 le 24
!
ip prefix-list DEFAULT seq 5 permit 0.0.0.0/0
!
ip prefix-list SMALL_PREFIXES seq 5 permit 0.0.0.0/0 ge 25
!
route-map FULL_CUST_IN deny 10
match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map FULL_CUST_IN permit 20
set community 12:112 12:220
!
route-map BB_PEERING_OUT deny 10
match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map BB_PEERING_OUT permit 20
match community R2_POP
set metric 100
!
route-map BB_PEERING_OUT permit 30
match community BB_OUT
!
route-map BB_PEERING_OUT deny 40
match as-path 1
!
route-map BB_PEERING_OUT permit 50
set metric 100
!
route-map LOCAL_CUST_OUT deny 10
match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map LOCAL_CUST_OUT permit 20
match community LOCAL_OUT
!
route-map LOCAL_CUST_OUT deny 30
match as-path 1
!
route-map LOCAL_CUST_OUT permit 40
!
route-map IPT_IN deny 10
match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map IPT_IN permit 20
set community 12:111 12:222
!
route-map ST_OUT deny 10
match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map ST_OUT permit 20
match community ST_OUT
!
route-map ST_OUT deny 30
match as-path 1
!
route-map ST_OUT permit 40
!
route-map BB_PEERING_IN deny 10
match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map BB_PEERING_IN permit 20
set local-preference 150
set community 12:29 12:134 12:210 12:221
!
route-map FULL_CUST_OUT deny 10
match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map FULL_CUST_OUT permit 20
match community FULL_OUT
!
route-map FULL_CUST_OUT deny 30
match as-path 1
!
route-map FULL_CUST_OUT permit 40
!
route-map LOCAL_CUST_IN deny 10
match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map LOCAL_CUST_IN permit 20
set community 12:29 12:113 12:210 12:221 12:234
!
route-map IPT_OUT deny 10
match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map IPT_OUT deny 20
match community LOCAL_IN
!
route-map IPT_OUT permit 30
match community FULL_ROUTE_CUST
!
route-map IPT_OUT deny 40
match as-path 1
!
route-map IPT_OUT permit 50
!
route-map ST_IN deny 10
match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map ST_IN permit 20
match ip address prefix-list AS11_1
set local-preference 200
set community 12:1 12:110 12:221 12:234
!
route-map ST_IN permit 30
match as-path 4
set local-preference 200
set community 12:1 12:110 12:221 12:234
!
route-map ST_IN permit 40
match as-path 3
set local-preference 140
set community 12:1 12:110 12:221 12:234
!
route-map ST_IN permit 50
set local-preference 150
set community 12:1 12:110 12:221 12:234

R2 Config

interface Loopback0
ip address 2.2.2.2 255.255.255.255
!
interface FastEthernet0/0
ip address 192.168.12.2 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 192.168.212.2 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet1/0
ip address 192.168.23.2 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet2/0
ip address 192.168.102.2 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet3/0
ip address 192.168.29.2 255.255.255.0
duplex auto
speed auto
!
router ospf 1
log-adjacency-changes
network 2.2.2.2 0.0.0.0 area 0
network 192.168.12.2 0.0.0.0 area 0
!
router bgp 12
no synchronization
bgp log-neighbor-changes
neighbor 1.1.1.1 remote-as 12
neighbor 1.1.1.1 update-source Loopback0
neighbor 1.1.1.1 next-hop-self
neighbor 1.1.1.1 send-community
neighbor 192.168.23.3 remote-as 34
neighbor 192.168.23.3 send-community
neighbor 192.168.23.3 soft-reconfiguration inbound
neighbor 192.168.23.3 route-map BB_PEERING_IN in
neighbor 192.168.23.3 route-map BB_PEERING_OUT out
neighbor 192.168.29.9 remote-as 9
neighbor 192.168.29.9 send-community
neighbor 192.168.29.9 route-map SH_IN in
neighbor 192.168.29.9 route-map SH_OUT out
neighbor 192.168.102.10 remote-as 10
neighbor 192.168.102.10 send-community
neighbor 192.168.102.10 route-map ST_IN in
neighbor 192.168.102.10 route-map ST_OUT out
neighbor 192.168.212.12 remote-as 12
neighbor 192.168.212.12 send-community
neighbor 192.168.212.12 route-map FULL_CUST_IN in
neighbor 192.168.212.12 route-map FULL_CUST_OUT out
no auto-summary
!
ip forward-protocol nd
!
ip bgp-community new-format
ip community-list standard BB_OUT permit 12:234
ip community-list standard R1_POP permit 12:1 12:234
ip community-list expanded LOCAL_OUT permit 12:22[0|1]
ip community-list expanded ST_OUT permit 12:2[1-2]0
ip community-list expanded SH_OUT permit 12:2(9)|(20)
ip community-list expanded FULL_OUT permit 12:2[0-9][0-9]
ip as-path access-list 1 deny ^$
ip as-path access-list 1 permit .*
ip as-path access-list 2 permit ^9_10
ip as-path access-list 3 permit ^10_9
ip as-path access-list 4 permit ^10$
ip as-path access-list 5 permit ^9$
!
no ip http server
no ip http secure-server
!
!
ip prefix-list AS11 seq 5 permit 11.11.0.0/16 le 24
!
ip prefix-list AS11_2 seq 5 permit 11.11.128.0/17 le 24
!
ip prefix-list DEFAULT seq 5 permit 0.0.0.0/0
!
ip prefix-list SMALL_PREFIXES seq 5 permit 0.0.0.0/0 ge 25
!
route-map FULL_CUST_IN deny 10
match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map FULL_CUST_IN permit 20
set community 12:112 12:220
!
route-map SH_OUT deny 10
match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map SH_OUT permit 20
match community SH_OUT
!
route-map SH_OUT deny 30
match as-path 1
!
route-map SH_OUT permit 40
!
route-map BB_PEERING_OUT deny 10
match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map BB_PEERING_OUT permit 20
match community R1_POP
set metric 100
!
route-map BB_PEERING_OUT permit 30
match community BB_OUT
!
route-map BB_PEERING_OUT deny 40
match as-path 1
!
route-map BB_PEERING_OUT permit 50
set metric 100
!
route-map ST_OUT deny 10
match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map ST_OUT permit 20
match community ST_OUT
!
route-map ST_OUT deny 30
match as-path 1
!
route-map ST_OUT permit 40
!
route-map SH_IN deny 10
match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map SH_IN permit 20
match ip address prefix-list AS11
set local-preference 140
set community 12:2 12:19 12:221 12:234
!
route-map SH_IN permit 30
match as-path 5
set local-preference 200
set community 12:2 12:19 12:221 12:234
!
route-map SH_IN permit 40
match as-path 2
set local-preference 130
set community 12:2 12:19 12:221 12:234
!
route-map SH_IN permit 50
set local-preference 200
set community 12:2 12:19 12:221 12:234
!
route-map BB_PEERING_IN deny 10
match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map BB_PEERING_IN permit 20
set local-preference 200
set community 12:29 12:134 12:210 12:221
!
route-map FULL_CUST_OUT deny 10
match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map FULL_CUST_OUT permit 20
match community FULL_OUT
!
route-map FULL_CUST_OUT deny 30
match as-path 1
!
route-map FULL_CUST_OUT permit 40
!
route-map ST_IN deny 10
match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map ST_IN permit 20
match ip address prefix-list AS11_2
set local-preference 200
set community 12:2 12:110 12:221 12:234
!
route-map ST_IN permit 30
match as-path 4
set local-preference 200
set community 12:2 12:110 12:221 12:234
!
route-map ST_IN permit 40
match as-path 3
set local-preference 140
set community 12:2 12:110 12:221 12:234
!
route-map ST_IN permit 50
set local-preference 200
set community 12:2 12:110 12:221 12:234

R3 Config

interface Loopback0
ip address 3.3.3.3 255.255.255.255
!
interface Loopback1
ip address 3.4.34.3 255.255.255.0
!
interface FastEthernet0/0
ip address 192.168.36.3 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 192.168.34.3 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet1/0
ip address 192.168.13.3 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet2/0
ip address 192.168.23.3 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet3/0
no ip address
shutdown
duplex auto
speed auto
!
router ospf 1
log-adjacency-changes
network 3.3.3.3 0.0.0.0 area 0
network 192.168.34.3 0.0.0.0 area 0
!
router bgp 34
no synchronization
bgp log-neighbor-changes
redistribute connected route-map REDIS_CONNECTED
redistribute static route-map REDIS_STATIC
neighbor 4.4.4.4 remote-as 34
neighbor 4.4.4.4 update-source Loopback0
neighbor 4.4.4.4 next-hop-self
neighbor 4.4.4.4 send-community
neighbor 192.168.13.1 remote-as 12
neighbor 192.168.13.1 send-community
neighbor 192.168.13.1 remove-private-as
neighbor 192.168.13.1 soft-reconfiguration inbound
neighbor 192.168.13.1 route-map REG_IPT_IN in
neighbor 192.168.13.1 route-map REG_IPT_OUT out
neighbor 192.168.23.2 remote-as 12
neighbor 192.168.23.2 send-community
neighbor 192.168.23.2 remove-private-as
neighbor 192.168.23.2 soft-reconfiguration inbound
neighbor 192.168.23.2 route-map LOCAL_PEERING_IN in
neighbor 192.168.23.2 route-map LOCAL_PEERING_OUT out
neighbor 192.168.36.6 remote-as 6
neighbor 192.168.36.6 send-community
neighbor 192.168.36.6 remove-private-as
neighbor 192.168.36.6 route-map FULL_CUST_IN in
neighbor 192.168.36.6 route-map FULL_CUST_OUT out
no auto-summary
!
ip forward-protocol nd
ip route 3.3.0.0 255.255.192.0 Null0
!
ip bgp-community new-format
ip community-list standard IPT_OUT permit 34:111 34:222
ip community-list standard IPT_IN permit 34:111
ip community-list standard SPECIFIC permit 34:34
ip community-list standard LOCAL_IN permit 34:113
ip community-list standard FULL_ROUTE_CUST permit 12:220
ip community-list expanded LOCAL_OUT permit 34:22[0|1]
ip community-list expanded FULL_OUT permit 34:2[0-9][0-9]
ip as-path access-list 1 deny ^$
ip as-path access-list 1 permit .*
ip as-path access-list 2 permit ^$
ip as-path access-list 3 permit _12_
!
no ip http server
no ip http secure-server
!
!
ip prefix-list DEFAULT seq 5 permit 0.0.0.0/0
!
ip prefix-list SMALL_PREFIXES seq 5 permit 0.0.0.0/0 ge 25
!
route-map FULL_CUST_IN deny 10
match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map FULL_CUST_IN permit 20
set community 34:112 34:220
!
route-map LOCAL_PEERING_IN deny 10
match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map LOCAL_PEERING_IN permit 20
set local-preference 200
set community 34:113 34:221
!
route-map REDIS_STATIC permit 10
match source-protocol static
set community 34:220 34:221 34:222
!
route-map REG_IPT_IN deny 10
match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map REG_IPT_IN permit 20
set community 34:220 34:1012
!
route-map LOCAL_PEERING_OUT deny 10
match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map LOCAL_PEERING_OUT deny 20
match community IPT_IN
!
route-map LOCAL_PEERING_OUT deny 30
match community SPECIFIC
!
route-map LOCAL_PEERING_OUT permit 40
match community LOCAL_OUT
!
route-map LOCAL_PEERING_OUT permit 50
match as-path 2
!
route-map REDIS_CONNECTED permit 10
match interface Loopback1
set community 34:34
!
route-map FULL_CUST_OUT deny 10
match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map FULL_CUST_OUT deny 15
match community SPECIFIC
!
route-map FULL_CUST_OUT permit 20
match community FULL_OUT
!
route-map FULL_CUST_OUT permit 30
match as-path 2
!
route-map REG_IPT_OUT deny 10
match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map REG_IPT_OUT deny 20
match community SPECIFIC
!
route-map REG_IPT_OUT deny 30
match community LOCAL_IN
!
route-map REG_IPT_OUT permit 40
match community IPT_OUT
!
route-map REG_IPT_OUT permit 50
match community FULL_ROUTE_CUST
!
route-map REG_IPT_OUT permit 60
match as-path 2

R4 Config

interface Loopback0
ip address 4.4.4.4 255.255.255.255
!
interface FastEthernet0/0
ip address 192.168.174.4 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 192.168.34.4 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet1/0
ip address 192.168.14.4 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet2/0
ip address 192.168.48.4 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet3/0
no ip address
shutdown
duplex auto
speed auto
!
router ospf 1
log-adjacency-changes
network 4.4.4.4 0.0.0.0 area 0
network 192.168.34.4 0.0.0.0 area 0
!
router bgp 34
no synchronization
bgp log-neighbor-changes
neighbor 3.3.3.3 remote-as 34
neighbor 3.3.3.3 update-source Loopback0
neighbor 3.3.3.3 next-hop-self
neighbor 3.3.3.3 send-community
neighbor 192.168.14.1 remote-as 12
neighbor 192.168.14.1 send-community
neighbor 192.168.14.1 remove-private-as
neighbor 192.168.14.1 soft-reconfiguration inbound
neighbor 192.168.14.1 route-map LOCAL_PEERING_IN in
neighbor 192.168.14.1 route-map LOCAL_PEERING_OUT out
neighbor 192.168.48.8 remote-as 8
neighbor 192.168.48.8 remove-private-as
neighbor 192.168.48.8 route-map IPT_IN in
neighbor 192.168.48.8 route-map IPT_OUT out
neighbor 192.168.174.17 remote-as 65535
neighbor 192.168.174.17 route-map LOCAL_CUST_IN in
neighbor 192.168.174.17 route-map LOCAL_CUST_OUT out
no auto-summary
!
ip forward-protocol nd
!
ip bgp-community new-format
ip community-list standard IPT_IN permit 34:111
ip community-list standard SPECIFIC permit 34:34
ip community-list standard FULL_ROUTE_CUST permit 34:220
ip community-list standard TRANSIT permit 34:220 34:1012
ip community-list standard LOCAL_IN permit 34:113
ip community-list expanded LOCAL_OUT permit 34:22[0|1]
ip as-path access-list 1 deny ^$
ip as-path access-list 1 permit .*
ip as-path access-list 2 permit ^$
ip as-path access-list 3 permit _12_
!
no ip http server
no ip http secure-server
!
!
ip prefix-list DEFAULT seq 5 permit 0.0.0.0/0
!
ip prefix-list SMALL_PREFIXES seq 5 permit 0.0.0.0/0 ge 25
!
route-map LOCAL_PEERING_IN deny 10
match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map LOCAL_PEERING_IN permit 20
set local-preference 200
set community 34:113 34:221
!
route-map LOCAL_CUST_OUT deny 10
match ip address prefix-list DEFAULT
!
route-map LOCAL_CUST_OUT deny 15
match community SPECIFIC
!
route-map LOCAL_CUST_OUT permit 20
match community LOCAL_OUT
!
route-map LOCAL_CUST_OUT permit 30
match as-path 2
!
route-map IPT_IN deny 10
match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map IPT_IN deny 20
match as-path 3
!
route-map IPT_IN permit 30
set community 34:111 34:222
!
route-map LOCAL_PEERING_OUT deny 10
match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map LOCAL_PEERING_OUT deny 20
match community IPT_IN
!
route-map LOCAL_PEERING_OUT deny 30
match community SPECIFIC
!
route-map LOCAL_PEERING_OUT permit 40
match community LOCAL_OUT
!
route-map LOCAL_PEERING_OUT deny 50
match as-path 1
!
route-map LOCAL_PEERING_OUT permit 60
!
route-map LOCAL_CUST_IN deny 10
match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map LOCAL_CUST_IN permit 20
set community 34:113 34:221
!
route-map IPT_OUT deny 10
match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map IPT_OUT deny 20
match community SPECIFIC
!
route-map IPT_OUT deny 30
match community LOCAL_IN
!
route-map IPT_OUT permit 40
match community FULL_ROUTE_CUST
!
route-map IPT_OUT permit 50
match community TRANSIT
!
route-map IPT_OUT deny 60
match as-path 1
!
route-map IPT_OUT permit 70

R5 Config

interface Loopback1
ip address 5.5.1.5 255.255.255.0
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet1/0
ip address 192.168.15.5 255.255.255.0
duplex auto
speed auto
!
router bgp 5
no synchronization
bgp log-neighbor-changes
network 5.5.1.0 mask 255.255.255.0
neighbor 192.168.15.1 remote-as 12
no auto-summary

R6 Config

interface Loopback1
ip address 6.6.1.6 255.255.255.0
!
interface FastEthernet0/0
ip address 192.168.36.6 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
router bgp 6
no synchronization
bgp log-neighbor-changes
network 6.6.1.0 mask 255.255.255.0
neighbor 192.168.36.3 remote-as 34
no auto-summary

R7 Config

interface Loopback1
ip address 7.7.1.7 255.255.255.0
!
interface FastEthernet0/0
ip address 192.168.17.7 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet1/0
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet2/0
no ip address
shutdown
duplex auto
speed auto
!
router bgp 7
no synchronization
bgp log-neighbor-changes
network 7.7.1.0 mask 255.255.255.0
neighbor 192.168.17.1 remote-as 12
no auto-summary

R8 Config

interface Loopback1
ip address 8.8.1.8 255.255.255.0
!
interface FastEthernet0/0
ip address 192.168.138.8 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet1/0
ip address 192.168.48.8 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet2/0
ip address 192.168.89.8 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet3/0
ip address 192.168.108.8 255.255.255.0
duplex auto
speed auto
!
router bgp 8
no synchronization
bgp log-neighbor-changes
network 8.8.1.0 mask 255.255.255.0
neighbor 192.168.48.4 remote-as 34
neighbor 192.168.89.9 remote-as 9
neighbor 192.168.138.13 remote-as 13
no auto-summary

R9 Config

interface Loopback1
ip address 9.9.1.9 255.255.255.0
!
interface FastEthernet0/0
ip address 192.168.119.9 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 192.168.109.9 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet1/0
ip address 192.168.29.9 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet2/0
ip address 192.168.89.9 255.255.255.0
duplex auto
speed auto
!
router bgp 9
no synchronization
bgp log-neighbor-changes
network 9.9.1.0 mask 255.255.255.0
neighbor 192.168.29.2 remote-as 12
neighbor 192.168.29.2 route-map LOCAL_PEERING_IN in
neighbor 192.168.29.2 route-map LOCAL_PEERING_OUT out
neighbor 192.168.89.8 remote-as 8
neighbor 192.168.89.8 route-map IPT_IN in
neighbor 192.168.89.8 route-map IPT_OUT out
neighbor 192.168.109.10 remote-as 10
neighbor 192.168.109.10 send-community
neighbor 192.168.109.10 soft-reconfiguration inbound
neighbor 192.168.109.10 route-map ST_PEERING_IN in
neighbor 192.168.109.10 route-map ST_PEERING_OUT out
neighbor 192.168.119.11 remote-as 11
neighbor 192.168.119.11 route-map CUST in
no auto-summary
!
ip forward-protocol nd
!
ip bgp-community new-format
ip community-list standard IPT_IN permit 9:111
ip community-list standard LOCAL_IN permit 9:113
ip community-list standard IPT_OUT permit 9:222
ip community-list standard ST_IPT permit 10:222
ip as-path access-list 1 permit ^10_12
ip as-path access-list 2 permit ^11$
!
no ip http server
no ip http secure-server
!
!
ip prefix-list DEFAULT seq 5 permit 0.0.0.0/0
!
ip prefix-list SMALL_PREFIXES seq 5 permit 0.0.0.0/0 ge 25
!
route-map LOCAL_PEERING_IN deny 10
match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map LOCAL_PEERING_IN permit 20
set local-preference 200
set community 9:113
!
route-map ST_PEERING_OUT deny 10
match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map ST_PEERING_OUT permit 20
match community IPT_IN
set comm-list IPT_IN delete
!
route-map ST_PEERING_OUT permit 30
set community none
!
route-map CUST permit 10
match as-path 2
set local-preference 200
!
route-map IPT_IN deny 10
match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map IPT_IN permit 20
set local-preference 150
set community 9:111 9:222
!
route-map LOCAL_PEERING_OUT deny 10
match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map LOCAL_PEERING_OUT deny 20
match community IPT_IN
!
route-map LOCAL_PEERING_OUT permit 30
!
route-map ST_PEERING_IN deny 10
match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map ST_PEERING_IN permit 20
match community ST_IPT
set local-preference 140
set community 9:111 9:113
!
route-map ST_PEERING_IN permit 30
match as-path 1
set local-preference 160
!
route-map ST_PEERING_IN permit 40
set local-preference 150
!
route-map IPT_OUT deny 10
match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map IPT_OUT deny 20
match community LOCAL_IN
!
route-map IPT_OUT permit 30

R10 Config

interface FastEthernet0/0
ip address 192.168.110.10 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 192.168.109.10 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet1/0
ip address 192.168.101.10 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet2/0
ip address 192.168.102.10 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet3/0
ip address 192.168.113.10 255.255.255.0
duplex auto
speed auto
!
router bgp 10
no synchronization
bgp log-neighbor-changes
neighbor 192.168.101.1 remote-as 12
neighbor 192.168.101.1 route-map LOCAL_PEERING_IN in
neighbor 192.168.101.1 route-map LOCAL_PEERING_OUT out
neighbor 192.168.102.2 remote-as 12
neighbor 192.168.102.2 route-map LOCAL_PEERING_IN in
neighbor 192.168.102.2 route-map LOCAL_PEERING_OUT out
neighbor 192.168.109.9 remote-as 9
neighbor 192.168.109.9 send-community
neighbor 192.168.109.9 soft-reconfiguration inbound
neighbor 192.168.109.9 route-map SH_PEERING_IN in
neighbor 192.168.109.9 route-map SH_PEERING_OUT out
neighbor 192.168.110.11 remote-as 11
neighbor 192.168.110.11 route-map CUST in
neighbor 192.168.113.13 remote-as 13
neighbor 192.168.113.13 route-map IPT_IN in
neighbor 192.168.113.13 route-map IPT_OUT out
no auto-summary
!
ip forward-protocol nd
!
ip bgp-community new-format
ip community-list standard IPT_IN permit 10:111
ip community-list standard LOCAL_IN permit 10:113
ip community-list standard IPT_OUT permit 10:222
ip community-list standard SH_IPT permit 9:222
ip as-path access-list 1 permit ^9_12_
ip as-path access-list 2 permit ^11$
!
ip http server
no ip http secure-server
!
!
ip prefix-list DEFAULT seq 5 permit 0.0.0.0/0
!
ip prefix-list SMALL_PREFIXES seq 5 permit 0.0.0.0/0 ge 25
!
route-map LOCAL_PEERING_IN deny 10
match ip address prefix-list DEFAULT SMALL_PREFIXES
set local-preference 200
!
route-map LOCAL_PEERING_IN permit 20
set local-preference 200
set community 10:113
!
route-map CUST permit 10
match as-path 2
set local-preference 200
!
route-map IPT_IN deny 10
match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map IPT_IN permit 20
set local-preference 150
set community 10:111 10:222
!
route-map SH_PEERING_OUT deny 10
match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map SH_PEERING_OUT permit 20
match community IPT_IN
set comm-list IPT_IN delete
!
route-map SH_PEERING_OUT permit 30
set community none
!
route-map LOCAL_PEERING_OUT deny 10
match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map LOCAL_PEERING_OUT deny 20
match community IPT_IN
!
route-map LOCAL_PEERING_OUT permit 30
!
route-map IPT_OUT deny 10
match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map IPT_OUT deny 20
match community LOCAL_IN
!
route-map IPT_OUT permit 30
!
route-map SH_PEERING_IN deny 10
match ip address prefix-list DEFAULT SMALL_PREFIXES
!
route-map SH_PEERING_IN permit 20
match community SH_IPT
set local-preference 140
set community 10:111 10:113
!
route-map SH_PEERING_IN permit 30
match as-path 1
set local-preference 160
!
route-map SH_PEERING_IN permit 40
set local-preference 150

R11 Config

interface Loopback1
ip address 11.11.1.11 255.255.255.0
!
interface Loopback129
ip address 11.11.129.11 255.255.255.0
!
interface FastEthernet0/0
ip address 192.168.110.11 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 192.168.119.11 255.255.255.0
duplex auto
speed auto
!
router bgp 11
no synchronization
bgp log-neighbor-changes
network 11.11.1.0 mask 255.255.255.0
network 11.11.129.0 mask 255.255.255.0
neighbor 192.168.110.10 remote-as 10
neighbor 192.168.110.10 route-map OUT out
neighbor 192.168.119.9 remote-as 9
neighbor 192.168.119.9 route-map OUT out
no auto-summary
!
ip forward-protocol nd
!
ip bgp-community new-format
ip as-path access-list 1 permit ^$
!
ip http server
no ip http secure-server
!
!
route-map OUT permit 10
match as-path 1

R12 Config

interface FastEthernet0/0
ip address 192.168.212.12 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
router bgp 12
no synchronization
bgp log-neighbor-changes
neighbor 192.168.212.2 remote-as 12
no auto-summary

R13 Config

interface FastEthernet0/0
ip address 192.168.138.13 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 192.168.113.13 255.255.255.0
speed 100
full-duplex
!
router bgp 13
no synchronization
bgp log-neighbor-changes
neighbor 192.168.113.10 remote-as 10
neighbor 192.168.138.8 remote-as 8
no auto-summary

R17 Config

interface Loopback1
ip address 17.17.1.17 255.255.255.0
!
interface FastEthernet0/0
ip address 192.168.174.17 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
router bgp 65535
no synchronization
bgp log-neighbor-changes
network 17.17.1.0 mask 255.255.255.0
neighbor 192.168.174.4 remote-as 34
no auto-summary

Wednesday, 3 October 2012

BGP path manipulation with community tag, local-preference and ...

Physical topology

Layer 3 topology

BGP topology

The objective of this lab is to manipulate the traffic path of R5 going to and from R6 and R7.
If the packet from R5 going to R6, it should go through R5>R4>R1>R6, R6>R1>R4>R5.
If the destination is to R7, R5 could take either R3 or R4, but for the return path, it should take the path R7>R2>R3>R5.

R1 Config

interface Loopback0
ip address 1.1.1.1 255.255.255.255
!
interface Loopback1
ip address 1.1.1.11 255.255.255.255
!
interface FastEthernet0/0
ip address 192.168.134.1 255.255.255.0
!
interface FastEthernet0/1
ip address 192.168.16.1 255.255.255.0
!
router ospf 1
log-adjacency-changes
redistribute connected subnets route-map connected
network 1.1.1.1 0.0.0.0 area 0
network 192.168.134.1 0.0.0.0 area 0
!
router bgp 1234
no synchronization
bgp log-neighbor-changes
network 1.1.1.11 mask 255.255.255.255
neighbor 2.2.2.2 remote-as 1234
neighbor 2.2.2.2 update-source Loopback0
neighbor 2.2.2.2 route-map lower-lp in
neighbor 4.4.4.4 remote-as 1234
neighbor 4.4.4.4 update-source Loopback0
neighbor 4.4.4.4 route-reflector-client
neighbor 4.4.4.4 route-map domestic out
neighbor 192.168.16.6 remote-as 6
no auto-summary
!
ip bgp-community new-format
ip community-list standard 1234:5 permit 1234:5
ip as-path access-list 1 deny ^$
ip as-path access-list 1 permit .*
ip as-path access-list 2 permit ^7_
!
route-map domestic permit 10
match as-path 2
!
route-map domestic deny 20
match as-path 1
!
route-map domestic permit 100
!
route-map lower-lp permit 10
match community 1234:5
set local-preference 200
!
route-map lower-lp permit 100
!
route-map testing permit 10
!
route-map connected permit 10
match interface FastEthernet0/1

R2 Config

interface Loopback0
ip address 2.2.2.2 255.255.255.255
!
interface Loopback1
ip address 2.2.2.21 255.255.255.255
!
interface FastEthernet1/0
ip address 192.168.27.2 255.255.255.0
!
interface FastEthernet4/1
switchport access vlan 134
!
interface FastEthernet4/3
switchport access vlan 134
!
interface FastEthernet4/4
switchport access vlan 134
!
interface FastEthernet4/5
switchport access vlan 45
!
interface Vlan134
ip address 192.168.134.2 255.255.255.0
!
router ospf 1
log-adjacency-changes
network 2.2.2.2 0.0.0.0 area 0
network 192.168.134.2 0.0.0.0 area 0
default-information originate
!
router bgp 1234
no synchronization
bgp log-neighbor-changes
network 2.2.2.21 mask 255.255.255.255
neighbor 1.1.1.1 remote-as 1234
neighbor 1.1.1.1 update-source Loopback0
neighbor 1.1.1.1 send-community
neighbor 3.3.3.3 remote-as 1234
neighbor 3.3.3.3 update-source Loopback0
neighbor 3.3.3.3 route-reflector-client
neighbor 3.3.3.3 send-community
neighbor 192.168.27.7 remote-as 7
neighbor 192.168.27.7 route-map tag in
no auto-summary
!
ip route 0.0.0.0 0.0.0.0 1.1.1.1
!
ip bgp-community new-format
!
route-map tag permit 10
set community 1234:7

R3 Config

interface Loopback0
ip address 3.3.3.3 255.255.255.255
!
interface Loopback1
ip address 3.3.3.31 255.255.255.255
!
interface FastEthernet0/0
ip address 192.168.134.3 255.255.255.0
!
interface FastEthernet0/1
ip address 192.168.35.3 255.255.255.0
!
router ospf 1
log-adjacency-changes
redistribute connected subnets route-map connected
network 3.3.3.3 0.0.0.0 area 0
network 192.168.134.3 0.0.0.0 area 0
!
router bgp 1234
no synchronization
bgp log-neighbor-changes
network 3.3.3.31 mask 255.255.255.255
neighbor 2.2.2.2 remote-as 1234
neighbor 2.2.2.2 update-source Loopback0
neighbor 2.2.2.2 send-community
neighbor 192.168.35.5 remote-as 5
neighbor 192.168.35.5 route-map lp in
neighbor 192.168.35.5 route-map domestic+local out
no auto-summary
!
ip bgp-community new-format
ip community-list standard 1234:7 permit 1234:7
ip as-path access-list 1 permit ^$
!
route-map lp permit 10
set local-preference 400
set community 1234:5
!
route-map domestic+local permit 10
match community 1234:7
!
route-map domestic+local permit 20
match as-path 1
!
route-map connected permit 10
match interface FastEthernet0/1

R4 Config

interface Loopback0
ip address 4.4.4.4 255.255.255.255
!
interface Loopback1
ip address 4.4.4.41 255.255.255.255
!
interface FastEthernet0/0
ip address 192.168.45.4 255.255.255.0
!
interface FastEthernet1/0
ip address 192.168.134.4 255.255.255.0
!
router ospf 1
log-adjacency-changes
redistribute connected subnets route-map connected
network 4.4.4.4 0.0.0.0 area 0
network 192.168.134.4 0.0.0.0 area 0
!
router bgp 1234
no synchronization
bgp log-neighbor-changes
network 4.4.4.41 mask 255.255.255.255
neighbor 1.1.1.1 remote-as 1234
neighbor 1.1.1.1 update-source Loopback0
neighbor 192.168.45.5 remote-as 5
neighbor 192.168.45.5 default-originate
neighbor 192.168.45.5 route-map lp in
no auto-summary
!
route-map lp permit 10
set local-preference 300
!
route-map connected permit 10
match interface FastEthernet0/0

R5 Config

interface Loopback0
ip address 5.5.5.5 255.255.255.255
!
interface FastEthernet0/0
ip address 192.168.35.5 255.255.255.0
!
interface FastEthernet1/0
ip address 192.168.45.5 255.255.255.0
!
router bgp 5
no synchronization
bgp log-neighbor-changes
network 5.5.5.5 mask 255.255.255.255
neighbor 192.168.35.3 remote-as 1234
neighbor 192.168.45.4 remote-as 1234
no auto-summary

R6 Config

interface Loopback0
ip address 6.6.6.6 255.255.255.255
!
interface FastEthernet0/0
ip address 192.168.16.6 255.255.255.0
!
router bgp 6
no synchronization
bgp log-neighbor-changes
network 6.6.6.6 mask 255.255.255.255
neighbor 192.168.16.1 remote-as 1234
no auto-summary

R7 Config

interface Loopback0
ip address 7.7.7.7 255.255.255.255
!
interface FastEthernet1/0
ip address 192.168.27.7 255.255.255.0
!
router bgp 7
no synchronization
bgp log-neighbor-changes
network 7.7.7.7 mask 255.255.255.255
neighbor 192.168.27.2 remote-as 1234
no auto-summary

Scenario 1:

Since R4 is not a powerful routing device, it should not have all the bgp updates except local and domestic bgp routes. R4 is the route-reflector-client of R1, by default R4 will receive all bgp updates.
So we need to control on R1 to filter unwanted bgp updates.

R1 configuration

route-map domestic permit 10
match as-path 2
!
route-map domestic deny 20
match as-path 1
!
route-map domestic permit 100
!
ip as-path access-list 1 deny ^$
ip as-path access-list 1 permit .*
ip as-path access-list 2 permit ^7_

Verification

R4#show ip bgp
   Network          Next Hop            Metric LocPrf Weight Path
*>i1.1.1.11/32      1.1.1.1                  0    100      0 i
*>i2.2.2.21/32      2.2.2.2                  0    100      0 i
*>i3.3.3.31/32      3.3.3.3                  0    100      0 i
*> 4.4.4.41/32      0.0.0.0                  0         32768 i
*> 5.5.5.5/32       192.168.45.5             0    300      0 5 i
*>i7.7.7.7/32       192.168.27.7             0    100      0 7 i

Scenario 2:

In order for R4 to reach R6 prefix, R2 will inject default default in OSPF.

R2 configuration

ip route 0.0.0.0 0.0.0.0 1.1.1.1
!
router ospf 1
default-information originate

Verification

R4#show ip route
Gateway of last resort is 192.168.134.2 to network 0.0.0.0

O*E2 0.0.0.0/0 [110/1] via 192.168.134.2, 02:55:26, FastEthernet1/0

Scenarion 3:

R5 should use only R4 if destination is going to International.
So R3 need to filter international routes bgp updates to R5.
Whatever bgp updates received from R7, R2 will tag community tag of 1234:7, so that later on R3 can match that community tag and filter the advertisement to R5 based on the community tag.

R2 configuration

router bgp 1234
neighbor 3.3.3.3 send-community
neighbor 192.168.27.7 route-map tag in
!
route-map tag permit 10
set community 1234:7

R3 configuration

router bgp 1234
neighbor 192.168.35.5 route-map domestic+local out
!
route-map domestic+local permit 10
match community 1234:7
!
route-map domestic+local permit 20
match as-path 1
!
ip community-list standard 1234:7 permit 1234:7
ip as-path access-list 1 permit ^$
*Note: In order to use bgp new community format, we neet to use the command #ip bgp new-format

R3#show ip bgp neighbors 192.168.35.5 advertised-routes

   Network          Next Hop            Metric LocPrf Weight Path
*>i1.1.1.11/32      1.1.1.1                  0    100      0 i
*>i2.2.2.21/32      2.2.2.2                  0    100      0 i
*> 3.3.3.31/32      0.0.0.0                  0         32768 i
*>i4.4.4.41/32      4.4.4.4                  0    100      0 i
*>i7.7.7.7/32       192.168.27.7             0    100      0 7 i

Scenario 4:

For the return packet from R7 to R5 to use the path R7>R2>R3>R5, bgp updates of R5 received from R3 should always be the best on R2. In this case, local-preference of 400 from R3 versus 300 from R4.

R3 configuration

router bgp 1234
neighbor 192.168.35.5 route-map lp in
!
route-map lp permit 10
set local-preference 400
R4 configuration

router bgp 1234
neighbor 192.168.45.5 route-map lp in
!
route-map lp permit 10
set local-preference 400

Verification

R2#show ip bgp 5.5.5.5
BGP routing table entry for 5.5.5.5/32, version 5
Paths: (2 available, best #2, table Default-IP-Routing-Table)
Advertised to update-groups:
     1          3
5
    192.168.45.5 (metric 20) from 1.1.1.1 (1.1.1.1)
      Origin IGP, metric 0, localpref 300, valid, internal
      Originator: 4.4.4.4, Cluster list: 1.1.1.1
5, (Received from a RR-client)
    192.168.35.5 (metric 20) from 3.3.3.3 (3.3.3.3)
      Origin IGP, metric 0, localpref 400, valid, internal, best
      Community: 1234:5

Scenarion 4:

Up to this point, R1 also use R3 as the prefer exit if the pacet is coming from R6 towards R5 due to the higher local preference of 400 from R3 compared to 300 from R4.
We need a way to configure not to prefer R3 as the prefer exit in order to fulfill the requirement of taking the path R7>R1>R4>R5.
So whatever routes R3 learns from R5, we will tag the community 1234:5 to the bgp updates, so that when the updates reach R1, R1 will match those bgp updates based on community tag 1234:5 and lower the original local-preference value to 200 becoming not a better value comparing with 300 from R4.

R3 configuration

router bgp 1234
neighbor 2.2.2.2 send-community
neighbor 192.168.35.5 route-map lp in
!
route-map lp permit 10
set local-preference 400
set community 1234:5

R2 configuration

router bgp 1234
neighbor 1.1.1.1 send-community

R1 configuration

router bgp 1234
neighbor 2.2.2.2 route-map lower-lp in
!
route-map lower-lp permit 10
match community 1234:5
set local-preference 200
!
route-map lower-lp permit 100
!
ip community-list standard 1234:5 permit 1234:5

Verification

R1#show ip bgp 5.5.5.5
BGP routing table entry for 5.5.5.5/32, version 32
Paths: (2 available, best #2, table Default-IP-Routing-Table)
Advertised to update-groups:
     1          2
5
    192.168.35.5 (metric 20) from 2.2.2.2 (2.2.2.21)
      Origin IGP, metric 0, localpref 200, valid, internal
      Community: 1234:5
      Originator: 3.3.3.3, Cluster list: 2.2.2.21
5, (Received from a RR-client)
    192.168.45.5 (metric 20) from 4.4.4.4 (4.4.4.4)
      Origin IGP, metric 0, localpref 300, valid, internal, best

Wednesday, 26 September 2012

IPv6 routing with RIPng, OSPFv3 and BGP(all routers configuration)

R1 Config

ipv6 unicast-routing
!
interface FastEthernet0/0
ipv6 address 2001:12::1/64
ipv6 ospf 1 area 0
!
interface FastEthernet0/1
ipv6 address 2001:13::1/64
ipv6 ospf 1 area 13
!
ipv6 route 2001:1::1/128 Null0
!
ipv6 router ospf 1
router-id 1.1.1.1
log-adjacency-changes
summary-prefix 2001:1::/64
redistribute static

R2 Config

ipv6 unicast-routing
!
interface Loopback0
ipv6 address 2001:2::2/128
ipv6 ospf 1 area 0
!
interface FastEthernet0/0
ipv6 address 2001:12::2/64
ipv6 ospf 1 area 0
!
interface FastEthernet0/1
ipv6 address 2001:24::2/64
ipv6 ospf 1 area 24
!
ipv6 router ospf 1
router-id 2.2.2.2
log-adjacency-changes
area 24 range 2001:4::/64

R3 Config

ipv6 unicast-routing
!
interface Loopback0
ipv6 address 2001:3::3/128
ipv6 ospf 1 area 13
!
interface FastEthernet0/0
ipv6 address 2001:13::3/64
ipv6 ospf 1 area 13
!
interface FastEthernet0/1
ipv6 address 2001:35::3/64
ipv6 rip 35 enable
!
ipv6 router ospf 1
router-id 3.3.3.3
log-adjacency-changes
redistribute rip 35 tag 120 include-connected
!
ipv6 router rip 35
distribute-list prefix-list R4-NETWORK out
redistribute ospf 1 metric 1 route-map TO-RIP
!
ipv6 prefix-list R4-NETWORK seq 5 deny 2001:4::/64
ipv6 prefix-list R4-NETWORK seq 10 permit ::/0 le 128
!
route-map TO-RIP permit 10
match tag 6
!
route-map TO-RIP deny 20
match route-type external
!
route-map TO-RIP permit 100

R4 Config

ipv6 unicast-routing
!
interface Loopback0
ipv6 address 2001:4::4/128
ipv6 ospf 1 area 24
!
interface FastEthernet0/0
ipv6 address 2001:24::4/64
ipv6 ospf 1 area 24
!
interface FastEthernet0/1
ipv6 address 2001:46::4/64
!
router bgp 1
no synchronization
bgp router-id 4.4.4.4
bgp log-neighbor-changes
neighbor 2001:46::6 remote-as 6
no neighbor 2001:46::6 activate
no auto-summary
!
address-family ipv6
neighbor 2001:46::6 activate
redistribute ospf 1 match external 1 external 2 route-map TO-BGP
no synchronization
exit-address-family
!
ipv6 router ospf 1
router-id 4.4.4.4
log-adjacency-changes
redistribute bgp 1 route-map FROM-BGP
!
ipv6 prefix-list FROM-BGP seq 5 permit 2001:6::/57
!
route-map TO-BGP permit 10
match tag 120
!
route-map FROM-BGP permit 10
match ipv6 address prefix-list FROM-BGP
set tag 6

R5 Config

ipv6 unicast-routing
!
interface Loopback0
ipv6 address 2001:5::5/128
ipv6 rip 35 enable
!
interface FastEthernet0/0
ipv6 address 2001:35::5/64
ipv6 rip 35 enable
!
ipv6 router rip 35

R6 Config

ipv6 unicast-routing
!
interface Loopback0
ipv6 address 2001:6:0:6::6/64
!
interface Loopback1
ipv6 address 2001:6:0:60::6/58
!
interface FastEthernet0/0
ipv6 address 2001:46::6/64
!
router bgp 6
no synchronization
bgp router-id 6.6.6.6
bgp log-neighbor-changes
neighbor 2001:46::4 remote-as 1
no neighbor 2001:46::4 activate
no auto-summary
!
address-family ipv6
neighbor 2001:46::4 activate
network 2001:6:0:6::/64
network 2001:6:0:60::/58
aggregate-address 2001:6::/57 summary-only
exit-address-family

Thursday, 13 September 2012

ISP Connectioin Overview and Configuration of all Nodes

R1 Config

ip vrf one
rd 1:1
route-target export 1:1
route-target import 1:1
!
interface Loopback0
ip address 1.1.1.1 255.255.255.255
!
interface FastEthernet1/0
ip address 192.168.12.1 255.255.255.0
mpls ip
!
interface FastEthernet2/0
ip vrf forwarding one
ip address 192.168.14.1 255.255.255.0
mpls ip
!
router ospf 2 vrf one
log-adjacency-changes
redistribute bgp 1 subnets
network 192.168.14.1 0.0.0.0 area 0
!
router ospf 1
log-adjacency-changes
network 1.1.1.1 0.0.0.0 area 0
network 192.168.12.1 0.0.0.0 area 0
network 192.168.13.1 0.0.0.0 area 0
mpls traffic-eng router-id Loopback0
mpls traffic-eng area 0
!
router bgp 1
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 3.3.3.3 remote-as 1
neighbor 3.3.3.3 update-source Loopback0
!
address-family ipv4
no synchronization
no auto-summary
exit-address-family
!
address-family vpnv4
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community extended
exit-address-family
!
address-family ipv4 vrf one
no synchronization
redistribute ospf 2 vrf one
exit-address-family

R2 Config

interface Loopback0
ip address 2.2.2.2 255.255.255.255
!
interface FastEthernet0/0
ip address 192.168.12.2 255.255.255.0
mpls ip
!
interface FastEthernet0/1
ip address 192.168.23.2 255.255.255.0
mpls ip
!
router ospf 1
log-adjacency-changes
network 2.2.2.2 0.0.0.0 area 0
network 192.168.12.2 0.0.0.0 area 0
network 192.168.23.2 0.0.0.0 area 0

R3 Config

ip vrf one
rd 1:1
route-target export 1:1
route-target import 1:1
!
interface Loopback0
ip address 3.3.3.3 255.255.255.255
!
interface FastEthernet1/1
ip address 192.168.23.3 255.255.255.0
speed auto
duplex auto
mpls ip
!
interface FastEthernet2/0
ip vrf forwarding one
ip address 192.168.36.3 255.255.255.0
mpls bgp forwarding
!
router ospf 1
log-adjacency-changes
network 3.3.3.3 0.0.0.0 area 0
network 192.168.13.3 0.0.0.0 area 0
network 192.168.23.3 0.0.0.0 area 0
mpls traffic-eng router-id Loopback0
mpls traffic-eng area 0
!
router bgp 1
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 1.1.1.1 remote-as 1
neighbor 1.1.1.1 update-source Loopback0
!
address-family ipv4
no synchronization
no auto-summary
exit-address-family
!
address-family vpnv4
neighbor 1.1.1.1 activate
neighbor 1.1.1.1 send-community extended
exit-address-family
!
address-family ipv4 vrf one
no synchronization
neighbor 192.168.36.6 remote-as 2
neighbor 192.168.36.6 activate
neighbor 192.168.36.6 send-label
exit-address-family

R4 Config

interface Loopback0
ip address 4.4.4.4 255.255.255.255
!
interface FastEthernet0/0
ip address 192.168.14.4 255.255.255.0
mpls ip
!
interface FastEthernet0/1
ip address 192.168.45.4 255.255.255.0
mpls ip
!
router ospf 1
log-adjacency-changes
network 4.4.4.4 0.0.0.0 area 0
network 192.168.14.4 0.0.0.0 area 0
network 192.168.45.4 0.0.0.0 area 0

R5 Config

ip vrf two
rd 2:2
route-target export 2:2
route-target import 2:2
!
pseudowire-class AS3-AS4
encapsulation mpls
!
interface Loopback0
ip address 5.5.5.5 255.255.255.255
!
interface FastEthernet1/0
ip address 192.168.45.5 255.255.255.0
mpls ip
!
interface FastEthernet1/1
xconnect 7.7.7.7 34 pw-class AS3-AS4
!
interface FastEthernet2/0
ip vrf forwarding two
ip address 192.168.155.5 255.255.255.0
!
router ospf 1
log-adjacency-changes
network 5.5.5.5 0.0.0.0 area 0
network 192.168.45.5 0.0.0.0 area 0
!
router bgp 2
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 7.7.7.7 remote-as 2
neighbor 7.7.7.7 update-source Loopback0
!
address-family ipv4
no synchronization
no auto-summary
exit-address-family
!
address-family vpnv4
neighbor 7.7.7.7 activate
neighbor 7.7.7.7 send-community extended
exit-address-family
!
address-family ipv4 vrf two
no synchronization
redistribute connected
redistribute static
exit-address-family
!
ip route vrf two 15.15.15.15 255.255.255.255 192.168.155.15

R6 Config

interface Loopback0
ip address 6.6.6.6 255.255.255.255
!
interface FastEthernet0/0
ip address 192.168.36.6 255.255.255.0
!
interface FastEthernet0/1
ip address 192.168.67.6 255.255.255.0
mpls ip
!
router ospf 1
log-adjacency-changes
redistribute bgp 2 subnets route-map AS2LOOPBACKS
network 6.6.6.6 0.0.0.0 area 0
network 192.168.67.6 0.0.0.0 area 0
!
router bgp 2
bgp log-neighbor-changes
neighbor 192.168.36.3 remote-as 1
!
address-family ipv4
redistribute ospf 1 route-map AS2LOOPBACKS
neighbor 192.168.36.3 activate
neighbor 192.168.36.3 send-label
no auto-summary
no synchronization
exit-address-family
!
ip prefix-list AS2LOOPBACKS seq 5 permit 4.4.4.4/32
ip prefix-list AS2LOOPBACKS seq 10 permit 5.5.5.5/32
ip prefix-list AS2LOOPBACKS seq 15 permit 6.6.6.6/32
ip prefix-list AS2LOOPBACKS seq 20 permit 7.7.7.7/32
!
route-map AS2LOOPBACKS permit 10
match ip address prefix-list AS2LOOPBACKS

R7 Config

ip vrf two
rd 2:2
route-target export 2:2
route-target import 2:2
!
pseudowire-class AS3-AS4
encapsulation mpls
!
interface Loopback0
ip address 7.7.7.7 255.255.255.255
!
interface FastEthernet1/0
ip address 192.168.67.7 255.255.255.0
mpls ip
!
interface FastEthernet1/1
xconnect 5.5.5.5 34 pw-class AS3-AS4
!
interface FastEthernet2/0
ip vrf forwarding two
ip address 192.168.167.7 255.255.255.0
!
router ospf 1
log-adjacency-changes
network 7.7.7.7 0.0.0.0 area 0
network 192.168.67.7 0.0.0.0 area 0
!
router bgp 2
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 5.5.5.5 remote-as 2
neighbor 5.5.5.5 update-source Loopback0
!
address-family ipv4
no synchronization
no auto-summary
exit-address-family
!
address-family vpnv4
neighbor 5.5.5.5 activate
neighbor 5.5.5.5 send-community extended
exit-address-family
!
address-family ipv4 vrf two
no synchronization
redistribute connected
redistribute static
exit-address-family
!
ip route vrf two 16.16.16.16 255.255.255.255 192.168.167.16

R8 Config

ip vrf 34
rd 34:34
route-target export 34:34
route-target import 34:34
!
interface Loopback0
ip address 8.8.8.8 255.255.255.255
!
interface Loopback1
ip address 8.8.8.81 255.255.255.255
!
interface Tunnel0
ip address 3.4.34.8 255.255.255.0
mpls bgp forwarding
tunnel source Loopback1
tunnel destination 10.10.10.11
!
interface FastEthernet1/0
ip address 192.168.89.8 255.255.255.0
mpls ip
!
interface FastEthernet1/1
ip address 192.168.128.8 255.255.255.0
!
interface FastEthernet2/0
ip vrf forwarding 34
ip address 192.168.138.8 255.255.255.0
!
router ospf 1
log-adjacency-changes
network 8.8.8.8 0.0.0.0 area 0
network 192.168.89.8 0.0.0.0 area 0
!
router bgp 3
bgp log-neighbor-changes
neighbor 3.4.34.10 remote-as 4
neighbor 10.10.10.10 remote-as 4
neighbor 10.10.10.10 ebgp-multihop 4
neighbor 10.10.10.10 update-source Loopback0
neighbor 192.168.128.12 remote-as 12
!
address-family ipv4
no synchronization
network 8.8.8.81 mask 255.255.255.255
no neighbor 3.4.34.10 activate
no neighbor 10.10.10.10 activate
neighbor 192.168.128.12 activate
no auto-summary
exit-address-family
!
address-family vpnv4
neighbor 3.4.34.10 activate
neighbor 3.4.34.10 send-community extended
neighbor 10.10.10.10 activate
neighbor 10.10.10.10 send-community extended
neighbor 10.10.10.10 route-map LOCAL-PREFERENCE-200 in
exit-address-family
!
address-family ipv4 vrf 34
no synchronization
redistribute connected
redistribute static
exit-address-family
!
ip route vrf 34 13.13.13.13 255.255.255.255 192.168.138.13
!
route-map LOCAL-PREFERENCE-200 permit 10
set local-preference 200
!
mpls ldp router-id Loopback0 force

R9 Config

interface Loopback0
ip address 9.9.9.9 255.255.255.255
!
interface FastEthernet0/0
ip address 192.168.119.9 255.255.255.0
!
interface FastEthernet0/1
ip address 192.168.89.9 255.255.255.0
mpls ip
!
router ospf 1
log-adjacency-changes
redistribute bgp 3 subnets route-map AS4-LOOPBACKS
network 9.9.9.9 0.0.0.0 area 0
network 192.168.89.9 0.0.0.0 area 0
!
router bgp 3
no synchronization
bgp log-neighbor-changes
redistribute ospf 1 route-map AS3-LOOPBACKS
neighbor 192.168.119.11 remote-as 4
neighbor 192.168.119.11 send-label
no auto-summary
!
ip prefix-list AS3-LOOPBACKS seq 5 permit 8.8.8.8/32
!
ip prefix-list AS4-LOOPBACKS seq 5 permit 10.10.10.10/32
!
route-map AS3-LOOPBACKS permit 10
match ip address prefix-list AS3-LOOPBACKS
!
route-map AS4-LOOPBACKS permit 10
match ip address prefix-list AS4-LOOPBACKS
!
mpls ldp router-id Loopback0 force

R10 Config

ip vrf 34
rd 34:34
route-target export 34:34
route-target import 34:34
!
interface Loopback0
ip address 10.10.10.10 255.255.255.255
!
interface Loopback1
ip address 10.10.10.11 255.255.255.255
!
interface Tunnel0
ip address 3.4.34.10 255.255.255.0
mpls bgp forwarding
tunnel source Loopback1
tunnel destination 8.8.8.81
!
interface FastEthernet1/0
ip address 192.168.110.10 255.255.255.0
mpls ip
!
interface FastEthernet1/1
ip address 192.168.112.10 255.255.255.0
!
interface FastEthernet2/0
ip vrf forwarding 34
ip address 192.168.114.10 255.255.255.0
!
router ospf 1
log-adjacency-changes
network 10.10.10.10 0.0.0.0 area 0
network 192.168.110.10 0.0.0.0 area 0
!
router bgp 4
bgp log-neighbor-changes
neighbor 3.4.34.8 remote-as 3
neighbor 8.8.8.8 remote-as 3
neighbor 8.8.8.8 ebgp-multihop 4
neighbor 8.8.8.8 update-source Loopback0
neighbor 192.168.112.12 remote-as 12
!
address-family ipv4
no synchronization
network 10.10.10.11 mask 255.255.255.255
no neighbor 3.4.34.8 activate
no neighbor 8.8.8.8 activate
neighbor 192.168.112.12 activate
no auto-summary
exit-address-family
!
address-family vpnv4
neighbor 3.4.34.8 activate
neighbor 3.4.34.8 send-community extended
neighbor 8.8.8.8 activate
neighbor 8.8.8.8 send-community extended
neighbor 8.8.8.8 route-map LOCAL-PREFERENCE-200 in
exit-address-family
!
address-family ipv4 vrf 34
no synchronization
redistribute connected
redistribute static
exit-address-family
!
ip route vrf 34 14.14.14.14 255.255.255.255 192.168.114.14
!
route-map LOCAL-PREFERENCE-200 permit 10
set local-preference 200
!
mpls ldp router-id Loopback0 force

R11 Config

interface Loopback0
ip address 11.11.11.11 255.255.255.255
!
interface FastEthernet0/0
ip address 192.168.119.11 255.255.255.0
!
interface FastEthernet0/1
ip address 192.168.110.11 255.255.255.0
mpls ip
!
router ospf 1
log-adjacency-changes
redistribute bgp 4 subnets route-map AS3LOOPBACKS
network 11.11.11.11 0.0.0.0 area 0
network 192.168.110.11 0.0.0.0 area 0
!
router bgp 4
no synchronization
bgp log-neighbor-changes
redistribute ospf 1 route-map AS4LOOPBACKS
neighbor 192.168.119.9 remote-as 3
neighbor 192.168.119.9 send-label
no auto-summary
!
ip prefix-list AS3LOOPBACKS seq 5 permit 8.8.8.8/32
!
ip prefix-list AS4LOOPBACKS seq 5 permit 10.10.10.10/32
!
route-map AS4LOOPBACKS permit 10
match ip address prefix-list AS4LOOPBACKS
!
route-map AS3LOOPBACKS permit 10
match ip address prefix-list AS3LOOPBACKS
!
mpls ldp router-id Loopback0 force

R12 Config

interface FastEthernet0/0
ip address 192.168.112.12 255.255.255.0
!
interface FastEthernet0/1
ip address 192.168.128.12 255.255.255.0
!
router bgp 12
no synchronization
bgp log-neighbor-changes
neighbor 192.168.112.10 remote-as 4
neighbor 192.168.128.8 remote-as 3
no auto-summary

R13 Config

interface Loopback0
ip address 13.13.13.13 255.255.255.255
!
interface FastEthernet0/0
ip address 192.168.138.13 255.255.255.0
!
ip route 0.0.0.0 0.0.0.0 192.168.138.8

R14 Config

interface Loopback0
ip address 14.14.14.14 255.255.255.255
!
interface FastEthernet0/0
ip address 192.168.114.14 255.255.255.0
!
ip route 0.0.0.0 0.0.0.0 192.168.114.10

R15 Config

interface Loopback0
ip address 15.15.15.15 255.255.255.255
!
interface FastEthernet0/0
ip address 192.168.155.15 255.255.255.0
!
ip route 0.0.0.0 0.0.0.0 192.168.155.5

R16 Config

interface Loopback0
ip address 16.16.16.16 255.255.255.255
!
interface FastEthernet0/0
ip address 192.168.167.16 255.255.255.0
!
ip route 0.0.0.0 0.0.0.0 192.168.167.7