In this post I want to show how to configure DMVPN with IPSEC, with tunnel source/destination IPs located in a separate VRF. Idea here is to have underlay network running in a VRF, often called FVRF or Front Door VRF. By using Front Door VRF we are isolating transport network, usually Internet facing, and this allows us to configure default route that won't interfere with routing in our global table. There are other benefits of this design and it's quite commonly used in the SP/Enterprise world. We will be working with the following topology: R1 is a DMVPN...
I recently had a need to read values from a file and insert them into a dictionary of dictionaries. This could be useful for having, say, dictionary with hostnames of some devices as keys and values being dictionaries with data collected from each of the devices. To achieve that I created a helper dictionary which had data for each device that I read from a file. Then I would assign a copy of a helper dictionary to the key equal to the name of the device for which I collected data. My code was functionally identical to the below snippet:...
A lot of sources say configuring MPLS BGP peering using /32 loopbacks is recommended, or even required. So what, if anything, happens when we set up MP-BGP peering using loopbacks with /24 addresses? We will test this on a simple topology with 2 PEs, 2 CEs and 1 P routers. PE1 and PE2 have BGP peering configured using their loopbacks, 10.1.1.1/24 and 10.1.2.2/24 . Client sites, placed in vrf RED, are running BGP AS65015 with PEs and have the following networks configured: CE1 50.0.0.0/24 50.0.1.0/24...