In the previous post I showed how bgp table-map can be used for the selective route download. Here we will take a look at another use of this command, that is, associating IP Precedence values with selected BGP prefixes. By applying QoS policy to inbound prefixes we can easily mark traffic coming from a given AS, or going to a particular client. We can set IP Precedence value using route-map, and prefix list, ACLs, or communities to classify match prefixes of interest. Topology for the examples to follow is shown below. We have an ISP router in the middle and...
Tag: CCIE
BGP table-map is a feature that allows us to filter, or set properties of, the BGP routes marked for installation into the RIB. One scenario where we could use table-map is a dedicated IPv4 RR that doesn't need to have all of the routes it receives in the RIB, but it still needs to propagate them to its clients. We will test BGP Selective route download using the below simple topology. RRC1 advertises 4 prefixes to RR. These prefixes are 110.0.[0-3].0/24 . RRC2 also advertises 4 prefixes to RR. These prefixes are 120.0.[0-3].0/24...
Role based access control for CLI allows us to set up a very granular permissions for user accounts. We can have a role called NOC that will have right to use only selected show commands. Or we could have a role for Junior Engineers that will allow them to configure only certain aspects of the device like interface descriptions. Before we can configure specific views, we need to enable aaa and configure enable password: aaa-new model enable secret cisco After that we can enter the root view to confirm parser views are enabled: R1#enable view Password: R1#sh parser...
In this post I want to show how to configure DMVPN with IPSEC, with tunnel source/destination IPs located in a separate VRF. Idea here is to have underlay network running in a VRF, often called FVRF or Front Door VRF. By using Front Door VRF we are isolating transport network, usually Internet facing, and this allows us to configure default route that won't interfere with routing in our global table. There are other benefits of this design and it's quite commonly used in the SP/Enterprise world. We will be working with the following topology: R1 is a DMVPN...
A lot of sources say configuring MPLS BGP peering using /32 loopbacks is recommended, or even required. So what, if anything, happens when we set up MP-BGP peering using loopbacks with /24 addresses? We will test this on a simple topology with 2 PEs, 2 CEs and 1 P routers. PE1 and PE2 have BGP peering configured using their loopbacks, 10.1.1.1/24 and 10.1.2.2/24 . Client sites, placed in vrf RED, are running BGP AS65015 with PEs and have the following networks configured: CE1 50.0.0.0/24 50.0.1.0/24...