. Sunday, March 30, 2014
ROUTING IPv6 v3.0
With Cisco and Quagga PC based
Routers using GNS3, Cisco IOS, PC,
freeBSD, Quagga, pfSense
OSPF v2 for IPv4 & OSPF v3
for IPv6
Version 1.3
http://www.ipv6forlife.com/Tutorial/labDS/
Part 1
By Fred Bovy. Ccie #3013
© Fred Bovy EIRL. IPv6 For Life. Page 1
. Sunday, March 30, 2014
Table of Contents
1.Lab Setup................................................................................................................................................7
2.Introduction.............................................................................................................................................7
1.2.instances..........................................................................................................................................8
1.3.Security............................................................................................................................................8
1.4.Database Changes............................................................................................................................9
Two New LSAs.................................................................................................................................9
Two LSAs have a new name..........................................................................................................12
1.5.Router ID.......................................................................................................................................12
2. OSPF Basic Troubleshooting..........................................................................................................14
2.1 Cisco Logging Debug....................................................................................................................15
2.1. OSPF Multicast Addresses...........................................................................................................17
2.2. OSPF Networks Types.................................................................................................................18
3.OSPFv3 Architectures...........................................................................................................................20
4.Type of Area..........................................................................................................................................25
4.1 Stub Area.......................................................................................................................................26
4.2 Totally Stuby Area.........................................................................................................................28
Configuration..................................................................................................................................28
IPv6 route of a Totally Stubby Area Router...................................................................................29
Not So Stubby Area.............................................................................................................................30
Totally Not So Stubby Area.................................................................................................................31
A. Router Configurations.........................................................................................................................32
R1........................................................................................................................................................32
R2........................................................................................................................................................34
R3........................................................................................................................................................36
R4........................................................................................................................................................37
B. GLBP...................................................................................................................................................40
C. BGP Connection..................................................................................................................................42
BGP Lab Topology..............................................................................................................................42
Differences with IPv6..........................................................................................................................43
Some useful commands.......................................................................................................................43
BGP Configuration..............................................................................................................................44
On R3..............................................................................................................................................44
On R2..............................................................................................................................................45
On R5..............................................................................................................................................45
On R6..............................................................................................................................................46
5.Introduction to MP-BGP lab.................................................................................................................49
6.Lab Setup..............................................................................................................................................50
7.Lab BGP Configuration........................................................................................................................51
7.1 Summary.......................................................................................................................................51
7.2 BGP Configuration........................................................................................................................51
R6 BGP Configuration....................................................................................................................51
R8-ISP2 BGP Configuration..........................................................................................................52
R7 BGP Configuration....................................................................................................................53
© Fred Bovy EIRL. IPv6 For Life. Page 2
. Sunday, March 30, 2014
R9-ISP1 BGP Configuration..........................................................................................................53
8.BGP Reminder......................................................................................................................................54
8.1 BGP Connection Messages and States..........................................................................................54
8.2 eBGP Sessions...............................................................................................................................56
eBGP Multihop...............................................................................................................................56
eBGP Routes dampening. Increasing Stability...............................................................................56
8.3 iBGP Sessions...............................................................................................................................56
Scaling iBGP..................................................................................................................................56
iBGP Stability.................................................................................................................................56
8.4 BGP Attributes...............................................................................................................................56
8.5 BGP Best Path Selection Algorithm..............................................................................................58
8.6 Scaling BGP .................................................................................................................................61
Route-Reflectors.............................................................................................................................61
Peer-Group......................................................................................................................................61
8.7 Security and MD5 Password.........................................................................................................62
9.Useful Cisco BGP IPv6 Commands Explained....................................................................................64
9.1. Show bgp ipv6 unicast summary..................................................................................................64
9.2. Show bgp ipv6 X:X:X...::X/X .....................................................................................................65
9.3. Show bgp ipv6 neighbor...............................................................................................................66
10.Checking data plane of BGP Recursive routes...................................................................................68
10.1 Mind the BGP Next-hop Rule.....................................................................................................68
R6 Configuration............................................................................................................................68
R7 Configuration............................................................................................................................69
10.2 Check the BGP data path on CISCO Routers (CEFv6)..............................................................70
11.Checking Redundancy.........................................................................................................................73
12.Routers Configurations.......................................................................................................................75
12.1 R1................................................................................................................................................75
12.2 R3................................................................................................................................................76
12.3 R4................................................................................................................................................77
12.4 R5 – BGP Route-Reflector..........................................................................................................79
12.5 R6................................................................................................................................................81
12.6 R7................................................................................................................................................82
12.7 R8-ISP2. AS 64000.....................................................................................................................84
12.8 R9-ISP1. AS 65000.....................................................................................................................85
13.Why a Migration to IS-IS?..................................................................................................................90
14.IS-IS Reminder...................................................................................................................................91
14.1 Introduction and history..............................................................................................................91
14.2 IS-IS Architecture........................................................................................................................92
14.3 Security........................................................................................................................................92
14.4 Neighbor Discovery....................................................................................................................92
14.5 Multipoint Networks...................................................................................................................92
14.6 Point to Point Networks..............................................................................................................94
15.Migration Steps...................................................................................................................................94
15.1. Backbone Configuration.............................................................................................................94
15.2 Verification that ISIS is running OK...........................................................................................94
© Fred Bovy EIRL. IPv6 For Life. Page 3
. Sunday, March 30, 2014
Check IS-IS neighbors....................................................................................................................94
Check that all IS-IS are Up from the database...............................................................................95
Remove OSPF for IPv4 and check the IPv4 Routing table............................................................96
Check the Router data plane (CEF and CEFv6) ............................................................................98
Troubleshoot a bug with an Incomplete Adjacency. ......................................................................98
Remove OSPFv3 for IPv6 and check the RIBv6..........................................................................100
15.3. Backbone Migration strategies.................................................................................................101
16.ISIS Troubleshooting........................................................................................................................101
16.1 Optimization for GigabitEthernet P2P......................................................................................103
16.2 MP-BGP Checking....................................................................................................................105
Address-family IPv4.....................................................................................................................105
Address-family IPv6.....................................................................................................................107
17.Moving to Multiarea in the first Area................................................................................................111
17.1 Migration to Multiarea Procedure.............................................................................................111
17.2 IS-IS Multiarea Configuration...................................................................................................112
Configuring Multiarea on R1-R6-R5............................................................................................112
R1 Configuration......................................................................................................................112
R5 Configuration......................................................................................................................114
R6 Configuration......................................................................................................................116
18.Checking configuration ................................................................................................................117
18.1 Checking R5-R6-R1..................................................................................................................117
show clns neighbors......................................................................................................................117
Show ipv6 route ...........................................................................................................................118
Display R1 and R5 LSPs on R6....................................................................................................119
18.2 Configuring Multiarea on R3-R7-R4........................................................................................120
Configure Route Leaking for Loopbacks.....................................................................................121
19.Checking the migration.....................................................................................................................122
19.1 Check IS-IS...............................................................................................................................122
19.2 show ip route.............................................................................................................................122
19.2 show bgp connection to the RR.................................................................................................122
19.3 Checking IS-IS..........................................................................................................................123
19.4 Troubleshooting a bug...............................................................................................................123
19.4 Check BGP Resiliency..............................................................................................................125
19.5 Inspect IS-IS Database..............................................................................................................126
Level 1 Databases.........................................................................................................................126
Level 2 Database...........................................................................................................................128
19.6 Check the BGP Routers Resiliency ........................................................................................130
20.Multiarea final Configurations..........................................................................................................131
20.1 R6..............................................................................................................................................131
20.2 R1..............................................................................................................................................133
20.3 R5..............................................................................................................................................134
20.4 R3..............................................................................................................................................136
20.5 R4..............................................................................................................................................138
20.6 R7..............................................................................................................................................140
20.7 The ISP Routers R9 and R8 Configs.........................................................................................141
© Fred Bovy EIRL. IPv6 For Life. Page 4
. Sunday, March 30, 2014
ISP2-R8........................................................................................................................................141
ISP1-R9........................................................................................................................................142
21.What is Quagga?...............................................................................................................................146
22.Quagga Configurations.....................................................................................................................147
/usr/local/etc/quagga/zebra.conf...................................................................................................148
Telnet to the Zebra daemon..........................................................................................................149
Check IP route .............................................................................................................................149
Check IPv6 Route.........................................................................................................................151
23.Quagga IS-IS Configuration.............................................................................................................151
IS-IS Configuration file................................................................................................................151
Telnet to IS-IS daemon.................................................................................................................153
Two Quagga installed...................................................................................................................158
From R1...................................................................................................................................158
From R1 all IS-IS Neighbors...................................................................................................159
24.Quagga BGP Configuration..............................................................................................................160
BGP Configuration file.................................................................................................................160
Telnet to the BGP daemon............................................................................................................161
25.Verifying the Routing is OK.............................................................................................................162
26.pfSense..............................................................................................................................................166
27.Final Configurations.........................................................................................................................167
27.1 The Core Level-1-2 Routers......................................................................................................167
R1..................................................................................................................................................167
R3..................................................................................................................................................169
R4..................................................................................................................................................171
R5..................................................................................................................................................172
26.2 The Customer Edge Level-1 Routers........................................................................................175
R6..................................................................................................................................................175
R7..................................................................................................................................................176
No change on ISP R8 and R9 see previous configurations..........................................................178
26.3 Quagga Configurations..............................................................................................................178
Quagga1 configuration files from /usr/local/etc/quagga/.............................................................178
Zebra config ...........................................................................................................................178
ISIS config...............................................................................................................................179
BGP Config..............................................................................................................................179
Quagga2 configuration files from /usr/local/etc/quagga/.............................................................180
Zebra Configuration.................................................................................................................180
ISIS Config..............................................................................................................................181
BGP Config..............................................................................................................................182
© Fred Bovy EIRL. IPv6 For Life. Page 5
. Sunday, March 30, 2014
Illustration Index
Illustration 1: Lab Setup.............................................................................................................................7
Illustration 2: OSPF Troubleshooting......................................................................................................14
Illustration 3: OSPF Network Types........................................................................................................19
Illustration 4: OSPF Regular Area...........................................................................................................25
Illustration 5: OSPF Stub Area.................................................................................................................26
Illustration 6: OSPF Totally Stubby Area................................................................................................29
Illustration 7: BGP Topology...................................................................................................................42
Illustration 8: OSPFv2, OSPFv3 and MP-BGP Setup.............................................................................50
Illustration 9: Show bgp ipv6 unicast xxxx:xxx...::/y Explained.............................................................65
Illustration 10: Final Lab Setup..............................................................................................................90
Illustration 11: IS-IS Architecture............................................................................................................91
Illustration 12: IS-IS 2 levels of Routing.................................................................................................92
Illustration 13: IS-IS Multiarea..............................................................................................................111
Illustration 14: Final Setup free9/Quagga and others PCs.....................................................................147
Illustration 15: My Working Station with GNS3 and Wireshark windows............................................151
© Fred Bovy EIRL. IPv6 For Life. Page 6
1.Lab Setup. Sunday, March 30, 2014
Illustration 1: Lab Setup
1.
Lab Setup
The Lab runs OSPFv2 and OSPFv3 it is dual-stacked in Area 0 except R5 which is in Area1.
Linux machines can ping each other. We have 3 VLANs and at least one PC in each VLAN.
The Left hand side uses only one but I configured two VLANs.
I have also configured GLBP for IPv4 1 and IPv6. Configuration are available at the end of
this document and on my web site with GNS3 files to copy it:
http://www.ipv6forlife.com/Tutorial/labDS/
2.
Introduction
Like IPv6 brought many improvements over IPv4, OSPFv3 also advertise them in the
Routing Protocol. OSPFv3 is now fully optimized for IPv6 and adds new features.
To summarize for those who don't have time to read more than one page here are the
1
There is a bug in my IOS and the GLBP configured for IPv4 is converted to IPv6 in the running-config.
© Fred Bovy EIRL. IPv6 For Life. Page 7
2.Introduction. Sunday, March 30, 2014
main changes:
1.2.
instances
For example, it is possible to run multiple, up to 16 instances of OSPFv3 which do not see
each other on the same VLAN. This can be very useful if many customers share a link at
some point of the network. The instance number is coded in the Hello so two routers will
not form a neighbor relationship if not in the same instance.
1.3.
Security
As IPv6 should be provided with IPSec, the Authentication has been removed from
OSPFv3 and is now supposed to be done by IPSec stack. Cisco has released
Authentication and even Encryption of OSPFv3 traffic thanks to IPSec. IPSec is better
than MD5 for Authentication as it changes the encryption key on a regular time basis and
exchange it safely over the unsafe network thanks to Diffie-Helmann. Otherwise if you
can capture enough traffic you can break the key and nobody will change them manually!
Example on Cisco Router Interface between R2 and R5:
ipv6 ospf encryption ipsec spi 1001 esp 3des
012345678901234567890123456789012345678901234567 sha1
0123456789012345678901234567890123456789
R5#show ipv6 ospf interface g0/0
GigabitEthernet0/0 is up, line protocol is up
Link Local Address FE80::C807:7CFF:FEFB:8, Interface ID 5
Area 1, Process ID 1, Instance ID 0, Router ID 192.168.100.5
Network Type BROADCAST, Cost: 1
3DES encryption SHA­1 auth SPI 1001, secure socket UP (errors: 0)
Transmit Delay is 1 sec, State DR, Priority 1
Designated Router (ID) 192.168.100.5, local address FE80::C807:7CFF:FEFB:8
Backup Designated router (ID) 10.0.0.2, local address FE80::C803:7CFF:FEFB:A8
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
Hello due in 00:00:05
Index 1/1/1, flood queue length 0
Next 0x0(0)/0x0(0)/0x0(0)
Last flood scan length is 1, maximum is 3
Last flood scan time is 0 msec, maximum is 0 msec
Neighbor Count is 1, Adjacent neighbor count is 1
Adjacent with neighbor 10.0.0.2 (Backup Designated Router)
© Fred Bovy EIRL. IPv6 For Life. Page 8
2.Introduction. Sunday, March 30, 2014
Suppress hello for 0 neighbor(s)
1.4.
Database Changes
Two New LSAs
•
One new LSA to advertise on the Link Only the Router Link-Local Address.
R3>show ipv6 ospf database link adv­router 10.0.0.3
OSPFv3 Router with ID (10.0.0.3) (Process ID 1)
Link (Type­8) Link States (Area 0)
LS age: 1351
Options: (V6­Bit, E­Bit, R­bit, DC­Bit)
LS Type: Link­LSA (Interface: GigabitEthernet0/0.2)
Link State ID: 15 (Interface ID)
Advertising Router: 10.0.0.3
LS Seq Number: 8000000C
Checksum: 0x5207
Length: 56
Router Priority: 1
Link Local Address: FE80::C805:7CFF:FEFB:8
Number of Prefixes: 1
Prefix Address: 2001:DB8:678:1006::
Prefix Length: 64, Options: None
LS age: 1351
Options: (V6­Bit, E­Bit, R­bit, DC­Bit)
LS Type: Link­LSA (Interface: GigabitEthernet0/0.1)
Link State ID: 14 (Interface ID)
Advertising Router: 10.0.0.3
LS Seq Number: 8000000C
Checksum: 0x3625
Length: 56
Router Priority: 1
Link Local Address: FE80::C805:7CFF:FEFB:8
Number of Prefixes: 1
Prefix Address: 2001:DB8:678:1005::
Prefix Length: 64, Options: None
LS age: 109
Options: (V6­Bit, E­Bit, R­bit, DC­Bit)
LS Type: Link­LSA (Interface: GigabitEthernet1/0)
© Fred Bovy EIRL. IPv6 For Life. Page 9
2.Introduction. Sunday, March 30, 2014
Link State ID: 6 (Interface ID)
Advertising Router: 10.0.0.3
LS Seq Number: 8000000D
Checksum: 0x35E0
Length: 44
Router Priority: 1
Link Local Address: FE80::C805:7CFF:FEFB:1C
Number of Prefixes: 0
LS age: 109
Options: (V6­Bit, E­Bit, R­bit, DC­Bit)
LS Type: Link­LSA (Interface: GigabitEthernet2/0)
Link State ID: 7 (Interface ID)
Advertising Router: 10.0.0.3
LS Seq Number: 8000000D
Checksum: 0x9563
Length: 44
Router Priority: 1
Link Local Address: FE80::C805:7CFF:FEFB:38
Number of Prefixes: 0
LS age: 110
Options: (V6­Bit, E­Bit, R­bit, DC­Bit)
LS Type: Link­LSA (Interface: GigabitEthernet3/0)
Link State ID: 8 (Interface ID)
Advertising Router: 10.0.0.3
LS Seq Number: 8000000D
Checksum: 0xF5E5
Length: 44
Router Priority: 1
Link Local Address: FE80::C805:7CFF:FEFB:54
Number of Prefixes: 0
© Fred Bovy EIRL. IPv6 For Life. Page 10
2.Introduction. Sunday, March 30, 2014
•
One Intra-Area Prefixes LSA.
The Router LSA does not provide any Prefix information anymore, only topological
information! So we got a LSA dedicated to advertise prefixes and a LSA to advertise
topology like who are our neighbors and the status of our links. It is easier than before to
figure out as we do not need to use tricks to advertise a subnet mask of a point-to-point
Network like before.
R3>shOW ipv6 ospf database prefix adv­router 10.0.0.3
OSPFv3 Router with ID (10.0.0.3) (Process ID 1)
Intra Area Prefix Link States (Area 0)
Routing Bit Set on this LSA
LS age: 1686
LS Type: Intra­Area­Prefix­LSA
Link State ID: 14336
Advertising Router: 10.0.0.3
LS Seq Number: 8000000C
Checksum: 0x726D
Length: 44
Referenced LSA Type: 2002
Referenced Link State ID: 14
Referenced Advertising Router: 10.0.0.3
Number of Prefixes: 1
Prefix Address: 2001:DB8:678:1005::
Prefix Length: 64, Options: None, Metric: 0
Routing Bit Set on this LSA
LS age: 1686
LS Type: Intra­Area­Prefix­LSA
Link State ID: 15360
Advertising Router: 10.0.0.3
LS Seq Number: 8000000C
Checksum: 0x6A6F
Length: 44
Referenced LSA Type: 2002
Referenced Link State ID: 15
Referenced Advertising Router: 10.0.0.3
Number of Prefixes: 1
Prefix Address: 2001:DB8:678:1006::
Prefix Length: 64, Options: None, Metric: 0
© Fred Bovy EIRL. IPv6 For Life. Page 11
2.Introduction. Sunday, March 30, 2014
Two LSAs have a new name
The ABR Summary LSA (Type 3) is now an Inter-Area Prefixes LSA and the Type
4 Summary-LSA became Inter-Area-Router-LSAs
R5#show ipv6 ospf database inter­area router
OSPFv3 Router with ID (192.168.100.5) (Process ID 1)
Inter Area Router Link States (Area 1)
Routing Bit Set on this LSA
LS age: 61
Options: (V6­Bit, E­Bit, R­bit, DC­Bit)
LS Type: Inter Area Router Links
Link State ID: 167772163
Advertising Router: 10.0.0.2
LS Seq Number: 80000001
Checksum: 0x706F
Length: 32
Metric: 1
Destination Router ID: 10.0.0.3
1.5.
Router ID
No change with OSPFv2. You still need a Router ID in IPv4 format. The best recommendation is
still to configure a loopback 0 interface with an IPv4 Interface. It will be used by many protocols like
BGP. So even for an IPv6 Only Router, configure a loopback with a /32 IP address.
Eventually you can also configure a /128 IPv6 Address for Router management.
R2>show ipv6 ospf
Routing Process "ospfv3 1" with ID 10.0.0.2
It is an area border and autonomous system boundary router
Redistributing External Routes from,
static with metric 5
SPF schedule delay 5 secs, Hold time between two SPFs 10 secs
Minimum LSA interval 5 secs. Minimum LSA arrival 1 secs
LSA group pacing timer 240 secs
Interface flood pacing timer 33 msecs
Retransmission pacing timer 66 msecs
Number of external LSA 2. Checksum Sum 0x00F2FA
Number of areas in this router is 2. 2 normal 0 stub 0 nssa
Reference bandwidth unit is 100 mbps
© Fred Bovy EIRL. IPv6 For Life. Page 12
2.Introduction. Sunday, March 30, 2014
Area BACKBONE(0)
Number of interfaces in this area is 6
SPF algorithm executed 804 times
Number of LSA 20. Checksum Sum 0x0AD206
Number of DCbitless LSA 0
Number of indication LSA 0
Number of DoNotAge LSA 0
Flood list length 0
Area 1
Number of interfaces in this area is 1
SPF algorithm executed 4 times
Number of LSA 12. Checksum Sum 0x063391
Number of DCbitless LSA 0
Number of indication LSA 0
Number of DoNotAge LSA 0
Flood list length 0
© Fred Bovy EIRL. IPv6 For Life. Page 13
2.Introduction. Sunday, March 30, 2014
2. OSPF Basic Troubleshooting
Illustration 2: OSPF Troubleshooting
© Fred Bovy EIRL. IPv6 For Life. Page 14
2.Introduction. Sunday, March 30, 2014
2.1 Cisco Logging Debug
debug ipv6 ospf adjacency output of a session restarting after IPSec configuration
*Mar 14 18:54:09.919: OSPFv3: Rcv DBD from 10.0.0.2 on GigabitEthernet0/0 seq 0x534 opt 0x0013 flag 0x7
len 28 mtu 1500 state INIT
*Mar 14 18:54:09.919: OSPFv3: 2 Way Communication to 10.0.0.2 on GigabitEthernet0/0, state 2WAY
*Mar 14 18:54:09.919: OSPFv3: Neighbor change Event on interface GigabitEthernet0/0
*Mar 14 18:54:09.919: OSPFv3: DR/BDR election on GigabitEthernet0/0
*Mar 14 18:54:09.919: OSPFv3: Elect BDR 0.0.0.0
*Mar 14 18:54:09.919: OSPFv3: Elect DR
*Mar 14 18:54:09.919:
192.168.100.5
DR: 192.168.100.5 (Id)
BDR: none
*Mar 14 18:54:09.919: OSPFv3: GigabitEthernet0/0 Nbr 10.0.0.2: Prepare dbase exchange
*Mar 14 18:54:09.919: OSPFv3: Send DBD to 10.0.0.2 on GigabitEthernet0/0 seq 0x112D opt 0x0013 flag 0x7
len 28
*Mar 14 18:54:09.923: OSPFv3: First DBD and we are not SLAVE
*Mar 14 18:54:09.931: OSPFv3: Neighbor change Event on interface GigabitEthernet0/0
*Mar 14 18:54:09.931: OSPFv3: DR/BDR election on GigabitEthernet0/0
*Mar 14 18:54:09.931: OSPFv3: Elect BDR 10.0.0.2
*Mar 14 18:54:09.931: OSPFv3: Elect DR 192.168.100.5
*Mar 14 18:54:09.931:
DR: 192.168.100.5 (Id)
BDR: 10.0.0.2 (Id)
*Mar 14 18:54:09.939: OSPFv3: Rcv DBD from 10.0.0.2 on GigabitEthernet0/0 seq 0x112D opt 0x0013 flag
0x2 len 328 mtu 1500 state EXSTART
*Mar 14 18:54:09.939: OSPFv3: NBR Negotiation Done. We are the MASTER
*Mar 14 18:54:09.939: OSPFv3: GigabitEthernet0/0 Nbr 10.0.0.2: Summary list built, size 13
*Mar 14 18:54:09.939: OSPFv3: Send DBD to 10.0.0.2 on GigabitEthernet0/0 seq 0x112E opt 0x0013 flag 0x1
len 288
*Mar 14 18:54:09.959: OSPFv3: Rcv LS REQ from 10.0.0.2 on GigabitEthernet0/0 length 40 LSA count 2
*Mar 14 18:54:09.959: OSPFv3: Send UPD to FE80::C803:7CFF:FEFB:A8 on GigabitEthernet0/0 length 72 LSA
count 2
*Mar 14 18:54:09.971: OSPFv3: Rcv DBD from 10.0.0.2 on GigabitEthernet0/0 seq 0x112E opt 0x0013 flag
0x0 len 28 mtu 1500 state EXCHANGE
*Mar 14 18:54:09.971: OSPFv3: Exchange Done with 10.0.0.2 on GigabitEthernet0/0
*Mar 14 18:54:09.971: OSPFv3: Send LS REQ to 10.0.0.2 length 156 LSA count 13
*Mar 14 18:54:09.991: OSPFv3: Rcv LS UPD from 10.0.0.2 on GigabitEthernet0/0 length 496 LSA count 13
*Mar 14 18:54:09.991: OSPFv3: Synchronized with 10.0.0.2 on GigabitEthernet0/0, state FULL
*Mar 14 18:54:09.991: %OSPFv3­5­ADJCHG: Process 1, Nbr 10.0.0.2 on GigabitEthernet0/0 from LOADING to
FULL, Loading Done
*Mar 14 18:54:09.991: OSPFv3: GigabitEthernet0/0 Nbr 10.0.0.2: Clean­up dbase exchange
You first need to be neighbor which means that you've got a bi-directional
communication. You know it because you see your Router ID in the Hello sent by your
Neighbor.
So the first commands you need are show ip ospf interface and show ip ospf
© Fred Bovy EIRL. IPv6 For Life. Page 15
2.Introduction. Sunday, March 30, 2014
neighbors. The same command exist with ipv6 instead of ip which is for IPv4.
R3>sh ip ospf neighbor
Neighbor ID
Pri
State
10.0.0.4
1
FULL/BDR
10.0.0.4
1
FULL/BDR
10.0.0.4
1
FULL/DR
10.0.0.2
1
FULL/BDR
Dead Time
00:00:39
00:00:39
00:00:34
00:00:33
Address
10.0.6.2
10.0.5.2
10.0.100.14
10.0.100.6
Interface
GigabitEthernet0/0.2
GigabitEthernet0/0.1
GigabitEthernet1/0
GigabitEthernet3/0
R3>show ip ospf neighbor detail
Neighbor 10.0.0.4, interface address 10.0.6.2
In the area 0 via interface GigabitEthernet0/0.2
Neighbor priority is 1, State is FULL, 6 state changes
DR is 10.0.6.1 BDR is 10.0.6.2
Options is 0x12 in Hello (E­bit, L­bit)
Options is 0x52 in DBD (E­bit, L­bit, O­bit)
LLS Options is 0x1 (LR)
Dead timer due in 00:00:39
Neighbor is up for 06:50:25
Index 5/5, retransmission queue length 0, number of retransmission 0
First 0x0(0)/0x0(0) Next 0x0(0)/0x0(0)
Last retransmission scan length is 0, maximum is 0
Last retransmission scan time is 0 msec, maximum is 0 msec
R3>show ipv6 ospf interface g0/0.1
GigabitEthernet0/0.1 is up, line protocol is up
Link Local Address FE80::C805:7CFF:FEFB:8, Interface ID 14
Area 0, Process ID 1, Instance ID 0, Router ID 10.0.0.3
Network Type BROADCAST, Cost: 1
Transmit Delay is 1 sec, State DR, Priority 1
Designated Router (ID) 10.0.0.3, local address FE80::C805:7CFF:FEFB:8
Backup Designated router (ID) 10.0.0.4, local address FE80::C806:7CFF:FEFB:8
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
Hello due in 00:00:06
Index 1/4/4, flood queue length 0
Next 0x0(0)/0x0(0)/0x0(0)
Last flood scan length is 1, maximum is 7
Last flood scan time is 0 msec, maximum is 0 msec
Neighbor Count is 1, Adjacent neighbor count is 1
Adjacent with neighbor 10.0.0.4 (Backup Designated Router)
Suppress hello for 0 neighbor(s)
R3>show ipv6 ospf neighbor
Neighbor ID
Pri
State
10.0.0.4
1
FULL/BDR
10.0.0.4
1
FULL/BDR
10.0.0.4
1
FULL/BDR
10.0.0.2
1
FULL/BDR
Dead Time
00:00:31
00:00:32
00:00:34
00:00:32
Interface ID
15
14
6
8
R3>show ipv6 ospf neighbor detail
Neighbor 10.0.0.4
In the area 0 via interface GigabitEthernet0/0.2
© Fred Bovy EIRL. IPv6 For Life. Page 16
Interface
GigabitEthernet0/0.2
GigabitEthernet0/0.1
GigabitEthernet1/0
GigabitEthernet3/0
2.Introduction. Sunday, March 30, 2014
Neighbor: interface­id 15, link­local address FE80::C806:7CFF:FEFB:8
Neighbor priority is 1, State is FULL, 6 state changes
DR is 10.0.0.3 BDR is 10.0.0.4
Options is 0x000013 in Hello (V6­Bit, E­Bit, R­bit)
Options is 0x000013 in DBD (V6­Bit, E­Bit, R­bit)
Dead timer due in 00:00:36
Neighbor is up for 05:58:34
Index 1/4/4, retransmission queue length 0, number of retransmission
First 0x0(0)/0x0(0)/0x0(0) Next 0x0(0)/0x0(0)/0x0(0)
Last retransmission scan length is 1, maximum is 2
Last retransmission scan time is 0 msec, maximum is 0 msec
Neighbor 10.0.0.4
In the area 0 via interface GigabitEthernet0/0.1
Neighbor: interface­id 14, link­local address FE80::C806:7CFF:FEFB:8
Neighbor priority is 1, State is FULL, 6 state changes
DR is 10.0.0.3 BDR is 10.0.0.4
Options is 0x000013 in Hello (V6­Bit, E­Bit, R­bit)
Options is 0x000013 in DBD (V6­Bit, E­Bit, R­bit)
Dead timer due in 00:00:38
Neighbor is up for 05:58:49
Index 1/3/3, retransmission queue length 0, number of retransmission
First 0x0(0)/0x0(0)/0x0(0) Next 0x0(0)/0x0(0)/0x0(0)
Last retransmission scan length is 1, maximum is 2
Last retransmission scan time is 0 msec, maximum is 0 msec
Neighbor 10.0.0.4
In the area 0 via interface GigabitEthernet1/0
Neighbor: interface­id 6, link­local address FE80::C806:7CFF:FEFB:1C
Neighbor priority is 1, State is FULL, 6 state changes
DR is 10.0.0.3 BDR is 10.0.0.4
Options is 0x000013 in Hello (V6­Bit, E­Bit, R­bit)
Options is 0x000013 in DBD (V6­Bit, E­Bit, R­bit)
Dead timer due in 00:00:38
Neighbor is up for 06:10:38
Index 1/2/2, retransmission queue length 0, number of retransmission
First 0x0(0)/0x0(0)/0x0(0) Next 0x0(0)/0x0(0)/0x0(0)
Last retransmission scan length is 0, maximum is 2
Last retransmission scan time is 0 msec, maximum is 0 msec
Neighbor 10.0.0.2
In the area 0 via interface GigabitEthernet3/0
Neighbor: interface­id 8, link­local address FE80::C803:7CFF:FEFB:54
Neighbor priority is 1, State is FULL, 12 state changes
DR is 10.0.0.3 BDR is 10.0.0.2
Options is 0x000013 in Hello (V6­Bit, E­Bit, R­bit)
Options is 0x000013 in DBD (V6­Bit, E­Bit, R­bit)
Dead timer due in 00:00:35
Neighbor is up for 04:20:30
Index 1/1/1, retransmission queue length 0, number of retransmission
First 0x0(0)/0x0(0)/0x0(0) Next 0x0(0)/0x0(0)/0x0(0)
Last retransmission scan length is 2, maximum is 5
Last retransmission scan time is 0 msec, maximum is 0 msec
24
16
23
7
2.1. OSPF Multicast Addresses
Then you may be Adjacent if you synchronize your database with your neighbor. On a
Point-to-Point all the neighbors need to be Adjacent.
© Fred Bovy EIRL. IPv6 For Life. Page 17
2.Introduction. Sunday, March 30, 2014
On a LAN interface, you only need to be adjacent with the Designated Router or DR and
its Backup or BDR. With the other neighbors of the multipoint network you are Two-Way.
On a Multipoint Network you are Adjacent with the DR and the BDR who have got a
dedicated multicast address so you can send them a packet without having to duplicate.
All OSPF routers use 224.0.0.5 and ff02::5. The DR and BDR have 224.0.0.6 for IPv4 and
ff02::6 for IPv6 Multicast Addresses..
OSPF makes a difference between transit Networks and Stub Networks.
When the hello is not successful to form a relationship, check the timers .It can often
occurs when you mix interface type for instance having a Point-to-point interface in front
of a Non-Broadcast interface. LAN interface Timers are 10/40 when WAN interfaces timers
are 30/120. The first number is the HELLO interval and the second number is the DEAD
interval. Interface with different timers will not form Neighbor relationship and will never
be Adjacent.
2.2. OSPF Networks Types
Many problems come from the ignorance of the different interface type that OSPF can
deal with. The benefit and drawbacks from each.
The two basics Network type for OSPF are Point-to-Point and Multipoint.
The Multipoint Networks supports Broadcast and Multicast or Not (NBMA). They need a
DR and a BDR to optimize the flooding and generates one LSA on the behalf of all nodes
instead of repeating the same thing by all nodes.
The Point-to-Point have CISCO modes to take the most of any partiaal meshed
Architectures easily. This is Point-to-Multipoint and Point-to-Multipoint NonBroadcast.
The default for LAN interface is BROADCAST and for Serial Interface is Non-Broadcast.
The Multipoint Interfaces needs a DR, the point-to-point don't.
The Gigabit Interfaces are configured as Multipoints Interfaces by OSPF. I recommend if
you use your Gig or 10Gig interface as a dedicated p2p between two routers to set them
as Point-to-Point, the interface will not wait 40 Seconds before being activated when you
do a no shut. Don't do it if the Gig interface is on a VLAN with multiple neighbors.
© Fred Bovy EIRL. IPv6 For Life. Page 18
2.Introduction. Sunday, March 30, 2014
Illustration 3: OSPF Network Types
DR and BDR
On a Point-to-Point we must be adjacent with all the neighbors.
On a Multipoint we must be adjacent with the DR and the BDR and two-Way
neighbors with the others.
When we are adjacent and neighbors with the right routers. We can check the Network
LSA for each Multipoint interfaces: Broadcast or NBMA 2. Example:
R3#show ipv6 ospf database network adv­router 10.0.0.2
OSPFv3 Router with ID (10.0.0.3) (Process ID 1)
Net Link States (Area 0)
LS age: 62
Options: (V6­Bit, E­Bit, R­bit, DC­Bit)
LS Type: Network Links
Link State ID: 8 (Interface ID of Designated Router)
2
Non Broadcast Multiple Access
© Fred Bovy EIRL. IPv6 For Life. Page 19
2.Introduction. Sunday, March 30, 2014
Advertising Router: 10.0.0.2
LS Seq Number: 80000001
Checksum: 0x2DAE
Length: 32
Attached Router: 10.0.0.2
Attached Router: 10.0.0.3
3.
OSPFv3 Architectures
There is no difference with OSPFv2 on the OSPF Architectures. The full topology is only
available in the current Area with Router (Type 1) and Network (Type 2) LSA.
R3#sh ipv6 ospf database router adv­router 10.0.0.4
OSPFv3 Router with ID (10.0.0.3) (Process ID 1)
Router Link States (Area 0)
LS age: 1372
Options: (V6­Bit, E­Bit, R­bit, DC­Bit)
LS Type: Router Links
Link State ID: 0
Advertising Router: 10.0.0.4
LS Seq Number: 80000020
Checksum: 0xEC1F
Length: 88
Number of Links: 4
Link connected to: a Transit Network
Link Metric: 1
Local Interface ID: 15
Neighbor (DR) Interface ID: 15
Neighbor (DR) Router ID: 10.0.0.4
Link connected to: a Transit Network
Link Metric: 1
Local Interface ID: 14
Neighbor (DR) Interface ID: 14
Neighbor (DR) Router ID: 10.0.0.4
Link connected to: a Transit Network
Link Metric: 1
Local Interface ID: 7
Neighbor (DR) Interface ID: 7
Neighbor (DR) Router ID: 10.0.0.4
Link connected to: a Transit Network
Link Metric: 1
Local Interface ID: 6
© Fred Bovy EIRL. IPv6 For Life. Page 20
3.OSPFv3 Architectures. Sunday, March 30, 2014
Neighbor (DR) Interface ID: 6
Neighbor (DR) Router ID: 10.0.0.4
R3#show ipv6 ospf database network adv­router 10.0.0.4
OSPFv3 Router with ID (10.0.0.3) (Process ID 1)
Net Link States (Area 0)
LS age: 1579
Options: (V6­Bit, E­Bit, R­bit, DC­Bit)
LS Type: Network Links
Link State ID: 6 (Interface ID of Designated Router)
Advertising Router: 10.0.0.4
LS Seq Number: 80000002
Checksum: 0x4791
Length: 32
Attached Router: 10.0.0.4
Attached Router: 10.0.0.3
LS age: 1823
Options: (V6­Bit, E­Bit, R­bit, DC­Bit)
LS Type: Network Links
Link State ID: 7 (Interface ID of Designated Router)
Advertising Router: 10.0.0.4
LS Seq Number: 80000012
Checksum: 0xFB9
Length: 32
Attached Router: 10.0.0.4
Attached Router: 10.0.0.2
LS age: 1579
Options: (V6­Bit, E­Bit, R­bit, DC­Bit)
LS Type: Network Links
Link State ID: 14 (Interface ID of Designated Router)
Advertising Router: 10.0.0.4
LS Seq Number: 80000002
Checksum: 0xF6D9
Length: 32
Attached Router: 10.0.0.4
Attached Router: 10.0.0.3
LS age: 1580
Options: (V6­Bit, E­Bit, R­bit, DC­Bit)
LS Type: Network Links
Link State ID: 15 (Interface ID of Designated Router)
Advertising Router: 10.0.0.4
LS Seq Number: 80000002
Checksum: 0xECE2
Length: 32
© Fred Bovy EIRL. IPv6 For Life. Page 21
3.OSPFv3 Architectures. Sunday, March 30, 2014
Attached Router: 10.0.0.4
Attached Router: 10.0.0.3
The ABR summarize the routes when they can or send each route one by one as a
Distance-Vector Protocol with Inter Area LSA (Type 3). This is why all Areas MUST be
connected to Area 0. If it is impossible it is possible to connect the remote Area across a
Transit Area using a Virtual Link.
R5>show ipv6 ospf database inter­area prefix
OSPFv3 Router with ID (192.168.100.5) (Process ID 1)
Inter Area Prefix Link States (Area 1)
Routing Bit Set on this LSA
LS age: 1388
LS Type: Inter Area Prefix Links
Link State ID: 0
Advertising Router: 10.0.0.2
LS Seq Number: 80000008
Checksum: 0x6505
Length: 36
Metric: 1
Prefix Address: 2001:DB8:678:1003::
Prefix Length: 64, Options: None
Routing Bit Set on this LSA
LS age: 1388
LS Type: Inter Area Prefix Links
Link State ID: 1
Advertising Router: 10.0.0.2
LS Seq Number: 80000008
Checksum: 0x4921
Length: 36
Metric: 1
Prefix Address: 2001:DB8:678:1002::
Prefix Length: 64, Options: None
Routing Bit Set on this LSA
LS age: 1391
LS Type: Inter Area Prefix Links
Link State ID: 2
Advertising Router: 10.0.0.2
LS Seq Number: 80000008
Checksum: 0x2D3D
Length: 36
Metric: 1
© Fred Bovy EIRL. IPv6 For Life. Page 22
3.OSPFv3 Architectures. Sunday, March 30, 2014
Prefix Address: 2001:DB8:678:1001::
Prefix Length: 64, Options: None
Routing Bit Set on this LSA
LS age: 1397
LS Type: Inter Area Prefix Links
Link State ID: 3
Advertising Router: 10.0.0.2
LS Seq Number: 80000008
Checksum: 0x83DF
Length: 36
Metric: 2
Prefix Address: 2001:DB8:678:1006::
Prefix Length: 64, Options: None
Routing Bit Set on this LSA
LS age: 1398
LS Type: Inter Area Prefix Links
Link State ID: 4
Advertising Router: 10.0.0.2
LS Seq Number: 80000008
Checksum: 0x67FB
Length: 36
Metric: 2
Prefix Address: 2001:DB8:678:1005::
Prefix Length: 64, Options: None
An Autonomous System Border Router connect your OSPF domain to another domain. For
instance, a partner or the Internet. The ASBR generates a LSA Type 5 for each route that
it advertizes and these LSA are flooded across the whole domain.To compute the route to
the external route outside of the Area where the ASBR sits, the router needs the InterArea Router LSA to know how to reach the gateway. So, the ABR generates an Inter-Area
Router LSA (Type 4) flooded across the whole domain for the other Area router to reach
the Gateway.
R5>show ipv6 ospf database inter­area router
OSPFv3 Router with ID (192.168.100.5) (Process ID 1)
Inter Area Router Link States (Area 1)
Routing Bit Set on this LSA
LS age: 732
Options: (V6­Bit, E­Bit, R­bit, DC­Bit)
LS Type: Inter Area Router Links
Link State ID: 167772163
Advertising Router: 10.0.0.2
© Fred Bovy EIRL. IPv6 For Life. Page 23
3.OSPFv3 Architectures. Sunday, March 30, 2014
LS Seq Number: 80000002
Checksum: 0x6E70
Length: 32
Metric: 1
Destination Router ID: 10.0.0.3
R5#show ipv6 ospf data external
OSPFv3 Router with ID (192.168.100.5) (Process ID 1)
Type­5 AS External Link States
Routing Bit Set on this LSA
LS age: 291
LS Type: AS External Link
Link State ID: 0
Advertising Router: 10.0.0.2
LS Seq Number: 80000009
Checksum: 0x777D
Length: 32
Prefix Address: 2001:DB8::
Prefix Length: 32, Options: None
Metric Type: 2 (Larger than any link state path)
Metric: 5
LS age: 26
LS Type: AS External Link
Link State ID: 0
Advertising Router: 10.0.0.3
LS Seq Number: 8000000B
Checksum: 0x6D84
Length: 32
Prefix Address: 2001:DB8::
Prefix Length: 32, Options: None
Metric Type: 2 (Larger than any link state path)
Metric: 5
© Fred Bovy EIRL. IPv6 For Life. Page 24
4.Type of Area. Sunday, March 30, 2014
4.
Type of Area
The same types of Area exist in OSPFv3 from OSPFv2.
Regular Area receives Type 3, 4 and 5 LSA.
Illustration 4: OSPF Regular Area
© Fred Bovy EIRL. IPv6 For Life. Page 25
4.Type of Area. Sunday, March 30, 2014
4.1 Stub Area
Then you got the Stub area which filter the External Routes related LSAs:Type 4 and 5. We
still receive the Inter-Area LSA (Type 3). Below is a configuration and a Routing table of
such Area. “default-information originate always” inject a default route in the Area.
ipv6 router ospf 1
log­adjacency­changes
area 7 stub
default­information originate always
Illustration 5: OSPF Stub Area
© Fred Bovy EIRL. IPv6 For Life. Page 26
4.Type of Area. Sunday, March 30, 2014
R7#show ipv6 route
IPv6 Routing Table ­ Default ­ 20 entries
Codes: C ­ Connected, L ­ Local, S ­ Static, U ­ Per­user Static route
B ­ BGP, M ­ MIPv6, R ­ RIP, I1 ­ ISIS L1
I2 ­ ISIS L2, IA ­ ISIS interarea, IS ­ ISIS summary, D ­ EIGRP
EX ­ EIGRP external
O ­ OSPF Intra, OI ­ OSPF Inter, OE1 ­ OSPF ext 1, OE2 ­ OSPF ext 2
ON1 ­ OSPF NSSA ext 1, ON2 ­ OSPF NSSA ext 2
OI ::/0 [110/2]
via FE80::C803:DFF:FE03:70, GigabitEthernet1/0
OI 2001:678:ABC:1000::/64 [110/3]
via FE80::C803:DFF:FE03:70, GigabitEthernet1/0
C
2001:678:ABC:7000::/64 [0/0]
via GigabitEthernet1/0, directly connected
L
2001:678:ABC:7000::7/128 [0/0]
via GigabitEthernet1/0, receive
OI 2001:DB8:678::1/128 [110/3]
via FE80::C803:DFF:FE03:70, GigabitEthernet1/0
OI 2001:DB8:678::2/128 [110/2]
via FE80::C803:DFF:FE03:70, GigabitEthernet1/0
OI 2001:DB8:678::3/128 [110/2]
via FE80::C803:DFF:FE03:70, GigabitEthernet1/0
OI 2001:DB8:678::4/128 [110/1]
via FE80::C803:DFF:FE03:70, GigabitEthernet1/0
OI 2001:DB8:678:ABC:5::5/128 [110/3]
via FE80::C803:DFF:FE03:70, GigabitEthernet1/0
OI 2001:DB8:678:1001::/64 [110/4]
via FE80::C803:DFF:FE03:70, GigabitEthernet1/0
OI 2001:DB8:678:1002::/64 [110/3]
via FE80::C803:DFF:FE03:70, GigabitEthernet1/0
OI 2001:DB8:678:1003::/64 [110/3]
via FE80::C803:DFF:FE03:70, GigabitEthernet1/0
OI 2001:DB8:678:1005::/64 [110/2]
via FE80::C803:DFF:FE03:70, GigabitEthernet1/0
OI 2001:DB8:678:1006::/64 [110/2]
via FE80::C803:DFF:FE03:70, GigabitEthernet1/0
C
2001:DB8:678:7200::/64 [0/0]
via GigabitEthernet1/0, directly connected
L
2001:DB8:678:7200::7/128 [0/0]
via GigabitEthernet1/0, receive
OI 2001:DB8:678:8200::/64 [110/4]
via FE80::C803:DFF:FE03:70, GigabitEthernet1/0
LC 2001:DB8:ABC:7::7/128 [0/0]
via Loopback0, receive
OI 2001:DB8:ABC:8::8/128 [110/4]
via FE80::C803:DFF:FE03:70, GigabitEthernet1/0
L
FF00::/8 [0/0]
via Null0, receive
© Fred Bovy EIRL. IPv6 For Life. Page 27
4.Type of Area. Sunday, March 30, 2014
This is the Inter Area Prefix generated by the ABR for the default route:
R8>sh ipv6 ospf database inter­area prefix
OSPFv3 Router with ID (10.0.0.8) (Process ID 1)
Inter Area Prefix Link States (Area 8)
Routing Bit Set on this LSA
LS age: 1370
LS Type: Inter Area Prefix Links
Link State ID: 16
Advertising Router: 10.0.0.1
LS Seq Number: 80000003
Checksum: 0xA878
Length: 28
Metric: 1
Prefix Address: ::
Prefix Length: 0, Options: None
And this is the Link LSA of R1:
R8#sh ipv6 ospf data link adv­router 10.0.0.1
OSPFv3 Router with ID (10.0.0.8) (Process ID 1)
Link (Type­8) Link States (Area 8)
LS age: 1741
Options: (V6­Bit, R­bit, DC­Bit)
LS Type: Link­LSA (Interface: GigabitEthernet1/0)
Link State ID: 9 (Interface ID)
Advertising Router: 10.0.0.1
LS Seq Number: 80000003
Checksum: 0xBA5B
Length: 56
Router Priority: 1
Link Local Address: FE80::C802:CFF:FEF0:70
Number of Prefixes: 1
Prefix Address: 2001:DB8:678:8200::
Prefix Length: 64, Options: None
4.2 Totally Stuby Area
In these area, the ABR also filters the Inter-Area Prefixes and injecst a default route.
Configuration
ipv6 router ospf 1
area 8 stub no­summary
© Fred Bovy EIRL. IPv6 For Life. Page 28
4.Type of Area. Sunday, March 30, 2014
Illustration 6: OSPF Totally Stubby Area
IPv6 route of a Totally Stubby Area Router
R8>show ipv6 route
IPv6 Routing Table ­ Default ­ 5 entries
Codes: C ­ Connected, L ­ Local, S ­ Static, U ­ Per­user Static route
B ­ BGP, M ­ MIPv6, R ­ RIP, I1 ­ ISIS L1
I2 ­ ISIS L2, IA ­ ISIS interarea, IS ­ ISIS summary, D ­ EIGRP
EX ­ EIGRP external
O ­ OSPF Intra, OI ­ OSPF Inter, OE1 ­ OSPF ext 1, OE2 ­ OSPF ext 2
ON1 ­ OSPF NSSA ext 1, ON2 ­ OSPF NSSA ext 2
OI ::/0 [110/2]
© Fred Bovy EIRL. IPv6 For Life. Page 29
4.Type of Area. Sunday, March 30, 2014
C
L
LC
L
via FE80::C802:CFF:FEF0:70, GigabitEthernet1/0
2001:DB8:678:8200::/64 [0/0]
via GigabitEthernet1/0, directly connected
2001:DB8:678:8200::8/128 [0/0]
via GigabitEthernet1/0, receive
2001:DB8:ABC:8::8/128 [0/0]
via Loopback0, receive
FF00::/8 [0/0]
via Null0, receive
Here is the LSA for the default Route, R1 Loopback.
#show ipv6 ospf data inter­area prefix
OSPFv3 Router with ID (10.0.0.8) (Process ID 1)
Inter Area Prefix Link States (Area 8)
Routing Bit Set on this LSA
LS age: 1498
LS Type: Inter Area Prefix Links
Link State ID: 16
Advertising Router: 10.0.0.1
LS Seq Number: 80000002
Checksum: 0xAA77
Length: 28
Metric: 1
Prefix Address: ::
Prefix Length: 0, Options: None
Not So Stubby Area
Now, what if I have a Stub Area since I do not want to receive a long routing table made
of External routes but I want to redistribute in my Area a couple of Networks because a
group of users have a VSAT appliance only running RIP in their Lab for instance?
In this case you can configure it as a NSSA or a Not So Stubby Area.
In this case the redistributed routes will be LSA Type 7 because Type 5 are forbidden in a
Stub Area. One ABR3will be responsible to translate the LSA Type 7 to type 5 to connect
the small group to the rest of the planet.
The NSSA also permit the Inter-Area Prefix LSAa (Type 3) to see routes in other Area. If
this is a Problem you can configure your area as a Totally Not So Stubby Area!
3
Area Border Router
© Fred Bovy EIRL. IPv6 For Life. Page 30
4.Type of Area. Sunday, March 30, 2014
R8#conf t
R8(config)#ipv6 router ospf 1
R8(config­rtr)#no area 8 stub
R8(config­rtr)#area 8 nssa
R8(config­rtr)#redistribute connected
Totally Not So Stubby Area
And if you do not want to receive the Inter-Area Prefix (LSA Type 3) it is posssible to
configure the area with tge no auto-summary option and have a TOTALLY Not So Stubby
Area with “area 8 nssa no­summary”
R8#conf t
R8(config)#ipv6 router ospf 1
R8(config­rtr)#no area 8 nssa stub
R8(config­rtr)#area 8 nssa no auto­summary
R8(config­rtr)#redistribute connected
© Fred Bovy EIRL. IPv6 For Life. Page 31
A. Router Configurations. Sunday, March 30, 2014
A. Router Configurations
see http://www.ipv6forlife.com/Tutorial/labDS/
R1
!
!
upgrade fpd auto
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password­encryption
!
hostname R1
!
boot­start­marker
boot­end­marker
!
logging message­counter syslog
!
no aaa new­model
ip source­route
ip cef
ipv6 unicast­routing
ipv6 cef
!
multilink bundle­name authenticated
archive
log config
hidekeys
!
!
!
interface Loopback0
ip address 10.0.0.1 255.255.255.255
ipv6 address 2001:DB8:678::1/128
!
interface GigabitEthernet1/0.1
encapsulation dot1Q 1 native
ip address 10.0.1.1 255.255.255.0
ipv6 address 2001:DB8:678:1001::1/64
ipv6 ospf 1 area 0
glbp 1 ip 10.0.1.100
glbp 11 ipv6 autoconfig
!
interface GigabitEthernet1/0.2
© Fred Bovy EIRL. IPv6 For Life. Page 32
A. Router Configurations. Sunday, March 30, 2014
encapsulation dot1Q 2
ip address 10.0.2.1 255.255.255.0
ipv6 address 2001:DB8:678:1002::1/64
ipv6 ospf 1 area 0
glbp 2 ip 10.0.2.100
glbp 12 ipv6 autoconfig
!
interface GigabitEthernet1/0.3
encapsulation dot1Q 3
ip address 10.0.3.1 255.255.255.0
ipv6 address 2001:DB8:678:1003::1/64
ipv6 ospf 1 area 0
glbp 3 ip 10.0.3.100
glbp 13 ipv6 autoconfig
!
interface GigabitEthernet3/0
ip address 10.0.100.10 255.255.255.252
negotiation auto
router ospf 1
log­adjacency­changes
network 10.0.0.0 0.255.255.255 area 0
!
ip forward­protocol nd
no ip http server
no ip http secure­server
!
ipv6 router ospf 1
log­adjacency­changes
!
control­plane
!
gatekeeper
shutdown
!
line con 0
stopbits 1
line aux 0
stopbits 1
line vty 0 4
login
!
end
© Fred Bovy EIRL. IPv6 For Life. Page 33
A. Router Configurations. Sunday, March 30, 2014
R2
!
!
upgrade fpd auto
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password­encryption
!
hostname R2
!
boot­start­marker
boot­end­marker
!
logging message­counter syslog
!
no aaa new­model
ip source­route
ip cef
!
ipv6 unicast­routing
ipv6 cef
!
multilink bundle­name authenticated
!
archive
log config
hidekeys
!
interface Loopback0
ip address 10.0.0.2 255.255.255.255
ipv6 address 2001:DB8:678::2/128
interface GigabitEthernet1/0.1
encapsulation dot1Q 1 native
ip address 10.0.1.2 255.255.255.0
ipv6 address 2001:DB8:678:1001::2/64
ipv6 ospf 1 area 0
Glbp 1 10.0.1.100
glbp 11 ipv6 autoconfig
!
interface GigabitEthernet1/0.2
encapsulation dot1Q 2
ip address 10.0.2.2 255.255.255.0
ipv6 address 2001:DB8:678:1002::2/64
ipv6 ospf 1 area 0
glbp 2 ip 10.0.2.100
glbp 12 ipv6 autoconfig
© Fred Bovy EIRL. IPv6 For Life. Page 34
A. Router Configurations. Sunday, March 30, 2014
!
interface GigabitEthernet1/0.3
encapsulation dot1Q 3
ip address 10.0.3.2 255.255.255.0
ipv6 address 2001:DB8:678:1003::2/64
ipv6 ospf 1 area 0
glbp 3 ip 10.0.3.100
glbp 13 ipv6 autoconfig
!
interface GigabitEthernet2/0
ip address 10.0.100.2 255.255.255.252
negotiation auto
ipv6 enable
ipv6 ospf 1 area 0
!
interface GigabitEthernet3/0
ip address 10.0.100.6 255.255.255.252
negotiation auto
ipv6 enable
ipv6 ospf 1 area 0
!
interface GigabitEthernet4/0
ip address 10.0.100.17 255.255.255.252
negotiation auto
ipv6 enable
ipv6 ospf 1 area 0
!
router ospf 1
log­adjacency­changes
network 10.0.0.0 0.255.255.255 area 0
!
ip forward­protocol nd
no ip http server
no ip http secure­server
!
ipv6 router ospf 1
log­adjacency­changes
!
control­plane
gatekeeper
shutdown
!
line con 0
stopbits 1
line aux 0
stopbits 1
line vty 0 4
login
!
End
© Fred Bovy EIRL. IPv6 For Life. Page 35
A. Router Configurations. Sunday, March 30, 2014
R3
upgrade fpd auto
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password­encryption
!
hostname R3
!
boot­start­marker
boot­end­marker
!
logging message­counter syslog
!
no aaa new­model
ip source­route
ip cef
!
ipv6 unicast­routing
ipv6 cef
!
multilink bundle­name authenticated
!
archive
log config
hidekeys
!
interface Loopback0
ip address 10.0.0.3 255.255.255.255
ipv6 address 2001:DB8:678::3/128
ipv6 enable
!
interface GigabitEthernet0/0.1
encapsulation dot1Q 1 native
ip address 10.0.5.1 255.255.255.0
ipv6 address 2001:DB8:678:1005::3/64
ipv6 ospf 1 area 0
glbp 1 ip 10.0.5.100
glbp 11 ipv6 autoconfig
!
interface GigabitEthernet0/0.2
encapsulation dot1Q 2
ip address 10.0.6.1 255.255.255.0
ipv6 address 2001:DB8:678:1006::3/64
ipv6 ospf 1 area 0
glbp 2 ip 10.0.6.100
glbp 22 ipv6 autoconfig
© Fred Bovy EIRL. IPv6 For Life. Page 36
A. Router Configurations. Sunday, March 30, 2014
!
interface GigabitEthernet1/0
ip address 10.0.100.13 255.255.255.252
negotiation auto
ipv6 enable
ipv6 ospf 1 area 0
!
interface GigabitEthernet2/0
ip address 10.0.100.9 255.255.255.252
negotiation auto
ipv6 enable
ipv6 ospf 1 area 0
!
interface GigabitEthernet3/0
ip address 10.0.100.5 255.255.255.252
negotiation auto
ipv6 enable
ipv6 ospf 1 area 0
!
router ospf 1
log­adjacency­changes
network 10.0.0.0 0.255.255.255 area 0
!
ip local pool fred 10.0.5.100 10.0.5.140
ip forward­protocol nd
no ip http server
no ip http secure­server
ipv6 router ospf 1
log­adjacency­changes
!
control­plane
!
gatekeeper
shutdown
!
!
line con 0
stopbits 1
line aux 0
stopbits 1
line vty 0 4
login
!
End
R4
!
upgrade fpd auto
© Fred Bovy EIRL. IPv6 For Life. Page 37
A. Router Configurations. Sunday, March 30, 2014
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password­encryption
!
hostname R4
!
boot­start­marker
boot­end­marker
!
logging message­counter syslog
!
no aaa new­model
ip source­route
ip cef
!
ipv6 unicast­routing
ipv6 cef
!
multilink bundle­name authenticated
archive
log config
hidekeys
!
interface Loopback0
ip address 10.0.0.4 255.255.255.255
ipv6 address 2001:DB8:678::4/128
!
interface GigabitEthernet0/0
no ip address
duplex full
speed 1000
media­type gbic
negotiation auto
!
interface GigabitEthernet0/0.1
encapsulation dot1Q 1 native
ip address 10.0.5.2 255.255.255.0
ipv6 address 2001:DB8:678:1005::4/64
ipv6 ospf 1 area 0
glbp 1 ip 10.0.5.100
glbp 11 ipv6 autoconfig
!
interface GigabitEthernet0/0.2
encapsulation dot1Q 2
ip address 10.0.6.2 255.255.255.0
ipv6 address 2001:DB8:678:1006::4/64
ipv6 ospf 1 area 0
glbp 2 ip 10.0.6.100
© Fred Bovy EIRL. IPv6 For Life. Page 38
A. Router Configurations. Sunday, March 30, 2014
glbp 22 ipv6 autoconfig
!
interface GigabitEthernet1/0
ip address 10.0.100.14 255.255.255.252
negotiation auto
ipv6 enable
ipv6 ospf 1 area 0
!
interface GigabitEthernet2/0
ip address 10.0.100.18 255.255.255.252
negotiation auto
ipv6 enable
ipv6 ospf 1 area 0
!
router ospf 1
log­adjacency­changes
network 10.0.0.0 0.255.255.255 area 0
!
ip forward­protocol nd
no ip http server
no ip http secure­server
!
ipv6 router ospf 1
log­adjacency­changes
!
control­plane
!
gatekeeper
shutdown
!
line con 0
stopbits 1
line aux 0
stopbits 1
line vty 0 4
login
© Fred Bovy EIRL. IPv6 For Life. Page 39
B. GLBP. Sunday, March 30, 2014
B. GLBP
GLBP enable more redundancy and load-balancing as up to 4 Forwarders can be active at
the same time.
It is just one line of command on the interface and the work station next hop will be a
virtual address with a virtual MAC Address.
With GLBP, the Active forwarders is based on a Weigth parameter. It is possible to track
an object like a routing entry and decrement the Weigth if the route is gone for another
router to take over.
Show glbp
….
GigabitEthernet1/0.2 ­ Group 2
State is Standby
1 state change, last state change 00:01:11
Virtual IP address is 10.0.2.100
Hello time 3 sec, hold time 10 sec
Next hello sent in 0.864 secs
Redirect time 600 sec, forwarder timeout 14400 sec
Preemption disabled
Active is 10.0.2.1, priority 100 (expires in 7.904 sec)
Standby is local
Priority 100 (default)
Weighting 100 (default 100), thresholds: lower 1, upper 100
Load balancing: round­robin
Group members:
ca04.0e68.001c (10.0.2.1)
ca06.0e77.001c (10.0.2.2) local
There are 2 forwarders (1 active)
Forwarder 1
State is Listen
MAC address is 0007.b400.0201 (learnt)
Owner ID is ca04.0e68.001c
Time to live: 14397.312 sec (maximum 14400 sec)
Preemption enabled, min delay 30 sec
Active is 10.0.2.1 (primary), weighting 100 (expires in 8.864 sec)
Forwarder 2
State is Active
1 state change, last state change 00:01:04
MAC address is 0007.b400.0202 (default)
Owner ID is ca06.0e77.001c
Preemption enabled, min delay 30 sec
Active is local, weighting 100
GigabitEthernet1/0.2 ­ Group 12
State is Active
2 state changes, last state change 00:12:05
© Fred Bovy EIRL. IPv6 For Life. Page 40
B. GLBP. Sunday, March 30, 2014
Virtual IP address is FE80::7:B4FF:FE00:C00 (auto­configured)
Hello time 3 sec, hold time 10 sec
Next hello sent in 0.864 secs
Redirect time 600 sec, forwarder timeout 14400 sec
Preemption disabled
Active is local
Standby is FE80::C804:EFF:FE68:1C, priority 100 (expires in 9.408 sec)
Priority 100 (default)
Weighting 100 (default 100), thresholds: lower 1, upper 100
Load balancing: round­robin
Group members:
ca04.0e68.001c (FE80::C804:EFF:FE68:1C)
ca06.0e77.001c (FE80::C806:EFF:FE77:1C) local
There are 2 forwarders (1 active)
Forwarder 1
State is Listen
4 state changes, last state change 00:10:31
MAC address is 0007.b400.0c01 (learnt)
Owner ID is ca04.0e68.001c
Redirection enabled, 598.400 sec remaining (maximum 600 sec)
Time to live: 14398.400 sec (maximum 14400 sec)
Preemption enabled, min delay 30 sec
Active is FE80::C804:EFF:FE68:1C (primary), weighting 100 (expires in 8.608 sec)
Forwarder 2
State is Active
1 state change, last state change 03:08:52
MAC address is 0007.b400.0c02 (default)
Owner ID is ca06.0e77.001c
Redirection enabled
Preemption enabled, min delay 30 sec
Active is local, weighting 100
© Fred Bovy EIRL. IPv6 For Life. Page 41
C. BGP Connection. Sunday, March 30, 2014
C. BGP Connection
BGP Lab Topology
Illustration 7: BGP Topology
A new Neighbor has been added to simulate another AS Advertising the same routes.
R2 and R5 are directly connected with an IPv4 and an IPv6 Session, same for R3 and R6.
The same routes are learned by R2 from AS 65000 and R3 from AS 64000.
This is specific case with a few routes so redistribution of BGPv6 in OSPFv3 is possible. In
the real life when BGP is used to learn a lot of routes like the Internet Routing Tables,
there is no redistribution in OSPF. OSPF is only used to resolve the BGP next-hop. iBGP
sessions are responsible to dispatch the routes into the backbone. We would use a pair of
BGP Route Reflector to avoid a full mesh of iBGP sessions between all core routers.
© Fred Bovy EIRL. IPv6 For Life. Page 42
C. BGP Connection. Sunday, March 30, 2014
Usually we choose the Route Reflectors out of the forwarding path to act as routes
servers but here we could also choose to use R1 and R4 if they have enough resources of
CPU and RAM to manage Internet Routing Tables processing.
In our case there is an iBGP session between R2 and R3 only. I will make another guide for
BGP and IPV6.
Differences with IPv6
We can use a different session to carry each protocol. Like here we have an IPv6 session to carry
IPv6 routes and an IPv4 session to carry IPv4. In the lab for R5-R2 there are two sessions one IPv4
for IPv4 routes and one IPv6 for IPV6 routes. On R6-R3 we only have an IPv6 session.
We can also use Link-Local Addresses for eBGP sessions.
Some useful commands
The commands are the same than IPv4 with the addition of IPv6 in the CLI commands like:
R2#show bgp ipv6 unicast summary
BGP router identifier 10.0.0.2, local AS number 100
BGP table version is 211, main routing table version 211
14 network entries using 2184 bytes of memory
28 path entries using 2128 bytes of memory
3/1 BGP path/bestpath attribute entries using 504 bytes of memory
2 BGP AS­PATH entries using 48 bytes of memory
0 BGP route­map cache entries using 0 bytes of memory
0 BGP filter­list cache entries using 0 bytes of memory
Bitfield cache entries: current 1 (at peak 1) using 32 bytes of memory
BGP using 4896 total bytes of memory
BGP activity 84/70 prefixes, 126/98 paths, scan interval 60 secs
Neighbor
V
State/PfxRcd
2001:678:ABC:1000::5
4
2001:DB8:678::3 4
AS MsgRcvd MsgSent
65000
100
271
37
266
37
TblVer
211
211
InQ OutQ Up/Down
0
0
0 00:54:46
0 00:34:06
14
14
This is how a routes is learned from R2 and R3. One connect to AS 64000 and
the other to AS 65000.
For the connection to AS 65000 we did not touch the next-hop 2001:678:ABC:1000::5
which is learned by OSPFv3. For AS64000 we do not run OSPFv3 and could not reach the next-hop
so we used the bgp router command next-hop-self to change it to our Router.
© Fred Bovy EIRL. IPv6 For Life. Page 43
C. BGP Connection. Sunday, March 30, 2014
R3#show bgp ipv6 unicast 2001:DB8:678:AB2::/64
BGP routing table entry for 2001:DB8:678:AB2::/64, version 27
Paths: (2 available, best #2, table Default)
Advertised to update­groups:
1
65000
2001:678:ABC:1000::5 (metric 2) from 2001:DB8:678::2 (10.0.0.2)
Origin incomplete, metric 0, localpref 100, valid, internal
64000
2001:678:ABC:1001::6 (FE80::C80A:FFF:FE4D:1C) from 2001:678:ABC:1001::6 (10.0.0.6)
Origin incomplete, metric 0, localpref 100, valid, external, best
R2#show bgp ipv6 unicast 2001:DB8:678:AB1::/64
BGP routing table entry for 2001:DB8:678:AB1::/64, version 210
Paths: (2 available, best #2, table Default)
Advertised to update­groups:
2
64000
2001:DB8:678::3 (metric 1) from 2001:DB8:678::3 (10.0.0.3)
Origin incomplete, metric 0, localpref 100, valid, internal
65000
2001:678:ABC:1000::5 (FE80::C809:FFF:FE4D:1C) from 2001:678:ABC:1000::5
(192.168.105.5)
Origin incomplete, metric 0, localpref 100, valid, external, best
BGP Configuration
On R3
router bgp 100
no synchronization
bgp log­neighbor­changes
neighbor 2001:678:ABC:1001::6 remote­as 64000
no neighbor 2001:678:ABC:1001::6 activate
neighbor 2001:DB8:678::2 remote­as 100
neighbor 2001:DB8:678::2 update­source Loopback0
no neighbor 2001:DB8:678::2 activate
no auto­summary
!
address­family ipv6
neighbor 2001:678:ABC:1001::6 activate
neighbor 2001:DB8:678::2 activate
neighbor 2001:DB8:678::2 next­hop­self
exit­address­family
!
© Fred Bovy EIRL. IPv6 For Life. Page 44
C. BGP Connection. Sunday, March 30, 2014
On R2
router bgp 100
bgp log­neighbor­changes
neighbor 2001:678:ABC:1000::5 remote­as 65000
neighbor 2001:DB8:678::3 remote­as 100
neighbor 192.168.1.2 remote­as 65000
!
address­family ipv4
no neighbor 2001:678:ABC:1000::5 activate
no neighbor 2001:DB8:678::3 activate
neighbor 192.168.1.2 activate
no auto­summary
no synchronization
exit­address­family
!
address­family ipv6
neighbor 2001:678:ABC:1000::5 activate
neighbor 2001:DB8:678::3 activate
exit­address­family
On R5
router bgp 65000
bgp log­neighbor­changes
neighbor 2001:678:ABC:1000::2 remote­as 100
neighbor 192.168.1.1 remote­as 100
!
address­family ipv4
no neighbor 2001:678:ABC:1000::2 activate
neighbor 192.168.1.1 activate
no auto­summary
no synchronization
exit­address­family
!
address­family ipv6
neighbor
activate
redistribute static
no synchronization
exit­address­family
!
© Fred Bovy EIRL. IPv6 For Life. Page 45
C. BGP Connection. Sunday, March 30, 2014
On R6
router bgp 64000
no synchronization
bgp log­neighbor­changes
neighbor 2001:678:ABC:1001::4 remote­as 100
no neighbor 2001:678:ABC:1001::4 activate
no auto­summary
!
address­family ipv6
neighbor 2001:678:ABC:1001::4 activate
redistribute static
no synchronization
exit­address­family
© Fred Bovy EIRL. IPv6 For Life. Page 46
C. BGP Connection. Sunday, March 30, 2014
© Fred Bovy EIRL. IPv6 For Life. Page 47
C. BGP Connection. Sunday, March 30, 2014
ROUTING IPv6
MP-BGPv6
Version 1.1
Routing IPv6 Part 2
http://www.ipv6forlife.com/Tutorial/labBGP
By Fred Bovy CCIE #3013
© Fred Bovy EIRL. IPv6 For Life. Page 48
5.Introduction to MP-BGP lab. Sunday, March 30, 2014
5.
Introduction to MP-BGP lab
http://www.ipv6forlife.com/Tutorial/labBGP
After the OSPF lab, there was an annex about BGP. In this document, this will be the
opposite. I will focus on BGP and just explain the OSPF Setup. The Backbone is built on
OSPFv2 for IPv4 and OSPFv3 for IPv6. There are 3 Area: 0, 1 and 2.Area 0 is in the Core:
R1, R3, R4 and R5. R3, R4 are ABR for Area 1, R1 and R5 are ABR for Area 2
R1>show ipv6 ospf
Routing Process "ospfv3 1" with ID 10.0.0.1
It is an area border router
SPF schedule delay 5 secs, Hold time between two SPFs 10 secs
Minimum LSA interval 5 secs. Minimum LSA arrival 1 secs
LSA group pacing timer 240 secs
Interface flood pacing timer 33 msecs
Retransmission pacing timer 66 msecs
Number of external LSA 1. Checksum Sum 0x00B177
Number of areas in this router is 2. 2 normal 0 stub 0 nssa
Reference bandwidth unit is 100 mbps
Area BACKBONE(0)
Number of interfaces in this area is 4
SPF algorithm executed 28 times
Number of LSA 37. Checksum Sum 0x0E9EB2
Number of DCbitless LSA 0
Number of indication LSA 0
Number of DoNotAge LSA 0
Flood list length 0
Area 2
Number of interfaces in this area is 1
SPF algorithm executed 6 times
Number of LSA 31. Checksum Sum 0x10ABAA
Number of DCbitless LSA 0
Number of indication LSA 0
Number of DoNotAge LSA 0
Flood list length 0
R6 and R7 are OSPF ASBR4 and connect the Internet via AS64000 and 65000.
Then they relay the eBGP Update to the BGP Route-Reflector R5 which propagate the best
BGP path to all the other BGP backbone routers.
In the lab we set the BGP Local Preference of the BGP routes coming from AS65000 to
150 which is more than default 100. So, the exit point to the Internet will be AS65000
unless the route is no more learned from this path, then it will be using AS64000.
4
Autonomous System Border Router
© Fred Bovy EIRL. IPv6 For Life. Page 49
6.Lab Setup. Sunday, March 30, 2014
6.
Lab Setup
Illustration 8: OSPFv2, OSPFv3 and MP-BGP Setup
© Fred Bovy EIRL. IPv6 For Life. Page 50
7.Lab BGP Configuration. Sunday, March 30, 2014
7.
Lab BGP Configuration
7.1 Summary
For R6, IPv6 eBGP Session uses the interface Global Unicast Addresses.
For R7, IPv6 eBGP Session uses the interfaces Link-Local Addresses.
On R6 and R7, we use two eBGP sessions with R8 and R9. One for IPv4 and one for IPv6.
We use the same IPv4 iBGP Session to advertize IPv4 and IPv6 Routes to the BGP RouteReflector and for all iBGP Sessions.
As we do not want to advertize the IPv6 route to the R8 ISP Router into the backbone, the ISP
Interface to resolve the BGP route, we use a Route-Map to advertize the route to the RouteReflector using R6 Gateway loopback ipv6 address as the next-hop. For IPv4, using next-hopself is enough. So, if we do not tweak the BGP IPv6 next-hop, as IPv6 route are learned over
IPv4 session the IPv6 Next-hop are ::ffff:10.0.0.6 and ::ffff:10.0.0.7 which are Unreachable
on remote peers.
7.2 BGP Configuration
R6 BGP Configuration
router bgp 100
bgp log­neighbor­changes
neighbor 10.0.0.5 remote­as 100
neighbor 10.0.0.5 update­source Loopback0
neighbor 2001:DB8:5A:F6::8 remote­as 64000
neighbor 172.16.1.2 remote­as 64000
!
address­family ipv4
neighbor 10.0.0.5 activate
neighbor 10.0.0.5 next­hop­self
no neighbor 2001:DB8:5A:F6::8 activate
neighbor 172.16.1.2 activate
no auto­summary
no synchronization
exit­address­family
!
address­family ipv6
neighbor 10.0.0.5 activate
neighbor 10.0.0.5 route­map fred out
neighbor 2001:DB8:5A:F6::8 activate
exit­address­family
!
route­map fred permit 10
© Fred Bovy EIRL. IPv6 For Life. Page 51
7.Lab BGP Configuration. Sunday, March 30, 2014
set ipv6 next­hop 2001:DB8:678:C000::6
!
R8-ISP2 BGP Configuration
router bgp 64000
bgp log­neighbor­changes
neighbor 2001:DB8:5A:F6::6 remote­as 100
neighbor 172.16.1.1 remote­as 100
!
address­family ipv4
redistribute static
no neighbor 2001:DB8:5A:F6::6 activate
neighbor 172.16.1.1 activate
no auto­summary
no synchronization
exit­address­family
!
address­family ipv6
neighbor 2001:DB8:5A:F6::6 activate
redistribute static
no synchronization
exit­address­family
!
ip route 202.3.0.0 255.255.255.0 Null0
ip route 202.3.1.0 255.255.255.0 Null0
ip route 202.3.2.0 255.255.255.0 Null0
ip route 202.3.3.0 255.255.255.0 Null0
ip route 202.3.4.0 255.255.255.0 Null0
ip route 202.3.5.0 255.255.255.0 Null0
ip route 202.3.6.0 255.255.255.0 Null0
ip route 202.3.7.0 255.255.255.0 Null0
ip route 202.3.8.0 255.255.255.0 Null0
ip route 202.3.9.0 255.255.255.0 Null0
!
ipv6 route 2001:DB8:ABC0::/48 Null0
ipv6 route 2001:DB8:ABC1::/48 Null0
ipv6 route 2001:DB8:ABC2::/48 Null0
ipv6 route 2001:DB8:ABC3::/48 Null0
ipv6 route 2001:DB8:ABC4::/48 Null0
ipv6 route 2001:DB8:ABC5::/48 Null0
ipv6 route 2001:DB8:ABC6::/48 Null0
ipv6 route 2001:DB8:ABC7::/48 Null0
ipv6 route 2001:DB8:ABC8::/48 Null0
ipv6 route 2001:DB8:ABC9::/48 Null0
ipv6 route 2001:DB8:ABCA::/48 Null0
!
© Fred Bovy EIRL. IPv6 For Life. Page 52
7.Lab BGP Configuration. Sunday, March 30, 2014
R7 BGP Configuration
router bgp 100
bgp log­neighbor­changes
neighbor 10.0.0.5 remote­as 100
neighbor 10.0.0.5 update­source Loopback0
neighbor 172.16.1.6 remote­as 65000
neighbor FE80::9%GigabitEthernet3/0 remote­as 65000
!
address­family ipv4
neighbor 10.0.0.5 activate
neighbor 10.0.0.5 next­hop­self
neighbor 172.16.1.6 activate
no neighbor FE80::9%GigabitEthernet3/0 activate
no auto­summary
no synchronization
exit­address­family
!
address­family ipv6
neighbor 10.0.0.5 activate
neighbor 10.0.0.5 route­map fred out
neighbor FE80::9%GigabitEthernet3/0 activate
neighbor FE80::9%GigabitEthernet3/0 route­map setloc in
Exit­address­family
!
route­map setloc permit 10
set local­preference 150
!
route­map fred permit 10
set ipv6 next­hop 2001:DB8:678:B000::1
!
R9-ISP1 BGP Configuration
router bgp 65000
bgp log­neighbor­changes
neighbor 172.16.1.5 remote­as 100
neighbor FE80::7%GigabitEthernet1/0 remote­as 100
!
address­family ipv4
redistribute static metric 5
neighbor 172.16.1.5 activate
no neighbor FE80::7%GigabitEthernet1/0 activate
no auto­summary
no synchronization
redistribute static
exit­address­family
!
address­family ipv6
neighbor FE80::7%GigabitEthernet1/0 activate
© Fred Bovy EIRL. IPv6 For Life. Page 53
7.Lab BGP Configuration. Sunday, March 30, 2014
redistribute static
no synchronization
exit­address­family
!
ip route 202.3.0.0 255.255.255.0 Null0
ip route 202.3.1.0 255.255.255.0 Null0
ip route 202.3.2.0 255.255.255.0 Null0
ip route 202.3.3.0 255.255.255.0 Null0
ip route 202.3.4.0 255.255.255.0 Null0
ip route 202.3.5.0 255.255.255.0 Null0
ip route 202.3.6.0 255.255.255.0 Null0
ip route 202.3.7.0 255.255.255.0 Null0
ip route 202.3.8.0 255.255.255.0 Null0
ip route 202.3.9.0 255.255.255.0 Null0
ipv6 route 2001:DB8:ABC0::/48 Null0
ipv6 route 2001:DB8:ABC1::/48 Null0
ipv6 route 2001:DB8:ABC2::/48 Null0
ipv6 route 2001:DB8:ABC3::/48 Null0
ipv6 route 2001:DB8:ABC4::/48 Null0
ipv6 route 2001:DB8:ABC5::/48 Null0
ipv6 route 2001:DB8:ABC6::/48 Null0
ipv6 route 2001:DB8:ABC7::/48 Null0
ipv6 route 2001:DB8:ABC8::/48 Null0
ipv6 route 2001:DB8:ABC9::/48 Null0
ipv6 route 2001:DB8:ABCA::/48 Null0
8.
BGP Reminder
8.1 BGP Connection Messages and States
BGP connection takes place over TCP port 179.
When the connection Open it uses an OPEN Message to start a session with its own AS
number, its Router-ID and the Hold Time which is how long you consider a session active
without hearing from a neighbor. If you have nothing to say you should send a KEEPALIVE to
keep the session open.
When the session has not hear anything when the Hold time expires, the BGP speaker sends a
NOTIFICATION message which is an abort message telling the reason for the end of the
session. If there is a parameter mismatch during the OPEN, the partner will also send a
NOTIFICATION like wrong AS number.
The routes are advertised or withdrawn in UPDATES Messages which must received an
ACKNOWLEDGEMENT.
© Fred Bovy EIRL. IPv6 For Life. Page 54
8.BGP Reminder. Sunday, March 30, 2014
For IPv6, the UPDATES send the IPv6 Prefixes in MP_REACH_NLRI or MP_UNREACH_NLRI.
No.
Time
Source
677 1209.406565 2001:db8:5a:f6::8
Destination
2001:db8:5a:f6::6
Protocol Length Info
BGP
234
UPDATE Message
Frame 677: 234 bytes on wire (1872 bits), 234 bytes captured (1872 bits)
Ethernet II, Src: ca:0c:1b:4f:00:1c (ca:0c:1b:4f:00:1c), Dst: ca:0a:1b:64:00:54 (ca:0a:1b:64:00:54)
Internet Protocol Version 6, Src: 2001:db8:5a:f6::8 (2001:db8:5a:f6::8), Dst: 2001:db8:5a:f6::6
(2001:db8:5a:f6::6)
Transmission Control Protocol, Src Port: 62129 (62129), Dst Port: bgp (179), Seq: 73, Ack: 73, Len: 160
Border Gateway Protocol
UPDATE Message
Marker: 16 bytes
Length: 160 bytes
Type: UPDATE Message (2)
Unfeasible routes length: 0 bytes
Total path attribute length: 137 bytes
Path attributes
ORIGIN: INCOMPLETE (4 bytes)
Flags: 0x40 (Well­known, Transitive, Complete)
Type code: ORIGIN (1)
Length: 1 byte
Origin: INCOMPLETE (2)
AS_PATH: 64000 (9 bytes)
Flags: 0x40 (Well­known, Transitive, Complete)
Type code: AS_PATH (2)
Length: 6 bytes
AS path: 64000
MULTI_EXIT_DISC: 0 (7 bytes)
Flags: 0x80 (Optional, Non­transitive, Complete)
Type code: MULTI_EXIT_DISC (4)
Length: 4 bytes
Multiple exit discriminator: 0
MP_REACH_NLRI (117 bytes)
Flags: 0x80 (Optional, Non­transitive, Complete)
Type code: MP_REACH_NLRI (14)
Length: 114 bytes
Address family: IPv6 (2)
Subsequent address family identifier: Unicast (1)
Next hop network address (32 bytes)
Next hop: 2001:db8:5a:f6::8 (16)
Next hop: fe80::c80c:1bff:fe4f:1c (16)
Subnetwork points of attachment: 0
Network layer reachability information (77 bytes)
2001:db8:abca::/48
2001:db8:abc9::/48
2001:db8:abc8::/48
2001:db8:abc7::/48
2001:db8:abc6::/48
2001:db8:abc5::/48
2001:db8:abc4::/48
2001:db8:abc3::/48
2001:db8:abc2::/48
2001:db8:abc1::/48
2001:db8:abc0::/48
© Fred Bovy EIRL. IPv6 For Life. Page 55
8.BGP Reminder. Sunday, March 30, 2014
There are two possible neighbor relationship with BGP: eBGP and iBGP.
8.2 eBGP Sessions
The two neighbors are in different Autonomous System.
eBGP neighbor MUST be directly connected. BGP OPEN is sent with a TTL=2 to make sure that it will be
dropped if it is routed.
eBGP Multihop
If you want to have more than one hop like doing loopback to loopback peering and have
multiple parallel links for Load-balancing you need a neighbor multihop configuration.
eBGP Routes dampening. Increasing Stability.
To fight Internet instability we can use BGP Dampening for eBGP session. When a link flap the routes
which are flapping got penalties. When a down level is reached the routes will not be advertise anymore
even if the link comes back up. If the link stop flapping for long enough the route is advertized again.
8.3 iBGP Sessions
The two neighbors are in the same Autonomous System.
Scaling iBGP.
iBGP MUST speakers MUST be fully meshed. This can be avoided with the use of Route Reflectors (RR) as
full mesh does not scale. All the routers are usually neighbors with two RRs for redundancy.
In the past Confederations were also used instead of RR. In a Confederation you have subAS that are
connected together by iBGP session which behave like eBGP but does not change the Next-hop. This was
another mean to avoid iBGP full mesh. It is no more popular as it is more complex than RR.
iBGP Stability
We always use a loopback interface for iBGP peering as we must use an interface which is
always UP. The loopback interface address must then be advertize by the IGP 5.
8.4 BGP Attributes
All the BGP Path information are called Attributes. The BGP Routes are called NLRI. The IPv6 NLRI are
coded in MP_REACH_NLRI6 or MP_UNREACH_NLRI Attributes with other information like the Nexthop, the Address family.. The AS_PATH which contains the list of all the AS that have been crossed by
these NLRI UPDATE is another Attribute.
5
6
IGP or Interior Gateway Protocol like IS-IS or OSPF. BGP is an EGP or External Gateway Protocol.
Network Layer Reachable Information
© Fred Bovy EIRL. IPv6 For Life. Page 56
8.BGP Reminder. Sunday, March 30, 2014
The BGP Attributes can be:
No.
•
Well-known mandatory: Must be implemented and in all BGP UPDATES.
•
Well-known discretionary: Must be implemented but may not be in all UPDATES.
•
Optional Transitive: It is forwarded to BGP neighbors if the implementation don't recognize it.
•
Optional nontransitives: It is dropped if the implementation don't know it.
Time
210 288.449968
Source
2001:db8:5a:f6::8
Destination
2001:db8:5a:f6::6
Protocol Length Info
BGP
234
UPDATE Message
Frame 210: 234 bytes on wire (1872 bits), 234 bytes captured (1872 bits)
Ethernet II, Src: ca:0c:1b:4f:00:1c (ca:0c:1b:4f:00:1c), Dst: ca:0a:1b:64:00:54 (ca:0a:1b:64:00:54)
Internet Protocol Version 6, Src: 2001:db8:5a:f6::8 (2001:db8:5a:f6::8), Dst: 2001:db8:5a:f6::6
(2001:db8:5a:f6::6)
Transmission Control Protocol, Src Port: 37648 (37648), Dst Port: bgp (179), Seq: 73, Ack: 73, Len: 160
Border Gateway Protocol
UPDATE Message
Marker: 16 bytes
Length: 160 bytes
Type: UPDATE Message (2)
Unfeasible routes length: 0 bytes
Total path attribute length: 137 bytes
Path attributes
ORIGIN: INCOMPLETE (4 bytes)
Flags: 0x40 (Well­known, Transitive, Complete)
Type code: ORIGIN (1)
Length: 1 byte
Origin: INCOMPLETE (2)
AS_PATH: 64000 (9 bytes)
Flags: 0x40 (Well­known, Transitive, Complete)
Type code: AS_PATH (2)
Length: 6 bytes
AS path: 64000
MULTI_EXIT_DISC: 0 (7 bytes)
Flags: 0x80 (Optional, Non­transitive, Complete)
Type code: MULTI_EXIT_DISC (4)
Length: 4 bytes
Multiple exit discriminator: 0
MP_REACH_NLRI (117 bytes)
Flags: 0x80 (Optional, Non­transitive, Complete)
Type code: MP_REACH_NLRI (14)
Length: 114 bytes
Address family: IPv6 (2)
Subsequent address family identifier: Unicast (1)
Next hop network address (32 bytes)
Next hop: 2001:db8:5a:f6::8 (16)
Next hop: fe80::c80c:1bff:fe4f:1c (16)
Subnetwork points of attachment: 0
Network layer reachability information (77 bytes)
© Fred Bovy EIRL. IPv6 For Life. Page 57
8.BGP Reminder. Sunday, March 30, 2014
2001:db8:abca::/48
2001:db8:abc9::/48
2001:db8:abc8::/48
2001:db8:abc7::/48
2001:db8:abc6::/48
2001:db8:abc5::/48
2001:db8:abc4::/48
2001:db8:abc3::/48
2001:db8:abc2::/48
2001:db8:abc1::/48
2001:db8:abc0::/48
We can see in this UPDATE that the NLRI have two possible Next-hop. One is for the eBGP Path
and one for the iBGP path.
8.5 BGP Best Path Selection Algorithm
To explain this algorithm is out of the scope of this document as it is a well known
information .
BGP uses many Attributes to select the best Path starting by checking if the Next-hop is
reachable and then it starts its selection preferring the higher Local Preference. Cisco has a
Weight parameter which has the highest precedence.
To get the full BGP Best Path Selection algorithm just make a search on CISCO CCO and
you will get the full Selection Path which is more than one page long! If you do not like CISCO
you will find this document everywhere!
CISCO Link:
http://www.cisco.com/c/en/us/support/docs/ip/border­gateway­protocol­bgp/13753­25.html
It is possible to advertise IPv6 Routes to a BGP IPv4 peer and you can also use next-hop
self but the next-hop will use the IPv4 address of the loopback and put it in IPv6 mode
like ::ffff:x.x.x.x. Let us see an example:
This is the Route Origin, R7 Configuration:
Current configuration : 103 bytes
!
interface Loopback0
ip address 10.0.0.7 255.255.255.255
ipv6 address 2001:DB8:678:B000::1/128
end
!
router isis fred
net 39.d000.0000.0000.0007.00
© Fred Bovy EIRL. IPv6 For Life. Page 58
8.BGP Reminder. Sunday, March 30, 2014
is­type level­1
metric­style wide
passive­interface Loopback0
!
router bgp 100
bgp log­neighbor­changes
neighbor 10.0.0.5 remote­as 100
neighbor 10.0.0.5 update­source Loopback0
neighbor 10.0.0.200 remote­as 100
neighbor 10.0.0.200 update­source Loopback0
neighbor 10.0.0.201 remote­as 100
neighbor 10.0.0.201 update­source Loopback0
neighbor 172.16.1.6 remote­as 65000
neighbor FE80::9%GigabitEthernet3/0 remote­as 65000
!
address­family ipv4
neighbor 10.0.0.5 activate
neighbor 10.0.0.5 next­hop­self
neighbor 10.0.0.200 activate
neighbor 10.0.0.200 next­hop­self
neighbor 10.0.0.201 activate
neighbor 172.16.1.6 activate
neighbor 172.16.1.6 route­map setloc in
no neighbor FE80::9%GigabitEthernet3/0 activate
no auto­summary
no synchronization
exit­address­family
!
address­family ipv6
neighbor 10.0.0.5 activate
neighbor 10.0.0.5 route­map fred out
neighbor 10.0.0.200 activate
neighbor 10.0.0.200 route­map setloc in
neighbor 10.0.0.200 route­map fred out
neighbor 10.0.0.201 activate
neighbor FE80::9%GigabitEthernet3/0 activate
neighbor FE80::9%GigabitEthernet3/0 route­map setloc in
exit­address­family
R1>show bgp ipv6 unicast 2001:DB8:ABC2::/48
BGP routing table entry for 2001:DB8:ABC2::/48, version 159
Paths: (3 available, best #2, table Default)
Not advertised to any peer
65000
2001:DB8:678:B000::1 (metric 20) from 10.0.0.200 (10.0.0.201)
Origin incomplete, metric 0, localpref 150, valid, internal
Originator: 10.0.0.7, Cluster list: 10.0.0.201
65000
2001:DB8:678:B000::1 (metric 20) from 10.0.0.5 (10.0.0.5)
Origin incomplete, metric 0, localpref 150, valid, internal, best
© Fred Bovy EIRL. IPv6 For Life. Page 59
8.BGP Reminder. Sunday, March 30, 2014
Originator: 10.0.0.7, Cluster list: 10.0.0.5
65000
::FFFF:10.0.0.7 (inaccessible) from 10.0.0.201 (10.201.0.1)
Origin incomplete, metric 0, localpref 150, valid, internal
Originator: 10.0.0.7, Cluster list: 10.201.0.1
The R7 configuration is missing the route-map out so the next hop is 10.0.0.7 coded in an
IPv6 address ::FFFF:10.0.0.7.
R7#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R7(config)#router bgp 100
R7(config­router)#address­family ipv6
R7(config­router­af)# neighbor 10.0.0.201 route­map fred out
R7(config­router­af)# neighbor 10.0.0.201 route­map setloc in
R7(config­router­af)#
This is the route map:
route­map setloc permit 10
set local­preference 150
!
route­map fred permit 10
set ipv6 next­hop 2001:DB8:678:B000::1
!
Now let's check the same path on R1
R1>show bgp ipv6 unicast 2001:DB8:ABC2::/48
BGP routing table entry for 2001:DB8:ABC2::/48, version 159
Paths: (3 available, best #3, table Default)
Not advertised to any peer
65000
2001:DB8:678:B000::1 (metric 20) from 10.0.0.201 (10.201.0.1)
Origin incomplete, metric 0, localpref 150, valid, internal
Originator: 10.0.0.7, Cluster list: 10.201.0.1
65000
2001:DB8:678:B000::1 (metric 20) from 10.0.0.200 (10.0.0.201)
Origin incomplete, metric 0, localpref 150, valid, internal
Originator: 10.0.0.7, Cluster list: 10.0.0.201
65000
2001:DB8:678:B000::1 (metric 20) from 10.0.0.5 (10.0.0.5)
Origin incomplete, metric 0, localpref 150, valid, internal, best
Originator: 10.0.0.7, Cluster list: 10.0.0.5
Now the next hop is 2001:DB8:678:B000::1 instead of ::ffff:10.0.0.7
© Fred Bovy EIRL. IPv6 For Life. Page 60
8.BGP Reminder. Sunday, March 30, 2014
8.6 Scaling BGP
Route-Reflectors
The Route-Reflectors are used to scale BGP, the confederation can also be used but it is
more complex for the same result. With Route-Reflectors you can make multiple levels of
hierarchy to consolidate all the Networks in some cases.
Peer-Group
It is possible to group a number of neighbors in a peer-group. Then any configuration on
the group will apply all the group routers. It consumes also less CPU as it group the effort
to apply something to a known group having the same policy.
Example below on the Route-Reflector R5 BGP Configuration before peer group:
router bgp 100
bgp log­neighbor­changes
neighbor 10.0.0.1 remote­as 100
neighbor 10.0.0.1 update­source Loopback0
neighbor 10.0.0.3 remote­as 100
neighbor 10.0.0.3 update­source Loopback0
neighbor 10.0.0.4 remote­as 100
neighbor 10.0.0.4 update­source Loopback0
neighbor 10.0.0.6 remote­as 100
neighbor 10.0.0.6 update­source Loopback0
neighbor 10.0.0.7 remote­as 100
neighbor 10.0.0.7 update­source Loopback0
neighbor 10.0.0.200 remote­as 100
neighbor 10.0.0.200 update­source Loopback0
neighbor 10.0.0.201 remote­as 100
neighbor 10.0.0.201 update­source Loopback0
!
address­family ipv4
neighbor 10.0.0.1 activate
neighbor 10.0.0.1 route­reflector­client
neighbor 10.0.0.3 activate
neighbor 10.0.0.3 route­reflector­client
neighbor 10.0.0.4 activate
neighbor 10.0.0.4 route­reflector­client
neighbor 10.0.0.6 activate
neighbor 10.0.0.6 route­reflector­client
neighbor 10.0.0.7 activate
neighbor 10.0.0.7 route­reflector­client
neighbor 10.0.0.200 activate
neighbor 10.0.0.200 route­reflector­client
neighbor 10.0.0.201 activate
no auto­summary
no synchronization
exit­address­family
!
address­family ipv6
neighbor 10.0.0.1 activate
neighbor 10.0.0.1 route­reflector­client
neighbor 10.0.0.3 activate
neighbor 10.0.0.3 route­reflector­client
neighbor 10.0.0.4 activate
neighbor 10.0.0.4 route­reflector­client
neighbor 10.0.0.6 activate
neighbor 10.0.0.6 route­reflector­client
neighbor 10.0.0.7 activate
neighbor 10.0.0.7 route­reflector­client
© Fred Bovy EIRL. IPv6 For Life. Page 61
8.BGP Reminder. Sunday, March 30, 2014
neighbor 10.0.0.200 activate
neighbor 10.0.0.200 route­reflector­client
neighbor 10.0.0.201 activate
no synchronization
maximum­paths 2
exit­address­family
!
Now let's configure a Peer­Group for all CISCO IOS Neighbors and configure it:
router bgp 100
bgp log­neighbor­changes
neighbor fred peer­group
neighbor fred remote­as 100
neighbor fred description all clients
neighbor fred update­source Loopback0
neighbor 10.0.0.1 peer­group fred
neighbor 10.0.0.3 peer­group fred
neighbor 10.0.0.4 peer­group fred
neighbor 10.0.0.6 peer­group fred
neighbor 10.0.0.7 peer­group fred
neighbor 10.0.0.200 peer­group fred
neighbor 10.0.0.201 peer­group fred
!
address­family ipv4
neighbor fred route­reflector­client
neighbor fred maximum­prefix 5000 warning­only
neighbor 10.0.0.1 activate
neighbor 10.0.0.3 activate
neighbor 10.0.0.4 activate
neighbor 10.0.0.7 activate
neighbor 10.0.0.200 activate
neighbor 10.0.0.201 activate
no auto­summary
no synchronization
exit­address­family
!
address­family ipv6
neighbor fred route­reflector­client
neighbor fred maximum­prefix 5000 warning­only
neighbor 10.0.0.1 activate
neighbor 10.0.0.3 activate
neighbor 10.0.0.4 activate
neighbor 10.0.0.7 activate
neighbor 10.0.0.200 activate
neighbor 10.0.0.201 activate
no synchronization
maximum­paths 2
Exit­address­family
R5(config)#router bgp 100
R5(config­router)#address­family ipv6
R5(config­router­af)#neighbor fred activate
% Peergroups are automatically activated when parameters are configured
The version I used did not let me enter the command neighbor fred activate ! May be a problem
now fixed in a newer release of IOS.
8.7 Security and MD5 Password.
On CISCO IOS, you can limit the maximum number of prefixes that you accept to receive
because when a router runs out of memory it crashes! You use the command to set a
limit which only send a console message. But in this case you need to monitor your
© Fred Bovy EIRL. IPv6 For Life. Page 62
8.BGP Reminder. Sunday, March 30, 2014
messages!
Adding a password to all the neighbors is easy now that we have configured a peer group
on the Route-Reflector. Only apply the password to the peer-group!
R5(config­router­af)#neighbor fred password 1 secret
Now I need to configure the secret passwor everywhere !
R6#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R6(config)#router bgp 100
R6(config­router)#neighbor 10.0.0.5 password 1 secret
R6(config­router)#
*Mar
*Mar
*Mar
*Mar
29
29
29
29
14:30:06.988:
14:30:08.984:
14:30:12.988:
14:30:20.988:
%TCP­6­BADAUTH:
%TCP­6­BADAUTH:
%TCP­6­BADAUTH:
%TCP­6­BADAUTH:
No
No
No
No
MD5
MD5
MD5
MD5
digest
digest
digest
digest
from
from
from
from
10.0.0.5(179)
10.0.0.5(179)
10.0.0.5(179)
10.0.0.5(179)
*Mar 29 14:30:58.272: %BGP­5­ADJCHANGE: neighbor 10.0.0.5 Up
© Fred Bovy EIRL. IPv6 For Life. Page 63
to
to
to
to
10.0.0.6(20968)
10.0.0.6(20968)
10.0.0.6(20968)
10.0.0.6(20968)
(RST)
(RST)
(RST)
(RST)
9.Useful Cisco BGP IPv6 Commands Explained. Sunday, March 30, 2014
9.
Useful Cisco BGP IPv6 Commands Explained
9.1. Show bgp ipv6 unicast summary
This is the first command to check the status of a router.
R6#show bgp ipv6 unicast summary
BGP router identifier 10.0.0.6, local AS number 100
BGP table version is 80, main routing table version 80
11 network entries using 1716 bytes of memory
11 path entries using 836 bytes of memory
3/1 BGP path/bestpath attribute entries using 504 bytes of memory
1 BGP AS­PATH entries using 24 bytes of memory
0 BGP route­map cache entries using 0 bytes of memory
0 BGP filter­list cache entries using 0 bytes of memory
Bitfield cache entries: current 2 (at peak 3) using 64 bytes of memory
BGP using 3144 total bytes of memory
BGP activity 51/25 prefixes, 115/89 paths, scan interval 60 secs
Neighbor
V
10.0.0.5
4
2001:DB8:5A:F6::8
4
AS MsgRcvd MsgSent
100
266
272
64000
255
252
TblVer
80
80
InQ OutQ Up/Down
0
0 02:58:23
0
)
0 02:58:25
0
11
The first lines gives you a quick status on the resources consumed by the router.
Then the last lines gives a status for each neighbor, the BGP Version (V), which AS it belongs
to, The number of messages received and sent. Each time the BGP table is updated the Table
Version increases, so the TblVer column gives you an indication of BGP stability.
Then the Input and Output Queues will tell you if the router is clear to process all the
messages.
Finally and may be the most important. Up/Down tells you for how long the link is Up or Down.
If Up it tells in the next column (State/PfxRcd) how many prefixes are received and sent. If
it is not Up, it gives the state and for how long it is Down. Be careful, the state Active means
that it is Actively trying to set the connection up. Remember, BGP session takes place over
TCP.
The same command with a prefix instead of summary is very useful to troubleshoot BGP and
the CISCO documentation is not very detailed about each field. So I tried to make it clear in
the next chapter.
© Fred Bovy EIRL. IPv6 For Life. Page 64
9.Useful Cisco BGP IPv6 Commands Explained. Sunday, March 30, 2014
9.2. Show bgp ipv6 X:X:X...::X/X
Illustration 9: Show bgp ipv6 unicast xxxx:xxx...::/y Explained
R6#show bgp ipv6 unicast
BGP table version is 102, local router ID is 10.0.0.6
Status codes: s suppressed, d damped, h history, * valid, > best, i ­ internal,
r RIB­failure, S Stale
Origin codes: i ­ IGP, e ­ EGP, ? ­ incomplete
Network
Next Hop
*> 2001:DB8:ABC0::/48
2001:DB8:5A:F6::8
Metric LocPrf Weight Path
0
0 64000 ?
0
0 64000 ?
*> 2001:DB8:ABC1::/48
2001:DB8:5A:F6::8
…......
© Fred Bovy EIRL. IPv6 For Life. Page 65
. Sunday, March 30, 2014
9.3. Show bgp ipv6 neighbor
This is a very detailed command that is not very often needed as the summary is more than enough to
resolve most cases.
R6#show bgp ipv6 neighbor
BGP neighbor is 10.0.0.5, remote AS 100, internal link
BGP version 4, remote router ID 10.0.0.5
BGP state = Established, up for 05:37:10
Last read 00:00:42, last write 00:00:42, hold time is 180, keepalive interval is 60
seconds
Neighbor capabilities:
Route refresh: advertised and received(new)
New ASN Capability: advertised and received
Address family IPv4 Unicast: advertised and received
Address family IPv6 Unicast: advertised and received
Message statistics:
InQ depth is 0
OutQ depth is 0
Sent
Rcvd
Opens:
5
5
Notifications:
0
0
Updates:
33
32
Keepalives:
392
388
Route Refresh:
0
0
Total:
430
425
Default minimum time between advertisement runs is 0 seconds
For address family: IPv4 Unicast
BGP table version 81, neighbor version 81/0
Output queue size : 0
Index 2, Offset 0, Mask 0x4
2 update­group member
NEXT_HOP is always this router
Sent
Rcvd
Prefix activity:
­­­­
­­­­
Prefixes Current:
10
5 (Consumes 260 bytes)
Prefixes Total:
10
5
Implicit Withdraw:
0
0
Explicit Withdraw:
0
0
Used as bestpath:
n/a
5
Used as multipath:
n/a
0
Local Policy Denied Prefixes:
ORIGINATOR loop:
Bestpath from this peer:
Total:
Outbound
­­­­­­­­
n/a
5
5
© Fred Bovy EIRL. IPv6 For Life. Page 66
Inbound
­­­­­­­
10
n/a
10
. Sunday, March 30, 2014
Number of NLRIs in the update sent: max 10, min 10
For address family: IPv6 Unicast
BGP table version 102, neighbor version 102/0
Output queue size : 0
Index 2, Offset 0, Mask 0x4
2 update­group member
Outbound path policy configured
Route map for outgoing advertisements is fred
Sent
Rcvd
Prefix activity:
­­­­
­­­­
Prefixes Current:
11
0
…..
…... To be Continued
© Fred Bovy EIRL. IPv6 For Life. Page 67
10.Checking data plane of BGP Recursive routes. Sunday, March 30, 2014
10.
Checking data plane of BGP Recursive routes
IPv6 BGP Routes often have two levels of Recursion for forwarding as the next
hop is a Remote Global Unicast Address which can be recursively resolved with a
local Global Unicast Address which is recursively resolved by a Link-Local Address.
10.1 Mind the BGP Next-hop Rule
All the BGP routes learned from an iBGP session are Recursive so you must check that the BGP next
hop is reachable. This is the first condition for a BGP remote route to get used.
Remember the Next hop rule for BGP. eBGP speakers change the Next-hop to the interfaces addresses
which advertize their routes. iBGP never changes the Next-Hop. So the remote BGP speaker which
receives the iBGP update MUST be able to reach the eBGP neighbor interface. This is a problem if we
use Link-Local addresses for peering as these addresses are not routable. So it must be changed by a
route-map when we transmit the path to the Route-Reflector.
In the configuration below next-hop-self is used for IPv4 and a route-map for IPv6.
If we don't change the next-hop for IPv6 with this route-map it would have used the loopback IPv4
address written in IPv6 format ::ffff:10.0.0.6 for R6 and ::ffff:10.0.0.7 for R7. The
address used by the next­hop is the loopback address and is advertized by
OSPFv3.
R6 Configuration
router bgp 100
bgp log­neighbor­changes
neighbor 10.0.0.5 remote­as 100
neighbor 10.0.0.5 update­source Loopback0
neighbor 2001:DB8:5A:F6::8 remote­as 64000
neighbor 172.16.1.2 remote­as 64000
!
address­family ipv4
neighbor 10.0.0.5 activate
neighbor 10.0.0.5 next­hop­self
no neighbor 2001:DB8:5A:F6::8 activate
neighbor 172.16.1.2 activate
no auto­summary
no synchronization
exit­address­family
!
address­family ipv6
neighbor 10.0.0.5 activate
neighbor 10.0.0.5 route­map fred out
© Fred Bovy EIRL. IPv6 For Life. Page 68
10.Checking data plane of BGP Recursive routes. Sunday, March 30, 2014
neighbor 2001:DB8:5A:F6::8 activate
exit­address­family
!
route­map fred permit 10
set ipv6 next­hop 2001:DB8:678:C000::6
!
R7 Configuration
router bgp 100
bgp log­neighbor­changes
neighbor 10.0.0.5 remote­as 100
neighbor 10.0.0.5 update­source Loopback0
neighbor 172.16.1.6 remote­as 65000
neighbor FE80::9%GigabitEthernet3/0 remote­as 65000
!
address­family ipv4
neighbor 10.0.0.5 activate
neighbor 172.16.1.6 activate
no neighbor FE80::9%GigabitEthernet3/0 activate
no auto­summary
no synchronization
exit­address­family
!
address­family ipv6
neighbor 10.0.0.5 activate
neighbor 10.0.0.5 route­map fred out
neighbor FE80::9%GigabitEthernet3/0 activate
neighbor FE80::9%GigabitEthernet3/0 route­map setloc in
exit­address­family
!
route­map setloc permit 10
set local­preference 150
!
route­map fred permit 10
set ipv6 next­hop 2001:DB8:678:B000::1
!
© Fred Bovy EIRL. IPv6 For Life. Page 69
10.Checking data plane of BGP Recursive routes. Sunday, March 30, 2014
10.2 Check the BGP data path on CISCO Routers (CEFv6)
In our lab the exit point to the Internet is set via R7 even for R6 which has a local
connection to the Internet because we set the Local Preference to a higher value (150)
for the routes coming in R7 than the default (100). This preempt Administrative distance
which would have preferred an eBGP route (20) over an iBGP (200).
This is a breakdown of the data path via IPv6 CEF 7.
R6#show ipv6 route 2001:DB8:ABC7::/48
Routing entry for 2001:DB8:ABC7::/48
Known via "bgp 100", distance 200, metric 0, type internal
Route count is 1/1, share count 0
Routing paths:
2001:DB8:678:B000::12001:DB8:678:B000::1
Last updated 00:16:37 ago
There are two parallel paths to reach the next-hop: 2001:DB8:678:B000::12001:DB8:678:B000::1
R6#show ipv6 cef 2001:DB8:ABC7::/48
2001:DB8:ABC7::/48
nexthop FE80::C805:1BFF:FE4F:70 GigabitEthernet1/0
nexthop FE80::C809:1BFF:FE64:70 GigabitEthernet2/0
R6#show ipv6 cef 2001:DB8:ABC7::/48 internal
2001:DB8:ABC7::/48, epoch 0, RIB[B], refcount 4, per­destination sharing
sources: RIB
feature space:
IPRM: 0x00018000
ifnums:
GigabitEthernet1/0(6): FE80::C805:1BFF:FE4F:70
GigabitEthernet2/0(7): FE80::C809:1BFF:FE64:70
path 6825F4B0, path list 6825E4B0, share 1/1, type recursive nexthop, for IPv6, flags
resolved, eos indirection
recursive via 2001:DB8:678:B000::1[IPv6:Default], fib 682618A8, 1 terminal fib
path 6825FB7C, path list 6825E88C, share 1/1, type attached nexthop, for IPv6
nexthop FE80::C805:1BFF:FE4F:70 GigabitEthernet1/0, adjacency IPV6 adj out of
GigabitEthernet1/0, addr FE80::C805:1BFF:FE4F:70 66F19CC0
path 6825FB08, path list 6825E88C, share 0/1, type attached nexthop, for IPv6
nexthop FE80::C809:1BFF:FE64:70 GigabitEthernet2/0, adjacency IPV6 adj out of
GigabitEthernet2/0, addr FE80::C809:1BFF:FE64:70 66F19B80
output chain:
loadinfo 682F62CC, per­session, 2 choices, flags 0005, 15 locks
flags: Per­session, for­rx­IPv6
7
Cisco Express Forwarding, the CISCO data path engine. When a packet get into the router, an interrupt is sent to the
CPU and a decision is made if the packet can be switched in interrupt mode by CEFv6 or be Queued and sent when the
IPv6 Queue Manager will have the its processor time shared slice.
© Fred Bovy EIRL. IPv6 For Life. Page 70
10.Checking data plane of BGP Recursive routes. Sunday, March 30, 2014
16 hash buckets
< 0 > IPV6 adj
< 1 > IPV6 adj
< 2 > IPV6 adj
< 3 > IPV6 adj
< 4 > IPV6 adj
< 5 > IPV6 adj
< 6 > IPV6 adj
< 7 > IPV6 adj
< 8 > IPV6 adj
< 9 > IPV6 adj
<10 > IPV6 adj
<11 > IPV6 adj
<12 > IPV6 adj
<13 > IPV6 adj
<14 > IPV6 adj
<15 > IPV6 adj
Subblocks:
None
out
out
out
out
out
out
out
out
out
out
out
out
out
out
out
out
of
of
of
of
of
of
of
of
of
of
of
of
of
of
of
of
GigabitEthernet1/0,
GigabitEthernet2/0,
GigabitEthernet1/0,
GigabitEthernet2/0,
GigabitEthernet1/0,
GigabitEthernet2/0,
GigabitEthernet1/0,
GigabitEthernet2/0,
GigabitEthernet1/0,
GigabitEthernet2/0,
GigabitEthernet1/0,
GigabitEthernet2/0,
GigabitEthernet1/0,
GigabitEthernet2/0,
GigabitEthernet1/0,
GigabitEthernet2/0,
addr
addr
addr
addr
addr
addr
addr
addr
addr
addr
addr
addr
addr
addr
addr
addr
FE80::C805:1BFF:FE4F:70
FE80::C809:1BFF:FE64:70
FE80::C805:1BFF:FE4F:70
FE80::C809:1BFF:FE64:70
FE80::C805:1BFF:FE4F:70
FE80::C809:1BFF:FE64:70
FE80::C805:1BFF:FE4F:70
FE80::C809:1BFF:FE64:70
FE80::C805:1BFF:FE4F:70
FE80::C809:1BFF:FE64:70
FE80::C805:1BFF:FE4F:70
FE80::C809:1BFF:FE64:70
FE80::C805:1BFF:FE4F:70
FE80::C809:1BFF:FE64:70
FE80::C805:1BFF:FE4F:70
FE80::C809:1BFF:FE64:70
66F19CC0
66F19B80
66F19CC0
66F19B80
66F19CC0
66F19B80
66F19CC0
66F19B80
66F19CC0
66F19B80
66F19CC0
66F19B80
66F19CC0
66F19B80
66F19CC0
66F19B80
These hash buckets are pointing to the two IPv6 CEF Adjacencies. If something is broken there
you can have routes and all seems good from the control plane level but there will be no correct
forwarding or no forwarding at all!
R6#show adjacency GigabitEthernet1/0 internal
Protocol Interface
Address
IP
GigabitEthernet1/0
10.2.0.1(20)
0 packets, 0 bytes
epoch 0
sourced in sev­epoch 0
Encap length 14
CA051B4F0070CA0A1B64001C0800
ARP
Fast adjacency enabled [OK]
L3 mtu 1500
Flags (0x88E)
Fixup disabled
HWIDB/IDB pointers 0x66BDEEFC/0x66BDFA78
IP redirect disabled
Switching vector: IPv4 no fixup, no redirect adj oce
Adjacency pointer 0x68273000
Next­hop 10.2.0.1
IPV6
GigabitEthernet1/0
FE80::C805:1BFF:FE4F:70(32)
0 packets, 0 bytes
epoch 0
sourced in sev­epoch 0
Encap length 14
Protocol Interface
Address
CA051B4F0070CA0A1B64001C86DD
© Fred Bovy EIRL. IPv6 For Life. Page 71
10.Checking data plane of BGP Recursive routes. Sunday, March 30, 2014
IPv6 ND
Fast adjacency enabled [OK]
L3 mtu 1500
Flags (0x1189E)
Fixup disabled
HWIDB/IDB pointers 0x66BDEEFC/0x66BDFA78
IP redirect enabled
Switching vector: IPv6 adjacency oce
Adjacency pointer 0x66F19CC0
Next­hop FE80::C805:1BFF:FE4F:70
R6#show adjacency GigabiEthernet2/0 internal
Protocol Interface
Address
IP
GigabitEthernet2/0
10.2.0.5(20)
0 packets, 0 bytes
epoch 0
sourced in sev­epoch 0
Encap length 14
CA091B640070CA0A1B6400380800
ARP
Fast adjacency enabled [OK]
L3 mtu 1500
Flags (0x88E)
Fixup disabled
HWIDB/IDB pointers 0x66C06CC4/0x66C07840
IP redirect disabled
Switching vector: IPv4 no fixup, no redirect adj oce
Adjacency pointer 0x68272EC0
Next­hop 10.2.0.5
IPV6
GigabitEthernet2/0
FE80::C809:1BFF:FE64:70(31)
0 packets, 0 bytes
epoch 0
sourced in sev­epoch 0
Encap length 14
Protocol Interface
Address
CA091B640070CA0A1B64003886DD
IPv6 ND
Fast adjacency enabled [OK]
L3 mtu 1500
Flags (0x1189E)
Fixup disabled
HWIDB/IDB pointers 0x66C06CC4/0x66C07840
IP redirect enabled
Switching vector: IPv6 adjacency oce
Adjacency pointer 0x66F19B80
Next­hop FE80::C809:1BFF:FE64:70
© Fred Bovy EIRL. IPv6 For Life. Page 72
11.Checking Redundancy. Sunday, March 30, 2014
11.
Checking Redundancy
Let's check a BGP Internet route entry on R6.
R6#show ipv6 route 2001:DB8:ABC0::/48
Routing entry for 2001:DB8:ABC0::/48
Known via "bgp 100", distance 200, metric 0, type internal
Route count is 1/1, share count 0
Routing paths:
2001:DB8:678:B000::1
Last updated 00:35:18 ago
Now, the BGP entry:
R6#show bgp ipv6 unicast 2001:DB8:ABC0::/48
BGP routing table entry for 2001:DB8:ABC0::/48, version 69
Paths: (2 available, best #1, table Default)
Advertised to update­groups:
1
65000
2001:DB8:678:B000::1 (metric 3) from 10.0.0.5 (10.0.0.5)
Origin incomplete, metric 0, localpref 150, valid, internal, best
Originator: 10.0.0.7, Cluster list: 10.0.0.5
64000
2001:DB8:5A:F6::8 (FE80::C80C:1BFF:FE4F:1C) from 2001:DB8:5A:F6::8 (10.0.0.8)
Origin incomplete, metric 0, localpref 100, valid, external
Now, let's shutdown the R7-R9 Link, R6 uses the local eBGP path to the Internet.
R6#show bgp ipv6 unicast 2001:DB8:ABC0::/48
BGP routing table entry for 2001:DB8:ABC0::/48, version 70
Paths: (1 available, best #1, table Default)
Advertised to update­groups:
2
64000
2001:DB8:5A:F6::8 (FE80::C80C:1BFF:FE4F:1C) from 2001:DB8:5A:F6::8 (10.0.0.8)
Origin incomplete, metric 0, localpref 100, valid, external, best
R6#show ipv6 route 2001:DB8:ABC0::/48
Routing entry for 2001:DB8:ABC0::/48
Known via "bgp 100", distance 20, metric 0, type external
Route count is 1/1, share count 0
Routing paths:
FE80::C80C:1BFF:FE4F:1C, GigabitEthernet3/0
Last updated 00:02:09 ago
When we do a no shutdown on the R7-R9 Link the exit point is back to normal on R6 and other
© Fred Bovy EIRL. IPv6 For Life. Page 73
11.Checking Redundancy. Sunday, March 30, 2014
routers.
R7(config)#interface GigabitEthernet 3/0
R7(config­if)#no shutdown
R7(config­if)#
*Mar 16 07:06:37.055: %BGP­5­ADJCHANGE: neighbor 172.16.1.6 Up
*Mar 16 07:06:37.475: %LINK­3­UPDOWN: Interface GigabitEthernet3/0, changed state to up
*Mar 16 07:06:38.475: %LINEPROTO­5­UPDOWN: Line protocol on Interface GigabitEthernet3/0,
changed state to up
*Mar 16 07:06:40.715: %BGP­5­ADJCHANGE: neighbor FE80::9%GigabitEthernet3/0 Up
R6#show ipv6 route 2001:DB8:ABC0::/48
Routing entry for 2001:DB8:ABC0::/48
Known via "bgp 100", distance 200, metric 0, type internal
Route count is 1/1, share count 0
Routing paths:
2001:DB8:678:B000::1
Last updated 00:01:17 ago
R6#show bgp ipv6 2001:DB8:ABC0::/48
BGP routing table entry for 2001:DB8:ABC0::/48, version 91
Paths: (2 available, best #1, table Default)
Advertised to update­groups:
1
65000
2001:DB8:678:B000::1 (metric 3) from 10.0.0.5 (10.0.0.5)
Origin incomplete, metric 0, localpref 150, valid, internal, best
Originator: 10.0.0.7, Cluster list: 10.0.0.5
64000
2001:DB8:5A:F6::8 (FE80::C80C:1BFF:FE4F:1C) from 2001:DB8:5A:F6::8 (10.0.0.8)
Origin incomplete, metric 0, localpref 100, valid, external
© Fred Bovy EIRL. IPv6 For Life. Page 74
12.Routers Configurations. Sunday, March 30, 2014
12.
Routers Configurations
12.1 R1
Current configuration : 2001 bytes
!
upgrade fpd auto
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password­encryption
!
hostname R1
ip cef
!
ipv6 unicast­routing
ipv6 cef
!
interface Loopback0
ip address 10.0.0.1 255.255.255.255
ipv6 address 2001:DB8:678:9000::1/128
ipv6 ospf 1 area 0
!interface GigabitEthernet1/0
ip address 10.0.1.1 255.255.255.252
negotiation auto
ipv6 address 2001:DB8:678:1::1/64
ipv6 ospf 1 area 0
!
interface GigabitEthernet2/0
ip address 10.0.1.9 255.255.255.252
negotiation auto
ipv6 address 2001:DB8:678:3::1/64
ipv6 ospf 1 area 0
!
interface GigabitEthernet3/0
ip address 10.0.1.5 255.255.255.252
negotiation auto
ipv6 address 2001:DB8:678:2::1/64
ipv6 ospf 1 area 0
!
interface GigabitEthernet4/0
ip address 10.2.0.1 255.255.255.252
negotiation auto
ipv6 address 2001:DB8:678:D004::7/64
ipv6 ospf 1 area 2
!
router ospf 1
log­adjacency­changes
© Fred Bovy EIRL. IPv6 For Life. Page 75
12.Routers Configurations. Sunday, March 30, 2014
network 10.2.0.0 0.0.255.255 area 2
network 10.0.0.0 0.255.255.255 area 0
!
router ospf 100
log­adjacency­changes
!
router bgp 100
bgp log­neighbor­changes
neighbor 10.0.0.5 remote­as 100
neighbor 10.0.0.5 update­source Loopback0
!
address­family ipv4
neighbor 10.0.0.5 activate
no auto­summary
no synchronization
exit­address­family
!
address­family ipv6
neighbor 10.0.0.5 activate
exit­address­family
!
ipv6 router ospf 1
log­adjacency­changes
12.2 R3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password­encryption
!
hostname R3
ip cef
ipv6 unicast­routing
ipv6 cef
!
!
interface Loopback0
ip address 10.0.0.3 255.255.255.255
ipv6 address 2001:DB8:678:9003::3/128
ipv6 ospf 1 area 0
!
interface GigabitEthernet0/0
ip address 10.1.0.6 255.255.255.252
duplex full
speed 1000
media­type gbic
negotiation auto
ipv6 address 2001:DB8:678:3::3/64
© Fred Bovy EIRL. IPv6 For Life. Page 76
12.Routers Configurations. Sunday, March 30, 2014
ipv6 ospf 1 area 1
!
interface GigabitEthernet1/0
ip address 10.0.1.18 255.255.255.252
negotiation auto
ipv6 address 2001:DB8:678:17::3/64
ipv6 enable
ipv6 ospf 1 area 0
!
interface GigabitEthernet2/0
ip address 10.0.1.21 255.255.255.252
negotiation auto
ipv6 address 2001:DB8:678:33::3/64
ipv6 enable
ipv6 ospf 1 area 0
!
interface GigabitEthernet3/0
ip address 10.0.1.6 255.255.255.252
negotiation auto
ipv6 address 2001:DB8:678:2::3/64
ipv6 enable
ipv6 ospf 1 area 0
!
router ospf 1
log­adjacency­changes
network 10.0.0.0 0.0.255.255 area 0
network 10.1.0.0 0.0.255.255 area 1
network 10.0.0.0 0.255.255.255 area 0
!
router bgp 100
bgp log­neighbor­changes
neighbor 10.0.0.5 remote­as 100
neighbor 10.0.0.5 update­source Loopback0
!
address­family ipv4
neighbor 10.0.0.5 activate
no auto­summary
no synchronization
exit­address­family
!
address­family ipv6
neighbor 10.0.0.5 activate
exit­address­family
!
12.3 R4
service timestamps debug datetime msec
service timestamps log datetime msec
© Fred Bovy EIRL. IPv6 For Life. Page 77
12.Routers Configurations. Sunday, March 30, 2014
service password­encryption
!
hostname R4
!
!
ip cef
ipv6 unicast­routing
ipv6 cef
!
interface Loopback0
ip address 10.0.0.4 255.255.255.255
ipv6 address 2001:DB8:678:9004::4/128
!
interface GigabitEthernet0/0
ip address 10.0.1.2 255.255.255.252
duplex full
speed 1000
media­type gbic
negotiation auto
ipv6 address 2001:DB8:678:1::4/64
ipv6 ospf 1 area 0
!
interface GigabitEthernet1/0
ip address 10.0.1.17 255.255.255.252
negotiation auto
ipv6 address 2001:DB8:678:17::4/64
ipv6 ospf 1 area 0
!
interface GigabitEthernet2/0
ip address 10.0.1.13 255.255.255.252
negotiation auto
ipv6 address 2001:DB8:678:22::3/64
ipv6 ospf 1 area 0
!
interface GigabitEthernet3/0
ip address 10.1.0.1 255.255.255.252
negotiation auto
ipv6 address 2001:DB8:678:A000::1/64
ipv6 ospf 1 area 1
!
router ospf 1
log­adjacency­changes
network 10.0.0.0 0.0.255.255 area 0
network 10.1.0.0 0.0.255.255 area 1
!
router bgp 100
bgp log­neighbor­changes
neighbor 10.0.0.5 remote­as 100
neighbor 10.0.0.5 update­source Loopback0
!
© Fred Bovy EIRL. IPv6 For Life. Page 78
12.Routers Configurations. Sunday, March 30, 2014
address­family ipv4
neighbor 10.0.0.5 activate
no auto­summary
no synchronization
exit­address­family
!
address­family ipv6
neighbor 10.0.0.5 activate
exit­address­family
!
ipv6 router ospf 1
log­adjacency­changes
!
!
12.4 R5 – BGP Route-Reflector
service timestamps debug datetime msec
service timestamps log datetime msec
service password­encryption
!
hostname R5
!
ip cef
ipv6 unicast­routing
ipv6 cef
!
!
interface Loopback0
ip address 10.0.0.5 255.255.255.255
ipv6 address 2001:DB8:678:9005::5/128
!
interface GigabitEthernet0/0
ip address 10.0.1.22 255.255.255.252
duplex full
speed 1000
media­type gbic
negotiation auto
ipv6 address 2001:DB8:678:33::5/64
ipv6 ospf 1 area 0
!
interface GigabitEthernet1/0
ip address 10.0.1.10 255.255.255.252
negotiation auto
ipv6 address 2001:DB8:678:3::5/64
ipv6 ospf 1 area 0
!
interface GigabitEthernet2/0
ip address 10.0.1.14 255.255.255.252
© Fred Bovy EIRL. IPv6 For Life. Page 79
12.Routers Configurations. Sunday, March 30, 2014
negotiation auto
ipv6 address 2001:DB8:678:22::5/64
ipv6 ospf 1 area 0
!
interface GigabitEthernet4/0
ip address 10.2.0.5 255.255.255.252
negotiation auto
ipv6 address 2001:DB8:678:D005::5/64
ipv6 ospf 1 area 2
!
router ospf 1
log­adjacency­changes
network 10.2.0.0 0.0.255.255 area 2
network 10.0.0.0 0.255.255.255 area 0
!
router bgp 100
bgp log­neighbor­changes
neighbor 10.0.0.1 remote­as 100
neighbor 10.0.0.1 update­source Loopback0
neighbor 10.0.0.3 remote­as 100
neighbor 10.0.0.3 update­source Loopback0
neighbor 10.0.0.4 remote­as 100
neighbor 10.0.0.4 update­source Loopback0
neighbor 10.0.0.6 remote­as 100
neighbor 10.0.0.6 update­source Loopback0
neighbor 10.0.0.7 remote­as 100
neighbor 10.0.0.7 update­source Loopback0
!
!
address­family ipv4
redistribute connected
neighbor 10.0.0.1 activate
neighbor 10.0.0.1 route­reflector­client
neighbor 10.0.0.3 activate
neighbor 10.0.0.3 route­reflector­client
neighbor 10.0.0.4 activate
neighbor 10.0.0.4 route­reflector­client
neighbor 10.0.0.6 activate
neighbor 10.0.0.6 route­reflector­client
neighbor 10.0.0.7 activate
neighbor 10.0.0.7 route­reflector­client
no auto­summary
no synchronization
exit­address­family
!
address­family ipv6
neighbor 10.0.0.1 activate
neighbor 10.0.0.1 route­reflector­client
neighbor 10.0.0.3 activate
neighbor 10.0.0.3 route­reflector­client
© Fred Bovy EIRL. IPv6 For Life. Page 80
12.Routers Configurations. Sunday, March 30, 2014
neighbor 10.0.0.4 activate
neighbor 10.0.0.4 route­reflector­client
neighbor 10.0.0.6 activate
neighbor 10.0.0.6 route­reflector­client
neighbor 10.0.0.7 activate
neighbor 10.0.0.7 route­reflector­client
exit­address­family
!
ipv6 router ospf 1
log­adjacency­changes
!
12.5 R6
service timestamps debug datetime msec
service timestamps log datetime msec
service password­encryption
!
hostname R6
ip cef
ipv6 unicast­routing
ipv6 cef
!
interface Loopback0
ip address 10.0.0.6 255.255.255.255
ipv6 address 2001:DB8:678:C000::6/128
!
interface GigabitEthernet1/0
ip address 10.2.0.2 255.255.255.252
negotiation auto
ipv6 address 2001:DB8:678:D004::6/64
ipv6 ospf 1 area 2
!
interface GigabitEthernet2/0
ip address 10.2.0.6 255.255.255.252
negotiation auto
ipv6 address 2001:DB8:678:D005::6/64
ipv6 ospf 1 area 2
!
interface GigabitEthernet3/0
ip address 172.16.1.1 255.255.255.252
negotiation auto
ipv6 address 2001:DB8:5A:F6::6/64
ipv6 ospf 1 area 1
!
router ospf 1
log­adjacency­changes
© Fred Bovy EIRL. IPv6 For Life. Page 81
12.Routers Configurations. Sunday, March 30, 2014
network 10.0.0.0 0.255.255.255 area 2
!
router bgp 100
bgp log­neighbor­changes
neighbor 10.0.0.5 remote­as 100
neighbor 10.0.0.5 update­source Loopback0
neighbor 2001:DB8:5A:F6::8 remote­as 64000
neighbor 172.16.1.2 remote­as 64000
!
address­family ipv4
neighbor 10.0.0.5 activate
neighbor 10.0.0.5 next­hop­self
no neighbor 2001:DB8:5A:F6::8 activate
neighbor 172.16.1.2 activate
no auto­summary
no synchronization
exit­address­family
!
address­family ipv6
neighbor 10.0.0.5 activate
neighbor 10.0.0.5 route­map fred out
neighbor 2001:DB8:5A:F6::8 activate
exit­address­family
!
!
ipv6 router ospf 1
log­adjacency­changes
passive­interface GigabitEthernet3/0
redistribute connected
!
route­map fred permit 10
set ipv6 next­hop 2001:DB8:678:C000::6
!
!
12.6 R7
service timestamps debug datetime msec
service timestamps log datetime msec
service password­encryption
!
hostname R7
!
boot­start­marker
boot­end­marker
!
logging message­counter syslog
!
no aaa new­model
ip source­route
© Fred Bovy EIRL. IPv6 For Life. Page 82
12.Routers Configurations. Sunday, March 30, 2014
ip cef
ipv6 unicast­routing
ipv6 cef
!
!
interface Loopback0
ip address 10.0.0.7 255.255.255.255
ipv6 address 2001:DB8:678:B000::1/128
ipv6 ospf 1 area 1
!
interface GigabitEthernet0/0
ip address 10.1.0.2 255.255.255.252
duplex full
speed 1000
media­type gbic
negotiation auto
ipv6 address 2001:DB8:678:A000::7/64
ipv6 ospf 1 area 1
!
interface GigabitEthernet1/0
ip address 10.1.0.5 255.255.255.252
negotiation auto
ipv6 address 2001:DB8:678:A001::7/64
ipv6 ospf 1 area 1
!
interface GigabitEthernet3/0
ip address 172.16.1.5 255.255.255.252
negotiation auto
ipv6 address FE80::7 link­local
ipv6 address 2001:DB8:5A:F7::6/64
!
router ospf 1
log­adjacency­changes
network 10.0.0.0 0.255.255.255 area 1
!
router bgp 100
bgp log­neighbor­changes
neighbor 10.0.0.5 remote­as 100
neighbor 10.0.0.5 update­source Loopback0
neighbor 172.16.1.6 remote­as 65000
neighbor FE80::9%GigabitEthernet3/0 remote­as 65000
!
address­family ipv4
neighbor 10.0.0.5 activate
neighbor 10.0.0.5 next­hop­self
neighbor 172.16.1.6 activate
no neighbor FE80::9%GigabitEthernet3/0 activate
no auto­summary
no synchronization
exit­address­family
© Fred Bovy EIRL. IPv6 For Life. Page 83
12.Routers Configurations. Sunday, March 30, 2014
!
address­family ipv6
neighbor 10.0.0.5 activate
neighbor 10.0.0.5 route­map fred out
neighbor FE80::9%GigabitEthernet3/0 activate
neighbor FE80::9%GigabitEthernet3/0 route­map setloc in
exit­address­family
!
ipv6 router ospf 1
log­adjacency­changes
!
route­map setloc permit 10
set local­preference 150
!
route­map fred permit 10
set ipv6 next­hop 2001:DB8:678:B000::1
!
12.7 R8-ISP2. AS 64000
service timestamps debug datetime msec
service timestamps log datetime msec
service password­encryption
!
hostname ISP2­R8
!
ip cef
ipv6 unicast­routing
ipv6 cef
!
interface Loopback0
ip address 10.0.0.8 255.255.255.255
!
!
interface GigabitEthernet1/0
ip address 172.16.1.2 255.255.255.252
negotiation auto
ipv6 address 2001:DB8:5A:F6::8/64
!
!
router bgp 64000
bgp log­neighbor­changes
neighbor 2001:DB8:5A:F6::6 remote­as 100
neighbor 172.16.1.1 remote­as 100
!
address­family ipv4
redistribute static
no neighbor 2001:DB8:5A:F6::6 activate
neighbor 172.16.1.1 activate
© Fred Bovy EIRL. IPv6 For Life. Page 84
12.Routers Configurations. Sunday, March 30, 2014
no auto­summary
no synchronization
exit­address­family
!
address­family ipv6
neighbor 2001:DB8:5A:F6::6 activate
redistribute static
no synchronization
exit­address­family
!
ip route 202.3.0.0 255.255.255.0 Null0
ip route 202.3.1.0 255.255.255.0 Null0
ip route 202.3.2.0 255.255.255.0 Null0
ip route 202.3.3.0 255.255.255.0 Null0
ip route 202.3.4.0 255.255.255.0 Null0
ip route 202.3.5.0 255.255.255.0 Null0
ip route 202.3.6.0 255.255.255.0 Null0
ip route 202.3.7.0 255.255.255.0 Null0
ip route 202.3.8.0 255.255.255.0 Null0
ip route 202.3.9.0 255.255.255.0 Null0
no ip http server
no ip http secure­server
!
!
!
ipv6 route 2001:DB8:ABC0::/48 Null0
ipv6 route 2001:DB8:ABC1::/48 Null0
ipv6 route 2001:DB8:ABC2::/48 Null0
ipv6 route 2001:DB8:ABC3::/48 Null0
ipv6 route 2001:DB8:ABC4::/48 Null0
ipv6 route 2001:DB8:ABC5::/48 Null0
ipv6 route 2001:DB8:ABC6::/48 Null0
ipv6 route 2001:DB8:ABC7::/48 Null0
ipv6 route 2001:DB8:ABC8::/48 Null0
ipv6 route 2001:DB8:ABC9::/48 Null0
ipv6 route 2001:DB8:ABCA::/48 Null0
!
12.8 R9-ISP1. AS 65000
service timestamps debug datetime msec
service timestamps log datetime msec
service password­encryption
!
hostname ISP1­R9
ip source­route
ip cef
ipv6 unicast­routing
© Fred Bovy EIRL. IPv6 For Life. Page 85
12.Routers Configurations. Sunday, March 30, 2014
ipv6 cef
!
interface Loopback0
ip address 10.0.0.9 255.255.255.255
!
!
interface GigabitEthernet1/0
ip address 172.16.1.6 255.255.255.252
negotiation auto
ipv6 address FE80::9 link­local
ipv6 address 2001:DB8:5A:F7::9/64
!
router bgp 65000
bgp log­neighbor­changes
neighbor 172.16.1.5 remote­as 100
neighbor FE80::7%GigabitEthernet1/0 remote­as 100
!
address­family ipv4
redistribute static metric 5
neighbor 172.16.1.5 activate
no neighbor FE80::7%GigabitEthernet1/0 activate
no auto­summary
no synchronization
exit­address­family
!
address­family ipv6
neighbor FE80::7%GigabitEthernet1/0 activate
redistribute static
no synchronization
exit­address­family
!
ip forward­protocol nd
ip route 202.3.0.0 255.255.255.0 Null0
ip route 202.3.1.0 255.255.255.0 Null0
ip route 202.3.2.0 255.255.255.0 Null0
ip route 202.3.3.0 255.255.255.0 Null0
ip route 202.3.4.0 255.255.255.0 Null0
ip route 202.3.5.0 255.255.255.0 Null0
ip route 202.3.6.0 255.255.255.0 Null0
ip route 202.3.7.0 255.255.255.0 Null0
ip route 202.3.8.0 255.255.255.0 Null0
ip route 202.3.9.0 255.255.255.0 Null0
!
ipv6 route 2001:DB8:ABC0::/48 Null0
ipv6 route 2001:DB8:ABC1::/48 Null0
ipv6 route 2001:DB8:ABC2::/48 Null0
ipv6 route 2001:DB8:ABC3::/48 Null0
ipv6 route 2001:DB8:ABC4::/48 Null0
ipv6 route 2001:DB8:ABC5::/48 Null0
ipv6 route 2001:DB8:ABC6::/48 Null0
© Fred Bovy EIRL. IPv6 For Life. Page 86
12.Routers Configurations. Sunday, March 30, 2014
ipv6
ipv6
ipv6
ipv6
!
route
route
route
route
2001:DB8:ABC7::/48
2001:DB8:ABC8::/48
2001:DB8:ABC9::/48
2001:DB8:ABCA::/48
Null0
Null0
Null0
Null0
© Fred Bovy EIRL. IPv6 For Life. Page 87
12.Routers Configurations. Sunday, March 30, 2014
© Fred Bovy EIRL. IPv6 For Life. Page 88
12.Routers Configurations. Sunday, March 30, 2014
Migration of a Dual-Stack
Backbone from OSPFv3 and
OSPFv2 to IS-IS
Version 1.4
From Fred Bovy ccie #3013
Routing IPv6 Part 3
http://www.ipv6forlife.com/Tutorial/labISIS/
© Fred Bovy EIRL. IPv6 For Life. Page 89
13.Why a Migration to IS-IS?. Sunday, March 30, 2014
13.
Why a Migration to IS-IS?
The benefits running ISIS instead of OSPF are:
• That you only run one Routing Protocol for both IPv4 and IPv6. You can run the
same SPF for both IPv4 and IPv6 or have Multiple Topologies.
• IS-IS database is far more easy to read than OSPF and you do not need to study the
protocol in depth to understand it.
• ISIS run over CLNS, an OSI protocol and implement safety protocols which make it
a bit harder to hack than OSPFv2.
• For the refreshment of the Database, for each LSA OSPF counts from zero up to
1800 seconds, 30 minutes and refresh it because MaxAge is one hour after which
the LSA is removed from consideration when computing routes.
• With IS-IS we count from zero to a configurable MaxAge that can be different for
each link. To minimize the traffic overhead in a stable Network we can set it up to
more than 18 hours.
• A migration to IS-IS is a very easy process and transparent for the users as we can
run both protocols, then we can make the Admin distance of OSPF higher than its
default to get IS-IS routes in the tables rather than OSPFv2 and OSPFv3. Obviously
it is recommended to check each protocol one at a time.
• People familiar with OSPF don't have any problem to switch to OSPF. It makes their
life easier.
I decided to start with all routers in the same Area Level-2. This is what most
people do but for extremely large IS-IS Networks you may need multiarea.
Then we do a migration to
multiarea.http://www.ipv6forlife.com/Tutorial/labISIS/
© Fred Bovy EIRL. IPv6 For Life. Page 90
Illustration 10: Final Lab Setup
14.IS-IS Reminder. Sunday, March 30, 2014
14.
IS-IS Reminder
14.1 Introduction and history
IS-IS is a Link State Routing Protocol like OSPF which was designed to route OSI protocol CLNS. In
the early 90s we had hit the IPv4 lack of address problems and OSI was a candidate to replace
IPv4 with a 20 bytes maximum long address.
Only Digital followed and Decnet Phase V was OSI protocols. Later came ATM which brought some
confusion. Which one to choose. IBM made the ATM 25 Mbps choice for the desktop LAN
connection. ATM was sounding great as it was proposing to unified all networks in one: Data,
Video, Voice Traffic could live together and each one was receiving the Quality of Service that it
wanted. Many IP QoS and others are using some parts of ATM that were great for IP too.
IS-IS do not run over IPv4 or IPv6 but CLNS, this is why you need to set the NET. The NET is also
used to identify an area. The NET use the lower 48 bit to identify the host, the rest which is the
highest bits of the address is the area address. In our lab we are using area
39.b000.0000.0000.000x.00, where x is the Router number. When we will split the domain in 3
Area we will use 3 NET area 39.c000 and 39.d000 will be the additional Area.
IS-IS sees two different LSP8, the LSA9 counterpart of OSPF. The Router LSP and the Network LSP
generated by the Designated Intermediate System (DIS). You have a Database for Level-1 and a
database for Level-2 Routeing. It is not a fault, in OSI papers you will read Routeing instead of
Routing. It must have been written by a French having a problem with English language. So it
makes 4 different LSPs instead of 9 and more for OSPF. IS-IS LSP can be interpreted directly it is in
a clear format. OSPF LSAs needs some study to be understood.
The hierarchy in IS-IS is made with 2 Levels of Routing. Level-2 Routers are Backbone Area Routers
while Level-1 Area Routers are Internal non backbone routers. To connect an Area with the
Backbone you need a Level-1-2 Router. The Level-1 routers only see the local Routes and have a
default route to a Level-1-2 routers.
Illustration
11: IS-IS
Architecture
8
9
Link-State Packet
Link-State Advertisement
© Fred Bovy EIRL. IPv6 For Life. Page 91
14.IS-IS Reminder. Sunday, March 30, 2014
Illustration 12: IS-IS 2 levels of Routing
14.2 IS-IS Architecture
As OSPF, it also has a 2 level routing. Level-2 Routers are the Backbone. The backbone
must be continuous. Area can connect to the backbone with Level-1-2 10 Routers. Router
which are in only one area are Level 1 except for the backbone which are Level-2.
FOR THE SAKE OF SIMPLICITY, IN THE LAB WE START WITH ONE AREA
If we follow the same Architecture that we used for OSPF in previous Volume and multiple
Area we would need to do Route Leaking for the eBGP routers for BGP Next-hop to be
resolved in BGP Paths.
The metric-style is by default narrow which means that it is limited to 63 max, it can be
set to wide and be coded with 32 bits!
14.3 Security
ISIS can be secured with Passwords which is highly recommended.
14.4 Neighbor Discovery
For each Level, routers sends IS to IS Hello (IIH) on a regular basis.
To make sure that MTU matches, the Hello are sent at MTU.
14.5 Multipoint Networks
The neighbors discovers themselves as they send Level-2-IIH and or Level-1-IIH. IIH
stands for IS-IS Hello Packets.
For the Multipoint networks, IS-IS has an approach similar to OSPF. It elects a Designated
Intermediate System (DIS). There is no backup DIS as it is not needed, any router can
take over immediately the DIS role if it fails.
10 The equivalent of an OSPF ABR.
© Fred Bovy EIRL. IPv6 For Life. Page 92
14.IS-IS Reminder. Sunday, March 30, 2014
As for the OSPF DR, the DIS helps for two things:
• It generates a Pseudonode LSP to which it is also connected to on the behalf of all
the Neighbors of the Network.
• It helps Neighbors Synchronization by sending a CSNP2 message on a regular time
basis. This CSNP11 advertises the headers of all the LSP12s of the Database. If a
Neighbor noticed that it has a missing or out-of-date LSP, it sends a PSNP Request
to get the Last LSP.
No.
Time
Source
Destination
Protocol Length Info
13 8.726791
ca:07:1b:4f:00:54
ISIS­all­level­2­IS's ISIS
310
L2 CSNP, Source­ID: 0000.0000.0003.00,
Start LSP­ID: 0000.0000.0000.00­00, End LSP­ID: ffff.ffff.ffff.ff­ff
Frame 13: 310 bytes on wire (2480 bits), 310 bytes captured (2480 bits)
IEEE 802.3 Ethernet
Logical­Link Control
DSAP: ISO Network Layer (0xfe)
IG Bit: Individual
SSAP: ISO Network Layer (0xfe)
CR Bit: Command
Control field: U, func=UI (0x03)
ISO 10589 ISIS InTRA Domain Routeing Information Exchange Protocol
Intra Domain Routing Protocol Discriminator: ISIS (0x83)
PDU Header Length: 33
Version (==1): 1
System ID Length: 0
PDU Type
: L2 CSNP (R:000)
Version2 (==1): 1
Reserved (==0): 0
Max.AREAs: (0==3): 0
ISO 10589 ISIS Complete Sequence Numbers Protocol Data Unit
PDU length: 293
Source­ID:
0000.0000.0003.00
Start LSP­ID: 0000.0000.0000.00­00
End LSP­ID: ffff.ffff.ffff.ff­ff
LSP entries (240)
LSP­ID: 0000.0000.0001.00­00, Sequence: 0x00000022, Lifetime:
LSP­ID: 0000.0000.0003.00­00, Sequence: 0x0000001e, Lifetime:
LSP­ID: 0000.0000.0003.04­00, Sequence: 0x00000018, Lifetime:
LSP­ID: 0000.0000.0004.00­00, Sequence: 0x00000020, Lifetime:
LSP­ID: 0000.0000.0004.01­00, Sequence: 0x00000019, Lifetime:
LSP­ID: 0000.0000.0004.02­00, Sequence: 0x00000019, Lifetime:
LSP­ID: 0000.0000.0005.00­00, Sequence: 0x0000001e, Lifetime:
LSP­ID: 0000.0000.0005.01­00, Sequence: 0x00000019, Lifetime:
LSP­ID: 0000.0000.0005.02­00, Sequence: 0x00000019, Lifetime:
LSP­ID: 0000.0000.0005.03­00, Sequence: 0x0000001a, Lifetime:
LSP­ID: 0000.0000.0006.00­00, Sequence: 0x00000015, Lifetime:
LSP­ID: 0000.0000.0006.01­00, Sequence: 0x00000012, Lifetime:
LSP­ID: 0000.0000.0006.02­00, Sequence: 0x00000012, Lifetime:
LSP­ID: 0000.0000.0007.00­00, Sequence: 0x00000014, Lifetime:
LSP­ID: 0000.0000.0007.01­00, Sequence: 0x00000012, Lifetime:
LSP entries (16)
LSP­ID: 0000.0000.0007.02­00, Sequence: 0x00000012, Lifetime:
918s,
1151s,
481s,
599s,
725s,
619s,
739s,
414s,
545s,
1127s,
763s,
781s,
843s,
461s,
677s,
Checksum:
Checksum:
Checksum:
Checksum:
Checksum:
Checksum:
Checksum:
Checksum:
Checksum:
Checksum:
Checksum:
Checksum:
Checksum:
Checksum:
Checksum:
0xe12c
0xa480
0xd0ec
0xe42a
0xe9d3
0x15a5
0x7eeb
0x2297
0xe8d1
0x2b8a
0xab64
0x04bc
0x615a
0xb2f9
0x5566
661s, Checksum: 0x3586
The CSNP are used on Point to Point at initialization only to make sure that the two ends are in
synchronization. On Broadcast Networks, on a regular basis, every 10 seconds with a variation of about
3 seconds max to avoid synchronization.
11 Complete Sequence Number Packet
12 Link State Packet or LSP which populate the IS-IS database.
© Fred Bovy EIRL. IPv6 For Life. Page 93
14.IS-IS Reminder. Sunday, March 30, 2014
14.6 Point to Point Networks
On the Point-to-Point Networks we also use CSNP but only just after we discovered the
neighbor with the P2P IIH for Point-to-Point IS-IS to IS-IS Hello message.
15.
Migration Steps
15.1. Backbone Configuration
Configuration of the Core routers is very straightforward. You need to give a unique NET for each
router 39.b000.0000.0000.000X.00 , x is the router number. The NET is the CLNS Address of the
Router, it defines the Area, here 39.b000 is the Area Address and 0003 is the Router number.
router isis fred
is­type level­2­only
net 39.b000.0000.0000.0003.00
passive­interface lo0
interface GigabitEthernet0/0
ip router isis fred
ipv6 router isis fred
Repeat the same for each core interface...
15.2 Verification that ISIS is running OK.
Check IS-IS neighbors
The easiest way is to run the command “show clns neighbor” on each node and check
that the old OSPF neighbors are now also IS-IS neighbor.
R4> show clns neighbors
System Id
R7
R1
R5
R3
Interface
Gi3/0
Gi0/0
Gi2/0
Gi1/0
SNPA
ca0b.1b64.0008
ca05.1b4f.001c
ca09.1b64.0038
ca07.1b4f.001c
State
Up
Up
Up
Up
Holdtime
9
27
9
24
Type
L2
L2
L2
L2
Protocol
IS­IS
IS­IS
IS­IS
IS­IS
You can also us “show isis neighbors”
R4>show isis neighbors
System Id
R7
R1
R5
R3
Type
L2
L2
L2
L2
Interface
Gi3/0
Gi0/0
Gi2/0
Gi1/0
IP Address
10.1.0.2
10.0.1.1
10.0.1.14
10.0.1.18
© Fred Bovy EIRL. IPv6 For Life. Page 94
State
UP
UP
UP
UP
Holdtime
9
23
7
21
Circuit Id
R7.01
R4.01
R5.03
R4.02
15.Migration Steps. Sunday, March 30, 2014
Check that all IS-IS are Up from the database
To check that all neighbors are UP you can check the ISIS database as this is the case
here:
R4>show isis database
IS­IS Level­2 Link State Database:
LSPID
LSP Seq Num
0000.0000.0000.02­00 0x00000000
R1.00­00
0x00000011
R3.00­00
0x0000000D
R3.04­00
0x00000008
R4.00­00
* 0x00000010
R4.01­00
* 0x00000008
R4.02­00
* 0x00000008
R5.00­00
0x0000000D
R5.01­00
0x00000009
R5.02­00
0x00000008
R5.03­00
0x00000009
R6.00­00
0x00000004
R6.01­00
0x00000001
R6.02­00
0x00000001
R7.00­00
0x00000004
R7.01­00
0x00000002
R7.02­00
0x00000002
LSP Checksum
0x0000
0x041B
0xC66F
0xF0DC
0x051A
0x0CC2
0x3794
0xA0DA
0x4287
0x0BC0
0x4D79
0xCD53
0x26AB
0x8349
0xD2E9
0x7556
0x5576
LSP Holdtime
1025
625
842
631
859
696
411
625
1104
659
1189
626
624
624
886
1003
919
ATT/P/OL
0/0/0
0/0/0
0/0/0
0/0/0
0/0/0
0/0/0
0/0/0
0/0/0
0/0/0
0/0/0
0/0/0
0/0/0
0/0/0
0/0/0
0/0/0
0/0/0
0/0/0
To inspect a LSP3 in particular in the Database, for instance R4.
R4 generated 2 LSP: One is the Router LSP and one because this router is also DIS4 for a LAN and is
the equivalent of the DR for OSPF.
R4>show isis database R4.00­00 detail
IS­IS Level­2 LSP R4.00­00
LSPID
LSP Seq Num LSP Checksum LSP Holdtime
R4.00­00
* 0x00000011
0x031B
1149
Area Address: 39.b000
NLPID:
0xCC 0x8E
Hostname: R4
IP Address:
10.1.0.1
IPv6 Address: 2001:DB8:678:A000::1
Metric: 10
IS R4.02
Metric: 10
IS R4.01
Metric: 10
IS R7.01
Metric: 10
IS R5.03
Metric: 10
IP 10.0.1.0 255.255.255.252
Metric: 10
IP 10.0.1.12 255.255.255.252
Metric: 10
IP 10.0.1.16 255.255.255.252
Metric: 10
IP 10.1.0.0 255.255.255.252
Metric: 10
IPv6 2001:DB8:678:1::/64
Metric: 10
IPv6 2001:DB8:678:17::/64
Metric: 10
IPv6 2001:DB8:678:22::/64
Metric: 10
IPv6 2001:DB8:678:A000::/64
ATT/P/OL
0/0/0
You have both the Topology information, the Neighbor Router IS and the Prefixes advertized by the
© Fred Bovy EIRL. IPv6 For Life. Page 95
15.Migration Steps. Sunday, March 30, 2014
node in the Router LSP.
Now let's take a look at the DIS Pseudo-node LSP. We know it is a Pseudo-node LSP because of the 01
in R4.01-00 which is different from 0, the Router LSP. This one is purely Topology and gives all the
neighbors of a Multipoint Network.
Also note that the second digit after – is 00 because it is fragment 0. In case we have a LSP too big for
the MTU5, we fragment is and this number is the fragment number.
R4>show isis database R4.01­00 detail
IS­IS Level­2 LSP R4.01­00
LSPID
LSP Seq Num
R4.01­00
* 0x00000009
Metric: 0
IS R4.00
Metric: 0
IS R1.00
LSP Checksum
0x0AC3
LSP Holdtime
985
ATT/P/OL
0/0/0
Remove OSPF for IPv4 and check the IPv4 Routing table
R1#conf t
To check that ISISis OK takink no risk to have missing routes, change the OSPF
Administrative distance to 120 and check that the ISIS routes are replacing the OSPF:
R5(config­router)#distance 120
If you have a very large routing table you could start high level with a “s how
ip route summary” and “show ipv6 route summary”. This gives you the most
important information.
R5>show ip route summary
IP routing table name is Default­IP­Routing­Table(0)
IP routing table maximum­paths is 32
Route Source
Networks
Subnets
Overhead
Memory (bytes)
connected
0
5
320
760
static
0
0
0
0
bgp 100
10
0
640
1520
External: 0 Internal: 10 Local: 0
isis fred
0
11
1024
1672
Level 1: 0 Level 2: 11 Inter­area: 0
internal
1
1172
Total
11
16
1984
5124
Removing Queue Size 0
R5>show ipv6 route summary
IPv6 routing table name is Default(0) global scope ­ 32 entries
IPv6 routing table default maximum­paths is 16
Route Source
Networks
Overhead
Memory (bytes)
connected
4
384
512
local
6
576
768
bgp 100
11
1056
1408
Internal: 11 External: 0 Local: 0
isis fred
11
1632
1408
Level 1: 0 Level 2: 11 Inter­area: 0 Summary: 0
Total
32
3648
4096
Number of prefixes:
/8: 1, /48: 11, /64: 10, /128: 10
© Fred Bovy EIRL. IPv6 For Life. Page 96
15.Migration Steps. Sunday, March 30, 2014
R5#how ip route
*Mar 18 22:57:51.756: %SYS­5­CONFIG_I: Configured from console by consoles
Codes: C ­ connected, S ­ static, R ­ RIP, M ­ mobile, B ­ BGP
D ­ EIGRP, EX ­ EIGRP external, O ­ OSPF, IA ­ OSPF inter area
N1 ­ OSPF NSSA external type 1, N2 ­ OSPF NSSA external type 2
E1 ­ OSPF external type 1, E2 ­ OSPF external type 2
i ­ IS­IS, su ­ IS­IS summary, L1 ­ IS­IS level­1, L2 ­ IS­IS level­2
ia ­ IS­IS inter area, * ­ candidate default, U ­ per­user static route
o ­ ODR, P ­ periodic downloaded static route
Gateway of last resort is not set
B
B
B
B
B
B
B
B
C
C
i L2
O
i L2
i L2
i L2
C
O
O IA
O
i L2
i L2
C
i L2
C
B
B
202.3.6.0/24 [200/0] via 10.0.0.6, 1d06h
202.3.7.0/24 [200/0] via 10.0.0.6, 1d06h
202.3.4.0/24 [200/0] via 10.0.0.6, 1d06h
202.3.5.0/24 [200/0] via 10.0.0.6, 1d06h
202.3.2.0/24 [200/0] via 10.0.0.6, 1d06h
202.3.3.0/24 [200/0] via 10.0.0.6, 1d06h
202.3.0.0/24 [200/0] via 10.0.0.6, 1d06h
202.3.1.0/24 [200/0] via 10.0.0.6, 1d06h
10.0.0.0/8 is variably subnetted, 16 subnets, 2 masks
10.0.1.8/30 is directly connected, GigabitEthernet1/0
10.0.1.12/30 is directly connected, GigabitEthernet2/0
10.2.0.0/30 [115/20] via 10.2.0.6, GigabitEthernet4/0
[115/20] via 10.0.1.9, GigabitEthernet1/0
10.0.0.3/32 [120/2] via 10.0.1.21, 00:00:06, GigabitEthernet0/0
10.1.0.0/30 [115/20] via 10.0.1.13, GigabitEthernet2/0
10.0.1.0/30 [115/20] via 10.0.1.13, GigabitEthernet2/0
[115/20] via 10.0.1.9, GigabitEthernet1/0
10.0.0.1/32 [115/10] via 10.0.1.9, GigabitEthernet1/0
10.2.0.4/30 is directly connected, GigabitEthernet4/0
10.0.0.6/32 [120/2] via 10.2.0.6, 00:00:06, GigabitEthernet4/0
10.0.0.7/32 [120/3] via 10.0.1.21, 00:00:06, GigabitEthernet0/0
[120/3] via 10.0.1.13, 00:00:06, GigabitEthernet2/0
10.0.0.4/32 [120/2] via 10.0.1.13, 00:00:06, GigabitEthernet2/0
10.1.0.4/30 [115/20] via 10.0.1.21, GigabitEthernet0/0
10.0.1.4/30 [115/20] via 10.0.1.21, GigabitEthernet0/0
[115/20] via 10.0.1.9, GigabitEthernet1/0
10.0.0.5/32 is directly connected, Loopback0
10.0.1.16/30 [115/20] via 10.0.1.21, GigabitEthernet0/0
[115/20] via 10.0.1.13, GigabitEthernet2/0
10.0.1.20/30 is directly connected, GigabitEthernet0/0
202.3.8.0/24 [200/0] via 10.0.0.6, 1d06h
202.3.9.0/24 [200/0] via 10.0.0.6, 1d06h
Here we still have OSPF routes meaning that some routers have not been configured
properly. In our example as 10.0.0.3 is still an OSPF routes we probably have forgotten to
configure IS-IS properly on R3.
Let's check other routes:
R5#show ip route 10.0.1.16
Routing entry for 10.0.1.16/30
Known via "isis", distance 115, metric 20, type level­2
Redistributing via isis
© Fred Bovy EIRL. IPv6 For Life. Page 97
15.Migration Steps. Sunday, March 30, 2014
Last update from 10.0.1.13 on GigabitEthernet2/0, 00:05:13 ago
Routing Descriptor Blocks:
* 10.0.1.21, from 10.0.1.6, via GigabitEthernet0/0
Route metric is 20, traffic share count is 1
10.0.1.13, from 10.1.0.1, via GigabitEthernet2/0
Route metric is 20, traffic share count is 1
Check the Router data plane (CEF and CEFv6)
R5#show ip cef 10.0.1.16
10.0.1.16/30
nexthop 10.0.1.13 GigabitEthernet2/0
nexthop 10.0.1.21 GigabitEthernet0/0
R5#show ip cef 10.0.1.16 internal
10.0.1.16/30, epoch 0, RIB[I], refcount 5, per­destination sharing
sources: RIB
feature space:
IPRM: 0x00038000
ifnums:
GigabitEthernet0/0(5): 10.0.1.21
GigabitEthernet2/0(7): 10.0.1.13
path 66EC3CE4, path list 66EC2CE0, share 1/1, type attached nexthop, for IPv4
nexthop 10.0.1.13 GigabitEthernet2/0, adjacency IP adj out of GigabitEthernet2/0, addr
10.0.1.13 66F19380
path 66EC3D58, path list 66EC2CE0, share 1/1, type attached nexthop, for IPv4
nexthop 10.0.1.21 GigabitEthernet0/0, adjacency IP adj out of GigabitEthernet0/0, addr
10.0.1.21 66F194C0
output chain:
loadinfo 683E0EAC, per­session, 2 choices, flags 0003, 6 locks
flags: Per­session, for­rx­IPv4
16 hash buckets
< 0 > IP adj out of GigabitEthernet2/0, addr 10.0.1.13 66F19380
< 1 > IP adj out of GigabitEthernet0/0, addr 10.0.1.21 66F194C0
< 2 > IP adj out of GigabitEthernet2/0, addr 10.0.1.13 66F19380
< 3 > IP adj out of GigabitEthernet0/0, addr 10.0.1.21 66F194C0
< 4 > IP adj out of GigabitEthernet2/0, addr 10.0.1.13 66F19380
< 5 > IP adj out of GigabitEthernet0/0, addr 10.0.1.21 66F194C0
< 6 > IP adj out of GigabitEthernet2/0, addr 10.0.1.13 66F19380
< 7 > IP adj out of GigabitEthernet0/0, addr 10.0.1.21 66F194C0
< 8 > IP adj out of GigabitEthernet2/0, addr 10.0.1.13 66F19380
< 9 > IP adj out of GigabitEthernet0/0, addr 10.0.1.21 66F194C0
<10 > IP adj out of GigabitEthernet2/0, addr 10.0.1.13 66F19380
<11 > IP adj out of GigabitEthernet0/0, addr 10.0.1.21 66F194C0
<12 > IP adj out of GigabitEthernet2/0, addr 10.0.1.13 66F19380
<13 > IP adj out of GigabitEthernet0/0, addr 10.0.1.21 66F194C0
<14 > IP adj out of GigabitEthernet2/0, addr 10.0.1.13 66F19380
<15 > IP adj out of GigabitEthernet0/0, addr 10.0.1.21 66F194C0
Subblocks:
None
Troubleshoot a bug with an Incomplete Adjacency.
Found a Bug Entry in the Adjacency table.
R5#show adjacency GigabitEthernet0/0 detail
Protocol Interface
Address
© Fred Bovy EIRL. IPv6 For Life. Page 98
15.Migration Steps. Sunday, March 30, 2014
IP
GigabitEthernet0/0
IPV6
GigabitEthernet0/0
10.0.1.21(28)
955 packets, 61599 bytes
epoch 0
sourced in sev­epoch 0
Encap length 14
CA071B4F0038CA091B6400080800
ARP
FE80::C807:1BFF:FE4F:38(39) (incomplete)
39 packets, 3042 bytes
epoch 0
sourced in sev­epoch 0
punt (rate­limited) packets
no src set
Punt means that is cannot be CEF switched and is punted to next level which is no good
(see below). In this situation you need to check what's wrong. The image I used for this
lab is really an old image and I suspect a bug as I have received other console message
using OSPF or ISIS. It reminds me a bug with an Ethernet driver who was not able to deal
with a small load of traffic! This punt is for IPv6 Traffic we have not yet switched to IS-IS
for IPv6
The address belongs to its neighbor which is cool and the other interface is OK! So it
sounds like a bug if it is persistant.
In this case you should troubleshoot the problem until the entry is no longer
Punt. Punt means that the destination is not CEFv6 switched but switched by
the processor when the IPv6 Queue will have its shared time slice. It is rate
limited to avoid that the processor gets on its knees, so packets can be
dropped!
Get to the TAC or your CISCO dealer if you cannot make it!
In my case I moved Gig0/0 to Gig3/0 which was free and leaved Gig0/0 which is
the interface on the processor board on the c7200 which should not be used
for switching traffic but for admin. I reloaded the router and the problem
disappeared. Fortunately many bugs have easy workaround:
R5#show adjacency GigabitEthernet
Protocol Interface
IP
GigabitEthernet3/0
IPV6
GigabitEthernet3/0
R5#show adjacency GigabitEthernet
Protocol Interface
IP
GigabitEthernet4/0
IPV6
GigabitEthernet4/0
R5#show adjacency GigabitEthernet
Protocol Interface
IP
GigabitEthernet1/0
IPV6
GigabitEthernet1/0
R5#show adjacency GigabitEthernet
Protocol Interface
IP
GigabitEthernet2/0
IPV6
GigabitEthernet2/0
3/0
Address
10.0.1.21(28)
FE80::C807:1BFF:FE4F:38(23)
4/0
Address
10.2.0.6(21)
FE80::C80A:1BFF:FE64:38(17)
1/0
Address
10.0.1.9(36)
FE80::C805:1BFF:FE4F:38(32)
2/0
Address
10.0.1.13(29)
FE80::C808:1BFF:FE4F:38(26)
© Fred Bovy EIRL. IPv6 For Life. Page 99
15.Migration Steps. Sunday, March 30, 2014
R3#sh ipv6 int g2/0
GigabitEthernet2/0 is up, line protocol is up
IPv6 is enabled, link­local address is FE80::C807:1BFF:FE4F:38
R5#show adjacency GigabitEthernet2/0 detail
Protocol Interface
Address
IP
GigabitEthernet2/0
10.0.1.13(28)
1105 packets, 69247 bytes
epoch 0
sourced in sev­epoch 0
Encap length 14
CA081B4F0038CA091B6400380800
ARP
IPV6
GigabitEthernet2/0
FE80::C808:1BFF:FE4F:38(39)
0 packets, 0 bytes
epoch 0
sourced in sev­epoch 0
Encap length 14
CA081B4F0038CA091B64003886DD
IPv6 ND
Remove OSPFv3 for IPv6 and check the RIBv613
R4#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R4(config)#no router ospf 1
R4(config)#int g0/0
R4(config­if)#no ipv6 ospf 1 area 0
R4(config­if)#int g1/0
R4(config­if)#no ipv6 ospf 1 area 0
R4(config­if)#int g2/0
R4(config­if)#no ipv6 ospf 1 area 0
R4(config­if)#int g3/0
R4(config­if)#no ipv6 ospf 1 area 0
R4(config­if)#int g4/0
R4(config­if)#no ipv6 ospf 1 area 0
*Mar 18 23:26:28.540: %OSPF­5­ADJCHG: Process 1, Nbr 10.0.0.5 on GigabitEthernet2/0 from
FULL to DOWN, Neighbor Down: Interface down or detached
*Mar 18 23:26:28.580: %OSPF­5­ADJCHG: Process 1, Nbr 10.0.0.7 on GigabitEthernet3/0 from
FULL to DOWN, Neighbor Down: Interface down or detached
*Mar 18 23:26:28.636: %OSPFv3­5­ADJCHG: Process 1, Nbr 10.0.0.1 on GigabitEthernet0/0 from
FULL to DOWN, Neighbor Down: Interface down or detached
*Mar 18 23:26:28.676: %OSPFv3­5­ADJCHG: Process 1, Nbr 10.0.0.3 on GigabitEthernet1/0 from
FULL to DOWN, Neighbor Down: Interface down or detached
*Mar 18 23:26:28.684: %OSPFv3­5­ADJCHG: Process 1, Nbr 10.0.0.5 on GigabitEthernet2/0 from
FULL to DOWN, Neighbor Down: Interface down or detached
R4(config­if)#do show ipv6 route
IPv6 Routing Table ­ Default ­ 30 entries
Codes: C ­ Connected, L ­ Local, S ­ Static, U ­ Per­user Static route
B ­ BGP, M ­ MIPv6, R ­ RIP, I1 ­ ISIS L1
I2 ­ ISIS L2, IA ­ ISIS interarea, IS ­ ISIS summary, D ­ EIGRP
EX ­ EIGRP external
O ­ OSPF Intra, OI ­ OSPF Inter, OE1 ­ OSPF ext 1, OE2 ­ OSPF ext 2
ON1 ­ OSPF NSSA ext 1, ON2 ­ OSPF NSSA ext 2
C
2001:DB8:678:1::/64 [0/0]
via GigabitEthernet0/0, directly connected
13 Routing Information Base or Routing table
© Fred Bovy EIRL. IPv6 For Life. Page 100
15.Migration Steps. Sunday, March 30, 2014
L
2001:DB8:678:1::4/128 [0/0]
via GigabitEthernet0/0, receive
I2 2001:DB8:678:2::/64 [115/20]
via FE80::C807:1BFF:FE4F:1C, GigabitEthernet1/0
via FE80::C805:1BFF:FE4F:1C, GigabitEthernet0/0
O
2001:DB8:678:3::/64 [110/2]
via FE80::C80B:1BFF:FE64:8, GigabitEthernet3/0
C
2001:DB8:678:17::/64 [0/0]
via GigabitEthernet1/0, directly connected
L
2001:DB8:678:17::4/128 [0/0]
via GigabitEthernet1/0, receive
C
2001:DB8:678:22::/64 [0/0]
via GigabitEthernet2/0, directly connected
L
2001:DB8:678:22::3/128 [0/0]
via GigabitEthernet2/0, receive
[snip]
Then we check that BGP Recursive Route entries are properly resolved by CEF following
the same methods that has been demonstrated many time in the previous Lab book.
15.3. Backbone Migration strategies
The most conservative strategy I can see is:
1. You start configuring ISIS with a distance very high. Be careful this must be set for
address-family ipv4 and address-family ipv6 separately. This way you can check all
your IS-IS initialization is going OK. Distance 255 and the route will never go in the
Routing table!
1. Check the neighbors for each router.
2. Check the Database to make sure all LSPs are there
2. If OK change Administrative distance to be lower than OSPF for both address-family
again.
3. You should only see IS-IS Route IPv4 and IPv6 and no more OSPF.
4. Then you can check CEF and CEFv6 initialization of a few strategic points.
5. You can leave OSPF configurations a few days before removing it as it consumes
resources for nothing else but backup and IS-IS code is very stable so the risk of a
bug with IS-IS is very limited! You need to set SYSLOG to log any OSPF routes
popping up in the RIBs14.
16.
ISIS Troubleshooting
We need to troubleshoot the previous problem with the routes to 10.0.0.3, 10.0.0.4,
10.0.0.6 and 10.0.0.7 learned by OSPF instead of ISIS. So we need to check IS-IS
configuration of R3, R4, R- and R7. Actually These routers were not yet configured, so you
see that this procedure is really seamless and transparent in the backbone. First, just make
the Administrative distance of IS-IS better than OSPF and check both IPv4 and IPv6
Routing table. You should not see any OSPF routes anymore. Anyway if you do see an
OSPF route it is very easy to identified the culprit.
14 Route Information Base or Routing table.
© Fred Bovy EIRL. IPv6 For Life. Page 101
16.ISIS Troubleshooting. Sunday, March 30, 2014
We have already seen the commands which are necessary to troubleshoot ISIS Protocol.
Now we need to review the initialization Sequence and the basic management of the LSP
Flooding.
The IS-IS database is essential. You can check that each router has its Router LSP in our
right level database:
isisd# show isis database
Area DEAD:
IS­IS Level­2 link­state database:
LSP ID
PduLen SeqNumber
R1.00­00
646
0x000000f6
R1.01­00
63
0x00000003
R3.00­00
624
0x000000f1
R4.00­00
635
0x000000f2
R5.00­00
557
0x000000f8
isisd.00­00
*
120
0x000000d7
6 LSPs
Chksum
0x6b66
0x86c0
0x807c
0xca5d
0x74a5
0x9757
Holdtime
683
609
710
667
654
598
ATT/P/OL
0/0/0
0/0/0
0/0/0
0/0/0
0/0/0
0/0/0
isisd# show isis database R1.00­00 detail
Area DEAD:
IS­IS Level­2 link­state database:
LSP ID
PduLen SeqNumber
Chksum Holdtime ATT/P/OL
R1.00­00
646
0x000000f5 0x6d65
481
0/0/0
Area Address: 39.b000
Area Address: 39.c000
Area Address: 39.d000
NLPID
: 0xCC
NLPID
: 0x8E
Hostname
: R1
IPv4 Address: 10.0.0.1
Metric
: 10
IS
: R1.01
Metric
: 10
IS
: R5.00
Metric
: 10
IS
: R3.00
Metric
: 10
IS
: R4.00
Metric
: 10
IPv4­Internal : 10.0.1.0 255.255.255.252
Metric
: 10
IPv4­Internal : 10.0.1.4 255.255.255.252
[SNIP]
We can see that R1 is connected to R5, R3, R4 and pseudo-node R1.01.
So let's see the IS-IS LSP of R1.01. Remember the first byte digit is the pseudonode
number and the second number is the fragment number.
isisd# show isis database R1.01­00 detail
Area DEAD:
IS­IS Level­2 link­state database:
LSP ID
PduLen SeqNumber
Chksum
R1.01­00
63
0x00000004 0x84c1
Metric
: 0
IS
: R1.00
Metric
: 0
IS
: R4.00
Metric
: 0
IS
: isisd.00
© Fred Bovy EIRL. IPv6 For Life. Page 102
Holdtime
1178
ATT/P/OL
0/0/0
16.ISIS Troubleshooting. Sunday, March 30, 2014
The pseudonode which is also the Network DIS 15 is attached to R1, R4 and isisd which is
the name of the Quagga process.
16.1 Optimization for GigabitEthernet P2P
IS-IS sees interfaces as Broadcast or Point-to-Point.
By Default, a GigabitEthernet is Broadcast.
When you use it as a Point-to-point between two Routers, you should configure it for
better performances. Be careful, If there is a mismatch IS-IS will not be Up. See example
below.
R4(config­if)#do show clns neighbor
System Id
R3
R7
R1
R5
Interface
Gi1/0
Gi3/0
Gi0/0
Gi2/0
SNPA
ca07.1b4f.001c
ca0b.1b64.0008
ca05.1b4f.001c
ca09.1b64.0038
State
Up
Up
Up
Up
Holdtime
275
9
28
8
Type
IS
L2
L2
L2
Protocol
ES­IS
IS­IS
IS­IS
IS­IS
System Id
Interface
SNPA
R3
Gi1/0
ca07.1b4f.001c
R7
Gi3/0
ca0b.1b64.0008
R1
Gi0/0
ca05.1b4f.001c
R5
Gi2/0
ca09.1b64.0038
R4#show clns neighbors
Gi1/0
detail
State
Up
Up
Up
Up
Holdtime
28
9
25
7
Type
L2
L2
L2
L2
Protocol
IS­IS
IS­IS
IS­IS
IS­IS
System Id
Interface
SNPA
R3
Gi1/0
ca07.1b4f.001c
Area Address(es): 39.b000
IP Address(es): 10.0.1.18*
IPv6 Address(es): FE80::C807:1BFF:FE4F:1C
Uptime: 00:01:48
NSF capable
State
Up
Holdtime
24
Type Protocol
L2
IS­IS
R4(config­if)#interface GigabitEthernet1/0
R4(config­if)#isis network point­to­point
R4#show clns neighbors
Partial Initilalization of P2P16 Captured
The CSNP17 gives a summary of each LSP in the Database, if the neighbor is missing or
get an LSP18 which is too old it request a new one with a PSNP.
No.
Time
Source
Destination
Protocol Length Info
166 157.864755 ca:07:1b:4f:00:1c
ISIS­all­level­2­IS's ISIS
310
L2 CSNP, Source­ID:
0000.0000.0003.00, Start LSP­ID: 0000.0000.0000.00­00, End LSP­ID: ffff.ffff.ffff.ff­ff
Frame 166: 310 bytes on wire (2480 bits), 310 bytes captured (2480 bits)
IEEE 802.3 Ethernet
Destination: ISIS­all­level­2­IS's (01:80:c2:00:00:15)
15
16
17
18
Designated Intermediate System
Point-to-point
Complete Sequence Number Packet
Link State Packet
© Fred Bovy EIRL. IPv6 For Life. Page 103
16.ISIS Troubleshooting. Sunday, March 30, 2014
Source: ca:07:1b:4f:00:1c (ca:07:1b:4f:00:1c)
Length: 296
Logical­Link Control
DSAP: ISO Network Layer (0xfe)
IG Bit: Individual
SSAP: ISO Network Layer (0xfe)
CR Bit: Command
Control field: U, func=UI (0x03)
ISO 10589 ISIS InTRA Domain Routeing Information Exchange Protocol
Intra Domain Routing Protocol Discriminator: ISIS (0x83)
PDU Header Length: 33
Version (==1): 1
System ID Length: 0
PDU Type
: L2 CSNP (R:000)
Version2 (==1): 1
Reserved (==0): 0
Max.AREAs: (0==3): 0
ISO 10589 ISIS Complete Sequence Numbers Protocol Data Unit
PDU length: 293
Source­ID:
0000.0000.0003.00
Start LSP­ID: 0000.0000.0000.00­00
End LSP­ID: ffff.ffff.ffff.ff­ff
LSP entries (240)
LSP­ID: 0000.0000.0001.00­00, Sequence: 0x0000002f, Lifetime:
LSP­ID: 0000.0000.0003.00­00, Sequence: 0x0000002d, Lifetime:
LSP­ID: 0000.0000.0003.04­00, Sequence: 0x00000026, Lifetime:
LSP­ID: 0000.0000.0004.00­00, Sequence: 0x00000030, Lifetime:
LSP­ID: 0000.0000.0004.01­00, Sequence: 0x00000025, Lifetime:
LSP­ID: 0000.0000.0004.02­00, Sequence: 0x00000026, Lifetime:
LSP­ID: 0000.0000.0005.00­00, Sequence: 0x0000002b, Lifetime:
LSP­ID: 0000.0000.0005.01­00, Sequence: 0x00000027, Lifetime:
LSP­ID: 0000.0000.0005.02­00, Sequence: 0x00000026, Lifetime:
LSP­ID: 0000.0000.0005.03­00, Sequence: 0x00000026, Lifetime:
LSP­ID: 0000.0000.0006.00­00, Sequence: 0x00000023, Lifetime:
LSP­ID: 0000.0000.0006.01­00, Sequence: 0x0000001f, Lifetime:
LSP­ID: 0000.0000.0006.02­00, Sequence: 0x0000001f, Lifetime:
LSP­ID: 0000.0000.0007.00­00, Sequence: 0x00000022, Lifetime:
LSP­ID: 0000.0000.0007.01­00, Sequence: 0x0000001f, Lifetime:
LSP entries (16)
LSP­ID: 0000.0000.0007.02­00, Sequence: 0x0000001f, Lifetime:
No.
Time
Source
167 158.417844 ca:07:1b:4f:00:1c
Source­ID: 0000.0000.0003.00
Checksum:
Checksum:
Checksum:
Checksum:
Checksum:
Checksum:
Checksum:
Checksum:
Checksum:
Checksum:
Checksum:
Checksum:
Checksum:
Checksum:
Checksum:
0xc739
0x5dff
0xb4fa
0xad2b
0xd1df
0x8848
0x6507
0x06a5
0xcede
0x1396
0x4375
0xe9c9
0x4767
0x1236
0x3b73
1089s, Checksum: 0x1b93
Destination
Protocol Length Info
ISIS­all­level­2­IS's ISIS
60
L2 PSNP,
Frame 167: 60 bytes on wire (480 bits), 60 bytes captured (480 bits)
IEEE 802.3 Ethernet
Destination: ISIS­all­level­2­IS's (01:80:c2:00:00:15)
Source: ca:07:1b:4f:00:1c (ca:07:1b:4f:00:1c)
Length: 38
Trailer: 0000000000000000
Logical­Link Control
DSAP: ISO Network Layer (0xfe)
IG Bit: Individual
SSAP: ISO Network Layer (0xfe)
CR Bit: Command
Control field: U, func=UI (0x03)
ISO 10589 ISIS InTRA Domain Routeing Information Exchange Protocol
Intra Domain Routing Protocol Discriminator: ISIS (0x83)
PDU Header Length: 17
Version (==1): 1
System ID Length: 0
PDU Type
: L2 PSNP (R:000)
Version2 (==1): 1
Reserved (==0): 0
© Fred Bovy EIRL. IPv6 For Life. Page 104
906s,
1199s,
1089s,
1198s,
322s,
0s,
567s,
1055s,
631s,
632s,
1005s,
942s,
1066s,
940s,
656s,
16.ISIS Troubleshooting. Sunday, March 30, 2014
Max.AREAs: (0==3): 0
ISO 10589 ISIS Partial Sequence Numbers Protocol Data Unit
PDU length: 35
Source­ID: 0000.0000.0003.00
LSP entries (16)
LSP­ID: 0000.0000.0004.00­00, Sequence: 0x00000030, Lifetime:
No.
Time
Source
168 158.427892 ca:08:1b:4f:00:1c
Source­ID: 0000.0000.0004.00
1198s, Checksum: 0xad2b
Destination
Protocol Length Info
ISIS­all­level­2­IS's ISIS
60
L2 PSNP,
Frame 168: 60 bytes on wire (480 bits), 60 bytes captured (480 bits)
IEEE 802.3 Ethernet
Destination: ISIS­all­level­2­IS's (01:80:c2:00:00:15)
Source: ca:08:1b:4f:00:1c (ca:08:1b:4f:00:1c)
Length: 38
Trailer: 0000000000000000
Logical­Link Control
DSAP: ISO Network Layer (0xfe)
IG Bit: Individual
SSAP: ISO Network Layer (0xfe)
CR Bit: Command
Control field: U, func=UI (0x03)
ISO 10589 ISIS InTRA Domain Routeing Information Exchange Protocol
Intra Domain Routing Protocol Discriminator: ISIS (0x83)
PDU Header Length: 17
Version (==1): 1
System ID Length: 0
PDU Type
: L2 PSNP (R:000)
Version2 (==1): 1
Reserved (==0): 0
Max.AREAs: (0==3): 0
ISO 10589 ISIS Partial Sequence Numbers Protocol Data Unit
PDU length: 35
Source­ID: 0000.0000.0004.00
LSP entries (16)
LSP­ID: 0000.0000.0003.00­00, Sequence: 0x0000002d, Lifetime:
1197s, Checksum: 0x5dff
On a Broadcast LAN, only the DIS sends a CSNP on a regular time basis and all neighbors
checks that they have the latest LSP and that the DIS got the latest LSPs from itself.
16.2 MP-BGP Checking
Address-family IPv4
We check quickly the Routing table on R6 and see that the BGP routes are learned
by eBGP, the wrong AS:
i L2
10.0.1.20/30 [115/20] via 10.2.0.5, GigabitEthernet2/0
B
202.3.8.0/24 [20/0] via 172.16.1.2, 3d06h
B
202.3.9.0/24 [20/0] via 172.16.1.2, 3d06h
R6>show bgp 202.3.9.0
BGP routing table entry for 202.3.9.0/24, version 132
Paths: (1 available, best #1, table Default­IP­Routing­Table)
Advertised to update­groups:
2
© Fred Bovy EIRL. IPv6 For Life. Page 105
16.ISIS Troubleshooting. Sunday, March 30, 2014
64000
172.16.1.2 from 172.16.1.2 (10.0.0.8)
Origin incomplete, metric 0, localpref 100, valid, external, best
This is wrong as we initially said in Volume 1 that the exit point should be AS 65000, AS
64000 should only be a fallback path in case of a problem. A quick look in the
configuration of R7 and we find that the route-map to set the Local Preference was only
applied to the IPv6 neighbor. Let's fix that:
R7#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R7(config)#router bgp 100
R7(config­router)# address­family ipv4
R7(config­router­af)# neighbor 172.16.1.6 route­map setloc in
router bgp 100
bgp log­neighbor­changes
neighbor 10.0.0.5 remote­as 100
neighbor 10.0.0.5 update­source Loopback0
neighbor 172.16.1.6 remote­as 65000
neighbor FE80::9%GigabitEthernet3/0 remote­as 65000
address­family ipv4
neighbor 10.0.0.5 activate
neighbor 10.0.0.5 next­hop­self
neighbor 172.16.1.6 activate
neighbor 172.16.1.6 route­map setloc in
no neighbor FE80::9%GigabitEthernet3/0 activate
no auto­summary
no synchronization
exit­address­family
!
address­family ipv6
neighbor 10.0.0.5 activate
neighbor 10.0.0.5 route­map fred out
neighbor FE80::9%GigabitEthernet3/0 activate
neighbor FE80::9%GigabitEthernet3/0 route­map setloc in
exit­address­family
!
!
route­map setloc permit 10
set local­preference 150
!
route­map fred permit 10
set ipv6 next­hop 2001:DB8:678:B000::1
!
Now on R6:
© Fred Bovy EIRL. IPv6 For Life. Page 106
16.ISIS Troubleshooting. Sunday, March 30, 2014
R6>show bgp ipv4 unicast 202.3.9.0
BGP routing table entry for 202.3.9.0/24, version 212
Paths: (2 available, best #1, table Default­IP­Routing­Table)
Advertised to update­groups:
1
65000
10.0.0.7 (metric 30) from 10.0.0.5 (10.0.0.5)
Origin incomplete, metric 5, localpref 150, valid, internal, best
Originator: 10.0.0.7, Cluster list: 10.0.0.5
64000
172.16.1.2 from 172.16.1.2 (10.0.0.8)
Origin incomplete, metric 0, localpref 100, valid, external
R6>show ip route 202.3.9.0
Routing entry for 202.3.9.0/24
Known via "bgp 100", distance 200, metric 5
Tag 65000, type internal
Last update from 10.0.0.7 00:15:16 ago
Routing Descriptor Blocks:
* 10.0.0.7, from 10.0.0.5, 00:15:16 ago
Route metric is 5, traffic share count is 1
AS Hops 1
Route tag 65000
In the Routing table Next-hop is 10.0.0.7 which is the loopback of R7, our Internet
Gateway which connect to AS 65000. 10.0.0.5 is the BGP Route-Reflector from which we
received the update.
Address-family IPv6
Let's do the same checking for IPv6 using “show ipv6 route B”
R6>show ipv6 route bgp
IPv6 Routing Table ­ Default ­ 32 entries
Codes: C ­ Connected, L ­ Local, S ­ Static, U ­ Per­user Static route
B ­ BGP, M ­ MIPv6, R ­ RIP, I1 ­ ISIS L1
I2 ­ ISIS L2, IA ­ ISIS interarea, IS ­ ISIS summary, D ­ EIGRP
EX ­ EIGRP external
O ­ OSPF Intra, OI ­ OSPF Inter, OE1 ­ OSPF ext 1, OE2 ­ OSPF ext 2
ON1 ­ OSPF NSSA ext 1, ON2 ­ OSPF NSSA ext 2
B
2001:DB8:ABC0::/48 [200/0]
via 2001:DB8:678:B000::1
Looks good as [200/0] means Administrative distance 200 which is the default for iBGP
routes. So R6 does not use the directly connected neighbor with Administrative distance
20 but the remote to exit via AS 65000, correct!
R6>show bgp ipv6 unicast 2001:DB8:ABC0::/48
© Fred Bovy EIRL. IPv6 For Life. Page 107
16.ISIS Troubleshooting. Sunday, March 30, 2014
BGP routing table entry for 2001:DB8:ABC0::/48, version 56
Paths: (2 available, best #1, table Default)
Multipath: eBGP
Advertised to update­groups:
1
65000
2001:DB8:678:B000::1 (metric 30) from 10.0.0.5 (10.0.0.5)
Origin incomplete, metric 0, localpref 150, valid, internal, best
Originator: 10.0.0.7, Cluster list: 10.0.0.5
64000
2001:DB8:5A:F6::8 (FE80::C80C:1BFF:FE4F:1C) from 2001:DB8:5A:F6::8 (10.0.0.8)
Origin incomplete, metric 0, localpref 100, valid, external
Let's check the Next-hop to make sure that CEF has been correctly initialized. We cannot
inspect each entry but we can pick up 2 or 3 entries.
R6>show ipv6 route 2001:DB8:678:B000::1
Routing entry for 2001:DB8:678:B000::1/128
Known via "isis fred", distance 115, metric 30, type level­2
Route count is 2/2, share count 0
Routing paths:
FE80::C805:1BFF:FE4F:70, GigabitEthernet1/0
Last updated 18:37:02 ago
FE80::C809:1BFF:FE64:70, GigabitEthernet2/0
Last updated 01:25:49 ago
R6#show ipv6 cef 2001:DB8:678:B000::1/128 internal
2001:DB8:678:B000::1/128, epoch 0, RIB[I], refcount 5, per­destination sharing
sources: RIB
feature space:
IPRM: 0x00038000
ifnums:
GigabitEthernet1/0(6): FE80::C805:1BFF:FE4F:70
GigabitEthernet2/0(7): FE80::C809:1BFF:FE64:70
path 6825F8C4, path list 6825E710, share 1/1, type attached nexthop, for IPv6
nexthop FE80::C805:1BFF:FE4F:70 GigabitEthernet1/0, adjacency IPV6 adj out of GigabitEthernet1/0,
addr FE80::C805:1BFF:FE4F:70 (incomplete)
path 6825F850, path list 6825E710, share 1/1, type attached nexthop, for IPv6
nexthop FE80::C809:1BFF:FE64:70 GigabitEthernet2/0, adjacency IPV6 adj out of GigabitEthernet2/0,
addr FE80::C809:1BFF:FE64:70 66F19B80
output chain:
loadinfo 66EDB728, per­session, 2 choices, flags 0005, 11 locks
flags: Per­session, for­rx­IPv6
16 hash buckets
< 0 > IPV6 adj out of GigabitEthernet1/0, addr FE80::C805:1BFF:FE4F:70 (incomplete)
< 1 > IPV6 adj out of GigabitEthernet2/0, addr FE80::C809:1BFF:FE64:70 66F19B80
< 2 > IPV6 adj out of GigabitEthernet1/0, addr FE80::C805:1BFF:FE4F:70 (incomplete)
< 3 > IPV6 adj out of GigabitEthernet2/0, addr FE80::C809:1BFF:FE64:70 66F19B80
< 4 > IPV6 adj out of GigabitEthernet1/0, addr FE80::C805:1BFF:FE4F:70 (incomplete)
< 5 > IPV6 adj out of GigabitEthernet2/0, addr FE80::C809:1BFF:FE64:70 66F19B80
< 6 > IPV6 adj out of GigabitEthernet1/0, addr FE80::C805:1BFF:FE4F:70 (incomplete)
< 7 > IPV6 adj out of GigabitEthernet2/0, addr FE80::C809:1BFF:FE64:70 66F19B80
< 8 > IPV6 adj out of GigabitEthernet1/0, addr FE80::C805:1BFF:FE4F:70 (incomplete)
© Fred Bovy EIRL. IPv6 For Life. Page 108
16.ISIS Troubleshooting. Sunday, March 30, 2014
< 9 > IPV6
<10 > IPV6
<11 > IPV6
<12 > IPV6
<13 > IPV6
<14 > IPV6
<15 > IPV6
Subblocks:
adj
adj
adj
adj
adj
adj
adj
out
out
out
out
out
out
out
of
of
of
of
of
of
of
GigabitEthernet2/0,
GigabitEthernet1/0,
GigabitEthernet2/0,
GigabitEthernet1/0,
GigabitEthernet2/0,
GigabitEthernet1/0,
GigabitEthernet2/0,
addr
addr
addr
addr
addr
addr
addr
FE80::C809:1BFF:FE64:70
FE80::C805:1BFF:FE4F:70
FE80::C809:1BFF:FE64:70
FE80::C805:1BFF:FE4F:70
FE80::C809:1BFF:FE64:70
FE80::C805:1BFF:FE4F:70
FE80::C809:1BFF:FE64:70
66F19B80
(incomplete)
66F19B80
(incomplete)
66F19B80
(incomplete)
66F19B80
In this case we do have a problem with the incomplete entry. Let's check the
Adjacency which should be punt again! The workaround was not yet applied. It
is fixed later on.
R6#show adjacency GigabitEthernet1/0 detail
Protocol Interface
Address
IP
GigabitEthernet1/0
10.2.0.1(36)
0 packets, 0 bytes
epoch 0
sourced in sev­epoch 0
Encap length 14
CA051B4F0070CA0A1B64001C0800
ARP
IPV6
GigabitEthernet1/0
FE80::C805:1BFF:FE4F:70(31) (incomplete)
0 packets, 0 bytes
epoch 0
sourced in sev­epoch 2
punt (rate­limited) packets
no src set
We need to check the connection on R6 Gig1/0.
R6(config)#do show clns neighbor detail
System Id
Interface
SNPA
R5
Gi2/0
ca09.1b64.0070
Area Address(es): 39.b000
IP Address(es): 10.2.0.5*
IPv6 Address(es): FE80::C809:1BFF:FE64:70
Uptime: 01:36:10
NSF capable
R1
Gi1/0
ca05.1b4f.0070
Area Address(es): 39.b000
IP Address(es): 10.2.0.1*
IPv6 Address(es): FE80::C805:1BFF:FE4F:70
Uptime: 1d00h
NSF capable
State
Up
Holdtime
21
Type Protocol
L2
IS­IS
Up
28
L2
IS­IS
The IS-IS neighbor on R1 is UP for one day so the Interface looks pretty sane.
© Fred Bovy EIRL. IPv6 For Life. Page 109
16.ISIS Troubleshooting. Sunday, March 30, 2014
Try the usual troubleshooting already discussed many time and call CISCO TAC
if you can or your CISCO dealer.
Later I have rebooted the router and this has cleared the problem.
© Fred Bovy EIRL. IPv6 For Life. Page 110
17.Moving to Multiarea in the first Area. Sunday, March 30, 2014
17.
Moving to Multiarea in the first Area
This is very rare as most networks can run in one Area without any problems even with
hundreds of routers! In the big Network you may need to read a few books like the CISCO
Press “IS-IS Network Design Solution” which is a great book and make IS-IS very easy.
As Level-1 Area are Totally Stubby speaking OSPF language, they only have the Area
Local Routes and a default to the outside which will not be enough to resolve BGP Nexthop so Route Leaking will be necessary.
Illustration 13: IS-IS Multiarea
17.1 Migration to Multiarea Procedure.
First we will configure the new Net on the Routers and configure th route leaking for the
BGP Next hop from Level-2 to Level-1. We can also set static routes redistributed in BGP
for the Next hop to make sure that it will be transparent for BGP.
Let's check the Next-hops:
© Fred Bovy EIRL. IPv6 For Life. Page 111
17.Moving to Multiarea in the first Area. Sunday, March 30, 2014
R6>show ipv6 route bgp
IPv6 Routing Table ­ Default ­ 32 entries
Codes: C ­ Connected, L ­ Local, S ­ Static, U ­ Per­user Static route
B ­ BGP, M ­ MIPv6, R ­ RIP, I1 ­ ISIS L1
I2 ­ ISIS L2, IA ­ ISIS interarea, IS ­ ISIS summary, D ­ EIGRP
EX ­ EIGRP external
O ­ OSPF Intra, OI ­ OSPF Inter, OE1 ­ OSPF ext 1, OE2 ­ OSPF ext 2
ON1 ­ OSPF NSSA ext 1, ON2 ­ OSPF NSSA ext 2
B
2001:DB8:ABC0::/48 [200/0]
via 2001:DB8:678:B000::1
R6>show ipv6 route 2001:DB8:678:B000::1
Routing entry for 2001:DB8:678:B000::1/128
Known via "isis fred", distance 115, metric 30, type level­2
Route count is 2/2, share count 0
Routing paths:
FE80::C805:1BFF:FE4F:70, GigabitEthernet1/0
Last updated 19:59:44 ago
FE80::C809:1BFF:FE64:70, GigabitEthernet2/0
Last updated 02:48:31 ago
The same process must be repeated for R7, the other BGP Gateway.
But now start with the IS-IS configuration.
For IPv4 we need to leak 10.0.0.X routes from Level-2 to Level-1.
For the border routers R1 and R5, here are the configs for IPv4 and the configuration for
an interface and for the routing protocol, show clns neighbor check that we have a Level1 Adjacency with L6.
17.2 IS-IS Multiarea Configuration
Configuring Multiarea on R1-R6-R5
We start with R1-R6-R5 IPv4 configuration. The same plan must be followed for R3-R4R7.
R1 Configuration
!
interface Loopback0
ip address 10.0.0.1 255.255.255.255
ipv6 address 2001:DB8:678:9000::1/128
!
interface GigabitEthernet1/0
ip address 10.0.1.1 255.255.255.252
ip router isis fred
© Fred Bovy EIRL. IPv6 For Life. Page 112
17.Moving to Multiarea in the first Area. Sunday, March 30, 2014
negotiation auto
ipv6 address 2001:DB8:678:1::1/64
ipv6 router isis fred
isis circuit­type level­2­only
isis network point­to­point
!
interface GigabitEthernet2/0
ip address 10.0.1.9 255.255.255.252
ip router isis fred
negotiation auto
ipv6 address 2001:DB8:678:3::1/64
ipv6 router isis fred
isis network point­to­point
!
interface GigabitEthernet3/0
ip address 10.0.1.5 255.255.255.252
ip router isis fred
negotiation auto
ipv6 address 2001:DB8:678:2::1/64
ipv6 router isis fred
isis circuit­type level­2­only
isis network point­to­point
!
interface GigabitEthernet4/0
ip address 10.2.0.1 255.255.255.252
ip router isis fred
negotiation auto
ipv6 address 2001:DB8:678:D004::7/64
ipv6 router isis fred
isis network point­to­point
!
router isis fred
net 39.b000.0000.0000.0001.00
net 39.c000.0000.0000.0001.00
redistribute isis ip level­2 into level­1 route­map leak
passive­interface Loopback0
!
router bgp 100
bgp log­neighbor­changes
neighbor 10.0.0.5 remote­as 100
neighbor 10.0.0.5 update­source Loopback0
!
address­family ipv4
neighbor 10.0.0.5 activate
no auto­summary
no synchronization
exit­address­family
!
address­family ipv6
neighbor 10.0.0.5 activate
© Fred Bovy EIRL. IPv6 For Life. Page 113
17.Moving to Multiarea in the first Area. Sunday, March 30, 2014
exit­address­family
!
!
access­list 1 permit 10.0.0.0 0.0.0.255
!
route­map leak permit 10
match ip address 1
!
R5 Configuration
!
interface Loopback0
ip address 10.0.0.5 255.255.255.255
ipv6 address 2001:DB8:678:9005::5/128
!
interface GigabitEthernet1/0
ip address 10.0.1.10 255.255.255.252
ip router isis fred
negotiation auto
ipv6 address 2001:DB8:678:3::5/64
ipv6 router isis fred
isis network point­to­point
!
interface GigabitEthernet2/0
ip address 10.0.1.14 255.255.255.252
ip router isis fred
negotiation auto
ipv6 address 2001:DB8:678:22::5/64
ipv6 router isis fred
isis circuit­type level­2­only
isis network point­to­point
!
interface GigabitEthernet3/0
ip address 10.0.1.22 255.255.255.252
ip router isis fred
duplex full
speed 1000
media­type gbic
negotiation auto
ipv6 address 2001:DB8:678:33::5/64
ipv6 router isis fred
isis circuit­type level­2­only
isis network point­to­point
!
interface GigabitEthernet4/0
ip address 10.2.0.5 255.255.255.252
ip router isis fred
negotiation auto
ipv6 address 2001:DB8:678:D005::5/64
© Fred Bovy EIRL. IPv6 For Life. Page 114
17.Moving to Multiarea in the first Area. Sunday, March 30, 2014
ipv6 router isis fred
isis network point­to­point
!
router isis fred
net 39.b000.0000.0000.0005.00
net 39.c000.0000.0000.0005.00
redistribute isis ip level­2 into level­1 route­map leak
passive­interface Loopback0
router bgp 100
bgp log­neighbor­changes
neighbor 10.0.0.1 remote­as 100
neighbor 10.0.0.1 update­source Loopback0
neighbor 10.0.0.3 remote­as 100
neighbor 10.0.0.3 update­source Loopback0
neighbor 10.0.0.4 remote­as 100
neighbor 10.0.0.4 update­source Loopback0
neighbor 10.0.0.6 remote­as 100
neighbor 10.0.0.6 update­source Loopback0
neighbor 10.0.0.7 remote­as 100
neighbor 10.0.0.7 update­source Loopback0
!
address­family ipv4
neighbor 10.0.0.1 activate
neighbor 10.0.0.1 route­reflector­client
neighbor 10.0.0.3 activate
neighbor 10.0.0.3 route­reflector­client
neighbor 10.0.0.4 activate
neighbor 10.0.0.4 route­reflector­client
neighbor 10.0.0.6 activate
neighbor 10.0.0.6 route­reflector­client
neighbor 10.0.0.7 activate
neighbor 10.0.0.7 route­reflector­client
no auto­summary
no synchronization
exit­address­family
!
address­family ipv6
neighbor 10.0.0.1 activate
neighbor 10.0.0.1 route­reflector­client
neighbor 10.0.0.3 activate
neighbor 10.0.0.3 route­reflector­client
neighbor 10.0.0.4 activate
neighbor 10.0.0.4 route­reflector­client
neighbor 10.0.0.6 activate
neighbor 10.0.0.6 route­reflector­client
neighbor 10.0.0.7 activate
neighbor 10.0.0.7 route­reflector­client
no synchronization
maximum­paths 2
exit­address­family
© Fred Bovy EIRL. IPv6 For Life. Page 115
17.Moving to Multiarea in the first Area. Sunday, March 30, 2014
!
!
access­list 1 permit 10.0.0.0 0.0.0.255
!
route­map leak permit 10
match ip address 1
!
R6 Configuration
interface Loopback0
ip address 10.0.0.6 255.255.255.255
ipv6 address 2001:DB8:678:C000::6/128
!
interface GigabitEthernet1/0
ip address 10.2.0.2 255.255.255.252
ip router isis fred
negotiation auto
ipv6 address 2001:DB8:678:D004::6/64
ipv6 router isis fred
isis network point­to­point
!
interface GigabitEthernet2/0
ip address 10.2.0.6 255.255.255.252
ip router isis fred
negotiation auto
ipv6 address 2001:DB8:678:D005::6/64
ipv6 router isis fred
isis network point­to­point
!
interface GigabitEthernet3/0
ip address 172.16.1.1 255.255.255.252
ip router isis fred
negotiation auto
ipv6 address 2001:DB8:5A:F6::6/64
ipv6 router isis fred
isis network point­to­point
isis csnp­interval 10
!
router isis fred
net 39.c000.0000.0000.0006.00
is­type level­1
passive­interface Loopback0
!
!
router bgp 100
bgp log­neighbor­changes
neighbor 10.0.0.5 remote­as 100
neighbor 10.0.0.5 update­source Loopback0
neighbor 2001:DB8:5A:F6::8 remote­as 64000
© Fred Bovy EIRL. IPv6 For Life. Page 116
17.Moving to Multiarea in the first Area. Sunday, March 30, 2014
neighbor 172.16.1.2 remote­as 64000
!
address­family ipv4
neighbor 10.0.0.5 activate
neighbor 10.0.0.5 next­hop­self
no neighbor 2001:DB8:5A:F6::8 activate
neighbor 172.16.1.2 activate
no auto­summary
no synchronization
exit­address­family
!
address­family ipv6
neighbor 10.0.0.5 activate
neighbor 10.0.0.5 route­map fred out
neighbor 2001:DB8:5A:F6::8 activate
no synchronization
maximum­paths 2
exit­address­family
!
!
route­map fred permit 10
set ipv6 next­hop 2001:DB8:678:C000::6
18.
Checking configuration
18.1 Checking R5-R6-R1
show clns neighbors
R5#show clns neighbors
System Id
R1
R3
R6
R4
Interface
Gi1/0
Gi0/0
Gi4/0
Gi2/0
SNPA
ca05.1b4f.0038
ca07.1b4f.0038
ca0a.1b64.0038
ca08.1b4f.0038
State
Up
Up
Up
Up
Holdtime
27
23
24
29
Type
L1L2
L2
L1
L2
Protocol
IS­IS
IS­IS
IS­IS
IS­IS
We could also use
R5#show isis neighbors
System Id
R1
R3
R6
R4
Type
L1L2
L2
L1
L2
Interface
Gi1/0
Gi0/0
Gi4/0
Gi2/0
IP Address
10.0.1.9
10.0.1.21
10.2.0.6
10.0.1.13
State
UP
UP
UP
UP
Holdtime
22
22
23
23
Circuit Id
02
02
01
03
From IS-IS it's OK. Lee's check R6 IPv4 the Routing table:
© Fred Bovy EIRL. IPv6 For Life. Page 117
18.Checking configuration
. Sunday, March 30, 2014
Gateway of last resort is 10.2.0.1 to network 0.0.0.0
B
B
B
B
B
B
B
C
B
i L1
C
i ia
i L1
C
C
i ia
i ia
i L1
B
B
i*L1
R6#
202.3.6.0/24 [200/5] via 10.0.0.7, 01:05:08
202.3.7.0/24 [200/5] via 10.0.0.7, 01:05:08
202.3.4.0/24 [200/5] via 10.0.0.7, 01:05:08
202.3.5.0/24 [200/5] via 10.0.0.7, 01:05:08
202.3.2.0/24 [200/5] via 10.0.0.7, 01:05:08
202.3.3.0/24 [200/5] via 10.0.0.7, 01:05:08
202.3.0.0/24 [200/5] via 10.0.0.7, 01:05:08
172.16.0.0/30 is subnetted, 1 subnets
172.16.1.0 is directly connected, GigabitEthernet3/0
202.3.1.0/24 [200/5] via 10.0.0.7, 01:05:08
10.0.0.0/8 is variably subnetted, 9 subnets, 2 masks
10.0.1.8/30 [115/20] via 10.2.0.1, GigabitEthernet1/0
10.2.0.0/30 is directly connected, GigabitEthernet1/0
10.0.0.3/32 [115/148] via 10.2.0.1, GigabitEthernet1/0
10.0.0.1/32 [115/10] via 10.2.0.1, GigabitEthernet1/0
10.2.0.4/30 is directly connected, GigabitEthernet2/0
10.0.0.6/32 is directly connected, Loopback0
10.0.0.7/32 [115/158] via 10.2.0.1, GigabitEthernet1/0
10.0.0.4/32 [115/148] via 10.2.0.1, GigabitEthernet1/0
10.0.0.5/32 [115/20] via 10.2.0.1, GigabitEthernet1/0
202.3.8.0/24 [200/5] via 10.0.0.7, 01:05:08
202.3.9.0/24 [200/5] via 10.0.0.7, 01:05:08
0.0.0.0/0 [115/10] via 10.2.0.1, GigabitEthernet1/0
IPv4 Routing table is OK. We have a route to all core routers loopback 10.0.0.X.
Let's check IPv6 Routing table now:
Show ipv6 route
R6# show ipv6 route
IPv6 Routing Table ­ Default ­ 23 entries
Codes: C ­ Connected, L ­ Local, S ­ Static, U ­ Per­user Static route
B ­ BGP, M ­ MIPv6, R ­ RIP, I1 ­ ISIS L1
I2 ­ ISIS L2, IA ­ ISIS interarea, IS ­ ISIS summary, D ­ EIGRP
EX ­ EIGRP external
O ­ OSPF Intra, OI ­ OSPF Inter, OE1 ­ OSPF ext 1, OE2 ­ OSPF ext 2
ON1 ­ OSPF NSSA ext 1, ON2 ­ OSPF NSSA ext 2
I1 ::/0 [115/10]
via FE80::C805:1BFF:FE4F:70, GigabitEthernet1/0
C
2001:DB8:5A:F6::/64 [0/0]
via GigabitEthernet3/0, directly connected
L
2001:DB8:5A:F6::6/128 [0/0]
via GigabitEthernet3/0, receive
I1 2001:DB8:678:3::/64 [115/20]
via FE80::C805:1BFF:FE4F:70, GigabitEthernet1/0
I1 2001:DB8:678:9000::1/128 [115/10]
© Fred Bovy EIRL. IPv6 For Life. Page 118
18.Checking configuration
I1
LC
C
L
C
L
B
B
B
B
B
B
B
B
B
B
B
L
. Sunday, March 30, 2014
via FE80::C805:1BFF:FE4F:70, GigabitEthernet1/0
2001:DB8:678:9005::5/128 [115/20]
via FE80::C805:1BFF:FE4F:70, GigabitEthernet1/0
2001:DB8:678:C000::6/128 [0/0]
via Loopback0, receive
2001:DB8:678:D004::/64 [0/0]
via GigabitEthernet1/0, directly connected
2001:DB8:678:D004::6/128 [0/0]
via GigabitEthernet1/0, receive
2001:DB8:678:D005::/64 [0/0]
via GigabitEthernet2/0, directly connected
2001:DB8:678:D005::6/128 [0/0]
via GigabitEthernet2/0, receive
2001:DB8:ABC0::/48 [200/0]
via 2001:DB8:678:B000::1
2001:DB8:ABC1::/48 [200/0]
via 2001:DB8:678:B000::1
2001:DB8:ABC2::/48 [200/0]
via 2001:DB8:678:B000::1
2001:DB8:ABC3::/48 [200/0]
via 2001:DB8:678:B000::1
2001:DB8:ABC4::/48 [200/0]
via 2001:DB8:678:B000::1
2001:DB8:ABC5::/48 [200/0]
via 2001:DB8:678:B000::1
2001:DB8:ABC6::/48 [200/0]
via 2001:DB8:678:B000::1
2001:DB8:ABC7::/48 [200/0]
via 2001:DB8:678:B000::1
2001:DB8:ABC8::/48 [200/0]
via 2001:DB8:678:B000::1
2001:DB8:ABC9::/48 [200/0]
via 2001:DB8:678:B000::1
2001:DB8:ABCA::/48 [200/0]
via 2001:DB8:678:B000::1
FF00::/8 [0/0]
via Null0, receive
Display R1 and R5 LSPs on R6
R6#show isis database R1.00­00
detail
IS­IS Level­1 LSP R1.00­00
LSPID
LSP Seq Num
R1.00­00
0x00000014
Area Address: 39.b000
Area Address: 39.c000
NLPID:
0xCC 0x8E
Hostname: R1
LSP Checksum
0x49C8
© Fred Bovy EIRL. IPv6 For Life. Page 119
LSP Holdtime
594
ATT/P/OL
1/0/0
18.Checking configuration
. Sunday, March 30, 2014
IP Address:
10.0.0.1
Metric: 10
IP 10.0.1.8 255.255.255.252
Metric: 10
IP 10.2.0.0 255.255.255.252
Metric: 0
IP 10.0.0.1 255.255.255.255
IPv6 Address: 2001:DB8:678:9000::1
Metric: 10
IPv6 2001:DB8:678:3::/64
Metric: 10
IPv6 2001:DB8:678:D004::/64
Metric: 0
IPv6 2001:DB8:678:9000::1/128
Metric: 10
IS R5.00
Metric: 10
IS R6.00
Metric: 138
IP­Interarea 10.0.0.3 255.255.255.255
Metric: 138
IP­Interarea 10.0.0.4 255.255.255.255
Metric: 148
IP­Interarea 10.0.0.7 255.255.255.255
R6#show isis database R5.00­00
detail
IS­IS Level­1 LSP R5.00­00
LSPID
LSP Seq Num LSP Checksum LSP Holdtime
R5.00­00
0x00000014
0xE509
644
Area Address: 39.b000
Area Address: 39.c000
NLPID:
0xCC 0x8E
Hostname: R5
IP Address:
10.0.0.5
Metric: 10
IP 10.0.1.8 255.255.255.252
Metric: 10
IP 10.2.0.4 255.255.255.252
Metric: 0
IP 10.0.0.5 255.255.255.255
IPv6 Address: 2001:DB8:678:9005::5
Metric: 10
IPv6 2001:DB8:678:3::/64
Metric: 10
IPv6 2001:DB8:678:D005::/64
Metric: 0
IPv6 2001:DB8:678:9005::5/128
Metric: 10
IS R1.00
Metric: 10
IS R6.00
Metric: 138
IP­Interarea 10.0.0.3 255.255.255.255
Metric: 138
IP­Interarea 10.0.0.4 255.255.255.255
Metric: 148
IP­Interarea 10.0.0.7 255.255.255.255
18.2 Configuring Multiarea on R3-R7-R4
R4(config)#router isis fred
R4(config­router)#is­type level­1­2
R3(config­router)#net 39.d000.0000.0000.0004.00
R3(config­router)#router isis fred
R3(config­router)#is­type level­1­2
R3(config­router)#net 39.d000.0000.0000.0003.00
© Fred Bovy EIRL. IPv6 For Life. Page 120
ATT/P/OL
1/0/0
18.Checking configuration
. Sunday, March 30, 2014
R7(config)#router isis fred
R7(config­router)# net 39.d000.0000.0000.0007.00
R7(config­router)#no net 39.b000.0000.0000.0007.00
R7(config­router)#is­type level­1
R4(config­router)#do show clns
System Id
R7
R3
R5
R1
Interface
Gi3/0
Gi1/0
Gi2/0
Gi0/0
neighbor
SNPA
ca0b.1b64.0008
ca07.1b4f.001c
ca09.1b64.0038
ca05.1b4f.001c
State
Up
Up
Up
Up
Holdtime
23
24
26
26
Type
L1
L1L2
L2
L2
Protocol
IS­IS
IS­IS
IS­IS
IS­IS
SNPA
ca0b.1b64.001c
ca08.1b4f.001c
ca05.1b4f.0054
ca09.1b64.0008
State
Up
Up
Up
Up
Holdtime
276
23
23
28
Type
IS
L1L2
L2
L2
Protocol
ES­IS
IS­IS
IS­IS
IS­IS
SNPA
State
Holdtime
Type Protocol
R4(config­router)#int gig2/0
R4(config­if)#isis circuit­type Level­2­only
R4(config­if)#int gig0/0
R4(config­if)#isis circuit­type Level­2­only
R3#show clns neighborq
Area fred:
System Id
Interface
R7
Gi0/0
R4
Gi1/0
R1
Gi3/0
R5
Gi2/0
Area null:
System Id
Interface
R3#conf t
Enter configuration commands, one per line.
R3(config)#int G3/0
R3(config­if)#isis circuit Level­2­only
R3(config­if)#int G2/0
R3(config­if)#isis circuit Level­2­only
End with CNTL/Z.
Configure Route Leaking for Loopbacks
R4# conf t
Enter configuration commands, one per line. End with CNTL/Z.
R4(config)#access­list 1 permit 10.0.0.0 0.0.0.255
R4(config)#route­map leak permit
R4(config­route­map)#match ip address 1
R4(config­route­map)#router isis fred
R4(config­router)# redistribute isis ip level­2 into level­1 route­map leak
R4(config­router)#
R3#conf t
© Fred Bovy EIRL. IPv6 For Life. Page 121
18.Checking configuration
. Sunday, March 30, 2014
Enter configuration commands, one per line. End with CNTL/Z.
R3(config)#access­list 1 permit 10.0.0.0 0.0.0.255
R3(config)#route­map leak permit
R3(config­route­map)#match ip address 1
R3(config­route­map)#router isis fred
R3(config­router)#redistribute isis ip level­2 into level­1 route­map leak
19.
Checking the migration
19.1 Check IS-IS
Use show clns neighbor as usual.
19.2 show ip route
R7#show ip route
Codes: C ­ connected, S ­ static, R ­ RIP, M ­ mobile, B ­ BGP
D ­ EIGRP, EX ­ EIGRP external, O ­ OSPF, IA ­ OSPF inter area
N1 ­ OSPF NSSA external type 1, N2 ­ OSPF NSSA external type 2
E1 ­ OSPF external type 1, E2 ­ OSPF external type 2
i ­ IS­IS, su ­ IS­IS summary, L1 ­ IS­IS level­1, L2 ­ IS­IS level­2
ia ­ IS­IS inter area, * ­ candidate default, U ­ per­user static route
o ­ ODR, P ­ periodic downloaded static route
Gateway of last resort is 10.1.0.1 to network 0.0.0.0
10.0.0.0/8 is variably subnetted, 8 subnets, 2 masks
i L1
10.0.0.3/32 [115/20] via 10.1.0.1, GigabitEthernet0/0
C
10.1.0.0/30 is directly connected, GigabitEthernet0/0
i ia
10.0.0.1/32 [115/148] via 10.1.0.1, GigabitEthernet0/0
C
10.0.0.7/32 is directly connected, Loopback0
i L1
10.0.0.4/32 [115/10] via 10.1.0.1, GigabitEthernet0/0
C
10.1.0.4/30 is directly connected, GigabitEthernet1/0
i ia
10.0.0.5/32 [115/148] via 10.1.0.1, GigabitEthernet0/0
i L1
10.0.1.16/30 [115/20] via 10.1.0.1, GigabitEthernet0/0
i*L1 0.0.0.0/0 [115/10] via 10.1.0.1, GigabitEthernet0/0
19.2 show bgp connection to the RR
R5#show bgp ipv6 unicast summary
BGP router identifier 10.0.0.5, local AS number 100
BGP table version is 133, main routing table version 133
Neighbor
10.0.0.1
10.0.0.3
10.0.0.4
V
4
4
4
AS MsgRcvd MsgSent
100
5428
5481
100
5457
5511
100
5457
5512
© Fred Bovy EIRL. IPv6 For Life. Page 122
TblVer
133
133
133
InQ OutQ Up/Down
0
0 23:11:38
0
0 23:07:45
0
0 23:07:11
State/PfxRcd
0
0
0
19.Checking the migration. Sunday, March 30, 2014
10.0.0.6
10.0.0.7
4
4
100
100
5499
5500
5504
5567
0
133
0
0
0 00:24:56 Active
0 00:13:01
0
We have lost BGP connection from the BGP RR to the BGP Gateway 10.0.0.6!
19.3 Checking IS-IS
R5#show clns neighbors detail
System Id
Interface
SNPA
R6
Gi4/0
ca0a.1b64.0038
Area Address(es): 39.c000
IP Address(es): 10.2.0.6*
IPv6 Address(es): FE80::C80A:1BFF:FE64:38
Uptime: 00:30:34
NSF capable
State
Up
Holdtime
23
Type Protocol
L1
IS­IS
State
Up
Up
Holdtime
25
26
Type Protocol
L1
IS­IS
L1
IS­IS
R6#show clns neighbors
System Id
R5
R1
Interface
Gi2/0
Gi1/0
SNPA
ca09.1b64.0070
ca05.1b4f.0070
IS-IS neighbor OK from R6!
R6#show ip route isis
No IS-IS Route on R6!
R6#show isis database
IS­IS Level­1 Link State Database:
LSPID
LSP Seq Num LSP Checksum
R6.00­00
* 0x00000012
0x924F
R6#
LSP Holdtime
584
ATT/P/OL
0/0/0
19.4 Troubleshooting a bug
ISIS Database is empty on R6! IS-IS neighbors are OK...
R6#show isis database
IS­IS Level­1 Link State Database:
LSPID
LSP Seq Num LSP Checksum
R6.00­00
* 0x00000012
0x924F
R6#show clns neighbors
© Fred Bovy EIRL. IPv6 For Life. Page 123
LSP Holdtime
584
ATT/P/OL
0/0/0
19.Checking the migration. Sunday, March 30, 2014
System Id
R5
R1
Interface
Gi2/0
Gi1/0
SNPA
ca09.1b64.0070
ca05.1b4f.0070
State
Up
Up
Holdtime
25
26
Type Protocol
L1
IS­IS
L1
IS­IS
The good old troubleshooting method when all is OK but you don't get the
expected result. Toggle the interface!
R6#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R6(config)#int g2/0
R6(config­if)#shut
R6(config­if)#no shut
R6(config­if)#int g1/0
R6(config­if)#shut
R6(config­if)#
*Mar 19 23:14:49.874: %LINK­5­CHANGED: Interface GigabitEthernet1/0, changed state to
administratively down
*Mar 19 23:14:50.874: %LINEPROTO­5­UPDOWN: Line protocol on Interface GigabitEthernet1/0,
changed state to downno shut
R6(config­if)#
*Mar 19 23:14:55.722: %LINK­3­UPDOWN: Interface GigabitEthernet1/0, changed state to up
*Mar 19 23:14:56.722: %LINEPROTO­5­UPDOWN: Line protocol on Interface GigabitEthernet1/0,
changed state to up
R6(config­if)#^Z
R6#show clns neighbors
*Mar 19 23:15:01.454: %SYS­5­CONFIG_I: Configured from console by console
System Id
Interface
R1
Gi1/0
R5
Gi2/0
R6#show isis database
SNPA
ca05.1b4f.0070
ca09.1b64.0070
State
Up
Up
Holdtime
28
23
IS­IS Level­1 Link State Database:
LSPID
LSP Seq Num LSP Checksum LSP Holdtime
R1.00­00
0x0000001F
0x28DE
1196
R5.00­00
0x0000001F
0x984B
1187
R6.00­00
* 0x00000018
0xB229
1194
R6#
*Mar 19 23:15:13.538: %BGP­5­ADJCHANGE: neighbor 10.0.0.5 Up
R6#show ip route isis
10.0.0.0/8 is variably subnetted, 9 subnets, 2 masks
i L1
10.0.1.8/30 [115/20] via 10.2.0.5, GigabitEthernet2/0
[115/20] via 10.2.0.1, GigabitEthernet1/0
i ia
10.0.0.3/32 [115/148] via 10.2.0.5, GigabitEthernet2/0
[115/148] via 10.2.0.1, GigabitEthernet1/0
i L1
10.0.0.1/32 [115/10] via 10.2.0.1, GigabitEthernet1/0
i ia
10.0.0.7/32 [115/158] via 10.2.0.5, GigabitEthernet2/0
[115/158] via 10.2.0.1, GigabitEthernet1/0
i ia
10.0.0.4/32 [115/148] via 10.2.0.5, GigabitEthernet2/0
© Fred Bovy EIRL. IPv6 For Life. Page 124
Type Protocol
L1
IS­IS
L1
IS­IS
ATT/P/OL
1/0/0
1/0/0
0/0/0
19.Checking the migration. Sunday, March 30, 2014
[115/148] via 10.2.0.1, GigabitEthernet1/0
i L1
10.0.0.5/32 [115/10] via 10.2.0.5, GigabitEthernet2/0
i*L1 0.0.0.0/0 [115/10] via 10.2.0.5, GigabitEthernet2/0
[115/10] via 10.2.0.1, GigabitEthernet1/0
19.4 Check BGP Resiliency
IPv4 Routing table is OK! Now Let's bring up the other Internet Gateway
Interface on R7.
R6#show ip route bgp
B
202.3.6.0/24 [20/0]
B
202.3.7.0/24 [20/0]
B
202.3.4.0/24 [20/0]
B
202.3.5.0/24 [20/0]
B
202.3.2.0/24 [20/0]
B
202.3.3.0/24 [20/0]
B
202.3.0.0/24 [20/0]
B
202.3.1.0/24 [20/0]
B
202.3.8.0/24 [20/0]
B
202.3.9.0/24 [20/0]
via
via
via
via
via
via
via
via
via
via
172.16.1.2,
172.16.1.2,
172.16.1.2,
172.16.1.2,
172.16.1.2,
172.16.1.2,
172.16.1.2,
172.16.1.2,
172.16.1.2,
172.16.1.2,
R7#conf t
Enter configuration commands,
R7(config)#int g3/0
R7(config­if)#no shut
R6#show ip route bgp
B
202.3.6.0/24 [200/5] via
B
202.3.7.0/24 [200/5] via
B
202.3.4.0/24 [200/5] via
B
202.3.5.0/24 [200/5] via
B
202.3.2.0/24 [200/5] via
B
202.3.3.0/24 [200/5] via
B
202.3.0.0/24 [200/5] via
B
202.3.1.0/24 [200/5] via
B
202.3.8.0/24 [200/5] via
B
202.3.9.0/24 [200/5] via
R6#
00:34:16
00:34:16
00:34:16
00:34:16
00:34:16
00:34:16
00:34:16
00:34:16
00:34:16
00:34:16
one per line.
10.0.0.7,
10.0.0.7,
10.0.0.7,
10.0.0.7,
10.0.0.7,
10.0.0.7,
10.0.0.7,
10.0.0.7,
10.0.0.7,
10.0.0.7,
End with CNTL/Z.
00:01:55
00:01:55
00:01:55
00:01:55
00:01:55
00:01:55
00:01:55
00:01:55
00:01:55
00:01:55
Which is OK !Let's check IPv6 now!
R6#show ipv6 route
IPv6 Routing Table ­ Default ­ 23 entries
Codes: C ­ Connected, L ­ Local, S ­ Static, U ­ Per­user Static route
B ­ BGP, M ­ MIPv6, R ­ RIP, I1 ­ ISIS L1
I2 ­ ISIS L2, IA ­ ISIS interarea, IS ­ ISIS summary, D ­ EIGRP
EX ­ EIGRP external
© Fred Bovy EIRL. IPv6 For Life. Page 125
19.Checking the migration. Sunday, March 30, 2014
O ­ OSPF Intra, OI ­ OSPF Inter, OE1 ­ OSPF ext 1, OE2 ­ OSPF ext 2
ON1 ­ OSPF NSSA ext 1, ON2 ­ OSPF NSSA ext 2
I1 ::/0 [115/10]
via FE80::C809:1BFF:FE64:70, GigabitEthernet2/0
via FE80::C805:1BFF:FE4F:70, GigabitEthernet1/0
C
2001:DB8:5A:F6::/64 [0/0]
via GigabitEthernet3/0, directly connected
L
2001:DB8:5A:F6::6/128 [0/0]
via GigabitEthernet3/0, receive
I1 2001:DB8:678:3::/64 [115/20]
via FE80::C809:1BFF:FE64:70, GigabitEthernet2/0
via FE80::C805:1BFF:FE4F:70, GigabitEthernet1/0
I1 2001:DB8:678:9000::1/128 [115/10]
via FE80::C805:1BFF:FE4F:70, GigabitEthernet1/0
I1 2001:DB8:678:9005::5/128 [115/10]
via FE80::C809:1BFF:FE64:70, GigabitEthernet2/0
LC 2001:DB8:678:C000::6/128 [0/0]
via Loopback0, receive
C
2001:DB8:678:D004::/64 [0/0]
via GigabitEthernet1/0, directly connected
L
2001:DB8:678:D004::6/128 [0/0]
via GigabitEthernet1/0, receive
C
2001:DB8:678:D005::/64 [0/0]
via GigabitEthernet2/0, directly connected
L
2001:DB8:678:D005::6/128 [0/0]
via GigabitEthernet2/0, receive
B
2001:DB8:ABC0::/48 [200/0]
via 2001:DB8:678:B000::1
B
2001:DB8:ABC1::/48 [200/0]
via 2001:DB8:678:B000::1
B
2001:DB8:ABC2::/48 [200/0]
via 2001:DB8:678:B000::1
B
2001:DB8:ABC3::/48 [200/0]
via 2001:DB8:678:B000::1
B
2001:DB8:ABC4::/48 [200/0]
via 2001:DB8:678:B000::1
B
2001:DB8:ABC5::/48 [200/0]
via 2001:DB8:678:B000::1
B
2001:DB8:ABC6::/48 [200/0]
via 2001:DB8:678:B000::1
B
2001:DB8:ABC7::/48 [200/0]
[snip]
19.5 Inspect IS-IS Database
Level 1 Databases.
R6>sh isis database
IS­IS Level­1 Link State Database:
© Fred Bovy EIRL. IPv6 For Life. Page 126
19.Checking the migration. Sunday, March 30, 2014
LSPID
R1.00­00
R5.00­00
R6.00­00
LSP Seq Num
0x0000002B
0x00000027
* 0x0000000B
LSP Checksum
0x1BDF
0xD8F8
0xA048
LSP Holdtime
1010
1058
1183
ATT/P/OL
1/0/0
1/0/0
0/0/0
R1 and R5 have the ATTached bit set meaning they connect to the backbone Area. The Level-1 routers set a
default route to the Level-1 routers with the ATTached bit set.
R6# show isis database R5.00­00 detail
IS­IS Level­1 LSP R5.00­00
LSPID
LSP Seq Num LSP Checksum LSP Holdtime
R5.00­00
0x00000020
0x964C
877
Area Address: 39.b000
Area Address: 39.c000
NLPID:
0xCC 0x8E
Hostname: R5
IP Address:
10.0.0.5
Metric: 10
IP 10.0.1.8 255.255.255.252
Metric: 10
IP 10.2.0.4 255.255.255.252
Metric: 0
IP 10.0.0.5 255.255.255.255
IPv6 Address: 2001:DB8:678:9005::5
Metric: 10
IPv6 2001:DB8:678:3::/64
Metric: 10
IPv6 2001:DB8:678:D005::/64
Metric: 0
IPv6 2001:DB8:678:9005::5/128
Metric: 10
IS R6.00
Metric: 10
IS R1.00
Metric: 138
IP­Interarea 10.0.0.3 255.255.255.255
Metric: 138
IP­Interarea 10.0.0.4 255.255.255.255
Metric: 148
IP­Interarea 10.0.0.7 255.255.255.255
ATT/P/OL
1/0/0
R6 and R7 are Level-1 only routers.So these are Lével 1 entry Routers LSP. So if we look
at R5 Level-1 LSP from L6, it only sees R6 and R1. It has the ATTached bit meaning that it
is connected to the Backbone Area.
R6>sh isis data R6.00­00 detail
IS­IS Level­1 LSP R6.00­00
LSPID
LSP Seq Num LSP Checksum LSP Holdtime
R6.00­00
* 0x0000000A
0xA247
923
Area Address: 39.c000
NLPID:
0xCC 0x8E
Hostname: R6
IP Address:
10.0.0.6
Metric: 10
IP 10.2.0.0 255.255.255.252
Metric: 10
IP 10.2.0.4 255.255.255.252
Metric: 10
IP 172.16.1.0 255.255.255.252
Metric: 0
IP 10.0.0.6 255.255.255.255
© Fred Bovy EIRL. IPv6 For Life. Page 127
ATT/P/OL
0/0/0
19.Checking the migration. Sunday, March 30, 2014
IPv6 Address: 2001:DB8:678:C000::6
Metric: 10
IPv6 2001:DB8:678:D004::/64
Metric: 10
IPv6 2001:DB8:678:D005::/64
Metric: 10
IPv6 2001:DB8:5A:F6::/64
Metric: 0
IPv6 2001:DB8:678:C000::6/128
Metric: 10
IS R5.00
Metric: 10
IS R1.00
Level 2 Database
R5#show isis database level­2
IS­IS Level­2 Link State Database:
LSPID
LSP Seq Num LSP Checksum
R1.00­00
0x00000012
0xDA7A
R3.00­00
0x00000016
0x9EE1
R4.00­00
0x00000016
0xACED
R5.00­00
* 0x00000014
0xE3EF
R5#
R5#show isis database level­2 R1.00­00
IS­IS Level­2 LSP R1.00­00
LSPID
LSP Seq Num
R1.00­00
0x00000012
LSP Checksum
0xDA7A
LSP Holdtime
726
1031
1088
1033
ATT/P/OL
0/0/0
0/0/0
0/0/0
0/0/0
LSP Holdtime
696
ATT/P/OL
0/0/0
R5#show isis database level­2 R1.00­00 det
IS­IS Level­2 LSP R1.00­00
LSPID
LSP Seq Num LSP Checksum LSP Holdtime
R1.00­00
0x00000012
0xDA7A
692
Area Address: 39.b000
Area Address: 39.c000
NLPID:
0xCC 0x8E
Hostname: R1
IP Address:
10.0.0.1
Metric: 10
IP 10.0.1.0 255.255.255.252
Metric: 10
IP 10.0.1.4 255.255.255.252
IPv6 Address: 2001:DB8:678:9000::1
Metric: 10
IPv6 2001:DB8:678:1::/64
Metric: 10
IPv6 2001:DB8:678:2::/64
Metric: 10
IS R4.00
Metric: 10
IS R3.00
Metric: 10
IS R5.00
Metric: 0
IP 10.0.0.1 255.255.255.255
Metric: 10
IP 10.0.0.5 255.255.255.255
© Fred Bovy EIRL. IPv6 For Life. Page 128
ATT/P/OL
0/0/0
19.Checking the migration. Sunday, March 30, 2014
Metric:
Metric:
Metric:
Metric:
Metric:
Metric:
Metric:
Metric:
Metric:
Metric:
Metric:
Metric:
10
10
10
20
20
20
10
0
10
10
10
20
IP 10.0.0.6 255.255.255.255
IP 10.0.1.8 255.255.255.252
IP 10.2.0.0 255.255.255.252
IP 10.2.0.4 255.255.255.252
IP 172.16.1.0 255.255.255.252
IPv6 2001:DB8:5A:F6::/64
IPv6 2001:DB8:678:3::/64
IPv6 2001:DB8:678:9000::1/128
IPv6 2001:DB8:678:9005::5/128
IPv6 2001:DB8:678:C000::6/128
IPv6 2001:DB8:678:D004::/64
IPv6 2001:DB8:678:D005::/64
Below the highlighted addresses are the Router Loopback address. In red are
the Topology Information, our Level-2 neighbors.
R5#show isis database level­2 R3.00­00 det
IS­IS Level­2 LSP R3.00­00
LSPID
LSP Seq Num LSP Checksum LSP Holdtime
R3.00­00
0x00000016
0x9EE1
905
Area Address: 39.b000
Area Address: 39.d000
NLPID:
0xCC 0x8E
Hostname: R3
IP Address:
10.0.0.3
Metric: 10
IP 10.0.1.20 255.255.255.252
Metric: 10
IP 10.0.1.4 255.255.255.252
IPv6 Address: 2001:DB8:678:9003::3
Metric: 10
IPv6 2001:DB8:678:33::/64
Metric: 10
IPv6 2001:DB8:678:2::/64
Metric: 10
IS R5.00
Metric: 10
IS R4.00
Metric: 10
IS R1.00
Metric: 0
IP 10.0.0.3 255.255.255.255
Metric: 10
IP 10.0.0.4 255.255.255.255
Metric: 10
IP 10.0.0.7 255.255.255.255
Metric: 10
IP 10.0.1.16 255.255.255.252
Metric: 20
IP 10.1.0.0 255.255.255.252
Metric: 10
IP 10.1.0.4 255.255.255.252
Metric: 20
IP 172.16.1.4 255.255.255.252
Metric: 20
IPv6 2001:DB8:5A:F7::/64
Metric: 10
IPv6 2001:DB8:678:3::/64
Metric: 10
IPv6 2001:DB8:678:17::/64
Metric: 0
IPv6 2001:DB8:678:9003::3/128
Metric: 10
IPv6 2001:DB8:678:9004::4/128
Metric: 20
IPv6 2001:DB8:678:A000::/64
Metric: 20
IPv6 2001:DB8:678:A001::/64
© Fred Bovy EIRL. IPv6 For Life. Page 129
ATT/P/OL
0/0/0
19.Checking the migration. Sunday, March 30, 2014
Metric: 10
IPv6 2001:DB8:678:B000::1/128
19.6 Check the BGP Routers Resiliency
R7#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R7(config)#interface GigabiEthernet3/0
R7(config­if)# shutdown
R7#show bgp ipv6 unicast
*Mar 19 23:38:48.153: %SYS­5­CONFIG_I: Configured from console by console
*Mar 19 23:38:48.589: %LINK­5­CHANGED: Interface GigabitEthernet3/0, changed state to
administratively down
BGP table version is 89, local router ID is 10.0.0.7
Status codes: s suppressed, d damped, h history, * valid, > best, i ­ internal,
r RIB­failure, S Stale
Origin codes: i ­ IGP, e ­ EGP, ? ­ incomplete
Network
Next Hop
Metric LocPrf Weight Path
*>i2001:DB8:ABC0::/48
2001:DB8:678:C000::6
0
100
0 64000 ?
*>i2001:DB8:ABC1::/48
2001:DB8:678:C000::6
0
100
0 64000 ?
[snip]
R7#show bgp ipv6 unicast 2001:DB8:ABC5::/48
BGP routing table entry for 2001:DB8:ABC5::/48, version 84
Paths: (1 available, best #1, table Default)
Not advertised to any peer
64000
2001:DB8:678:C000::6 (metric 10) from 10.0.0.5 (10.0.0.5)
Origin incomplete, metric 0, localpref 100, valid, internal, best
Originator: 10.0.0.6, Cluster list: 10.0.0.5
R7#show ipv6 route 2001:DB8:678:C000::6
Routing entry for ::/0
Known via "isis fred", distance 115, metric 10, type level­1
Route count is 1/1, share count 0
Routing paths:
FE80::C808:1BFF:FE4F:54, GigabitEthernet0/0
Last updated 00:53:29 ago
R7# show ipv6 neighbors
IPv6 Address
Age Link­layer Addr State Interface
FE80::C807:1BFF:FE4F:8
176 ca07.1b4f.0008 STALE Gi1/0
FE80::C808:1BFF:FE4F:54
177 ca08.1b4f.0054 STALE Gi0/0
R7#show adjacency GigabitEthernet 0/0 internal
Protocol Interface
Address
IP
GigabitEthernet0/0
10.1.0.1(17)
0 packets, 0 bytes
© Fred Bovy EIRL. IPv6 For Life. Page 130
19.Checking the migration. Sunday, March 30, 2014
IPV6
GigabitEthernet0/0
Protocol Interface
epoch 0
sourced in sev­epoch 0
Encap length 14
CA081B4F0054CA0B1B6400080800
ARP
Fast adjacency enabled [OK]
L3 mtu 1500
Flags (0x88E)
Fixup disabled
HWIDB/IDB pointers 0x66BC41D0/0x66BC4D4C
IP redirect disabled
Switching vector: IPv4 no fixup, no redirect adj oce
Adjacency pointer 0x66F19C80
Next­hop 10.1.0.1
FE80::C808:1BFF:FE4F:54(11)
0 packets, 0 bytes
epoch 0
sourced in sev­epoch 3
Encap length 14
Address
CA081B4F0054CA0B1B64000886DD
IPv6 ND
Fast adjacency enabled [OK]
L3 mtu 1500
Flags (0x1189E)
Fixup disabled
HWIDB/IDB pointers 0x66BC41D0/0x66BC4D4C
IP redirect enabled
Switching vector: IPv6 adjacency oce
Adjacency pointer 0x66F19B40
Next­hop FE80::C808:1BFF:FE4F:54
Sound Great !
20.
Multiarea final Configurations
20.1 R6
service timestamps debug datetime msec
service timestamps log datetime msec
service password­encryption
!
hostname R6
!
ip cef
ipv6 unicast­routing
ipv6 cef
!
interface Loopback0
© Fred Bovy EIRL. IPv6 For Life. Page 131
20.Multiarea final Configurations. Sunday, March 30, 2014
ip address 10.0.0.6 255.255.255.255
ipv6 address 2001:DB8:678:C000::6/128
!
interface GigabitEthernet1/0
ip address 10.2.0.2 255.255.255.252
ip router isis fred
negotiation auto
ipv6 address 2001:DB8:678:D004::6/64
ipv6 router isis fred
isis network point­to­point
!
interface GigabitEthernet2/0
ip address 10.2.0.6 255.255.255.252
ip router isis fred
negotiation auto
ipv6 address 2001:DB8:678:D005::6/64
ipv6 router isis fred
isis network point­to­point
!
interface GigabitEthernet3/0
ip address 172.16.1.1 255.255.255.252
ip router isis fred
negotiation auto
ipv6 address 2001:DB8:5A:F6::6/64
ipv6 router isis fred
isis network point­to­point
isis csnp­interval 10
!
router isis fred
net 39.c000.0000.0000.0006.00
is­type level­1
passive­interface Loopback0
!
router bgp 100
bgp log­neighbor­changes
neighbor 10.0.0.5 remote­as 100
neighbor 10.0.0.5 update­source Loopback0
neighbor 2001:DB8:5A:F6::8 remote­as 64000
neighbor 172.16.1.2 remote­as 64000
!
address­family ipv4
neighbor 10.0.0.5 activate
neighbor 10.0.0.5 next­hop­self
no neighbor 2001:DB8:5A:F6::8 activate
neighbor 172.16.1.2 activate
no auto­summary
no synchronization
exit­address­family
!
address­family ipv6
© Fred Bovy EIRL. IPv6 For Life. Page 132
20.Multiarea final Configurations. Sunday, March 30, 2014
neighbor 10.0.0.5 activate
neighbor 10.0.0.5 route­map fred out
neighbor 2001:DB8:5A:F6::8 activate
no synchronization
Maximum­paths 2
exit­address­family
!
route­map fred permit 10
set ipv6 next­hop 2001:DB8:678:C000::6
!
20.2 R1
service timestamps debug datetime msec
service timestamps log datetime msec
service password­encryption
!
hostname R1
ip cef
!
ipv6 unicast­routing
ipv6 cef
!
interface Loopback0
ip address 10.0.0.1 255.255.255.255
ipv6 address 2001:DB8:678:9000::1/128
!
interface GigabitEthernet1/0
ip address 10.0.1.1 255.255.255.252
ip router isis fred
negotiation auto
ipv6 address 2001:DB8:678:1::1/64
ipv6 router isis fred
isis circuit­type level­2­only
isis network point­to­point
!
interface GigabitEthernet2/0
ip address 10.0.1.9 255.255.255.252
ip router isis fred
negotiation auto
ipv6 address 2001:DB8:678:3::1/64
ipv6 router isis fred
isis network point­to­point
!
interface GigabitEthernet3/0
ip address 10.0.1.5 255.255.255.252
ip router isis fred
negotiation auto
ipv6 address 2001:DB8:678:2::1/64
ipv6 router isis fred
© Fred Bovy EIRL. IPv6 For Life. Page 133
20.Multiarea final Configurations. Sunday, March 30, 2014
isis circuit­type level­2­only
isis network point­to­point
!
interface GigabitEthernet4/0
ip address 10.2.0.1 255.255.255.252
ip router isis fred
negotiation auto
ipv6 address 2001:DB8:678:D004::7/64
ipv6 router isis fred
isis network point­to­point
!
router isis fred
net 39.b000.0000.0000.0001.00
net 39.c000.0000.0000.0001.00
redistribute isis ip level­2 into level­1 route­map leak
passive­interface Loopback0
!
router bgp 100
bgp log­neighbor­changes
neighbor 10.0.0.5 remote­as 100
neighbor 10.0.0.5 update­source Loopback0
!
address­family ipv4
neighbor 10.0.0.5 activate
no auto­summary
no synchronization
exit­address­family
!
address­family ipv6
neighbor 10.0.0.5 activate
exit­address­family
!
access­list 1 permit 10.0.0.0 0.0.0.255
!
route­map leak permit 10
match ip address 1
20.3 R5
service timestamps debug datetime msec
service timestamps log datetime msec
service password­encryption
!
hostname R5
!
ip cef
ipv6 unicast­routing
ipv6 cef
!
interface Loopback0
© Fred Bovy EIRL. IPv6 For Life. Page 134
20.Multiarea final Configurations. Sunday, March 30, 2014
ip address 10.0.0.5 255.255.255.255
ipv6 address 2001:DB8:678:9005::5/128
!
interface GigabitEthernet3/0
ip address 10.0.1.22 255.255.255.252
ip router isis fred
duplex full
speed 1000
media­type gbic
negotiation auto
ipv6 address 2001:DB8:678:33::5/64
ipv6 router isis fred
isis circuit­type level­2­only
isis network point­to­point
!
interface GigabitEthernet1/0
ip address 10.0.1.10 255.255.255.252
ip router isis fred
negotiation auto
ipv6 address 2001:DB8:678:3::5/64
ipv6 router isis fred
isis network point­to­point
!
interface GigabitEthernet2/0
ip address 10.0.1.14 255.255.255.252
ip router isis fred
negotiation auto
ipv6 address 2001:DB8:678:22::5/64
ipv6 router isis fred
isis circuit­type level­2­only
isis network point­to­point
!
interface GigabitEthernet4/0
ip address 10.2.0.5 255.255.255.252
ip router isis fred
negotiation auto
ipv6 address 2001:DB8:678:D005::5/64
ipv6 router isis fred
isis network point­to­point
!
router isis fred
net 39.b000.0000.0000.0005.00
net 39.c000.0000.0000.0005.00
redistribute isis ip level­2 into level­1 route­map leak
passive­interface Loopback0
!
router bgp 100
bgp log­neighbor­changes
neighbor 10.0.0.1 remote­as 100
neighbor 10.0.0.1 update­source Loopback0
© Fred Bovy EIRL. IPv6 For Life. Page 135
20.Multiarea final Configurations. Sunday, March 30, 2014
neighbor 10.0.0.3 remote­as 100
neighbor 10.0.0.3 update­source Loopback0
neighbor 10.0.0.4 remote­as 100
neighbor 10.0.0.4 update­source Loopback0
neighbor 10.0.0.6 remote­as 100
neighbor 10.0.0.6 update­source Loopback0
neighbor 10.0.0.7 remote­as 100
neighbor 10.0.0.7 update­source Loopback0
!
address­family ipv4
neighbor 10.0.0.1 activate
neighbor 10.0.0.1 route­reflector­client
neighbor 10.0.0.3 activate
neighbor 10.0.0.3 route­reflector­client
neighbor 10.0.0.4 activate
neighbor 10.0.0.4 route­reflector­client
neighbor 10.0.0.6 activate
neighbor 10.0.0.6 route­reflector­client
neighbor 10.0.0.7 activate
neighbor 10.0.0.7 route­reflector­client
no auto­summary
no synchronization
exit­address­family
!
address­family ipv6
neighbor 10.0.0.1 activate
neighbor 10.0.0.1 route­reflector­client
neighbor 10.0.0.3 activate
neighbor 10.0.0.3 route­reflector­client
neighbor 10.0.0.4 activate
neighbor 10.0.0.4 route­reflector­client
neighbor 10.0.0.6 activate
neighbor 10.0.0.6 route­reflector­client
neighbor 10.0.0.7 activate
neighbor 10.0.0.7 route­reflector­client
no synchronization
maximum­paths 2
exit­address­family
!
access­list 1 permit 10.0.0.0 0.0.0.255
!
route­map leak permit 10
match ip address 1
!
20.4 R3
service timestamps debug datetime msec
service timestamps log datetime msec
service password­encryption
© Fred Bovy EIRL. IPv6 For Life. Page 136
20.Multiarea final Configurations. Sunday, March 30, 2014
!
hostname R3
!
ip cef
ipv6 unicast­routing
ipv6 cef
!
interface Loopback0
ip address 10.0.0.3 255.255.255.255
ipv6 address 2001:DB8:678:9003::3/128
!
interface GigabitEthernet0/0
ip address 10.1.0.6 255.255.255.252
ip router isis fred
duplex full
speed 1000
media­type gbic
negotiation auto
ipv6 address 2001:DB8:678:3::3/64
ipv6 router isis fred
isis network point­to­point
!
interface GigabitEthernet1/0
ip address 10.0.1.18 255.255.255.252
ip router isis fred
negotiation auto
ipv6 address 2001:DB8:678:17::3/64
ipv6 enable
ipv6 router isis fred
isis network point­to­point
!
interface GigabitEthernet2/0
ip address 10.0.1.21 255.255.255.252
ip router isis fred
negotiation auto
ipv6 address 2001:DB8:678:33::3/64
ipv6 enable
ipv6 router isis fred
isis circuit­type level­2­only
isis network point­to­point
!
interface GigabitEthernet3/0
ip address 10.0.1.6 255.255.255.252
ip router isis fred
negotiation auto
ipv6 address 2001:DB8:678:2::3/64
ipv6 enable
ipv6 router isis fred
isis circuit­type level­2­only
isis network point­to­point
© Fred Bovy EIRL. IPv6 For Life. Page 137
20.Multiarea final Configurations. Sunday, March 30, 2014
!
router isis fred
net 39.b000.0000.0000.0003.00
net 39.d000.0000.0000.0003.00
redistribute isis ip level­2 into level­1 route­map leak
passive­interface Loopback0
!
router bgp 100
bgp log­neighbor­changes
neighbor 10.0.0.5 remote­as 100
neighbor 10.0.0.5 update­source Loopback0
!
address­family ipv4
neighbor 10.0.0.5 activate
no auto­summary
no synchronization
exit­address­family
!
address­family ipv6
neighbor 10.0.0.5 activate
exit­address­family
!
access­list 1 permit 10.0.0.0 0.0.0.255
!
route­map leak permit 10
match ip address 1
!
20.5 R4
hostname R4
ip cef
ipv6 unicast­routing
ipv6 cef
!
interface Loopback0
ip address 10.0.0.4 255.255.255.255
ipv6 address 2001:DB8:678:9004::4/128
!
interface GigabitEthernet0/0
ip address 10.0.1.2 255.255.255.252
ip router isis fred
duplex full
speed 1000
media­type gbic
negotiation auto
ipv6 address 2001:DB8:678:1::4/64
ipv6 router isis fred
isis circuit­type level­2­only
isis network point­to­point
© Fred Bovy EIRL. IPv6 For Life. Page 138
20.Multiarea final Configurations. Sunday, March 30, 2014
!
interface GigabitEthernet1/0
ip address 10.0.1.17 255.255.255.252
ip router isis fred
negotiation auto
ipv6 address 2001:DB8:678:17::4/64
ipv6 router isis fred
isis network point­to­point
!
interface GigabitEthernet2/0
ip address 10.0.1.13 255.255.255.252
ip router isis fred
negotiation auto
ipv6 address 2001:DB8:678:22::3/64
ipv6 router isis fred
isis circuit­type level­2­only
isis network point­to­point
!
interface GigabitEthernet3/0
ip address 10.1.0.1 255.255.255.252
ip router isis fred
negotiation auto
ipv6 address 2001:DB8:678:A000::1/64
ipv6 router isis fred
isis network point­to­point
!
router isis fred
net 39.b000.0000.0000.0004.00
net 39.d000.0000.0000.0004.00
redistribute isis ip level­2 into level­1 route­map leak
passive­interface Loopback0
!
router bgp 100
bgp log­neighbor­changes
neighbor 10.0.0.5 remote­as 100
neighbor 10.0.0.5 update­source Loopback0
!
address­family ipv4
neighbor 10.0.0.5 activate
no auto­summary
no synchronization
exit­address­family
!
address­family ipv6
neighbor 10.0.0.5 activate
exit­address­family
!
access­list 1 permit 10.0.0.0 0.0.0.255
!
route­map leak permit 10
© Fred Bovy EIRL. IPv6 For Life. Page 139
20.Multiarea final Configurations. Sunday, March 30, 2014
match ip address 1
!
20.6 R7
hostname R7
!
interface Loopback0
ip address 10.0.0.7 255.255.255.255
ipv6 address 2001:DB8:678:B000::1/128
!
interface GigabitEthernet0/0
ip address 10.1.0.2 255.255.255.252
ip router isis fred
duplex full
speed 1000
media­type gbic
negotiation auto
ipv6 address 2001:DB8:678:A000::7/64
ipv6 router isis fred
isis network point­to­point
!
interface GigabitEthernet1/0
ip address 10.1.0.5 255.255.255.252
ip router isis fred
negotiation auto
ipv6 address 2001:DB8:678:A001::7/64
ipv6 router isis fred
isis network point­to­point
!
interface GigabitEthernet3/0
ip address 172.16.1.5 255.255.255.252
ip router isis fred
negotiation auto
ipv6 address FE80::7 link­local
ipv6 address 2001:DB8:5A:F7::6/64
ipv6 router isis fred
isis network point­to­point
isis csnp­interval 10
!
router isis fred
net 39.d000.0000.0000.0007.00
is­type level­1
passive­interface Loopback0
!
router bgp 100
bgp log­neighbor­changes
neighbor 10.0.0.5 remote­as 100
neighbor 10.0.0.5 update­source Loopback0
neighbor 172.16.1.6 remote­as 65000
© Fred Bovy EIRL. IPv6 For Life. Page 140
20.Multiarea final Configurations. Sunday, March 30, 2014
neighbor FE80::9%GigabitEthernet3/0 remote­as 65000
!
address­family ipv4
neighbor 10.0.0.5 activate
neighbor 10.0.0.5 next­hop­self
neighbor 172.16.1.6 activate
neighbor 172.16.1.6 route­map setloc in
no neighbor FE80::9%GigabitEthernet3/0 activate
no auto­summary
no synchronization
exit­address­family
!
address­family ipv6
neighbor 10.0.0.5 activate
neighbor 10.0.0.5 route­map fred out
neighbor FE80::9%GigabitEthernet3/0 activate
neighbor FE80::9%GigabitEthernet3/0 route­map setloc in
exit­address­family
!
!
route­map setloc permit 10
set local­preference 150
!
route­map fred permit 10
set ipv6 next­hop 2001:DB8:678:B000::1
!
20.7 The ISP Routers R9 and R8 Configs
ISP2-R8
hostname ISP2­R8
!
ip cef
ipv6 unicast­routing
ipv6 cef
interface Loopback0
ip address 10.0.0.8 255.255.255.255
!
interface GigabitEthernet1/0
ip address 172.16.1.2 255.255.255.252
negotiation auto
ipv6 address 2001:DB8:5A:F6::8/64
!
router bgp 64000
bgp log­neighbor­changes
neighbor 2001:DB8:5A:F6::6 remote­as 100
neighbor 172.16.1.1 remote­as 100
!
address­family ipv4
© Fred Bovy EIRL. IPv6 For Life. Page 141
20.Multiarea final Configurations. Sunday, March 30, 2014
redistribute static
no neighbor 2001:DB8:5A:F6::6 activate
neighbor 172.16.1.1 activate
no auto­summary
no synchronization
exit­address­family
!
address­family ipv6
neighbor 2001:DB8:5A:F6::6 activate
redistribute static
no synchronization
exit­address­family
!
ip forward­protocol nd
ip route 202.3.0.0 255.255.255.0 Null0
ip route 202.3.1.0 255.255.255.0 Null0
ip route 202.3.2.0 255.255.255.0 Null0
ip route 202.3.3.0 255.255.255.0 Null0
ip route 202.3.4.0 255.255.255.0 Null0
ip route 202.3.5.0 255.255.255.0 Null0
ip route 202.3.6.0 255.255.255.0 Null0
ip route 202.3.7.0 255.255.255.0 Null0
ip route 202.3.8.0 255.255.255.0 Null0
ip route 202.3.9.0 255.255.255.0 Null0
!
ipv6 route 2001:DB8:ABC0::/48 Null0
ipv6 route 2001:DB8:ABC1::/48 Null0
ipv6 route 2001:DB8:ABC2::/48 Null0
ipv6 route 2001:DB8:ABC3::/48 Null0
ipv6 route 2001:DB8:ABC4::/48 Null0
ipv6 route 2001:DB8:ABC5::/48 Null0
ipv6 route 2001:DB8:ABC6::/48 Null0
ipv6 route 2001:DB8:ABC7::/48 Null0
ipv6 route 2001:DB8:ABC8::/48 Null0
ipv6 route 2001:DB8:ABC9::/48 Null0
ipv6 route 2001:DB8:ABCA::/48 Null0
ISP1-R9
ISP1­R9#show running­config
Building configuration...
Current
!
upgrade
version
service
service
service
!
configuration : 2574 bytes
fpd auto
12.4
timestamps debug datetime msec
timestamps log datetime msec
password­encryption
© Fred Bovy EIRL. IPv6 For Life. Page 142
20.Multiarea final Configurations. Sunday, March 30, 2014
hostname ISP1­R9
!
ip cef
ipv6 unicast­routing
ipv6 cef
!
interface Loopback0
ip address 10.0.0.9 255.255.255.255
!
interface GigabitEthernet1/0
ip address 172.16.1.6 255.255.255.252
ipv6 address FE80::9 link­local
ipv6 address 2001:DB8:5A:F7::9/64
!
!
router bgp 65000
bgp log­neighbor­changes
neighbor 172.16.1.5 remote­as 100
neighbor FE80::7%GigabitEthernet1/0 remote­as 100
!
address­family ipv4
redistribute static metric 5
neighbor 172.16.1.5 activate
no neighbor FE80::7%GigabitEthernet1/0 activate
no auto­summary
no synchronization
exit­address­family
!
address­family ipv6
neighbor FE80::7%GigabitEthernet1/0 activate
redistribute static
no synchronization
exit­address­family
!
ip route 202.3.0.0 255.255.255.0 Null0
ip route 202.3.1.0 255.255.255.0 Null0
ip route 202.3.2.0 255.255.255.0 Null0
ip route 202.3.3.0 255.255.255.0 Null0
ip route 202.3.4.0 255.255.255.0 Null0
ip route 202.3.5.0 255.255.255.0 Null0
ip route 202.3.6.0 255.255.255.0 Null0
ip route 202.3.7.0 255.255.255.0 Null0
ip route 202.3.8.0 255.255.255.0 Null0
ip route 202.3.9.0 255.255.255.0 Null0
!
ipv6 route 2001:DB8:ABC0::/48 Null0
ipv6 route 2001:DB8:ABC1::/48 Null0
ipv6 route 2001:DB8:ABC2::/48 Null0
ipv6 route 2001:DB8:ABC3::/48 Null0
ipv6 route 2001:DB8:ABC4::/48 Null0
© Fred Bovy EIRL. IPv6 For Life. Page 143
20.Multiarea final Configurations. Sunday, March 30, 2014
ipv6
ipv6
ipv6
ipv6
ipv6
ipv6
!
route
route
route
route
route
route
2001:DB8:ABC5::/48
2001:DB8:ABC6::/48
2001:DB8:ABC7::/48
2001:DB8:ABC8::/48
2001:DB8:ABC9::/48
2001:DB8:ABCA::/48
Null0
Null0
Null0
Null0
Null0
Null0
© Fred Bovy EIRL. IPv6 For Life. Page 144
20.Multiarea final Configurations. Sunday, March 30, 2014
Use a PC running freeBSD as a
BGP Route-Reflector using
Zebra/Quagga and install a
pfSense Firewall
Version 1.1
From Fred Bovy ccie #3013
Routing IPv6 Part 4
http://www.ipv6forlife.com/Tutorial/labQuagga/
© Fred Bovy EIRL. IPv6 For Life. Page 145
21.What is Quagga?. Sunday, March 30, 2014
21.
What is Quagga?
Quagga transforms your Linux Box into a Powerful Router running rip, ripng, ospf v2, ospf
v3, is-is for ipv4 and IPv6, MP-BGP and more. It is perfect to run your Route-Reflector
since PC can have enough resources to host a powerful CISCO-like Router!
It is a port on freeBSD and it is installed with a make install, clean It has a very rich
environment and fit in our preceding lab with a small change in the topology.
We could have use the preceding topology with no change and run PC FreeBGP 9.2
begind the existing switch but in the real life you don't want to do that.
The IS-IS and MP-BGP daemons are configured to assume a Route-Reflector.
The PC host runs in a VirtualBox Virtual Machine. The configuration is very easy.
I have choosen freeBSD because it is free, very safe and Quagga is one of the 1000s of
ports preinstalled. The installation is pretty long, you need to be connected to the
Internet to fetch pieces of software as the make procedure claim them. But after more
than an hour of patience in front of your screen answering questions, loading, compiling,
installing and so on. Then after the make, you do a make install and a make clean and
you're done. Then you need to copy some configuration sample files into
/usr/local/etc/quagga. You also need to edit the file /etc/rc.conf. This information is widely
available on the net. Check the opentodo.net server for more details.
This is a very good site where to find a good documentation “Configuring routing
protocols with Quagga” about installing Quagga on freeBSD.
http://opentodo.net/2012/08/configuring-routing-protocols-with-quagga.
In the lab we will configure one or two Quagga Routers as we have two IS-IS clones.
© Fred Bovy EIRL. IPv6 For Life. Page 146
21.What is Quagga?. Sunday, March 30, 2014
Illustration 14: Final Setup free9/Quagga and others PCs
22. Quagga Configurations
You will need to customize freeBSD configuration file like:
$ cat /etc/rc.conf
hostname="free92"
keymap="fr.iso.acc.kbd"
ifconfig_em0="DHCP"
ifconfig_em0_ipv6="inet6 accept_rtadv"
sshd_enable="YES"
# Set dumpdev to "AUTO" to enable crash dumps, "NO" to disable
dumpdev="NO"
quagga_enable="YES"
#quagga_daemons="zebra ripngd bgpd isisd ospf6d"
quagga_daemons="zebra bgpd isisd"
gateway_enable="YES"
ifconfig_em1_ipv6="inet6 accept_rtadv"
rtsold_enable="YES"
ifconfig_fxp0_ipv6="inet6 2001:db8:678:FFFF::2000 prefixlen 64"
Then copy and edit some configurations samples provided with the Quagga package:
© Fred Bovy EIRL. IPv6 For Life. Page 147
22.Quagga Configurations. Sunday, March 30, 2014
cp zebra.conf.sample /usr/local/etc/quagga/
And then start the daemons
/usr/local/etc/rc.d/quagga start
And you can then login to the zebra daemon to check the interface and the
routing tables as you would do on a cisco router, then we will need to login to the
IS-IS and BGP daemons.
You can edit the zebra.conf file and you can also check and modify it by logging to the
zebra daemon port 2601.
/usr/local/etc/quagga/zebra.conf
! Zebra configuration saved from vty
!
2014/03/22 09:28:01
!
hostname zebra
password cisco
enable password cisco
!
interface em0
ipv6 nd suppress­ra
!
interface em1
ipv6 address 2001:db8:678:ffff::200/64
ip address 10.201.0.101/24
ipv6 nd suppress­ra
!
!
interface lo
description test of desc.
ipv6 nd suppress­ra
!
interface lo0
ip address 10.0.0.200/32
!
interface usbus0
ipv6 nd suppress­ra
!
ip forwarding
!
!
line vty
!
© Fred Bovy EIRL. IPv6 For Life. Page 148
22.Quagga Configurations. Sunday, March 30, 2014
Telnet to the Zebra daemon
$ telnet localhost 2601
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
Hello, this is Quagga (version 0.99.22.3).
Copyright 1996­2005 Kunihiro Ishiguro, et al.
User Access Verification
Password:
zebra> en
Password:
Zebra sees two interfaces em0 which is the admin interface to which I can telnet as any
device on the LAN.
Interface em1 is the LAB interface to connect to the Lab Switch and exchange BGP and
IS-IS updates to run a aBGP Route-Reflector.
Obviously there is also loopback interfaces.
Check IP route
zebra# show ip route
Codes: K ­ kernel route, C ­ connected, S ­ static, R ­ RIP,
O ­ OSPF, I ­ IS­IS, B ­ BGP, A ­ Babel,
> ­ selected route, * ­ FIB route
K>* 0.0.0.0/0 via 192.168.100.254, em0
I>* 10.0.0.1/32 [115/10] via 10.201.0.1, em1, 00:22:12
I>* 10.0.0.3/32 [115/20] via 10.201.0.4, em1, 00:22:12
via 10.201.0.1, em1, 00:22:12
I>* 10.0.0.4/32 [115/10] via 10.201.0.4, em1, 04:35:07
I>* 10.0.0.5/32 [115/20] via 10.201.0.1, em1, 00:22:12
via 10.201.0.4, em1, 00:22:12
I>* 10.0.0.6/32 [115/20] via 10.201.0.1, em1, 00:22:12
I>* 10.0.0.7/32 [115/20] via 10.201.0.4, em1, 04:35:07
C>* 10.0.0.200/32 is directly connected, lo0
I>* 10.0.1.0/30 [115/20] via 10.201.0.4, em1, 00:22:12
via 10.201.0.1, em1, 00:22:12
I>* 10.0.1.4/30 [115/20] via 10.201.0.1, em1, 00:22:12
I>* 10.0.1.8/30 [115/20] via 10.201.0.1, em1, 00:22:12
I>* 10.0.1.12/30 [115/20] via 10.201.0.4, em1, 04:35:07
I>* 10.0.1.16/30 [115/20] via 10.201.0.4, em1, 04:35:07
I>* 10.0.1.20/30 [115/30] via 10.201.0.4, em1, 00:22:12
via 10.201.0.1, em1, 00:22:12
I>* 10.1.0.0/30 [115/20] via 10.201.0.4, em1, 04:35:07
© Fred Bovy EIRL. IPv6 For Life. Page 149
22.Quagga Configurations. Sunday, March 30, 2014
I>* 10.1.0.4/30 [115/30] via 10.201.0.4, em1, 00:22:12
via 10.201.0.1, em1, 00:22:12
I>* 10.2.0.0/30 [115/20] via 10.201.0.1, em1, 00:22:12
I>* 10.2.0.4/30 [115/30] via 10.201.0.1, em1, 00:22:12
via 10.201.0.4, em1, 00:22:12
C>* 10.201.0.0/24 is directly connected, em1
C>* 127.0.0.0/8 is directly connected, lo0
I>* 172.16.1.0/30 [115/30] via 10.201.0.1, em1, 00:22:12
C>* 192.168.100.0/24 is directly connected, em0
B>* 202.3.0.0/24 [200/5] via 10.0.0.7 (recursive via 10.201.0.4),
B>* 202.3.1.0/24 [200/5] via 10.0.0.7 (recursive via 10.201.0.4),
B>* 202.3.2.0/24 [200/5] via 10.0.0.7 (recursive via 10.201.0.4),
B>* 202.3.3.0/24 [200/5] via 10.0.0.7 (recursive via 10.201.0.4),
B>* 202.3.4.0/24 [200/5] via 10.0.0.7 (recursive via 10.201.0.4),
B>* 202.3.5.0/24 [200/5] via 10.0.0.7 (recursive via 10.201.0.4),
B>* 202.3.6.0/24 [200/5] via 10.0.0.7 (recursive via 10.201.0.4),
B>* 202.3.7.0/24 [200/5] via 10.0.0.7 (recursive via 10.201.0.4),
B>* 202.3.8.0/24 [200/5] via 10.0.0.7 (recursive via 10.201.0.4),
B>* 202.3.9.0/24 [200/5] via 10.0.0.7 (recursive via 10.201.0.4),
07:01:45
07:01:45
07:01:45
07:01:45
07:01:45
07:01:45
07:01:45
07:01:45
07:01:45
07:01:45
Another config mistake, we forgot to configure the R1 interface to Quagga with IS-IS.
isisd# show isis neighbor
Area DEAD:
System Id
Interface
R4
em1
L
2
State
Up
Holdtime SNPA
7
ca00.0dbc.0070
Only one IS-IS neighbor! We should see two! On R1 IS-IS config was missing,
put it!
interface GigabitEthernet0/0.1
encapsulation dot1Q 1 native
ip address 10.201.0.1 255.255.255.0
ip router isis fred
ipv6 address 2001:DB8:678:FFFF::1/64
ipv6 router isis fred
glbp 1 ip 10.201.0.222
glbp 2 ipv6 autoconfig
End
isisd# show isis neighbor
Area DEAD:
System Id
Interface
R1
em1
R4
em1
L
2
2
State
Up
Up
© Fred Bovy EIRL. IPv6 For Life. Page 150
Holdtime SNPA
10
ca01.0dbc.0008
28
ca00.0dbc.0070
22.Quagga Configurations. Sunday, March 30, 2014
Illustration 15: My Working Station with GNS3 and Wireshark windows
We could check the IS-IS neighbors from the pseudo node LSP in the IS-IS database of the
multipoint transit Networks:
isisd# show isis database R1.01­00 detail
Area DEAD:
IS­IS Level­2 link­state database:
LSP ID
PduLen SeqNumber
Chksum
R1.01­00
63
0x00000002 0x88bf
Metric
: 0
IS
: R1.00
Metric
: 0
IS
: R4.00
Metric
: 0
IS
: isisd.00
Holdtime
561
ATT/P/OL
0/0/0
Check IPv6 Route
23. Quagga IS-IS Configuration
IS-IS Configuration file
You need to edit the config file isisd.conf, you can change it from a telnet session later.
© Fred Bovy EIRL. IPv6 For Life. Page 151
23.Quagga IS-IS Configuration. Sunday, March 30, 2014
!
! Zebra configuration saved from vty
!
2014/03/22 10:11:24
!
hostname isisd
password cisco
enable password cisco
log stdout
!
interface em0
!
interface em1
ip router isis DEAD
ipv6 router isis DEAD
isis circuit­type level­2­only
!
interface lo0
ip router isis DEAD
isis passive
ipv6 router isis DEAD
isis circuit­type level­2­only
!
interface usbus0
!
!
router isis DEAD
net 39.b000.0000.0000.0201.00
metric­style wide
is­type level­2­only
!
line vty
!
If you have installed Quagga on the freeBSD Clone:
Password:
isisd­quagga2# sh run
Current configuration:
!
hostname isisd­quagga2
password cisco
enable password cisco
log stdout
!
interface em0
!
interface em1
ip router isis DEAD
ipv6 router isis DEAD
isis circuit­type level­2­only
© Fred Bovy EIRL. IPv6 For Life. Page 152
23.Quagga IS-IS Configuration. Sunday, March 30, 2014
!
interface lo0
ip router isis DEAD
isis passive
ipv6 router isis DEAD
isis circuit­type level­2­only
!
interface usbus0
!
!
router isis DEAD
net 39.b000.0000.0000.0202.00
metric­style wide
is­type level­2­only
!
line vty
!
end
isisd­quagga2#
Telnet to IS-IS daemon
Then you can telnet to the IS-IS daemon to do some checking
$ telnet localhost 2608
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
Hello, this is Quagga (version 0.99.22.3).
Copyright 1996­2005 Kunihiro Ishiguro, et al.
User Access Verification
Password:
isisd> en
Password:
isisd#
isisd# sh isis neighbor
Area DEAD:
System Id
Interface
R1
em1
R4
em1
L
2
2
State
Up
Up
Holdtime SNPA
8
ca01.5c18.0008
26
ca00.5c18.0070
isisd# sh isis neighbor detail
Area DEAD:
R1
Interface: em1, Level: 2, State: Up, Expires in 7s
Adjacency flaps: 1, Last: 1h7m39s ago
© Fred Bovy EIRL. IPv6 For Life. Page 153
23.Quagga IS-IS Configuration. Sunday, March 30, 2014
Circuit type: L1L2, Speaks: IPv4, IPv6
SNPA: ca01.5c18.0008, LAN id: R1.01
LAN Priority: 64, is DIS, DIS flaps: 1, Last: 1h7m37s ago
Area Address(es):
39.b000
39.c000
IPv4 Address(es):
10.201.0.1
IPv6 Address(es):
fe80::c801:5cff:fe18:8
R4
Interface: em1, Level: 2, State: Up, Expires in 28s
Adjacency flaps: 1, Last: 35m31s ago
Circuit type: L1L2, Speaks: IPv4, IPv6
SNPA: ca00.5c18.0070, LAN id: R1.01
LAN Priority: 64, is not DIS, DIS flaps: 1, Last: 35m29s ago
Area Address(es):
39.b000
39.d000
IPv4 Address(es):
10.201.0.4
IPv6 Address(es):
fe80::c800:5cff:fe18:70
isisd# show isis database
Area DEAD:
IS­IS Level­2 link­state database:
LSP ID
PduLen SeqNumber
R1.00­00
592
0x000000c4
R1.01­00
63
0x000000a7
R3.00­00
581
0x000000bd
R4.00­00
592
0x000000c9
R5.00­00
581
0x000000bd
isisd.00­00
*
120
0x000000e4
6 LSPs
Chksum
0x11f8
0x3d65
0x14ff
0xabee
0x9286
0x7d64
Holdtime
1182
945
430
365
927
715
ATT/P/OL
0/0/0
0/0/0
0/0/0
0/0/0
0/0/0
0/0/0
We have 6 LSPs, R1 Pseudonode #1 R1.01­00 included. This one is generated by the
multipoint network DIS Let's first check R1 Router LSP then the R1.01 pseudonode
LSP.
isisd# show isis database R1.00­00 detail
Area DEAD:
IS­IS Level­2 link­state database:
LSP ID
PduLen SeqNumber
R1.00­00
646
0x000000fb
Area Address: 39.b000
Area Address: 39.c000
Area Address: 39.d000
© Fred Bovy EIRL. IPv6 For Life. Page 154
Chksum
0x616b
Holdtime
1152
ATT/P/OL
0/0/0
23.Quagga IS-IS Configuration. Sunday, March 30, 2014
NLPID
:
NLPID
:
Hostname
:
IPv4 Address:
Metric
:
Metric
:
Metric
:
Metric
:
Metric
:
Metric
:
Metric
:
Metric
:
Metric
:
Metric
:
Metric
:
Metric
:
Metric
:
Metric
:
Metric
:
Metric
:
Metric
:
Metric
:
Metric
:
Metric
:
Metric
:
Metric
:
Metric
:
Metric
:
Metric
:
Metric
:
Metric
:
Metric
:
Metric
:
Metric
:
Metric
:
Metric
:
Metric
:
Metric
:
Metric
Metric
:
Metric
:
Metric
:
Metric
:
Metric
:
0xCC
0x8E
R1
10.0.0.1
10
10
10
10
10
10
0
20
10
10
10
20
10
20
20
30
10
20
10
20
30
10
10
10
20
30
10
20
0
20
10
10
20
30
: 20
10
10
20
10
10
IS
: R1.01
IS
: R5.00
IS
: R3.00
IS
: R4.00
IPv4­Internal : 10.0.1.0 255.255.255.252
IPv4­Internal : 10.0.1.4 255.255.255.252
IPv4­Internal : 10.0.0.1 255.255.255.255
IPv4­Internal : 10.0.0.3 255.255.255.255
IPv4­Internal : 10.0.0.4 255.255.255.255
IPv4­Internal : 10.0.0.5 255.255.255.255
IPv4­Internal : 10.0.0.6 255.255.255.255
IPv4­Internal : 10.0.0.7 255.255.255.255
IPv4­Internal : 10.0.1.8 255.255.255.252
IPv4­Internal : 10.0.1.16 255.255.255.252
IPv4­Internal : 10.1.0.0 255.255.255.252
IPv4­Internal : 10.1.0.4 255.255.255.252
IPv4­Internal : 10.2.0.0 255.255.255.252
IPv4­Internal : 10.2.0.4 255.255.255.252
IPv4­Internal : 10.201.0.0 255.255.255.0
IPv4­Internal : 172.16.1.0 255.255.255.252
IPv4­Internal : 172.16.1.4 255.255.255.252
IPv4­Internal : 172.16.6.0 255.255.255.0
IPv6­Internal : 2001:db8:678:1::/64
IPv6­Internal : 2001:db8:678:2::/64
IPv6­Internal : 2001:db8:5a:f6::/64
IPv6­Internal : 2001:db8:5a:f7::/64
IPv6­Internal : 2001:db8:678:3::/64
IPv6­Internal : 2001:db8:678:17::/64
IPv6­Internal : 2001:db8:678:9000::1/128
IPv6­Internal : 2001:db8:678:9003::3/128
IPv6­Internal : 2001:db8:678:9004::4/128
IPv6­Internal : 2001:db8:678:9005::5/128
IPv6­Internal : 2001:db8:678:a000::/64
IPv6­Internal : 2001:db8:678:a001::/64
IPv6­Internal : 2001:db8:678:b000::1/128
IPv6­Internal : 2001:db8:678:c000::6/128
IPv6­Internal : 2001:db8:678:d004::/64
IPv6­Internal : 2001:db8:678:d005::/64
IPv6­Internal : 2001:db8:678:d101::/64
IPv6­Internal : 2001:db8:678:ffff::/64
isisd# show isis database R1.01­00
Area DEAD:
IS­IS Level­2 link­state database:
LSP ID
PduLen SeqNumber
R1.01­00
63
0x000000a7
© Fred Bovy EIRL. IPv6 For Life. Page 155
Chksum
0x3d65
Holdtime
925
ATT/P/OL
0/0/0
23.Quagga IS-IS Configuration. Sunday, March 30, 2014
isisd# show isis database R1.01­00 detail
Area DEAD:
IS­IS Level­2 link­state database:
LSP ID
PduLen SeqNumber
Chksum
R1.01­00
63
0x000000a7 0x3d65
Metric
: 0
IS
: R1.00
Metric
: 0
IS
: R4.00
Metric
: 0
IS
: isisd.00
Holdtime
921
ATT/P/OL
0/0/0
Check a Router LSP and see if if is correct. We should see for each level the
right neighbors. They are in Red below:
R1#show isis database
R4.00­00 detai
IS­IS Level­1 LSP R4.00­00
LSPID
LSP Seq Num LSP Checksum LSP Holdtime
R4.00­00
0x0000021D
0x4185
493
Area Address: 39.b000
Area Address: 39.d000
NLPID:
0xCC 0x8E
Hostname: R4
IP Address:
10.0.0.4
Metric: 10
IP 10.0.1.16 255.255.255.252
Metric: 10
IP 10.1.0.0 255.255.255.252
Metric: 10
IP 10.201.0.0 255.255.255.0
Metric: 0
IP 10.0.0.4 255.255.255.255
IPv6 Address: 2001:DB8:678:9004::4
Metric: 10
IPv6 2001:DB8:678:17::/64
Metric: 10
IPv6 2001:DB8:678:A000::/64
Metric: 10
IPv6 2001:DB8:678:FFFF::/64
Metric: 0
IPv6 2001:DB8:678:9004::4/128
Metric: 10
IS R1.01
Metric: 10
IS R3.00
Metric: 10
IS R7.00
Metric: 148
IP­Interarea 10.0.0.200 255.255.255.255
IS­IS Level­2 LSP R4.00­00
LSPID
LSP Seq Num LSP Checksum LSP Holdtime
R4.00­00
0x000000F8
0xBE63
997
Area Address: 39.b000
Area Address: 39.d000
Area Address: 39.c000
NLPID:
0xCC 0x8E
Hostname: R4
IP Address:
10.0.0.4
Metric: 10
IP 10.0.1.0 255.255.255.252
Metric: 10
IP 10.0.1.12 255.255.255.252
IPv6 Address: 2001:DB8:678:9004::4
© Fred Bovy EIRL. IPv6 For Life. Page 156
ATT/P/OL
0/0/0
ATT/P/OL
0/0/0
23.Quagga IS-IS Configuration. Sunday, March 30, 2014
Metric:
Metric:
Metric:
Metric:
Metric:
Metric:
Metric:
Metric:
Metric:
Metric:
Metric:
Metric:
Metric:
Metric:
Metric:
Metric:
Metric:
Metric:
Metric:
Metric:
Metric:
Metric:
Metric:
Metric:
Metric:
Metric:
Metric:
Metric:
Metric:
Metric:
Metric:
10
10
10
10
10
10
10
0
20
20
10
20
10
10
20
20
30
10
30
20
20
30
20
20
10
10
10
0
20
10
20
IPv6 2001:DB8:678:1::/64
IPv6 2001:DB8:678:22::/64
IS R1.01
IS R3.00
IS R1.00
IP 10.0.0.1 255.255.255.255
IP 10.0.0.3 255.255.255.255
IP 10.0.0.4 255.255.255.255
IP 10.0.0.5 255.255.255.255
IP 10.0.0.6 255.255.255.255
IP 10.0.0.7 255.255.255.255
IP 10.0.1.8 255.255.255.252
IP 10.0.1.16 255.255.255.252
IP 10.1.0.0 255.255.255.252
IP 10.1.0.4 255.255.255.252
IP 10.2.0.0 255.255.255.252
IP 10.2.0.4 255.255.255.252
IP 10.201.0.0 255.255.255.0
IP 172.16.1.0 255.255.255.252
IP 172.16.1.4 255.255.255.252
IP 172.16.6.0 255.255.255.0
IPv6 2001:DB8:5A:F6::/64
IPv6 2001:DB8:5A:F7::/64
IPv6 2001:DB8:678:3::/64
IPv6 2001:DB8:678:17::/64
IPv6 2001:DB8:678:9000::1/128
IPv6 2001:DB8:678:9003::3/128
IPv6 2001:DB8:678:9004::4/128
IPv6 2001:DB8:678:9005::5/128
IPv6 2001:DB8:678:A000::/64
IPv6 2001:DB8:678:A001::/64
And check the LSP of a Level-1 router...
R3#show isis data R6.00­00 detail
IS­IS Level­1 LSP R6.00­00
LSPID
LSP Seq Num LSP Checksum LSP Holdtime
R6.00­00
0x000000F2
0xF831
618
Area Address: 39.c000
NLPID:
0xCC 0x8E
Hostname: R6
IP Address:
10.0.0.6
Metric: 10
IP 10.2.0.0 255.255.255.252
Metric: 10
IP 10.2.0.4 255.255.255.252
Metric: 10
IP 172.16.1.0 255.255.255.252
Metric: 0
IP 172.16.6.0 255.255.255.0
Metric: 0
IP 10.0.0.6 255.255.255.255
IPv6 Address: 2001:DB8:678:C000::6
© Fred Bovy EIRL. IPv6 For Life. Page 157
ATT/P/OL
0/0/0
23.Quagga IS-IS Configuration. Sunday, March 30, 2014
Metric:
Metric:
Metric:
Metric:
Metric:
Metric:
Metric:
R3#
10
10
10
0
0
10
10
IPv6 2001:DB8:678:D004::/64
IPv6 2001:DB8:678:D005::/64
IPv6 2001:DB8:5A:F6::/64
IPv6 2001:DB8:678:D101::/64
IPv6 2001:DB8:678:C000::6/128
IS R5.00
IS R1.00
Two Quagga installed
isisd­quagga2# show isis neighbor
Area DEAD:
System Id
Interface
isisd
em1
R1
em1
R4
em1
isisd­quagga2#
L
2
2
2
State
Up
Up
Up
isisd­quagga2# show isis database
Area DEAD:
IS­IS Level­2 link­state database:
LSP ID
PduLen SeqNumber
R1.00­00
376
0x00000085
R3.00­00
262
0x0000007a
R4.00­00
257
0x00000078
R4.01­00
73
0x00000073
R5.00­00
293
0x0000007b
isisd.00­00
118
0x00000090
isisd­quagga2.00­00 *
140
0x00000084
7 LSPs
Holdtime
28
21
7
Chksum
0xe907
0xce04
0x272a
0xd461
0x3e52
0x9975
0x0475
SNPA
0800.2772.bd9b
0002.0000.1111
ca08.0eb7.0070
Holdtime
1034
1059
1084
821
1063
764
738
ATT/P/OL
0/0/0
0/0/0
0/0/0
0/0/0
0/0/0
0/0/0
0/0/0
isisd­quagga2#
From this output we know that R4 is the DIS for the LAN connecting the 2
Quaggas PC with Routers and below we can check the LSP generated from R4
pseudo-node R4.01.
Only the pseudo-node have the first number above zero.
isisd­quagga2# show isis database R4.01­00 detail
Area DEAD:
IS­IS Level­2 link­state database:
LSP ID
PduLen SeqNumber
Chksum Holdtime
R4.01­00
73
0x00000073 0xd461
706
Metric
: 0
IS­Extended
: R4.00
Metric
: 0
IS­Extended
: R1.00
Metric
: 0
IS­Extended
: isisd­quagga2.00
Metric
: 0
IS­Extended
: isisd.00
From R1
R1#show isis database isisd.00­00
IS­IS Level­2 LSP isisd.00­00
© Fred Bovy EIRL. IPv6 For Life. Page 158
detail
ATT/P/OL
0/0/0
23.Quagga IS-IS Configuration. Sunday, March 30, 2014
LSPID
LSP Seq Num LSP Checksum LSP Holdtime
isisd.00­00
0x00000091
0x9776
548
Area Address: 39.b000
NLPID:
0xCC 0x8E
Hostname: isisd
IP Address:
10.0.0.200
Router ID:
10.0.0.200
Metric: 10
IP 10.201.0.0/24
Metric: 10
IP 10.0.0.200/32
Metric: 10
IPv6 2001:DB8:678:FFFF::/64
Metric: 10
IPv6 2001:DB8:678:FFFF::/64
Metric: 10
IS­Extended R4.01
R1#show isis database isisd­quagga2.00­00
ATT/P/OL
0/0/0
detail
IS­IS Level­2 LSP isisd­quagga2.00­00
LSPID
LSP Seq Num LSP Checksum LSP Holdtime
isisd­quagga2.00­00
0x00000085
0x0276
480
Area Address: 39.b000
NLPID:
0xCC 0x8E
Hostname: isisd­quagga2
IP Address:
10.0.0.201
Router ID:
10.0.0.201
Metric: 10
IP 10.201.0.0/24
Metric: 10
IP 10.0.0.201/32
Metric: 10
IPv6 2001:DB8:678:FFFF::/64
Metric: 10
IPv6 2001:DB8:678:FFFF::/64
Metric: 10
IPv6 2001:DB8:678:FFFF::/64
Metric: 10
IS­Extended R4.01
ATT/P/OL
0/0/0
From R1 all IS-IS Neighbors
R1#show clns neighbors
System Id
R4
R5
R3
R6
R4
isisd­quagga2
isisd
Interface
Gi1/0
Gi2/0
Gi3/0
Gi4/0
Gi0/0.1
Gi0/0.1
Gi0/0.1
SNPA
ca08.0eb7.0008
ca0c.0ec6.001c
ca0a.0eb7.0054
ca0d.0ec6.001c
ca08.0eb7.0070
0800.2797.3120
0800.2772.bd9b
State
Up
Up
Up
Up
Up
Up
Up
Holdtime
27
26
26
24
9
28
28
Type
L2
L1L2
L2
L1
L2
L2
L2
Protocol
IS­IS
IS­IS
IS­IS
IS­IS
IS­IS
IS­IS
IS­IS
R1#sh isis database
IS­IS Level­1 Link State Database:
LSPID
LSP Seq Num
R1.00­00
* 0x00000098
R5.00­00
0x00000089
R6.00­00
0x0000007A
IS­IS Level­2 Link State Database:
LSPID
LSP Seq Num
R1.00­00
* 0x00000087
R3.00­00
0x0000007C
R4.00­00
0x0000007A
R4.01­00
0x00000076
R5.00­00
0x0000007D
isisd.00­00
0x00000092
isisd­quagga2.00­00
0x00000086
© Fred Bovy EIRL. IPv6 For Life. Page 159
LSP Checksum
0x3A7E
0xFD3A
0x955B
LSP Holdtime
868
1161
736
ATT/P/OL
1/0/0
1/0/0
0/0/0
LSP Checksum
0xE509
0xCA06
0x232C
0xCE64
0x3A54
0x9577
0xFF77
LSP Holdtime
782
700
743
1190
816
607
545
ATT/P/OL
0/0/0
0/0/0
0/0/0
0/0/0
0/0/0
0/0/0
0/0/0
23.Quagga IS-IS Configuration. Sunday, March 30, 2014
24. Quagga BGP Configuration
BGP Configuration file
Checking BGP also checks IS-IS as the BGP next-hop to the PC loopback is
propagated by Quagga.
! ­*­ bgp ­*­
!
! BGPd sample configuratin file
!
! $Id: bgpd.conf.sample,v 1.1 2002/12/13 20:15:29 paul Exp $
!
hostname bgpd
password cisco
!enable password please­set­at­here
!
!bgp mulitple­instance
!
router bgp 100
bgp router­id 10.201.0.1
neighbor 10.0.0.5 remote­as 100
neighbor 10.0.0.5 route­reflector­client
neighbor 10.0.0.1 remote­as 100
neighbor 10.0.0.1 route­reflector­client
neighbor 10.0.0.3 remote­as 100
neighbor 10.0.0.3 route­reflector­client
neighbor 10.0.0.4 remote­as 100
neighbor 10.0.0.4 route­reflector­client
neighbor 10.0.0.6 remote­as 100
neighbor 10.0.0.6 route­reflector­client
neighbor 10.0.0.7 remote­as 100
neighbor 10.0.0.7 route­reflector­client
address­family ipv6
neighbor 10.0.0.1 activate
neighbor 10.0.0.3 activate
neighbor 10.0.0.4 activate
neighbor 10.0.0.6 activate
neighbor 10.0.0.7 activate
address­family ipv4
neighbor 10.0.0.1 activate
neighbor 10.0.0.3 activate
neighbor 10.0.0.4 activate
neighbor 10.0.0.6 activate
neighbor 10.0.0.7 activate
!
!
! access­list all permit any
!
!route­map set­nexthop permit 10
© Fred Bovy EIRL. IPv6 For Life. Page 160
24.Quagga BGP Configuration. Sunday, March 30, 2014
! match ip address all
! set ip next­hop 10.0.0.1
!
!log file bgpd.log
!
log stdout
Telnet to the BGP daemon
$ telnet localhost 2605
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
Hello, this is Quagga (version 0.99.22.3).
Copyright 1996­2005 Kunihiro Ishiguro, et al.
User Access Verification
Password:
bgpd> enable
bgpd# show bgp summary
BGP router identifier 10.0.0.200, local AS number 100
RIB entries 21, using 1512 bytes of memory
Peers 6, using 15 KiB of memory
Neighbor
10.0.0.1
10.0.0.3
10.0.0.4
10.0.0.6
10.0.0.7
V
4
4
4
4
4
AS MsgRcvd MsgSent
100
1305
1318
100
1305
1318
100
1307
1318
100
1304
1318
100
1307
1316
TblVer
0
0
0
0
0
InQ OutQ Up/Down State/PfxRcd
0
0 21:51:59
0
0
0 21:51:52
0
0
0 00:40:43
0
0
0 21:51:57
0
0
0 00:40:45
11
Total number of neighbors 5
bgpd#
bgpd# show bgp neighbors 10.0.0.5
BGP neighbor is 10.0.0.5, remote AS 100, local AS 100, internal link
BGP version 4, remote router ID 10.0.0.5
BGP state = Established, up for 21:58:38
Last read 00:00:33, hold time is 180, keepalive interval is 60 seconds
Neighbor capabilities:
4 Byte AS: advertised and received
Route refresh: advertised and received(old & new)
Address family IPv4 Unicast: advertised and received
Address family IPv6 Unicast: received
Message statistics:
Inq depth is 0
Outq depth is 0
Sent
Rcvd
Opens:
1
0
Notifications:
0
0
Updates:
3
1
Keepalives:
1320
1310
Route Refresh:
0
0
© Fred Bovy EIRL. IPv6 For Life. Page 161
24.Quagga BGP Configuration. Sunday, March 30, 2014
Capability:
0
0
Total:
1324
1311
Minimum time between advertisement runs is 5 seconds
For address family: IPv4 Unicast
Route­Reflector Client
Community attribute sent to this neighbor(both)
10 accepted prefixes
Connections established 1; dropped 0
Last reset never
Local host: 10.0.0.200, Local port: 179
Foreign host: 10.0.0.5, Foreign port: 59344
Nexthop: 10.0.0.200
Nexthop global: ::1
Nexthop local: fe80::1
BGP connection: non shared network
Read thread: on Write thread: off
bgpd# show bgp 2001:db8:abc3::/48
BGP routing table entry for 2001:db8:abc3::/48
Paths: (1 available, best #1, table Default­IP­Routing­Table)
Not advertised to any peer
65000
2001:db8:678:b000::1 (metric 20) from 10.0.0.7 (10.0.0.7)
Origin incomplete, metric 0, localpref 150, valid, internal, best
Last update: Sun Mar 23 17:53:04 2014
25.
Verifying the Routing is OK
Take a quick look on the Routing table, pick up and IS-IS or BGP entry and get
down to check that all works OK. There is an example below with routing tables
and BGP Path:
zebra# show ipv6 route isis
Codes: K ­ kernel route, C ­ connected, S ­ static, R ­ RIPng,
O ­ OSPFv6, I ­ IS­IS, B ­ BGP, A ­ Babel,
> ­ selected route, * ­ FIB route
I>*
I>*
I>*
I>*
I>*
I>*
I>*
I>*
I>*
I>*
I>*
I>*
I>*
I>*
2001:db8:5a:f6::/64 [115/30] via fe80::c801:dff:febc:8, em1, 00:19:32
2001:db8:5a:f7::/64 [115/30] via fe80::c800:dff:febc:70, em1, 01:46:58
2001:db8:678:1::/64 [115/20] via fe80::c801:dff:febc:8, em1, 00:19:32
2001:db8:678:2::/64 [115/20] via fe80::c801:dff:febc:8, em1, 00:19:32
2001:db8:678:3::/64 [115/20] via fe80::c801:dff:febc:8, em1, 00:19:32
2001:db8:678:17::/64 [115/20] via fe80::c800:dff:febc:70, em1, 01:46:58
2001:db8:678:22::/64 [115/20] via fe80::c800:dff:febc:70, em1, 01:46:58
2001:db8:678:33::/64 [115/30] via fe80::c801:dff:febc:8, em1, 00:19:32
2001:db8:678:9000::1/128 [115/10] via fe80::c801:dff:febc:8, em1, 00:19:32
2001:db8:678:9003::3/128 [115/20] via fe80::c801:dff:febc:8, em1, 00:19:32
2001:db8:678:9004::4/128 [115/10] via fe80::c800:dff:febc:70, em1, 01:46:58
2001:db8:678:9005::5/128 [115/20] via fe80::c801:dff:febc:8, em1, 00:19:32
2001:db8:678:a000::/64 [115/20] via fe80::c800:dff:febc:70, em1, 01:46:58
2001:db8:678:a001::/64 [115/30] via fe80::c800:dff:febc:70, em1, 01:46:58
© Fred Bovy EIRL. IPv6 For Life. Page 162
25.Verifying the Routing is OK. Sunday, March 30, 2014
I>* 2001:db8:678:b000::1/128 [115/20] via fe80::c800:dff:febc:70, em1, 01:46:58
I>* 2001:db8:678:c000::6/128 [115/20] via fe80::c801:dff:febc:8, em1, 00:19:32
I>* 2001:db8:678:d004::/64 [115/20] via fe80::c801:dff:febc:8, em1, 00:19:32
I>* 2001:db8:678:d005::/64 [115/30] via fe80::c801:dff:febc:8, em1, 00:19:32
I>* 2001:db8:678:d101::/64 [115/20] via fe80::c801:dff:febc:8, em1, 00:19:32
zebra#
zebra# show ipv6 route bgp
Codes: K ­ kernel route, C ­ connected, S ­ static, R ­ RIPng,
O ­ OSPFv6, I ­ IS­IS, B ­ BGP, A ­ Babel,
> ­ selected route, * ­ FIB route
B>* 2001:db8:abc0::/48 [200/0] via 2001:db8:678:b000::1
fe80::c800:dff:febc:70), em1, 00:54:31
B>* 2001:db8:abc1::/48 [200/0] via 2001:db8:678:b000::1
fe80::c800:dff:febc:70), em1, 00:54:31
B>* 2001:db8:abc2::/48 [200/0] via 2001:db8:678:b000::1
fe80::c800:dff:febc:70), em1, 00:54:31
B>* 2001:db8:abc3::/48 [200/0] via 2001:db8:678:b000::1
fe80::c800:dff:febc:70), em1, 00:54:31
B>* 2001:db8:abc4::/48 [200/0] via 2001:db8:678:b000::1
fe80::c800:dff:febc:70), em1, 00:54:31
B>* 2001:db8:abc5::/48 [200/0] via 2001:db8:678:b000::1
fe80::c800:dff:febc:70), em1, 00:54:31
B>* 2001:db8:abc6::/48 [200/0] via 2001:db8:678:b000::1
fe80::c800:dff:febc:70), em1, 00:54:31
B>* 2001:db8:abc7::/48 [200/0] via 2001:db8:678:b000::1
fe80::c800:dff:febc:70), em1, 00:54:31
B>* 2001:db8:abc8::/48 [200/0] via 2001:db8:678:b000::1
fe80::c800:dff:febc:70), em1, 00:54:31
B>* 2001:db8:abc9::/48 [200/0] via 2001:db8:678:b000::1
fe80::c800:dff:febc:70), em1, 00:54:31
B>* 2001:db8:abca::/48 [200/0] via 2001:db8:678:b000::1
fe80::c800:dff:febc:70), em1, 00:54:31
zebra#
(recursive via
(recursive via
(recursive via
(recursive via
(recursive via
(recursive via
(recursive via
(recursive via
(recursive via
(recursive via
(recursive via
rom any Core router that IS-IS and BGP routing is OK:
On Quagga we check the Routing table from Zebra daemon. But we can check
that everything is OK from a Core Router as BGP sessions need IS-IS routes to
establish. So let's verify BGP:
R3#show bgp ipv6 unicast
BGP table version is 177, local router ID is 10.0.0.3
Status codes: s suppressed, d damped, h history, * valid, > best, i ­ internal,
r RIB­failure, S Stale
Origin codes: i ­ IGP, e ­ EGP, ? ­ incomplete
Network
Next Hop
Metric LocPrf Weight Path
* i2001:DB8:ABC0::/48
2001:DB8:678:B000::1
0
150
0 65000 ?
*>i
2001:DB8:678:B000::1
0
150
0 65000 ?
* i2001:DB8:ABC1::/48
2001:DB8:678:B000::1
0
150
0 65000 ?
*>i
2001:DB8:678:B000::1
0
150
0 65000 ?
* i2001:DB8:ABC2::/48
2001:DB8:678:B000::1
© Fred Bovy EIRL. IPv6 For Life. Page 163
25.Verifying the Routing is OK. Sunday, March 30, 2014
*>i
2001:DB8:678:B000::1
0
150
0 65000 ?
0
150
0 65000 ?
* i2001:DB8:ABC3::/48
2001:DB8:678:B000::1
[BREAK]
R3#show bgp ipv6 unicast 2001:DB8:ABC0::/48
BGP routing table entry for 2001:DB8:ABC0::/48, version 177
Paths: (2 available, best #2, table Default)
Not advertised to any peer
65000
2001:DB8:678:B000::1 (metric 10) from 10.0.0.200 (10.0.0.200)
Origin incomplete, metric 0, localpref 150, valid, internal
Originator: 10.0.0.7, Cluster list: 10.0.0.200
65000
2001:DB8:678:B000::1 (metric 10) from 10.0.0.5 (10.0.0.5)
Origin incomplete, metric 0, localpref 150, valid, internal, best
Originator: 10.0.0.7, Cluster list: 10.0.0.5
The Quagga
So now a Router learns the BGP path from 2 Route Reflectors and we
have some resiliency in our Network. No problem if we need to
shutdown a RR for maintenance.
We can check that IS-IS is properly running on Quagga and the stability of the
Quagga router, check IS-IS flaps for instance.
$ telnet localhost 2608
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
Hello, this is Quagga (version 0.99.22.3).
Copyright 1996­2005 Kunihiro Ishiguro, et al.
User Access Verification
Password:
Password:
isisd# show isis neighbor
Area DEAD:
System Id
Interface
R4
em1
R1
em1
L
2
2
State
Up
Up
Holdtime SNPA
26
ca00.0dbc.0070
10
ca01.0dbc.0008
isisd# show isis neighbor detail
Area DEAD:
R4
Interface: em1, Level: 2, State: Up, Expires in 21s
Adjacency flaps: 1, Last: 1h33m3s ago
Circuit type: L1L2, Speaks: IPv4, IPv6
SNPA: ca00.0dbc.0070, LAN id: R1.01
LAN Priority: 64, is not DIS, DIS flaps: 3, Last: 5m37s ago
Area Address(es):
39.b000
39.d000
IPv4 Address(es):
© Fred Bovy EIRL. IPv6 For Life. Page 164
25.Verifying the Routing is OK. Sunday, March 30, 2014
10.201.0.4
IPv6 Address(es):
fe80::c800:dff:febc:70
R1
Interface: em1, Level: 2, State: Up, Expires in 8s
Adjacency flaps: 1, Last: 5m39s ago
Circuit type: L1L2, Speaks: IPv4, IPv6
SNPA: ca01.0dbc.0008, LAN id: R1.01
LAN Priority: 64, is DIS, DIS flaps: 1, Last: 5m37s ago
Area Address(es):
39.b000
39.c000
IPv4 Address(es):
10.201.0.1
IPv6 Address(es):
fe80::c801:dff:febc:8
LOOKS GOOD !
If you have got 2 Quagga PCs running IS­IS and BGP, you can check the second
Quagga
© Fred Bovy EIRL. IPv6 For Life. Page 165
26.pfSense. Sunday, March 30, 2014
26.
pfSense
I installed a pfSense box in a VM which makes a Gateway beetween the Internet and my Virtual Lab.
Very interesting but no real support for IPv6 by now! Just hope that next versioin will have it!
A great IPv4 Firewall but limited support for IPv6!
Questions ?
fred@fredbovy.com
Mobile +33614461069
Mobile +33781209749
Office +33972409194
© Fred Bovy EIRL. IPv6 For Life. Page 166
27.Final Configurations. Sunday, March 30, 2014
27.
Final Configurations
Drawing 1: Last Setup
27.1 The Core Level-1-2 Routers
R1
hostname R1
!
ip cef
ipv6 unicast­routing
ipv6 cef
!interface Loopback0
ip address 10.0.0.1 255.255.255.255
ipv6 address 2001:DB8:678:9000::1/128
!
interface GigabitEthernet0/0
no ip address
duplex full
speed 1000
media­type gbic
negotiation auto
© Fred Bovy EIRL. IPv6 For Life. Page 167
27.Final Configurations. Sunday, March 30, 2014
isis network point­to­point
!
interface GigabitEthernet0/0.1
encapsulation dot1Q 1 native
ip address 10.201.0.1 255.255.255.0
ip router isis fred
ipv6 address 2001:DB8:678:FFFF::1/64
ipv6 router isis fred
glbp 1 ip 10.201.0.222
glbp 2 ipv6 autoconfig
!
interface GigabitEthernet1/0
ip address 10.0.1.1 255.255.255.252
ip router isis fred
negotiation auto
ipv6 address 2001:DB8:678:1::1/64
ipv6 router isis fred
isis circuit­type level­2­only
isis network point­to­point
!
interface GigabitEthernet2/0
ip address 10.0.1.9 255.255.255.252
ip router isis fred
negotiation auto
ipv6 address 2001:DB8:678:3::1/64
ipv6 router isis fred
isis network point­to­point
!
interface GigabitEthernet3/0
ip address 10.0.1.5 255.255.255.252
ip router isis fred
negotiation auto
ipv6 address 2001:DB8:678:2::1/64
ipv6 router isis fred
isis circuit­type level­2­only
isis network point­to­point
!
interface GigabitEthernet4/0
ip address 10.2.0.1 255.255.255.252
ip router isis fred
negotiation auto
ipv6 address 2001:DB8:678:D004::7/64
ipv6 router isis fred
isis network point­to­point
!
!
router isis fred
net 39.b000.0000.0000.0001.00
net 39.c000.0000.0000.0001.00
metric­style wide
© Fred Bovy EIRL. IPv6 For Life. Page 168
27.Final Configurations. Sunday, March 30, 2014
redistribute isis ip level­2 into level­1 route­map leak
passive­interface Loopback0
!
router bgp 100
bgp log­neighbor­changes
neighbor 10.0.0.5 remote­as 100
neighbor 10.0.0.5 password 1 secret
neighbor 10.0.0.5 update­source Loopback0
neighbor 10.0.0.200 remote­as 100
neighbor 10.0.0.200 update­source Loopback0
neighbor 10.0.0.201 remote­as 100
neighbor 10.0.0.201 update­source Loopback0
!
address­family ipv4
neighbor 10.0.0.5 activate
neighbor 10.0.0.200 activate
neighbor 10.0.0.201 activate
no auto­summary
no synchronization
exit­address­family
!
address­family ipv6
neighbor 10.0.0.5 activate
neighbor 10.0.0.200 activate
neighbor 10.0.0.201 activate
exit­address­family
!
access­list 1 permit 10.0.0.0 0.0.0.255
route­map leak permit 10
match ip address 1
R3
hostname R3
!
ip cef
ipv6 unicast­routing
ipv6 cef
!
interface Loopback0
ip address 10.0.0.3 255.255.255.255
ipv6 address 2001:DB8:678:9003::3/128
!
interface GigabitEthernet0/0
ip address 10.1.0.6 255.255.255.252
ip router isis fred
duplex full
speed 1000
media­type gbic
negotiation auto
ipv6 address 2001:DB8:678:3::3/64
ipv6 router isis fred
© Fred Bovy EIRL. IPv6 For Life. Page 169
27.Final Configurations. Sunday, March 30, 2014
isis network point­to­point
!
interface GigabitEthernet1/0
ip address 10.0.1.18 255.255.255.252
ip router isis fred
negotiation auto
ipv6 address 2001:DB8:678:17::3/64
ipv6 enable
ipv6 router isis fred
isis network point­to­point
!
interface GigabitEthernet2/0
ip address 10.0.1.21 255.255.255.252
ip router isis fred
negotiation auto
ipv6 address 2001:DB8:678:33::3/64
ipv6 enable
ipv6 router isis fred
isis circuit­type level­2­only
isis network point­to­point
!
interface GigabitEthernet3/0
ip address 10.0.1.6 255.255.255.252
ip router isis fred
negotiation auto
ipv6 address 2001:DB8:678:2::3/64
ipv6 enable
ipv6 router isis fred
isis circuit­type level­2­only
isis network point­to­point
!
router isis fred
net 39.b000.0000.0000.0003.00
net 39.d000.0000.0000.0003.00
metric­style wide
redistribute isis ip level­2 into level­1 route­map leak
passive­interface Loopback0
!
router bgp 100
bgp log­neighbor­changes
neighbor 10.0.0.5 remote­as 100
neighbor 10.0.0.5 password 1 secret
neighbor 10.0.0.5 update­source Loopback0
neighbor 10.0.0.200 remote­as 100
neighbor 10.0.0.200 update­source Loopback0
neighbor 10.0.0.201 remote­as 100
neighbor 10.0.0.201 update­source Loopback0
!
address­family ipv4
neighbor 10.0.0.5 activate
neighbor 10.0.0.200 activate
neighbor 10.0.0.201 activate
no auto­summary
no synchronization
exit­address­family
!
address­family ipv6
neighbor 10.0.0.5 activate
neighbor 10.0.0.200 activate
© Fred Bovy EIRL. IPv6 For Life. Page 170
27.Final Configurations. Sunday, March 30, 2014
neighbor 10.0.0.201 activate
exit­address­family
!
!
!
access­list 1 permit 10.0.0.0 0.0.0.255
!
route­map leak permit 10
match ip address 1
R4
hostname R4
!
ip cef
ipv6 unicast­routing
ipv6 cef
interface Loopback0
ip address 10.0.0.4 255.255.255.255
ipv6 address 2001:DB8:678:9004::4/128
!
interface GigabitEthernet0/0
ip address 10.0.1.2 255.255.255.252
ip router isis fred
duplex full
speed 1000
media­type gbic
negotiation auto
ipv6 address 2001:DB8:678:1::4/64
ipv6 router isis fred
isis circuit­type level­2­only
isis network point­to­point
!
interface GigabitEthernet1/0
ip address 10.0.1.17 255.255.255.252
ip router isis fred
negotiation auto
ipv6 address 2001:DB8:678:17::4/64
ipv6 router isis fred
isis network point­to­point
!
interface GigabitEthernet2/0
ip address 10.0.1.13 255.255.255.252
ip router isis fred
negotiation auto
ipv6 address 2001:DB8:678:22::3/64
ipv6 router isis fred
isis circuit­type level­2­only
isis network point­to­point
!
interface GigabitEthernet3/0
ip address 10.1.0.1 255.255.255.252
ip router isis fred
negotiation auto
ipv6 address 2001:DB8:678:A000::1/64
ipv6 router isis fred
isis network point­to­point
!
interface GigabitEthernet4/0
© Fred Bovy EIRL. IPv6 For Life. Page 171
27.Final Configurations. Sunday, March 30, 2014
no ip address
negotiation auto
!
interface GigabitEthernet4/0.1
encapsulation dot1Q 1 native
ip address 10.201.0.4 255.255.255.0
ip router isis fred
ipv6 address 2001:DB8:678:FFFF::4/64
ipv6 router isis fred
glbp 1 ip 10.201.0.222
glbp 2 ipv6 autoconfig
!
router isis fred
net 39.b000.0000.0000.0003.00
net 39.d000.0000.0000.0003.00
metric­style wide
redistribute isis ip level­2 into level­1 route­map leak
passive­interface Loopback0
!
router bgp 100
bgp log­neighbor­changes
neighbor 10.0.0.5 remote­as 100
neighbor 10.0.0.5 password 1 secret
neighbor 10.0.0.5 update­source Loopback0
neighbor 10.0.0.200 remote­as 100
neighbor 10.0.0.200 update­source Loopback0
neighbor 10.0.0.201 remote­as 100
neighbor 10.0.0.201 update­source Loopback0
!
address­family ipv4
neighbor 10.0.0.5 activate
neighbor 10.0.0.200 activate
neighbor 10.0.0.201 activate
no auto­summary
no synchronization
exit­address­family
!
address­family ipv6
neighbor 10.0.0.5 activate
neighbor 10.0.0.200 activate
neighbor 10.0.0.201 activate
exit­address­family
!
access­list 1 permit 10.0.0.0 0.0.0.255
!
route­map leak permit 10
match ip address 1
!
R5
hostname R5
!
boot­start­marker
boot­end­marker
!
logging message­counter syslog
!
no aaa new­model
© Fred Bovy EIRL. IPv6 For Life. Page 172
27.Final Configurations. Sunday, March 30, 2014
ip source­route
ip cef
ipv6 unicast­routing
ipv6 cef
!
!
interface Loopback0
ip address 10.0.0.5 255.255.255.255
ipv6 address 2001:DB8:678:9005::5/128
!
!
interface GigabitEthernet0/0
ip address 10.0.1.22 255.255.255.252
duplex full
speed 1000
media­type gbic
negotiation auto
ipv6 address 2001:DB8:678:33::5/64
ipv6 ospf 1 area 0
!
interface GigabitEthernet1/0
ip address 10.0.1.10 255.255.255.252
ip router isis fred
negotiation auto
ipv6 address 2001:DB8:678:3::5/64
ipv6 router isis fred
ipv6 ospf 1 area 0
isis network point­to­point
!
interface GigabitEthernet2/0
ip address 10.0.1.14 255.255.255.252
ip router isis fred
shutdown
negotiation auto
ipv6 address 2001:DB8:678:22::5/64
ipv6 router isis fred
ipv6 ospf 1 area 0
isis circuit­type level­2­only
isis network point­to­point
!
interface GigabitEthernet3/0
ip address 10.0.1.22 255.255.255.252
ip router isis fred
shutdown
negotiation auto
ipv6 address 2001:DB8:678:33::5/64
ipv6 router isis fred
isis circuit­type level­2­only
isis network point­to­point
!
interface GigabitEthernet4/0
ip address 10.2.0.5 255.255.255.252
ip router isis fred
negotiation auto
ipv6 address 2001:DB8:678:D005::5/64
ipv6 router isis fred
ipv6 ospf 1 area 2
isis network point­to­point
!
© Fred Bovy EIRL. IPv6 For Life. Page 173
27.Final Configurations. Sunday, March 30, 2014
router isis fred
net 39.b000.0000.0000.0005.00
net 39.c000.0000.0000.0005.00
metric­style wide
redistribute isis ip level­2 into level­1 route­map leak
passive­interface Loopback0
!
router bgp 100
bgp log­neighbor­changes
neighbor fred peer­group
neighbor fred remote­as 100
neighbor fred description all clients
neighbor fred password 1 secret
neighbor fred update­source Loopback0
neighbor 10.0.0.1 peer­group fred
neighbor 10.0.0.3 peer­group fred
neighbor 10.0.0.4 peer­group fred
neighbor 10.0.0.6 peer­group fred
neighbor 10.0.0.7 peer­group fred
neighbor 10.0.0.200 remote­as 100
neighbor 10.0.0.200 update­source Loopback0
neighbor 10.0.0.201 remote­as 100
neighbor 10.0.0.201 update­source Loopback0
!
address­family ipv4
neighbor fred route­reflector­client
neighbor fred maximum­prefix 5000 warning­only
neighbor 10.0.0.1 activate
neighbor 10.0.0.3 activate
neighbor 10.0.0.4 activate
neighbor 10.0.0.6 activate
neighbor 10.0.0.7 activate
neighbor 10.0.0.200 activate
neighbor 10.0.0.201 activate
no auto­summary
no synchronization
exit­address­family
!
address­family ipv6
neighbor fred route­reflector­client
neighbor fred maximum­prefix 5000 warning­only
neighbor 10.0.0.1 activate
neighbor 10.0.0.3 activate
neighbor 10.0.0.4 activate
neighbor 10.0.0.6 activate
neighbor 10.0.0.7 activate
neighbor 10.0.0.200 activate
neighbor 10.0.0.201 activate
no synchronization
maximum­paths 2
exit­address­family
!
access­list 1 permit 10.0.0.0 0.0.0.255
ipv6 router ospf 1
log­adjacency­changes
!
route­map leak permit 10
match ip address 1
!
© Fred Bovy EIRL. IPv6 For Life. Page 174
27.Final Configurations. Sunday, March 30, 2014
26.2 The Customer Edge Level-1 Routers
R6
!
hostname R6
ip cef
!
ipv6 unicast­routing
ipv6 cef
!
interface Loopback0
ip address 10.0.0.6 255.255.255.255
ipv6 address 2001:DB8:678:C000::6/128
!
interface GigabitEthernet1/0
ip address 10.2.0.2 255.255.255.252
ip router isis fred
negotiation auto
ipv6 address 2001:DB8:678:D004::6/64
ipv6 router isis fred
isis network point­to­point
!
interface GigabitEthernet2/0
ip address 10.2.0.6 255.255.255.252
ip router isis fred
negotiation auto
ipv6 address 2001:DB8:678:D005::6/64
ipv6 router isis fred
isis network point­to­point
!
interface GigabitEthernet3/0
ip address 172.16.1.1 255.255.255.252
ip router isis fred
negotiation auto
ipv6 address 2001:DB8:5A:F6::6/64
ipv6 router isis fred
isis network point­to­point
isis csnp­interval 10
!
interface GigabitEthernet4/0.1
encapsulation dot1Q 1 native
ip address 172.16.6.1 255.255.255.0
ipv6 address 2001:DB8:678:D101::6/64
!
router isis fred
net 39.c000.0000.0000.0006.00
© Fred Bovy EIRL. IPv6 For Life. Page 175
27.Final Configurations. Sunday, March 30, 2014
is­type level­1
metric­style wide
passive­interface GigabitEthernet4/0.1
passive­interface Loopback0
!
router bgp 100
bgp log­neighbor­changes
neighbor 10.0.0.5 remote­as 100
neighbor 10.0.0.5 password 1 secret
neighbor 10.0.0.5 update­source Loopback0
neighbor 10.0.0.200 remote­as 100
neighbor 10.0.0.200 update­source Loopback0
neighbor 10.0.0.201 remote­as 100
neighbor 10.0.0.201 update­source Loopback0
neighbor 2001:DB8:5A:F6::8 remote­as 64000
neighbor 172.16.1.2 remote­as 64000
!
address­family ipv4
neighbor 10.0.0.5 activate
neighbor 10.0.0.5 next­hop­self
neighbor 10.0.0.200 activate
neighbor 10.0.0.200 next­hop­self
neighbor 10.0.0.201 activate
no neighbor 2001:DB8:5A:F6::8 activate
neighbor 172.16.1.2 activate
no auto­summary
no synchronization
exit­address­family
!
address­family ipv6
neighbor 10.0.0.5 activate
neighbor 10.0.0.5 route­map fred out
neighbor 10.0.0.200 activate
neighbor 10.0.0.200 route­map fred out
neighbor 10.0.0.201 activate
neighbor 2001:DB8:5A:F6::8 activate
no synchronization
maximum­paths 2
exit­address­family
!
route­map fred permit 10
set ipv6 next­hop 2001:DB8:678:C000::6
!
R7
hostname R7
!
ip cef
!
© Fred Bovy EIRL. IPv6 For Life. Page 176
27.Final Configurations. Sunday, March 30, 2014
ipv6 unicast­routing
ipv6 cef
!
interface Loopback0
ip address 10.0.0.7 255.255.255.255
ipv6 address 2001:DB8:678:B000::1/128
!
interface GigabitEthernet0/0
ip address 10.1.0.2 255.255.255.252
ip router isis fred
duplex full
speed 1000
media­type gbic
negotiation auto
ipv6 address 2001:DB8:678:A000::7/64
ipv6 router isis fred
isis network point­to­point
!
interface GigabitEthernet1/0
ip address 10.1.0.5 255.255.255.252
ip router isis fred
negotiation auto
ipv6 address 2001:DB8:678:A001::7/64
ipv6 router isis fred
isis network point­to­point
!
interface GigabitEthernet3/0
ip address 172.16.1.5 255.255.255.252
ip router isis fred
negotiation auto
ipv6 address FE80::7 link­local
ipv6 address 2001:DB8:5A:F7::6/64
ipv6 router isis fred
isis network point­to­point
isis csnp­interval 10
!
router isis fred
net 39.d000.0000.0000.0007.00
is­type level­1
metric­style wide
passive­interface Loopback0
!
router bgp 100
bgp log­neighbor­changes
neighbor 10.0.0.5 remote­as 100
neighbor 10.0.0.5 password 1 secret
neighbor 10.0.0.5 update­source Loopback0
neighbor 10.0.0.200 remote­as 100
neighbor 10.0.0.200 update­source Loopback0
neighbor 10.0.0.201 remote­as 100
© Fred Bovy EIRL. IPv6 For Life. Page 177
27.Final Configurations. Sunday, March 30, 2014
neighbor 10.0.0.201 update­source Loopback0
neighbor 172.16.1.6 remote­as 65000
neighbor FE80::9%GigabitEthernet3/0 remote­as 65000
!
address­family ipv4
neighbor 10.0.0.5 activate
neighbor 10.0.0.5 next­hop­self
neighbor 10.0.0.200 activate
neighbor 10.0.0.200 next­hop­self
neighbor 10.0.0.201 activate
neighbor 172.16.1.6 activate
neighbor 172.16.1.6 route­map setloc in
no neighbor FE80::9%GigabitEthernet3/0 activate
no auto­summary
no synchronization
exit­address­family
!
address­family ipv6
neighbor 10.0.0.5 activate
neighbor 10.0.0.5 route­map fred out
neighbor 10.0.0.200 activate
neighbor 10.0.0.200 route­map setloc in
neighbor 10.0.0.200 route­map fred out
neighbor 10.0.0.201 activate
neighbor 10.0.0.201 route­map setloc in
neighbor 10.0.0.201 route­map fred out
neighbor FE80::9%GigabitEthernet3/0 activate
neighbor FE80::9%GigabitEthernet3/0 route­map setloc in
exit­address­family
!
route­map setloc permit 10
set local­preference 150
!
route­map fred permit 10
set ipv6 next­hop 2001:DB8:678:B000::1
!
No change on ISP R8 and R9 see previous configurations
26.3 Quagga Configurations
Quagga1 configuration files from /usr/local/etc/quagga/
Zebra config
From /usr/local/etc/quagga/zebra.conf
interface em1
ipv6 address 2001:db8:678:ffff::200/64
© Fred Bovy EIRL. IPv6 For Life. Page 178
27.Final Configurations. Sunday, March 30, 2014
ip address 10.201.0.101/24
ipv6 nd suppress­ra
!
interface lo0
ip address 10.0.0.200/32
ISIS config
From /usr/local/etc/quagga/isisd.conf
!
hostname isisd
password cisco
enable password cisco
log stdout
!
interface em0
!
interface em1
ip router isis DEAD
ipv6 router isis DEAD
isis circuit­type level­2­only
!
interface lo0
ip router isis DEAD
isis passive
ipv6 router isis DEAD
isis circuit­type level­2­only
!
interface usbus0
!
!
router isis DEAD
net 39.b000.0000.0000.0201.00
metric­style wide
is­type level­2­only
BGP Config
From /usr/local/etc/quagga/bgpd.conf
!
hostname bgpd
password cisco
log stdout
!
router bgp 100
bgp router­id 10.0.0.201
neighbor 10.0.0.1 remote­as 100
neighbor 10.0.0.1 route­reflector­client
© Fred Bovy EIRL. IPv6 For Life. Page 179
27.Final Configurations. Sunday, March 30, 2014
neighbor 10.0.0.3 remote­as 100
neighbor 10.0.0.3 route­reflector­client
neighbor 10.0.0.4 remote­as 100
neighbor 10.0.0.4 route­reflector­client
neighbor 10.0.0.5 remote­as 100
neighbor 10.0.0.5 route­reflector­client
neighbor 10.0.0.6 remote­as 100
neighbor 10.0.0.6 route­reflector­client
neighbor 10.0.0.7 remote­as 100
neighbor 10.0.0.7 route­reflector­client
!
address­family ipv6
neighbor 10.0.0.1 activate
neighbor 10.0.0.1 route­reflector­client
neighbor 10.0.0.3 activate
neighbor 10.0.0.3 route­reflector­client
neighbor 10.0.0.4 activate
neighbor 10.0.0.4 route­reflector­client
neighbor 10.0.0.5 activate
neighbor 10.0.0.5 route­reflector­client
neighbor 10.0.0.6 activate
neighbor 10.0.0.6 route­reflector­client
neighbor 10.0.0.7 activate
neighbor 10.0.0.7 route­reflector­client
exit­address­family
Quagga2 configuration files from /usr/local/etc/quagga/
Zebra Configuration
from /usr/local/etc/quagga/zebra.conf
$ telnet localhost 2601
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
Hello, this is Quagga (version 0.99.22.3).
Copyright 1996­2005 Kunihiro Ishiguro, et al.
User Access Verification
Password:
quagga2> en
Password:
quagga2# sh run
Current configuration:
© Fred Bovy EIRL. IPv6 For Life. Page 180
27.Final Configurations. Sunday, March 30, 2014
!
hostname quagga2
password cisco
enable password cisco
!
interface em0
ipv6 nd suppress­ra
!
interface em1
ip address 10.201.0.102/24
ipv6 address 2001:db8:678:ffff::202/64
ipv6 nd suppress­ra
!
interface lo0
ip address 10.0.0.201/32
!
interface usbus0
ipv6 nd suppress­ra
!
ip forwarding
!
!
line vty
!
end
quagga2# wr
Configuration saved to /usr/local/etc/quagga/zebra.conf
quagga2#
ISIS Config
from /usr/local/etc/quagga/isisd.conf
interface em1
ip router isis DEAD
ipv6 router isis DEAD
isis circuit­type level­2­only
!
interface lo0
ip router isis DEAD
isis passive
ipv6 router isis DEAD
isis circuit­type level­2­only
!
interface usbus0
!
!
router isis DEAD
net 39.b000.0000.0000.0202.00
metric­style wide
is­type level­2­only
© Fred Bovy EIRL. IPv6 For Life. Page 181
27.Final Configurations. Sunday, March 30, 2014
!
BGP Config
from /usr/local/etc/quagga/bgpd.conf
router bgp 100
bgp router­id 10.0.0.202
neighbor fred peer­group
neighbor fred remote­as 100
neighbor fred6 peer­group
neighbor 10.0.0.1 peer­group fred
neighbor 10.0.0.3 peer­group fred
neighbor 10.0.0.4 peer­group fred
neighbor 10.0.0.5 peer­group fred
neighbor 10.0.0.6 peer­group fred
neighbor 10.0.0.7 peer­group fred
neighbor 10.0.0.200 peer­group fred
!
address­family ipv6
neighbor fred activate
neighbor 10.0.0.1 activate
neighbor 10.0.0.3 activate
neighbor 10.0.0.5 activate
neighbor 10.0.0.6 activate
neighbor 10.0.0.7 activate
neighbor 10.0.0.200 activate
exit­address­family
!
© Fred Bovy EIRL. IPv6 For Life. Page 182