Lab Ccnp, Configuring BGP with Default Routing

The International Travel Agency (ITA) relies extensively on the Internet for sales. For this reason, the ITA has decided to create a multihomed ISP connectivity solution and contracted with two ISPs for Internet connectivity with fault tolerance. Because the ITA is connecting to two different service providers, you must configure BGP, which runs between the ITA boundary router and the two ISP routers.

1. Configure Hostname and IP Address

2.Configure BGP (ISP1, ISP2, ITA)




3. Verify Routing BGP
  show ip bgp
    
  show ip bgp neighbor
 
4. Check Routing





FILTER advertise network out from ITA. (ISP1 cannot get advertise network from ISP2)
create access-list 1
 clear ip bgp * (recreate bgp process)

Note: The clear ip bgp * command is disruptive because it completely resets all BGP adjacencies. This 
is acceptable in a lab environment but could be problematic in a production network. Instead, if only a 
change of inbound/outbound routing policies is to be performed, it is sufficient to issue the clear ip bgp * 
in or clear ip bgp * out commands. These commands perform only a new BGP database 
synchronization without the disruptive effects of a complete BGP adjacency reset. All current Cisco IOS 
versions support the route refresh capability that replaces the inbound soft reconfiguration feature that 
previously had to be configured on a per-neighbor basis

Check Agin Routing in ISP1 and ISP2 and look the different.


CREATE DEFAULT ROUTE USING STATIC ROUTE  in ITA

test ping 192.168.100.1 
before test this you must create loopback 100
ISP1# config t
ISP1(config)# interface loopback 100
ISP1(config-if)# ip address 192.168.100.1 255.255.255.0

CREATE DEFAULT ROUTE WITH DEFAULT_ROUTE COMMAND in ITA

Remove the floating static routes configured.
ITA(config)# no ip route 0.0.0.0 0.0.0.0 10.0.0.1 210
ITA(config)# no ip route 0.0.0.0 0.0.0.0 172.16.0.1 220

192.168.100.0/24, should now be advertised on the ISP1 router. 
You might need to wait a few moments for BGP to advertise the new network.
ISP1(config)# router bgp 200
ISP1(config-router)# network 192.168.100.0
ISP1(config-router)# 






Aditia Nugroho

0 komentar:

CCNP TSHOOT Review





Strategy from khatak (forum) translated to the diagram solving :)
You must remember IPwebserver :209.65.200.241 



BGP R6
en
conf t
hostname R6
enable secret cisco
no ip domain lookup
!
interface Loopback1
ip address 209.65.200.241 255.255.255.248
no shut
!
interface Serial1/0
ip address 209.65.200.226 255.255.255.252
no shut
exit
!
router bgp 65002
no synchronization
bgp log-neighbor-changes
network 209.65.200.240 mask 255.255.255.248
neighbor 209.65.200.225 remote-as 65001
no auto-summary
exit
!
line con 0
no exec-timeout
exit
line vty 0 4
password cisco
login
End
wr
!
R1-NAT
en
conf t
hostname R1
enable secret cisco
no ip domain lookup
ipv6 unicast-routing
!
interface Serial1/0
ip address 209.65.200.225 255.255.255.252
ip nat outside
ipv6 enable
no shut
exit
!
interface Serial1/1
description link to R2
ip address 10.1.1.1 255.255.255.252
ip nat inside
ip virtual-reassembly
encapsulation frame-relay
ip ospf network point-to-point
ipv6 address 2026::12:1/122
ipv6 ospf network point-to-point
ipv6 ospf 6 area 12
serial restart-delay 0
frame-relay map ipv6 2026::12:1 403 broadcast
frame-relay map ipv6 2026::12:2 403 broadcast
frame-relay map ipv6 fe80::c801:14ff:febc:0 403 broadcast
frame-relay map ipv6 FE80::C800:14FF:FEBC:0 403
frame-relay map ip 10.1.1.2 403
frame-relay map ip 10.1.1.1 403 broadcast
no frame-relay inverse-arp
no shut
exit
!
router ospf 1
router-id 1.1.1.1
log-adjacency-changes
network 10.1.1.1 0.0.0.0 area 12
default-information originate
exit
!
router bgp 65001
no synchronization
bgp log-neighbor-changes
neighbor 209.65.200.226 remote-as 65002
no auto-summary
exit
!
ip route 0.0.0.0 0.0.0.0 Serial1/0 209.65.200.226
!
ip nat inside source list 99 interface Serial1/0 overload
!
access-list 99 permit 10.0.0.0 0.255.255.255
!
ipv6 route ::/0 null 0
!
ipv6 router ospf 6
router-id 1.1.1.1
default-information originate
exit
!
line con 0
no exec-timeout
!
line vty 0 4
no exec-timeout
password cisco
login
!
exit
exit
wr
!
R2
en
conf t
hostname R2
enable secret cisco
no ip domain lookup
ipv6 unicast-routing
!
interface serial1/0
no shut
encapsulation frame-relay
exit
interface Serial1/0.12 point-to-point
description link to R1
ip address 10.1.1.2 255.255.255.252
ipv6 address 2026::12:2/122
ipv6 ospf 6 area 12
frame-relay interface-dlci 304
exit
!
interface Serial1/0.23 point-to-point
description link to R3
ip address 10.1.1.5 255.255.255.252
ipv6 address 2026::1:1/122
ipv6 ospf 6 area 0
frame-relay interface-dlci 302
exit
!
router ospf 1
router-id 2.2.2.2
log-adjacency-changes
network 10.1.1.2 0.0.0.0 area 12
network 10.1.1.5 0.0.0.0 area 0
exit
ipv6 router ospf 6
router-id 2.2.2.2
exit
!
line con 0
no exec-timeout
line vty 0 4
no exec-timeout
password cisco
login
!
End
wr
!
R3
en
conf t
hostname R3
enable secret cisco
no ip domain lookup
ipv6 unicast-routing
!
interface serial1/0
no shut
encapsulation frame-relay
exit
!
interface Serial1/0.23 point-to-point
description link to R2
ip address 10.1.1.6 255.255.255.252
ipv6 address 2026::1:2/122
ipv6 ospf 6 area 0
frame-relay interface-dlci 203
no shut
exit
!
interface Serial1/0.34 point-to-point
description link to R4
ip address 10.1.1.9 255.255.255.252
frame-relay interface-dlci 201
no shut
exit
!
interface Tunnel1
no ip address
ipv6 address 2026::34:1/122
ipv6 enable
ipv6 ospf 6 area 34
tunnel source Serial1/0.34
tunnel destination 10.1.1.10
!
router ospf 1
router-id 3.3.3.3
log-adjacency-changes
area 34 nssa default-information-originate no-summary
network 10.1.1.6 0.0.0.0 area 0
network 10.1.1.9 0.0.0.0 area 34
exit
!
ipv6 router ospf 6
router-id 3.3.3.3
!
line con 0
no exec-timeout
line vty 0 4
no exec-timeout
password cisco
login
!
End
wr
!
R4
en
conf t
hostname R4
enable secret cisco
no ip domain lookup
ipv6 unicast-routing
!
interface Serial1/0
description link to R3
ip address 10.1.1.10 255.255.255.252
encapsulation frame-relay
ip ospf network point-to-point
serial restart-delay 0
frame-relay map ip 10.1.1.10 102
frame-relay map ip 10.1.1.9 102 broadcast
no frame-relay inverse-arp
no shut
exit
!
interface FastEthernet2/0
ip address 10.1.4.5 255.255.255.252
ipv6 address 2026::2:1/122
ipv6 rip RIP_ZONE enable
no shut
exit
!
interface FastEthernet2/1
ip address 10.1.4.9 255.255.255.252
no shut
exit
!
interface Tunnel1
no ip address
ipv6 address 2026::34:2/122
ipv6 enable
ipv6 ospf 6 area 34
tunnel source Serial1/0
tunnel destination 10.1.1.9
!
router eigrp 10
redistribute ospf 1 metric 100 100 255 1 1500 route-map DEFAULTRM
network 10.1.4.0 0.0.0.255
no auto-summary
eigrp router-id 4.4.4.4
exit
ipv6 router rip RIP_ZONE
redistribute ospf 6 match external 2
exit
!
router ospf 1
router-id 4.4.4.4
log-adjacency-changes
area 34 nssa
redistribute eigrp 10 metric 1 metric-type 1 subnets
network 10.1.1.10 0.0.0.0 area 34
exit
!
ipv6 router ospf 6
router-id 4.4.4.4
redistribute rip RIP_ZONE metric 1 metric-type 1
exit
!
ip prefix-list DEFAULT seq 10 permit 0.0.0.0/0
!
route-map DEFAULTRM permit 10
!
match ip address prefix-list DEFAULT
exit
!
line con 0
no exec-timeout
!
line vty 0 4
no exec-timeout
password cisco
login
!
end
wr
!
FRSW – R5
en
conf t
hostname FRSW1
enable secret cisco
no ip domain lookup
!
interface Serial1/0
no ip address
encapsulation frame-relay
serial restart-delay 0
clock rate 56000
frame-relay intf-type dce
frame-relay route 403 interface Serial1/1 304
no shut
exit
!
interface Serial1/1
no ip address
encapsulation frame-relay
serial restart-delay 0
clock rate 56000
frame-relay intf-type dce
frame-relay route 302 interface Serial1/2 203
frame-relay route 304 interface Serial1/0 403
no shut
exit
!
interface Serial1/2
no ip address
encapsulation frame-relay
serial restart-delay 0
clock rate 56000
frame-relay intf-type dce
frame-relay route 201 interface Serial1/3 102
frame-relay route 203 interface Serial1/1 302
no shut
exit
!
interface Serial1/3
no ip address
encapsulation frame-relay
serial restart-delay 0
clock rate 56000
frame-relay intf-type dce
frame-relay route 102 interface Serial1/2 201
no shut
!
line con 0
no exec-timeout
!
line vty 0 4
no exec-timeout
password cisco
login
!
End
wr
!
DSW1 – R7
en
conf t
hostname DSW1
enable secret cisco
no ip domain lookup
ipv6 unicast-routing
!
interface FastEthernet1/0
ip address 10.1.4.6 255.255.255.252
ipv6 address 2026::2:2/122
ipv6 rip RIP_ZONE enable
no shut
exit
!
interface FastEthernet1/1
ip address 10.2.4.13 255.255.255.252
ipv6 address 2026::3:1/122
ipv6 rip RIP_ZONE enable
no shut
exit
!
router eigrp 10
network 10.1.4.0 0.0.0.255
network 10.2.4.0 0.0.0.255
no auto-summary
exit
ipv6 router rip RIP_ZONE
exit
!
line con 0
no exec-timeout
!
line vty 0 4
no exec-timeout
password cisco
login
!
end
wr
!
DSW2 – R8
en
conf t
hostname DSW2
enable secret cisco
no ip domain lookup
ipv6 unicast-routing
!
interface FastEthernet1/0
ip address 10.1.4.10 255.255.255.252
no shut
exit
!
interface FastEthernet1/1
ip address 10.2.4.14 255.255.255.252
ipv6 address 2026::3:2/122
ipv6 rip RIP_ZONE enable
no shut
exit
!
router eigrp 10
network 10.1.4.0 0.0.0.255
network 10.2.4.0 0.0.0.255
no auto-summary
exit
!
ipv6 router rip RIP_ZONE
exit
!
line con 0
no exec-timeout
exit
!
line vty 0 4
no exec-timeout
password cisco
login
!
end
wr
!

Aditia Nugroho

0 komentar:

dCloud Cisco

Blog pertama , sebelum masuk ke hal-hal teknis yang gw pelajari.
ada baiknya kali ini share mengenai dCloud.cisco.com

mungkin ada yang sudah pernah main main dan berkunjung ke web ini. Web ini bertujuan untuk mencoba 'enviroment' baru dari solusi Cisco tanpa harus kita mempunyai perangkat demo yang real. tujuannya untuk membantu dalam PoC dan menjelaskan fitur" dasar ke pada customer terutama. bisa jadi seperti lab rental dengan skenario yang sudah didesign oleh Cisco.

langsung ketika buka kita diminta login dengan account CCO Cisco kita.setelah itu kita bisa menetukan jadwal kapan kita akan mencoba skenario yang ditawarkan
 




Aditia Nugroho

0 komentar:

Langganan: Postingan (Atom)