14.1.2 Lab – Troubleshooting BGP Answers

Lab – Troubleshoot BGP (Answers Version)

Answers Note: Red font color or gray highlights indicate text that appears in the instructor copy only.

Topology

This topology has 3 routers and 2 switches. R2 G0/0/0 is connected to R1 G0/0/0. R1 G0/0/1 is connected D1 G1/0/11. D2 G1/0/11 is connected R3 G0/0/1. R3 G0/0/0 is connected to R2 G0/0/1.

Note: The advertised prefixes in AS 65100, 65200 and in the “the cloud” are associated with the interface addresses shown (.1 and ::1) for verification purpose. These prefixes are advertised by D1 and D2 to their respective BGP peers.

Note: AS 65100 advertises a shorter AS path to 2001::db8:cafe::/48.

Addressing Table

Device

Interface

IPv6 Address
IPv4 Address

IPv6 Link-Local

R1

G0/0/0

2001:db8:c0c0:a001::1/64

fe80::a001:1

R1

G0/0/0

192.168.2.1/24

N/A

R1

G0/0/1

2001:db8:cab:f001::2/64

fe80::f001:2

R1

G0/0/1

172.16.1.2/30

N/A

R1

Lo0 (iBGP Peering)

2001:db8:c0c0:99::1/128

fe80::99:1

R1

Lo0 (iBGP Peering)

192.168.99.1

N/A

R1

Lo1

2001:db8:c0c0:a011::1/64

fe80::a011:1

R1

Lo1

192.168.1.1/24

N/A

R2

G0/0/0

2001:db8:c0c0:a001::2/64

fe80::a001:2

R2

G0/0/0

192.168.2.2/24

N/A

R2

G0/0/1

2001:db8:c0c0:a002::2/64

fe80::a002:2

R2

G0/0/1

192.168.5.2/24

N/A

R2

Lo0 (iBGP Peering)

2001:db8:c0c0:99::2/128

fe80::99:2

R2

Lo0 (iBGP Peering)

192.168.99.2/24

N/A

R2

Lo1

2001:db8:c0c0:a021::1/64

fe80::a021:1

R2

Lo1

192.168.3.1/24

N/A

R2

Lo2

2001:db8:c0c0:a022::1/64

fe80::a022:1

R2

Lo2

192.168.4.1/24

N/A

R3

G0/0/0

2001:db8:c0c0:a002::1/64

fe80::a002:1

R3

G0/0/0

192.168.5.1/24

N/A

R3

G0/0/1

2001:db8:b0b:f001::2/64

fe80::f001:2

R3

G0/0/1

172.16.2.2/30

N/A

R3

Lo0 (iBGP Peering)

2001:db8:c0c0:99::3/128

fe80::99:3

R3

Lo0 (iBGP Peering)

192.168.99.3/24

N/A

R3

Lo1

2001:db8:c0c0:a031::1/64

fe80::a031:1

R3

Lo1

192.168.6.1/24

N/A

D1

G1/0/11

2001:db8:cab:f001::1/64

fe80::cab:f001:1

D1

G1/0/11

172.16.1.1/30

N/A

D1

Lo1

2001:db8:cab:f002::1/64

fe80::cab:f002:1

D1

Lo1

10.1.1.1/24

N/A

D1

Lo10

2001:db8:cab1::1/48

EUI-64

D1

Lo10

10.1.10.1/24

N/A

D1

Lo20

2001:db8:cab2::1/48

EUI-64

D1

Lo20

10.1.20.1/24

N/A

D1

Lo30

2001:db8:cab3::1/48

EUI-64

D1

Lo30

10.1.30.1/24

N/A

D1

Lo48

2001:db8:cafe::1/48

EUI-64

D2

G1/0/11

2001:db8:b0b:f001::1/64

EUI-64

D2

G1/0/11

172.16.2.1/30

N/A

D2

Lo1

2001:db8:b0b:f002::1/64

EUI-64

D2

Lo1

10.2.1.1/24

N/A

D2

Lo10

2001:db8:b0b1::1/48

EUI-64

D2

Lo10

10.2.10.1/24

N/A

D2

Lo20

2001:db8:b0b2::1/48

EUI-64

D2

Lo20

10.2.20.1/24

N/A

D2

Lo30

2001:db8:b0b3::1/48

EUI-64

D2

Lo30

10.2.30.1/24

N/A

D2

Lo48

2001:db8:cafe::1/48

EUI-64

Note: To make it easier to recognize IPv6 prefixes, familiarize yourself with the IPv6 GUA and LLA address formats.

  • GUA: The GUA has a 16-bit subnet-ID, a<area-id><router><network> (“a” for area). For example, subnet-ID a021 is area 0, router 2, network 1.
  • LLA: Following best practice the LLA is unique on each interface. The LLA interface-ID uses the GUA subnet-ID:interface-ID for the last 64 bits. For example, fe80::a201:1 has a LLA interface-ID a201 (the subnet-ID of the GUA) and :1 (the interface ID of the GUA).

Objectives

Troubleshoot network issues related to the configuration and operation of MP-BGP with address families.

Background / Scenario

Lombardia Cocoa Company (AS 65000) peers with two ISPs (AS 65100 and AS 65200) and receives the following prefixes from each:

  • From ISP1 Hopper Cable ISP (AS 65100):
  • 10.1.1.0/24, 10.1.10.0/24, 10.1.20.0/24, 10.1.30.0/24
  • 2001:db8:cab:f002::/64, 2001:db8:cab1::/48, 2001:db8:cab2::/48, 2001:db8:cab3::/48, 2001:db8:cafe::/48 (shorter AS path)
  • From ISP2 Bob’s ISP (AS 65200):
  • 10.2.1.0/24, 10.2.10.0/24, 10.2.20.0/24, 10.2.30.0/24
  • 2001:db8:b0b:f002::/64, 2001:db8:b0b2::/48, 2001:db8:b0b2::/48, 2001:db8:b0b3::/48, 2001:db8:cafe::/48 (longer AS path)

Both ISPs also receive specific prefixes from Lombardia.

  • Lombardia advertises to both ISPs:
  • 192.168.1.0/24, 192.168.3.0/24, 192.168.4.0/24, 192.168.6.0/24
  • 2001:db8:c0c0:a011::/64, 2001:db8:c0c0:a021::/64, 2001:db8:c0c0:a022::/64, 2001:db8:c0c0:a031::/64

Note: Inter-router links are not advertised by BGP.

Note: Lombardia iBGP peering is done using loopback 0 addresses.

Although the topology has a limited number of routers, you should use the appropriate troubleshooting commands to help find and solve the problems in the three trouble tickets as if this were a much more complex topology with many more routers and networks.

You will be loading configurations with intentional errors onto the network. Your tasks are to FIND the error(s), document your findings and the command(s) or method(s) used to fix them, FIX the issue(s) presented here, and then test the network to ensure both of the following conditions are met:

1)the complaint received in the ticket is resolved

2)full reachability is restored

Note: The routers used with CCNP hands-on labs are Cisco 4221 with Cisco IOS XE Release 16.9.4 (universalk9 image). The switches used in the labs are Cisco Catalyst 3650 with Cisco IOS XE Release 16.9.4 (universalk9 image). Other routers, switches, and Cisco IOS versions can be used. Depending on the model and Cisco IOS version, the commands available and the output produced might vary from what is shown in the labs. Refer to the Router Interface Summary Table at the end of the lab for the correct interface identifiers.

Note: Make sure that the devices have been erased and have no startup configurations. If you are unsure, contact your instructor.

Answers Note: Refer to the Answers Lab Manual for the procedures to initialize and reload devices.

Required Resources

  • 3 Routers (Cisco 4221 with Cisco IOS XE Release 16.9.4 universal image or comparable)
  • 2 Switches (Cisco 3560 with Cisco IOS XE Release 16.9.4 universal image or comparable)
  • Console cables to configure the Cisco IOS devices via the console ports
  • Ethernet cables as shown in the topology

Part 1:Trouble Ticket 14.1.2.1

Scenario:

Lombardia Cocoa Company recently added router R2 between routers R1 and R3. Previously, R1 and R3 were connected directly. Routers R1, R2 and R3 were reconfigured to implement these changes. During testing and validation, the network team noticed that routers R1 and R3 only have BGP routes from their directly connected eBGP peers. All three AS 65000 routers should be receiving routes indicated in the network documentation (see the previous Background / Scenario section).

You have been asked to help find the problem and implement any necessary changes.

Use the commands listed below to load the configuration files for this trouble ticket:

Answers Note: Commands for uploading the configuration are provided at the end of this document.

Device

Command

R1

copy flash:/enarsi/14.1.2.1-r1-config.txt run

R2

copy flash:/enarsi/14.1.2.1-r2-config.txt run

R3

copy flash:/enarsi/14.1.2.1-r3-config.txt run

D1

copy flash:/enarsi/14.1.2.1-d1-config.txt run

D2

copy flash:/enarsi/14.1.2.1-d2-config.txt run

  • All routers should receive the prefixes shown in the previous Background / Scenario section.
  • Verification: The following pings should be successful. If a ping does not work, the ticket is not resolved:

R1# ping 10.2.1.1 source lo1

R1# ping 2001:db8:b0b:f002::1 source lo1

R3# ping 10.1.1.1 source lo1

R3# ping 2001:db8:cab:f002::1 source lo1

  • When you have fixed the ticket, change the MOTD on EACH DEVICE using the following command:

banner motd # This is $(hostname) FIXED from ticket <ticket number> #

  • Then save the configuration by issuing the wri command (on each device).
  • Inform your instructor that you are ready for the next ticket.
  • After the instructor approves your solution for this ticket, issue the reset.now privileged EXEC command. This script will clear your configurations and reload the devices.

Answers Notes:

This trouble ticket contains intentional errors on both R1 and R3:

Because the networks between eBGP peers are not being advertised, R1 and R3 require using the next-hop-self option when iBGP peering with routers in AS 65000.

These changes must be done for peering relationships in both the IPv4 and IPv6 address families. The commands used to fix these errors should be:

R1(config)# router bgp 65000

R1(config-router)# address-family ipv4 unicast

R1(config-router-af)# neighbor 192.168.99.3 next-hop-self

R1(config-router-af)# exit

R1(config-router)# address-family ipv6 unicast

R1(config-router-af)# neighbor 2001:db8:c0c0:99::3 next-hop-self

R1(config-router-af)# end

R3(config)# router bgp 65000

R3(config-router)# address-family ipv4 unicast

R3(config-router-af)# neighbor 192.168.99.1 next-hop-self

R3(config-router-af)# exit

R3(config-router)# address-family ipv6 unicast

R3(config-router-af)# neighbor 2001:db8:c0c0:99::1 next-hop-self

R3(config-router-af)# end

Part 2:Trouble Ticket 14.1.2.2

Scenario:

The preferred default path to the 2001:db8:cafe::/48 prefix is via AS 65100 because it is a shorter AS path. Your peering agreements with both ISPs state that you have to pay for traffic transiting via AS 65100 but not through AS 65200. To decrease costs, management has tasked the network team to send traffic for 2001:db8:cafe::/48 to AS 65200.

Policy changes were made to forward traffic to the 2001:db8:cafe::/48 prefix to AS 65200. However, verification commands indicate that only router R3 is forwarding traffic to the 2001:db8:cafe::/48 prefix to AS 65200. Routers R1 and R2 are still forwarding traffic for the 2001:db8:cafe::/48 prefix to AS 65100.

You have been tasked to find and resolve the issue.

Use the commands listed below to load the configuration files for this trouble ticket:

Answers Note: Commands for creating these files are at the end of this document.

Device

Command

R1

copy flash:/enarsi/14.1.2.2-r1-config.txt run

R2

copy flash:/enarsi/14.1.2.2-r2-config.txt run

R3

copy flash:/enarsi/14.1.2.2-r3-config.txt run

D1

copy flash:/enarsi/14.1.2.2-d1-config.txt run

D2

copy flash:/enarsi/14.1.2.2-d2-config.txt run

  • All AS 65000 routers should forward traffic for 2001:db8:cafe::/48 via AS 65200.
  • IPv6 BGP tables in all AS 65000 routers should verify that AS 65200 is the preferred (best) path.
  • When you have fixed the ticket, change the MOTD on EACH DEVICE using the following command:

banner motd # This is $(hostname) FIXED from ticket <ticket number> #

  • Then save the configuration by issuing the wri command (on each device).
  • Inform your instructor that you are ready for the next ticket.
  • After the instructor approves your solution for this ticket, issue the reset.now privileged EXEC command. This script will clear your configurations and reload the devices.

Answers Notes:

This trouble ticket contains an intentional error on R1 and R3. Both routers have been configured with a route map that modifies the weight attribute. The weight attribute is local only and is not advertised in BGP updates. R1 and R3 need their route maps changed to use the local preference attribute which is transitive. R3 needs to be configured with the larger local preference value. BGP process will need to reset on all AS 65000 routers.

The commands used to fix these errors should be:

R1(config)# no route-map AS65100-CAFE permit 10

R1(config)# route-map AS65100-CAFE permit 10

R1(config-route-map)# match ipv6 address prefix-list CAFE-POLICY

R1(config-route-map)# set local-preference 100

R1(config-route-map)# end

R1# clear bgp all 65000

R3(config)# no route-map AS65200-CAFE permit 10

R3(config)# route-map AS65200-CAFE permit 10

R3(config-route-map)# match ipv6 address prefix-list CAFE-POLICY

R3(config-route-map)# set local-preference 400

R3(config-route-map)# end

R3# clear bgp all 65000

R2# clear bgp all 65000

Router Interface Summary Table

Router Model

Ethernet Interface #1

Ethernet Interface #2

Serial Interface #1

Serial Interface #2

1800

Fast Ethernet 0/0 (F0/0)

Fast Ethernet 0/1 (F0/1)

Serial 0/0/0 (S0/0/0)

Serial 0/0/1 (S0/0/1)

1900

Gigabit Ethernet 0/0 (G0/0)

Gigabit Ethernet 0/1 (G0/1)

Serial 0/0/0 (S0/0/0)

Serial 0/0/1 (S0/0/1)

2801

Fast Ethernet 0/0 (F0/0)

Fast Ethernet 0/1 (F0/1)

Serial 0/1/0 (S0/1/0)

Serial 0/1/1 (S0/1/1)

2811

Fast Ethernet 0/0 (F0/0)

Fast Ethernet 0/1 (F0/1)

Serial 0/0/0 (S0/0/0)

Serial 0/0/1 (S0/0/1)

2900

Gigabit Ethernet 0/0 (G0/0)

Gigabit Ethernet 0/1 (G0/1)

Serial 0/0/0 (S0/0/0)

Serial 0/0/1 (S0/0/1)

4221

Gigabit Ethernet 0/0/0 (G0/0/0)

Gigabit Ethernet 0/0/1 (G0/0/1)

Serial 0/1/0 (S0/1/0)

Serial 0/1/1 (S0/1/1)

4300

Gigabit Ethernet 0/0/0 (G0/0/0)

Gigabit Ethernet 0/0/1 (G0/0/1)

Serial 0/1/0 (S0/1/0)

Serial 0/1/1 (S0/1/1)

Note: To find out how the router is configured, look at the interfaces to identify the type of router and how many interfaces the router has. There is no way to effectively list all the combinations of configurations for each router class. This table includes identifiers for the possible combinations of Ethernet and Serial interfaces in the device. The table does not include any other type of interface, even though a specific router may contain one. An example of this might be an ISDN BRI interface. The string in parenthesis is the legal abbreviation that can be used in Cisco IOS commands to represent the interface.

End of document

Uploading Configuration Files

Use the commands below to create the configuration files for each trouble ticket in this lab on the lab devices. The TCL script commands help create and copy the configurations. However, the configuration commands could also be copied and pasted directly into global config mode on each device. Simply remove the TCL script commands, enter the enable and configure t commands on the device, and copy and paste the configuration commands.

Important: The device requires a folder in flash named enarsi. Use the dir command to verify. If the folder is missing, then create it using the mkdir flash:/enarsi privileged EXEC command. For all switches, make sure the vlan.dat file is set to the default. Use the delete vlan.dat privileged EXEC command, if necessary.

Reset scripts

These TCL scripts will completely clear and reload the device in preparation for the next ticket. Copy and paste the appropriate script to the appropriate device.

Router Reset Script

tclsh

puts [ open “flash:/enarsi/reset.tcl” w+ ] {

typeahead “\n”

copy running-config startup-config

typeahead “\n”

erase startup-config

puts “Reloading the router”

typeahead “\n”

reload

}

tclquit

D1/D2 (Cisco 3650) Reset Script – The default 3650 SDM template supports IPv6 by default, so it is not set by this script.

tclsh

puts [ open “flash:/enarsi/reset.tcl” w+ ] {

typeahead “\n”

copy running-config startup-config

typeahead “\n”

erase startup-config

delete /force vlan.dat

puts “Reloading the switch”

typeahead “\n”

reload

}

tclquit

A1 (Cisco 2960 Script) – The default 2960 SDM template does not support IPv6, so this script includes that setting.

tclsh

puts [ open “flash:reset.tcl” w+ ] {

typeahead “\n”

copy running-config startup-config

typeahead “\n”

erase startup-config

delete /force vlan.dat

delete /force multiple-fs

ios_config “sdm prefer lanbase-routing”

typeahead “\n”

puts “Reloading the switch in 1 minute, type reload cancel to halt”

typeahead “\n”

reload

}

tclquit

R1 Configuration File Scripts

!R1 – Trouble Ticket # 1

tclsh

puts [ open “flash:/enarsi/14.1.2.1-r1-config.txt” w+ ] {

hostname R1

banner motd # This is R1, Trouble Ticket 14.1.2.1 #

no ip domain lookup

ipv6 unicast-routing

line con 0

logg sync

exec-time 0 0

exit

inter g 0/0/0

ipv6 add 2001:db8:c0c0:a001::1/64

ipv6 add fe80::a001:1 link-local

ip add 192.168.2.1 255.255.255.0

ospfv3 1 ipv4 area 0

ospfv3 1 ipv6 area 0

no shut

inter g 0/0/1

ipv6 add 2001:db8:cab:f001::2/64

ipv6 add fe80::f001:2 link-local

ip add 172.16.1.2 255.255.255.252

no shut

int lo1

ipv6 add 2001:db8:c0c0:a011::1/64

ipv6 add fe80::a011:1 link-local

ip add 192.168.1.1 255.255.255.0

ospfv3 1 ipv4 area 0

ospfv3 1 ipv6 area 0

ospfv3 1 ipv4 network point-to-point

ospfv3 1 ipv6 network point-to-point

exit

inter lo0

description Loopback for BGP peering

ip add 192.168.99.1 255.255.255.255

ipv6 add 2001:db8:c0c0:99::1/128

ipv6 add fe80::99:1 link-local

ospfv3 1 ipv4 area 0

ospfv3 1 ipv6 area 0

exit

router ospfv3 1

address-family ipv4 unicast

router-id 1.1.1.1

exit

address-family ipv6 unicast

router-id 1.1.1.1

exit

exit

router bgp 65000

bgp router-id 1.1.1.1

neighbor 172.16.1.1 remote-as 65100

neighbor 2001:db8:cab:f001::1 remote-as 65100

neighbor 192.168.99.2 remote-as 65000

neighbor 192.168.99.2 update-source loopback0

neighbor 2001:db8:c0c0:99::2 remote-as 65000

neighbor 2001:db8:c0c0:99::2 update-source loopback0

neighbor 192.168.99.3 remote-as 65000

neighbor 192.168.99.3 update-source loopback0

neighbor 2001:db8:c0c0:99::3 remote-as 65000

neighbor 2001:db8:c0c0:99::3 update-source loopback0

address-family ipv4 unicast

network 192.168.1.0 mask 255.255.255.0

neighbor 172.16.1.1 activate

neighbor 192.168.99.2 activate

neighbor 192.168.99.2 next-hop-self

neighbor 192.168.99.3 activate

exit

address-family ipv6 unicast

network 2001:db8:c0c0:a011::/64

neighbor 2001:db8:cab:f001::1 activate

neighbor 2001:db8:c0c0:99::2 activate

neighbor 2001:db8:c0c0:99::2 next-hop-self

neighbor 2001:db8:c0c0:99::3 activate

alias exec reset.now tclsh flash:/enarsi/reset.tcl

}

tclquit

!R1 – Trouble Ticket # 2

tclsh

puts [ open “flash:/enarsi/14.1.2.2-r1-config.txt” w+ ] {

hostname R1

banner motd # This is R1, Trouble Ticket 14.1.2.2 #

no ip domain lookup

ipv6 unicast-routing

line con 0

logg sync

exec-time 0 0

exit

inter g 0/0/0

ipv6 add 2001:db8:c0c0:a001::1/64

ipv6 add fe80::a001:1 link-local

ip add 192.168.2.1 255.255.255.0

ospfv3 1 ipv4 area 0

ospfv3 1 ipv6 area 0

no shut

inter g 0/0/1

ipv6 add 2001:db8:cab:f001::2/64

ipv6 add fe80::f001:2 link-local

ip add 172.16.1.2 255.255.255.252

no shut

int lo1

ipv6 add 2001:db8:c0c0:a011::1/64

ipv6 add fe80::a011:1 link-local

ip add 192.168.1.1 255.255.255.0

ospfv3 1 ipv4 area 0

ospfv3 1 ipv6 area 0

ospfv3 1 ipv4 network point-to-point

ospfv3 1 ipv6 network point-to-point

exit

inter lo0

description Loopback for BGP peering

ip add 192.168.99.1 255.255.255.255

ipv6 add 2001:db8:c0c0:99::1/128

ipv6 add fe80::99:1 link-local

ospfv3 1 ipv4 area 0

ospfv3 1 ipv6 area 0

exit

router ospfv3 1

address-family ipv4 unicast

router-id 1.1.1.1

exit

address-family ipv6 unicast

router-id 1.1.1.1

exit

exit

ipv6 prefix-list CAFE-POLICY permit 2001:db8:cafe::/48

route-map AS65100-CAFE permit 10

match ipv6 address prefix-list CAFE-POLICY

set weight 100

exit

route-map AS65100-CAFE permit 20

exit

router bgp 65000

bgp router-id 1.1.1.1

neighbor 172.16.1.1 remote-as 65100

neighbor 2001:db8:cab:f001::1 remote-as 65100

neighbor 192.168.99.2 remote-as 65000

neighbor 192.168.99.2 update-source loopback0

neighbor 2001:db8:c0c0:99::2 remote-as 65000

neighbor 2001:db8:c0c0:99::2 update-source loopback0

neighbor 192.168.99.3 remote-as 65000

neighbor 192.168.99.3 update-source loopback0

neighbor 2001:db8:c0c0:99::3 remote-as 65000

neighbor 2001:db8:c0c0:99::3 update-source loopback0

address-family ipv4 unicast

network 192.168.1.0 mask 255.255.255.0

neighbor 172.16.1.1 activate

neighbor 192.168.99.2 activate

neighbor 192.168.99.2 next-hop-self

neighbor 192.168.99.3 activate

neighbor 192.168.99.3 next-hop-self

exit

address-family ipv6 unicast

network 2001:db8:c0c0:a011::/64

neighbor 2001:db8:cab:f001::1 activate

neighbor 2001:db8:cab:f001::1 route-map AS65100-CAFE in

neighbor 2001:db8:c0c0:99::2 activate

neighbor 2001:db8:c0c0:99::2 next-hop-self

neighbor 2001:db8:c0c0:99::3 activate

neighbor 2001:db8:c0c0:99::3 next-hop-self

exit

exit

alias exec reset.now tclsh flash:/enarsi/reset.tcl

}

tclquit

R2 Configuration File Scripts

!R2 – Trouble Ticket # 1

tclsh

puts [ open “flash:/enarsi/14.1.2.1-r2-config.txt” w+ ] {

hostname R2

banner motd # This is R2, Trouble Ticket 14.1.2.1 #

no ip domain lookup

ipv6 unicast-routing

line con 0

logg sync

exec-time 0 0

exit

inter g 0/0/0

ipv6 add 2001:db8:c0c0:a001::2/64

ipv6 add fe80::a001:2 link-local

ip add 192.168.2.2 255.255.255.0

ospfv3 1 ipv4 area 0

ospfv3 1 ipv6 area 0

no shut

inter g 0/0/1

ipv6 add 2001:db8:c0c0:a002::2/64

ipv6 add fe80::a002:2 link-local

ip add 192.168.5.2 255.255.255.0

ospfv3 1 ipv4 area 0

ospfv3 1 ipv6 area 0

no shut

int lo1

ipv6 add 2001:db8:c0c0:a021::1/64

ipv6 add fe80::a021:1 link-local

ip add 192.168.3.1 255.255.255.0

ospfv3 1 ipv4 area 0

ospfv3 1 ipv6 area 0

ospfv3 1 ipv4 network point-to-point

ospfv3 1 ipv6 network point-to-point

exit

int lo2

ipv6 add 2001:db8:c0c0:a022::1/64

ipv6 add fe80::a022:1 link-local

ip add 192.168.4.1 255.255.255.0

ospfv3 1 ipv4 area 0

ospfv3 1 ipv6 area 0

ospfv3 1 ipv4 network point-to-point

ospfv3 1 ipv6 network point-to-point

exit

inter lo0

description Loopback for BGP peering

ip add 192.168.99.2 255.255.255.255

ipv6 add 2001:db8:c0c0:99::2/128

ipv6 add fe80::99:2 link-local

ospfv3 1 ipv4 area 0

ospfv3 1 ipv6 area 0

exit

router ospfv3 1

address-family ipv4 unicast

router-id 2.2.2.2

exit

address-family ipv6 unicast

router-id 2.2.2.2

exit

router bgp 65000

bgp router-id 2.2.2.2

neighbor 192.168.99.1 remote-as 65000

neighbor 192.168.99.1 update-source loopback0

neighbor 2001:db8:c0c0:99::1 remote-as 65000

neighbor 2001:db8:c0c0:99::1 update-source loopback0

neighbor 192.168.99.3 remote-as 65000

neighbor 192.168.99.3 update-source loopback0

neighbor 2001:db8:c0c0:99::3 remote-as 65000

neighbor 2001:db8:c0c0:99::3 update-source loopback0

address-family ipv4 unicast

network 192.168.3.0 mask 255.255.255.0

network 192.168.4.0 mask 255.255.255.0

neighbor 192.168.99.1 activate

neighbor 192.168.99.3 activate

exit

address-family ipv6 unicast

network 2001:db8:c0c0:a021::/64

network 2001:db8:c0c0:a022::/64

neighbor 2001:db8:c0c0:99::1 activate

neighbor 2001:db8:c0c0:99::3 activate

exit

exit

alias exec reset.now tclsh flash:/enarsi/reset.tcl

}

tclquit

!R2 – Trouble Ticket # 2

tclsh

puts [ open “flash:/enarsi/14.1.2.2-r2-config.txt” w+ ] {

hostname R2

banner motd # This is R2, Trouble Ticket 14.1.2.2 #

no ip domain lookup

ipv6 unicast-routing

line con 0

logg sync

exec-time 0 0

exit

inter g 0/0/0

ipv6 add 2001:db8:c0c0:a001::2/64

ipv6 add fe80::a001:2 link-local

ip add 192.168.2.2 255.255.255.0

ospfv3 1 ipv4 area 0

ospfv3 1 ipv6 area 0

no shut

inter g 0/0/1

ipv6 add 2001:db8:c0c0:a002::2/64

ipv6 add fe80::a002:2 link-local

ip add 192.168.5.2 255.255.255.0

ospfv3 1 ipv4 area 0

ospfv3 1 ipv6 area 0

no shut

int lo1

ipv6 add 2001:db8:c0c0:a021::1/64

ipv6 add fe80::a021:1 link-local

ip add 192.168.3.1 255.255.255.0

ospfv3 1 ipv4 area 0

ospfv3 1 ipv6 area 0

ospfv3 1 ipv4 network point-to-point

ospfv3 1 ipv6 network point-to-point

exit

int lo2

ipv6 add 2001:db8:c0c0:a022::1/64

ipv6 add fe80::a022:1 link-local

ip add 192.168.4.1 255.255.255.0

ospfv3 1 ipv4 area 0

ospfv3 1 ipv6 area 0

ospfv3 1 ipv4 network point-to-point

ospfv3 1 ipv6 network point-to-point

exit

inter lo0

description Loopback for BGP peering

ip add 192.168.99.2 255.255.255.255

ipv6 add 2001:db8:c0c0:99::2/128

ipv6 add fe80::99:2 link-local

ospfv3 1 ipv4 area 0

ospfv3 1 ipv6 area 0

exit

router ospfv3 1

address-family ipv4 unicast

router-id 2.2.2.2

exit

address-family ipv6 unicast

router-id 2.2.2.2

exit

router bgp 65000

bgp router-id 2.2.2.2

neighbor 192.168.99.1 remote-as 65000

neighbor 192.168.99.1 update-source loopback0

neighbor 2001:db8:c0c0:99::1 remote-as 65000

neighbor 2001:db8:c0c0:99::1 update-source loopback0

neighbor 192.168.99.3 remote-as 65000

neighbor 192.168.99.3 update-source loopback0

neighbor 2001:db8:c0c0:99::3 remote-as 65000

neighbor 2001:db8:c0c0:99::3 update-source loopback0

address-family ipv4 unicast

network 192.168.3.0 mask 255.255.255.0

network 192.168.4.0 mask 255.255.255.0

neighbor 192.168.99.1 activate

neighbor 192.168.99.3 activate

exit

address-family ipv6 unicast

network 2001:db8:c0c0:a021::/64

network 2001:db8:c0c0:a022::/64

neighbor 2001:db8:c0c0:99::1 activate

neighbor 2001:db8:c0c0:99::3 activate

exit

exit

alias exec reset.now tclsh flash:/enarsi/reset.tcl

}

tclquit

R3 Configuration File Scripts

!R3 – Trouble Ticket # 1

tclsh

puts [ open “flash:/enarsi/14.1.2.1-r3-config.txt” w+ ] {

hostname R3

banner motd # This is R3, Trouble Ticket 14.1.2.1 #

no ip domain lookup

ipv6 unicast-routing

line con 0

logg sync

exec-time 0 0

exit

inter g 0/0/0

ipv6 add 2001:db8:c0c0:a002::1/64

ipv6 add fe80::a002:1 link-local

ip add 192.168.5.1 255.255.255.0

ospfv3 1 ipv4 area 0

ospfv3 1 ipv6 area 0

no shut

inter g 0/0/1

ipv6 add 2001:db8:b0b:f001::2/64

ipv6 add fe80::f001:2 link-local

ip add 172.16.2.2 255.255.255.252

no shut

int lo1

ipv6 add 2001:db8:c0c0:a031::1/64

ipv6 add fe80::a031:1 link-local

ip add 192.168.6.1 255.255.255.0

ospfv3 1 ipv4 area 0

ospfv3 1 ipv6 area 0

ospfv3 1 ipv4 network point-to-point

ospfv3 1 ipv6 network point-to-point

exit

inter lo0

description Loopback for BGP peering

ip add 192.168.99.3 255.255.255.255

ipv6 add 2001:db8:c0c0:99::3/128

ipv6 add fe80::99:3 link-local

ospfv3 1 ipv4 area 0

ospfv3 1 ipv6 area 0

exit

router ospfv3 1

address-family ipv4 unicast

router-id 3.3.3.3

exit

address-family ipv6 unicast

router-id 3.3.3.3

exit

router bgp 65000

bgp router-id 3.3.3.3

neighbor 172.16.2.1 remote-as 65200

neighbor 2001:db8:b0b:f001::1 remote-as 65200

neighbor 192.168.99.1 remote-as 65000

neighbor 192.168.99.1 update-source loopback0

neighbor 2001:db8:c0c0:99::1 remote-as 65000

neighbor 2001:db8:c0c0:99::1 update-source loopback0

neighbor 192.168.99.2 remote-as 65000

neighbor 192.168.99.2 update-source loopback0

neighbor 2001:db8:c0c0:99::2 remote-as 65000

neighbor 2001:db8:c0c0:99::2 update-source loopback0

address-family ipv4 unicast

network 192.168.6.0 mask 255.255.255.0

neighbor 172.16.2.1 activate

neighbor 192.168.99.1 activate

neighbor 192.168.99.2 activate

neighbor 192.168.99.2 next-hop-self

exit

address-family ipv6 unicast

network 2001:db8:c0c0:a031::/64

neighbor 2001:db8:b0b:f001::1 activate

neighbor 2001:db8:c0c0:99::1 activate

neighbor 2001:db8:c0c0:99::2 activate

neighbor 2001:db8:c0c0:99::2 next-hop-self

exit

exit

alias exec reset.now tclsh flash:/enarsi/reset.tcl

}

tclquit

!R3 – Trouble Ticket # 2

tclsh

puts [ open “flash:/enarsi/14.1.2.2-r3-config.txt” w+ ] {

hostname R3

banner motd # This is R3, Trouble Ticket 14.1.2.2 #

no ip domain lookup

ipv6 unicast-routing

line con 0

logg sync

exec-time 0 0

exit

inter g 0/0/0

ipv6 add 2001:db8:c0c0:a002::1/64

ipv6 add fe80::a002:1 link-local

ip add 192.168.5.1 255.255.255.0

ospfv3 1 ipv4 area 0

ospfv3 1 ipv6 area 0

no shut

inter g 0/0/1

ipv6 add 2001:db8:b0b:f001::2/64

ipv6 add fe80::f001:2 link-local

ip add 172.16.2.2 255.255.255.252

no shut

int lo1

ipv6 add 2001:db8:c0c0:a031::1/64

ipv6 add fe80::a031:1 link-local

ip add 192.168.6.1 255.255.255.0

ospfv3 1 ipv4 area 0

ospfv3 1 ipv6 area 0

ospfv3 1 ipv4 network point-to-point

ospfv3 1 ipv6 network point-to-point

exit

inter lo0

description Loopback for BGP peering

ip add 192.168.99.3 255.255.255.255

ipv6 add 2001:db8:c0c0:99::3/128

ipv6 add fe80::99:3 link-local

ospfv3 1 ipv4 area 0

ospfv3 1 ipv6 area 0

exit

router ospfv3 1

address-family ipv4 unicast

router-id 3.3.3.3

exit

address-family ipv6 unicast

router-id 3.3.3.3

exit

ipv6 prefix-list CAFE-POLICY permit 2001:db8:cafe::/48

route-map AS65200-CAFE permit 10

match ipv6 address prefix-list CAFE-POLICY

set weight 400

exit

route-map AS65200-CAFE permit 20

exit

router bgp 65000

bgp router-id 3.3.3.3

neighbor 172.16.2.1 remote-as 65200

neighbor 2001:db8:b0b:f001::1 remote-as 65200

neighbor 192.168.99.1 remote-as 65000

neighbor 192.168.99.1 update-source loopback0

neighbor 2001:db8:c0c0:99::1 remote-as 65000

neighbor 2001:db8:c0c0:99::1 update-source loopback0

neighbor 192.168.99.2 remote-as 65000

neighbor 192.168.99.2 update-source loopback0

neighbor 2001:db8:c0c0:99::2 remote-as 65000

neighbor 2001:db8:c0c0:99::2 update-source loopback0

address-family ipv4 unicast

network 192.168.6.0 mask 255.255.255.0

neighbor 172.16.2.1 activate

neighbor 192.168.99.1 activate

neighbor 192.168.99.1 next-hop-self

neighbor 192.168.99.2 activate

neighbor 192.168.99.2 next-hop-self

exit

address-family ipv6 unicast

network 2001:db8:c0c0:a031::/64

neighbor 2001:db8:b0b:f001::1 activate

neighbor 2001:db8:b0b:f001::1 route-map AS65200-CAFE in

neighbor 2001:db8:c0c0:99::1 activate

neighbor 2001:db8:c0c0:99::1 next-hop-self

neighbor 2001:db8:c0c0:99::2 activate

neighbor 2001:db8:c0c0:99::2 next-hop-self

exit

exit

alias exec reset.now tclsh flash:/enarsi/reset.tcl

}

tclquit

D1 Configuration File Scripts

!D1 – Trouble Ticket # 1

tclsh

puts [ open “flash:/enarsi/14.1.2.1-d1-config.txt” w+ ] {

hostname D1

banner motd # This is D1, Trouble Ticket 14.1.2.1 #

no ip domain lookup

ip routing

ipv6 unicast-routing

line con 0

logg sync

exec-time 0 0

exit

inter g 1/0/11

no switchport

ipv6 add 2001:db8:cab:f001::1/64

ipv6 add fe80::cab:f001:1 link-local

ip add 172.16.1.1 255.255.255.252

no shut

exit

interface lo1

ipv6 add 2001:db8:cab:f002::1/64

ipv6 add fe80::cab:f002:1 link-local

ip add 10.1.1.1 255.255.255.0

exit

interface lo10

ipv6 add 2001:db8:cab1::1/48

ip add 10.1.10.1 255.255.255.0

no shut

exit

interface lo20

ipv6 add 2001:db8:cab2::1/48

ip add 10.1.20.1 255.255.255.0

no shut

exit

interface lo30

ipv6 add 2001:db8:cab3::1/48

ip add 10.1.30.1 255.255.255.0

no shut

exit

interface lo48

ipv6 add 2001:db8:cafe::1/48

no shut

exit

inter range g1/0/6-10, g1/0/12-24

shut

exit

router bgp 65100

bgp router-id 1.0.0.1

neighbor 172.16.1.2 remote-as 65000

neighbor 2001:db8:cab:f001::2 remote-as 65000

address-family ipv4 unicast

network 10.1.1.0 mask 255.255.255.0

network 10.1.10.0 mask 255.255.255.0

network 10.1.20.0 mask 255.255.255.0

network 10.1.30.0 mask 255.255.255.0

neighbor 172.16.1.2 activate

exit

address-family ipv6 unicast

network 2001:db8:cab:f002::/64

network 2001:db8:cab1::/48

network 2001:db8:cab2::/48

network 2001:db8:cab3::/48

network 2001:db8:cafe::/48

neighbor 2001:db8:cab:f001::2 activate

exit

exit

alias exec reset.now tclsh flash:/enarsi/reset.tcl

}

tclquit

!D1 – Trouble Ticket # 2

tclsh

puts [ open “flash:/enarsi/14.1.2.2-d1-config.txt” w+ ] {

hostname D1

banner motd # This is D1, Trouble Ticket 14.1.2.2 #

no ip domain lookup

ip routing

ipv6 unicast-routing

line con 0

logg sync

exec-time 0 0

exit

inter g 1/0/11

no switchport

ipv6 add 2001:db8:cab:f001::1/64

ipv6 add fe80::cab:f001:1 link-local

ip add 172.16.1.1 255.255.255.252

no shut

exit

interface lo1

ipv6 add 2001:db8:cab:f002::1/64

ipv6 add fe80::cab:f002:1 link-local

ip add 10.1.1.1 255.255.255.0

exit

interface lo10

ipv6 add 2001:db8:cab1::1/48

ip add 10.1.10.1 255.255.255.0

no shut

exit

interface lo20

ipv6 add 2001:db8:cab2::1/48

ip add 10.1.20.1 255.255.255.0

no shut

exit

interface lo30

ipv6 add 2001:db8:cab3::1/48

ip add 10.1.30.1 255.255.255.0

no shut

exit

interface lo48

ipv6 add 2001:db8:cafe::1/48

no shut

exit

inter range g1/0/6-10, g1/0/12-24

shut

exit

router bgp 65100

bgp router-id 1.0.0.1

neighbor 172.16.1.2 remote-as 65000

neighbor 2001:db8:cab:f001::2 remote-as 65000

address-family ipv4 unicast

network 10.1.1.0 mask 255.255.255.0

network 10.1.10.0 mask 255.255.255.0

network 10.1.20.0 mask 255.255.255.0

network 10.1.30.0 mask 255.255.255.0

neighbor 172.16.1.2 activate

exit

address-family ipv6 unicast

network 2001:db8:cab:f002::/64

network 2001:db8:cab1::/48

network 2001:db8:cab2::/48

network 2001:db8:cab3::/48

network 2001:db8:cafe::/48

neighbor 2001:db8:cab:f001::2 activate

exit

exit

alias exec reset.now tclsh flash:/enarsi/reset.tcl

}

tclquit

D2 Configuration File Scripts

D2 – Trouble Ticket # 1

tclsh

puts [ open “flash:/enarsi/14.1.2.1-d2-config.txt” w+ ] {

hostname D2

banner motd # This is D2, Trouble Ticket 14.1.2.1 #

no ip domain lookup

ip routing

ipv6 unicast-routing

line con 0

logg sync

exec-time 0 0

exit

inter g 1/0/11

no switchport

ipv6 add 2001:db8:b0b:f001::1/64

ipv6 add fe80::b0b:f001:1 link-local

ip add 172.16.2.1 255.255.255.252

no shut

exit

interface lo1

ipv6 add 2001:db8:b0b:f002::1/64

ipv6 add fe80::b0b:f002:1 link-local

ip add 10.2.1.1 255.255.255.0

exit

interface lo10

ipv6 add 2001:db8:b0b1::1/48

ip add 10.2.10.1 255.255.255.0

no shut

exit

interface lo20

ipv6 add 2001:db8:b0b2::1/48

ip add 10.2.20.1 255.255.255.0

no shut

exit

interface lo30

ipv6 add 2001:db8:b0b3::1/48

ip add 10.2.30.1 255.255.255.0

no shut

exit

interface lo48

ipv6 add 2001:db8:cafe::1/48

no shut

exit

inter range g1/0/6-10, g1/0/12-24

shut

exit

ipv6 prefix-list CAFE-POLICY permit 2001:db8:cafe::/48

route-map SET-AS-PATH-CAFE permit 10

match ipv6 address prefix-list CAFE-POLICY

set as-path prepend 65200 65200 65200 65200

exit

route-map SET-AS-PATH-CAFE permit 20

exit

router bgp 65200

bgp router-id 2.0.0.2

neighbor 172.16.2.2 remote-as 65000

neighbor 2001:db8:b0b:f001::2 remote-as 65000

address-family ipv4 unicast

network 10.2.1.0 mask 255.255.255.0

network 10.2.10.0 mask 255.255.255.0

network 10.2.20.0 mask 255.255.255.0

network 10.2.30.0 mask 255.255.255.0

neighbor 172.16.2.2 activate

exit

address-family ipv6 unicast

network 2001:db8:b0b:f002::/64

network 2001:db8:b0b1::/48

network 2001:db8:b0b2::/48

network 2001:db8:b0b3::/48

network 2001:db8:cafe::/48

neighbor 2001:db8:b0b:f001::2 activate

neighbor 2001:db8:b0b:f001::2 route-map SET-AS-PATH-CAFE out

exit

exit

alias exec reset.now tclsh flash:/enarsi/reset.tcl

}

tclquit

!D2 – Trouble Ticket # 2

tclsh

puts [ open “flash:/enarsi/14.1.2.2-d2-config.txt” w+ ] {

hostname D2

banner motd # This is D2, Trouble Ticket 14.1.2.2 #

no ip domain lookup

ip routing

ipv6 unicast-routing

line con 0

logg sync

exec-time 0 0

exit

inter g 1/0/11

no switchport

ipv6 add 2001:db8:b0b:f001::1/64

ipv6 add fe80::b0b:f001:1 link-local

ip add 172.16.2.1 255.255.255.252

no shut

exit

interface lo1

ipv6 add 2001:db8:b0b:f002::1/64

ipv6 add fe80::b0b:f002:1 link-local

ip add 10.2.1.1 255.255.255.0

exit

interface lo10

ipv6 add 2001:db8:b0b1::1/48

ip add 10.2.10.1 255.255.255.0

no shut

exit

interface lo20

ipv6 add 2001:db8:b0b2::1/48

ip add 10.2.20.1 255.255.255.0

no shut

exit

interface lo30

ipv6 add 2001:db8:b0b3::1/48

ip add 10.2.30.1 255.255.255.0

no shut

exit

interface lo48

ipv6 add 2001:db8:cafe::1/48

no shut

exit

inter range g1/0/6-10, g1/0/12-24

shut

exit

ipv6 prefix-list CAFE-POLICY permit 2001:db8:cafe::/48

route-map SET-AS-PATH-CAFE permit 10

match ipv6 address prefix-list CAFE-POLICY

set as-path prepend 65200 65200 65200 65200

exit

route-map SET-AS-PATH-CAFE permit 20

exit

router bgp 65200

bgp router-id 2.0.0.2

neighbor 172.16.2.2 remote-as 65000

neighbor 2001:db8:b0b:f001::2 remote-as 65000

address-family ipv4 unicast

network 10.2.1.0 mask 255.255.255.0

network 10.2.10.0 mask 255.255.255.0

network 10.2.20.0 mask 255.255.255.0

network 10.2.30.0 mask 255.255.255.0

neighbor 172.16.2.2 activate

exit

address-family ipv6 unicast

network 2001:db8:b0b:f002::/64

network 2001:db8:b0b1::/48

network 2001:db8:b0b2::/48

network 2001:db8:b0b3::/48

network 2001:db8:cafe::/48

neighbor 2001:db8:b0b:f001::2 activate

neighbor 2001:db8:b0b:f001::2 route-map SET-AS-PATH-CAFE out

exit

exit

alias exec reset.now tclsh flash:/enarsi/reset.tcl

}

tclquit

A1 Configuration File Scripts – Not Used In This Lab