alcatel-lucent scalable ip lab guide v2.0_downloadable
TRANSCRIPT
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 152
1
Alcatel-Lucent Scalable IP Networks Lab Guide
Version 202
2008-11-14
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 252
Table of Contents
LAB 1 HARDWARE CONFIGURATION3
SECTION 11 ndash SYSTEM IDENTIFICATION 3 SECTION 12 ndash SYSTEM CONFIGURATION 4 SECTION 13 ndash HARDWARE 6 SECTION 14 ndash LOGS 8
LAB 2 IP ADDRESSING AND ROUTING 11
SECTION 21 - ISP ADDRESSING WITH E NTERPRISE CUSTOMERS 11 SECTION 22 ndash ISP ADDRESSING WITH P PE AND CE ROUTERS 13 SECTION 23 ndash LAYER 3 I NTERFACES16 SECTION 24 ndash TESTING FOR ICMP AND ARP18
LAB 3 DYNAMIC IP ROUTING 20
SECTION 31 ndash STATIC R OUTES20 SECTION 32 ndash DEFAULT R OUTES AND R OUTER LOGIC21 SECTION 33 ndash IP FILTERS24
LAB 4 OPEN SHORTEST PATH FIRST (OSPF)26
SECTION 41 ndash SINGLE AREA OSPF26
LAB 5 BGP ROUTING30
SECTION 51 ndash BGP R OUTING30 LAB 6 SERVICES33
SECTION 61 SERVICES FRAMEWORK 33 SECTION 62 VPLS EXAMPLE37
List of Figures
Figure 1 Two Enterprises linked to a common ISP 11
Figure 2 Two ISPS 13
Figure 3 Static routes CE to PE and P PE to CE 21
Figure 4 OSPF in each ISP 26Figure 5 BGP between ISPs and within ISPs 30
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 352
Lab 1 Hardware Configuration
Section 11 ndash System Identif icationObjective
In this exercise the student will configure the date and time on the router Once
completed the student will change the system name of the router to reflect its nodenumber
1 Log in to your node
Login to your node using the default login (admin) and password (admin)
2 Set the system time and date
SR admin set-time ltYYYYMMDD hhmmgt
SR show time
3 Change the system name
Change the system name to RX (X=your node number)depending on which router
you are logged into
SR configure system name ltRXgt
The CLI system prompt will now display the system name
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 452
Section 12 ndash System Configuration
Objective
In this exercise the student will simply verify their current router configuration This willinvolve executing a ldquoshowrdquo command to view the contents of the BOF (Boot only file)
system
1 Simply execute the following command
a Verify that the IP address is the management IP address used to login to the router b Verify the Management Ethernet port configuration settings
RX show bof
===============================================================BOF ( Memor y)==============================================================pr i mary- i mage f t p ltI PAddr essgt 7750_40r 5 i 386- both t i m
pr i mary- conf i g f t p ltI PAddr essgt SI M02 R01 configcfg address 19216811912924 act i vest ati c- r out e 128 0 0 0 1 next- hop 192 168 119 1aut onegot i atedupl ex f ul lspeed 100wai t 4per si st onconsol e- speed 115200
=============================================================
2 Saving your configuration
RX admin save
This will save the configuration to the configcfg file shown above in the bof output
To save the configuration to a different file name the exact location and name of thefile must be specified
RX admin save- save [ltfile-urlgt] [detail] [index]
ltfile-urlgt ltlocal-urlgt|ltremote-urlgt - [255 chars max]local-url - [ltcflash-idgt][ltfile-pathgt]remote-url - [ftp|tftpltlogingtltpswdgt
4
IP Management
AddressEthernet PortParameters
Configurationfile
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 552
5
ltremote-locngt][ltfile-pathgt]cf1|cf1-A| cf3|cf3-A|cf3-B
ltdetailgt keyword - Adds default configurationltindexgt keyword - Forces a save of the index file
The location here can be a compact flash location ftp server or tftp server
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 652
6
Section 13 ndash Hardware
Objective
In this exercise the student will configure InputOutput Modules (IOM) MediaDependent Access (MDA) and the ports The student will then ensure that the ports are
properly configured as far as mode and MTU The configurations are slightly different between the physical router and the router simulator
IOMMDA Configuration
1 In this step the student is not actually configuring the IOM card The student isconfiguring the card slot The IOM card itself already knows what it is Thiscommand shows what type of cards it should expect to see installed
RX show card crarr
Conf i gur e the appr opr i ate sl ot wi t h the equi pped car d
RX configure card ltslotgt crarr ( wher e sl ot i s 1- 10 dependi ng on t herouter)
RXgtconf i ggtcar d card-type iom-20g crarr ( this can be differentPlease verify the correct card in the slot by doing a lsquoshowcardrsquo)
RXgtconf i ggtcar d no shutdown crarr ( by def aul t al l car ds are shut down)
2 The next step is to configure the daughter card slots on the IOM
RX show mda crarr ( command to show all MDAs installed on all cards)
RXgtconf i ggtcar d mda 1 crarr
RXgtconf i ggtcar dgtmda mda-type m60-10100eth-tx crarr ( this can be different
Please verify the correct mda in the slot by doing a lsquoshow mda ltcardgtrsquo)
RXgtconf i ggtcar dgtmda no shutdown crarr
3 Confirm that the configurations were correctly done by using the followingcommands The equipped card type and the provisioned card type listed in the CLIwindow should be identical
RX show card 1 crarr
RX show mda 11
crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 752
7
RX show mda 12 crarr
4 Note The cards and MDAs can be configured incorrectly there is no visible warning
to determine if these components were wrongly configured other than the defaultalarm logs (see Configuring Alarms Section 14) Although the router will accept an
incorrect configuration any service on the incorrectly configured cardsMDAs will
not work correctly
5 Once the cards are correctly configured then configure the ports on the MDAs
Unlike the cards where it was a hierarchical configuration structure the ports are not
configured as part of the MDA hierarchy The student must exit back to the root andthen enter into the port configuration mode The ports are identified by firstidentifying the IOM then the MDA and then the port (111) By default the ports on
a 60 port 10100 card are network mode with a MTU of 1514 The default settingswill suffice for the remainder of this course
RXgtconf i ggt port 111 crarr
RXgtconf i ggtpor t gt no shut crarr
RXgtconf i g port 11[14] no shut crarr
(This command will enable you to configure a string of ports at one time In this casethis command will turn all 4 ports administratively on)
6 Use the following commands to verify that the configurations at the port level arecorrect and functioning properly
RX show port crarr
RX show port 111 detail crarr
(The ldquodetailrdquo extension on a show command will display everything possible about the
item specified This command is very useful in troubleshooting)
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 852
8
Section 14 ndash Logs
Objective
In this exercise the student will configure log-ids and verify their operation The studentwill then set up a relationship within the log-id to identify the source of the information
(the logger) and the destination of the information that they wish to capture
1 Create a Log ID and associate the Log to memory
RX configure log log-id 21 crarr ( t he r ange i s 1- 100 however 99 100 ar er eserved)
RXgtconf i gur egtl oggtl og- i d$ description ldquoMain Stream Logrdquo crarr
RXgtconf i gur egtl oggtl og- i d$ from main crarr (This is the source of the information
that you wish to capture)
RXgtconf i gur egtl oggtl og- i d$ to memory crarr (This is the destination)
RXgtconf i gur egtl oggtl og- i d$ info detail crarr
RXgtconf i gur egtl oggtl og- i d$ exit crarr
RX show log log-id 21 crarr
2 Using the same configuration steps that you have just completed for step 1 repeat the process to configure three other log files using the following parameters
Description Security Log FileLog ndashid 22Log Source security
Destination memory
Description Debug-Trace
Log-id 23Log Source debug-trace
Destination session
Description Change LogLog-id 24
Log Source changeDestination memory
3 Verify the log files configuration and output
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 952
9
a Observe the log file configuration
RX configure log crarr
RXgtconf i gur egtl oggt info crarr
b Observe the security log
To test the security logging open another session to the same router that you arelogged into Try logging in to the router using a wrong loginpassword
On the active session now execute a
RX show log log-id 22 crarr
Observe the failed login attempts
c Observe the Change log
RX show log log-id 24 crarr
Observe all the events in the change log What kind of events are logged here
d
Observe the Debug log Note This will be viewed when debug events are turned up in succeeding labs
e Observe the Main log
RX configure port 115 no shut crarr
RX exit crarr
RX show log log-id 21 crarr
RX configure port 115 shut crarr
f Logout from the active session and now type a
RX config log crarr
RX info crarr
Compare the output of the info command to the output obtained at the beginning of thisstep Is there a difference and why
4 Configuring and viewing alarms
Alarms on the 7x50 are not directly displayed Two log files (log id 99 and log id 100)
are configured automatically on startup to capture alarm events for layer 1 and layer 2
To view these alarms execute
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1052
10
RXgt show log log-id 99
RXgt show log log-id 100
Appropriate parameters can be used in order to display specific information
5
Save your configs
RXgt admin save
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1152
Lab 2 IP Addressing and Routing
Section 21 - ISP addressing with Enterprise Customers
Objective
In this exercise the student will design and implement an IP network addressing scheme
to support the communications between the routers as shown in the diagram below Thisis a paper exercise
Ent A1
30 hosts
Ent B2
300 hosts
11
Figure 1 Two Enterprises linked to a common ISP
Ent B1
90 hosts
Ent A2
60 hosts
ISP
Formatted Portuguese (Braz
Formatted Font (Default) TiNew Roman 12 pt Not Bold Fcolor Auto Portuguese (Brazil
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1252
12
Two enterprises A and B are connected to a central Tier 2 ISP A1 and A2 are two ofEnterprise Arsquos locations connected to the Tier 2 ISP and B1 and B2 are two of
Enterprise Brsquos locations connected to the same Tier 2
The ISP has a public IP addressing space of 13812016020 The Enterprises A and Blease their IP addressing from their ISP Enterprise A requires an IP addressing scheme
that can scale to at most 30 nodes in location A1 and 60 nodes in location A2 The
Enterprise B requires an IP addressing scheme with at most 90 nodes in location B1 andless than 300 nodes in location B2 The ISP can only lease 500 IP addresses (among thetwo enterprises) and will utilize the last part of its assigned sub-network to both theenterprises
Your tasks are to1) Extract a 500 host sub-network from the last part of the ISP IP network address of
13812016020
2) Divide the resulting sub-network into unequal sub-networks satisfying all the siterequirements for each of the enterprise locations Note The sub-networksassigned to each location do not have to be a single aggregate block so long asthey satisfy the number of addresses required
3) Wherever possible optimize address spaces among Enterprise locations
Hint Divide the assigned ISP IP sub-network into equal blocks satisfying the smallest
requirement and then combine the smaller blocks into aggregate or non aggregate
blocks
Entity Number of Host Addresses
IP Network
ISP Network 4094 13812016020
Subnetwork Assigned toEnterprise A and B
510
Enterprise A
Location A1
Location A2
Enterprise B
Location B1
Location B2
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1352
Section 22 ndash ISP addressing with P PE and CE routers
Objective
In this exercise the student will design and implement an IP network addressing scheme
to support the communications between the routers as shown in the diagram below TheIP addressing schema will be used further in the subsequent lab exercises
Figure 2 Two ISPS
There are two ISPs shown in the above diagram ISP 1 consists of routers P1 P2 PE5and PE6 ISP 2 consists of routers P3 P4 PE3 and PE4
P1 and P2 P3 and P4 are considered provider routers and serve as transit points to other
provider routers PE1 and PE2 PE3 and PE4 are provider edge routers and connect to theISP customers These routers provide Internet and other network access to the ISP
customers
13
CE4R12
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1452
14
CE 1 and CE2 are customer edge routers that represent customers of ISP 1 CE3 and CE4are routers that represent customers of ISP2 These routers provide traffic from the ISP to
the various customer entities
Each ISP is assigned the following public address space by IANA
ISP 1 140100024
ISP 2 150100024
Your task is to design an IP sub-network based on the address space provided and assignthe sub networks to the various routers based on the following requirements which are the
same for both ISPs Note All students assigned to each of the ISP must collaboratetogether
Requirements
1 The first 32 addresses in the assigned IP space for both ISPs are reserved for system
and other internal loopback addresses on the P PE Each of the routers in the ISP andwill require a system address from this block
2
The next 64 addresses in the assigned IP space for both ISPs are reserved for futureuse
3 All customer routers on both ISPs are connected to at most 60 hosts So each ISP
needs to assign two 60 host addressing schemes to represent all the customers4 All inter router links including CE-PE router links within each ISP are point to point
links however for the sake of convenience they should be assigned lsquo30rsquo based
addresses
5 ISP 1 and ISP2 provider routers are physically connected to each other but are not peering to each other
Enter the addresses in the table below
ISP Number 1 Router Port Interface name IP Address
PE1 System
toP1
toPE2
toCE1
P1 System
toP3 Not used
toP2
toPE1
PE2 System
toP2
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1552
15
toPE1
toP1
P2 System
toPE2
toP4 Not used
toP1
CE1 System Not used
toPE1
Aggregate
CE2 System Not used
toPE2
Aggregate
ISP Number 2 Router Port Interface name IP Address
PE3 System
toP3
toPE4
toCE3
P3 SystemtoP1 Not used
toP4
toPE3
PE4 System
toP4
toPE3
toCE4
P4 System
toPE4
toP3
toP2 Not used
CE3 System Not usedtoPE3
Aggregate
CE4 System Not used
toPE4
Aggregate
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1652
16
Section 23 ndash Layer 3 Interfaces
Objective
In this exercise the student will configure the layer 3 interfaces as per the IP addressing
scheme listed in the tables in the previous exercise
1 Using the following command take a look at any existing interfaces on the router
Notice that the system interface is already created This interface exists by defaultand cannot be removed The only requirement is to assign the system interface with
an IP address The system interface will be automatically used by the various routing protocols as the router-id
XXXgtshow router interface crarr
2 Assign the IP address to the system interface as per the above table on the PE and Prouters
XXXgtconf i ggtrouter crarr XXXgtconf i ggtr outer interface system crarr
XXXgtconf i ggtr out ergti f address xxxxxxxxxxxx 32 crarr
XXXgtconf i ggtr out ergti f exit crarr
3 Assign the IP addresses to the rest of the interfaces on the CE PE and P routers Thedifference between these interfaces and the system interface is the fact that the non-
system interfaces require the addition of a physical port
a The system interface being a loopback or virtual interface does not have a
physical port assigned to it b Other non-system interfaces can also be created as loopback interfaces (as
shown below) and also not required the addition of a physical port However
they need to be explicitly configured as a loopback interfaces by specifyingthe command ldquoloopbackrdquo
c The customer networks on the CE router can be specified as a loopback
interface for the purpose of aggregation however on the loopback interface asingle host address in the customer network needs to be defined
Interface Type Name Loopback Subnet Mask Port Config
Normal ldquoAny Stringrdquo No 8-31 Required
System system Implicit 32 None
Loopback ldquoAny Stringrdquo Explicit 8-31 loopback
XXXgtconf i ggtr outer interface Hosts crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1752
17
XXXgtconf i ggtr out ergti f $ address xxxxxxxxxxxxyy crarr XXXgtconf i ggtr out ergti f $ loopback
XXXgtconf i ggtr out ergti f $ exitcrarr
4 Continue until all the interfaces have been assigned an IP address and the interface
has been associated to the correct port Once completed use the show command tosee the status of the router interfaces that have just been created The administrative
and operational status should both be up If an interface shows operationally downthis could be indicative of a physical problem Use the info command to view theconfiguration of the router interfaces to ensure that they have all (with the exception
of the System interface) been associated with a port
XXXgtshow router interface crarr
XXXgtconf i ggtroutercrarr
XXXgtconf i ggtr outer info crarr
5 Using the show command check the route tables of all the CE PE and P routers inyour ISP Notice the routes that now appear in the route table and take note of their
protocol type The PE routers should see 4 routes in the route table while the Prouters should see 4 routes in the route table
XXXgtshow router route-table crarr
Is there a difference between the outputs of the lsquoshow router interfacersquo command andthe lsquoshow router route-tablersquo command What is the difference
__________
6 Using the ping command check connectivity from a router to the distant end of each
of its interfaces to the neighboring routers For example on the PE routers check theconnectivity to the distant end of the interface connecting it to the P router and on theCE router check the connectivity to the PE router
XXXgt ping xxxxxxxxxxxx crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1852
18
Section 24 ndash Testing for ICMP and ARP
Internet control messaging protocol is an IP protocol used to report on errors deliveringan IP datagram When a destination address is unreachable the router that cannot find the
destination sends an ICMP destination unreachable to the source of the IP datagram ARPis a mechanism used to find out the MAC address corresponding to a specific IP address
if one does not exist in the sourcersquos ARP cache
1 To verify ICMP messages are being generated turn on debug for ICMP packets on allcore routers To turn debug icmp on
XXXgt debug router ip icmp
2 From the edge devices attempt to ping the IP address of the far-end interface to your
core router using your edgersquos system interface address as the source address Observethe debug ICMP messages on the core routers
3 To verify ARP operation by the router turn on debug IP ARP on the routers in any
ISP (P1-P2 P3-P4 PE1 and PE2 PE3 and PE4) routers Execute the followingcommand on each of the routers
XXXgt debug router ip no icmp
XXXgt debug router ip arp
XXXgt clear router arp all
XXXgt show router arp (This should be empty now)
4 NOTE Wait until all students are at this point before proceeding
From any PE router attempt to ping the system interface IP address of all the other
directly connected routers Observe the debug ARP message Verify the ARP entryfor the neighboring interface has been added
XXXgt show router arp
How many ARP entries are on each router at this point __________
5 From any P router attempt to ping the network interface IP address of all the otherconnected routers Observe the debug ARP message Verify the ARP entry for theneighboring interface has been added
XXXgt show router arp
How many ARP entries are on each router at this point __________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1952
19
Explain ________________________________________________________________________
________________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2052
Lab 3 Dynamic IP Routing
Section 31 ndash Static Routes
Objective
In this exercise the student will configure a static route from the PE to the P router andfrom the P router to the PE router that will allow both routers to ping the system interface
of each other At this point the operator can only ping the interfaces that are directlyconnected to the router This is because those are the only networks that are known bythe router Should the operator at the PE router attempt to ping the system interface of
the P router it will fail as the PE router has no route to the destination (it is not shown inthe route-table)
1 The first step is to define the network that the operator wishes to reach In this case itwill be the address of the system interface of the distant router Once that is defined
then the router must be informed of which interface to send the information out of toreach the distant network Note when defining the ldquonext-hoprdquo interface informationthe IP address used is the distant IP address of the interface not the local IP address of
the router interface Log in to the PE router and configure a static route using thefollowing command structure The first IP address defined is the destination network
plus mask In this case it is the system interface of the P router The second IPaddress defined is the IP address of the P end of the interface that connects the P tothe PE
XXXgtconfigure router static-route xxxxxxxxyy next-hopxxxxxxxx
2 The next step is to log on to the P routers and configure a static route to the systeminterface of the PE router The command structure is the same as above The onlything that will change is the IP addresses
3
Once completed verify connectivity between the P and PE routers in your pod by pinging the system interface of the other router
XXXgt ping xxxxxxxxxxxx crarr
4 View the contents of the routing table and answer the following questions
XXXgtshow r out er r out e- t abl e crarr
a How many routes in the table ________
b What is the preference and metric value of each type of routing entry
________________________________________________________________________
________________________________________________________________________
___________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2152
Section 32 ndash Default Routes and Router Logicction 32 ndash Default Routes and Router Logic
ObjectiveObjective
In this exercise the student will configure a default route on the Customer Edge CE
router The purpose of this default route is to allow IP connectivity from the CE router tothe rest of the routers in the network This is possible due to the fact that the CE router
has only one interface towards the ISP core Therefore if the destination is not local itmust be out that interface
In this exercise the student will configure a default route on the Customer Edge CE
router The purpose of this default route is to allow IP connectivity from the CE router tothe rest of the routers in the network This is possible due to the fact that the CE router
has only one interface towards the ISP core Therefore if the destination is not local itmust be out that interface
Figure 3 Static routes CE to PE and P PE to CEFigure 3 Static routes CE to PE and P PE to CE
21
CE4R12CE4R12
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
Static Route T e 2
Static Route T e 3
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2252
22
For this exercise the CE devices will configure default routes towards theirconnected PE router Each P and PE router will configure static routes for the CE
networks (the aggregate networks that were created as part of the subnetwork exercisein Section 22) connected to their local ISP For example P1 and PE1 will eachconfigure a static route to CE1 networks and another static route to the CE2 networks
Note that each P and PE router will configure 2 static routes for each CE
1 To configure a default route is to configure a static route The only difference is thedestination network and mask information In a default route the wild card network
and mask is used to match all network prefix values that do not match anything elsein the route-table Use the following configuration on the edge router of your pod
For the next hop use the interface as defined on the previous page
XXXgtconfigure router static-route 00000 next-hop xxxxxxxx crarr
2 Log on to the core (P and PE) routers and configure static routes for each CE
customer network address of the CE routers in your local ISP For each networkthere are 2 paths through your ISP For this exercise you will enter both static routes
into each PPE router The difference will be the metric value that is used The valueof the metric is the total number of routers (including the local router) traversed toreach the destination device
XXXgtconfigure router static-route xxxxxxxxyy next-hop
xxxxxxxx met r i c zcrarr
3 Use the show command to verify the existence of the default and static routes
XXXgtshow router route-table crarr
How many routes are there in the PPE routerrsquos routing table _______
Explain
_____________________________________________________________________ _____________________________________________________________________
4 Once everyone has completed the default route configuration log on to the CE router
and ping and traceroute the various system interfaces of the various routers within thenetwork Log into the P and PE router and try to ping the configured host address on both the CE routers in the ISP
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________
Which devices were not reachable ______________________________
XXXgttraceroute xxxxxxxxxxxx crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2352
23
What path is being taken to the other CE within your local ISP ____________________________________________________________________
5 Shut down the link directly between the PE devices
XXXgtconfigure port XYZ shutdown crarr
Which devices are still reachable _______________________________
Explain _____________________________________________________________________
_____________________________________________________________________A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2452
24
Section 33 ndash IP Filters
Objective
In this exercise the student will configure an IP filter on the routers to block ICMP echo-
request access to an IP address range
To configure an IP filter we must first determine the address and protocol types that we
will be allowing access to and the direction where the filter will be applied In this casewe will be blocking access to any of the CE customer host addresses from the protocol
ICMP (IP Protocol type 1) We will block access in the INGRESS direction on the CEinterface towards the PE
CE Routers Only
6 Create and describe the filter ip instance on the CE device
XXXgt configure filter ip-filter 77 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er $ description ldquoBlock ICMP to Customernetworkrdquo
7 Set the default-action to forward
XXXgtconf i ggtf i l t er gti p- f i l t er $ default-action forward crarr
8 Deny access to all host address range only for ICMP echo-requests Note We will
match in the ingress direction
XXXgtconf i ggtf i l t er gti p- f i l t er $ entry 10 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match dst-ip xxxxxxxxyy crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match protocol 1 icmp-type echo-
request crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ action drop crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ exit all crarr
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful _____Explain _____________________________________________________________________
_____________________________________________________________________
10 Apply the filter on the CE to the router interface connected to the PE device
XXXgt configure router interface toPEx crarr
XXX gtconf i ggtr out ergti f $ ingress filter ip 77 crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2552
25
11 From the PE ping the attached CErsquos configured host loopback address Successful _____
12 From the CE ping the attached PErsquos system IP addresses Successful _____Explain
_____________________________________________________________________
_____________________________________________________________________
PE Routers only Do not start until CE Router section is completed
13 Create and describe the filter ip instance on the PE device
XXXgt configure filter ip-filter 77 create crarr XXXgtconf i ggtf i l t er gti p- f i l t er $ description ldquoBlock ICMP to System
Addressrdquo
14 Set the default-action to forward
XXXgtconf i ggtf i l t er gti p- f i l t er $ default-action forward crarr
15 Deny access to the system IP address only for ICMP echo-requests Note We willmatch in the ingress direction so the packets will destined to the system IP address
XXXgtconf i ggtf i l t er gti p- f i l t er $ entry 10 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match dst-ip xxxxxxxxyy crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match protocol 1 icmp-type echo-
request crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ action drop crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ exit all crarr
16 Apply the filter to the router interface connected to the CE device
XXXgtconfigure router interface toCExcrarr
XXXgtingress filter ip 77 crarr
17 From the PE ping the attached CErsquos loopback host IP address Successful _____
18 From the CE ping the attached PErsquos system IP address Successful _____Explain
_____________________________________________________________________ _____________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2652
Lab 4 Open Shortest Path First (OSPF)
Section 41 ndash Single Area OSPF
Objective
In this exercise the student will configure a single area OSPF network for each ISP Thislab will demonstrate the different databases that are created by the OSPF routing
protocol
CE4R12
26
Figure 4 OSPF in each ISP
NOTE Remove all static routes configured in the P and PE devices in the previous
labs DO NOT remove the static routes to CE networks on the PE
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
OSPF
OSPF
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2752
27
1 The first step is to enable the OSPF routing process on the router
XXX configure router ospf crarr
2 Next define the area that the interfaces will be placed in Remember that the areamust match between routers connected on the same interface for OSPF to establish an
adjacency The objective of this exercise is to configure a single area OSPF network
therefore all students should use the same area number
XXXgtconf i ggtr outergtospf $ area 0 crarr
3 Now enter into this area all the interfaces that you want OSPF to operate on and sendout its advertisements In this case place all the PE and P router interfaces inside thelocal ISP into the OSPF process area 0 Note that ISPs rarely exchange routes witheach other using an IGP protocol of any sort
XXXgtconf i ggtr out er gtospf gtar ea$ interface system crarr
XXXgtconf i ggtr outergtospf gtar eagti f $ exit crarr XXXgtconf i ggtr outergtospf gtar eagt interface toPE1
XXXgtconf i ggtr out ergtospf gtareagti f $ interface-type point-to-point crarr
Continue until all the interfaces on the PE and P routers within the ISP are enteredinto the OSPF process in area 0
XXXgtshow r out er r out e- t abl e crarr
a How many routes in the table ________ b
_________________________________________________________________ _________________________________________________________________
_________________________________________________________________ _________________________________________________________________
What is the preference and metric value of each OSPF Route
4 Use the show command to look at the OSPF neighbors of the P routers
XXXgtshow r out er ospf nei ghbor crarr
a How many neighbors do you see on the P devices _____ PE _____ CE _____
b What is the state of their adjacency ____ Why
____________________________________________________________________
____________________________________________________________________
Use the following command to show the ospf link state database This database is alisting of all LSAs that have been received by the router It is these LSAs that the SPFalgorithm uses to create the forwarding table
XXX show router ospf database detail crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2852
28
a What types of LSAs are in the database _______________________________________________________________
_______________________________________________________________ b Is the database consistent on all the ISP routers _______
5 Once everyone has completed the OSPF configuration login to the P router and ping
the other PE router system interfaces
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________Which devices were not reachable ______________________________
Explain _____________________________________________________________________ ___________________________________________________________________
6 To reach the CE networks from any of the PE and P routers the CE networks need to
be distributed into OSPF running on PE and P routers The static routes to the CEnetworks are defined on the PE routers and need to be distributed on the PE routers
To do this
a
the PE router must be configured as an ASBR (Autonomous System Border
Router) The ASBR configuration under OSPF enables a router running the OSPFrouting protocol to distribute networks external to the OSPF domain into OSPFIn this case the static routes to the CE networks are not part of the ISP OSPF
domainOn the PE routerXXXgtconf i ggtr out er gtospf gtar ea 0 asbrcrarr
b A routing policy on the PE distributes the static routes into OSPF
On the PE routerXXX configure router policy-options crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons begin crarr XXXgtconf i ggtr out ergtpol i cy- opt i ons policy-statement Export_Routes crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement $ entry 10 crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y$
from protocol static crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y
action accept crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r ygtact i on
back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons commit crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons exit all crarr XXXgtconf i ggtr outergtospf export Export_Routes
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2952
29
7 From the PE and the P routers ping all the CE networks (ie ping the CE hostloopback address) within the ISP
Which devices were reachable _______________________________
Which devices were not reachable ______________________________Explain
_____________________________________________________________________
___________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3052
Lab 5 BGP Routing
Section 51 ndash BGP Routing
Objective
In this exercise the student will configure their ISP as a BGP Autonomous System The
student will then configure the BGP routing protocol to connect the Autonomous Systemstogether and exchange routing information
CE4R12
Figure 5 BGP between ISPs and within ISPs
30
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
OSPF
OSPF
BGP
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3152
31
1 Assign your AS number to your P and PE routers (R1-R8)
XXXgtconf i ggtr out er autonomous-system 6500n (n = ISP) crarr
2 P1 and P3 P2 and P4 will be configured as external BGP peers (eBGP) Note thateBGP peers typically use the next-hop interface IP address as the neighbor address
Since the ISPs will now be peering (share an IP network) between them assign the
link between P1 and P3 host addresses from 145001031 and the link between P2and P4 will be assigned hosts from the 145002031 network
XXXgtconf i ggtr out er bgp gr oup eBGP crarr
XXXgtconf i ggtr out er gtbgpgtgroup$ nei ghbor xxxxxxxx crarr
XXXgtconf i ggtr outergtbgpgtgroupgtnei ghbor$ peer - as ltremote ASgt crarr
3 P1 and P2 P3 and P4 will be configured as internal BGP peers (iBGP) Note that
iBGP peers typically use the system interface IP address as the neighbor address
XXXgtconf i ggtr out er bgp group i BGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ nei ghbor xx xx xx xx crarr
XXXgtconf i ggtr outergtbgpgtgroupgtnei ghbor$ peer - as ltl ocal ASgt crarr
4
At this point each P router should have one internal and one external BGP session
xxx show r out er bgp summar y crarr
5
We can see the advertised routes for reach neighbor using the following command
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
a How many routes are advertised to each neighbor _____ b Explain
____________________________________________________________ __________________________________________________________
6
BGP like other distance vector protocols requires an export policy to advertise-routes to other BGP peers The most accepted way to originate a route from an ISP isto create a black-hole static route for all aggregates to be advertised This will ensure
these routes always exit to eliminate IGP related route flapping Create the black-holestatic route for the aggregate of your local ISP A black hole indicates that traffic fora particular route will be discarded unless a more specific route exists in the routing
table A black hole static-route only makes sense from an aggregation view point Foreg if there are the following routes in the routing table
XXX configure router static-route xxxxxxxxyy black-hole
preference 250
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3252
32
8 Execute the following set of commands on the core routers (R1-R4) This will exportall static routes to the eBGP peers
XXX configure router policy-options crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons begin crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons policy-statement Export_Routes crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement $ entry 10 crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y$
from protocol static crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y
action accept crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r ygtact i on
back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons commit crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons exit all crarr
XXXconf i gur e router bgp group eBGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ expor t Expor t _Routes crarr
NOTE Wait for all nodes to be fully configured before proceeding
7
Notice that there are routes being advertised now that the policy is applied
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
How many routes are in the routing table of R1-R4 ________________Explain
_____________________________________________________________________ ___________________________________________________________________
9 Log on to the PE routers and ping the other P router system interfaces of the other ISP
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________Which devices were not reachable ______________________________
Explain _____________________________________________________________________
___________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3352
Lab 6 Services
Section 61 Services Framework
Objective
In order to complete the next group of labs we need to create a topology to support the
services we will deploy The two service providers from the previous sections havemerged into one and are offering a VPLS service across their network As long as routesexist to the system addresses of all the PE devices in the provider network a VPLSservice can be created The new service provider is running OSPF as the IGP for their
core network
33
Figure 6 Service Provider core network
CE4R12
P1R1 P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
OSPF
CE3R11
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3452
34
Running an IPMPLS-based service requires a Label Distribution Protocol (wersquoll useLDP for ease of deployment) and a full mesh of Service Distribution Paths (SDPs)
Follow the steps below
Reference Terminology
R1-R4 = Provider Routers = P1-P4
R5-R8 = Provider Edge Routers = PE1-PE4R9-R12 = Customer Edge Routers = CE1-CE4
Part 1 Provider Router Configuration (P1-P4)
1) In the previous lab routing between ISPs is provided by BGP Since the ISPs have
merged they will be merged into one routing domain running OSPF as their IGP
The interfaces between R1 and R3 and between R2 and R4 must be added to OSPF to
make this a single routing domain
2) The MPLS signaling protocol that will be used in the following section is LDP LDP
must be enabled on ALL interfaces that will be required to perform MPLS Label
exchange
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr
XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toP_ is the router interface to all neighboring routers
Part 2 Provider Edge Router Configuration (PE1-PE4)
1) LDP must be enabled on ALL router interfaces in the provider core to allow labels to
be exchanged across the Provider and Provider Edge routers
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toR_ is the router interface to the P and PE routers only
LDP is an MPLS signaling protocol therefore once all routers in the network have been
correctly configured for LDP LSPs will be created dynamically based on the systemaddresses of each node in the network
3) Configure a full mesh of SDPs (Service Distribution Paths) between the PE routers
only This will allow the distribution of services across all PE routers in the networks
When yoursquove completed this section each PE node will have a total of 3 SDPs to
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3552
35
each of the other 3 PEs The SDP is identified by an integer and we will use the router
number (5 6 7 or 8) of the far end PE to identify the SDP So PE1 (R5) will have 3
SDPs numbered 6 7 and 8 to each of the other three PEs
XXXgtconf i gure servi ce sdp x mpl s cr eat e crarr
XXXgtconf i ggtser vi cegtsdp$ f ar - end xxxxxxxxxxxx crarr
XXXgtconf i ggtser vi cegtsdp$ l dp crarr
XXXgtconf i ggtser vi cegtsdp$ no shut down crarr
Where x is the router number of the destination node
Where xxxxxxxxxxxx is the system IP address of the far-end device
Part 3 Customer Edge Router Configuration (CE1-CE4)
In the following service labs the Customer Edge devices will be configured as traditional
routers Each CE router has an interface in the same IP subnet The VPLS service will join these four routers in the same way an Ethernet switch would join them Thefollowing configuration is required on each CE device
1) Create the router interface on the interface connecting the CE to the service enabled
PE devices
XXXgtconf i gure r out er i nt er f ace ser vi cesCE_ crarr
XXXgtconf i ggtr out ergti f $ addr ess 192 168 1 x 24 crarr
XXXgtconf i ggtr out ergti f $ por t X Y Z crarr XXXgtconf i ggtr outergti f $ no shutdown
Where x is the local router number
Where XYZ is the physical network port connecting the CE to the neighboring
PE
2) Create OSPF area 0 and add the Router Interface created in step 1 and the system
interface to it
XXXgtconf i gur e rout er ospf area 0 crarr
XXXgtconf i ggtr out ergtospf gtarea$ i nter f ace syst emcrarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
XXXgtconf i ggtr out ergtospf gtarea i nter f ace servi ceCE1 crarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
Part 4 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3652
36
1) LDP is the protocol used for signaling which tunnel labels will be PUSHed
SWAPped POPped while data traverses the LSP To view which labels will be used
and their function use the following command
XXX show r out er l dp bi ndi ngs act i ve crarr
a How many PUSH actions on the P PE and CE devices
_______________________ Explain _______________________________________________________________
_______________________________________________________________
__________
b How many SWAP actions on the P PE and CE devices
_______________________ Explain
_______________________________________________________________
_______________________________________________________________
__________
c How many POP actions on the P PE and CE devices
_________________________ Explain
_______________________________________________________________ _______________________________________________________________
__________
2) CE Connectivity
a How many OSPF adjacencies are there on your CE device _____
b Ping the other CE devices in the network (ping 1921681x)
Explain the results ________________________________________________________________________ ________________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3752
Section 62 VPLS Example
Objective
A VPLS is a layer 2 service that can connect multiple sites in one LAN Itrsquos like creatinga virtual Switch out of a network of Service Routers In this lab we will create a VPLSacross all the PE nodes The PE devices will connect to each other with a full mesh using
mesh-sdp Note that after the service reference topology has been configured adding
services from edge to edge does not require any further modification of the P devices
37
Figure 6 VPLS service in each ISP between PE and P routers with SAP connections to CE routers
Part 1 Provider Edge Router Configuration (R5-R8)
1) Create the VPLS service
CE4R12
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
CE3R11
VPLS 1
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3852
38
XXXgtconf i gur e servi ce vpl s 1 cust omer 1 cr eat e crarr
XXXgtconf i ggtser vi cegtvpl s$ no shut down crarr
2) SDPs are used to distribute services across multiple service routers and therefore
bind a transport tunnel to the service You will need to create a mesh-sdp between
each PE router (R5-R8) to allow full communication across the PE routers Each PE
router should have 3 mesh-SDPs at the conclusion of this step Note that a mesh-sdp
will not forward a frame out another mesh-sdp allowing for a loop free service
topology within the core
XXXgtconf i gur e ser vi ce vpl s 1 mesh- sdp x create crarr
XXXgtconf i ggtser vi cegtvpl sgtmesh- sdp$ back crarr
Where x is the sdp to the other PE routers (R5=5 R6=6 R7=7 R8=8)
3) Service Access Points are used to attach CE devices to services on PE devices
XXXgtconf i gur e servi ce vpl s 1 sap X Y Z cr eat e crarr
Where XYZ is the physical port connecting the CE device to the PE
a Were you successful at adding the SAP _______
b Explain
_______________________________________________________________
_______________________________________________________________
c Correct the problem
XXXgtconf i gur e port X Y Z shut down crarr
XXXgtconf i gur e por t X Y Z et her net mode access crarr
XXXgtconf i gur e por t X Y X no shut down crarr
Part2 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
a View the in-use Service LDP bindings on the P and PE routers (U after label
indicates in-use)
XXX show r out er l dp bi ndi ngs f ec- t ype ser vi ces crarr
a How many Ingress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3952
39
b How many Egress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
b Network Connectivity
a How many OSPF adjacencies are there on your CE device _____
b
Are you able to ping the other CE devices in the lab _____c Are you able to ping the system IP address of the P device from the CE
device ____
d Explain the results
_______________________________________________________________
_______________________________________________________________
c Services Use the following command to determine the health of your services
XXXgt show ser vi ce servi ce- usi ng crarr
a How many services are there on each device in your POD ______
b
What is their status ______c Use the following command to find out more information about your service
XXXgt show ser vi ce i d 1 base crarr
d On each PE device we can see the MAC database per service using the
following command
XXXgt show ser vi ce i d 1 f db det ai l crarr
i How many local MAC addresses are in your table ____
ii How many remote MAC addresses are in your table ____
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
XXXgtconf i gur e servi ce sdp x shutdown crarr
Where x is the SDP to the remote PE device (R5=5 R6=6 R7=7 R8=8)
i How many OSPF adjacencies are there on your CE device _____
ii Ping the system IP addresses of all other CE devices in the lab
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4052
40
iii Explain the results
_________________________________________________________
_________________________________________________________
f On the P routers observe the impact of step d
XXXgtshow r out er l dp bi ndi ngs act i ve crarr
i
How many labels are there _____________
ii Is there any difference compared to what was seen in previously in
step a ________________
Explain __________________________________________________________________
__________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4152
41
Solutions
Exercise 13 Hardware
Sample Relevant Config--------------------------------------------------
echo Card Configuration--------------------------------------------------
card 1card-type iom-20g
mda 1
mda-type m60-10100eth-tx
ingress
mcast-path-managementshutdown
exit
exit
exit
exit
--------------------------------------------------
Exercise 14 Logs
Sample Relevant Config--------------------------------------------------echo Log Configuration
--------------------------------------------------
log
log-id 21
description Main stream log
from main
to memoryexit
log-id 22
description Security Log File
from security
to memoryexitlog-id 23
description Debug-trace
from debug-trace
to memoryexit
log-id 24
description Change Log
from change
to memoryexit
exit
Exercise 21
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4252
42
Divide up the ISP address space into equal space 512 host addresses
13812016022
13812020022
13812024022
13812028022 - divide into 13812028023 and 13812030023
Take the last 13812030023 and divide that into
13812030027 A1 30 hosts
138120303227 A2 62 hosts
138120306427
138120309627 B1 92 hosts
1381203012826
1381203019226 B2 316 hosts
13812031024
Exercise 22
Divide 140100024 into 827 address spaces
140100027 Reserved Reserved
1401003227 Unused
1401006427 Unused
1401009627 Split 1401009630
14010010030
14010010430
14010010830
14010011230
14010011630
14010012030
14010012430
All interface addresses
14010012827 Aggregate 14010012826 Assigned to Customer
space
14010016027
14010019227 Aggregate 14010019226 Assigned to customer
space
14010022427
Exercise 23
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4352
43
5 Is there a difference between the outputs of the lsquoshow router interfacersquo command
and the lsquoshow router route-tablersquo command What is the difference
Yes there is a difference The route table shows me the networks that are connected to myrouter and the logical interface it is connected to The router interface command shows
me the host address assigned to the port from the network that is used on my router along
with the physical port it is bound to
Relevant Configuration from P1
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
router
interface system
address 140100132
exit
interface t-R2exit
interface to-R2
address 140100530
port 112exit
interface to-R3
address 14010010930
port 113
exitinterface to-R5
address 14010011830
port 111
exit
exit
Exercise 244 How many ARP entries are on each router at this point
There are no ARP entries in my ARP table at this point The routers do not know how to
reach the system addresses of other routers so no ARP responses are received
5 How many ARP entries are on each router at this point
I see entries for each of my directly connected peers The MAC address belongs to the
remote routerrsquos interface ARP entries are populated because all routers know of theirdirectly connected networks and will respond to ARP requests accordingly
Exercise 31
5 View the contents of the routing table and answer the following questions
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4452
44
a How many routes in the table
There are routes for all my connected networks and an additional STATIC routefor each entry I put in
b What is the preference and metric value of each type of routing entry
The LOCAL entries have a Metric and Preference of 0The Static Routes have a Metric of 1 and a Preference of 5
Exercise 323 How many routes are there in the PPE routerrsquos routing table
Even though I entered 4 static routes total on the router only 2 are active in myrouting table The router preferred the static-route with the lowest metric
4 Which devices were reachable
I was able to ping the CE routers
Which devices were not reachable
I was unable to ping the System addresses of routers 2 hops away as they do not have
routes to the remote CE system address in their table The directly attached PE routerhas a staticroute to the local CE system address from a previous step
What is the PATH to the other CE within your local ISP
CE PE PE CE
5
Shut down the link directly between the PE devices
Which Devices are still reachable
I am still able to PING the other CE in my ISP by using the alternate (floating) static-route that replaced the last route Once a interface goes operationally down routers
flush routes from their routing table that use it as their next-hop
Exercise 33
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4552
45
YES While the filter is created it is not applied to any interface yet
11 From the PE ping the attached CErsquos configured host loopback address
SuccessfulYES
12 From the CE ping the attached PErsquos system IP addresses
Successful NO The filter is blocking icmp echo-requests in only one direction therefore ping
works one way but not the other
17 From the PE ping the attached CErsquos loopback host IP address
Successful
YES ICMP echo-requests are not blocked to the Loopback segment ONLY thesystem IP
18 From the CE ping the attached PErsquos system IP address
Successful
NO The filter is now blocking ICMP echo-requests to both CE and PE systemaddresses
Sample PE Relevant Config
--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forwarddescription Block ICMP to System Address
entry 10 create
match protocol icmpdst-ip 1511003032
icmp-type echo-request
exit
action drop
exit
exitexit
--------------------------------------------------
echo Router (Network Side) Configuration
--------------------------------------------------
interface to-R12
address 15110012630 port 112
ingress filter ip 77
exit
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4652
46
Sample CE Relevant Config--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forward
description Block ICMP to System Addy
entry 10 creatematch protocol icmp
dst-ip 1511003132
icmp-type echo-request
exit
action dropexit
exit
exit
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
interface to-R8
address 15110012530
port 112ingress filter ip 77
exit
Exercise 413
c How many routes in the table
There are 5 OSPF routes in my routing table 3 System Addresses and 2 Intefacenetworks that are not directly connected to my local system
d What is the preference and metric value of each OSPF Route
The OSPF routes vary in metric depending how ldquofarrdquo away they are (OSPF usescumulative cost based on bandwidth) but all have a preference of 10
4c How many neighbors do you see on the P devices 2
PE 2
CE 0
d What is the state of their adjacency
The P and PE adjacencies are Established because there is a OSPF speaker on the
other end with the proper parameters configured
There is no OSPF adjacency to the CE router listed as none was configured
e What type of LSAs are in the database
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4752
47
Only Type 1 Router LSA are present due to the interface being configured as point-
to-point
5 Which devices were reachable
All the devices in the local ISP were now reachable
Which devices were not reachable
The devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs Also none of the CE Host Networks were reachable as therouters did not have routes for these networks in their local routing table
6 Which devices were reachable
All networks and devices in the local ISP are now reachable
Which devices were not reachable
Devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs
Sample Relevant Config
--------------------------------------------------
echo OSPFv2 Configuration
--------------------------------------------------
ospf
area 0000interface system
interface-type point-to-point
exit
interface to-R4interface-type point-to-point
exitinterface toLAN
interface-type point-to-point
exitexit
exit
exit
Exercise 515 How many routes are advertised to each neighbor
There are no routes advertised to the neighbors because BGP does not originateroutes until an export policy is created and applied to the BGP instance
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4852
48
8 How many routes are in the routing table of R1-R4
There is 1 BGP route in each of R1-R4s routing tables matching the best path tothe aggregate advertised by the remote ISPs
9 Which devices were reachable
From the PE routers only the P routers in the local ISP were reachable
Which devices were not reachable
All routers in the remote ISP were still unreachable This is due to the local PE router
not participating in the BGP routing protocol and therefore it is not aware of theaggregate route advertised from P to P router
Sample Relevant Router Config
--------------------------------------------------
echo Static Route Configuration
--------------------------------------------------
static-route 140100024 black-hole--------------------------------------------------
echo Policy Configuration
-------------------------------------------------- policy-options
begin
policy-statement Export_Routes
entry 10
from protocol static
exit
action accept
exit
exit
exit
commitexit
--------------------------------------------------
echo BGP Configuration
--------------------------------------------------
bgpgroup eBGP
export Export_Routes
exit
group ebgpneighbor 1601006
peer-as 65002
exit
exitgroup ibgp
neighbor 1401002
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4952
49
peer-as 65001
exit
exit
exit
exit
Exercise 61Part 4 Verification
1 a How many PUSH actions on the P PE and CE devices
There are 7 PUSH operations on each P and PE device There are no PUSHoperations on the CE as it is not running LDP
b How many SWAP actions on the P PE and CE devices
There are 7 SWAP operations on each P and PE device There are no SWAP
operations on the CE as it is not running LDP
c How many POP actions on the P PE and CE devices
There is 1 POP operation on each P and PE device There are no POP operationson the CE device as it is not running LDP
2
a How many OSPF adjacencies are there on your CE device
None
b Ping the other CE devices in the network (ping 1921681x)
Nothing is reachable because there is no layer 2 connectivity from CE to CE
device without creating a service
Exercise 62 3 Were you successful at adding the SAP
No The port must be in access mode before you can create a SAP on it
Part 2 Verification
1
g How many Ingress labels
There are now 3 Ingress labels on the PE devices The P and CE device has no
service labels
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5052
50
h How many SWAP actions
There are now 3 Egress labels on the PE devices The P and CE device has noservice labels
2
a
How many OSPF adjacencies are there on your CE device3
b Are you able to ping the other CE devices in the lab
YES
c Are you able to ping the system IP address of the P device from the CE
device
NO The O and PE devices are private from the service to which the CEdevices are connected on
3
a How many services are there on each device in your POD
1 per PE only
b What is their status
Operationally UP
d On each PE device we can see the MAC database per service using the
following command
iii How many local MAC addresses are in your table
1
iv How many remote MAC addresses are in your table
3
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
i How many OSPF adjacencies are there on your CE device
1
ii Ping the system IP addresses of all other CE devices in the lab
Only the CE device connected to the diagonally connected PE isreachable because it is the only one with an active SDP in both
directionsf
i How many labels are there
Same as before
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5152
51
ii Is there any difference compared to what was seen in previously
in step a
NO The LSPs created with LDP are still active only the SDP usedto bind the LSPs to the service are shut down therefore no labelswill be withdrawn
Sample PE Relevant Configuration
--------------------------------------------------echo LDP Configuration
--------------------------------------------------
ldpinterface-parameters
interface to-R1
exit
interface to-R6
exit
interface to-R5exit
exit
targeted-session
exit
exitexit
--------------------------------------------------
echo Service Configuration
--------------------------------------------------
service
customer 1 createdescription Default customer
exit
sdp 6 mpls createfar-end 1401006
ldp
keep-alive
shutdown
exit
no shutdown
exitsdp 7 mpls create
far-end 1511001
ldp
keep-alive
shutdownexit
no shutdown
exit
sdp 8 mpls create
far-end 15110030
ldpkeep-alive
shutdown
exit
no shutdown
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5252
52
exit
vpls 612 customer 1 create
stp
shutdown
exitsap 112 create
exit
mesh-sdp 6612 create
mesh-sdp 7612 create
mesh-sdp 8612 createexitno shutdown
exit
exit A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 252
Table of Contents
LAB 1 HARDWARE CONFIGURATION3
SECTION 11 ndash SYSTEM IDENTIFICATION 3 SECTION 12 ndash SYSTEM CONFIGURATION 4 SECTION 13 ndash HARDWARE 6 SECTION 14 ndash LOGS 8
LAB 2 IP ADDRESSING AND ROUTING 11
SECTION 21 - ISP ADDRESSING WITH E NTERPRISE CUSTOMERS 11 SECTION 22 ndash ISP ADDRESSING WITH P PE AND CE ROUTERS 13 SECTION 23 ndash LAYER 3 I NTERFACES16 SECTION 24 ndash TESTING FOR ICMP AND ARP18
LAB 3 DYNAMIC IP ROUTING 20
SECTION 31 ndash STATIC R OUTES20 SECTION 32 ndash DEFAULT R OUTES AND R OUTER LOGIC21 SECTION 33 ndash IP FILTERS24
LAB 4 OPEN SHORTEST PATH FIRST (OSPF)26
SECTION 41 ndash SINGLE AREA OSPF26
LAB 5 BGP ROUTING30
SECTION 51 ndash BGP R OUTING30 LAB 6 SERVICES33
SECTION 61 SERVICES FRAMEWORK 33 SECTION 62 VPLS EXAMPLE37
List of Figures
Figure 1 Two Enterprises linked to a common ISP 11
Figure 2 Two ISPS 13
Figure 3 Static routes CE to PE and P PE to CE 21
Figure 4 OSPF in each ISP 26Figure 5 BGP between ISPs and within ISPs 30
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 352
Lab 1 Hardware Configuration
Section 11 ndash System Identif icationObjective
In this exercise the student will configure the date and time on the router Once
completed the student will change the system name of the router to reflect its nodenumber
1 Log in to your node
Login to your node using the default login (admin) and password (admin)
2 Set the system time and date
SR admin set-time ltYYYYMMDD hhmmgt
SR show time
3 Change the system name
Change the system name to RX (X=your node number)depending on which router
you are logged into
SR configure system name ltRXgt
The CLI system prompt will now display the system name
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 452
Section 12 ndash System Configuration
Objective
In this exercise the student will simply verify their current router configuration This willinvolve executing a ldquoshowrdquo command to view the contents of the BOF (Boot only file)
system
1 Simply execute the following command
a Verify that the IP address is the management IP address used to login to the router b Verify the Management Ethernet port configuration settings
RX show bof
===============================================================BOF ( Memor y)==============================================================pr i mary- i mage f t p ltI PAddr essgt 7750_40r 5 i 386- both t i m
pr i mary- conf i g f t p ltI PAddr essgt SI M02 R01 configcfg address 19216811912924 act i vest ati c- r out e 128 0 0 0 1 next- hop 192 168 119 1aut onegot i atedupl ex f ul lspeed 100wai t 4per si st onconsol e- speed 115200
=============================================================
2 Saving your configuration
RX admin save
This will save the configuration to the configcfg file shown above in the bof output
To save the configuration to a different file name the exact location and name of thefile must be specified
RX admin save- save [ltfile-urlgt] [detail] [index]
ltfile-urlgt ltlocal-urlgt|ltremote-urlgt - [255 chars max]local-url - [ltcflash-idgt][ltfile-pathgt]remote-url - [ftp|tftpltlogingtltpswdgt
4
IP Management
AddressEthernet PortParameters
Configurationfile
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 552
5
ltremote-locngt][ltfile-pathgt]cf1|cf1-A| cf3|cf3-A|cf3-B
ltdetailgt keyword - Adds default configurationltindexgt keyword - Forces a save of the index file
The location here can be a compact flash location ftp server or tftp server
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 652
6
Section 13 ndash Hardware
Objective
In this exercise the student will configure InputOutput Modules (IOM) MediaDependent Access (MDA) and the ports The student will then ensure that the ports are
properly configured as far as mode and MTU The configurations are slightly different between the physical router and the router simulator
IOMMDA Configuration
1 In this step the student is not actually configuring the IOM card The student isconfiguring the card slot The IOM card itself already knows what it is Thiscommand shows what type of cards it should expect to see installed
RX show card crarr
Conf i gur e the appr opr i ate sl ot wi t h the equi pped car d
RX configure card ltslotgt crarr ( wher e sl ot i s 1- 10 dependi ng on t herouter)
RXgtconf i ggtcar d card-type iom-20g crarr ( this can be differentPlease verify the correct card in the slot by doing a lsquoshowcardrsquo)
RXgtconf i ggtcar d no shutdown crarr ( by def aul t al l car ds are shut down)
2 The next step is to configure the daughter card slots on the IOM
RX show mda crarr ( command to show all MDAs installed on all cards)
RXgtconf i ggtcar d mda 1 crarr
RXgtconf i ggtcar dgtmda mda-type m60-10100eth-tx crarr ( this can be different
Please verify the correct mda in the slot by doing a lsquoshow mda ltcardgtrsquo)
RXgtconf i ggtcar dgtmda no shutdown crarr
3 Confirm that the configurations were correctly done by using the followingcommands The equipped card type and the provisioned card type listed in the CLIwindow should be identical
RX show card 1 crarr
RX show mda 11
crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 752
7
RX show mda 12 crarr
4 Note The cards and MDAs can be configured incorrectly there is no visible warning
to determine if these components were wrongly configured other than the defaultalarm logs (see Configuring Alarms Section 14) Although the router will accept an
incorrect configuration any service on the incorrectly configured cardsMDAs will
not work correctly
5 Once the cards are correctly configured then configure the ports on the MDAs
Unlike the cards where it was a hierarchical configuration structure the ports are not
configured as part of the MDA hierarchy The student must exit back to the root andthen enter into the port configuration mode The ports are identified by firstidentifying the IOM then the MDA and then the port (111) By default the ports on
a 60 port 10100 card are network mode with a MTU of 1514 The default settingswill suffice for the remainder of this course
RXgtconf i ggt port 111 crarr
RXgtconf i ggtpor t gt no shut crarr
RXgtconf i g port 11[14] no shut crarr
(This command will enable you to configure a string of ports at one time In this casethis command will turn all 4 ports administratively on)
6 Use the following commands to verify that the configurations at the port level arecorrect and functioning properly
RX show port crarr
RX show port 111 detail crarr
(The ldquodetailrdquo extension on a show command will display everything possible about the
item specified This command is very useful in troubleshooting)
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 852
8
Section 14 ndash Logs
Objective
In this exercise the student will configure log-ids and verify their operation The studentwill then set up a relationship within the log-id to identify the source of the information
(the logger) and the destination of the information that they wish to capture
1 Create a Log ID and associate the Log to memory
RX configure log log-id 21 crarr ( t he r ange i s 1- 100 however 99 100 ar er eserved)
RXgtconf i gur egtl oggtl og- i d$ description ldquoMain Stream Logrdquo crarr
RXgtconf i gur egtl oggtl og- i d$ from main crarr (This is the source of the information
that you wish to capture)
RXgtconf i gur egtl oggtl og- i d$ to memory crarr (This is the destination)
RXgtconf i gur egtl oggtl og- i d$ info detail crarr
RXgtconf i gur egtl oggtl og- i d$ exit crarr
RX show log log-id 21 crarr
2 Using the same configuration steps that you have just completed for step 1 repeat the process to configure three other log files using the following parameters
Description Security Log FileLog ndashid 22Log Source security
Destination memory
Description Debug-Trace
Log-id 23Log Source debug-trace
Destination session
Description Change LogLog-id 24
Log Source changeDestination memory
3 Verify the log files configuration and output
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 952
9
a Observe the log file configuration
RX configure log crarr
RXgtconf i gur egtl oggt info crarr
b Observe the security log
To test the security logging open another session to the same router that you arelogged into Try logging in to the router using a wrong loginpassword
On the active session now execute a
RX show log log-id 22 crarr
Observe the failed login attempts
c Observe the Change log
RX show log log-id 24 crarr
Observe all the events in the change log What kind of events are logged here
d
Observe the Debug log Note This will be viewed when debug events are turned up in succeeding labs
e Observe the Main log
RX configure port 115 no shut crarr
RX exit crarr
RX show log log-id 21 crarr
RX configure port 115 shut crarr
f Logout from the active session and now type a
RX config log crarr
RX info crarr
Compare the output of the info command to the output obtained at the beginning of thisstep Is there a difference and why
4 Configuring and viewing alarms
Alarms on the 7x50 are not directly displayed Two log files (log id 99 and log id 100)
are configured automatically on startup to capture alarm events for layer 1 and layer 2
To view these alarms execute
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1052
10
RXgt show log log-id 99
RXgt show log log-id 100
Appropriate parameters can be used in order to display specific information
5
Save your configs
RXgt admin save
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1152
Lab 2 IP Addressing and Routing
Section 21 - ISP addressing with Enterprise Customers
Objective
In this exercise the student will design and implement an IP network addressing scheme
to support the communications between the routers as shown in the diagram below Thisis a paper exercise
Ent A1
30 hosts
Ent B2
300 hosts
11
Figure 1 Two Enterprises linked to a common ISP
Ent B1
90 hosts
Ent A2
60 hosts
ISP
Formatted Portuguese (Braz
Formatted Font (Default) TiNew Roman 12 pt Not Bold Fcolor Auto Portuguese (Brazil
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1252
12
Two enterprises A and B are connected to a central Tier 2 ISP A1 and A2 are two ofEnterprise Arsquos locations connected to the Tier 2 ISP and B1 and B2 are two of
Enterprise Brsquos locations connected to the same Tier 2
The ISP has a public IP addressing space of 13812016020 The Enterprises A and Blease their IP addressing from their ISP Enterprise A requires an IP addressing scheme
that can scale to at most 30 nodes in location A1 and 60 nodes in location A2 The
Enterprise B requires an IP addressing scheme with at most 90 nodes in location B1 andless than 300 nodes in location B2 The ISP can only lease 500 IP addresses (among thetwo enterprises) and will utilize the last part of its assigned sub-network to both theenterprises
Your tasks are to1) Extract a 500 host sub-network from the last part of the ISP IP network address of
13812016020
2) Divide the resulting sub-network into unequal sub-networks satisfying all the siterequirements for each of the enterprise locations Note The sub-networksassigned to each location do not have to be a single aggregate block so long asthey satisfy the number of addresses required
3) Wherever possible optimize address spaces among Enterprise locations
Hint Divide the assigned ISP IP sub-network into equal blocks satisfying the smallest
requirement and then combine the smaller blocks into aggregate or non aggregate
blocks
Entity Number of Host Addresses
IP Network
ISP Network 4094 13812016020
Subnetwork Assigned toEnterprise A and B
510
Enterprise A
Location A1
Location A2
Enterprise B
Location B1
Location B2
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1352
Section 22 ndash ISP addressing with P PE and CE routers
Objective
In this exercise the student will design and implement an IP network addressing scheme
to support the communications between the routers as shown in the diagram below TheIP addressing schema will be used further in the subsequent lab exercises
Figure 2 Two ISPS
There are two ISPs shown in the above diagram ISP 1 consists of routers P1 P2 PE5and PE6 ISP 2 consists of routers P3 P4 PE3 and PE4
P1 and P2 P3 and P4 are considered provider routers and serve as transit points to other
provider routers PE1 and PE2 PE3 and PE4 are provider edge routers and connect to theISP customers These routers provide Internet and other network access to the ISP
customers
13
CE4R12
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1452
14
CE 1 and CE2 are customer edge routers that represent customers of ISP 1 CE3 and CE4are routers that represent customers of ISP2 These routers provide traffic from the ISP to
the various customer entities
Each ISP is assigned the following public address space by IANA
ISP 1 140100024
ISP 2 150100024
Your task is to design an IP sub-network based on the address space provided and assignthe sub networks to the various routers based on the following requirements which are the
same for both ISPs Note All students assigned to each of the ISP must collaboratetogether
Requirements
1 The first 32 addresses in the assigned IP space for both ISPs are reserved for system
and other internal loopback addresses on the P PE Each of the routers in the ISP andwill require a system address from this block
2
The next 64 addresses in the assigned IP space for both ISPs are reserved for futureuse
3 All customer routers on both ISPs are connected to at most 60 hosts So each ISP
needs to assign two 60 host addressing schemes to represent all the customers4 All inter router links including CE-PE router links within each ISP are point to point
links however for the sake of convenience they should be assigned lsquo30rsquo based
addresses
5 ISP 1 and ISP2 provider routers are physically connected to each other but are not peering to each other
Enter the addresses in the table below
ISP Number 1 Router Port Interface name IP Address
PE1 System
toP1
toPE2
toCE1
P1 System
toP3 Not used
toP2
toPE1
PE2 System
toP2
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1552
15
toPE1
toP1
P2 System
toPE2
toP4 Not used
toP1
CE1 System Not used
toPE1
Aggregate
CE2 System Not used
toPE2
Aggregate
ISP Number 2 Router Port Interface name IP Address
PE3 System
toP3
toPE4
toCE3
P3 SystemtoP1 Not used
toP4
toPE3
PE4 System
toP4
toPE3
toCE4
P4 System
toPE4
toP3
toP2 Not used
CE3 System Not usedtoPE3
Aggregate
CE4 System Not used
toPE4
Aggregate
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1652
16
Section 23 ndash Layer 3 Interfaces
Objective
In this exercise the student will configure the layer 3 interfaces as per the IP addressing
scheme listed in the tables in the previous exercise
1 Using the following command take a look at any existing interfaces on the router
Notice that the system interface is already created This interface exists by defaultand cannot be removed The only requirement is to assign the system interface with
an IP address The system interface will be automatically used by the various routing protocols as the router-id
XXXgtshow router interface crarr
2 Assign the IP address to the system interface as per the above table on the PE and Prouters
XXXgtconf i ggtrouter crarr XXXgtconf i ggtr outer interface system crarr
XXXgtconf i ggtr out ergti f address xxxxxxxxxxxx 32 crarr
XXXgtconf i ggtr out ergti f exit crarr
3 Assign the IP addresses to the rest of the interfaces on the CE PE and P routers Thedifference between these interfaces and the system interface is the fact that the non-
system interfaces require the addition of a physical port
a The system interface being a loopback or virtual interface does not have a
physical port assigned to it b Other non-system interfaces can also be created as loopback interfaces (as
shown below) and also not required the addition of a physical port However
they need to be explicitly configured as a loopback interfaces by specifyingthe command ldquoloopbackrdquo
c The customer networks on the CE router can be specified as a loopback
interface for the purpose of aggregation however on the loopback interface asingle host address in the customer network needs to be defined
Interface Type Name Loopback Subnet Mask Port Config
Normal ldquoAny Stringrdquo No 8-31 Required
System system Implicit 32 None
Loopback ldquoAny Stringrdquo Explicit 8-31 loopback
XXXgtconf i ggtr outer interface Hosts crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1752
17
XXXgtconf i ggtr out ergti f $ address xxxxxxxxxxxxyy crarr XXXgtconf i ggtr out ergti f $ loopback
XXXgtconf i ggtr out ergti f $ exitcrarr
4 Continue until all the interfaces have been assigned an IP address and the interface
has been associated to the correct port Once completed use the show command tosee the status of the router interfaces that have just been created The administrative
and operational status should both be up If an interface shows operationally downthis could be indicative of a physical problem Use the info command to view theconfiguration of the router interfaces to ensure that they have all (with the exception
of the System interface) been associated with a port
XXXgtshow router interface crarr
XXXgtconf i ggtroutercrarr
XXXgtconf i ggtr outer info crarr
5 Using the show command check the route tables of all the CE PE and P routers inyour ISP Notice the routes that now appear in the route table and take note of their
protocol type The PE routers should see 4 routes in the route table while the Prouters should see 4 routes in the route table
XXXgtshow router route-table crarr
Is there a difference between the outputs of the lsquoshow router interfacersquo command andthe lsquoshow router route-tablersquo command What is the difference
__________
6 Using the ping command check connectivity from a router to the distant end of each
of its interfaces to the neighboring routers For example on the PE routers check theconnectivity to the distant end of the interface connecting it to the P router and on theCE router check the connectivity to the PE router
XXXgt ping xxxxxxxxxxxx crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1852
18
Section 24 ndash Testing for ICMP and ARP
Internet control messaging protocol is an IP protocol used to report on errors deliveringan IP datagram When a destination address is unreachable the router that cannot find the
destination sends an ICMP destination unreachable to the source of the IP datagram ARPis a mechanism used to find out the MAC address corresponding to a specific IP address
if one does not exist in the sourcersquos ARP cache
1 To verify ICMP messages are being generated turn on debug for ICMP packets on allcore routers To turn debug icmp on
XXXgt debug router ip icmp
2 From the edge devices attempt to ping the IP address of the far-end interface to your
core router using your edgersquos system interface address as the source address Observethe debug ICMP messages on the core routers
3 To verify ARP operation by the router turn on debug IP ARP on the routers in any
ISP (P1-P2 P3-P4 PE1 and PE2 PE3 and PE4) routers Execute the followingcommand on each of the routers
XXXgt debug router ip no icmp
XXXgt debug router ip arp
XXXgt clear router arp all
XXXgt show router arp (This should be empty now)
4 NOTE Wait until all students are at this point before proceeding
From any PE router attempt to ping the system interface IP address of all the other
directly connected routers Observe the debug ARP message Verify the ARP entryfor the neighboring interface has been added
XXXgt show router arp
How many ARP entries are on each router at this point __________
5 From any P router attempt to ping the network interface IP address of all the otherconnected routers Observe the debug ARP message Verify the ARP entry for theneighboring interface has been added
XXXgt show router arp
How many ARP entries are on each router at this point __________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1952
19
Explain ________________________________________________________________________
________________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2052
Lab 3 Dynamic IP Routing
Section 31 ndash Static Routes
Objective
In this exercise the student will configure a static route from the PE to the P router andfrom the P router to the PE router that will allow both routers to ping the system interface
of each other At this point the operator can only ping the interfaces that are directlyconnected to the router This is because those are the only networks that are known bythe router Should the operator at the PE router attempt to ping the system interface of
the P router it will fail as the PE router has no route to the destination (it is not shown inthe route-table)
1 The first step is to define the network that the operator wishes to reach In this case itwill be the address of the system interface of the distant router Once that is defined
then the router must be informed of which interface to send the information out of toreach the distant network Note when defining the ldquonext-hoprdquo interface informationthe IP address used is the distant IP address of the interface not the local IP address of
the router interface Log in to the PE router and configure a static route using thefollowing command structure The first IP address defined is the destination network
plus mask In this case it is the system interface of the P router The second IPaddress defined is the IP address of the P end of the interface that connects the P tothe PE
XXXgtconfigure router static-route xxxxxxxxyy next-hopxxxxxxxx
2 The next step is to log on to the P routers and configure a static route to the systeminterface of the PE router The command structure is the same as above The onlything that will change is the IP addresses
3
Once completed verify connectivity between the P and PE routers in your pod by pinging the system interface of the other router
XXXgt ping xxxxxxxxxxxx crarr
4 View the contents of the routing table and answer the following questions
XXXgtshow r out er r out e- t abl e crarr
a How many routes in the table ________
b What is the preference and metric value of each type of routing entry
________________________________________________________________________
________________________________________________________________________
___________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2152
Section 32 ndash Default Routes and Router Logicction 32 ndash Default Routes and Router Logic
ObjectiveObjective
In this exercise the student will configure a default route on the Customer Edge CE
router The purpose of this default route is to allow IP connectivity from the CE router tothe rest of the routers in the network This is possible due to the fact that the CE router
has only one interface towards the ISP core Therefore if the destination is not local itmust be out that interface
In this exercise the student will configure a default route on the Customer Edge CE
router The purpose of this default route is to allow IP connectivity from the CE router tothe rest of the routers in the network This is possible due to the fact that the CE router
has only one interface towards the ISP core Therefore if the destination is not local itmust be out that interface
Figure 3 Static routes CE to PE and P PE to CEFigure 3 Static routes CE to PE and P PE to CE
21
CE4R12CE4R12
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
Static Route T e 2
Static Route T e 3
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2252
22
For this exercise the CE devices will configure default routes towards theirconnected PE router Each P and PE router will configure static routes for the CE
networks (the aggregate networks that were created as part of the subnetwork exercisein Section 22) connected to their local ISP For example P1 and PE1 will eachconfigure a static route to CE1 networks and another static route to the CE2 networks
Note that each P and PE router will configure 2 static routes for each CE
1 To configure a default route is to configure a static route The only difference is thedestination network and mask information In a default route the wild card network
and mask is used to match all network prefix values that do not match anything elsein the route-table Use the following configuration on the edge router of your pod
For the next hop use the interface as defined on the previous page
XXXgtconfigure router static-route 00000 next-hop xxxxxxxx crarr
2 Log on to the core (P and PE) routers and configure static routes for each CE
customer network address of the CE routers in your local ISP For each networkthere are 2 paths through your ISP For this exercise you will enter both static routes
into each PPE router The difference will be the metric value that is used The valueof the metric is the total number of routers (including the local router) traversed toreach the destination device
XXXgtconfigure router static-route xxxxxxxxyy next-hop
xxxxxxxx met r i c zcrarr
3 Use the show command to verify the existence of the default and static routes
XXXgtshow router route-table crarr
How many routes are there in the PPE routerrsquos routing table _______
Explain
_____________________________________________________________________ _____________________________________________________________________
4 Once everyone has completed the default route configuration log on to the CE router
and ping and traceroute the various system interfaces of the various routers within thenetwork Log into the P and PE router and try to ping the configured host address on both the CE routers in the ISP
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________
Which devices were not reachable ______________________________
XXXgttraceroute xxxxxxxxxxxx crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2352
23
What path is being taken to the other CE within your local ISP ____________________________________________________________________
5 Shut down the link directly between the PE devices
XXXgtconfigure port XYZ shutdown crarr
Which devices are still reachable _______________________________
Explain _____________________________________________________________________
_____________________________________________________________________A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2452
24
Section 33 ndash IP Filters
Objective
In this exercise the student will configure an IP filter on the routers to block ICMP echo-
request access to an IP address range
To configure an IP filter we must first determine the address and protocol types that we
will be allowing access to and the direction where the filter will be applied In this casewe will be blocking access to any of the CE customer host addresses from the protocol
ICMP (IP Protocol type 1) We will block access in the INGRESS direction on the CEinterface towards the PE
CE Routers Only
6 Create and describe the filter ip instance on the CE device
XXXgt configure filter ip-filter 77 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er $ description ldquoBlock ICMP to Customernetworkrdquo
7 Set the default-action to forward
XXXgtconf i ggtf i l t er gti p- f i l t er $ default-action forward crarr
8 Deny access to all host address range only for ICMP echo-requests Note We will
match in the ingress direction
XXXgtconf i ggtf i l t er gti p- f i l t er $ entry 10 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match dst-ip xxxxxxxxyy crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match protocol 1 icmp-type echo-
request crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ action drop crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ exit all crarr
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful _____Explain _____________________________________________________________________
_____________________________________________________________________
10 Apply the filter on the CE to the router interface connected to the PE device
XXXgt configure router interface toPEx crarr
XXX gtconf i ggtr out ergti f $ ingress filter ip 77 crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2552
25
11 From the PE ping the attached CErsquos configured host loopback address Successful _____
12 From the CE ping the attached PErsquos system IP addresses Successful _____Explain
_____________________________________________________________________
_____________________________________________________________________
PE Routers only Do not start until CE Router section is completed
13 Create and describe the filter ip instance on the PE device
XXXgt configure filter ip-filter 77 create crarr XXXgtconf i ggtf i l t er gti p- f i l t er $ description ldquoBlock ICMP to System
Addressrdquo
14 Set the default-action to forward
XXXgtconf i ggtf i l t er gti p- f i l t er $ default-action forward crarr
15 Deny access to the system IP address only for ICMP echo-requests Note We willmatch in the ingress direction so the packets will destined to the system IP address
XXXgtconf i ggtf i l t er gti p- f i l t er $ entry 10 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match dst-ip xxxxxxxxyy crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match protocol 1 icmp-type echo-
request crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ action drop crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ exit all crarr
16 Apply the filter to the router interface connected to the CE device
XXXgtconfigure router interface toCExcrarr
XXXgtingress filter ip 77 crarr
17 From the PE ping the attached CErsquos loopback host IP address Successful _____
18 From the CE ping the attached PErsquos system IP address Successful _____Explain
_____________________________________________________________________ _____________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2652
Lab 4 Open Shortest Path First (OSPF)
Section 41 ndash Single Area OSPF
Objective
In this exercise the student will configure a single area OSPF network for each ISP Thislab will demonstrate the different databases that are created by the OSPF routing
protocol
CE4R12
26
Figure 4 OSPF in each ISP
NOTE Remove all static routes configured in the P and PE devices in the previous
labs DO NOT remove the static routes to CE networks on the PE
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
OSPF
OSPF
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2752
27
1 The first step is to enable the OSPF routing process on the router
XXX configure router ospf crarr
2 Next define the area that the interfaces will be placed in Remember that the areamust match between routers connected on the same interface for OSPF to establish an
adjacency The objective of this exercise is to configure a single area OSPF network
therefore all students should use the same area number
XXXgtconf i ggtr outergtospf $ area 0 crarr
3 Now enter into this area all the interfaces that you want OSPF to operate on and sendout its advertisements In this case place all the PE and P router interfaces inside thelocal ISP into the OSPF process area 0 Note that ISPs rarely exchange routes witheach other using an IGP protocol of any sort
XXXgtconf i ggtr out er gtospf gtar ea$ interface system crarr
XXXgtconf i ggtr outergtospf gtar eagti f $ exit crarr XXXgtconf i ggtr outergtospf gtar eagt interface toPE1
XXXgtconf i ggtr out ergtospf gtareagti f $ interface-type point-to-point crarr
Continue until all the interfaces on the PE and P routers within the ISP are enteredinto the OSPF process in area 0
XXXgtshow r out er r out e- t abl e crarr
a How many routes in the table ________ b
_________________________________________________________________ _________________________________________________________________
_________________________________________________________________ _________________________________________________________________
What is the preference and metric value of each OSPF Route
4 Use the show command to look at the OSPF neighbors of the P routers
XXXgtshow r out er ospf nei ghbor crarr
a How many neighbors do you see on the P devices _____ PE _____ CE _____
b What is the state of their adjacency ____ Why
____________________________________________________________________
____________________________________________________________________
Use the following command to show the ospf link state database This database is alisting of all LSAs that have been received by the router It is these LSAs that the SPFalgorithm uses to create the forwarding table
XXX show router ospf database detail crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2852
28
a What types of LSAs are in the database _______________________________________________________________
_______________________________________________________________ b Is the database consistent on all the ISP routers _______
5 Once everyone has completed the OSPF configuration login to the P router and ping
the other PE router system interfaces
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________Which devices were not reachable ______________________________
Explain _____________________________________________________________________ ___________________________________________________________________
6 To reach the CE networks from any of the PE and P routers the CE networks need to
be distributed into OSPF running on PE and P routers The static routes to the CEnetworks are defined on the PE routers and need to be distributed on the PE routers
To do this
a
the PE router must be configured as an ASBR (Autonomous System Border
Router) The ASBR configuration under OSPF enables a router running the OSPFrouting protocol to distribute networks external to the OSPF domain into OSPFIn this case the static routes to the CE networks are not part of the ISP OSPF
domainOn the PE routerXXXgtconf i ggtr out er gtospf gtar ea 0 asbrcrarr
b A routing policy on the PE distributes the static routes into OSPF
On the PE routerXXX configure router policy-options crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons begin crarr XXXgtconf i ggtr out ergtpol i cy- opt i ons policy-statement Export_Routes crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement $ entry 10 crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y$
from protocol static crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y
action accept crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r ygtact i on
back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons commit crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons exit all crarr XXXgtconf i ggtr outergtospf export Export_Routes
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2952
29
7 From the PE and the P routers ping all the CE networks (ie ping the CE hostloopback address) within the ISP
Which devices were reachable _______________________________
Which devices were not reachable ______________________________Explain
_____________________________________________________________________
___________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3052
Lab 5 BGP Routing
Section 51 ndash BGP Routing
Objective
In this exercise the student will configure their ISP as a BGP Autonomous System The
student will then configure the BGP routing protocol to connect the Autonomous Systemstogether and exchange routing information
CE4R12
Figure 5 BGP between ISPs and within ISPs
30
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
OSPF
OSPF
BGP
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3152
31
1 Assign your AS number to your P and PE routers (R1-R8)
XXXgtconf i ggtr out er autonomous-system 6500n (n = ISP) crarr
2 P1 and P3 P2 and P4 will be configured as external BGP peers (eBGP) Note thateBGP peers typically use the next-hop interface IP address as the neighbor address
Since the ISPs will now be peering (share an IP network) between them assign the
link between P1 and P3 host addresses from 145001031 and the link between P2and P4 will be assigned hosts from the 145002031 network
XXXgtconf i ggtr out er bgp gr oup eBGP crarr
XXXgtconf i ggtr out er gtbgpgtgroup$ nei ghbor xxxxxxxx crarr
XXXgtconf i ggtr outergtbgpgtgroupgtnei ghbor$ peer - as ltremote ASgt crarr
3 P1 and P2 P3 and P4 will be configured as internal BGP peers (iBGP) Note that
iBGP peers typically use the system interface IP address as the neighbor address
XXXgtconf i ggtr out er bgp group i BGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ nei ghbor xx xx xx xx crarr
XXXgtconf i ggtr outergtbgpgtgroupgtnei ghbor$ peer - as ltl ocal ASgt crarr
4
At this point each P router should have one internal and one external BGP session
xxx show r out er bgp summar y crarr
5
We can see the advertised routes for reach neighbor using the following command
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
a How many routes are advertised to each neighbor _____ b Explain
____________________________________________________________ __________________________________________________________
6
BGP like other distance vector protocols requires an export policy to advertise-routes to other BGP peers The most accepted way to originate a route from an ISP isto create a black-hole static route for all aggregates to be advertised This will ensure
these routes always exit to eliminate IGP related route flapping Create the black-holestatic route for the aggregate of your local ISP A black hole indicates that traffic fora particular route will be discarded unless a more specific route exists in the routing
table A black hole static-route only makes sense from an aggregation view point Foreg if there are the following routes in the routing table
XXX configure router static-route xxxxxxxxyy black-hole
preference 250
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3252
32
8 Execute the following set of commands on the core routers (R1-R4) This will exportall static routes to the eBGP peers
XXX configure router policy-options crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons begin crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons policy-statement Export_Routes crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement $ entry 10 crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y$
from protocol static crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y
action accept crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r ygtact i on
back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons commit crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons exit all crarr
XXXconf i gur e router bgp group eBGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ expor t Expor t _Routes crarr
NOTE Wait for all nodes to be fully configured before proceeding
7
Notice that there are routes being advertised now that the policy is applied
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
How many routes are in the routing table of R1-R4 ________________Explain
_____________________________________________________________________ ___________________________________________________________________
9 Log on to the PE routers and ping the other P router system interfaces of the other ISP
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________Which devices were not reachable ______________________________
Explain _____________________________________________________________________
___________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3352
Lab 6 Services
Section 61 Services Framework
Objective
In order to complete the next group of labs we need to create a topology to support the
services we will deploy The two service providers from the previous sections havemerged into one and are offering a VPLS service across their network As long as routesexist to the system addresses of all the PE devices in the provider network a VPLSservice can be created The new service provider is running OSPF as the IGP for their
core network
33
Figure 6 Service Provider core network
CE4R12
P1R1 P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
OSPF
CE3R11
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3452
34
Running an IPMPLS-based service requires a Label Distribution Protocol (wersquoll useLDP for ease of deployment) and a full mesh of Service Distribution Paths (SDPs)
Follow the steps below
Reference Terminology
R1-R4 = Provider Routers = P1-P4
R5-R8 = Provider Edge Routers = PE1-PE4R9-R12 = Customer Edge Routers = CE1-CE4
Part 1 Provider Router Configuration (P1-P4)
1) In the previous lab routing between ISPs is provided by BGP Since the ISPs have
merged they will be merged into one routing domain running OSPF as their IGP
The interfaces between R1 and R3 and between R2 and R4 must be added to OSPF to
make this a single routing domain
2) The MPLS signaling protocol that will be used in the following section is LDP LDP
must be enabled on ALL interfaces that will be required to perform MPLS Label
exchange
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr
XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toP_ is the router interface to all neighboring routers
Part 2 Provider Edge Router Configuration (PE1-PE4)
1) LDP must be enabled on ALL router interfaces in the provider core to allow labels to
be exchanged across the Provider and Provider Edge routers
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toR_ is the router interface to the P and PE routers only
LDP is an MPLS signaling protocol therefore once all routers in the network have been
correctly configured for LDP LSPs will be created dynamically based on the systemaddresses of each node in the network
3) Configure a full mesh of SDPs (Service Distribution Paths) between the PE routers
only This will allow the distribution of services across all PE routers in the networks
When yoursquove completed this section each PE node will have a total of 3 SDPs to
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3552
35
each of the other 3 PEs The SDP is identified by an integer and we will use the router
number (5 6 7 or 8) of the far end PE to identify the SDP So PE1 (R5) will have 3
SDPs numbered 6 7 and 8 to each of the other three PEs
XXXgtconf i gure servi ce sdp x mpl s cr eat e crarr
XXXgtconf i ggtser vi cegtsdp$ f ar - end xxxxxxxxxxxx crarr
XXXgtconf i ggtser vi cegtsdp$ l dp crarr
XXXgtconf i ggtser vi cegtsdp$ no shut down crarr
Where x is the router number of the destination node
Where xxxxxxxxxxxx is the system IP address of the far-end device
Part 3 Customer Edge Router Configuration (CE1-CE4)
In the following service labs the Customer Edge devices will be configured as traditional
routers Each CE router has an interface in the same IP subnet The VPLS service will join these four routers in the same way an Ethernet switch would join them Thefollowing configuration is required on each CE device
1) Create the router interface on the interface connecting the CE to the service enabled
PE devices
XXXgtconf i gure r out er i nt er f ace ser vi cesCE_ crarr
XXXgtconf i ggtr out ergti f $ addr ess 192 168 1 x 24 crarr
XXXgtconf i ggtr out ergti f $ por t X Y Z crarr XXXgtconf i ggtr outergti f $ no shutdown
Where x is the local router number
Where XYZ is the physical network port connecting the CE to the neighboring
PE
2) Create OSPF area 0 and add the Router Interface created in step 1 and the system
interface to it
XXXgtconf i gur e rout er ospf area 0 crarr
XXXgtconf i ggtr out ergtospf gtarea$ i nter f ace syst emcrarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
XXXgtconf i ggtr out ergtospf gtarea i nter f ace servi ceCE1 crarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
Part 4 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3652
36
1) LDP is the protocol used for signaling which tunnel labels will be PUSHed
SWAPped POPped while data traverses the LSP To view which labels will be used
and their function use the following command
XXX show r out er l dp bi ndi ngs act i ve crarr
a How many PUSH actions on the P PE and CE devices
_______________________ Explain _______________________________________________________________
_______________________________________________________________
__________
b How many SWAP actions on the P PE and CE devices
_______________________ Explain
_______________________________________________________________
_______________________________________________________________
__________
c How many POP actions on the P PE and CE devices
_________________________ Explain
_______________________________________________________________ _______________________________________________________________
__________
2) CE Connectivity
a How many OSPF adjacencies are there on your CE device _____
b Ping the other CE devices in the network (ping 1921681x)
Explain the results ________________________________________________________________________ ________________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3752
Section 62 VPLS Example
Objective
A VPLS is a layer 2 service that can connect multiple sites in one LAN Itrsquos like creatinga virtual Switch out of a network of Service Routers In this lab we will create a VPLSacross all the PE nodes The PE devices will connect to each other with a full mesh using
mesh-sdp Note that after the service reference topology has been configured adding
services from edge to edge does not require any further modification of the P devices
37
Figure 6 VPLS service in each ISP between PE and P routers with SAP connections to CE routers
Part 1 Provider Edge Router Configuration (R5-R8)
1) Create the VPLS service
CE4R12
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
CE3R11
VPLS 1
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3852
38
XXXgtconf i gur e servi ce vpl s 1 cust omer 1 cr eat e crarr
XXXgtconf i ggtser vi cegtvpl s$ no shut down crarr
2) SDPs are used to distribute services across multiple service routers and therefore
bind a transport tunnel to the service You will need to create a mesh-sdp between
each PE router (R5-R8) to allow full communication across the PE routers Each PE
router should have 3 mesh-SDPs at the conclusion of this step Note that a mesh-sdp
will not forward a frame out another mesh-sdp allowing for a loop free service
topology within the core
XXXgtconf i gur e ser vi ce vpl s 1 mesh- sdp x create crarr
XXXgtconf i ggtser vi cegtvpl sgtmesh- sdp$ back crarr
Where x is the sdp to the other PE routers (R5=5 R6=6 R7=7 R8=8)
3) Service Access Points are used to attach CE devices to services on PE devices
XXXgtconf i gur e servi ce vpl s 1 sap X Y Z cr eat e crarr
Where XYZ is the physical port connecting the CE device to the PE
a Were you successful at adding the SAP _______
b Explain
_______________________________________________________________
_______________________________________________________________
c Correct the problem
XXXgtconf i gur e port X Y Z shut down crarr
XXXgtconf i gur e por t X Y Z et her net mode access crarr
XXXgtconf i gur e por t X Y X no shut down crarr
Part2 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
a View the in-use Service LDP bindings on the P and PE routers (U after label
indicates in-use)
XXX show r out er l dp bi ndi ngs f ec- t ype ser vi ces crarr
a How many Ingress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3952
39
b How many Egress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
b Network Connectivity
a How many OSPF adjacencies are there on your CE device _____
b
Are you able to ping the other CE devices in the lab _____c Are you able to ping the system IP address of the P device from the CE
device ____
d Explain the results
_______________________________________________________________
_______________________________________________________________
c Services Use the following command to determine the health of your services
XXXgt show ser vi ce servi ce- usi ng crarr
a How many services are there on each device in your POD ______
b
What is their status ______c Use the following command to find out more information about your service
XXXgt show ser vi ce i d 1 base crarr
d On each PE device we can see the MAC database per service using the
following command
XXXgt show ser vi ce i d 1 f db det ai l crarr
i How many local MAC addresses are in your table ____
ii How many remote MAC addresses are in your table ____
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
XXXgtconf i gur e servi ce sdp x shutdown crarr
Where x is the SDP to the remote PE device (R5=5 R6=6 R7=7 R8=8)
i How many OSPF adjacencies are there on your CE device _____
ii Ping the system IP addresses of all other CE devices in the lab
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4052
40
iii Explain the results
_________________________________________________________
_________________________________________________________
f On the P routers observe the impact of step d
XXXgtshow r out er l dp bi ndi ngs act i ve crarr
i
How many labels are there _____________
ii Is there any difference compared to what was seen in previously in
step a ________________
Explain __________________________________________________________________
__________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4152
41
Solutions
Exercise 13 Hardware
Sample Relevant Config--------------------------------------------------
echo Card Configuration--------------------------------------------------
card 1card-type iom-20g
mda 1
mda-type m60-10100eth-tx
ingress
mcast-path-managementshutdown
exit
exit
exit
exit
--------------------------------------------------
Exercise 14 Logs
Sample Relevant Config--------------------------------------------------echo Log Configuration
--------------------------------------------------
log
log-id 21
description Main stream log
from main
to memoryexit
log-id 22
description Security Log File
from security
to memoryexitlog-id 23
description Debug-trace
from debug-trace
to memoryexit
log-id 24
description Change Log
from change
to memoryexit
exit
Exercise 21
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4252
42
Divide up the ISP address space into equal space 512 host addresses
13812016022
13812020022
13812024022
13812028022 - divide into 13812028023 and 13812030023
Take the last 13812030023 and divide that into
13812030027 A1 30 hosts
138120303227 A2 62 hosts
138120306427
138120309627 B1 92 hosts
1381203012826
1381203019226 B2 316 hosts
13812031024
Exercise 22
Divide 140100024 into 827 address spaces
140100027 Reserved Reserved
1401003227 Unused
1401006427 Unused
1401009627 Split 1401009630
14010010030
14010010430
14010010830
14010011230
14010011630
14010012030
14010012430
All interface addresses
14010012827 Aggregate 14010012826 Assigned to Customer
space
14010016027
14010019227 Aggregate 14010019226 Assigned to customer
space
14010022427
Exercise 23
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4352
43
5 Is there a difference between the outputs of the lsquoshow router interfacersquo command
and the lsquoshow router route-tablersquo command What is the difference
Yes there is a difference The route table shows me the networks that are connected to myrouter and the logical interface it is connected to The router interface command shows
me the host address assigned to the port from the network that is used on my router along
with the physical port it is bound to
Relevant Configuration from P1
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
router
interface system
address 140100132
exit
interface t-R2exit
interface to-R2
address 140100530
port 112exit
interface to-R3
address 14010010930
port 113
exitinterface to-R5
address 14010011830
port 111
exit
exit
Exercise 244 How many ARP entries are on each router at this point
There are no ARP entries in my ARP table at this point The routers do not know how to
reach the system addresses of other routers so no ARP responses are received
5 How many ARP entries are on each router at this point
I see entries for each of my directly connected peers The MAC address belongs to the
remote routerrsquos interface ARP entries are populated because all routers know of theirdirectly connected networks and will respond to ARP requests accordingly
Exercise 31
5 View the contents of the routing table and answer the following questions
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4452
44
a How many routes in the table
There are routes for all my connected networks and an additional STATIC routefor each entry I put in
b What is the preference and metric value of each type of routing entry
The LOCAL entries have a Metric and Preference of 0The Static Routes have a Metric of 1 and a Preference of 5
Exercise 323 How many routes are there in the PPE routerrsquos routing table
Even though I entered 4 static routes total on the router only 2 are active in myrouting table The router preferred the static-route with the lowest metric
4 Which devices were reachable
I was able to ping the CE routers
Which devices were not reachable
I was unable to ping the System addresses of routers 2 hops away as they do not have
routes to the remote CE system address in their table The directly attached PE routerhas a staticroute to the local CE system address from a previous step
What is the PATH to the other CE within your local ISP
CE PE PE CE
5
Shut down the link directly between the PE devices
Which Devices are still reachable
I am still able to PING the other CE in my ISP by using the alternate (floating) static-route that replaced the last route Once a interface goes operationally down routers
flush routes from their routing table that use it as their next-hop
Exercise 33
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4552
45
YES While the filter is created it is not applied to any interface yet
11 From the PE ping the attached CErsquos configured host loopback address
SuccessfulYES
12 From the CE ping the attached PErsquos system IP addresses
Successful NO The filter is blocking icmp echo-requests in only one direction therefore ping
works one way but not the other
17 From the PE ping the attached CErsquos loopback host IP address
Successful
YES ICMP echo-requests are not blocked to the Loopback segment ONLY thesystem IP
18 From the CE ping the attached PErsquos system IP address
Successful
NO The filter is now blocking ICMP echo-requests to both CE and PE systemaddresses
Sample PE Relevant Config
--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forwarddescription Block ICMP to System Address
entry 10 create
match protocol icmpdst-ip 1511003032
icmp-type echo-request
exit
action drop
exit
exitexit
--------------------------------------------------
echo Router (Network Side) Configuration
--------------------------------------------------
interface to-R12
address 15110012630 port 112
ingress filter ip 77
exit
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4652
46
Sample CE Relevant Config--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forward
description Block ICMP to System Addy
entry 10 creatematch protocol icmp
dst-ip 1511003132
icmp-type echo-request
exit
action dropexit
exit
exit
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
interface to-R8
address 15110012530
port 112ingress filter ip 77
exit
Exercise 413
c How many routes in the table
There are 5 OSPF routes in my routing table 3 System Addresses and 2 Intefacenetworks that are not directly connected to my local system
d What is the preference and metric value of each OSPF Route
The OSPF routes vary in metric depending how ldquofarrdquo away they are (OSPF usescumulative cost based on bandwidth) but all have a preference of 10
4c How many neighbors do you see on the P devices 2
PE 2
CE 0
d What is the state of their adjacency
The P and PE adjacencies are Established because there is a OSPF speaker on the
other end with the proper parameters configured
There is no OSPF adjacency to the CE router listed as none was configured
e What type of LSAs are in the database
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4752
47
Only Type 1 Router LSA are present due to the interface being configured as point-
to-point
5 Which devices were reachable
All the devices in the local ISP were now reachable
Which devices were not reachable
The devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs Also none of the CE Host Networks were reachable as therouters did not have routes for these networks in their local routing table
6 Which devices were reachable
All networks and devices in the local ISP are now reachable
Which devices were not reachable
Devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs
Sample Relevant Config
--------------------------------------------------
echo OSPFv2 Configuration
--------------------------------------------------
ospf
area 0000interface system
interface-type point-to-point
exit
interface to-R4interface-type point-to-point
exitinterface toLAN
interface-type point-to-point
exitexit
exit
exit
Exercise 515 How many routes are advertised to each neighbor
There are no routes advertised to the neighbors because BGP does not originateroutes until an export policy is created and applied to the BGP instance
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4852
48
8 How many routes are in the routing table of R1-R4
There is 1 BGP route in each of R1-R4s routing tables matching the best path tothe aggregate advertised by the remote ISPs
9 Which devices were reachable
From the PE routers only the P routers in the local ISP were reachable
Which devices were not reachable
All routers in the remote ISP were still unreachable This is due to the local PE router
not participating in the BGP routing protocol and therefore it is not aware of theaggregate route advertised from P to P router
Sample Relevant Router Config
--------------------------------------------------
echo Static Route Configuration
--------------------------------------------------
static-route 140100024 black-hole--------------------------------------------------
echo Policy Configuration
-------------------------------------------------- policy-options
begin
policy-statement Export_Routes
entry 10
from protocol static
exit
action accept
exit
exit
exit
commitexit
--------------------------------------------------
echo BGP Configuration
--------------------------------------------------
bgpgroup eBGP
export Export_Routes
exit
group ebgpneighbor 1601006
peer-as 65002
exit
exitgroup ibgp
neighbor 1401002
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4952
49
peer-as 65001
exit
exit
exit
exit
Exercise 61Part 4 Verification
1 a How many PUSH actions on the P PE and CE devices
There are 7 PUSH operations on each P and PE device There are no PUSHoperations on the CE as it is not running LDP
b How many SWAP actions on the P PE and CE devices
There are 7 SWAP operations on each P and PE device There are no SWAP
operations on the CE as it is not running LDP
c How many POP actions on the P PE and CE devices
There is 1 POP operation on each P and PE device There are no POP operationson the CE device as it is not running LDP
2
a How many OSPF adjacencies are there on your CE device
None
b Ping the other CE devices in the network (ping 1921681x)
Nothing is reachable because there is no layer 2 connectivity from CE to CE
device without creating a service
Exercise 62 3 Were you successful at adding the SAP
No The port must be in access mode before you can create a SAP on it
Part 2 Verification
1
g How many Ingress labels
There are now 3 Ingress labels on the PE devices The P and CE device has no
service labels
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5052
50
h How many SWAP actions
There are now 3 Egress labels on the PE devices The P and CE device has noservice labels
2
a
How many OSPF adjacencies are there on your CE device3
b Are you able to ping the other CE devices in the lab
YES
c Are you able to ping the system IP address of the P device from the CE
device
NO The O and PE devices are private from the service to which the CEdevices are connected on
3
a How many services are there on each device in your POD
1 per PE only
b What is their status
Operationally UP
d On each PE device we can see the MAC database per service using the
following command
iii How many local MAC addresses are in your table
1
iv How many remote MAC addresses are in your table
3
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
i How many OSPF adjacencies are there on your CE device
1
ii Ping the system IP addresses of all other CE devices in the lab
Only the CE device connected to the diagonally connected PE isreachable because it is the only one with an active SDP in both
directionsf
i How many labels are there
Same as before
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5152
51
ii Is there any difference compared to what was seen in previously
in step a
NO The LSPs created with LDP are still active only the SDP usedto bind the LSPs to the service are shut down therefore no labelswill be withdrawn
Sample PE Relevant Configuration
--------------------------------------------------echo LDP Configuration
--------------------------------------------------
ldpinterface-parameters
interface to-R1
exit
interface to-R6
exit
interface to-R5exit
exit
targeted-session
exit
exitexit
--------------------------------------------------
echo Service Configuration
--------------------------------------------------
service
customer 1 createdescription Default customer
exit
sdp 6 mpls createfar-end 1401006
ldp
keep-alive
shutdown
exit
no shutdown
exitsdp 7 mpls create
far-end 1511001
ldp
keep-alive
shutdownexit
no shutdown
exit
sdp 8 mpls create
far-end 15110030
ldpkeep-alive
shutdown
exit
no shutdown
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5252
52
exit
vpls 612 customer 1 create
stp
shutdown
exitsap 112 create
exit
mesh-sdp 6612 create
mesh-sdp 7612 create
mesh-sdp 8612 createexitno shutdown
exit
exit A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 352
Lab 1 Hardware Configuration
Section 11 ndash System Identif icationObjective
In this exercise the student will configure the date and time on the router Once
completed the student will change the system name of the router to reflect its nodenumber
1 Log in to your node
Login to your node using the default login (admin) and password (admin)
2 Set the system time and date
SR admin set-time ltYYYYMMDD hhmmgt
SR show time
3 Change the system name
Change the system name to RX (X=your node number)depending on which router
you are logged into
SR configure system name ltRXgt
The CLI system prompt will now display the system name
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 452
Section 12 ndash System Configuration
Objective
In this exercise the student will simply verify their current router configuration This willinvolve executing a ldquoshowrdquo command to view the contents of the BOF (Boot only file)
system
1 Simply execute the following command
a Verify that the IP address is the management IP address used to login to the router b Verify the Management Ethernet port configuration settings
RX show bof
===============================================================BOF ( Memor y)==============================================================pr i mary- i mage f t p ltI PAddr essgt 7750_40r 5 i 386- both t i m
pr i mary- conf i g f t p ltI PAddr essgt SI M02 R01 configcfg address 19216811912924 act i vest ati c- r out e 128 0 0 0 1 next- hop 192 168 119 1aut onegot i atedupl ex f ul lspeed 100wai t 4per si st onconsol e- speed 115200
=============================================================
2 Saving your configuration
RX admin save
This will save the configuration to the configcfg file shown above in the bof output
To save the configuration to a different file name the exact location and name of thefile must be specified
RX admin save- save [ltfile-urlgt] [detail] [index]
ltfile-urlgt ltlocal-urlgt|ltremote-urlgt - [255 chars max]local-url - [ltcflash-idgt][ltfile-pathgt]remote-url - [ftp|tftpltlogingtltpswdgt
4
IP Management
AddressEthernet PortParameters
Configurationfile
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 552
5
ltremote-locngt][ltfile-pathgt]cf1|cf1-A| cf3|cf3-A|cf3-B
ltdetailgt keyword - Adds default configurationltindexgt keyword - Forces a save of the index file
The location here can be a compact flash location ftp server or tftp server
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 652
6
Section 13 ndash Hardware
Objective
In this exercise the student will configure InputOutput Modules (IOM) MediaDependent Access (MDA) and the ports The student will then ensure that the ports are
properly configured as far as mode and MTU The configurations are slightly different between the physical router and the router simulator
IOMMDA Configuration
1 In this step the student is not actually configuring the IOM card The student isconfiguring the card slot The IOM card itself already knows what it is Thiscommand shows what type of cards it should expect to see installed
RX show card crarr
Conf i gur e the appr opr i ate sl ot wi t h the equi pped car d
RX configure card ltslotgt crarr ( wher e sl ot i s 1- 10 dependi ng on t herouter)
RXgtconf i ggtcar d card-type iom-20g crarr ( this can be differentPlease verify the correct card in the slot by doing a lsquoshowcardrsquo)
RXgtconf i ggtcar d no shutdown crarr ( by def aul t al l car ds are shut down)
2 The next step is to configure the daughter card slots on the IOM
RX show mda crarr ( command to show all MDAs installed on all cards)
RXgtconf i ggtcar d mda 1 crarr
RXgtconf i ggtcar dgtmda mda-type m60-10100eth-tx crarr ( this can be different
Please verify the correct mda in the slot by doing a lsquoshow mda ltcardgtrsquo)
RXgtconf i ggtcar dgtmda no shutdown crarr
3 Confirm that the configurations were correctly done by using the followingcommands The equipped card type and the provisioned card type listed in the CLIwindow should be identical
RX show card 1 crarr
RX show mda 11
crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 752
7
RX show mda 12 crarr
4 Note The cards and MDAs can be configured incorrectly there is no visible warning
to determine if these components were wrongly configured other than the defaultalarm logs (see Configuring Alarms Section 14) Although the router will accept an
incorrect configuration any service on the incorrectly configured cardsMDAs will
not work correctly
5 Once the cards are correctly configured then configure the ports on the MDAs
Unlike the cards where it was a hierarchical configuration structure the ports are not
configured as part of the MDA hierarchy The student must exit back to the root andthen enter into the port configuration mode The ports are identified by firstidentifying the IOM then the MDA and then the port (111) By default the ports on
a 60 port 10100 card are network mode with a MTU of 1514 The default settingswill suffice for the remainder of this course
RXgtconf i ggt port 111 crarr
RXgtconf i ggtpor t gt no shut crarr
RXgtconf i g port 11[14] no shut crarr
(This command will enable you to configure a string of ports at one time In this casethis command will turn all 4 ports administratively on)
6 Use the following commands to verify that the configurations at the port level arecorrect and functioning properly
RX show port crarr
RX show port 111 detail crarr
(The ldquodetailrdquo extension on a show command will display everything possible about the
item specified This command is very useful in troubleshooting)
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 852
8
Section 14 ndash Logs
Objective
In this exercise the student will configure log-ids and verify their operation The studentwill then set up a relationship within the log-id to identify the source of the information
(the logger) and the destination of the information that they wish to capture
1 Create a Log ID and associate the Log to memory
RX configure log log-id 21 crarr ( t he r ange i s 1- 100 however 99 100 ar er eserved)
RXgtconf i gur egtl oggtl og- i d$ description ldquoMain Stream Logrdquo crarr
RXgtconf i gur egtl oggtl og- i d$ from main crarr (This is the source of the information
that you wish to capture)
RXgtconf i gur egtl oggtl og- i d$ to memory crarr (This is the destination)
RXgtconf i gur egtl oggtl og- i d$ info detail crarr
RXgtconf i gur egtl oggtl og- i d$ exit crarr
RX show log log-id 21 crarr
2 Using the same configuration steps that you have just completed for step 1 repeat the process to configure three other log files using the following parameters
Description Security Log FileLog ndashid 22Log Source security
Destination memory
Description Debug-Trace
Log-id 23Log Source debug-trace
Destination session
Description Change LogLog-id 24
Log Source changeDestination memory
3 Verify the log files configuration and output
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 952
9
a Observe the log file configuration
RX configure log crarr
RXgtconf i gur egtl oggt info crarr
b Observe the security log
To test the security logging open another session to the same router that you arelogged into Try logging in to the router using a wrong loginpassword
On the active session now execute a
RX show log log-id 22 crarr
Observe the failed login attempts
c Observe the Change log
RX show log log-id 24 crarr
Observe all the events in the change log What kind of events are logged here
d
Observe the Debug log Note This will be viewed when debug events are turned up in succeeding labs
e Observe the Main log
RX configure port 115 no shut crarr
RX exit crarr
RX show log log-id 21 crarr
RX configure port 115 shut crarr
f Logout from the active session and now type a
RX config log crarr
RX info crarr
Compare the output of the info command to the output obtained at the beginning of thisstep Is there a difference and why
4 Configuring and viewing alarms
Alarms on the 7x50 are not directly displayed Two log files (log id 99 and log id 100)
are configured automatically on startup to capture alarm events for layer 1 and layer 2
To view these alarms execute
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1052
10
RXgt show log log-id 99
RXgt show log log-id 100
Appropriate parameters can be used in order to display specific information
5
Save your configs
RXgt admin save
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1152
Lab 2 IP Addressing and Routing
Section 21 - ISP addressing with Enterprise Customers
Objective
In this exercise the student will design and implement an IP network addressing scheme
to support the communications between the routers as shown in the diagram below Thisis a paper exercise
Ent A1
30 hosts
Ent B2
300 hosts
11
Figure 1 Two Enterprises linked to a common ISP
Ent B1
90 hosts
Ent A2
60 hosts
ISP
Formatted Portuguese (Braz
Formatted Font (Default) TiNew Roman 12 pt Not Bold Fcolor Auto Portuguese (Brazil
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1252
12
Two enterprises A and B are connected to a central Tier 2 ISP A1 and A2 are two ofEnterprise Arsquos locations connected to the Tier 2 ISP and B1 and B2 are two of
Enterprise Brsquos locations connected to the same Tier 2
The ISP has a public IP addressing space of 13812016020 The Enterprises A and Blease their IP addressing from their ISP Enterprise A requires an IP addressing scheme
that can scale to at most 30 nodes in location A1 and 60 nodes in location A2 The
Enterprise B requires an IP addressing scheme with at most 90 nodes in location B1 andless than 300 nodes in location B2 The ISP can only lease 500 IP addresses (among thetwo enterprises) and will utilize the last part of its assigned sub-network to both theenterprises
Your tasks are to1) Extract a 500 host sub-network from the last part of the ISP IP network address of
13812016020
2) Divide the resulting sub-network into unequal sub-networks satisfying all the siterequirements for each of the enterprise locations Note The sub-networksassigned to each location do not have to be a single aggregate block so long asthey satisfy the number of addresses required
3) Wherever possible optimize address spaces among Enterprise locations
Hint Divide the assigned ISP IP sub-network into equal blocks satisfying the smallest
requirement and then combine the smaller blocks into aggregate or non aggregate
blocks
Entity Number of Host Addresses
IP Network
ISP Network 4094 13812016020
Subnetwork Assigned toEnterprise A and B
510
Enterprise A
Location A1
Location A2
Enterprise B
Location B1
Location B2
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1352
Section 22 ndash ISP addressing with P PE and CE routers
Objective
In this exercise the student will design and implement an IP network addressing scheme
to support the communications between the routers as shown in the diagram below TheIP addressing schema will be used further in the subsequent lab exercises
Figure 2 Two ISPS
There are two ISPs shown in the above diagram ISP 1 consists of routers P1 P2 PE5and PE6 ISP 2 consists of routers P3 P4 PE3 and PE4
P1 and P2 P3 and P4 are considered provider routers and serve as transit points to other
provider routers PE1 and PE2 PE3 and PE4 are provider edge routers and connect to theISP customers These routers provide Internet and other network access to the ISP
customers
13
CE4R12
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1452
14
CE 1 and CE2 are customer edge routers that represent customers of ISP 1 CE3 and CE4are routers that represent customers of ISP2 These routers provide traffic from the ISP to
the various customer entities
Each ISP is assigned the following public address space by IANA
ISP 1 140100024
ISP 2 150100024
Your task is to design an IP sub-network based on the address space provided and assignthe sub networks to the various routers based on the following requirements which are the
same for both ISPs Note All students assigned to each of the ISP must collaboratetogether
Requirements
1 The first 32 addresses in the assigned IP space for both ISPs are reserved for system
and other internal loopback addresses on the P PE Each of the routers in the ISP andwill require a system address from this block
2
The next 64 addresses in the assigned IP space for both ISPs are reserved for futureuse
3 All customer routers on both ISPs are connected to at most 60 hosts So each ISP
needs to assign two 60 host addressing schemes to represent all the customers4 All inter router links including CE-PE router links within each ISP are point to point
links however for the sake of convenience they should be assigned lsquo30rsquo based
addresses
5 ISP 1 and ISP2 provider routers are physically connected to each other but are not peering to each other
Enter the addresses in the table below
ISP Number 1 Router Port Interface name IP Address
PE1 System
toP1
toPE2
toCE1
P1 System
toP3 Not used
toP2
toPE1
PE2 System
toP2
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1552
15
toPE1
toP1
P2 System
toPE2
toP4 Not used
toP1
CE1 System Not used
toPE1
Aggregate
CE2 System Not used
toPE2
Aggregate
ISP Number 2 Router Port Interface name IP Address
PE3 System
toP3
toPE4
toCE3
P3 SystemtoP1 Not used
toP4
toPE3
PE4 System
toP4
toPE3
toCE4
P4 System
toPE4
toP3
toP2 Not used
CE3 System Not usedtoPE3
Aggregate
CE4 System Not used
toPE4
Aggregate
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1652
16
Section 23 ndash Layer 3 Interfaces
Objective
In this exercise the student will configure the layer 3 interfaces as per the IP addressing
scheme listed in the tables in the previous exercise
1 Using the following command take a look at any existing interfaces on the router
Notice that the system interface is already created This interface exists by defaultand cannot be removed The only requirement is to assign the system interface with
an IP address The system interface will be automatically used by the various routing protocols as the router-id
XXXgtshow router interface crarr
2 Assign the IP address to the system interface as per the above table on the PE and Prouters
XXXgtconf i ggtrouter crarr XXXgtconf i ggtr outer interface system crarr
XXXgtconf i ggtr out ergti f address xxxxxxxxxxxx 32 crarr
XXXgtconf i ggtr out ergti f exit crarr
3 Assign the IP addresses to the rest of the interfaces on the CE PE and P routers Thedifference between these interfaces and the system interface is the fact that the non-
system interfaces require the addition of a physical port
a The system interface being a loopback or virtual interface does not have a
physical port assigned to it b Other non-system interfaces can also be created as loopback interfaces (as
shown below) and also not required the addition of a physical port However
they need to be explicitly configured as a loopback interfaces by specifyingthe command ldquoloopbackrdquo
c The customer networks on the CE router can be specified as a loopback
interface for the purpose of aggregation however on the loopback interface asingle host address in the customer network needs to be defined
Interface Type Name Loopback Subnet Mask Port Config
Normal ldquoAny Stringrdquo No 8-31 Required
System system Implicit 32 None
Loopback ldquoAny Stringrdquo Explicit 8-31 loopback
XXXgtconf i ggtr outer interface Hosts crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1752
17
XXXgtconf i ggtr out ergti f $ address xxxxxxxxxxxxyy crarr XXXgtconf i ggtr out ergti f $ loopback
XXXgtconf i ggtr out ergti f $ exitcrarr
4 Continue until all the interfaces have been assigned an IP address and the interface
has been associated to the correct port Once completed use the show command tosee the status of the router interfaces that have just been created The administrative
and operational status should both be up If an interface shows operationally downthis could be indicative of a physical problem Use the info command to view theconfiguration of the router interfaces to ensure that they have all (with the exception
of the System interface) been associated with a port
XXXgtshow router interface crarr
XXXgtconf i ggtroutercrarr
XXXgtconf i ggtr outer info crarr
5 Using the show command check the route tables of all the CE PE and P routers inyour ISP Notice the routes that now appear in the route table and take note of their
protocol type The PE routers should see 4 routes in the route table while the Prouters should see 4 routes in the route table
XXXgtshow router route-table crarr
Is there a difference between the outputs of the lsquoshow router interfacersquo command andthe lsquoshow router route-tablersquo command What is the difference
__________
6 Using the ping command check connectivity from a router to the distant end of each
of its interfaces to the neighboring routers For example on the PE routers check theconnectivity to the distant end of the interface connecting it to the P router and on theCE router check the connectivity to the PE router
XXXgt ping xxxxxxxxxxxx crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1852
18
Section 24 ndash Testing for ICMP and ARP
Internet control messaging protocol is an IP protocol used to report on errors deliveringan IP datagram When a destination address is unreachable the router that cannot find the
destination sends an ICMP destination unreachable to the source of the IP datagram ARPis a mechanism used to find out the MAC address corresponding to a specific IP address
if one does not exist in the sourcersquos ARP cache
1 To verify ICMP messages are being generated turn on debug for ICMP packets on allcore routers To turn debug icmp on
XXXgt debug router ip icmp
2 From the edge devices attempt to ping the IP address of the far-end interface to your
core router using your edgersquos system interface address as the source address Observethe debug ICMP messages on the core routers
3 To verify ARP operation by the router turn on debug IP ARP on the routers in any
ISP (P1-P2 P3-P4 PE1 and PE2 PE3 and PE4) routers Execute the followingcommand on each of the routers
XXXgt debug router ip no icmp
XXXgt debug router ip arp
XXXgt clear router arp all
XXXgt show router arp (This should be empty now)
4 NOTE Wait until all students are at this point before proceeding
From any PE router attempt to ping the system interface IP address of all the other
directly connected routers Observe the debug ARP message Verify the ARP entryfor the neighboring interface has been added
XXXgt show router arp
How many ARP entries are on each router at this point __________
5 From any P router attempt to ping the network interface IP address of all the otherconnected routers Observe the debug ARP message Verify the ARP entry for theneighboring interface has been added
XXXgt show router arp
How many ARP entries are on each router at this point __________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1952
19
Explain ________________________________________________________________________
________________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2052
Lab 3 Dynamic IP Routing
Section 31 ndash Static Routes
Objective
In this exercise the student will configure a static route from the PE to the P router andfrom the P router to the PE router that will allow both routers to ping the system interface
of each other At this point the operator can only ping the interfaces that are directlyconnected to the router This is because those are the only networks that are known bythe router Should the operator at the PE router attempt to ping the system interface of
the P router it will fail as the PE router has no route to the destination (it is not shown inthe route-table)
1 The first step is to define the network that the operator wishes to reach In this case itwill be the address of the system interface of the distant router Once that is defined
then the router must be informed of which interface to send the information out of toreach the distant network Note when defining the ldquonext-hoprdquo interface informationthe IP address used is the distant IP address of the interface not the local IP address of
the router interface Log in to the PE router and configure a static route using thefollowing command structure The first IP address defined is the destination network
plus mask In this case it is the system interface of the P router The second IPaddress defined is the IP address of the P end of the interface that connects the P tothe PE
XXXgtconfigure router static-route xxxxxxxxyy next-hopxxxxxxxx
2 The next step is to log on to the P routers and configure a static route to the systeminterface of the PE router The command structure is the same as above The onlything that will change is the IP addresses
3
Once completed verify connectivity between the P and PE routers in your pod by pinging the system interface of the other router
XXXgt ping xxxxxxxxxxxx crarr
4 View the contents of the routing table and answer the following questions
XXXgtshow r out er r out e- t abl e crarr
a How many routes in the table ________
b What is the preference and metric value of each type of routing entry
________________________________________________________________________
________________________________________________________________________
___________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2152
Section 32 ndash Default Routes and Router Logicction 32 ndash Default Routes and Router Logic
ObjectiveObjective
In this exercise the student will configure a default route on the Customer Edge CE
router The purpose of this default route is to allow IP connectivity from the CE router tothe rest of the routers in the network This is possible due to the fact that the CE router
has only one interface towards the ISP core Therefore if the destination is not local itmust be out that interface
In this exercise the student will configure a default route on the Customer Edge CE
router The purpose of this default route is to allow IP connectivity from the CE router tothe rest of the routers in the network This is possible due to the fact that the CE router
has only one interface towards the ISP core Therefore if the destination is not local itmust be out that interface
Figure 3 Static routes CE to PE and P PE to CEFigure 3 Static routes CE to PE and P PE to CE
21
CE4R12CE4R12
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
Static Route T e 2
Static Route T e 3
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2252
22
For this exercise the CE devices will configure default routes towards theirconnected PE router Each P and PE router will configure static routes for the CE
networks (the aggregate networks that were created as part of the subnetwork exercisein Section 22) connected to their local ISP For example P1 and PE1 will eachconfigure a static route to CE1 networks and another static route to the CE2 networks
Note that each P and PE router will configure 2 static routes for each CE
1 To configure a default route is to configure a static route The only difference is thedestination network and mask information In a default route the wild card network
and mask is used to match all network prefix values that do not match anything elsein the route-table Use the following configuration on the edge router of your pod
For the next hop use the interface as defined on the previous page
XXXgtconfigure router static-route 00000 next-hop xxxxxxxx crarr
2 Log on to the core (P and PE) routers and configure static routes for each CE
customer network address of the CE routers in your local ISP For each networkthere are 2 paths through your ISP For this exercise you will enter both static routes
into each PPE router The difference will be the metric value that is used The valueof the metric is the total number of routers (including the local router) traversed toreach the destination device
XXXgtconfigure router static-route xxxxxxxxyy next-hop
xxxxxxxx met r i c zcrarr
3 Use the show command to verify the existence of the default and static routes
XXXgtshow router route-table crarr
How many routes are there in the PPE routerrsquos routing table _______
Explain
_____________________________________________________________________ _____________________________________________________________________
4 Once everyone has completed the default route configuration log on to the CE router
and ping and traceroute the various system interfaces of the various routers within thenetwork Log into the P and PE router and try to ping the configured host address on both the CE routers in the ISP
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________
Which devices were not reachable ______________________________
XXXgttraceroute xxxxxxxxxxxx crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2352
23
What path is being taken to the other CE within your local ISP ____________________________________________________________________
5 Shut down the link directly between the PE devices
XXXgtconfigure port XYZ shutdown crarr
Which devices are still reachable _______________________________
Explain _____________________________________________________________________
_____________________________________________________________________A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2452
24
Section 33 ndash IP Filters
Objective
In this exercise the student will configure an IP filter on the routers to block ICMP echo-
request access to an IP address range
To configure an IP filter we must first determine the address and protocol types that we
will be allowing access to and the direction where the filter will be applied In this casewe will be blocking access to any of the CE customer host addresses from the protocol
ICMP (IP Protocol type 1) We will block access in the INGRESS direction on the CEinterface towards the PE
CE Routers Only
6 Create and describe the filter ip instance on the CE device
XXXgt configure filter ip-filter 77 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er $ description ldquoBlock ICMP to Customernetworkrdquo
7 Set the default-action to forward
XXXgtconf i ggtf i l t er gti p- f i l t er $ default-action forward crarr
8 Deny access to all host address range only for ICMP echo-requests Note We will
match in the ingress direction
XXXgtconf i ggtf i l t er gti p- f i l t er $ entry 10 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match dst-ip xxxxxxxxyy crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match protocol 1 icmp-type echo-
request crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ action drop crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ exit all crarr
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful _____Explain _____________________________________________________________________
_____________________________________________________________________
10 Apply the filter on the CE to the router interface connected to the PE device
XXXgt configure router interface toPEx crarr
XXX gtconf i ggtr out ergti f $ ingress filter ip 77 crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2552
25
11 From the PE ping the attached CErsquos configured host loopback address Successful _____
12 From the CE ping the attached PErsquos system IP addresses Successful _____Explain
_____________________________________________________________________
_____________________________________________________________________
PE Routers only Do not start until CE Router section is completed
13 Create and describe the filter ip instance on the PE device
XXXgt configure filter ip-filter 77 create crarr XXXgtconf i ggtf i l t er gti p- f i l t er $ description ldquoBlock ICMP to System
Addressrdquo
14 Set the default-action to forward
XXXgtconf i ggtf i l t er gti p- f i l t er $ default-action forward crarr
15 Deny access to the system IP address only for ICMP echo-requests Note We willmatch in the ingress direction so the packets will destined to the system IP address
XXXgtconf i ggtf i l t er gti p- f i l t er $ entry 10 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match dst-ip xxxxxxxxyy crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match protocol 1 icmp-type echo-
request crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ action drop crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ exit all crarr
16 Apply the filter to the router interface connected to the CE device
XXXgtconfigure router interface toCExcrarr
XXXgtingress filter ip 77 crarr
17 From the PE ping the attached CErsquos loopback host IP address Successful _____
18 From the CE ping the attached PErsquos system IP address Successful _____Explain
_____________________________________________________________________ _____________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2652
Lab 4 Open Shortest Path First (OSPF)
Section 41 ndash Single Area OSPF
Objective
In this exercise the student will configure a single area OSPF network for each ISP Thislab will demonstrate the different databases that are created by the OSPF routing
protocol
CE4R12
26
Figure 4 OSPF in each ISP
NOTE Remove all static routes configured in the P and PE devices in the previous
labs DO NOT remove the static routes to CE networks on the PE
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
OSPF
OSPF
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2752
27
1 The first step is to enable the OSPF routing process on the router
XXX configure router ospf crarr
2 Next define the area that the interfaces will be placed in Remember that the areamust match between routers connected on the same interface for OSPF to establish an
adjacency The objective of this exercise is to configure a single area OSPF network
therefore all students should use the same area number
XXXgtconf i ggtr outergtospf $ area 0 crarr
3 Now enter into this area all the interfaces that you want OSPF to operate on and sendout its advertisements In this case place all the PE and P router interfaces inside thelocal ISP into the OSPF process area 0 Note that ISPs rarely exchange routes witheach other using an IGP protocol of any sort
XXXgtconf i ggtr out er gtospf gtar ea$ interface system crarr
XXXgtconf i ggtr outergtospf gtar eagti f $ exit crarr XXXgtconf i ggtr outergtospf gtar eagt interface toPE1
XXXgtconf i ggtr out ergtospf gtareagti f $ interface-type point-to-point crarr
Continue until all the interfaces on the PE and P routers within the ISP are enteredinto the OSPF process in area 0
XXXgtshow r out er r out e- t abl e crarr
a How many routes in the table ________ b
_________________________________________________________________ _________________________________________________________________
_________________________________________________________________ _________________________________________________________________
What is the preference and metric value of each OSPF Route
4 Use the show command to look at the OSPF neighbors of the P routers
XXXgtshow r out er ospf nei ghbor crarr
a How many neighbors do you see on the P devices _____ PE _____ CE _____
b What is the state of their adjacency ____ Why
____________________________________________________________________
____________________________________________________________________
Use the following command to show the ospf link state database This database is alisting of all LSAs that have been received by the router It is these LSAs that the SPFalgorithm uses to create the forwarding table
XXX show router ospf database detail crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2852
28
a What types of LSAs are in the database _______________________________________________________________
_______________________________________________________________ b Is the database consistent on all the ISP routers _______
5 Once everyone has completed the OSPF configuration login to the P router and ping
the other PE router system interfaces
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________Which devices were not reachable ______________________________
Explain _____________________________________________________________________ ___________________________________________________________________
6 To reach the CE networks from any of the PE and P routers the CE networks need to
be distributed into OSPF running on PE and P routers The static routes to the CEnetworks are defined on the PE routers and need to be distributed on the PE routers
To do this
a
the PE router must be configured as an ASBR (Autonomous System Border
Router) The ASBR configuration under OSPF enables a router running the OSPFrouting protocol to distribute networks external to the OSPF domain into OSPFIn this case the static routes to the CE networks are not part of the ISP OSPF
domainOn the PE routerXXXgtconf i ggtr out er gtospf gtar ea 0 asbrcrarr
b A routing policy on the PE distributes the static routes into OSPF
On the PE routerXXX configure router policy-options crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons begin crarr XXXgtconf i ggtr out ergtpol i cy- opt i ons policy-statement Export_Routes crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement $ entry 10 crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y$
from protocol static crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y
action accept crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r ygtact i on
back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons commit crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons exit all crarr XXXgtconf i ggtr outergtospf export Export_Routes
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2952
29
7 From the PE and the P routers ping all the CE networks (ie ping the CE hostloopback address) within the ISP
Which devices were reachable _______________________________
Which devices were not reachable ______________________________Explain
_____________________________________________________________________
___________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3052
Lab 5 BGP Routing
Section 51 ndash BGP Routing
Objective
In this exercise the student will configure their ISP as a BGP Autonomous System The
student will then configure the BGP routing protocol to connect the Autonomous Systemstogether and exchange routing information
CE4R12
Figure 5 BGP between ISPs and within ISPs
30
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
OSPF
OSPF
BGP
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3152
31
1 Assign your AS number to your P and PE routers (R1-R8)
XXXgtconf i ggtr out er autonomous-system 6500n (n = ISP) crarr
2 P1 and P3 P2 and P4 will be configured as external BGP peers (eBGP) Note thateBGP peers typically use the next-hop interface IP address as the neighbor address
Since the ISPs will now be peering (share an IP network) between them assign the
link between P1 and P3 host addresses from 145001031 and the link between P2and P4 will be assigned hosts from the 145002031 network
XXXgtconf i ggtr out er bgp gr oup eBGP crarr
XXXgtconf i ggtr out er gtbgpgtgroup$ nei ghbor xxxxxxxx crarr
XXXgtconf i ggtr outergtbgpgtgroupgtnei ghbor$ peer - as ltremote ASgt crarr
3 P1 and P2 P3 and P4 will be configured as internal BGP peers (iBGP) Note that
iBGP peers typically use the system interface IP address as the neighbor address
XXXgtconf i ggtr out er bgp group i BGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ nei ghbor xx xx xx xx crarr
XXXgtconf i ggtr outergtbgpgtgroupgtnei ghbor$ peer - as ltl ocal ASgt crarr
4
At this point each P router should have one internal and one external BGP session
xxx show r out er bgp summar y crarr
5
We can see the advertised routes for reach neighbor using the following command
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
a How many routes are advertised to each neighbor _____ b Explain
____________________________________________________________ __________________________________________________________
6
BGP like other distance vector protocols requires an export policy to advertise-routes to other BGP peers The most accepted way to originate a route from an ISP isto create a black-hole static route for all aggregates to be advertised This will ensure
these routes always exit to eliminate IGP related route flapping Create the black-holestatic route for the aggregate of your local ISP A black hole indicates that traffic fora particular route will be discarded unless a more specific route exists in the routing
table A black hole static-route only makes sense from an aggregation view point Foreg if there are the following routes in the routing table
XXX configure router static-route xxxxxxxxyy black-hole
preference 250
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3252
32
8 Execute the following set of commands on the core routers (R1-R4) This will exportall static routes to the eBGP peers
XXX configure router policy-options crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons begin crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons policy-statement Export_Routes crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement $ entry 10 crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y$
from protocol static crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y
action accept crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r ygtact i on
back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons commit crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons exit all crarr
XXXconf i gur e router bgp group eBGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ expor t Expor t _Routes crarr
NOTE Wait for all nodes to be fully configured before proceeding
7
Notice that there are routes being advertised now that the policy is applied
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
How many routes are in the routing table of R1-R4 ________________Explain
_____________________________________________________________________ ___________________________________________________________________
9 Log on to the PE routers and ping the other P router system interfaces of the other ISP
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________Which devices were not reachable ______________________________
Explain _____________________________________________________________________
___________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3352
Lab 6 Services
Section 61 Services Framework
Objective
In order to complete the next group of labs we need to create a topology to support the
services we will deploy The two service providers from the previous sections havemerged into one and are offering a VPLS service across their network As long as routesexist to the system addresses of all the PE devices in the provider network a VPLSservice can be created The new service provider is running OSPF as the IGP for their
core network
33
Figure 6 Service Provider core network
CE4R12
P1R1 P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
OSPF
CE3R11
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3452
34
Running an IPMPLS-based service requires a Label Distribution Protocol (wersquoll useLDP for ease of deployment) and a full mesh of Service Distribution Paths (SDPs)
Follow the steps below
Reference Terminology
R1-R4 = Provider Routers = P1-P4
R5-R8 = Provider Edge Routers = PE1-PE4R9-R12 = Customer Edge Routers = CE1-CE4
Part 1 Provider Router Configuration (P1-P4)
1) In the previous lab routing between ISPs is provided by BGP Since the ISPs have
merged they will be merged into one routing domain running OSPF as their IGP
The interfaces between R1 and R3 and between R2 and R4 must be added to OSPF to
make this a single routing domain
2) The MPLS signaling protocol that will be used in the following section is LDP LDP
must be enabled on ALL interfaces that will be required to perform MPLS Label
exchange
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr
XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toP_ is the router interface to all neighboring routers
Part 2 Provider Edge Router Configuration (PE1-PE4)
1) LDP must be enabled on ALL router interfaces in the provider core to allow labels to
be exchanged across the Provider and Provider Edge routers
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toR_ is the router interface to the P and PE routers only
LDP is an MPLS signaling protocol therefore once all routers in the network have been
correctly configured for LDP LSPs will be created dynamically based on the systemaddresses of each node in the network
3) Configure a full mesh of SDPs (Service Distribution Paths) between the PE routers
only This will allow the distribution of services across all PE routers in the networks
When yoursquove completed this section each PE node will have a total of 3 SDPs to
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3552
35
each of the other 3 PEs The SDP is identified by an integer and we will use the router
number (5 6 7 or 8) of the far end PE to identify the SDP So PE1 (R5) will have 3
SDPs numbered 6 7 and 8 to each of the other three PEs
XXXgtconf i gure servi ce sdp x mpl s cr eat e crarr
XXXgtconf i ggtser vi cegtsdp$ f ar - end xxxxxxxxxxxx crarr
XXXgtconf i ggtser vi cegtsdp$ l dp crarr
XXXgtconf i ggtser vi cegtsdp$ no shut down crarr
Where x is the router number of the destination node
Where xxxxxxxxxxxx is the system IP address of the far-end device
Part 3 Customer Edge Router Configuration (CE1-CE4)
In the following service labs the Customer Edge devices will be configured as traditional
routers Each CE router has an interface in the same IP subnet The VPLS service will join these four routers in the same way an Ethernet switch would join them Thefollowing configuration is required on each CE device
1) Create the router interface on the interface connecting the CE to the service enabled
PE devices
XXXgtconf i gure r out er i nt er f ace ser vi cesCE_ crarr
XXXgtconf i ggtr out ergti f $ addr ess 192 168 1 x 24 crarr
XXXgtconf i ggtr out ergti f $ por t X Y Z crarr XXXgtconf i ggtr outergti f $ no shutdown
Where x is the local router number
Where XYZ is the physical network port connecting the CE to the neighboring
PE
2) Create OSPF area 0 and add the Router Interface created in step 1 and the system
interface to it
XXXgtconf i gur e rout er ospf area 0 crarr
XXXgtconf i ggtr out ergtospf gtarea$ i nter f ace syst emcrarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
XXXgtconf i ggtr out ergtospf gtarea i nter f ace servi ceCE1 crarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
Part 4 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3652
36
1) LDP is the protocol used for signaling which tunnel labels will be PUSHed
SWAPped POPped while data traverses the LSP To view which labels will be used
and their function use the following command
XXX show r out er l dp bi ndi ngs act i ve crarr
a How many PUSH actions on the P PE and CE devices
_______________________ Explain _______________________________________________________________
_______________________________________________________________
__________
b How many SWAP actions on the P PE and CE devices
_______________________ Explain
_______________________________________________________________
_______________________________________________________________
__________
c How many POP actions on the P PE and CE devices
_________________________ Explain
_______________________________________________________________ _______________________________________________________________
__________
2) CE Connectivity
a How many OSPF adjacencies are there on your CE device _____
b Ping the other CE devices in the network (ping 1921681x)
Explain the results ________________________________________________________________________ ________________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3752
Section 62 VPLS Example
Objective
A VPLS is a layer 2 service that can connect multiple sites in one LAN Itrsquos like creatinga virtual Switch out of a network of Service Routers In this lab we will create a VPLSacross all the PE nodes The PE devices will connect to each other with a full mesh using
mesh-sdp Note that after the service reference topology has been configured adding
services from edge to edge does not require any further modification of the P devices
37
Figure 6 VPLS service in each ISP between PE and P routers with SAP connections to CE routers
Part 1 Provider Edge Router Configuration (R5-R8)
1) Create the VPLS service
CE4R12
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
CE3R11
VPLS 1
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3852
38
XXXgtconf i gur e servi ce vpl s 1 cust omer 1 cr eat e crarr
XXXgtconf i ggtser vi cegtvpl s$ no shut down crarr
2) SDPs are used to distribute services across multiple service routers and therefore
bind a transport tunnel to the service You will need to create a mesh-sdp between
each PE router (R5-R8) to allow full communication across the PE routers Each PE
router should have 3 mesh-SDPs at the conclusion of this step Note that a mesh-sdp
will not forward a frame out another mesh-sdp allowing for a loop free service
topology within the core
XXXgtconf i gur e ser vi ce vpl s 1 mesh- sdp x create crarr
XXXgtconf i ggtser vi cegtvpl sgtmesh- sdp$ back crarr
Where x is the sdp to the other PE routers (R5=5 R6=6 R7=7 R8=8)
3) Service Access Points are used to attach CE devices to services on PE devices
XXXgtconf i gur e servi ce vpl s 1 sap X Y Z cr eat e crarr
Where XYZ is the physical port connecting the CE device to the PE
a Were you successful at adding the SAP _______
b Explain
_______________________________________________________________
_______________________________________________________________
c Correct the problem
XXXgtconf i gur e port X Y Z shut down crarr
XXXgtconf i gur e por t X Y Z et her net mode access crarr
XXXgtconf i gur e por t X Y X no shut down crarr
Part2 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
a View the in-use Service LDP bindings on the P and PE routers (U after label
indicates in-use)
XXX show r out er l dp bi ndi ngs f ec- t ype ser vi ces crarr
a How many Ingress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3952
39
b How many Egress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
b Network Connectivity
a How many OSPF adjacencies are there on your CE device _____
b
Are you able to ping the other CE devices in the lab _____c Are you able to ping the system IP address of the P device from the CE
device ____
d Explain the results
_______________________________________________________________
_______________________________________________________________
c Services Use the following command to determine the health of your services
XXXgt show ser vi ce servi ce- usi ng crarr
a How many services are there on each device in your POD ______
b
What is their status ______c Use the following command to find out more information about your service
XXXgt show ser vi ce i d 1 base crarr
d On each PE device we can see the MAC database per service using the
following command
XXXgt show ser vi ce i d 1 f db det ai l crarr
i How many local MAC addresses are in your table ____
ii How many remote MAC addresses are in your table ____
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
XXXgtconf i gur e servi ce sdp x shutdown crarr
Where x is the SDP to the remote PE device (R5=5 R6=6 R7=7 R8=8)
i How many OSPF adjacencies are there on your CE device _____
ii Ping the system IP addresses of all other CE devices in the lab
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4052
40
iii Explain the results
_________________________________________________________
_________________________________________________________
f On the P routers observe the impact of step d
XXXgtshow r out er l dp bi ndi ngs act i ve crarr
i
How many labels are there _____________
ii Is there any difference compared to what was seen in previously in
step a ________________
Explain __________________________________________________________________
__________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4152
41
Solutions
Exercise 13 Hardware
Sample Relevant Config--------------------------------------------------
echo Card Configuration--------------------------------------------------
card 1card-type iom-20g
mda 1
mda-type m60-10100eth-tx
ingress
mcast-path-managementshutdown
exit
exit
exit
exit
--------------------------------------------------
Exercise 14 Logs
Sample Relevant Config--------------------------------------------------echo Log Configuration
--------------------------------------------------
log
log-id 21
description Main stream log
from main
to memoryexit
log-id 22
description Security Log File
from security
to memoryexitlog-id 23
description Debug-trace
from debug-trace
to memoryexit
log-id 24
description Change Log
from change
to memoryexit
exit
Exercise 21
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4252
42
Divide up the ISP address space into equal space 512 host addresses
13812016022
13812020022
13812024022
13812028022 - divide into 13812028023 and 13812030023
Take the last 13812030023 and divide that into
13812030027 A1 30 hosts
138120303227 A2 62 hosts
138120306427
138120309627 B1 92 hosts
1381203012826
1381203019226 B2 316 hosts
13812031024
Exercise 22
Divide 140100024 into 827 address spaces
140100027 Reserved Reserved
1401003227 Unused
1401006427 Unused
1401009627 Split 1401009630
14010010030
14010010430
14010010830
14010011230
14010011630
14010012030
14010012430
All interface addresses
14010012827 Aggregate 14010012826 Assigned to Customer
space
14010016027
14010019227 Aggregate 14010019226 Assigned to customer
space
14010022427
Exercise 23
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4352
43
5 Is there a difference between the outputs of the lsquoshow router interfacersquo command
and the lsquoshow router route-tablersquo command What is the difference
Yes there is a difference The route table shows me the networks that are connected to myrouter and the logical interface it is connected to The router interface command shows
me the host address assigned to the port from the network that is used on my router along
with the physical port it is bound to
Relevant Configuration from P1
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
router
interface system
address 140100132
exit
interface t-R2exit
interface to-R2
address 140100530
port 112exit
interface to-R3
address 14010010930
port 113
exitinterface to-R5
address 14010011830
port 111
exit
exit
Exercise 244 How many ARP entries are on each router at this point
There are no ARP entries in my ARP table at this point The routers do not know how to
reach the system addresses of other routers so no ARP responses are received
5 How many ARP entries are on each router at this point
I see entries for each of my directly connected peers The MAC address belongs to the
remote routerrsquos interface ARP entries are populated because all routers know of theirdirectly connected networks and will respond to ARP requests accordingly
Exercise 31
5 View the contents of the routing table and answer the following questions
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4452
44
a How many routes in the table
There are routes for all my connected networks and an additional STATIC routefor each entry I put in
b What is the preference and metric value of each type of routing entry
The LOCAL entries have a Metric and Preference of 0The Static Routes have a Metric of 1 and a Preference of 5
Exercise 323 How many routes are there in the PPE routerrsquos routing table
Even though I entered 4 static routes total on the router only 2 are active in myrouting table The router preferred the static-route with the lowest metric
4 Which devices were reachable
I was able to ping the CE routers
Which devices were not reachable
I was unable to ping the System addresses of routers 2 hops away as they do not have
routes to the remote CE system address in their table The directly attached PE routerhas a staticroute to the local CE system address from a previous step
What is the PATH to the other CE within your local ISP
CE PE PE CE
5
Shut down the link directly between the PE devices
Which Devices are still reachable
I am still able to PING the other CE in my ISP by using the alternate (floating) static-route that replaced the last route Once a interface goes operationally down routers
flush routes from their routing table that use it as their next-hop
Exercise 33
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4552
45
YES While the filter is created it is not applied to any interface yet
11 From the PE ping the attached CErsquos configured host loopback address
SuccessfulYES
12 From the CE ping the attached PErsquos system IP addresses
Successful NO The filter is blocking icmp echo-requests in only one direction therefore ping
works one way but not the other
17 From the PE ping the attached CErsquos loopback host IP address
Successful
YES ICMP echo-requests are not blocked to the Loopback segment ONLY thesystem IP
18 From the CE ping the attached PErsquos system IP address
Successful
NO The filter is now blocking ICMP echo-requests to both CE and PE systemaddresses
Sample PE Relevant Config
--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forwarddescription Block ICMP to System Address
entry 10 create
match protocol icmpdst-ip 1511003032
icmp-type echo-request
exit
action drop
exit
exitexit
--------------------------------------------------
echo Router (Network Side) Configuration
--------------------------------------------------
interface to-R12
address 15110012630 port 112
ingress filter ip 77
exit
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4652
46
Sample CE Relevant Config--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forward
description Block ICMP to System Addy
entry 10 creatematch protocol icmp
dst-ip 1511003132
icmp-type echo-request
exit
action dropexit
exit
exit
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
interface to-R8
address 15110012530
port 112ingress filter ip 77
exit
Exercise 413
c How many routes in the table
There are 5 OSPF routes in my routing table 3 System Addresses and 2 Intefacenetworks that are not directly connected to my local system
d What is the preference and metric value of each OSPF Route
The OSPF routes vary in metric depending how ldquofarrdquo away they are (OSPF usescumulative cost based on bandwidth) but all have a preference of 10
4c How many neighbors do you see on the P devices 2
PE 2
CE 0
d What is the state of their adjacency
The P and PE adjacencies are Established because there is a OSPF speaker on the
other end with the proper parameters configured
There is no OSPF adjacency to the CE router listed as none was configured
e What type of LSAs are in the database
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4752
47
Only Type 1 Router LSA are present due to the interface being configured as point-
to-point
5 Which devices were reachable
All the devices in the local ISP were now reachable
Which devices were not reachable
The devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs Also none of the CE Host Networks were reachable as therouters did not have routes for these networks in their local routing table
6 Which devices were reachable
All networks and devices in the local ISP are now reachable
Which devices were not reachable
Devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs
Sample Relevant Config
--------------------------------------------------
echo OSPFv2 Configuration
--------------------------------------------------
ospf
area 0000interface system
interface-type point-to-point
exit
interface to-R4interface-type point-to-point
exitinterface toLAN
interface-type point-to-point
exitexit
exit
exit
Exercise 515 How many routes are advertised to each neighbor
There are no routes advertised to the neighbors because BGP does not originateroutes until an export policy is created and applied to the BGP instance
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4852
48
8 How many routes are in the routing table of R1-R4
There is 1 BGP route in each of R1-R4s routing tables matching the best path tothe aggregate advertised by the remote ISPs
9 Which devices were reachable
From the PE routers only the P routers in the local ISP were reachable
Which devices were not reachable
All routers in the remote ISP were still unreachable This is due to the local PE router
not participating in the BGP routing protocol and therefore it is not aware of theaggregate route advertised from P to P router
Sample Relevant Router Config
--------------------------------------------------
echo Static Route Configuration
--------------------------------------------------
static-route 140100024 black-hole--------------------------------------------------
echo Policy Configuration
-------------------------------------------------- policy-options
begin
policy-statement Export_Routes
entry 10
from protocol static
exit
action accept
exit
exit
exit
commitexit
--------------------------------------------------
echo BGP Configuration
--------------------------------------------------
bgpgroup eBGP
export Export_Routes
exit
group ebgpneighbor 1601006
peer-as 65002
exit
exitgroup ibgp
neighbor 1401002
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4952
49
peer-as 65001
exit
exit
exit
exit
Exercise 61Part 4 Verification
1 a How many PUSH actions on the P PE and CE devices
There are 7 PUSH operations on each P and PE device There are no PUSHoperations on the CE as it is not running LDP
b How many SWAP actions on the P PE and CE devices
There are 7 SWAP operations on each P and PE device There are no SWAP
operations on the CE as it is not running LDP
c How many POP actions on the P PE and CE devices
There is 1 POP operation on each P and PE device There are no POP operationson the CE device as it is not running LDP
2
a How many OSPF adjacencies are there on your CE device
None
b Ping the other CE devices in the network (ping 1921681x)
Nothing is reachable because there is no layer 2 connectivity from CE to CE
device without creating a service
Exercise 62 3 Were you successful at adding the SAP
No The port must be in access mode before you can create a SAP on it
Part 2 Verification
1
g How many Ingress labels
There are now 3 Ingress labels on the PE devices The P and CE device has no
service labels
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5052
50
h How many SWAP actions
There are now 3 Egress labels on the PE devices The P and CE device has noservice labels
2
a
How many OSPF adjacencies are there on your CE device3
b Are you able to ping the other CE devices in the lab
YES
c Are you able to ping the system IP address of the P device from the CE
device
NO The O and PE devices are private from the service to which the CEdevices are connected on
3
a How many services are there on each device in your POD
1 per PE only
b What is their status
Operationally UP
d On each PE device we can see the MAC database per service using the
following command
iii How many local MAC addresses are in your table
1
iv How many remote MAC addresses are in your table
3
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
i How many OSPF adjacencies are there on your CE device
1
ii Ping the system IP addresses of all other CE devices in the lab
Only the CE device connected to the diagonally connected PE isreachable because it is the only one with an active SDP in both
directionsf
i How many labels are there
Same as before
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5152
51
ii Is there any difference compared to what was seen in previously
in step a
NO The LSPs created with LDP are still active only the SDP usedto bind the LSPs to the service are shut down therefore no labelswill be withdrawn
Sample PE Relevant Configuration
--------------------------------------------------echo LDP Configuration
--------------------------------------------------
ldpinterface-parameters
interface to-R1
exit
interface to-R6
exit
interface to-R5exit
exit
targeted-session
exit
exitexit
--------------------------------------------------
echo Service Configuration
--------------------------------------------------
service
customer 1 createdescription Default customer
exit
sdp 6 mpls createfar-end 1401006
ldp
keep-alive
shutdown
exit
no shutdown
exitsdp 7 mpls create
far-end 1511001
ldp
keep-alive
shutdownexit
no shutdown
exit
sdp 8 mpls create
far-end 15110030
ldpkeep-alive
shutdown
exit
no shutdown
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5252
52
exit
vpls 612 customer 1 create
stp
shutdown
exitsap 112 create
exit
mesh-sdp 6612 create
mesh-sdp 7612 create
mesh-sdp 8612 createexitno shutdown
exit
exit A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 452
Section 12 ndash System Configuration
Objective
In this exercise the student will simply verify their current router configuration This willinvolve executing a ldquoshowrdquo command to view the contents of the BOF (Boot only file)
system
1 Simply execute the following command
a Verify that the IP address is the management IP address used to login to the router b Verify the Management Ethernet port configuration settings
RX show bof
===============================================================BOF ( Memor y)==============================================================pr i mary- i mage f t p ltI PAddr essgt 7750_40r 5 i 386- both t i m
pr i mary- conf i g f t p ltI PAddr essgt SI M02 R01 configcfg address 19216811912924 act i vest ati c- r out e 128 0 0 0 1 next- hop 192 168 119 1aut onegot i atedupl ex f ul lspeed 100wai t 4per si st onconsol e- speed 115200
=============================================================
2 Saving your configuration
RX admin save
This will save the configuration to the configcfg file shown above in the bof output
To save the configuration to a different file name the exact location and name of thefile must be specified
RX admin save- save [ltfile-urlgt] [detail] [index]
ltfile-urlgt ltlocal-urlgt|ltremote-urlgt - [255 chars max]local-url - [ltcflash-idgt][ltfile-pathgt]remote-url - [ftp|tftpltlogingtltpswdgt
4
IP Management
AddressEthernet PortParameters
Configurationfile
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 552
5
ltremote-locngt][ltfile-pathgt]cf1|cf1-A| cf3|cf3-A|cf3-B
ltdetailgt keyword - Adds default configurationltindexgt keyword - Forces a save of the index file
The location here can be a compact flash location ftp server or tftp server
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 652
6
Section 13 ndash Hardware
Objective
In this exercise the student will configure InputOutput Modules (IOM) MediaDependent Access (MDA) and the ports The student will then ensure that the ports are
properly configured as far as mode and MTU The configurations are slightly different between the physical router and the router simulator
IOMMDA Configuration
1 In this step the student is not actually configuring the IOM card The student isconfiguring the card slot The IOM card itself already knows what it is Thiscommand shows what type of cards it should expect to see installed
RX show card crarr
Conf i gur e the appr opr i ate sl ot wi t h the equi pped car d
RX configure card ltslotgt crarr ( wher e sl ot i s 1- 10 dependi ng on t herouter)
RXgtconf i ggtcar d card-type iom-20g crarr ( this can be differentPlease verify the correct card in the slot by doing a lsquoshowcardrsquo)
RXgtconf i ggtcar d no shutdown crarr ( by def aul t al l car ds are shut down)
2 The next step is to configure the daughter card slots on the IOM
RX show mda crarr ( command to show all MDAs installed on all cards)
RXgtconf i ggtcar d mda 1 crarr
RXgtconf i ggtcar dgtmda mda-type m60-10100eth-tx crarr ( this can be different
Please verify the correct mda in the slot by doing a lsquoshow mda ltcardgtrsquo)
RXgtconf i ggtcar dgtmda no shutdown crarr
3 Confirm that the configurations were correctly done by using the followingcommands The equipped card type and the provisioned card type listed in the CLIwindow should be identical
RX show card 1 crarr
RX show mda 11
crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 752
7
RX show mda 12 crarr
4 Note The cards and MDAs can be configured incorrectly there is no visible warning
to determine if these components were wrongly configured other than the defaultalarm logs (see Configuring Alarms Section 14) Although the router will accept an
incorrect configuration any service on the incorrectly configured cardsMDAs will
not work correctly
5 Once the cards are correctly configured then configure the ports on the MDAs
Unlike the cards where it was a hierarchical configuration structure the ports are not
configured as part of the MDA hierarchy The student must exit back to the root andthen enter into the port configuration mode The ports are identified by firstidentifying the IOM then the MDA and then the port (111) By default the ports on
a 60 port 10100 card are network mode with a MTU of 1514 The default settingswill suffice for the remainder of this course
RXgtconf i ggt port 111 crarr
RXgtconf i ggtpor t gt no shut crarr
RXgtconf i g port 11[14] no shut crarr
(This command will enable you to configure a string of ports at one time In this casethis command will turn all 4 ports administratively on)
6 Use the following commands to verify that the configurations at the port level arecorrect and functioning properly
RX show port crarr
RX show port 111 detail crarr
(The ldquodetailrdquo extension on a show command will display everything possible about the
item specified This command is very useful in troubleshooting)
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 852
8
Section 14 ndash Logs
Objective
In this exercise the student will configure log-ids and verify their operation The studentwill then set up a relationship within the log-id to identify the source of the information
(the logger) and the destination of the information that they wish to capture
1 Create a Log ID and associate the Log to memory
RX configure log log-id 21 crarr ( t he r ange i s 1- 100 however 99 100 ar er eserved)
RXgtconf i gur egtl oggtl og- i d$ description ldquoMain Stream Logrdquo crarr
RXgtconf i gur egtl oggtl og- i d$ from main crarr (This is the source of the information
that you wish to capture)
RXgtconf i gur egtl oggtl og- i d$ to memory crarr (This is the destination)
RXgtconf i gur egtl oggtl og- i d$ info detail crarr
RXgtconf i gur egtl oggtl og- i d$ exit crarr
RX show log log-id 21 crarr
2 Using the same configuration steps that you have just completed for step 1 repeat the process to configure three other log files using the following parameters
Description Security Log FileLog ndashid 22Log Source security
Destination memory
Description Debug-Trace
Log-id 23Log Source debug-trace
Destination session
Description Change LogLog-id 24
Log Source changeDestination memory
3 Verify the log files configuration and output
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 952
9
a Observe the log file configuration
RX configure log crarr
RXgtconf i gur egtl oggt info crarr
b Observe the security log
To test the security logging open another session to the same router that you arelogged into Try logging in to the router using a wrong loginpassword
On the active session now execute a
RX show log log-id 22 crarr
Observe the failed login attempts
c Observe the Change log
RX show log log-id 24 crarr
Observe all the events in the change log What kind of events are logged here
d
Observe the Debug log Note This will be viewed when debug events are turned up in succeeding labs
e Observe the Main log
RX configure port 115 no shut crarr
RX exit crarr
RX show log log-id 21 crarr
RX configure port 115 shut crarr
f Logout from the active session and now type a
RX config log crarr
RX info crarr
Compare the output of the info command to the output obtained at the beginning of thisstep Is there a difference and why
4 Configuring and viewing alarms
Alarms on the 7x50 are not directly displayed Two log files (log id 99 and log id 100)
are configured automatically on startup to capture alarm events for layer 1 and layer 2
To view these alarms execute
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1052
10
RXgt show log log-id 99
RXgt show log log-id 100
Appropriate parameters can be used in order to display specific information
5
Save your configs
RXgt admin save
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1152
Lab 2 IP Addressing and Routing
Section 21 - ISP addressing with Enterprise Customers
Objective
In this exercise the student will design and implement an IP network addressing scheme
to support the communications between the routers as shown in the diagram below Thisis a paper exercise
Ent A1
30 hosts
Ent B2
300 hosts
11
Figure 1 Two Enterprises linked to a common ISP
Ent B1
90 hosts
Ent A2
60 hosts
ISP
Formatted Portuguese (Braz
Formatted Font (Default) TiNew Roman 12 pt Not Bold Fcolor Auto Portuguese (Brazil
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1252
12
Two enterprises A and B are connected to a central Tier 2 ISP A1 and A2 are two ofEnterprise Arsquos locations connected to the Tier 2 ISP and B1 and B2 are two of
Enterprise Brsquos locations connected to the same Tier 2
The ISP has a public IP addressing space of 13812016020 The Enterprises A and Blease their IP addressing from their ISP Enterprise A requires an IP addressing scheme
that can scale to at most 30 nodes in location A1 and 60 nodes in location A2 The
Enterprise B requires an IP addressing scheme with at most 90 nodes in location B1 andless than 300 nodes in location B2 The ISP can only lease 500 IP addresses (among thetwo enterprises) and will utilize the last part of its assigned sub-network to both theenterprises
Your tasks are to1) Extract a 500 host sub-network from the last part of the ISP IP network address of
13812016020
2) Divide the resulting sub-network into unequal sub-networks satisfying all the siterequirements for each of the enterprise locations Note The sub-networksassigned to each location do not have to be a single aggregate block so long asthey satisfy the number of addresses required
3) Wherever possible optimize address spaces among Enterprise locations
Hint Divide the assigned ISP IP sub-network into equal blocks satisfying the smallest
requirement and then combine the smaller blocks into aggregate or non aggregate
blocks
Entity Number of Host Addresses
IP Network
ISP Network 4094 13812016020
Subnetwork Assigned toEnterprise A and B
510
Enterprise A
Location A1
Location A2
Enterprise B
Location B1
Location B2
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1352
Section 22 ndash ISP addressing with P PE and CE routers
Objective
In this exercise the student will design and implement an IP network addressing scheme
to support the communications between the routers as shown in the diagram below TheIP addressing schema will be used further in the subsequent lab exercises
Figure 2 Two ISPS
There are two ISPs shown in the above diagram ISP 1 consists of routers P1 P2 PE5and PE6 ISP 2 consists of routers P3 P4 PE3 and PE4
P1 and P2 P3 and P4 are considered provider routers and serve as transit points to other
provider routers PE1 and PE2 PE3 and PE4 are provider edge routers and connect to theISP customers These routers provide Internet and other network access to the ISP
customers
13
CE4R12
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1452
14
CE 1 and CE2 are customer edge routers that represent customers of ISP 1 CE3 and CE4are routers that represent customers of ISP2 These routers provide traffic from the ISP to
the various customer entities
Each ISP is assigned the following public address space by IANA
ISP 1 140100024
ISP 2 150100024
Your task is to design an IP sub-network based on the address space provided and assignthe sub networks to the various routers based on the following requirements which are the
same for both ISPs Note All students assigned to each of the ISP must collaboratetogether
Requirements
1 The first 32 addresses in the assigned IP space for both ISPs are reserved for system
and other internal loopback addresses on the P PE Each of the routers in the ISP andwill require a system address from this block
2
The next 64 addresses in the assigned IP space for both ISPs are reserved for futureuse
3 All customer routers on both ISPs are connected to at most 60 hosts So each ISP
needs to assign two 60 host addressing schemes to represent all the customers4 All inter router links including CE-PE router links within each ISP are point to point
links however for the sake of convenience they should be assigned lsquo30rsquo based
addresses
5 ISP 1 and ISP2 provider routers are physically connected to each other but are not peering to each other
Enter the addresses in the table below
ISP Number 1 Router Port Interface name IP Address
PE1 System
toP1
toPE2
toCE1
P1 System
toP3 Not used
toP2
toPE1
PE2 System
toP2
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1552
15
toPE1
toP1
P2 System
toPE2
toP4 Not used
toP1
CE1 System Not used
toPE1
Aggregate
CE2 System Not used
toPE2
Aggregate
ISP Number 2 Router Port Interface name IP Address
PE3 System
toP3
toPE4
toCE3
P3 SystemtoP1 Not used
toP4
toPE3
PE4 System
toP4
toPE3
toCE4
P4 System
toPE4
toP3
toP2 Not used
CE3 System Not usedtoPE3
Aggregate
CE4 System Not used
toPE4
Aggregate
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1652
16
Section 23 ndash Layer 3 Interfaces
Objective
In this exercise the student will configure the layer 3 interfaces as per the IP addressing
scheme listed in the tables in the previous exercise
1 Using the following command take a look at any existing interfaces on the router
Notice that the system interface is already created This interface exists by defaultand cannot be removed The only requirement is to assign the system interface with
an IP address The system interface will be automatically used by the various routing protocols as the router-id
XXXgtshow router interface crarr
2 Assign the IP address to the system interface as per the above table on the PE and Prouters
XXXgtconf i ggtrouter crarr XXXgtconf i ggtr outer interface system crarr
XXXgtconf i ggtr out ergti f address xxxxxxxxxxxx 32 crarr
XXXgtconf i ggtr out ergti f exit crarr
3 Assign the IP addresses to the rest of the interfaces on the CE PE and P routers Thedifference between these interfaces and the system interface is the fact that the non-
system interfaces require the addition of a physical port
a The system interface being a loopback or virtual interface does not have a
physical port assigned to it b Other non-system interfaces can also be created as loopback interfaces (as
shown below) and also not required the addition of a physical port However
they need to be explicitly configured as a loopback interfaces by specifyingthe command ldquoloopbackrdquo
c The customer networks on the CE router can be specified as a loopback
interface for the purpose of aggregation however on the loopback interface asingle host address in the customer network needs to be defined
Interface Type Name Loopback Subnet Mask Port Config
Normal ldquoAny Stringrdquo No 8-31 Required
System system Implicit 32 None
Loopback ldquoAny Stringrdquo Explicit 8-31 loopback
XXXgtconf i ggtr outer interface Hosts crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1752
17
XXXgtconf i ggtr out ergti f $ address xxxxxxxxxxxxyy crarr XXXgtconf i ggtr out ergti f $ loopback
XXXgtconf i ggtr out ergti f $ exitcrarr
4 Continue until all the interfaces have been assigned an IP address and the interface
has been associated to the correct port Once completed use the show command tosee the status of the router interfaces that have just been created The administrative
and operational status should both be up If an interface shows operationally downthis could be indicative of a physical problem Use the info command to view theconfiguration of the router interfaces to ensure that they have all (with the exception
of the System interface) been associated with a port
XXXgtshow router interface crarr
XXXgtconf i ggtroutercrarr
XXXgtconf i ggtr outer info crarr
5 Using the show command check the route tables of all the CE PE and P routers inyour ISP Notice the routes that now appear in the route table and take note of their
protocol type The PE routers should see 4 routes in the route table while the Prouters should see 4 routes in the route table
XXXgtshow router route-table crarr
Is there a difference between the outputs of the lsquoshow router interfacersquo command andthe lsquoshow router route-tablersquo command What is the difference
__________
6 Using the ping command check connectivity from a router to the distant end of each
of its interfaces to the neighboring routers For example on the PE routers check theconnectivity to the distant end of the interface connecting it to the P router and on theCE router check the connectivity to the PE router
XXXgt ping xxxxxxxxxxxx crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1852
18
Section 24 ndash Testing for ICMP and ARP
Internet control messaging protocol is an IP protocol used to report on errors deliveringan IP datagram When a destination address is unreachable the router that cannot find the
destination sends an ICMP destination unreachable to the source of the IP datagram ARPis a mechanism used to find out the MAC address corresponding to a specific IP address
if one does not exist in the sourcersquos ARP cache
1 To verify ICMP messages are being generated turn on debug for ICMP packets on allcore routers To turn debug icmp on
XXXgt debug router ip icmp
2 From the edge devices attempt to ping the IP address of the far-end interface to your
core router using your edgersquos system interface address as the source address Observethe debug ICMP messages on the core routers
3 To verify ARP operation by the router turn on debug IP ARP on the routers in any
ISP (P1-P2 P3-P4 PE1 and PE2 PE3 and PE4) routers Execute the followingcommand on each of the routers
XXXgt debug router ip no icmp
XXXgt debug router ip arp
XXXgt clear router arp all
XXXgt show router arp (This should be empty now)
4 NOTE Wait until all students are at this point before proceeding
From any PE router attempt to ping the system interface IP address of all the other
directly connected routers Observe the debug ARP message Verify the ARP entryfor the neighboring interface has been added
XXXgt show router arp
How many ARP entries are on each router at this point __________
5 From any P router attempt to ping the network interface IP address of all the otherconnected routers Observe the debug ARP message Verify the ARP entry for theneighboring interface has been added
XXXgt show router arp
How many ARP entries are on each router at this point __________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1952
19
Explain ________________________________________________________________________
________________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2052
Lab 3 Dynamic IP Routing
Section 31 ndash Static Routes
Objective
In this exercise the student will configure a static route from the PE to the P router andfrom the P router to the PE router that will allow both routers to ping the system interface
of each other At this point the operator can only ping the interfaces that are directlyconnected to the router This is because those are the only networks that are known bythe router Should the operator at the PE router attempt to ping the system interface of
the P router it will fail as the PE router has no route to the destination (it is not shown inthe route-table)
1 The first step is to define the network that the operator wishes to reach In this case itwill be the address of the system interface of the distant router Once that is defined
then the router must be informed of which interface to send the information out of toreach the distant network Note when defining the ldquonext-hoprdquo interface informationthe IP address used is the distant IP address of the interface not the local IP address of
the router interface Log in to the PE router and configure a static route using thefollowing command structure The first IP address defined is the destination network
plus mask In this case it is the system interface of the P router The second IPaddress defined is the IP address of the P end of the interface that connects the P tothe PE
XXXgtconfigure router static-route xxxxxxxxyy next-hopxxxxxxxx
2 The next step is to log on to the P routers and configure a static route to the systeminterface of the PE router The command structure is the same as above The onlything that will change is the IP addresses
3
Once completed verify connectivity between the P and PE routers in your pod by pinging the system interface of the other router
XXXgt ping xxxxxxxxxxxx crarr
4 View the contents of the routing table and answer the following questions
XXXgtshow r out er r out e- t abl e crarr
a How many routes in the table ________
b What is the preference and metric value of each type of routing entry
________________________________________________________________________
________________________________________________________________________
___________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2152
Section 32 ndash Default Routes and Router Logicction 32 ndash Default Routes and Router Logic
ObjectiveObjective
In this exercise the student will configure a default route on the Customer Edge CE
router The purpose of this default route is to allow IP connectivity from the CE router tothe rest of the routers in the network This is possible due to the fact that the CE router
has only one interface towards the ISP core Therefore if the destination is not local itmust be out that interface
In this exercise the student will configure a default route on the Customer Edge CE
router The purpose of this default route is to allow IP connectivity from the CE router tothe rest of the routers in the network This is possible due to the fact that the CE router
has only one interface towards the ISP core Therefore if the destination is not local itmust be out that interface
Figure 3 Static routes CE to PE and P PE to CEFigure 3 Static routes CE to PE and P PE to CE
21
CE4R12CE4R12
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
Static Route T e 2
Static Route T e 3
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2252
22
For this exercise the CE devices will configure default routes towards theirconnected PE router Each P and PE router will configure static routes for the CE
networks (the aggregate networks that were created as part of the subnetwork exercisein Section 22) connected to their local ISP For example P1 and PE1 will eachconfigure a static route to CE1 networks and another static route to the CE2 networks
Note that each P and PE router will configure 2 static routes for each CE
1 To configure a default route is to configure a static route The only difference is thedestination network and mask information In a default route the wild card network
and mask is used to match all network prefix values that do not match anything elsein the route-table Use the following configuration on the edge router of your pod
For the next hop use the interface as defined on the previous page
XXXgtconfigure router static-route 00000 next-hop xxxxxxxx crarr
2 Log on to the core (P and PE) routers and configure static routes for each CE
customer network address of the CE routers in your local ISP For each networkthere are 2 paths through your ISP For this exercise you will enter both static routes
into each PPE router The difference will be the metric value that is used The valueof the metric is the total number of routers (including the local router) traversed toreach the destination device
XXXgtconfigure router static-route xxxxxxxxyy next-hop
xxxxxxxx met r i c zcrarr
3 Use the show command to verify the existence of the default and static routes
XXXgtshow router route-table crarr
How many routes are there in the PPE routerrsquos routing table _______
Explain
_____________________________________________________________________ _____________________________________________________________________
4 Once everyone has completed the default route configuration log on to the CE router
and ping and traceroute the various system interfaces of the various routers within thenetwork Log into the P and PE router and try to ping the configured host address on both the CE routers in the ISP
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________
Which devices were not reachable ______________________________
XXXgttraceroute xxxxxxxxxxxx crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2352
23
What path is being taken to the other CE within your local ISP ____________________________________________________________________
5 Shut down the link directly between the PE devices
XXXgtconfigure port XYZ shutdown crarr
Which devices are still reachable _______________________________
Explain _____________________________________________________________________
_____________________________________________________________________A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2452
24
Section 33 ndash IP Filters
Objective
In this exercise the student will configure an IP filter on the routers to block ICMP echo-
request access to an IP address range
To configure an IP filter we must first determine the address and protocol types that we
will be allowing access to and the direction where the filter will be applied In this casewe will be blocking access to any of the CE customer host addresses from the protocol
ICMP (IP Protocol type 1) We will block access in the INGRESS direction on the CEinterface towards the PE
CE Routers Only
6 Create and describe the filter ip instance on the CE device
XXXgt configure filter ip-filter 77 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er $ description ldquoBlock ICMP to Customernetworkrdquo
7 Set the default-action to forward
XXXgtconf i ggtf i l t er gti p- f i l t er $ default-action forward crarr
8 Deny access to all host address range only for ICMP echo-requests Note We will
match in the ingress direction
XXXgtconf i ggtf i l t er gti p- f i l t er $ entry 10 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match dst-ip xxxxxxxxyy crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match protocol 1 icmp-type echo-
request crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ action drop crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ exit all crarr
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful _____Explain _____________________________________________________________________
_____________________________________________________________________
10 Apply the filter on the CE to the router interface connected to the PE device
XXXgt configure router interface toPEx crarr
XXX gtconf i ggtr out ergti f $ ingress filter ip 77 crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2552
25
11 From the PE ping the attached CErsquos configured host loopback address Successful _____
12 From the CE ping the attached PErsquos system IP addresses Successful _____Explain
_____________________________________________________________________
_____________________________________________________________________
PE Routers only Do not start until CE Router section is completed
13 Create and describe the filter ip instance on the PE device
XXXgt configure filter ip-filter 77 create crarr XXXgtconf i ggtf i l t er gti p- f i l t er $ description ldquoBlock ICMP to System
Addressrdquo
14 Set the default-action to forward
XXXgtconf i ggtf i l t er gti p- f i l t er $ default-action forward crarr
15 Deny access to the system IP address only for ICMP echo-requests Note We willmatch in the ingress direction so the packets will destined to the system IP address
XXXgtconf i ggtf i l t er gti p- f i l t er $ entry 10 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match dst-ip xxxxxxxxyy crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match protocol 1 icmp-type echo-
request crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ action drop crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ exit all crarr
16 Apply the filter to the router interface connected to the CE device
XXXgtconfigure router interface toCExcrarr
XXXgtingress filter ip 77 crarr
17 From the PE ping the attached CErsquos loopback host IP address Successful _____
18 From the CE ping the attached PErsquos system IP address Successful _____Explain
_____________________________________________________________________ _____________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2652
Lab 4 Open Shortest Path First (OSPF)
Section 41 ndash Single Area OSPF
Objective
In this exercise the student will configure a single area OSPF network for each ISP Thislab will demonstrate the different databases that are created by the OSPF routing
protocol
CE4R12
26
Figure 4 OSPF in each ISP
NOTE Remove all static routes configured in the P and PE devices in the previous
labs DO NOT remove the static routes to CE networks on the PE
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
OSPF
OSPF
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2752
27
1 The first step is to enable the OSPF routing process on the router
XXX configure router ospf crarr
2 Next define the area that the interfaces will be placed in Remember that the areamust match between routers connected on the same interface for OSPF to establish an
adjacency The objective of this exercise is to configure a single area OSPF network
therefore all students should use the same area number
XXXgtconf i ggtr outergtospf $ area 0 crarr
3 Now enter into this area all the interfaces that you want OSPF to operate on and sendout its advertisements In this case place all the PE and P router interfaces inside thelocal ISP into the OSPF process area 0 Note that ISPs rarely exchange routes witheach other using an IGP protocol of any sort
XXXgtconf i ggtr out er gtospf gtar ea$ interface system crarr
XXXgtconf i ggtr outergtospf gtar eagti f $ exit crarr XXXgtconf i ggtr outergtospf gtar eagt interface toPE1
XXXgtconf i ggtr out ergtospf gtareagti f $ interface-type point-to-point crarr
Continue until all the interfaces on the PE and P routers within the ISP are enteredinto the OSPF process in area 0
XXXgtshow r out er r out e- t abl e crarr
a How many routes in the table ________ b
_________________________________________________________________ _________________________________________________________________
_________________________________________________________________ _________________________________________________________________
What is the preference and metric value of each OSPF Route
4 Use the show command to look at the OSPF neighbors of the P routers
XXXgtshow r out er ospf nei ghbor crarr
a How many neighbors do you see on the P devices _____ PE _____ CE _____
b What is the state of their adjacency ____ Why
____________________________________________________________________
____________________________________________________________________
Use the following command to show the ospf link state database This database is alisting of all LSAs that have been received by the router It is these LSAs that the SPFalgorithm uses to create the forwarding table
XXX show router ospf database detail crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2852
28
a What types of LSAs are in the database _______________________________________________________________
_______________________________________________________________ b Is the database consistent on all the ISP routers _______
5 Once everyone has completed the OSPF configuration login to the P router and ping
the other PE router system interfaces
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________Which devices were not reachable ______________________________
Explain _____________________________________________________________________ ___________________________________________________________________
6 To reach the CE networks from any of the PE and P routers the CE networks need to
be distributed into OSPF running on PE and P routers The static routes to the CEnetworks are defined on the PE routers and need to be distributed on the PE routers
To do this
a
the PE router must be configured as an ASBR (Autonomous System Border
Router) The ASBR configuration under OSPF enables a router running the OSPFrouting protocol to distribute networks external to the OSPF domain into OSPFIn this case the static routes to the CE networks are not part of the ISP OSPF
domainOn the PE routerXXXgtconf i ggtr out er gtospf gtar ea 0 asbrcrarr
b A routing policy on the PE distributes the static routes into OSPF
On the PE routerXXX configure router policy-options crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons begin crarr XXXgtconf i ggtr out ergtpol i cy- opt i ons policy-statement Export_Routes crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement $ entry 10 crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y$
from protocol static crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y
action accept crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r ygtact i on
back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons commit crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons exit all crarr XXXgtconf i ggtr outergtospf export Export_Routes
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2952
29
7 From the PE and the P routers ping all the CE networks (ie ping the CE hostloopback address) within the ISP
Which devices were reachable _______________________________
Which devices were not reachable ______________________________Explain
_____________________________________________________________________
___________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3052
Lab 5 BGP Routing
Section 51 ndash BGP Routing
Objective
In this exercise the student will configure their ISP as a BGP Autonomous System The
student will then configure the BGP routing protocol to connect the Autonomous Systemstogether and exchange routing information
CE4R12
Figure 5 BGP between ISPs and within ISPs
30
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
OSPF
OSPF
BGP
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3152
31
1 Assign your AS number to your P and PE routers (R1-R8)
XXXgtconf i ggtr out er autonomous-system 6500n (n = ISP) crarr
2 P1 and P3 P2 and P4 will be configured as external BGP peers (eBGP) Note thateBGP peers typically use the next-hop interface IP address as the neighbor address
Since the ISPs will now be peering (share an IP network) between them assign the
link between P1 and P3 host addresses from 145001031 and the link between P2and P4 will be assigned hosts from the 145002031 network
XXXgtconf i ggtr out er bgp gr oup eBGP crarr
XXXgtconf i ggtr out er gtbgpgtgroup$ nei ghbor xxxxxxxx crarr
XXXgtconf i ggtr outergtbgpgtgroupgtnei ghbor$ peer - as ltremote ASgt crarr
3 P1 and P2 P3 and P4 will be configured as internal BGP peers (iBGP) Note that
iBGP peers typically use the system interface IP address as the neighbor address
XXXgtconf i ggtr out er bgp group i BGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ nei ghbor xx xx xx xx crarr
XXXgtconf i ggtr outergtbgpgtgroupgtnei ghbor$ peer - as ltl ocal ASgt crarr
4
At this point each P router should have one internal and one external BGP session
xxx show r out er bgp summar y crarr
5
We can see the advertised routes for reach neighbor using the following command
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
a How many routes are advertised to each neighbor _____ b Explain
____________________________________________________________ __________________________________________________________
6
BGP like other distance vector protocols requires an export policy to advertise-routes to other BGP peers The most accepted way to originate a route from an ISP isto create a black-hole static route for all aggregates to be advertised This will ensure
these routes always exit to eliminate IGP related route flapping Create the black-holestatic route for the aggregate of your local ISP A black hole indicates that traffic fora particular route will be discarded unless a more specific route exists in the routing
table A black hole static-route only makes sense from an aggregation view point Foreg if there are the following routes in the routing table
XXX configure router static-route xxxxxxxxyy black-hole
preference 250
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3252
32
8 Execute the following set of commands on the core routers (R1-R4) This will exportall static routes to the eBGP peers
XXX configure router policy-options crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons begin crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons policy-statement Export_Routes crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement $ entry 10 crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y$
from protocol static crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y
action accept crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r ygtact i on
back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons commit crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons exit all crarr
XXXconf i gur e router bgp group eBGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ expor t Expor t _Routes crarr
NOTE Wait for all nodes to be fully configured before proceeding
7
Notice that there are routes being advertised now that the policy is applied
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
How many routes are in the routing table of R1-R4 ________________Explain
_____________________________________________________________________ ___________________________________________________________________
9 Log on to the PE routers and ping the other P router system interfaces of the other ISP
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________Which devices were not reachable ______________________________
Explain _____________________________________________________________________
___________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3352
Lab 6 Services
Section 61 Services Framework
Objective
In order to complete the next group of labs we need to create a topology to support the
services we will deploy The two service providers from the previous sections havemerged into one and are offering a VPLS service across their network As long as routesexist to the system addresses of all the PE devices in the provider network a VPLSservice can be created The new service provider is running OSPF as the IGP for their
core network
33
Figure 6 Service Provider core network
CE4R12
P1R1 P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
OSPF
CE3R11
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3452
34
Running an IPMPLS-based service requires a Label Distribution Protocol (wersquoll useLDP for ease of deployment) and a full mesh of Service Distribution Paths (SDPs)
Follow the steps below
Reference Terminology
R1-R4 = Provider Routers = P1-P4
R5-R8 = Provider Edge Routers = PE1-PE4R9-R12 = Customer Edge Routers = CE1-CE4
Part 1 Provider Router Configuration (P1-P4)
1) In the previous lab routing between ISPs is provided by BGP Since the ISPs have
merged they will be merged into one routing domain running OSPF as their IGP
The interfaces between R1 and R3 and between R2 and R4 must be added to OSPF to
make this a single routing domain
2) The MPLS signaling protocol that will be used in the following section is LDP LDP
must be enabled on ALL interfaces that will be required to perform MPLS Label
exchange
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr
XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toP_ is the router interface to all neighboring routers
Part 2 Provider Edge Router Configuration (PE1-PE4)
1) LDP must be enabled on ALL router interfaces in the provider core to allow labels to
be exchanged across the Provider and Provider Edge routers
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toR_ is the router interface to the P and PE routers only
LDP is an MPLS signaling protocol therefore once all routers in the network have been
correctly configured for LDP LSPs will be created dynamically based on the systemaddresses of each node in the network
3) Configure a full mesh of SDPs (Service Distribution Paths) between the PE routers
only This will allow the distribution of services across all PE routers in the networks
When yoursquove completed this section each PE node will have a total of 3 SDPs to
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3552
35
each of the other 3 PEs The SDP is identified by an integer and we will use the router
number (5 6 7 or 8) of the far end PE to identify the SDP So PE1 (R5) will have 3
SDPs numbered 6 7 and 8 to each of the other three PEs
XXXgtconf i gure servi ce sdp x mpl s cr eat e crarr
XXXgtconf i ggtser vi cegtsdp$ f ar - end xxxxxxxxxxxx crarr
XXXgtconf i ggtser vi cegtsdp$ l dp crarr
XXXgtconf i ggtser vi cegtsdp$ no shut down crarr
Where x is the router number of the destination node
Where xxxxxxxxxxxx is the system IP address of the far-end device
Part 3 Customer Edge Router Configuration (CE1-CE4)
In the following service labs the Customer Edge devices will be configured as traditional
routers Each CE router has an interface in the same IP subnet The VPLS service will join these four routers in the same way an Ethernet switch would join them Thefollowing configuration is required on each CE device
1) Create the router interface on the interface connecting the CE to the service enabled
PE devices
XXXgtconf i gure r out er i nt er f ace ser vi cesCE_ crarr
XXXgtconf i ggtr out ergti f $ addr ess 192 168 1 x 24 crarr
XXXgtconf i ggtr out ergti f $ por t X Y Z crarr XXXgtconf i ggtr outergti f $ no shutdown
Where x is the local router number
Where XYZ is the physical network port connecting the CE to the neighboring
PE
2) Create OSPF area 0 and add the Router Interface created in step 1 and the system
interface to it
XXXgtconf i gur e rout er ospf area 0 crarr
XXXgtconf i ggtr out ergtospf gtarea$ i nter f ace syst emcrarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
XXXgtconf i ggtr out ergtospf gtarea i nter f ace servi ceCE1 crarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
Part 4 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3652
36
1) LDP is the protocol used for signaling which tunnel labels will be PUSHed
SWAPped POPped while data traverses the LSP To view which labels will be used
and their function use the following command
XXX show r out er l dp bi ndi ngs act i ve crarr
a How many PUSH actions on the P PE and CE devices
_______________________ Explain _______________________________________________________________
_______________________________________________________________
__________
b How many SWAP actions on the P PE and CE devices
_______________________ Explain
_______________________________________________________________
_______________________________________________________________
__________
c How many POP actions on the P PE and CE devices
_________________________ Explain
_______________________________________________________________ _______________________________________________________________
__________
2) CE Connectivity
a How many OSPF adjacencies are there on your CE device _____
b Ping the other CE devices in the network (ping 1921681x)
Explain the results ________________________________________________________________________ ________________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3752
Section 62 VPLS Example
Objective
A VPLS is a layer 2 service that can connect multiple sites in one LAN Itrsquos like creatinga virtual Switch out of a network of Service Routers In this lab we will create a VPLSacross all the PE nodes The PE devices will connect to each other with a full mesh using
mesh-sdp Note that after the service reference topology has been configured adding
services from edge to edge does not require any further modification of the P devices
37
Figure 6 VPLS service in each ISP between PE and P routers with SAP connections to CE routers
Part 1 Provider Edge Router Configuration (R5-R8)
1) Create the VPLS service
CE4R12
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
CE3R11
VPLS 1
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3852
38
XXXgtconf i gur e servi ce vpl s 1 cust omer 1 cr eat e crarr
XXXgtconf i ggtser vi cegtvpl s$ no shut down crarr
2) SDPs are used to distribute services across multiple service routers and therefore
bind a transport tunnel to the service You will need to create a mesh-sdp between
each PE router (R5-R8) to allow full communication across the PE routers Each PE
router should have 3 mesh-SDPs at the conclusion of this step Note that a mesh-sdp
will not forward a frame out another mesh-sdp allowing for a loop free service
topology within the core
XXXgtconf i gur e ser vi ce vpl s 1 mesh- sdp x create crarr
XXXgtconf i ggtser vi cegtvpl sgtmesh- sdp$ back crarr
Where x is the sdp to the other PE routers (R5=5 R6=6 R7=7 R8=8)
3) Service Access Points are used to attach CE devices to services on PE devices
XXXgtconf i gur e servi ce vpl s 1 sap X Y Z cr eat e crarr
Where XYZ is the physical port connecting the CE device to the PE
a Were you successful at adding the SAP _______
b Explain
_______________________________________________________________
_______________________________________________________________
c Correct the problem
XXXgtconf i gur e port X Y Z shut down crarr
XXXgtconf i gur e por t X Y Z et her net mode access crarr
XXXgtconf i gur e por t X Y X no shut down crarr
Part2 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
a View the in-use Service LDP bindings on the P and PE routers (U after label
indicates in-use)
XXX show r out er l dp bi ndi ngs f ec- t ype ser vi ces crarr
a How many Ingress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3952
39
b How many Egress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
b Network Connectivity
a How many OSPF adjacencies are there on your CE device _____
b
Are you able to ping the other CE devices in the lab _____c Are you able to ping the system IP address of the P device from the CE
device ____
d Explain the results
_______________________________________________________________
_______________________________________________________________
c Services Use the following command to determine the health of your services
XXXgt show ser vi ce servi ce- usi ng crarr
a How many services are there on each device in your POD ______
b
What is their status ______c Use the following command to find out more information about your service
XXXgt show ser vi ce i d 1 base crarr
d On each PE device we can see the MAC database per service using the
following command
XXXgt show ser vi ce i d 1 f db det ai l crarr
i How many local MAC addresses are in your table ____
ii How many remote MAC addresses are in your table ____
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
XXXgtconf i gur e servi ce sdp x shutdown crarr
Where x is the SDP to the remote PE device (R5=5 R6=6 R7=7 R8=8)
i How many OSPF adjacencies are there on your CE device _____
ii Ping the system IP addresses of all other CE devices in the lab
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4052
40
iii Explain the results
_________________________________________________________
_________________________________________________________
f On the P routers observe the impact of step d
XXXgtshow r out er l dp bi ndi ngs act i ve crarr
i
How many labels are there _____________
ii Is there any difference compared to what was seen in previously in
step a ________________
Explain __________________________________________________________________
__________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4152
41
Solutions
Exercise 13 Hardware
Sample Relevant Config--------------------------------------------------
echo Card Configuration--------------------------------------------------
card 1card-type iom-20g
mda 1
mda-type m60-10100eth-tx
ingress
mcast-path-managementshutdown
exit
exit
exit
exit
--------------------------------------------------
Exercise 14 Logs
Sample Relevant Config--------------------------------------------------echo Log Configuration
--------------------------------------------------
log
log-id 21
description Main stream log
from main
to memoryexit
log-id 22
description Security Log File
from security
to memoryexitlog-id 23
description Debug-trace
from debug-trace
to memoryexit
log-id 24
description Change Log
from change
to memoryexit
exit
Exercise 21
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4252
42
Divide up the ISP address space into equal space 512 host addresses
13812016022
13812020022
13812024022
13812028022 - divide into 13812028023 and 13812030023
Take the last 13812030023 and divide that into
13812030027 A1 30 hosts
138120303227 A2 62 hosts
138120306427
138120309627 B1 92 hosts
1381203012826
1381203019226 B2 316 hosts
13812031024
Exercise 22
Divide 140100024 into 827 address spaces
140100027 Reserved Reserved
1401003227 Unused
1401006427 Unused
1401009627 Split 1401009630
14010010030
14010010430
14010010830
14010011230
14010011630
14010012030
14010012430
All interface addresses
14010012827 Aggregate 14010012826 Assigned to Customer
space
14010016027
14010019227 Aggregate 14010019226 Assigned to customer
space
14010022427
Exercise 23
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4352
43
5 Is there a difference between the outputs of the lsquoshow router interfacersquo command
and the lsquoshow router route-tablersquo command What is the difference
Yes there is a difference The route table shows me the networks that are connected to myrouter and the logical interface it is connected to The router interface command shows
me the host address assigned to the port from the network that is used on my router along
with the physical port it is bound to
Relevant Configuration from P1
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
router
interface system
address 140100132
exit
interface t-R2exit
interface to-R2
address 140100530
port 112exit
interface to-R3
address 14010010930
port 113
exitinterface to-R5
address 14010011830
port 111
exit
exit
Exercise 244 How many ARP entries are on each router at this point
There are no ARP entries in my ARP table at this point The routers do not know how to
reach the system addresses of other routers so no ARP responses are received
5 How many ARP entries are on each router at this point
I see entries for each of my directly connected peers The MAC address belongs to the
remote routerrsquos interface ARP entries are populated because all routers know of theirdirectly connected networks and will respond to ARP requests accordingly
Exercise 31
5 View the contents of the routing table and answer the following questions
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4452
44
a How many routes in the table
There are routes for all my connected networks and an additional STATIC routefor each entry I put in
b What is the preference and metric value of each type of routing entry
The LOCAL entries have a Metric and Preference of 0The Static Routes have a Metric of 1 and a Preference of 5
Exercise 323 How many routes are there in the PPE routerrsquos routing table
Even though I entered 4 static routes total on the router only 2 are active in myrouting table The router preferred the static-route with the lowest metric
4 Which devices were reachable
I was able to ping the CE routers
Which devices were not reachable
I was unable to ping the System addresses of routers 2 hops away as they do not have
routes to the remote CE system address in their table The directly attached PE routerhas a staticroute to the local CE system address from a previous step
What is the PATH to the other CE within your local ISP
CE PE PE CE
5
Shut down the link directly between the PE devices
Which Devices are still reachable
I am still able to PING the other CE in my ISP by using the alternate (floating) static-route that replaced the last route Once a interface goes operationally down routers
flush routes from their routing table that use it as their next-hop
Exercise 33
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4552
45
YES While the filter is created it is not applied to any interface yet
11 From the PE ping the attached CErsquos configured host loopback address
SuccessfulYES
12 From the CE ping the attached PErsquos system IP addresses
Successful NO The filter is blocking icmp echo-requests in only one direction therefore ping
works one way but not the other
17 From the PE ping the attached CErsquos loopback host IP address
Successful
YES ICMP echo-requests are not blocked to the Loopback segment ONLY thesystem IP
18 From the CE ping the attached PErsquos system IP address
Successful
NO The filter is now blocking ICMP echo-requests to both CE and PE systemaddresses
Sample PE Relevant Config
--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forwarddescription Block ICMP to System Address
entry 10 create
match protocol icmpdst-ip 1511003032
icmp-type echo-request
exit
action drop
exit
exitexit
--------------------------------------------------
echo Router (Network Side) Configuration
--------------------------------------------------
interface to-R12
address 15110012630 port 112
ingress filter ip 77
exit
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4652
46
Sample CE Relevant Config--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forward
description Block ICMP to System Addy
entry 10 creatematch protocol icmp
dst-ip 1511003132
icmp-type echo-request
exit
action dropexit
exit
exit
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
interface to-R8
address 15110012530
port 112ingress filter ip 77
exit
Exercise 413
c How many routes in the table
There are 5 OSPF routes in my routing table 3 System Addresses and 2 Intefacenetworks that are not directly connected to my local system
d What is the preference and metric value of each OSPF Route
The OSPF routes vary in metric depending how ldquofarrdquo away they are (OSPF usescumulative cost based on bandwidth) but all have a preference of 10
4c How many neighbors do you see on the P devices 2
PE 2
CE 0
d What is the state of their adjacency
The P and PE adjacencies are Established because there is a OSPF speaker on the
other end with the proper parameters configured
There is no OSPF adjacency to the CE router listed as none was configured
e What type of LSAs are in the database
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4752
47
Only Type 1 Router LSA are present due to the interface being configured as point-
to-point
5 Which devices were reachable
All the devices in the local ISP were now reachable
Which devices were not reachable
The devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs Also none of the CE Host Networks were reachable as therouters did not have routes for these networks in their local routing table
6 Which devices were reachable
All networks and devices in the local ISP are now reachable
Which devices were not reachable
Devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs
Sample Relevant Config
--------------------------------------------------
echo OSPFv2 Configuration
--------------------------------------------------
ospf
area 0000interface system
interface-type point-to-point
exit
interface to-R4interface-type point-to-point
exitinterface toLAN
interface-type point-to-point
exitexit
exit
exit
Exercise 515 How many routes are advertised to each neighbor
There are no routes advertised to the neighbors because BGP does not originateroutes until an export policy is created and applied to the BGP instance
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4852
48
8 How many routes are in the routing table of R1-R4
There is 1 BGP route in each of R1-R4s routing tables matching the best path tothe aggregate advertised by the remote ISPs
9 Which devices were reachable
From the PE routers only the P routers in the local ISP were reachable
Which devices were not reachable
All routers in the remote ISP were still unreachable This is due to the local PE router
not participating in the BGP routing protocol and therefore it is not aware of theaggregate route advertised from P to P router
Sample Relevant Router Config
--------------------------------------------------
echo Static Route Configuration
--------------------------------------------------
static-route 140100024 black-hole--------------------------------------------------
echo Policy Configuration
-------------------------------------------------- policy-options
begin
policy-statement Export_Routes
entry 10
from protocol static
exit
action accept
exit
exit
exit
commitexit
--------------------------------------------------
echo BGP Configuration
--------------------------------------------------
bgpgroup eBGP
export Export_Routes
exit
group ebgpneighbor 1601006
peer-as 65002
exit
exitgroup ibgp
neighbor 1401002
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4952
49
peer-as 65001
exit
exit
exit
exit
Exercise 61Part 4 Verification
1 a How many PUSH actions on the P PE and CE devices
There are 7 PUSH operations on each P and PE device There are no PUSHoperations on the CE as it is not running LDP
b How many SWAP actions on the P PE and CE devices
There are 7 SWAP operations on each P and PE device There are no SWAP
operations on the CE as it is not running LDP
c How many POP actions on the P PE and CE devices
There is 1 POP operation on each P and PE device There are no POP operationson the CE device as it is not running LDP
2
a How many OSPF adjacencies are there on your CE device
None
b Ping the other CE devices in the network (ping 1921681x)
Nothing is reachable because there is no layer 2 connectivity from CE to CE
device without creating a service
Exercise 62 3 Were you successful at adding the SAP
No The port must be in access mode before you can create a SAP on it
Part 2 Verification
1
g How many Ingress labels
There are now 3 Ingress labels on the PE devices The P and CE device has no
service labels
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5052
50
h How many SWAP actions
There are now 3 Egress labels on the PE devices The P and CE device has noservice labels
2
a
How many OSPF adjacencies are there on your CE device3
b Are you able to ping the other CE devices in the lab
YES
c Are you able to ping the system IP address of the P device from the CE
device
NO The O and PE devices are private from the service to which the CEdevices are connected on
3
a How many services are there on each device in your POD
1 per PE only
b What is their status
Operationally UP
d On each PE device we can see the MAC database per service using the
following command
iii How many local MAC addresses are in your table
1
iv How many remote MAC addresses are in your table
3
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
i How many OSPF adjacencies are there on your CE device
1
ii Ping the system IP addresses of all other CE devices in the lab
Only the CE device connected to the diagonally connected PE isreachable because it is the only one with an active SDP in both
directionsf
i How many labels are there
Same as before
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5152
51
ii Is there any difference compared to what was seen in previously
in step a
NO The LSPs created with LDP are still active only the SDP usedto bind the LSPs to the service are shut down therefore no labelswill be withdrawn
Sample PE Relevant Configuration
--------------------------------------------------echo LDP Configuration
--------------------------------------------------
ldpinterface-parameters
interface to-R1
exit
interface to-R6
exit
interface to-R5exit
exit
targeted-session
exit
exitexit
--------------------------------------------------
echo Service Configuration
--------------------------------------------------
service
customer 1 createdescription Default customer
exit
sdp 6 mpls createfar-end 1401006
ldp
keep-alive
shutdown
exit
no shutdown
exitsdp 7 mpls create
far-end 1511001
ldp
keep-alive
shutdownexit
no shutdown
exit
sdp 8 mpls create
far-end 15110030
ldpkeep-alive
shutdown
exit
no shutdown
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5252
52
exit
vpls 612 customer 1 create
stp
shutdown
exitsap 112 create
exit
mesh-sdp 6612 create
mesh-sdp 7612 create
mesh-sdp 8612 createexitno shutdown
exit
exit A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 552
5
ltremote-locngt][ltfile-pathgt]cf1|cf1-A| cf3|cf3-A|cf3-B
ltdetailgt keyword - Adds default configurationltindexgt keyword - Forces a save of the index file
The location here can be a compact flash location ftp server or tftp server
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 652
6
Section 13 ndash Hardware
Objective
In this exercise the student will configure InputOutput Modules (IOM) MediaDependent Access (MDA) and the ports The student will then ensure that the ports are
properly configured as far as mode and MTU The configurations are slightly different between the physical router and the router simulator
IOMMDA Configuration
1 In this step the student is not actually configuring the IOM card The student isconfiguring the card slot The IOM card itself already knows what it is Thiscommand shows what type of cards it should expect to see installed
RX show card crarr
Conf i gur e the appr opr i ate sl ot wi t h the equi pped car d
RX configure card ltslotgt crarr ( wher e sl ot i s 1- 10 dependi ng on t herouter)
RXgtconf i ggtcar d card-type iom-20g crarr ( this can be differentPlease verify the correct card in the slot by doing a lsquoshowcardrsquo)
RXgtconf i ggtcar d no shutdown crarr ( by def aul t al l car ds are shut down)
2 The next step is to configure the daughter card slots on the IOM
RX show mda crarr ( command to show all MDAs installed on all cards)
RXgtconf i ggtcar d mda 1 crarr
RXgtconf i ggtcar dgtmda mda-type m60-10100eth-tx crarr ( this can be different
Please verify the correct mda in the slot by doing a lsquoshow mda ltcardgtrsquo)
RXgtconf i ggtcar dgtmda no shutdown crarr
3 Confirm that the configurations were correctly done by using the followingcommands The equipped card type and the provisioned card type listed in the CLIwindow should be identical
RX show card 1 crarr
RX show mda 11
crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 752
7
RX show mda 12 crarr
4 Note The cards and MDAs can be configured incorrectly there is no visible warning
to determine if these components were wrongly configured other than the defaultalarm logs (see Configuring Alarms Section 14) Although the router will accept an
incorrect configuration any service on the incorrectly configured cardsMDAs will
not work correctly
5 Once the cards are correctly configured then configure the ports on the MDAs
Unlike the cards where it was a hierarchical configuration structure the ports are not
configured as part of the MDA hierarchy The student must exit back to the root andthen enter into the port configuration mode The ports are identified by firstidentifying the IOM then the MDA and then the port (111) By default the ports on
a 60 port 10100 card are network mode with a MTU of 1514 The default settingswill suffice for the remainder of this course
RXgtconf i ggt port 111 crarr
RXgtconf i ggtpor t gt no shut crarr
RXgtconf i g port 11[14] no shut crarr
(This command will enable you to configure a string of ports at one time In this casethis command will turn all 4 ports administratively on)
6 Use the following commands to verify that the configurations at the port level arecorrect and functioning properly
RX show port crarr
RX show port 111 detail crarr
(The ldquodetailrdquo extension on a show command will display everything possible about the
item specified This command is very useful in troubleshooting)
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 852
8
Section 14 ndash Logs
Objective
In this exercise the student will configure log-ids and verify their operation The studentwill then set up a relationship within the log-id to identify the source of the information
(the logger) and the destination of the information that they wish to capture
1 Create a Log ID and associate the Log to memory
RX configure log log-id 21 crarr ( t he r ange i s 1- 100 however 99 100 ar er eserved)
RXgtconf i gur egtl oggtl og- i d$ description ldquoMain Stream Logrdquo crarr
RXgtconf i gur egtl oggtl og- i d$ from main crarr (This is the source of the information
that you wish to capture)
RXgtconf i gur egtl oggtl og- i d$ to memory crarr (This is the destination)
RXgtconf i gur egtl oggtl og- i d$ info detail crarr
RXgtconf i gur egtl oggtl og- i d$ exit crarr
RX show log log-id 21 crarr
2 Using the same configuration steps that you have just completed for step 1 repeat the process to configure three other log files using the following parameters
Description Security Log FileLog ndashid 22Log Source security
Destination memory
Description Debug-Trace
Log-id 23Log Source debug-trace
Destination session
Description Change LogLog-id 24
Log Source changeDestination memory
3 Verify the log files configuration and output
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 952
9
a Observe the log file configuration
RX configure log crarr
RXgtconf i gur egtl oggt info crarr
b Observe the security log
To test the security logging open another session to the same router that you arelogged into Try logging in to the router using a wrong loginpassword
On the active session now execute a
RX show log log-id 22 crarr
Observe the failed login attempts
c Observe the Change log
RX show log log-id 24 crarr
Observe all the events in the change log What kind of events are logged here
d
Observe the Debug log Note This will be viewed when debug events are turned up in succeeding labs
e Observe the Main log
RX configure port 115 no shut crarr
RX exit crarr
RX show log log-id 21 crarr
RX configure port 115 shut crarr
f Logout from the active session and now type a
RX config log crarr
RX info crarr
Compare the output of the info command to the output obtained at the beginning of thisstep Is there a difference and why
4 Configuring and viewing alarms
Alarms on the 7x50 are not directly displayed Two log files (log id 99 and log id 100)
are configured automatically on startup to capture alarm events for layer 1 and layer 2
To view these alarms execute
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1052
10
RXgt show log log-id 99
RXgt show log log-id 100
Appropriate parameters can be used in order to display specific information
5
Save your configs
RXgt admin save
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1152
Lab 2 IP Addressing and Routing
Section 21 - ISP addressing with Enterprise Customers
Objective
In this exercise the student will design and implement an IP network addressing scheme
to support the communications between the routers as shown in the diagram below Thisis a paper exercise
Ent A1
30 hosts
Ent B2
300 hosts
11
Figure 1 Two Enterprises linked to a common ISP
Ent B1
90 hosts
Ent A2
60 hosts
ISP
Formatted Portuguese (Braz
Formatted Font (Default) TiNew Roman 12 pt Not Bold Fcolor Auto Portuguese (Brazil
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1252
12
Two enterprises A and B are connected to a central Tier 2 ISP A1 and A2 are two ofEnterprise Arsquos locations connected to the Tier 2 ISP and B1 and B2 are two of
Enterprise Brsquos locations connected to the same Tier 2
The ISP has a public IP addressing space of 13812016020 The Enterprises A and Blease their IP addressing from their ISP Enterprise A requires an IP addressing scheme
that can scale to at most 30 nodes in location A1 and 60 nodes in location A2 The
Enterprise B requires an IP addressing scheme with at most 90 nodes in location B1 andless than 300 nodes in location B2 The ISP can only lease 500 IP addresses (among thetwo enterprises) and will utilize the last part of its assigned sub-network to both theenterprises
Your tasks are to1) Extract a 500 host sub-network from the last part of the ISP IP network address of
13812016020
2) Divide the resulting sub-network into unequal sub-networks satisfying all the siterequirements for each of the enterprise locations Note The sub-networksassigned to each location do not have to be a single aggregate block so long asthey satisfy the number of addresses required
3) Wherever possible optimize address spaces among Enterprise locations
Hint Divide the assigned ISP IP sub-network into equal blocks satisfying the smallest
requirement and then combine the smaller blocks into aggregate or non aggregate
blocks
Entity Number of Host Addresses
IP Network
ISP Network 4094 13812016020
Subnetwork Assigned toEnterprise A and B
510
Enterprise A
Location A1
Location A2
Enterprise B
Location B1
Location B2
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1352
Section 22 ndash ISP addressing with P PE and CE routers
Objective
In this exercise the student will design and implement an IP network addressing scheme
to support the communications between the routers as shown in the diagram below TheIP addressing schema will be used further in the subsequent lab exercises
Figure 2 Two ISPS
There are two ISPs shown in the above diagram ISP 1 consists of routers P1 P2 PE5and PE6 ISP 2 consists of routers P3 P4 PE3 and PE4
P1 and P2 P3 and P4 are considered provider routers and serve as transit points to other
provider routers PE1 and PE2 PE3 and PE4 are provider edge routers and connect to theISP customers These routers provide Internet and other network access to the ISP
customers
13
CE4R12
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1452
14
CE 1 and CE2 are customer edge routers that represent customers of ISP 1 CE3 and CE4are routers that represent customers of ISP2 These routers provide traffic from the ISP to
the various customer entities
Each ISP is assigned the following public address space by IANA
ISP 1 140100024
ISP 2 150100024
Your task is to design an IP sub-network based on the address space provided and assignthe sub networks to the various routers based on the following requirements which are the
same for both ISPs Note All students assigned to each of the ISP must collaboratetogether
Requirements
1 The first 32 addresses in the assigned IP space for both ISPs are reserved for system
and other internal loopback addresses on the P PE Each of the routers in the ISP andwill require a system address from this block
2
The next 64 addresses in the assigned IP space for both ISPs are reserved for futureuse
3 All customer routers on both ISPs are connected to at most 60 hosts So each ISP
needs to assign two 60 host addressing schemes to represent all the customers4 All inter router links including CE-PE router links within each ISP are point to point
links however for the sake of convenience they should be assigned lsquo30rsquo based
addresses
5 ISP 1 and ISP2 provider routers are physically connected to each other but are not peering to each other
Enter the addresses in the table below
ISP Number 1 Router Port Interface name IP Address
PE1 System
toP1
toPE2
toCE1
P1 System
toP3 Not used
toP2
toPE1
PE2 System
toP2
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1552
15
toPE1
toP1
P2 System
toPE2
toP4 Not used
toP1
CE1 System Not used
toPE1
Aggregate
CE2 System Not used
toPE2
Aggregate
ISP Number 2 Router Port Interface name IP Address
PE3 System
toP3
toPE4
toCE3
P3 SystemtoP1 Not used
toP4
toPE3
PE4 System
toP4
toPE3
toCE4
P4 System
toPE4
toP3
toP2 Not used
CE3 System Not usedtoPE3
Aggregate
CE4 System Not used
toPE4
Aggregate
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1652
16
Section 23 ndash Layer 3 Interfaces
Objective
In this exercise the student will configure the layer 3 interfaces as per the IP addressing
scheme listed in the tables in the previous exercise
1 Using the following command take a look at any existing interfaces on the router
Notice that the system interface is already created This interface exists by defaultand cannot be removed The only requirement is to assign the system interface with
an IP address The system interface will be automatically used by the various routing protocols as the router-id
XXXgtshow router interface crarr
2 Assign the IP address to the system interface as per the above table on the PE and Prouters
XXXgtconf i ggtrouter crarr XXXgtconf i ggtr outer interface system crarr
XXXgtconf i ggtr out ergti f address xxxxxxxxxxxx 32 crarr
XXXgtconf i ggtr out ergti f exit crarr
3 Assign the IP addresses to the rest of the interfaces on the CE PE and P routers Thedifference between these interfaces and the system interface is the fact that the non-
system interfaces require the addition of a physical port
a The system interface being a loopback or virtual interface does not have a
physical port assigned to it b Other non-system interfaces can also be created as loopback interfaces (as
shown below) and also not required the addition of a physical port However
they need to be explicitly configured as a loopback interfaces by specifyingthe command ldquoloopbackrdquo
c The customer networks on the CE router can be specified as a loopback
interface for the purpose of aggregation however on the loopback interface asingle host address in the customer network needs to be defined
Interface Type Name Loopback Subnet Mask Port Config
Normal ldquoAny Stringrdquo No 8-31 Required
System system Implicit 32 None
Loopback ldquoAny Stringrdquo Explicit 8-31 loopback
XXXgtconf i ggtr outer interface Hosts crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1752
17
XXXgtconf i ggtr out ergti f $ address xxxxxxxxxxxxyy crarr XXXgtconf i ggtr out ergti f $ loopback
XXXgtconf i ggtr out ergti f $ exitcrarr
4 Continue until all the interfaces have been assigned an IP address and the interface
has been associated to the correct port Once completed use the show command tosee the status of the router interfaces that have just been created The administrative
and operational status should both be up If an interface shows operationally downthis could be indicative of a physical problem Use the info command to view theconfiguration of the router interfaces to ensure that they have all (with the exception
of the System interface) been associated with a port
XXXgtshow router interface crarr
XXXgtconf i ggtroutercrarr
XXXgtconf i ggtr outer info crarr
5 Using the show command check the route tables of all the CE PE and P routers inyour ISP Notice the routes that now appear in the route table and take note of their
protocol type The PE routers should see 4 routes in the route table while the Prouters should see 4 routes in the route table
XXXgtshow router route-table crarr
Is there a difference between the outputs of the lsquoshow router interfacersquo command andthe lsquoshow router route-tablersquo command What is the difference
__________
6 Using the ping command check connectivity from a router to the distant end of each
of its interfaces to the neighboring routers For example on the PE routers check theconnectivity to the distant end of the interface connecting it to the P router and on theCE router check the connectivity to the PE router
XXXgt ping xxxxxxxxxxxx crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1852
18
Section 24 ndash Testing for ICMP and ARP
Internet control messaging protocol is an IP protocol used to report on errors deliveringan IP datagram When a destination address is unreachable the router that cannot find the
destination sends an ICMP destination unreachable to the source of the IP datagram ARPis a mechanism used to find out the MAC address corresponding to a specific IP address
if one does not exist in the sourcersquos ARP cache
1 To verify ICMP messages are being generated turn on debug for ICMP packets on allcore routers To turn debug icmp on
XXXgt debug router ip icmp
2 From the edge devices attempt to ping the IP address of the far-end interface to your
core router using your edgersquos system interface address as the source address Observethe debug ICMP messages on the core routers
3 To verify ARP operation by the router turn on debug IP ARP on the routers in any
ISP (P1-P2 P3-P4 PE1 and PE2 PE3 and PE4) routers Execute the followingcommand on each of the routers
XXXgt debug router ip no icmp
XXXgt debug router ip arp
XXXgt clear router arp all
XXXgt show router arp (This should be empty now)
4 NOTE Wait until all students are at this point before proceeding
From any PE router attempt to ping the system interface IP address of all the other
directly connected routers Observe the debug ARP message Verify the ARP entryfor the neighboring interface has been added
XXXgt show router arp
How many ARP entries are on each router at this point __________
5 From any P router attempt to ping the network interface IP address of all the otherconnected routers Observe the debug ARP message Verify the ARP entry for theneighboring interface has been added
XXXgt show router arp
How many ARP entries are on each router at this point __________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1952
19
Explain ________________________________________________________________________
________________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2052
Lab 3 Dynamic IP Routing
Section 31 ndash Static Routes
Objective
In this exercise the student will configure a static route from the PE to the P router andfrom the P router to the PE router that will allow both routers to ping the system interface
of each other At this point the operator can only ping the interfaces that are directlyconnected to the router This is because those are the only networks that are known bythe router Should the operator at the PE router attempt to ping the system interface of
the P router it will fail as the PE router has no route to the destination (it is not shown inthe route-table)
1 The first step is to define the network that the operator wishes to reach In this case itwill be the address of the system interface of the distant router Once that is defined
then the router must be informed of which interface to send the information out of toreach the distant network Note when defining the ldquonext-hoprdquo interface informationthe IP address used is the distant IP address of the interface not the local IP address of
the router interface Log in to the PE router and configure a static route using thefollowing command structure The first IP address defined is the destination network
plus mask In this case it is the system interface of the P router The second IPaddress defined is the IP address of the P end of the interface that connects the P tothe PE
XXXgtconfigure router static-route xxxxxxxxyy next-hopxxxxxxxx
2 The next step is to log on to the P routers and configure a static route to the systeminterface of the PE router The command structure is the same as above The onlything that will change is the IP addresses
3
Once completed verify connectivity between the P and PE routers in your pod by pinging the system interface of the other router
XXXgt ping xxxxxxxxxxxx crarr
4 View the contents of the routing table and answer the following questions
XXXgtshow r out er r out e- t abl e crarr
a How many routes in the table ________
b What is the preference and metric value of each type of routing entry
________________________________________________________________________
________________________________________________________________________
___________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2152
Section 32 ndash Default Routes and Router Logicction 32 ndash Default Routes and Router Logic
ObjectiveObjective
In this exercise the student will configure a default route on the Customer Edge CE
router The purpose of this default route is to allow IP connectivity from the CE router tothe rest of the routers in the network This is possible due to the fact that the CE router
has only one interface towards the ISP core Therefore if the destination is not local itmust be out that interface
In this exercise the student will configure a default route on the Customer Edge CE
router The purpose of this default route is to allow IP connectivity from the CE router tothe rest of the routers in the network This is possible due to the fact that the CE router
has only one interface towards the ISP core Therefore if the destination is not local itmust be out that interface
Figure 3 Static routes CE to PE and P PE to CEFigure 3 Static routes CE to PE and P PE to CE
21
CE4R12CE4R12
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
Static Route T e 2
Static Route T e 3
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2252
22
For this exercise the CE devices will configure default routes towards theirconnected PE router Each P and PE router will configure static routes for the CE
networks (the aggregate networks that were created as part of the subnetwork exercisein Section 22) connected to their local ISP For example P1 and PE1 will eachconfigure a static route to CE1 networks and another static route to the CE2 networks
Note that each P and PE router will configure 2 static routes for each CE
1 To configure a default route is to configure a static route The only difference is thedestination network and mask information In a default route the wild card network
and mask is used to match all network prefix values that do not match anything elsein the route-table Use the following configuration on the edge router of your pod
For the next hop use the interface as defined on the previous page
XXXgtconfigure router static-route 00000 next-hop xxxxxxxx crarr
2 Log on to the core (P and PE) routers and configure static routes for each CE
customer network address of the CE routers in your local ISP For each networkthere are 2 paths through your ISP For this exercise you will enter both static routes
into each PPE router The difference will be the metric value that is used The valueof the metric is the total number of routers (including the local router) traversed toreach the destination device
XXXgtconfigure router static-route xxxxxxxxyy next-hop
xxxxxxxx met r i c zcrarr
3 Use the show command to verify the existence of the default and static routes
XXXgtshow router route-table crarr
How many routes are there in the PPE routerrsquos routing table _______
Explain
_____________________________________________________________________ _____________________________________________________________________
4 Once everyone has completed the default route configuration log on to the CE router
and ping and traceroute the various system interfaces of the various routers within thenetwork Log into the P and PE router and try to ping the configured host address on both the CE routers in the ISP
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________
Which devices were not reachable ______________________________
XXXgttraceroute xxxxxxxxxxxx crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2352
23
What path is being taken to the other CE within your local ISP ____________________________________________________________________
5 Shut down the link directly between the PE devices
XXXgtconfigure port XYZ shutdown crarr
Which devices are still reachable _______________________________
Explain _____________________________________________________________________
_____________________________________________________________________A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2452
24
Section 33 ndash IP Filters
Objective
In this exercise the student will configure an IP filter on the routers to block ICMP echo-
request access to an IP address range
To configure an IP filter we must first determine the address and protocol types that we
will be allowing access to and the direction where the filter will be applied In this casewe will be blocking access to any of the CE customer host addresses from the protocol
ICMP (IP Protocol type 1) We will block access in the INGRESS direction on the CEinterface towards the PE
CE Routers Only
6 Create and describe the filter ip instance on the CE device
XXXgt configure filter ip-filter 77 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er $ description ldquoBlock ICMP to Customernetworkrdquo
7 Set the default-action to forward
XXXgtconf i ggtf i l t er gti p- f i l t er $ default-action forward crarr
8 Deny access to all host address range only for ICMP echo-requests Note We will
match in the ingress direction
XXXgtconf i ggtf i l t er gti p- f i l t er $ entry 10 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match dst-ip xxxxxxxxyy crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match protocol 1 icmp-type echo-
request crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ action drop crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ exit all crarr
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful _____Explain _____________________________________________________________________
_____________________________________________________________________
10 Apply the filter on the CE to the router interface connected to the PE device
XXXgt configure router interface toPEx crarr
XXX gtconf i ggtr out ergti f $ ingress filter ip 77 crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2552
25
11 From the PE ping the attached CErsquos configured host loopback address Successful _____
12 From the CE ping the attached PErsquos system IP addresses Successful _____Explain
_____________________________________________________________________
_____________________________________________________________________
PE Routers only Do not start until CE Router section is completed
13 Create and describe the filter ip instance on the PE device
XXXgt configure filter ip-filter 77 create crarr XXXgtconf i ggtf i l t er gti p- f i l t er $ description ldquoBlock ICMP to System
Addressrdquo
14 Set the default-action to forward
XXXgtconf i ggtf i l t er gti p- f i l t er $ default-action forward crarr
15 Deny access to the system IP address only for ICMP echo-requests Note We willmatch in the ingress direction so the packets will destined to the system IP address
XXXgtconf i ggtf i l t er gti p- f i l t er $ entry 10 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match dst-ip xxxxxxxxyy crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match protocol 1 icmp-type echo-
request crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ action drop crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ exit all crarr
16 Apply the filter to the router interface connected to the CE device
XXXgtconfigure router interface toCExcrarr
XXXgtingress filter ip 77 crarr
17 From the PE ping the attached CErsquos loopback host IP address Successful _____
18 From the CE ping the attached PErsquos system IP address Successful _____Explain
_____________________________________________________________________ _____________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2652
Lab 4 Open Shortest Path First (OSPF)
Section 41 ndash Single Area OSPF
Objective
In this exercise the student will configure a single area OSPF network for each ISP Thislab will demonstrate the different databases that are created by the OSPF routing
protocol
CE4R12
26
Figure 4 OSPF in each ISP
NOTE Remove all static routes configured in the P and PE devices in the previous
labs DO NOT remove the static routes to CE networks on the PE
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
OSPF
OSPF
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2752
27
1 The first step is to enable the OSPF routing process on the router
XXX configure router ospf crarr
2 Next define the area that the interfaces will be placed in Remember that the areamust match between routers connected on the same interface for OSPF to establish an
adjacency The objective of this exercise is to configure a single area OSPF network
therefore all students should use the same area number
XXXgtconf i ggtr outergtospf $ area 0 crarr
3 Now enter into this area all the interfaces that you want OSPF to operate on and sendout its advertisements In this case place all the PE and P router interfaces inside thelocal ISP into the OSPF process area 0 Note that ISPs rarely exchange routes witheach other using an IGP protocol of any sort
XXXgtconf i ggtr out er gtospf gtar ea$ interface system crarr
XXXgtconf i ggtr outergtospf gtar eagti f $ exit crarr XXXgtconf i ggtr outergtospf gtar eagt interface toPE1
XXXgtconf i ggtr out ergtospf gtareagti f $ interface-type point-to-point crarr
Continue until all the interfaces on the PE and P routers within the ISP are enteredinto the OSPF process in area 0
XXXgtshow r out er r out e- t abl e crarr
a How many routes in the table ________ b
_________________________________________________________________ _________________________________________________________________
_________________________________________________________________ _________________________________________________________________
What is the preference and metric value of each OSPF Route
4 Use the show command to look at the OSPF neighbors of the P routers
XXXgtshow r out er ospf nei ghbor crarr
a How many neighbors do you see on the P devices _____ PE _____ CE _____
b What is the state of their adjacency ____ Why
____________________________________________________________________
____________________________________________________________________
Use the following command to show the ospf link state database This database is alisting of all LSAs that have been received by the router It is these LSAs that the SPFalgorithm uses to create the forwarding table
XXX show router ospf database detail crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2852
28
a What types of LSAs are in the database _______________________________________________________________
_______________________________________________________________ b Is the database consistent on all the ISP routers _______
5 Once everyone has completed the OSPF configuration login to the P router and ping
the other PE router system interfaces
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________Which devices were not reachable ______________________________
Explain _____________________________________________________________________ ___________________________________________________________________
6 To reach the CE networks from any of the PE and P routers the CE networks need to
be distributed into OSPF running on PE and P routers The static routes to the CEnetworks are defined on the PE routers and need to be distributed on the PE routers
To do this
a
the PE router must be configured as an ASBR (Autonomous System Border
Router) The ASBR configuration under OSPF enables a router running the OSPFrouting protocol to distribute networks external to the OSPF domain into OSPFIn this case the static routes to the CE networks are not part of the ISP OSPF
domainOn the PE routerXXXgtconf i ggtr out er gtospf gtar ea 0 asbrcrarr
b A routing policy on the PE distributes the static routes into OSPF
On the PE routerXXX configure router policy-options crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons begin crarr XXXgtconf i ggtr out ergtpol i cy- opt i ons policy-statement Export_Routes crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement $ entry 10 crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y$
from protocol static crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y
action accept crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r ygtact i on
back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons commit crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons exit all crarr XXXgtconf i ggtr outergtospf export Export_Routes
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2952
29
7 From the PE and the P routers ping all the CE networks (ie ping the CE hostloopback address) within the ISP
Which devices were reachable _______________________________
Which devices were not reachable ______________________________Explain
_____________________________________________________________________
___________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3052
Lab 5 BGP Routing
Section 51 ndash BGP Routing
Objective
In this exercise the student will configure their ISP as a BGP Autonomous System The
student will then configure the BGP routing protocol to connect the Autonomous Systemstogether and exchange routing information
CE4R12
Figure 5 BGP between ISPs and within ISPs
30
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
OSPF
OSPF
BGP
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3152
31
1 Assign your AS number to your P and PE routers (R1-R8)
XXXgtconf i ggtr out er autonomous-system 6500n (n = ISP) crarr
2 P1 and P3 P2 and P4 will be configured as external BGP peers (eBGP) Note thateBGP peers typically use the next-hop interface IP address as the neighbor address
Since the ISPs will now be peering (share an IP network) between them assign the
link between P1 and P3 host addresses from 145001031 and the link between P2and P4 will be assigned hosts from the 145002031 network
XXXgtconf i ggtr out er bgp gr oup eBGP crarr
XXXgtconf i ggtr out er gtbgpgtgroup$ nei ghbor xxxxxxxx crarr
XXXgtconf i ggtr outergtbgpgtgroupgtnei ghbor$ peer - as ltremote ASgt crarr
3 P1 and P2 P3 and P4 will be configured as internal BGP peers (iBGP) Note that
iBGP peers typically use the system interface IP address as the neighbor address
XXXgtconf i ggtr out er bgp group i BGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ nei ghbor xx xx xx xx crarr
XXXgtconf i ggtr outergtbgpgtgroupgtnei ghbor$ peer - as ltl ocal ASgt crarr
4
At this point each P router should have one internal and one external BGP session
xxx show r out er bgp summar y crarr
5
We can see the advertised routes for reach neighbor using the following command
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
a How many routes are advertised to each neighbor _____ b Explain
____________________________________________________________ __________________________________________________________
6
BGP like other distance vector protocols requires an export policy to advertise-routes to other BGP peers The most accepted way to originate a route from an ISP isto create a black-hole static route for all aggregates to be advertised This will ensure
these routes always exit to eliminate IGP related route flapping Create the black-holestatic route for the aggregate of your local ISP A black hole indicates that traffic fora particular route will be discarded unless a more specific route exists in the routing
table A black hole static-route only makes sense from an aggregation view point Foreg if there are the following routes in the routing table
XXX configure router static-route xxxxxxxxyy black-hole
preference 250
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3252
32
8 Execute the following set of commands on the core routers (R1-R4) This will exportall static routes to the eBGP peers
XXX configure router policy-options crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons begin crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons policy-statement Export_Routes crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement $ entry 10 crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y$
from protocol static crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y
action accept crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r ygtact i on
back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons commit crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons exit all crarr
XXXconf i gur e router bgp group eBGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ expor t Expor t _Routes crarr
NOTE Wait for all nodes to be fully configured before proceeding
7
Notice that there are routes being advertised now that the policy is applied
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
How many routes are in the routing table of R1-R4 ________________Explain
_____________________________________________________________________ ___________________________________________________________________
9 Log on to the PE routers and ping the other P router system interfaces of the other ISP
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________Which devices were not reachable ______________________________
Explain _____________________________________________________________________
___________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3352
Lab 6 Services
Section 61 Services Framework
Objective
In order to complete the next group of labs we need to create a topology to support the
services we will deploy The two service providers from the previous sections havemerged into one and are offering a VPLS service across their network As long as routesexist to the system addresses of all the PE devices in the provider network a VPLSservice can be created The new service provider is running OSPF as the IGP for their
core network
33
Figure 6 Service Provider core network
CE4R12
P1R1 P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
OSPF
CE3R11
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3452
34
Running an IPMPLS-based service requires a Label Distribution Protocol (wersquoll useLDP for ease of deployment) and a full mesh of Service Distribution Paths (SDPs)
Follow the steps below
Reference Terminology
R1-R4 = Provider Routers = P1-P4
R5-R8 = Provider Edge Routers = PE1-PE4R9-R12 = Customer Edge Routers = CE1-CE4
Part 1 Provider Router Configuration (P1-P4)
1) In the previous lab routing between ISPs is provided by BGP Since the ISPs have
merged they will be merged into one routing domain running OSPF as their IGP
The interfaces between R1 and R3 and between R2 and R4 must be added to OSPF to
make this a single routing domain
2) The MPLS signaling protocol that will be used in the following section is LDP LDP
must be enabled on ALL interfaces that will be required to perform MPLS Label
exchange
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr
XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toP_ is the router interface to all neighboring routers
Part 2 Provider Edge Router Configuration (PE1-PE4)
1) LDP must be enabled on ALL router interfaces in the provider core to allow labels to
be exchanged across the Provider and Provider Edge routers
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toR_ is the router interface to the P and PE routers only
LDP is an MPLS signaling protocol therefore once all routers in the network have been
correctly configured for LDP LSPs will be created dynamically based on the systemaddresses of each node in the network
3) Configure a full mesh of SDPs (Service Distribution Paths) between the PE routers
only This will allow the distribution of services across all PE routers in the networks
When yoursquove completed this section each PE node will have a total of 3 SDPs to
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3552
35
each of the other 3 PEs The SDP is identified by an integer and we will use the router
number (5 6 7 or 8) of the far end PE to identify the SDP So PE1 (R5) will have 3
SDPs numbered 6 7 and 8 to each of the other three PEs
XXXgtconf i gure servi ce sdp x mpl s cr eat e crarr
XXXgtconf i ggtser vi cegtsdp$ f ar - end xxxxxxxxxxxx crarr
XXXgtconf i ggtser vi cegtsdp$ l dp crarr
XXXgtconf i ggtser vi cegtsdp$ no shut down crarr
Where x is the router number of the destination node
Where xxxxxxxxxxxx is the system IP address of the far-end device
Part 3 Customer Edge Router Configuration (CE1-CE4)
In the following service labs the Customer Edge devices will be configured as traditional
routers Each CE router has an interface in the same IP subnet The VPLS service will join these four routers in the same way an Ethernet switch would join them Thefollowing configuration is required on each CE device
1) Create the router interface on the interface connecting the CE to the service enabled
PE devices
XXXgtconf i gure r out er i nt er f ace ser vi cesCE_ crarr
XXXgtconf i ggtr out ergti f $ addr ess 192 168 1 x 24 crarr
XXXgtconf i ggtr out ergti f $ por t X Y Z crarr XXXgtconf i ggtr outergti f $ no shutdown
Where x is the local router number
Where XYZ is the physical network port connecting the CE to the neighboring
PE
2) Create OSPF area 0 and add the Router Interface created in step 1 and the system
interface to it
XXXgtconf i gur e rout er ospf area 0 crarr
XXXgtconf i ggtr out ergtospf gtarea$ i nter f ace syst emcrarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
XXXgtconf i ggtr out ergtospf gtarea i nter f ace servi ceCE1 crarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
Part 4 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3652
36
1) LDP is the protocol used for signaling which tunnel labels will be PUSHed
SWAPped POPped while data traverses the LSP To view which labels will be used
and their function use the following command
XXX show r out er l dp bi ndi ngs act i ve crarr
a How many PUSH actions on the P PE and CE devices
_______________________ Explain _______________________________________________________________
_______________________________________________________________
__________
b How many SWAP actions on the P PE and CE devices
_______________________ Explain
_______________________________________________________________
_______________________________________________________________
__________
c How many POP actions on the P PE and CE devices
_________________________ Explain
_______________________________________________________________ _______________________________________________________________
__________
2) CE Connectivity
a How many OSPF adjacencies are there on your CE device _____
b Ping the other CE devices in the network (ping 1921681x)
Explain the results ________________________________________________________________________ ________________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3752
Section 62 VPLS Example
Objective
A VPLS is a layer 2 service that can connect multiple sites in one LAN Itrsquos like creatinga virtual Switch out of a network of Service Routers In this lab we will create a VPLSacross all the PE nodes The PE devices will connect to each other with a full mesh using
mesh-sdp Note that after the service reference topology has been configured adding
services from edge to edge does not require any further modification of the P devices
37
Figure 6 VPLS service in each ISP between PE and P routers with SAP connections to CE routers
Part 1 Provider Edge Router Configuration (R5-R8)
1) Create the VPLS service
CE4R12
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
CE3R11
VPLS 1
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3852
38
XXXgtconf i gur e servi ce vpl s 1 cust omer 1 cr eat e crarr
XXXgtconf i ggtser vi cegtvpl s$ no shut down crarr
2) SDPs are used to distribute services across multiple service routers and therefore
bind a transport tunnel to the service You will need to create a mesh-sdp between
each PE router (R5-R8) to allow full communication across the PE routers Each PE
router should have 3 mesh-SDPs at the conclusion of this step Note that a mesh-sdp
will not forward a frame out another mesh-sdp allowing for a loop free service
topology within the core
XXXgtconf i gur e ser vi ce vpl s 1 mesh- sdp x create crarr
XXXgtconf i ggtser vi cegtvpl sgtmesh- sdp$ back crarr
Where x is the sdp to the other PE routers (R5=5 R6=6 R7=7 R8=8)
3) Service Access Points are used to attach CE devices to services on PE devices
XXXgtconf i gur e servi ce vpl s 1 sap X Y Z cr eat e crarr
Where XYZ is the physical port connecting the CE device to the PE
a Were you successful at adding the SAP _______
b Explain
_______________________________________________________________
_______________________________________________________________
c Correct the problem
XXXgtconf i gur e port X Y Z shut down crarr
XXXgtconf i gur e por t X Y Z et her net mode access crarr
XXXgtconf i gur e por t X Y X no shut down crarr
Part2 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
a View the in-use Service LDP bindings on the P and PE routers (U after label
indicates in-use)
XXX show r out er l dp bi ndi ngs f ec- t ype ser vi ces crarr
a How many Ingress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3952
39
b How many Egress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
b Network Connectivity
a How many OSPF adjacencies are there on your CE device _____
b
Are you able to ping the other CE devices in the lab _____c Are you able to ping the system IP address of the P device from the CE
device ____
d Explain the results
_______________________________________________________________
_______________________________________________________________
c Services Use the following command to determine the health of your services
XXXgt show ser vi ce servi ce- usi ng crarr
a How many services are there on each device in your POD ______
b
What is their status ______c Use the following command to find out more information about your service
XXXgt show ser vi ce i d 1 base crarr
d On each PE device we can see the MAC database per service using the
following command
XXXgt show ser vi ce i d 1 f db det ai l crarr
i How many local MAC addresses are in your table ____
ii How many remote MAC addresses are in your table ____
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
XXXgtconf i gur e servi ce sdp x shutdown crarr
Where x is the SDP to the remote PE device (R5=5 R6=6 R7=7 R8=8)
i How many OSPF adjacencies are there on your CE device _____
ii Ping the system IP addresses of all other CE devices in the lab
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4052
40
iii Explain the results
_________________________________________________________
_________________________________________________________
f On the P routers observe the impact of step d
XXXgtshow r out er l dp bi ndi ngs act i ve crarr
i
How many labels are there _____________
ii Is there any difference compared to what was seen in previously in
step a ________________
Explain __________________________________________________________________
__________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4152
41
Solutions
Exercise 13 Hardware
Sample Relevant Config--------------------------------------------------
echo Card Configuration--------------------------------------------------
card 1card-type iom-20g
mda 1
mda-type m60-10100eth-tx
ingress
mcast-path-managementshutdown
exit
exit
exit
exit
--------------------------------------------------
Exercise 14 Logs
Sample Relevant Config--------------------------------------------------echo Log Configuration
--------------------------------------------------
log
log-id 21
description Main stream log
from main
to memoryexit
log-id 22
description Security Log File
from security
to memoryexitlog-id 23
description Debug-trace
from debug-trace
to memoryexit
log-id 24
description Change Log
from change
to memoryexit
exit
Exercise 21
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4252
42
Divide up the ISP address space into equal space 512 host addresses
13812016022
13812020022
13812024022
13812028022 - divide into 13812028023 and 13812030023
Take the last 13812030023 and divide that into
13812030027 A1 30 hosts
138120303227 A2 62 hosts
138120306427
138120309627 B1 92 hosts
1381203012826
1381203019226 B2 316 hosts
13812031024
Exercise 22
Divide 140100024 into 827 address spaces
140100027 Reserved Reserved
1401003227 Unused
1401006427 Unused
1401009627 Split 1401009630
14010010030
14010010430
14010010830
14010011230
14010011630
14010012030
14010012430
All interface addresses
14010012827 Aggregate 14010012826 Assigned to Customer
space
14010016027
14010019227 Aggregate 14010019226 Assigned to customer
space
14010022427
Exercise 23
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4352
43
5 Is there a difference between the outputs of the lsquoshow router interfacersquo command
and the lsquoshow router route-tablersquo command What is the difference
Yes there is a difference The route table shows me the networks that are connected to myrouter and the logical interface it is connected to The router interface command shows
me the host address assigned to the port from the network that is used on my router along
with the physical port it is bound to
Relevant Configuration from P1
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
router
interface system
address 140100132
exit
interface t-R2exit
interface to-R2
address 140100530
port 112exit
interface to-R3
address 14010010930
port 113
exitinterface to-R5
address 14010011830
port 111
exit
exit
Exercise 244 How many ARP entries are on each router at this point
There are no ARP entries in my ARP table at this point The routers do not know how to
reach the system addresses of other routers so no ARP responses are received
5 How many ARP entries are on each router at this point
I see entries for each of my directly connected peers The MAC address belongs to the
remote routerrsquos interface ARP entries are populated because all routers know of theirdirectly connected networks and will respond to ARP requests accordingly
Exercise 31
5 View the contents of the routing table and answer the following questions
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4452
44
a How many routes in the table
There are routes for all my connected networks and an additional STATIC routefor each entry I put in
b What is the preference and metric value of each type of routing entry
The LOCAL entries have a Metric and Preference of 0The Static Routes have a Metric of 1 and a Preference of 5
Exercise 323 How many routes are there in the PPE routerrsquos routing table
Even though I entered 4 static routes total on the router only 2 are active in myrouting table The router preferred the static-route with the lowest metric
4 Which devices were reachable
I was able to ping the CE routers
Which devices were not reachable
I was unable to ping the System addresses of routers 2 hops away as they do not have
routes to the remote CE system address in their table The directly attached PE routerhas a staticroute to the local CE system address from a previous step
What is the PATH to the other CE within your local ISP
CE PE PE CE
5
Shut down the link directly between the PE devices
Which Devices are still reachable
I am still able to PING the other CE in my ISP by using the alternate (floating) static-route that replaced the last route Once a interface goes operationally down routers
flush routes from their routing table that use it as their next-hop
Exercise 33
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4552
45
YES While the filter is created it is not applied to any interface yet
11 From the PE ping the attached CErsquos configured host loopback address
SuccessfulYES
12 From the CE ping the attached PErsquos system IP addresses
Successful NO The filter is blocking icmp echo-requests in only one direction therefore ping
works one way but not the other
17 From the PE ping the attached CErsquos loopback host IP address
Successful
YES ICMP echo-requests are not blocked to the Loopback segment ONLY thesystem IP
18 From the CE ping the attached PErsquos system IP address
Successful
NO The filter is now blocking ICMP echo-requests to both CE and PE systemaddresses
Sample PE Relevant Config
--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forwarddescription Block ICMP to System Address
entry 10 create
match protocol icmpdst-ip 1511003032
icmp-type echo-request
exit
action drop
exit
exitexit
--------------------------------------------------
echo Router (Network Side) Configuration
--------------------------------------------------
interface to-R12
address 15110012630 port 112
ingress filter ip 77
exit
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4652
46
Sample CE Relevant Config--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forward
description Block ICMP to System Addy
entry 10 creatematch protocol icmp
dst-ip 1511003132
icmp-type echo-request
exit
action dropexit
exit
exit
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
interface to-R8
address 15110012530
port 112ingress filter ip 77
exit
Exercise 413
c How many routes in the table
There are 5 OSPF routes in my routing table 3 System Addresses and 2 Intefacenetworks that are not directly connected to my local system
d What is the preference and metric value of each OSPF Route
The OSPF routes vary in metric depending how ldquofarrdquo away they are (OSPF usescumulative cost based on bandwidth) but all have a preference of 10
4c How many neighbors do you see on the P devices 2
PE 2
CE 0
d What is the state of their adjacency
The P and PE adjacencies are Established because there is a OSPF speaker on the
other end with the proper parameters configured
There is no OSPF adjacency to the CE router listed as none was configured
e What type of LSAs are in the database
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4752
47
Only Type 1 Router LSA are present due to the interface being configured as point-
to-point
5 Which devices were reachable
All the devices in the local ISP were now reachable
Which devices were not reachable
The devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs Also none of the CE Host Networks were reachable as therouters did not have routes for these networks in their local routing table
6 Which devices were reachable
All networks and devices in the local ISP are now reachable
Which devices were not reachable
Devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs
Sample Relevant Config
--------------------------------------------------
echo OSPFv2 Configuration
--------------------------------------------------
ospf
area 0000interface system
interface-type point-to-point
exit
interface to-R4interface-type point-to-point
exitinterface toLAN
interface-type point-to-point
exitexit
exit
exit
Exercise 515 How many routes are advertised to each neighbor
There are no routes advertised to the neighbors because BGP does not originateroutes until an export policy is created and applied to the BGP instance
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4852
48
8 How many routes are in the routing table of R1-R4
There is 1 BGP route in each of R1-R4s routing tables matching the best path tothe aggregate advertised by the remote ISPs
9 Which devices were reachable
From the PE routers only the P routers in the local ISP were reachable
Which devices were not reachable
All routers in the remote ISP were still unreachable This is due to the local PE router
not participating in the BGP routing protocol and therefore it is not aware of theaggregate route advertised from P to P router
Sample Relevant Router Config
--------------------------------------------------
echo Static Route Configuration
--------------------------------------------------
static-route 140100024 black-hole--------------------------------------------------
echo Policy Configuration
-------------------------------------------------- policy-options
begin
policy-statement Export_Routes
entry 10
from protocol static
exit
action accept
exit
exit
exit
commitexit
--------------------------------------------------
echo BGP Configuration
--------------------------------------------------
bgpgroup eBGP
export Export_Routes
exit
group ebgpneighbor 1601006
peer-as 65002
exit
exitgroup ibgp
neighbor 1401002
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4952
49
peer-as 65001
exit
exit
exit
exit
Exercise 61Part 4 Verification
1 a How many PUSH actions on the P PE and CE devices
There are 7 PUSH operations on each P and PE device There are no PUSHoperations on the CE as it is not running LDP
b How many SWAP actions on the P PE and CE devices
There are 7 SWAP operations on each P and PE device There are no SWAP
operations on the CE as it is not running LDP
c How many POP actions on the P PE and CE devices
There is 1 POP operation on each P and PE device There are no POP operationson the CE device as it is not running LDP
2
a How many OSPF adjacencies are there on your CE device
None
b Ping the other CE devices in the network (ping 1921681x)
Nothing is reachable because there is no layer 2 connectivity from CE to CE
device without creating a service
Exercise 62 3 Were you successful at adding the SAP
No The port must be in access mode before you can create a SAP on it
Part 2 Verification
1
g How many Ingress labels
There are now 3 Ingress labels on the PE devices The P and CE device has no
service labels
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5052
50
h How many SWAP actions
There are now 3 Egress labels on the PE devices The P and CE device has noservice labels
2
a
How many OSPF adjacencies are there on your CE device3
b Are you able to ping the other CE devices in the lab
YES
c Are you able to ping the system IP address of the P device from the CE
device
NO The O and PE devices are private from the service to which the CEdevices are connected on
3
a How many services are there on each device in your POD
1 per PE only
b What is their status
Operationally UP
d On each PE device we can see the MAC database per service using the
following command
iii How many local MAC addresses are in your table
1
iv How many remote MAC addresses are in your table
3
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
i How many OSPF adjacencies are there on your CE device
1
ii Ping the system IP addresses of all other CE devices in the lab
Only the CE device connected to the diagonally connected PE isreachable because it is the only one with an active SDP in both
directionsf
i How many labels are there
Same as before
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5152
51
ii Is there any difference compared to what was seen in previously
in step a
NO The LSPs created with LDP are still active only the SDP usedto bind the LSPs to the service are shut down therefore no labelswill be withdrawn
Sample PE Relevant Configuration
--------------------------------------------------echo LDP Configuration
--------------------------------------------------
ldpinterface-parameters
interface to-R1
exit
interface to-R6
exit
interface to-R5exit
exit
targeted-session
exit
exitexit
--------------------------------------------------
echo Service Configuration
--------------------------------------------------
service
customer 1 createdescription Default customer
exit
sdp 6 mpls createfar-end 1401006
ldp
keep-alive
shutdown
exit
no shutdown
exitsdp 7 mpls create
far-end 1511001
ldp
keep-alive
shutdownexit
no shutdown
exit
sdp 8 mpls create
far-end 15110030
ldpkeep-alive
shutdown
exit
no shutdown
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5252
52
exit
vpls 612 customer 1 create
stp
shutdown
exitsap 112 create
exit
mesh-sdp 6612 create
mesh-sdp 7612 create
mesh-sdp 8612 createexitno shutdown
exit
exit A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 652
6
Section 13 ndash Hardware
Objective
In this exercise the student will configure InputOutput Modules (IOM) MediaDependent Access (MDA) and the ports The student will then ensure that the ports are
properly configured as far as mode and MTU The configurations are slightly different between the physical router and the router simulator
IOMMDA Configuration
1 In this step the student is not actually configuring the IOM card The student isconfiguring the card slot The IOM card itself already knows what it is Thiscommand shows what type of cards it should expect to see installed
RX show card crarr
Conf i gur e the appr opr i ate sl ot wi t h the equi pped car d
RX configure card ltslotgt crarr ( wher e sl ot i s 1- 10 dependi ng on t herouter)
RXgtconf i ggtcar d card-type iom-20g crarr ( this can be differentPlease verify the correct card in the slot by doing a lsquoshowcardrsquo)
RXgtconf i ggtcar d no shutdown crarr ( by def aul t al l car ds are shut down)
2 The next step is to configure the daughter card slots on the IOM
RX show mda crarr ( command to show all MDAs installed on all cards)
RXgtconf i ggtcar d mda 1 crarr
RXgtconf i ggtcar dgtmda mda-type m60-10100eth-tx crarr ( this can be different
Please verify the correct mda in the slot by doing a lsquoshow mda ltcardgtrsquo)
RXgtconf i ggtcar dgtmda no shutdown crarr
3 Confirm that the configurations were correctly done by using the followingcommands The equipped card type and the provisioned card type listed in the CLIwindow should be identical
RX show card 1 crarr
RX show mda 11
crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 752
7
RX show mda 12 crarr
4 Note The cards and MDAs can be configured incorrectly there is no visible warning
to determine if these components were wrongly configured other than the defaultalarm logs (see Configuring Alarms Section 14) Although the router will accept an
incorrect configuration any service on the incorrectly configured cardsMDAs will
not work correctly
5 Once the cards are correctly configured then configure the ports on the MDAs
Unlike the cards where it was a hierarchical configuration structure the ports are not
configured as part of the MDA hierarchy The student must exit back to the root andthen enter into the port configuration mode The ports are identified by firstidentifying the IOM then the MDA and then the port (111) By default the ports on
a 60 port 10100 card are network mode with a MTU of 1514 The default settingswill suffice for the remainder of this course
RXgtconf i ggt port 111 crarr
RXgtconf i ggtpor t gt no shut crarr
RXgtconf i g port 11[14] no shut crarr
(This command will enable you to configure a string of ports at one time In this casethis command will turn all 4 ports administratively on)
6 Use the following commands to verify that the configurations at the port level arecorrect and functioning properly
RX show port crarr
RX show port 111 detail crarr
(The ldquodetailrdquo extension on a show command will display everything possible about the
item specified This command is very useful in troubleshooting)
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 852
8
Section 14 ndash Logs
Objective
In this exercise the student will configure log-ids and verify their operation The studentwill then set up a relationship within the log-id to identify the source of the information
(the logger) and the destination of the information that they wish to capture
1 Create a Log ID and associate the Log to memory
RX configure log log-id 21 crarr ( t he r ange i s 1- 100 however 99 100 ar er eserved)
RXgtconf i gur egtl oggtl og- i d$ description ldquoMain Stream Logrdquo crarr
RXgtconf i gur egtl oggtl og- i d$ from main crarr (This is the source of the information
that you wish to capture)
RXgtconf i gur egtl oggtl og- i d$ to memory crarr (This is the destination)
RXgtconf i gur egtl oggtl og- i d$ info detail crarr
RXgtconf i gur egtl oggtl og- i d$ exit crarr
RX show log log-id 21 crarr
2 Using the same configuration steps that you have just completed for step 1 repeat the process to configure three other log files using the following parameters
Description Security Log FileLog ndashid 22Log Source security
Destination memory
Description Debug-Trace
Log-id 23Log Source debug-trace
Destination session
Description Change LogLog-id 24
Log Source changeDestination memory
3 Verify the log files configuration and output
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 952
9
a Observe the log file configuration
RX configure log crarr
RXgtconf i gur egtl oggt info crarr
b Observe the security log
To test the security logging open another session to the same router that you arelogged into Try logging in to the router using a wrong loginpassword
On the active session now execute a
RX show log log-id 22 crarr
Observe the failed login attempts
c Observe the Change log
RX show log log-id 24 crarr
Observe all the events in the change log What kind of events are logged here
d
Observe the Debug log Note This will be viewed when debug events are turned up in succeeding labs
e Observe the Main log
RX configure port 115 no shut crarr
RX exit crarr
RX show log log-id 21 crarr
RX configure port 115 shut crarr
f Logout from the active session and now type a
RX config log crarr
RX info crarr
Compare the output of the info command to the output obtained at the beginning of thisstep Is there a difference and why
4 Configuring and viewing alarms
Alarms on the 7x50 are not directly displayed Two log files (log id 99 and log id 100)
are configured automatically on startup to capture alarm events for layer 1 and layer 2
To view these alarms execute
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1052
10
RXgt show log log-id 99
RXgt show log log-id 100
Appropriate parameters can be used in order to display specific information
5
Save your configs
RXgt admin save
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1152
Lab 2 IP Addressing and Routing
Section 21 - ISP addressing with Enterprise Customers
Objective
In this exercise the student will design and implement an IP network addressing scheme
to support the communications between the routers as shown in the diagram below Thisis a paper exercise
Ent A1
30 hosts
Ent B2
300 hosts
11
Figure 1 Two Enterprises linked to a common ISP
Ent B1
90 hosts
Ent A2
60 hosts
ISP
Formatted Portuguese (Braz
Formatted Font (Default) TiNew Roman 12 pt Not Bold Fcolor Auto Portuguese (Brazil
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1252
12
Two enterprises A and B are connected to a central Tier 2 ISP A1 and A2 are two ofEnterprise Arsquos locations connected to the Tier 2 ISP and B1 and B2 are two of
Enterprise Brsquos locations connected to the same Tier 2
The ISP has a public IP addressing space of 13812016020 The Enterprises A and Blease their IP addressing from their ISP Enterprise A requires an IP addressing scheme
that can scale to at most 30 nodes in location A1 and 60 nodes in location A2 The
Enterprise B requires an IP addressing scheme with at most 90 nodes in location B1 andless than 300 nodes in location B2 The ISP can only lease 500 IP addresses (among thetwo enterprises) and will utilize the last part of its assigned sub-network to both theenterprises
Your tasks are to1) Extract a 500 host sub-network from the last part of the ISP IP network address of
13812016020
2) Divide the resulting sub-network into unequal sub-networks satisfying all the siterequirements for each of the enterprise locations Note The sub-networksassigned to each location do not have to be a single aggregate block so long asthey satisfy the number of addresses required
3) Wherever possible optimize address spaces among Enterprise locations
Hint Divide the assigned ISP IP sub-network into equal blocks satisfying the smallest
requirement and then combine the smaller blocks into aggregate or non aggregate
blocks
Entity Number of Host Addresses
IP Network
ISP Network 4094 13812016020
Subnetwork Assigned toEnterprise A and B
510
Enterprise A
Location A1
Location A2
Enterprise B
Location B1
Location B2
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1352
Section 22 ndash ISP addressing with P PE and CE routers
Objective
In this exercise the student will design and implement an IP network addressing scheme
to support the communications between the routers as shown in the diagram below TheIP addressing schema will be used further in the subsequent lab exercises
Figure 2 Two ISPS
There are two ISPs shown in the above diagram ISP 1 consists of routers P1 P2 PE5and PE6 ISP 2 consists of routers P3 P4 PE3 and PE4
P1 and P2 P3 and P4 are considered provider routers and serve as transit points to other
provider routers PE1 and PE2 PE3 and PE4 are provider edge routers and connect to theISP customers These routers provide Internet and other network access to the ISP
customers
13
CE4R12
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1452
14
CE 1 and CE2 are customer edge routers that represent customers of ISP 1 CE3 and CE4are routers that represent customers of ISP2 These routers provide traffic from the ISP to
the various customer entities
Each ISP is assigned the following public address space by IANA
ISP 1 140100024
ISP 2 150100024
Your task is to design an IP sub-network based on the address space provided and assignthe sub networks to the various routers based on the following requirements which are the
same for both ISPs Note All students assigned to each of the ISP must collaboratetogether
Requirements
1 The first 32 addresses in the assigned IP space for both ISPs are reserved for system
and other internal loopback addresses on the P PE Each of the routers in the ISP andwill require a system address from this block
2
The next 64 addresses in the assigned IP space for both ISPs are reserved for futureuse
3 All customer routers on both ISPs are connected to at most 60 hosts So each ISP
needs to assign two 60 host addressing schemes to represent all the customers4 All inter router links including CE-PE router links within each ISP are point to point
links however for the sake of convenience they should be assigned lsquo30rsquo based
addresses
5 ISP 1 and ISP2 provider routers are physically connected to each other but are not peering to each other
Enter the addresses in the table below
ISP Number 1 Router Port Interface name IP Address
PE1 System
toP1
toPE2
toCE1
P1 System
toP3 Not used
toP2
toPE1
PE2 System
toP2
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1552
15
toPE1
toP1
P2 System
toPE2
toP4 Not used
toP1
CE1 System Not used
toPE1
Aggregate
CE2 System Not used
toPE2
Aggregate
ISP Number 2 Router Port Interface name IP Address
PE3 System
toP3
toPE4
toCE3
P3 SystemtoP1 Not used
toP4
toPE3
PE4 System
toP4
toPE3
toCE4
P4 System
toPE4
toP3
toP2 Not used
CE3 System Not usedtoPE3
Aggregate
CE4 System Not used
toPE4
Aggregate
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1652
16
Section 23 ndash Layer 3 Interfaces
Objective
In this exercise the student will configure the layer 3 interfaces as per the IP addressing
scheme listed in the tables in the previous exercise
1 Using the following command take a look at any existing interfaces on the router
Notice that the system interface is already created This interface exists by defaultand cannot be removed The only requirement is to assign the system interface with
an IP address The system interface will be automatically used by the various routing protocols as the router-id
XXXgtshow router interface crarr
2 Assign the IP address to the system interface as per the above table on the PE and Prouters
XXXgtconf i ggtrouter crarr XXXgtconf i ggtr outer interface system crarr
XXXgtconf i ggtr out ergti f address xxxxxxxxxxxx 32 crarr
XXXgtconf i ggtr out ergti f exit crarr
3 Assign the IP addresses to the rest of the interfaces on the CE PE and P routers Thedifference between these interfaces and the system interface is the fact that the non-
system interfaces require the addition of a physical port
a The system interface being a loopback or virtual interface does not have a
physical port assigned to it b Other non-system interfaces can also be created as loopback interfaces (as
shown below) and also not required the addition of a physical port However
they need to be explicitly configured as a loopback interfaces by specifyingthe command ldquoloopbackrdquo
c The customer networks on the CE router can be specified as a loopback
interface for the purpose of aggregation however on the loopback interface asingle host address in the customer network needs to be defined
Interface Type Name Loopback Subnet Mask Port Config
Normal ldquoAny Stringrdquo No 8-31 Required
System system Implicit 32 None
Loopback ldquoAny Stringrdquo Explicit 8-31 loopback
XXXgtconf i ggtr outer interface Hosts crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1752
17
XXXgtconf i ggtr out ergti f $ address xxxxxxxxxxxxyy crarr XXXgtconf i ggtr out ergti f $ loopback
XXXgtconf i ggtr out ergti f $ exitcrarr
4 Continue until all the interfaces have been assigned an IP address and the interface
has been associated to the correct port Once completed use the show command tosee the status of the router interfaces that have just been created The administrative
and operational status should both be up If an interface shows operationally downthis could be indicative of a physical problem Use the info command to view theconfiguration of the router interfaces to ensure that they have all (with the exception
of the System interface) been associated with a port
XXXgtshow router interface crarr
XXXgtconf i ggtroutercrarr
XXXgtconf i ggtr outer info crarr
5 Using the show command check the route tables of all the CE PE and P routers inyour ISP Notice the routes that now appear in the route table and take note of their
protocol type The PE routers should see 4 routes in the route table while the Prouters should see 4 routes in the route table
XXXgtshow router route-table crarr
Is there a difference between the outputs of the lsquoshow router interfacersquo command andthe lsquoshow router route-tablersquo command What is the difference
__________
6 Using the ping command check connectivity from a router to the distant end of each
of its interfaces to the neighboring routers For example on the PE routers check theconnectivity to the distant end of the interface connecting it to the P router and on theCE router check the connectivity to the PE router
XXXgt ping xxxxxxxxxxxx crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1852
18
Section 24 ndash Testing for ICMP and ARP
Internet control messaging protocol is an IP protocol used to report on errors deliveringan IP datagram When a destination address is unreachable the router that cannot find the
destination sends an ICMP destination unreachable to the source of the IP datagram ARPis a mechanism used to find out the MAC address corresponding to a specific IP address
if one does not exist in the sourcersquos ARP cache
1 To verify ICMP messages are being generated turn on debug for ICMP packets on allcore routers To turn debug icmp on
XXXgt debug router ip icmp
2 From the edge devices attempt to ping the IP address of the far-end interface to your
core router using your edgersquos system interface address as the source address Observethe debug ICMP messages on the core routers
3 To verify ARP operation by the router turn on debug IP ARP on the routers in any
ISP (P1-P2 P3-P4 PE1 and PE2 PE3 and PE4) routers Execute the followingcommand on each of the routers
XXXgt debug router ip no icmp
XXXgt debug router ip arp
XXXgt clear router arp all
XXXgt show router arp (This should be empty now)
4 NOTE Wait until all students are at this point before proceeding
From any PE router attempt to ping the system interface IP address of all the other
directly connected routers Observe the debug ARP message Verify the ARP entryfor the neighboring interface has been added
XXXgt show router arp
How many ARP entries are on each router at this point __________
5 From any P router attempt to ping the network interface IP address of all the otherconnected routers Observe the debug ARP message Verify the ARP entry for theneighboring interface has been added
XXXgt show router arp
How many ARP entries are on each router at this point __________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1952
19
Explain ________________________________________________________________________
________________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2052
Lab 3 Dynamic IP Routing
Section 31 ndash Static Routes
Objective
In this exercise the student will configure a static route from the PE to the P router andfrom the P router to the PE router that will allow both routers to ping the system interface
of each other At this point the operator can only ping the interfaces that are directlyconnected to the router This is because those are the only networks that are known bythe router Should the operator at the PE router attempt to ping the system interface of
the P router it will fail as the PE router has no route to the destination (it is not shown inthe route-table)
1 The first step is to define the network that the operator wishes to reach In this case itwill be the address of the system interface of the distant router Once that is defined
then the router must be informed of which interface to send the information out of toreach the distant network Note when defining the ldquonext-hoprdquo interface informationthe IP address used is the distant IP address of the interface not the local IP address of
the router interface Log in to the PE router and configure a static route using thefollowing command structure The first IP address defined is the destination network
plus mask In this case it is the system interface of the P router The second IPaddress defined is the IP address of the P end of the interface that connects the P tothe PE
XXXgtconfigure router static-route xxxxxxxxyy next-hopxxxxxxxx
2 The next step is to log on to the P routers and configure a static route to the systeminterface of the PE router The command structure is the same as above The onlything that will change is the IP addresses
3
Once completed verify connectivity between the P and PE routers in your pod by pinging the system interface of the other router
XXXgt ping xxxxxxxxxxxx crarr
4 View the contents of the routing table and answer the following questions
XXXgtshow r out er r out e- t abl e crarr
a How many routes in the table ________
b What is the preference and metric value of each type of routing entry
________________________________________________________________________
________________________________________________________________________
___________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2152
Section 32 ndash Default Routes and Router Logicction 32 ndash Default Routes and Router Logic
ObjectiveObjective
In this exercise the student will configure a default route on the Customer Edge CE
router The purpose of this default route is to allow IP connectivity from the CE router tothe rest of the routers in the network This is possible due to the fact that the CE router
has only one interface towards the ISP core Therefore if the destination is not local itmust be out that interface
In this exercise the student will configure a default route on the Customer Edge CE
router The purpose of this default route is to allow IP connectivity from the CE router tothe rest of the routers in the network This is possible due to the fact that the CE router
has only one interface towards the ISP core Therefore if the destination is not local itmust be out that interface
Figure 3 Static routes CE to PE and P PE to CEFigure 3 Static routes CE to PE and P PE to CE
21
CE4R12CE4R12
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
Static Route T e 2
Static Route T e 3
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2252
22
For this exercise the CE devices will configure default routes towards theirconnected PE router Each P and PE router will configure static routes for the CE
networks (the aggregate networks that were created as part of the subnetwork exercisein Section 22) connected to their local ISP For example P1 and PE1 will eachconfigure a static route to CE1 networks and another static route to the CE2 networks
Note that each P and PE router will configure 2 static routes for each CE
1 To configure a default route is to configure a static route The only difference is thedestination network and mask information In a default route the wild card network
and mask is used to match all network prefix values that do not match anything elsein the route-table Use the following configuration on the edge router of your pod
For the next hop use the interface as defined on the previous page
XXXgtconfigure router static-route 00000 next-hop xxxxxxxx crarr
2 Log on to the core (P and PE) routers and configure static routes for each CE
customer network address of the CE routers in your local ISP For each networkthere are 2 paths through your ISP For this exercise you will enter both static routes
into each PPE router The difference will be the metric value that is used The valueof the metric is the total number of routers (including the local router) traversed toreach the destination device
XXXgtconfigure router static-route xxxxxxxxyy next-hop
xxxxxxxx met r i c zcrarr
3 Use the show command to verify the existence of the default and static routes
XXXgtshow router route-table crarr
How many routes are there in the PPE routerrsquos routing table _______
Explain
_____________________________________________________________________ _____________________________________________________________________
4 Once everyone has completed the default route configuration log on to the CE router
and ping and traceroute the various system interfaces of the various routers within thenetwork Log into the P and PE router and try to ping the configured host address on both the CE routers in the ISP
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________
Which devices were not reachable ______________________________
XXXgttraceroute xxxxxxxxxxxx crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2352
23
What path is being taken to the other CE within your local ISP ____________________________________________________________________
5 Shut down the link directly between the PE devices
XXXgtconfigure port XYZ shutdown crarr
Which devices are still reachable _______________________________
Explain _____________________________________________________________________
_____________________________________________________________________A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2452
24
Section 33 ndash IP Filters
Objective
In this exercise the student will configure an IP filter on the routers to block ICMP echo-
request access to an IP address range
To configure an IP filter we must first determine the address and protocol types that we
will be allowing access to and the direction where the filter will be applied In this casewe will be blocking access to any of the CE customer host addresses from the protocol
ICMP (IP Protocol type 1) We will block access in the INGRESS direction on the CEinterface towards the PE
CE Routers Only
6 Create and describe the filter ip instance on the CE device
XXXgt configure filter ip-filter 77 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er $ description ldquoBlock ICMP to Customernetworkrdquo
7 Set the default-action to forward
XXXgtconf i ggtf i l t er gti p- f i l t er $ default-action forward crarr
8 Deny access to all host address range only for ICMP echo-requests Note We will
match in the ingress direction
XXXgtconf i ggtf i l t er gti p- f i l t er $ entry 10 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match dst-ip xxxxxxxxyy crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match protocol 1 icmp-type echo-
request crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ action drop crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ exit all crarr
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful _____Explain _____________________________________________________________________
_____________________________________________________________________
10 Apply the filter on the CE to the router interface connected to the PE device
XXXgt configure router interface toPEx crarr
XXX gtconf i ggtr out ergti f $ ingress filter ip 77 crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2552
25
11 From the PE ping the attached CErsquos configured host loopback address Successful _____
12 From the CE ping the attached PErsquos system IP addresses Successful _____Explain
_____________________________________________________________________
_____________________________________________________________________
PE Routers only Do not start until CE Router section is completed
13 Create and describe the filter ip instance on the PE device
XXXgt configure filter ip-filter 77 create crarr XXXgtconf i ggtf i l t er gti p- f i l t er $ description ldquoBlock ICMP to System
Addressrdquo
14 Set the default-action to forward
XXXgtconf i ggtf i l t er gti p- f i l t er $ default-action forward crarr
15 Deny access to the system IP address only for ICMP echo-requests Note We willmatch in the ingress direction so the packets will destined to the system IP address
XXXgtconf i ggtf i l t er gti p- f i l t er $ entry 10 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match dst-ip xxxxxxxxyy crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match protocol 1 icmp-type echo-
request crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ action drop crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ exit all crarr
16 Apply the filter to the router interface connected to the CE device
XXXgtconfigure router interface toCExcrarr
XXXgtingress filter ip 77 crarr
17 From the PE ping the attached CErsquos loopback host IP address Successful _____
18 From the CE ping the attached PErsquos system IP address Successful _____Explain
_____________________________________________________________________ _____________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2652
Lab 4 Open Shortest Path First (OSPF)
Section 41 ndash Single Area OSPF
Objective
In this exercise the student will configure a single area OSPF network for each ISP Thislab will demonstrate the different databases that are created by the OSPF routing
protocol
CE4R12
26
Figure 4 OSPF in each ISP
NOTE Remove all static routes configured in the P and PE devices in the previous
labs DO NOT remove the static routes to CE networks on the PE
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
OSPF
OSPF
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2752
27
1 The first step is to enable the OSPF routing process on the router
XXX configure router ospf crarr
2 Next define the area that the interfaces will be placed in Remember that the areamust match between routers connected on the same interface for OSPF to establish an
adjacency The objective of this exercise is to configure a single area OSPF network
therefore all students should use the same area number
XXXgtconf i ggtr outergtospf $ area 0 crarr
3 Now enter into this area all the interfaces that you want OSPF to operate on and sendout its advertisements In this case place all the PE and P router interfaces inside thelocal ISP into the OSPF process area 0 Note that ISPs rarely exchange routes witheach other using an IGP protocol of any sort
XXXgtconf i ggtr out er gtospf gtar ea$ interface system crarr
XXXgtconf i ggtr outergtospf gtar eagti f $ exit crarr XXXgtconf i ggtr outergtospf gtar eagt interface toPE1
XXXgtconf i ggtr out ergtospf gtareagti f $ interface-type point-to-point crarr
Continue until all the interfaces on the PE and P routers within the ISP are enteredinto the OSPF process in area 0
XXXgtshow r out er r out e- t abl e crarr
a How many routes in the table ________ b
_________________________________________________________________ _________________________________________________________________
_________________________________________________________________ _________________________________________________________________
What is the preference and metric value of each OSPF Route
4 Use the show command to look at the OSPF neighbors of the P routers
XXXgtshow r out er ospf nei ghbor crarr
a How many neighbors do you see on the P devices _____ PE _____ CE _____
b What is the state of their adjacency ____ Why
____________________________________________________________________
____________________________________________________________________
Use the following command to show the ospf link state database This database is alisting of all LSAs that have been received by the router It is these LSAs that the SPFalgorithm uses to create the forwarding table
XXX show router ospf database detail crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2852
28
a What types of LSAs are in the database _______________________________________________________________
_______________________________________________________________ b Is the database consistent on all the ISP routers _______
5 Once everyone has completed the OSPF configuration login to the P router and ping
the other PE router system interfaces
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________Which devices were not reachable ______________________________
Explain _____________________________________________________________________ ___________________________________________________________________
6 To reach the CE networks from any of the PE and P routers the CE networks need to
be distributed into OSPF running on PE and P routers The static routes to the CEnetworks are defined on the PE routers and need to be distributed on the PE routers
To do this
a
the PE router must be configured as an ASBR (Autonomous System Border
Router) The ASBR configuration under OSPF enables a router running the OSPFrouting protocol to distribute networks external to the OSPF domain into OSPFIn this case the static routes to the CE networks are not part of the ISP OSPF
domainOn the PE routerXXXgtconf i ggtr out er gtospf gtar ea 0 asbrcrarr
b A routing policy on the PE distributes the static routes into OSPF
On the PE routerXXX configure router policy-options crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons begin crarr XXXgtconf i ggtr out ergtpol i cy- opt i ons policy-statement Export_Routes crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement $ entry 10 crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y$
from protocol static crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y
action accept crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r ygtact i on
back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons commit crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons exit all crarr XXXgtconf i ggtr outergtospf export Export_Routes
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2952
29
7 From the PE and the P routers ping all the CE networks (ie ping the CE hostloopback address) within the ISP
Which devices were reachable _______________________________
Which devices were not reachable ______________________________Explain
_____________________________________________________________________
___________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3052
Lab 5 BGP Routing
Section 51 ndash BGP Routing
Objective
In this exercise the student will configure their ISP as a BGP Autonomous System The
student will then configure the BGP routing protocol to connect the Autonomous Systemstogether and exchange routing information
CE4R12
Figure 5 BGP between ISPs and within ISPs
30
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
OSPF
OSPF
BGP
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3152
31
1 Assign your AS number to your P and PE routers (R1-R8)
XXXgtconf i ggtr out er autonomous-system 6500n (n = ISP) crarr
2 P1 and P3 P2 and P4 will be configured as external BGP peers (eBGP) Note thateBGP peers typically use the next-hop interface IP address as the neighbor address
Since the ISPs will now be peering (share an IP network) between them assign the
link between P1 and P3 host addresses from 145001031 and the link between P2and P4 will be assigned hosts from the 145002031 network
XXXgtconf i ggtr out er bgp gr oup eBGP crarr
XXXgtconf i ggtr out er gtbgpgtgroup$ nei ghbor xxxxxxxx crarr
XXXgtconf i ggtr outergtbgpgtgroupgtnei ghbor$ peer - as ltremote ASgt crarr
3 P1 and P2 P3 and P4 will be configured as internal BGP peers (iBGP) Note that
iBGP peers typically use the system interface IP address as the neighbor address
XXXgtconf i ggtr out er bgp group i BGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ nei ghbor xx xx xx xx crarr
XXXgtconf i ggtr outergtbgpgtgroupgtnei ghbor$ peer - as ltl ocal ASgt crarr
4
At this point each P router should have one internal and one external BGP session
xxx show r out er bgp summar y crarr
5
We can see the advertised routes for reach neighbor using the following command
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
a How many routes are advertised to each neighbor _____ b Explain
____________________________________________________________ __________________________________________________________
6
BGP like other distance vector protocols requires an export policy to advertise-routes to other BGP peers The most accepted way to originate a route from an ISP isto create a black-hole static route for all aggregates to be advertised This will ensure
these routes always exit to eliminate IGP related route flapping Create the black-holestatic route for the aggregate of your local ISP A black hole indicates that traffic fora particular route will be discarded unless a more specific route exists in the routing
table A black hole static-route only makes sense from an aggregation view point Foreg if there are the following routes in the routing table
XXX configure router static-route xxxxxxxxyy black-hole
preference 250
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3252
32
8 Execute the following set of commands on the core routers (R1-R4) This will exportall static routes to the eBGP peers
XXX configure router policy-options crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons begin crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons policy-statement Export_Routes crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement $ entry 10 crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y$
from protocol static crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y
action accept crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r ygtact i on
back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons commit crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons exit all crarr
XXXconf i gur e router bgp group eBGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ expor t Expor t _Routes crarr
NOTE Wait for all nodes to be fully configured before proceeding
7
Notice that there are routes being advertised now that the policy is applied
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
How many routes are in the routing table of R1-R4 ________________Explain
_____________________________________________________________________ ___________________________________________________________________
9 Log on to the PE routers and ping the other P router system interfaces of the other ISP
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________Which devices were not reachable ______________________________
Explain _____________________________________________________________________
___________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3352
Lab 6 Services
Section 61 Services Framework
Objective
In order to complete the next group of labs we need to create a topology to support the
services we will deploy The two service providers from the previous sections havemerged into one and are offering a VPLS service across their network As long as routesexist to the system addresses of all the PE devices in the provider network a VPLSservice can be created The new service provider is running OSPF as the IGP for their
core network
33
Figure 6 Service Provider core network
CE4R12
P1R1 P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
OSPF
CE3R11
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3452
34
Running an IPMPLS-based service requires a Label Distribution Protocol (wersquoll useLDP for ease of deployment) and a full mesh of Service Distribution Paths (SDPs)
Follow the steps below
Reference Terminology
R1-R4 = Provider Routers = P1-P4
R5-R8 = Provider Edge Routers = PE1-PE4R9-R12 = Customer Edge Routers = CE1-CE4
Part 1 Provider Router Configuration (P1-P4)
1) In the previous lab routing between ISPs is provided by BGP Since the ISPs have
merged they will be merged into one routing domain running OSPF as their IGP
The interfaces between R1 and R3 and between R2 and R4 must be added to OSPF to
make this a single routing domain
2) The MPLS signaling protocol that will be used in the following section is LDP LDP
must be enabled on ALL interfaces that will be required to perform MPLS Label
exchange
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr
XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toP_ is the router interface to all neighboring routers
Part 2 Provider Edge Router Configuration (PE1-PE4)
1) LDP must be enabled on ALL router interfaces in the provider core to allow labels to
be exchanged across the Provider and Provider Edge routers
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toR_ is the router interface to the P and PE routers only
LDP is an MPLS signaling protocol therefore once all routers in the network have been
correctly configured for LDP LSPs will be created dynamically based on the systemaddresses of each node in the network
3) Configure a full mesh of SDPs (Service Distribution Paths) between the PE routers
only This will allow the distribution of services across all PE routers in the networks
When yoursquove completed this section each PE node will have a total of 3 SDPs to
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3552
35
each of the other 3 PEs The SDP is identified by an integer and we will use the router
number (5 6 7 or 8) of the far end PE to identify the SDP So PE1 (R5) will have 3
SDPs numbered 6 7 and 8 to each of the other three PEs
XXXgtconf i gure servi ce sdp x mpl s cr eat e crarr
XXXgtconf i ggtser vi cegtsdp$ f ar - end xxxxxxxxxxxx crarr
XXXgtconf i ggtser vi cegtsdp$ l dp crarr
XXXgtconf i ggtser vi cegtsdp$ no shut down crarr
Where x is the router number of the destination node
Where xxxxxxxxxxxx is the system IP address of the far-end device
Part 3 Customer Edge Router Configuration (CE1-CE4)
In the following service labs the Customer Edge devices will be configured as traditional
routers Each CE router has an interface in the same IP subnet The VPLS service will join these four routers in the same way an Ethernet switch would join them Thefollowing configuration is required on each CE device
1) Create the router interface on the interface connecting the CE to the service enabled
PE devices
XXXgtconf i gure r out er i nt er f ace ser vi cesCE_ crarr
XXXgtconf i ggtr out ergti f $ addr ess 192 168 1 x 24 crarr
XXXgtconf i ggtr out ergti f $ por t X Y Z crarr XXXgtconf i ggtr outergti f $ no shutdown
Where x is the local router number
Where XYZ is the physical network port connecting the CE to the neighboring
PE
2) Create OSPF area 0 and add the Router Interface created in step 1 and the system
interface to it
XXXgtconf i gur e rout er ospf area 0 crarr
XXXgtconf i ggtr out ergtospf gtarea$ i nter f ace syst emcrarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
XXXgtconf i ggtr out ergtospf gtarea i nter f ace servi ceCE1 crarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
Part 4 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3652
36
1) LDP is the protocol used for signaling which tunnel labels will be PUSHed
SWAPped POPped while data traverses the LSP To view which labels will be used
and their function use the following command
XXX show r out er l dp bi ndi ngs act i ve crarr
a How many PUSH actions on the P PE and CE devices
_______________________ Explain _______________________________________________________________
_______________________________________________________________
__________
b How many SWAP actions on the P PE and CE devices
_______________________ Explain
_______________________________________________________________
_______________________________________________________________
__________
c How many POP actions on the P PE and CE devices
_________________________ Explain
_______________________________________________________________ _______________________________________________________________
__________
2) CE Connectivity
a How many OSPF adjacencies are there on your CE device _____
b Ping the other CE devices in the network (ping 1921681x)
Explain the results ________________________________________________________________________ ________________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3752
Section 62 VPLS Example
Objective
A VPLS is a layer 2 service that can connect multiple sites in one LAN Itrsquos like creatinga virtual Switch out of a network of Service Routers In this lab we will create a VPLSacross all the PE nodes The PE devices will connect to each other with a full mesh using
mesh-sdp Note that after the service reference topology has been configured adding
services from edge to edge does not require any further modification of the P devices
37
Figure 6 VPLS service in each ISP between PE and P routers with SAP connections to CE routers
Part 1 Provider Edge Router Configuration (R5-R8)
1) Create the VPLS service
CE4R12
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
CE3R11
VPLS 1
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3852
38
XXXgtconf i gur e servi ce vpl s 1 cust omer 1 cr eat e crarr
XXXgtconf i ggtser vi cegtvpl s$ no shut down crarr
2) SDPs are used to distribute services across multiple service routers and therefore
bind a transport tunnel to the service You will need to create a mesh-sdp between
each PE router (R5-R8) to allow full communication across the PE routers Each PE
router should have 3 mesh-SDPs at the conclusion of this step Note that a mesh-sdp
will not forward a frame out another mesh-sdp allowing for a loop free service
topology within the core
XXXgtconf i gur e ser vi ce vpl s 1 mesh- sdp x create crarr
XXXgtconf i ggtser vi cegtvpl sgtmesh- sdp$ back crarr
Where x is the sdp to the other PE routers (R5=5 R6=6 R7=7 R8=8)
3) Service Access Points are used to attach CE devices to services on PE devices
XXXgtconf i gur e servi ce vpl s 1 sap X Y Z cr eat e crarr
Where XYZ is the physical port connecting the CE device to the PE
a Were you successful at adding the SAP _______
b Explain
_______________________________________________________________
_______________________________________________________________
c Correct the problem
XXXgtconf i gur e port X Y Z shut down crarr
XXXgtconf i gur e por t X Y Z et her net mode access crarr
XXXgtconf i gur e por t X Y X no shut down crarr
Part2 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
a View the in-use Service LDP bindings on the P and PE routers (U after label
indicates in-use)
XXX show r out er l dp bi ndi ngs f ec- t ype ser vi ces crarr
a How many Ingress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3952
39
b How many Egress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
b Network Connectivity
a How many OSPF adjacencies are there on your CE device _____
b
Are you able to ping the other CE devices in the lab _____c Are you able to ping the system IP address of the P device from the CE
device ____
d Explain the results
_______________________________________________________________
_______________________________________________________________
c Services Use the following command to determine the health of your services
XXXgt show ser vi ce servi ce- usi ng crarr
a How many services are there on each device in your POD ______
b
What is their status ______c Use the following command to find out more information about your service
XXXgt show ser vi ce i d 1 base crarr
d On each PE device we can see the MAC database per service using the
following command
XXXgt show ser vi ce i d 1 f db det ai l crarr
i How many local MAC addresses are in your table ____
ii How many remote MAC addresses are in your table ____
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
XXXgtconf i gur e servi ce sdp x shutdown crarr
Where x is the SDP to the remote PE device (R5=5 R6=6 R7=7 R8=8)
i How many OSPF adjacencies are there on your CE device _____
ii Ping the system IP addresses of all other CE devices in the lab
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4052
40
iii Explain the results
_________________________________________________________
_________________________________________________________
f On the P routers observe the impact of step d
XXXgtshow r out er l dp bi ndi ngs act i ve crarr
i
How many labels are there _____________
ii Is there any difference compared to what was seen in previously in
step a ________________
Explain __________________________________________________________________
__________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4152
41
Solutions
Exercise 13 Hardware
Sample Relevant Config--------------------------------------------------
echo Card Configuration--------------------------------------------------
card 1card-type iom-20g
mda 1
mda-type m60-10100eth-tx
ingress
mcast-path-managementshutdown
exit
exit
exit
exit
--------------------------------------------------
Exercise 14 Logs
Sample Relevant Config--------------------------------------------------echo Log Configuration
--------------------------------------------------
log
log-id 21
description Main stream log
from main
to memoryexit
log-id 22
description Security Log File
from security
to memoryexitlog-id 23
description Debug-trace
from debug-trace
to memoryexit
log-id 24
description Change Log
from change
to memoryexit
exit
Exercise 21
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4252
42
Divide up the ISP address space into equal space 512 host addresses
13812016022
13812020022
13812024022
13812028022 - divide into 13812028023 and 13812030023
Take the last 13812030023 and divide that into
13812030027 A1 30 hosts
138120303227 A2 62 hosts
138120306427
138120309627 B1 92 hosts
1381203012826
1381203019226 B2 316 hosts
13812031024
Exercise 22
Divide 140100024 into 827 address spaces
140100027 Reserved Reserved
1401003227 Unused
1401006427 Unused
1401009627 Split 1401009630
14010010030
14010010430
14010010830
14010011230
14010011630
14010012030
14010012430
All interface addresses
14010012827 Aggregate 14010012826 Assigned to Customer
space
14010016027
14010019227 Aggregate 14010019226 Assigned to customer
space
14010022427
Exercise 23
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4352
43
5 Is there a difference between the outputs of the lsquoshow router interfacersquo command
and the lsquoshow router route-tablersquo command What is the difference
Yes there is a difference The route table shows me the networks that are connected to myrouter and the logical interface it is connected to The router interface command shows
me the host address assigned to the port from the network that is used on my router along
with the physical port it is bound to
Relevant Configuration from P1
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
router
interface system
address 140100132
exit
interface t-R2exit
interface to-R2
address 140100530
port 112exit
interface to-R3
address 14010010930
port 113
exitinterface to-R5
address 14010011830
port 111
exit
exit
Exercise 244 How many ARP entries are on each router at this point
There are no ARP entries in my ARP table at this point The routers do not know how to
reach the system addresses of other routers so no ARP responses are received
5 How many ARP entries are on each router at this point
I see entries for each of my directly connected peers The MAC address belongs to the
remote routerrsquos interface ARP entries are populated because all routers know of theirdirectly connected networks and will respond to ARP requests accordingly
Exercise 31
5 View the contents of the routing table and answer the following questions
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4452
44
a How many routes in the table
There are routes for all my connected networks and an additional STATIC routefor each entry I put in
b What is the preference and metric value of each type of routing entry
The LOCAL entries have a Metric and Preference of 0The Static Routes have a Metric of 1 and a Preference of 5
Exercise 323 How many routes are there in the PPE routerrsquos routing table
Even though I entered 4 static routes total on the router only 2 are active in myrouting table The router preferred the static-route with the lowest metric
4 Which devices were reachable
I was able to ping the CE routers
Which devices were not reachable
I was unable to ping the System addresses of routers 2 hops away as they do not have
routes to the remote CE system address in their table The directly attached PE routerhas a staticroute to the local CE system address from a previous step
What is the PATH to the other CE within your local ISP
CE PE PE CE
5
Shut down the link directly between the PE devices
Which Devices are still reachable
I am still able to PING the other CE in my ISP by using the alternate (floating) static-route that replaced the last route Once a interface goes operationally down routers
flush routes from their routing table that use it as their next-hop
Exercise 33
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4552
45
YES While the filter is created it is not applied to any interface yet
11 From the PE ping the attached CErsquos configured host loopback address
SuccessfulYES
12 From the CE ping the attached PErsquos system IP addresses
Successful NO The filter is blocking icmp echo-requests in only one direction therefore ping
works one way but not the other
17 From the PE ping the attached CErsquos loopback host IP address
Successful
YES ICMP echo-requests are not blocked to the Loopback segment ONLY thesystem IP
18 From the CE ping the attached PErsquos system IP address
Successful
NO The filter is now blocking ICMP echo-requests to both CE and PE systemaddresses
Sample PE Relevant Config
--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forwarddescription Block ICMP to System Address
entry 10 create
match protocol icmpdst-ip 1511003032
icmp-type echo-request
exit
action drop
exit
exitexit
--------------------------------------------------
echo Router (Network Side) Configuration
--------------------------------------------------
interface to-R12
address 15110012630 port 112
ingress filter ip 77
exit
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4652
46
Sample CE Relevant Config--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forward
description Block ICMP to System Addy
entry 10 creatematch protocol icmp
dst-ip 1511003132
icmp-type echo-request
exit
action dropexit
exit
exit
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
interface to-R8
address 15110012530
port 112ingress filter ip 77
exit
Exercise 413
c How many routes in the table
There are 5 OSPF routes in my routing table 3 System Addresses and 2 Intefacenetworks that are not directly connected to my local system
d What is the preference and metric value of each OSPF Route
The OSPF routes vary in metric depending how ldquofarrdquo away they are (OSPF usescumulative cost based on bandwidth) but all have a preference of 10
4c How many neighbors do you see on the P devices 2
PE 2
CE 0
d What is the state of their adjacency
The P and PE adjacencies are Established because there is a OSPF speaker on the
other end with the proper parameters configured
There is no OSPF adjacency to the CE router listed as none was configured
e What type of LSAs are in the database
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4752
47
Only Type 1 Router LSA are present due to the interface being configured as point-
to-point
5 Which devices were reachable
All the devices in the local ISP were now reachable
Which devices were not reachable
The devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs Also none of the CE Host Networks were reachable as therouters did not have routes for these networks in their local routing table
6 Which devices were reachable
All networks and devices in the local ISP are now reachable
Which devices were not reachable
Devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs
Sample Relevant Config
--------------------------------------------------
echo OSPFv2 Configuration
--------------------------------------------------
ospf
area 0000interface system
interface-type point-to-point
exit
interface to-R4interface-type point-to-point
exitinterface toLAN
interface-type point-to-point
exitexit
exit
exit
Exercise 515 How many routes are advertised to each neighbor
There are no routes advertised to the neighbors because BGP does not originateroutes until an export policy is created and applied to the BGP instance
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4852
48
8 How many routes are in the routing table of R1-R4
There is 1 BGP route in each of R1-R4s routing tables matching the best path tothe aggregate advertised by the remote ISPs
9 Which devices were reachable
From the PE routers only the P routers in the local ISP were reachable
Which devices were not reachable
All routers in the remote ISP were still unreachable This is due to the local PE router
not participating in the BGP routing protocol and therefore it is not aware of theaggregate route advertised from P to P router
Sample Relevant Router Config
--------------------------------------------------
echo Static Route Configuration
--------------------------------------------------
static-route 140100024 black-hole--------------------------------------------------
echo Policy Configuration
-------------------------------------------------- policy-options
begin
policy-statement Export_Routes
entry 10
from protocol static
exit
action accept
exit
exit
exit
commitexit
--------------------------------------------------
echo BGP Configuration
--------------------------------------------------
bgpgroup eBGP
export Export_Routes
exit
group ebgpneighbor 1601006
peer-as 65002
exit
exitgroup ibgp
neighbor 1401002
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4952
49
peer-as 65001
exit
exit
exit
exit
Exercise 61Part 4 Verification
1 a How many PUSH actions on the P PE and CE devices
There are 7 PUSH operations on each P and PE device There are no PUSHoperations on the CE as it is not running LDP
b How many SWAP actions on the P PE and CE devices
There are 7 SWAP operations on each P and PE device There are no SWAP
operations on the CE as it is not running LDP
c How many POP actions on the P PE and CE devices
There is 1 POP operation on each P and PE device There are no POP operationson the CE device as it is not running LDP
2
a How many OSPF adjacencies are there on your CE device
None
b Ping the other CE devices in the network (ping 1921681x)
Nothing is reachable because there is no layer 2 connectivity from CE to CE
device without creating a service
Exercise 62 3 Were you successful at adding the SAP
No The port must be in access mode before you can create a SAP on it
Part 2 Verification
1
g How many Ingress labels
There are now 3 Ingress labels on the PE devices The P and CE device has no
service labels
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5052
50
h How many SWAP actions
There are now 3 Egress labels on the PE devices The P and CE device has noservice labels
2
a
How many OSPF adjacencies are there on your CE device3
b Are you able to ping the other CE devices in the lab
YES
c Are you able to ping the system IP address of the P device from the CE
device
NO The O and PE devices are private from the service to which the CEdevices are connected on
3
a How many services are there on each device in your POD
1 per PE only
b What is their status
Operationally UP
d On each PE device we can see the MAC database per service using the
following command
iii How many local MAC addresses are in your table
1
iv How many remote MAC addresses are in your table
3
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
i How many OSPF adjacencies are there on your CE device
1
ii Ping the system IP addresses of all other CE devices in the lab
Only the CE device connected to the diagonally connected PE isreachable because it is the only one with an active SDP in both
directionsf
i How many labels are there
Same as before
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5152
51
ii Is there any difference compared to what was seen in previously
in step a
NO The LSPs created with LDP are still active only the SDP usedto bind the LSPs to the service are shut down therefore no labelswill be withdrawn
Sample PE Relevant Configuration
--------------------------------------------------echo LDP Configuration
--------------------------------------------------
ldpinterface-parameters
interface to-R1
exit
interface to-R6
exit
interface to-R5exit
exit
targeted-session
exit
exitexit
--------------------------------------------------
echo Service Configuration
--------------------------------------------------
service
customer 1 createdescription Default customer
exit
sdp 6 mpls createfar-end 1401006
ldp
keep-alive
shutdown
exit
no shutdown
exitsdp 7 mpls create
far-end 1511001
ldp
keep-alive
shutdownexit
no shutdown
exit
sdp 8 mpls create
far-end 15110030
ldpkeep-alive
shutdown
exit
no shutdown
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5252
52
exit
vpls 612 customer 1 create
stp
shutdown
exitsap 112 create
exit
mesh-sdp 6612 create
mesh-sdp 7612 create
mesh-sdp 8612 createexitno shutdown
exit
exit A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 752
7
RX show mda 12 crarr
4 Note The cards and MDAs can be configured incorrectly there is no visible warning
to determine if these components were wrongly configured other than the defaultalarm logs (see Configuring Alarms Section 14) Although the router will accept an
incorrect configuration any service on the incorrectly configured cardsMDAs will
not work correctly
5 Once the cards are correctly configured then configure the ports on the MDAs
Unlike the cards where it was a hierarchical configuration structure the ports are not
configured as part of the MDA hierarchy The student must exit back to the root andthen enter into the port configuration mode The ports are identified by firstidentifying the IOM then the MDA and then the port (111) By default the ports on
a 60 port 10100 card are network mode with a MTU of 1514 The default settingswill suffice for the remainder of this course
RXgtconf i ggt port 111 crarr
RXgtconf i ggtpor t gt no shut crarr
RXgtconf i g port 11[14] no shut crarr
(This command will enable you to configure a string of ports at one time In this casethis command will turn all 4 ports administratively on)
6 Use the following commands to verify that the configurations at the port level arecorrect and functioning properly
RX show port crarr
RX show port 111 detail crarr
(The ldquodetailrdquo extension on a show command will display everything possible about the
item specified This command is very useful in troubleshooting)
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 852
8
Section 14 ndash Logs
Objective
In this exercise the student will configure log-ids and verify their operation The studentwill then set up a relationship within the log-id to identify the source of the information
(the logger) and the destination of the information that they wish to capture
1 Create a Log ID and associate the Log to memory
RX configure log log-id 21 crarr ( t he r ange i s 1- 100 however 99 100 ar er eserved)
RXgtconf i gur egtl oggtl og- i d$ description ldquoMain Stream Logrdquo crarr
RXgtconf i gur egtl oggtl og- i d$ from main crarr (This is the source of the information
that you wish to capture)
RXgtconf i gur egtl oggtl og- i d$ to memory crarr (This is the destination)
RXgtconf i gur egtl oggtl og- i d$ info detail crarr
RXgtconf i gur egtl oggtl og- i d$ exit crarr
RX show log log-id 21 crarr
2 Using the same configuration steps that you have just completed for step 1 repeat the process to configure three other log files using the following parameters
Description Security Log FileLog ndashid 22Log Source security
Destination memory
Description Debug-Trace
Log-id 23Log Source debug-trace
Destination session
Description Change LogLog-id 24
Log Source changeDestination memory
3 Verify the log files configuration and output
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 952
9
a Observe the log file configuration
RX configure log crarr
RXgtconf i gur egtl oggt info crarr
b Observe the security log
To test the security logging open another session to the same router that you arelogged into Try logging in to the router using a wrong loginpassword
On the active session now execute a
RX show log log-id 22 crarr
Observe the failed login attempts
c Observe the Change log
RX show log log-id 24 crarr
Observe all the events in the change log What kind of events are logged here
d
Observe the Debug log Note This will be viewed when debug events are turned up in succeeding labs
e Observe the Main log
RX configure port 115 no shut crarr
RX exit crarr
RX show log log-id 21 crarr
RX configure port 115 shut crarr
f Logout from the active session and now type a
RX config log crarr
RX info crarr
Compare the output of the info command to the output obtained at the beginning of thisstep Is there a difference and why
4 Configuring and viewing alarms
Alarms on the 7x50 are not directly displayed Two log files (log id 99 and log id 100)
are configured automatically on startup to capture alarm events for layer 1 and layer 2
To view these alarms execute
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1052
10
RXgt show log log-id 99
RXgt show log log-id 100
Appropriate parameters can be used in order to display specific information
5
Save your configs
RXgt admin save
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1152
Lab 2 IP Addressing and Routing
Section 21 - ISP addressing with Enterprise Customers
Objective
In this exercise the student will design and implement an IP network addressing scheme
to support the communications between the routers as shown in the diagram below Thisis a paper exercise
Ent A1
30 hosts
Ent B2
300 hosts
11
Figure 1 Two Enterprises linked to a common ISP
Ent B1
90 hosts
Ent A2
60 hosts
ISP
Formatted Portuguese (Braz
Formatted Font (Default) TiNew Roman 12 pt Not Bold Fcolor Auto Portuguese (Brazil
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1252
12
Two enterprises A and B are connected to a central Tier 2 ISP A1 and A2 are two ofEnterprise Arsquos locations connected to the Tier 2 ISP and B1 and B2 are two of
Enterprise Brsquos locations connected to the same Tier 2
The ISP has a public IP addressing space of 13812016020 The Enterprises A and Blease their IP addressing from their ISP Enterprise A requires an IP addressing scheme
that can scale to at most 30 nodes in location A1 and 60 nodes in location A2 The
Enterprise B requires an IP addressing scheme with at most 90 nodes in location B1 andless than 300 nodes in location B2 The ISP can only lease 500 IP addresses (among thetwo enterprises) and will utilize the last part of its assigned sub-network to both theenterprises
Your tasks are to1) Extract a 500 host sub-network from the last part of the ISP IP network address of
13812016020
2) Divide the resulting sub-network into unequal sub-networks satisfying all the siterequirements for each of the enterprise locations Note The sub-networksassigned to each location do not have to be a single aggregate block so long asthey satisfy the number of addresses required
3) Wherever possible optimize address spaces among Enterprise locations
Hint Divide the assigned ISP IP sub-network into equal blocks satisfying the smallest
requirement and then combine the smaller blocks into aggregate or non aggregate
blocks
Entity Number of Host Addresses
IP Network
ISP Network 4094 13812016020
Subnetwork Assigned toEnterprise A and B
510
Enterprise A
Location A1
Location A2
Enterprise B
Location B1
Location B2
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1352
Section 22 ndash ISP addressing with P PE and CE routers
Objective
In this exercise the student will design and implement an IP network addressing scheme
to support the communications between the routers as shown in the diagram below TheIP addressing schema will be used further in the subsequent lab exercises
Figure 2 Two ISPS
There are two ISPs shown in the above diagram ISP 1 consists of routers P1 P2 PE5and PE6 ISP 2 consists of routers P3 P4 PE3 and PE4
P1 and P2 P3 and P4 are considered provider routers and serve as transit points to other
provider routers PE1 and PE2 PE3 and PE4 are provider edge routers and connect to theISP customers These routers provide Internet and other network access to the ISP
customers
13
CE4R12
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1452
14
CE 1 and CE2 are customer edge routers that represent customers of ISP 1 CE3 and CE4are routers that represent customers of ISP2 These routers provide traffic from the ISP to
the various customer entities
Each ISP is assigned the following public address space by IANA
ISP 1 140100024
ISP 2 150100024
Your task is to design an IP sub-network based on the address space provided and assignthe sub networks to the various routers based on the following requirements which are the
same for both ISPs Note All students assigned to each of the ISP must collaboratetogether
Requirements
1 The first 32 addresses in the assigned IP space for both ISPs are reserved for system
and other internal loopback addresses on the P PE Each of the routers in the ISP andwill require a system address from this block
2
The next 64 addresses in the assigned IP space for both ISPs are reserved for futureuse
3 All customer routers on both ISPs are connected to at most 60 hosts So each ISP
needs to assign two 60 host addressing schemes to represent all the customers4 All inter router links including CE-PE router links within each ISP are point to point
links however for the sake of convenience they should be assigned lsquo30rsquo based
addresses
5 ISP 1 and ISP2 provider routers are physically connected to each other but are not peering to each other
Enter the addresses in the table below
ISP Number 1 Router Port Interface name IP Address
PE1 System
toP1
toPE2
toCE1
P1 System
toP3 Not used
toP2
toPE1
PE2 System
toP2
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1552
15
toPE1
toP1
P2 System
toPE2
toP4 Not used
toP1
CE1 System Not used
toPE1
Aggregate
CE2 System Not used
toPE2
Aggregate
ISP Number 2 Router Port Interface name IP Address
PE3 System
toP3
toPE4
toCE3
P3 SystemtoP1 Not used
toP4
toPE3
PE4 System
toP4
toPE3
toCE4
P4 System
toPE4
toP3
toP2 Not used
CE3 System Not usedtoPE3
Aggregate
CE4 System Not used
toPE4
Aggregate
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1652
16
Section 23 ndash Layer 3 Interfaces
Objective
In this exercise the student will configure the layer 3 interfaces as per the IP addressing
scheme listed in the tables in the previous exercise
1 Using the following command take a look at any existing interfaces on the router
Notice that the system interface is already created This interface exists by defaultand cannot be removed The only requirement is to assign the system interface with
an IP address The system interface will be automatically used by the various routing protocols as the router-id
XXXgtshow router interface crarr
2 Assign the IP address to the system interface as per the above table on the PE and Prouters
XXXgtconf i ggtrouter crarr XXXgtconf i ggtr outer interface system crarr
XXXgtconf i ggtr out ergti f address xxxxxxxxxxxx 32 crarr
XXXgtconf i ggtr out ergti f exit crarr
3 Assign the IP addresses to the rest of the interfaces on the CE PE and P routers Thedifference between these interfaces and the system interface is the fact that the non-
system interfaces require the addition of a physical port
a The system interface being a loopback or virtual interface does not have a
physical port assigned to it b Other non-system interfaces can also be created as loopback interfaces (as
shown below) and also not required the addition of a physical port However
they need to be explicitly configured as a loopback interfaces by specifyingthe command ldquoloopbackrdquo
c The customer networks on the CE router can be specified as a loopback
interface for the purpose of aggregation however on the loopback interface asingle host address in the customer network needs to be defined
Interface Type Name Loopback Subnet Mask Port Config
Normal ldquoAny Stringrdquo No 8-31 Required
System system Implicit 32 None
Loopback ldquoAny Stringrdquo Explicit 8-31 loopback
XXXgtconf i ggtr outer interface Hosts crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1752
17
XXXgtconf i ggtr out ergti f $ address xxxxxxxxxxxxyy crarr XXXgtconf i ggtr out ergti f $ loopback
XXXgtconf i ggtr out ergti f $ exitcrarr
4 Continue until all the interfaces have been assigned an IP address and the interface
has been associated to the correct port Once completed use the show command tosee the status of the router interfaces that have just been created The administrative
and operational status should both be up If an interface shows operationally downthis could be indicative of a physical problem Use the info command to view theconfiguration of the router interfaces to ensure that they have all (with the exception
of the System interface) been associated with a port
XXXgtshow router interface crarr
XXXgtconf i ggtroutercrarr
XXXgtconf i ggtr outer info crarr
5 Using the show command check the route tables of all the CE PE and P routers inyour ISP Notice the routes that now appear in the route table and take note of their
protocol type The PE routers should see 4 routes in the route table while the Prouters should see 4 routes in the route table
XXXgtshow router route-table crarr
Is there a difference between the outputs of the lsquoshow router interfacersquo command andthe lsquoshow router route-tablersquo command What is the difference
__________
6 Using the ping command check connectivity from a router to the distant end of each
of its interfaces to the neighboring routers For example on the PE routers check theconnectivity to the distant end of the interface connecting it to the P router and on theCE router check the connectivity to the PE router
XXXgt ping xxxxxxxxxxxx crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1852
18
Section 24 ndash Testing for ICMP and ARP
Internet control messaging protocol is an IP protocol used to report on errors deliveringan IP datagram When a destination address is unreachable the router that cannot find the
destination sends an ICMP destination unreachable to the source of the IP datagram ARPis a mechanism used to find out the MAC address corresponding to a specific IP address
if one does not exist in the sourcersquos ARP cache
1 To verify ICMP messages are being generated turn on debug for ICMP packets on allcore routers To turn debug icmp on
XXXgt debug router ip icmp
2 From the edge devices attempt to ping the IP address of the far-end interface to your
core router using your edgersquos system interface address as the source address Observethe debug ICMP messages on the core routers
3 To verify ARP operation by the router turn on debug IP ARP on the routers in any
ISP (P1-P2 P3-P4 PE1 and PE2 PE3 and PE4) routers Execute the followingcommand on each of the routers
XXXgt debug router ip no icmp
XXXgt debug router ip arp
XXXgt clear router arp all
XXXgt show router arp (This should be empty now)
4 NOTE Wait until all students are at this point before proceeding
From any PE router attempt to ping the system interface IP address of all the other
directly connected routers Observe the debug ARP message Verify the ARP entryfor the neighboring interface has been added
XXXgt show router arp
How many ARP entries are on each router at this point __________
5 From any P router attempt to ping the network interface IP address of all the otherconnected routers Observe the debug ARP message Verify the ARP entry for theneighboring interface has been added
XXXgt show router arp
How many ARP entries are on each router at this point __________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1952
19
Explain ________________________________________________________________________
________________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2052
Lab 3 Dynamic IP Routing
Section 31 ndash Static Routes
Objective
In this exercise the student will configure a static route from the PE to the P router andfrom the P router to the PE router that will allow both routers to ping the system interface
of each other At this point the operator can only ping the interfaces that are directlyconnected to the router This is because those are the only networks that are known bythe router Should the operator at the PE router attempt to ping the system interface of
the P router it will fail as the PE router has no route to the destination (it is not shown inthe route-table)
1 The first step is to define the network that the operator wishes to reach In this case itwill be the address of the system interface of the distant router Once that is defined
then the router must be informed of which interface to send the information out of toreach the distant network Note when defining the ldquonext-hoprdquo interface informationthe IP address used is the distant IP address of the interface not the local IP address of
the router interface Log in to the PE router and configure a static route using thefollowing command structure The first IP address defined is the destination network
plus mask In this case it is the system interface of the P router The second IPaddress defined is the IP address of the P end of the interface that connects the P tothe PE
XXXgtconfigure router static-route xxxxxxxxyy next-hopxxxxxxxx
2 The next step is to log on to the P routers and configure a static route to the systeminterface of the PE router The command structure is the same as above The onlything that will change is the IP addresses
3
Once completed verify connectivity between the P and PE routers in your pod by pinging the system interface of the other router
XXXgt ping xxxxxxxxxxxx crarr
4 View the contents of the routing table and answer the following questions
XXXgtshow r out er r out e- t abl e crarr
a How many routes in the table ________
b What is the preference and metric value of each type of routing entry
________________________________________________________________________
________________________________________________________________________
___________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2152
Section 32 ndash Default Routes and Router Logicction 32 ndash Default Routes and Router Logic
ObjectiveObjective
In this exercise the student will configure a default route on the Customer Edge CE
router The purpose of this default route is to allow IP connectivity from the CE router tothe rest of the routers in the network This is possible due to the fact that the CE router
has only one interface towards the ISP core Therefore if the destination is not local itmust be out that interface
In this exercise the student will configure a default route on the Customer Edge CE
router The purpose of this default route is to allow IP connectivity from the CE router tothe rest of the routers in the network This is possible due to the fact that the CE router
has only one interface towards the ISP core Therefore if the destination is not local itmust be out that interface
Figure 3 Static routes CE to PE and P PE to CEFigure 3 Static routes CE to PE and P PE to CE
21
CE4R12CE4R12
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
Static Route T e 2
Static Route T e 3
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2252
22
For this exercise the CE devices will configure default routes towards theirconnected PE router Each P and PE router will configure static routes for the CE
networks (the aggregate networks that were created as part of the subnetwork exercisein Section 22) connected to their local ISP For example P1 and PE1 will eachconfigure a static route to CE1 networks and another static route to the CE2 networks
Note that each P and PE router will configure 2 static routes for each CE
1 To configure a default route is to configure a static route The only difference is thedestination network and mask information In a default route the wild card network
and mask is used to match all network prefix values that do not match anything elsein the route-table Use the following configuration on the edge router of your pod
For the next hop use the interface as defined on the previous page
XXXgtconfigure router static-route 00000 next-hop xxxxxxxx crarr
2 Log on to the core (P and PE) routers and configure static routes for each CE
customer network address of the CE routers in your local ISP For each networkthere are 2 paths through your ISP For this exercise you will enter both static routes
into each PPE router The difference will be the metric value that is used The valueof the metric is the total number of routers (including the local router) traversed toreach the destination device
XXXgtconfigure router static-route xxxxxxxxyy next-hop
xxxxxxxx met r i c zcrarr
3 Use the show command to verify the existence of the default and static routes
XXXgtshow router route-table crarr
How many routes are there in the PPE routerrsquos routing table _______
Explain
_____________________________________________________________________ _____________________________________________________________________
4 Once everyone has completed the default route configuration log on to the CE router
and ping and traceroute the various system interfaces of the various routers within thenetwork Log into the P and PE router and try to ping the configured host address on both the CE routers in the ISP
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________
Which devices were not reachable ______________________________
XXXgttraceroute xxxxxxxxxxxx crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2352
23
What path is being taken to the other CE within your local ISP ____________________________________________________________________
5 Shut down the link directly between the PE devices
XXXgtconfigure port XYZ shutdown crarr
Which devices are still reachable _______________________________
Explain _____________________________________________________________________
_____________________________________________________________________A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2452
24
Section 33 ndash IP Filters
Objective
In this exercise the student will configure an IP filter on the routers to block ICMP echo-
request access to an IP address range
To configure an IP filter we must first determine the address and protocol types that we
will be allowing access to and the direction where the filter will be applied In this casewe will be blocking access to any of the CE customer host addresses from the protocol
ICMP (IP Protocol type 1) We will block access in the INGRESS direction on the CEinterface towards the PE
CE Routers Only
6 Create and describe the filter ip instance on the CE device
XXXgt configure filter ip-filter 77 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er $ description ldquoBlock ICMP to Customernetworkrdquo
7 Set the default-action to forward
XXXgtconf i ggtf i l t er gti p- f i l t er $ default-action forward crarr
8 Deny access to all host address range only for ICMP echo-requests Note We will
match in the ingress direction
XXXgtconf i ggtf i l t er gti p- f i l t er $ entry 10 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match dst-ip xxxxxxxxyy crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match protocol 1 icmp-type echo-
request crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ action drop crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ exit all crarr
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful _____Explain _____________________________________________________________________
_____________________________________________________________________
10 Apply the filter on the CE to the router interface connected to the PE device
XXXgt configure router interface toPEx crarr
XXX gtconf i ggtr out ergti f $ ingress filter ip 77 crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2552
25
11 From the PE ping the attached CErsquos configured host loopback address Successful _____
12 From the CE ping the attached PErsquos system IP addresses Successful _____Explain
_____________________________________________________________________
_____________________________________________________________________
PE Routers only Do not start until CE Router section is completed
13 Create and describe the filter ip instance on the PE device
XXXgt configure filter ip-filter 77 create crarr XXXgtconf i ggtf i l t er gti p- f i l t er $ description ldquoBlock ICMP to System
Addressrdquo
14 Set the default-action to forward
XXXgtconf i ggtf i l t er gti p- f i l t er $ default-action forward crarr
15 Deny access to the system IP address only for ICMP echo-requests Note We willmatch in the ingress direction so the packets will destined to the system IP address
XXXgtconf i ggtf i l t er gti p- f i l t er $ entry 10 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match dst-ip xxxxxxxxyy crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match protocol 1 icmp-type echo-
request crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ action drop crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ exit all crarr
16 Apply the filter to the router interface connected to the CE device
XXXgtconfigure router interface toCExcrarr
XXXgtingress filter ip 77 crarr
17 From the PE ping the attached CErsquos loopback host IP address Successful _____
18 From the CE ping the attached PErsquos system IP address Successful _____Explain
_____________________________________________________________________ _____________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2652
Lab 4 Open Shortest Path First (OSPF)
Section 41 ndash Single Area OSPF
Objective
In this exercise the student will configure a single area OSPF network for each ISP Thislab will demonstrate the different databases that are created by the OSPF routing
protocol
CE4R12
26
Figure 4 OSPF in each ISP
NOTE Remove all static routes configured in the P and PE devices in the previous
labs DO NOT remove the static routes to CE networks on the PE
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
OSPF
OSPF
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2752
27
1 The first step is to enable the OSPF routing process on the router
XXX configure router ospf crarr
2 Next define the area that the interfaces will be placed in Remember that the areamust match between routers connected on the same interface for OSPF to establish an
adjacency The objective of this exercise is to configure a single area OSPF network
therefore all students should use the same area number
XXXgtconf i ggtr outergtospf $ area 0 crarr
3 Now enter into this area all the interfaces that you want OSPF to operate on and sendout its advertisements In this case place all the PE and P router interfaces inside thelocal ISP into the OSPF process area 0 Note that ISPs rarely exchange routes witheach other using an IGP protocol of any sort
XXXgtconf i ggtr out er gtospf gtar ea$ interface system crarr
XXXgtconf i ggtr outergtospf gtar eagti f $ exit crarr XXXgtconf i ggtr outergtospf gtar eagt interface toPE1
XXXgtconf i ggtr out ergtospf gtareagti f $ interface-type point-to-point crarr
Continue until all the interfaces on the PE and P routers within the ISP are enteredinto the OSPF process in area 0
XXXgtshow r out er r out e- t abl e crarr
a How many routes in the table ________ b
_________________________________________________________________ _________________________________________________________________
_________________________________________________________________ _________________________________________________________________
What is the preference and metric value of each OSPF Route
4 Use the show command to look at the OSPF neighbors of the P routers
XXXgtshow r out er ospf nei ghbor crarr
a How many neighbors do you see on the P devices _____ PE _____ CE _____
b What is the state of their adjacency ____ Why
____________________________________________________________________
____________________________________________________________________
Use the following command to show the ospf link state database This database is alisting of all LSAs that have been received by the router It is these LSAs that the SPFalgorithm uses to create the forwarding table
XXX show router ospf database detail crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2852
28
a What types of LSAs are in the database _______________________________________________________________
_______________________________________________________________ b Is the database consistent on all the ISP routers _______
5 Once everyone has completed the OSPF configuration login to the P router and ping
the other PE router system interfaces
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________Which devices were not reachable ______________________________
Explain _____________________________________________________________________ ___________________________________________________________________
6 To reach the CE networks from any of the PE and P routers the CE networks need to
be distributed into OSPF running on PE and P routers The static routes to the CEnetworks are defined on the PE routers and need to be distributed on the PE routers
To do this
a
the PE router must be configured as an ASBR (Autonomous System Border
Router) The ASBR configuration under OSPF enables a router running the OSPFrouting protocol to distribute networks external to the OSPF domain into OSPFIn this case the static routes to the CE networks are not part of the ISP OSPF
domainOn the PE routerXXXgtconf i ggtr out er gtospf gtar ea 0 asbrcrarr
b A routing policy on the PE distributes the static routes into OSPF
On the PE routerXXX configure router policy-options crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons begin crarr XXXgtconf i ggtr out ergtpol i cy- opt i ons policy-statement Export_Routes crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement $ entry 10 crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y$
from protocol static crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y
action accept crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r ygtact i on
back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons commit crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons exit all crarr XXXgtconf i ggtr outergtospf export Export_Routes
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2952
29
7 From the PE and the P routers ping all the CE networks (ie ping the CE hostloopback address) within the ISP
Which devices were reachable _______________________________
Which devices were not reachable ______________________________Explain
_____________________________________________________________________
___________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3052
Lab 5 BGP Routing
Section 51 ndash BGP Routing
Objective
In this exercise the student will configure their ISP as a BGP Autonomous System The
student will then configure the BGP routing protocol to connect the Autonomous Systemstogether and exchange routing information
CE4R12
Figure 5 BGP between ISPs and within ISPs
30
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
OSPF
OSPF
BGP
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3152
31
1 Assign your AS number to your P and PE routers (R1-R8)
XXXgtconf i ggtr out er autonomous-system 6500n (n = ISP) crarr
2 P1 and P3 P2 and P4 will be configured as external BGP peers (eBGP) Note thateBGP peers typically use the next-hop interface IP address as the neighbor address
Since the ISPs will now be peering (share an IP network) between them assign the
link between P1 and P3 host addresses from 145001031 and the link between P2and P4 will be assigned hosts from the 145002031 network
XXXgtconf i ggtr out er bgp gr oup eBGP crarr
XXXgtconf i ggtr out er gtbgpgtgroup$ nei ghbor xxxxxxxx crarr
XXXgtconf i ggtr outergtbgpgtgroupgtnei ghbor$ peer - as ltremote ASgt crarr
3 P1 and P2 P3 and P4 will be configured as internal BGP peers (iBGP) Note that
iBGP peers typically use the system interface IP address as the neighbor address
XXXgtconf i ggtr out er bgp group i BGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ nei ghbor xx xx xx xx crarr
XXXgtconf i ggtr outergtbgpgtgroupgtnei ghbor$ peer - as ltl ocal ASgt crarr
4
At this point each P router should have one internal and one external BGP session
xxx show r out er bgp summar y crarr
5
We can see the advertised routes for reach neighbor using the following command
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
a How many routes are advertised to each neighbor _____ b Explain
____________________________________________________________ __________________________________________________________
6
BGP like other distance vector protocols requires an export policy to advertise-routes to other BGP peers The most accepted way to originate a route from an ISP isto create a black-hole static route for all aggregates to be advertised This will ensure
these routes always exit to eliminate IGP related route flapping Create the black-holestatic route for the aggregate of your local ISP A black hole indicates that traffic fora particular route will be discarded unless a more specific route exists in the routing
table A black hole static-route only makes sense from an aggregation view point Foreg if there are the following routes in the routing table
XXX configure router static-route xxxxxxxxyy black-hole
preference 250
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3252
32
8 Execute the following set of commands on the core routers (R1-R4) This will exportall static routes to the eBGP peers
XXX configure router policy-options crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons begin crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons policy-statement Export_Routes crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement $ entry 10 crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y$
from protocol static crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y
action accept crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r ygtact i on
back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons commit crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons exit all crarr
XXXconf i gur e router bgp group eBGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ expor t Expor t _Routes crarr
NOTE Wait for all nodes to be fully configured before proceeding
7
Notice that there are routes being advertised now that the policy is applied
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
How many routes are in the routing table of R1-R4 ________________Explain
_____________________________________________________________________ ___________________________________________________________________
9 Log on to the PE routers and ping the other P router system interfaces of the other ISP
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________Which devices were not reachable ______________________________
Explain _____________________________________________________________________
___________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3352
Lab 6 Services
Section 61 Services Framework
Objective
In order to complete the next group of labs we need to create a topology to support the
services we will deploy The two service providers from the previous sections havemerged into one and are offering a VPLS service across their network As long as routesexist to the system addresses of all the PE devices in the provider network a VPLSservice can be created The new service provider is running OSPF as the IGP for their
core network
33
Figure 6 Service Provider core network
CE4R12
P1R1 P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
OSPF
CE3R11
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3452
34
Running an IPMPLS-based service requires a Label Distribution Protocol (wersquoll useLDP for ease of deployment) and a full mesh of Service Distribution Paths (SDPs)
Follow the steps below
Reference Terminology
R1-R4 = Provider Routers = P1-P4
R5-R8 = Provider Edge Routers = PE1-PE4R9-R12 = Customer Edge Routers = CE1-CE4
Part 1 Provider Router Configuration (P1-P4)
1) In the previous lab routing between ISPs is provided by BGP Since the ISPs have
merged they will be merged into one routing domain running OSPF as their IGP
The interfaces between R1 and R3 and between R2 and R4 must be added to OSPF to
make this a single routing domain
2) The MPLS signaling protocol that will be used in the following section is LDP LDP
must be enabled on ALL interfaces that will be required to perform MPLS Label
exchange
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr
XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toP_ is the router interface to all neighboring routers
Part 2 Provider Edge Router Configuration (PE1-PE4)
1) LDP must be enabled on ALL router interfaces in the provider core to allow labels to
be exchanged across the Provider and Provider Edge routers
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toR_ is the router interface to the P and PE routers only
LDP is an MPLS signaling protocol therefore once all routers in the network have been
correctly configured for LDP LSPs will be created dynamically based on the systemaddresses of each node in the network
3) Configure a full mesh of SDPs (Service Distribution Paths) between the PE routers
only This will allow the distribution of services across all PE routers in the networks
When yoursquove completed this section each PE node will have a total of 3 SDPs to
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3552
35
each of the other 3 PEs The SDP is identified by an integer and we will use the router
number (5 6 7 or 8) of the far end PE to identify the SDP So PE1 (R5) will have 3
SDPs numbered 6 7 and 8 to each of the other three PEs
XXXgtconf i gure servi ce sdp x mpl s cr eat e crarr
XXXgtconf i ggtser vi cegtsdp$ f ar - end xxxxxxxxxxxx crarr
XXXgtconf i ggtser vi cegtsdp$ l dp crarr
XXXgtconf i ggtser vi cegtsdp$ no shut down crarr
Where x is the router number of the destination node
Where xxxxxxxxxxxx is the system IP address of the far-end device
Part 3 Customer Edge Router Configuration (CE1-CE4)
In the following service labs the Customer Edge devices will be configured as traditional
routers Each CE router has an interface in the same IP subnet The VPLS service will join these four routers in the same way an Ethernet switch would join them Thefollowing configuration is required on each CE device
1) Create the router interface on the interface connecting the CE to the service enabled
PE devices
XXXgtconf i gure r out er i nt er f ace ser vi cesCE_ crarr
XXXgtconf i ggtr out ergti f $ addr ess 192 168 1 x 24 crarr
XXXgtconf i ggtr out ergti f $ por t X Y Z crarr XXXgtconf i ggtr outergti f $ no shutdown
Where x is the local router number
Where XYZ is the physical network port connecting the CE to the neighboring
PE
2) Create OSPF area 0 and add the Router Interface created in step 1 and the system
interface to it
XXXgtconf i gur e rout er ospf area 0 crarr
XXXgtconf i ggtr out ergtospf gtarea$ i nter f ace syst emcrarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
XXXgtconf i ggtr out ergtospf gtarea i nter f ace servi ceCE1 crarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
Part 4 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3652
36
1) LDP is the protocol used for signaling which tunnel labels will be PUSHed
SWAPped POPped while data traverses the LSP To view which labels will be used
and their function use the following command
XXX show r out er l dp bi ndi ngs act i ve crarr
a How many PUSH actions on the P PE and CE devices
_______________________ Explain _______________________________________________________________
_______________________________________________________________
__________
b How many SWAP actions on the P PE and CE devices
_______________________ Explain
_______________________________________________________________
_______________________________________________________________
__________
c How many POP actions on the P PE and CE devices
_________________________ Explain
_______________________________________________________________ _______________________________________________________________
__________
2) CE Connectivity
a How many OSPF adjacencies are there on your CE device _____
b Ping the other CE devices in the network (ping 1921681x)
Explain the results ________________________________________________________________________ ________________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3752
Section 62 VPLS Example
Objective
A VPLS is a layer 2 service that can connect multiple sites in one LAN Itrsquos like creatinga virtual Switch out of a network of Service Routers In this lab we will create a VPLSacross all the PE nodes The PE devices will connect to each other with a full mesh using
mesh-sdp Note that after the service reference topology has been configured adding
services from edge to edge does not require any further modification of the P devices
37
Figure 6 VPLS service in each ISP between PE and P routers with SAP connections to CE routers
Part 1 Provider Edge Router Configuration (R5-R8)
1) Create the VPLS service
CE4R12
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
CE3R11
VPLS 1
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3852
38
XXXgtconf i gur e servi ce vpl s 1 cust omer 1 cr eat e crarr
XXXgtconf i ggtser vi cegtvpl s$ no shut down crarr
2) SDPs are used to distribute services across multiple service routers and therefore
bind a transport tunnel to the service You will need to create a mesh-sdp between
each PE router (R5-R8) to allow full communication across the PE routers Each PE
router should have 3 mesh-SDPs at the conclusion of this step Note that a mesh-sdp
will not forward a frame out another mesh-sdp allowing for a loop free service
topology within the core
XXXgtconf i gur e ser vi ce vpl s 1 mesh- sdp x create crarr
XXXgtconf i ggtser vi cegtvpl sgtmesh- sdp$ back crarr
Where x is the sdp to the other PE routers (R5=5 R6=6 R7=7 R8=8)
3) Service Access Points are used to attach CE devices to services on PE devices
XXXgtconf i gur e servi ce vpl s 1 sap X Y Z cr eat e crarr
Where XYZ is the physical port connecting the CE device to the PE
a Were you successful at adding the SAP _______
b Explain
_______________________________________________________________
_______________________________________________________________
c Correct the problem
XXXgtconf i gur e port X Y Z shut down crarr
XXXgtconf i gur e por t X Y Z et her net mode access crarr
XXXgtconf i gur e por t X Y X no shut down crarr
Part2 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
a View the in-use Service LDP bindings on the P and PE routers (U after label
indicates in-use)
XXX show r out er l dp bi ndi ngs f ec- t ype ser vi ces crarr
a How many Ingress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3952
39
b How many Egress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
b Network Connectivity
a How many OSPF adjacencies are there on your CE device _____
b
Are you able to ping the other CE devices in the lab _____c Are you able to ping the system IP address of the P device from the CE
device ____
d Explain the results
_______________________________________________________________
_______________________________________________________________
c Services Use the following command to determine the health of your services
XXXgt show ser vi ce servi ce- usi ng crarr
a How many services are there on each device in your POD ______
b
What is their status ______c Use the following command to find out more information about your service
XXXgt show ser vi ce i d 1 base crarr
d On each PE device we can see the MAC database per service using the
following command
XXXgt show ser vi ce i d 1 f db det ai l crarr
i How many local MAC addresses are in your table ____
ii How many remote MAC addresses are in your table ____
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
XXXgtconf i gur e servi ce sdp x shutdown crarr
Where x is the SDP to the remote PE device (R5=5 R6=6 R7=7 R8=8)
i How many OSPF adjacencies are there on your CE device _____
ii Ping the system IP addresses of all other CE devices in the lab
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4052
40
iii Explain the results
_________________________________________________________
_________________________________________________________
f On the P routers observe the impact of step d
XXXgtshow r out er l dp bi ndi ngs act i ve crarr
i
How many labels are there _____________
ii Is there any difference compared to what was seen in previously in
step a ________________
Explain __________________________________________________________________
__________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4152
41
Solutions
Exercise 13 Hardware
Sample Relevant Config--------------------------------------------------
echo Card Configuration--------------------------------------------------
card 1card-type iom-20g
mda 1
mda-type m60-10100eth-tx
ingress
mcast-path-managementshutdown
exit
exit
exit
exit
--------------------------------------------------
Exercise 14 Logs
Sample Relevant Config--------------------------------------------------echo Log Configuration
--------------------------------------------------
log
log-id 21
description Main stream log
from main
to memoryexit
log-id 22
description Security Log File
from security
to memoryexitlog-id 23
description Debug-trace
from debug-trace
to memoryexit
log-id 24
description Change Log
from change
to memoryexit
exit
Exercise 21
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4252
42
Divide up the ISP address space into equal space 512 host addresses
13812016022
13812020022
13812024022
13812028022 - divide into 13812028023 and 13812030023
Take the last 13812030023 and divide that into
13812030027 A1 30 hosts
138120303227 A2 62 hosts
138120306427
138120309627 B1 92 hosts
1381203012826
1381203019226 B2 316 hosts
13812031024
Exercise 22
Divide 140100024 into 827 address spaces
140100027 Reserved Reserved
1401003227 Unused
1401006427 Unused
1401009627 Split 1401009630
14010010030
14010010430
14010010830
14010011230
14010011630
14010012030
14010012430
All interface addresses
14010012827 Aggregate 14010012826 Assigned to Customer
space
14010016027
14010019227 Aggregate 14010019226 Assigned to customer
space
14010022427
Exercise 23
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4352
43
5 Is there a difference between the outputs of the lsquoshow router interfacersquo command
and the lsquoshow router route-tablersquo command What is the difference
Yes there is a difference The route table shows me the networks that are connected to myrouter and the logical interface it is connected to The router interface command shows
me the host address assigned to the port from the network that is used on my router along
with the physical port it is bound to
Relevant Configuration from P1
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
router
interface system
address 140100132
exit
interface t-R2exit
interface to-R2
address 140100530
port 112exit
interface to-R3
address 14010010930
port 113
exitinterface to-R5
address 14010011830
port 111
exit
exit
Exercise 244 How many ARP entries are on each router at this point
There are no ARP entries in my ARP table at this point The routers do not know how to
reach the system addresses of other routers so no ARP responses are received
5 How many ARP entries are on each router at this point
I see entries for each of my directly connected peers The MAC address belongs to the
remote routerrsquos interface ARP entries are populated because all routers know of theirdirectly connected networks and will respond to ARP requests accordingly
Exercise 31
5 View the contents of the routing table and answer the following questions
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4452
44
a How many routes in the table
There are routes for all my connected networks and an additional STATIC routefor each entry I put in
b What is the preference and metric value of each type of routing entry
The LOCAL entries have a Metric and Preference of 0The Static Routes have a Metric of 1 and a Preference of 5
Exercise 323 How many routes are there in the PPE routerrsquos routing table
Even though I entered 4 static routes total on the router only 2 are active in myrouting table The router preferred the static-route with the lowest metric
4 Which devices were reachable
I was able to ping the CE routers
Which devices were not reachable
I was unable to ping the System addresses of routers 2 hops away as they do not have
routes to the remote CE system address in their table The directly attached PE routerhas a staticroute to the local CE system address from a previous step
What is the PATH to the other CE within your local ISP
CE PE PE CE
5
Shut down the link directly between the PE devices
Which Devices are still reachable
I am still able to PING the other CE in my ISP by using the alternate (floating) static-route that replaced the last route Once a interface goes operationally down routers
flush routes from their routing table that use it as their next-hop
Exercise 33
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4552
45
YES While the filter is created it is not applied to any interface yet
11 From the PE ping the attached CErsquos configured host loopback address
SuccessfulYES
12 From the CE ping the attached PErsquos system IP addresses
Successful NO The filter is blocking icmp echo-requests in only one direction therefore ping
works one way but not the other
17 From the PE ping the attached CErsquos loopback host IP address
Successful
YES ICMP echo-requests are not blocked to the Loopback segment ONLY thesystem IP
18 From the CE ping the attached PErsquos system IP address
Successful
NO The filter is now blocking ICMP echo-requests to both CE and PE systemaddresses
Sample PE Relevant Config
--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forwarddescription Block ICMP to System Address
entry 10 create
match protocol icmpdst-ip 1511003032
icmp-type echo-request
exit
action drop
exit
exitexit
--------------------------------------------------
echo Router (Network Side) Configuration
--------------------------------------------------
interface to-R12
address 15110012630 port 112
ingress filter ip 77
exit
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4652
46
Sample CE Relevant Config--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forward
description Block ICMP to System Addy
entry 10 creatematch protocol icmp
dst-ip 1511003132
icmp-type echo-request
exit
action dropexit
exit
exit
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
interface to-R8
address 15110012530
port 112ingress filter ip 77
exit
Exercise 413
c How many routes in the table
There are 5 OSPF routes in my routing table 3 System Addresses and 2 Intefacenetworks that are not directly connected to my local system
d What is the preference and metric value of each OSPF Route
The OSPF routes vary in metric depending how ldquofarrdquo away they are (OSPF usescumulative cost based on bandwidth) but all have a preference of 10
4c How many neighbors do you see on the P devices 2
PE 2
CE 0
d What is the state of their adjacency
The P and PE adjacencies are Established because there is a OSPF speaker on the
other end with the proper parameters configured
There is no OSPF adjacency to the CE router listed as none was configured
e What type of LSAs are in the database
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4752
47
Only Type 1 Router LSA are present due to the interface being configured as point-
to-point
5 Which devices were reachable
All the devices in the local ISP were now reachable
Which devices were not reachable
The devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs Also none of the CE Host Networks were reachable as therouters did not have routes for these networks in their local routing table
6 Which devices were reachable
All networks and devices in the local ISP are now reachable
Which devices were not reachable
Devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs
Sample Relevant Config
--------------------------------------------------
echo OSPFv2 Configuration
--------------------------------------------------
ospf
area 0000interface system
interface-type point-to-point
exit
interface to-R4interface-type point-to-point
exitinterface toLAN
interface-type point-to-point
exitexit
exit
exit
Exercise 515 How many routes are advertised to each neighbor
There are no routes advertised to the neighbors because BGP does not originateroutes until an export policy is created and applied to the BGP instance
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4852
48
8 How many routes are in the routing table of R1-R4
There is 1 BGP route in each of R1-R4s routing tables matching the best path tothe aggregate advertised by the remote ISPs
9 Which devices were reachable
From the PE routers only the P routers in the local ISP were reachable
Which devices were not reachable
All routers in the remote ISP were still unreachable This is due to the local PE router
not participating in the BGP routing protocol and therefore it is not aware of theaggregate route advertised from P to P router
Sample Relevant Router Config
--------------------------------------------------
echo Static Route Configuration
--------------------------------------------------
static-route 140100024 black-hole--------------------------------------------------
echo Policy Configuration
-------------------------------------------------- policy-options
begin
policy-statement Export_Routes
entry 10
from protocol static
exit
action accept
exit
exit
exit
commitexit
--------------------------------------------------
echo BGP Configuration
--------------------------------------------------
bgpgroup eBGP
export Export_Routes
exit
group ebgpneighbor 1601006
peer-as 65002
exit
exitgroup ibgp
neighbor 1401002
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4952
49
peer-as 65001
exit
exit
exit
exit
Exercise 61Part 4 Verification
1 a How many PUSH actions on the P PE and CE devices
There are 7 PUSH operations on each P and PE device There are no PUSHoperations on the CE as it is not running LDP
b How many SWAP actions on the P PE and CE devices
There are 7 SWAP operations on each P and PE device There are no SWAP
operations on the CE as it is not running LDP
c How many POP actions on the P PE and CE devices
There is 1 POP operation on each P and PE device There are no POP operationson the CE device as it is not running LDP
2
a How many OSPF adjacencies are there on your CE device
None
b Ping the other CE devices in the network (ping 1921681x)
Nothing is reachable because there is no layer 2 connectivity from CE to CE
device without creating a service
Exercise 62 3 Were you successful at adding the SAP
No The port must be in access mode before you can create a SAP on it
Part 2 Verification
1
g How many Ingress labels
There are now 3 Ingress labels on the PE devices The P and CE device has no
service labels
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5052
50
h How many SWAP actions
There are now 3 Egress labels on the PE devices The P and CE device has noservice labels
2
a
How many OSPF adjacencies are there on your CE device3
b Are you able to ping the other CE devices in the lab
YES
c Are you able to ping the system IP address of the P device from the CE
device
NO The O and PE devices are private from the service to which the CEdevices are connected on
3
a How many services are there on each device in your POD
1 per PE only
b What is their status
Operationally UP
d On each PE device we can see the MAC database per service using the
following command
iii How many local MAC addresses are in your table
1
iv How many remote MAC addresses are in your table
3
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
i How many OSPF adjacencies are there on your CE device
1
ii Ping the system IP addresses of all other CE devices in the lab
Only the CE device connected to the diagonally connected PE isreachable because it is the only one with an active SDP in both
directionsf
i How many labels are there
Same as before
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5152
51
ii Is there any difference compared to what was seen in previously
in step a
NO The LSPs created with LDP are still active only the SDP usedto bind the LSPs to the service are shut down therefore no labelswill be withdrawn
Sample PE Relevant Configuration
--------------------------------------------------echo LDP Configuration
--------------------------------------------------
ldpinterface-parameters
interface to-R1
exit
interface to-R6
exit
interface to-R5exit
exit
targeted-session
exit
exitexit
--------------------------------------------------
echo Service Configuration
--------------------------------------------------
service
customer 1 createdescription Default customer
exit
sdp 6 mpls createfar-end 1401006
ldp
keep-alive
shutdown
exit
no shutdown
exitsdp 7 mpls create
far-end 1511001
ldp
keep-alive
shutdownexit
no shutdown
exit
sdp 8 mpls create
far-end 15110030
ldpkeep-alive
shutdown
exit
no shutdown
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5252
52
exit
vpls 612 customer 1 create
stp
shutdown
exitsap 112 create
exit
mesh-sdp 6612 create
mesh-sdp 7612 create
mesh-sdp 8612 createexitno shutdown
exit
exit A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 852
8
Section 14 ndash Logs
Objective
In this exercise the student will configure log-ids and verify their operation The studentwill then set up a relationship within the log-id to identify the source of the information
(the logger) and the destination of the information that they wish to capture
1 Create a Log ID and associate the Log to memory
RX configure log log-id 21 crarr ( t he r ange i s 1- 100 however 99 100 ar er eserved)
RXgtconf i gur egtl oggtl og- i d$ description ldquoMain Stream Logrdquo crarr
RXgtconf i gur egtl oggtl og- i d$ from main crarr (This is the source of the information
that you wish to capture)
RXgtconf i gur egtl oggtl og- i d$ to memory crarr (This is the destination)
RXgtconf i gur egtl oggtl og- i d$ info detail crarr
RXgtconf i gur egtl oggtl og- i d$ exit crarr
RX show log log-id 21 crarr
2 Using the same configuration steps that you have just completed for step 1 repeat the process to configure three other log files using the following parameters
Description Security Log FileLog ndashid 22Log Source security
Destination memory
Description Debug-Trace
Log-id 23Log Source debug-trace
Destination session
Description Change LogLog-id 24
Log Source changeDestination memory
3 Verify the log files configuration and output
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 952
9
a Observe the log file configuration
RX configure log crarr
RXgtconf i gur egtl oggt info crarr
b Observe the security log
To test the security logging open another session to the same router that you arelogged into Try logging in to the router using a wrong loginpassword
On the active session now execute a
RX show log log-id 22 crarr
Observe the failed login attempts
c Observe the Change log
RX show log log-id 24 crarr
Observe all the events in the change log What kind of events are logged here
d
Observe the Debug log Note This will be viewed when debug events are turned up in succeeding labs
e Observe the Main log
RX configure port 115 no shut crarr
RX exit crarr
RX show log log-id 21 crarr
RX configure port 115 shut crarr
f Logout from the active session and now type a
RX config log crarr
RX info crarr
Compare the output of the info command to the output obtained at the beginning of thisstep Is there a difference and why
4 Configuring and viewing alarms
Alarms on the 7x50 are not directly displayed Two log files (log id 99 and log id 100)
are configured automatically on startup to capture alarm events for layer 1 and layer 2
To view these alarms execute
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1052
10
RXgt show log log-id 99
RXgt show log log-id 100
Appropriate parameters can be used in order to display specific information
5
Save your configs
RXgt admin save
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1152
Lab 2 IP Addressing and Routing
Section 21 - ISP addressing with Enterprise Customers
Objective
In this exercise the student will design and implement an IP network addressing scheme
to support the communications between the routers as shown in the diagram below Thisis a paper exercise
Ent A1
30 hosts
Ent B2
300 hosts
11
Figure 1 Two Enterprises linked to a common ISP
Ent B1
90 hosts
Ent A2
60 hosts
ISP
Formatted Portuguese (Braz
Formatted Font (Default) TiNew Roman 12 pt Not Bold Fcolor Auto Portuguese (Brazil
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1252
12
Two enterprises A and B are connected to a central Tier 2 ISP A1 and A2 are two ofEnterprise Arsquos locations connected to the Tier 2 ISP and B1 and B2 are two of
Enterprise Brsquos locations connected to the same Tier 2
The ISP has a public IP addressing space of 13812016020 The Enterprises A and Blease their IP addressing from their ISP Enterprise A requires an IP addressing scheme
that can scale to at most 30 nodes in location A1 and 60 nodes in location A2 The
Enterprise B requires an IP addressing scheme with at most 90 nodes in location B1 andless than 300 nodes in location B2 The ISP can only lease 500 IP addresses (among thetwo enterprises) and will utilize the last part of its assigned sub-network to both theenterprises
Your tasks are to1) Extract a 500 host sub-network from the last part of the ISP IP network address of
13812016020
2) Divide the resulting sub-network into unequal sub-networks satisfying all the siterequirements for each of the enterprise locations Note The sub-networksassigned to each location do not have to be a single aggregate block so long asthey satisfy the number of addresses required
3) Wherever possible optimize address spaces among Enterprise locations
Hint Divide the assigned ISP IP sub-network into equal blocks satisfying the smallest
requirement and then combine the smaller blocks into aggregate or non aggregate
blocks
Entity Number of Host Addresses
IP Network
ISP Network 4094 13812016020
Subnetwork Assigned toEnterprise A and B
510
Enterprise A
Location A1
Location A2
Enterprise B
Location B1
Location B2
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1352
Section 22 ndash ISP addressing with P PE and CE routers
Objective
In this exercise the student will design and implement an IP network addressing scheme
to support the communications between the routers as shown in the diagram below TheIP addressing schema will be used further in the subsequent lab exercises
Figure 2 Two ISPS
There are two ISPs shown in the above diagram ISP 1 consists of routers P1 P2 PE5and PE6 ISP 2 consists of routers P3 P4 PE3 and PE4
P1 and P2 P3 and P4 are considered provider routers and serve as transit points to other
provider routers PE1 and PE2 PE3 and PE4 are provider edge routers and connect to theISP customers These routers provide Internet and other network access to the ISP
customers
13
CE4R12
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1452
14
CE 1 and CE2 are customer edge routers that represent customers of ISP 1 CE3 and CE4are routers that represent customers of ISP2 These routers provide traffic from the ISP to
the various customer entities
Each ISP is assigned the following public address space by IANA
ISP 1 140100024
ISP 2 150100024
Your task is to design an IP sub-network based on the address space provided and assignthe sub networks to the various routers based on the following requirements which are the
same for both ISPs Note All students assigned to each of the ISP must collaboratetogether
Requirements
1 The first 32 addresses in the assigned IP space for both ISPs are reserved for system
and other internal loopback addresses on the P PE Each of the routers in the ISP andwill require a system address from this block
2
The next 64 addresses in the assigned IP space for both ISPs are reserved for futureuse
3 All customer routers on both ISPs are connected to at most 60 hosts So each ISP
needs to assign two 60 host addressing schemes to represent all the customers4 All inter router links including CE-PE router links within each ISP are point to point
links however for the sake of convenience they should be assigned lsquo30rsquo based
addresses
5 ISP 1 and ISP2 provider routers are physically connected to each other but are not peering to each other
Enter the addresses in the table below
ISP Number 1 Router Port Interface name IP Address
PE1 System
toP1
toPE2
toCE1
P1 System
toP3 Not used
toP2
toPE1
PE2 System
toP2
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1552
15
toPE1
toP1
P2 System
toPE2
toP4 Not used
toP1
CE1 System Not used
toPE1
Aggregate
CE2 System Not used
toPE2
Aggregate
ISP Number 2 Router Port Interface name IP Address
PE3 System
toP3
toPE4
toCE3
P3 SystemtoP1 Not used
toP4
toPE3
PE4 System
toP4
toPE3
toCE4
P4 System
toPE4
toP3
toP2 Not used
CE3 System Not usedtoPE3
Aggregate
CE4 System Not used
toPE4
Aggregate
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1652
16
Section 23 ndash Layer 3 Interfaces
Objective
In this exercise the student will configure the layer 3 interfaces as per the IP addressing
scheme listed in the tables in the previous exercise
1 Using the following command take a look at any existing interfaces on the router
Notice that the system interface is already created This interface exists by defaultand cannot be removed The only requirement is to assign the system interface with
an IP address The system interface will be automatically used by the various routing protocols as the router-id
XXXgtshow router interface crarr
2 Assign the IP address to the system interface as per the above table on the PE and Prouters
XXXgtconf i ggtrouter crarr XXXgtconf i ggtr outer interface system crarr
XXXgtconf i ggtr out ergti f address xxxxxxxxxxxx 32 crarr
XXXgtconf i ggtr out ergti f exit crarr
3 Assign the IP addresses to the rest of the interfaces on the CE PE and P routers Thedifference between these interfaces and the system interface is the fact that the non-
system interfaces require the addition of a physical port
a The system interface being a loopback or virtual interface does not have a
physical port assigned to it b Other non-system interfaces can also be created as loopback interfaces (as
shown below) and also not required the addition of a physical port However
they need to be explicitly configured as a loopback interfaces by specifyingthe command ldquoloopbackrdquo
c The customer networks on the CE router can be specified as a loopback
interface for the purpose of aggregation however on the loopback interface asingle host address in the customer network needs to be defined
Interface Type Name Loopback Subnet Mask Port Config
Normal ldquoAny Stringrdquo No 8-31 Required
System system Implicit 32 None
Loopback ldquoAny Stringrdquo Explicit 8-31 loopback
XXXgtconf i ggtr outer interface Hosts crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1752
17
XXXgtconf i ggtr out ergti f $ address xxxxxxxxxxxxyy crarr XXXgtconf i ggtr out ergti f $ loopback
XXXgtconf i ggtr out ergti f $ exitcrarr
4 Continue until all the interfaces have been assigned an IP address and the interface
has been associated to the correct port Once completed use the show command tosee the status of the router interfaces that have just been created The administrative
and operational status should both be up If an interface shows operationally downthis could be indicative of a physical problem Use the info command to view theconfiguration of the router interfaces to ensure that they have all (with the exception
of the System interface) been associated with a port
XXXgtshow router interface crarr
XXXgtconf i ggtroutercrarr
XXXgtconf i ggtr outer info crarr
5 Using the show command check the route tables of all the CE PE and P routers inyour ISP Notice the routes that now appear in the route table and take note of their
protocol type The PE routers should see 4 routes in the route table while the Prouters should see 4 routes in the route table
XXXgtshow router route-table crarr
Is there a difference between the outputs of the lsquoshow router interfacersquo command andthe lsquoshow router route-tablersquo command What is the difference
__________
6 Using the ping command check connectivity from a router to the distant end of each
of its interfaces to the neighboring routers For example on the PE routers check theconnectivity to the distant end of the interface connecting it to the P router and on theCE router check the connectivity to the PE router
XXXgt ping xxxxxxxxxxxx crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1852
18
Section 24 ndash Testing for ICMP and ARP
Internet control messaging protocol is an IP protocol used to report on errors deliveringan IP datagram When a destination address is unreachable the router that cannot find the
destination sends an ICMP destination unreachable to the source of the IP datagram ARPis a mechanism used to find out the MAC address corresponding to a specific IP address
if one does not exist in the sourcersquos ARP cache
1 To verify ICMP messages are being generated turn on debug for ICMP packets on allcore routers To turn debug icmp on
XXXgt debug router ip icmp
2 From the edge devices attempt to ping the IP address of the far-end interface to your
core router using your edgersquos system interface address as the source address Observethe debug ICMP messages on the core routers
3 To verify ARP operation by the router turn on debug IP ARP on the routers in any
ISP (P1-P2 P3-P4 PE1 and PE2 PE3 and PE4) routers Execute the followingcommand on each of the routers
XXXgt debug router ip no icmp
XXXgt debug router ip arp
XXXgt clear router arp all
XXXgt show router arp (This should be empty now)
4 NOTE Wait until all students are at this point before proceeding
From any PE router attempt to ping the system interface IP address of all the other
directly connected routers Observe the debug ARP message Verify the ARP entryfor the neighboring interface has been added
XXXgt show router arp
How many ARP entries are on each router at this point __________
5 From any P router attempt to ping the network interface IP address of all the otherconnected routers Observe the debug ARP message Verify the ARP entry for theneighboring interface has been added
XXXgt show router arp
How many ARP entries are on each router at this point __________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1952
19
Explain ________________________________________________________________________
________________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2052
Lab 3 Dynamic IP Routing
Section 31 ndash Static Routes
Objective
In this exercise the student will configure a static route from the PE to the P router andfrom the P router to the PE router that will allow both routers to ping the system interface
of each other At this point the operator can only ping the interfaces that are directlyconnected to the router This is because those are the only networks that are known bythe router Should the operator at the PE router attempt to ping the system interface of
the P router it will fail as the PE router has no route to the destination (it is not shown inthe route-table)
1 The first step is to define the network that the operator wishes to reach In this case itwill be the address of the system interface of the distant router Once that is defined
then the router must be informed of which interface to send the information out of toreach the distant network Note when defining the ldquonext-hoprdquo interface informationthe IP address used is the distant IP address of the interface not the local IP address of
the router interface Log in to the PE router and configure a static route using thefollowing command structure The first IP address defined is the destination network
plus mask In this case it is the system interface of the P router The second IPaddress defined is the IP address of the P end of the interface that connects the P tothe PE
XXXgtconfigure router static-route xxxxxxxxyy next-hopxxxxxxxx
2 The next step is to log on to the P routers and configure a static route to the systeminterface of the PE router The command structure is the same as above The onlything that will change is the IP addresses
3
Once completed verify connectivity between the P and PE routers in your pod by pinging the system interface of the other router
XXXgt ping xxxxxxxxxxxx crarr
4 View the contents of the routing table and answer the following questions
XXXgtshow r out er r out e- t abl e crarr
a How many routes in the table ________
b What is the preference and metric value of each type of routing entry
________________________________________________________________________
________________________________________________________________________
___________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2152
Section 32 ndash Default Routes and Router Logicction 32 ndash Default Routes and Router Logic
ObjectiveObjective
In this exercise the student will configure a default route on the Customer Edge CE
router The purpose of this default route is to allow IP connectivity from the CE router tothe rest of the routers in the network This is possible due to the fact that the CE router
has only one interface towards the ISP core Therefore if the destination is not local itmust be out that interface
In this exercise the student will configure a default route on the Customer Edge CE
router The purpose of this default route is to allow IP connectivity from the CE router tothe rest of the routers in the network This is possible due to the fact that the CE router
has only one interface towards the ISP core Therefore if the destination is not local itmust be out that interface
Figure 3 Static routes CE to PE and P PE to CEFigure 3 Static routes CE to PE and P PE to CE
21
CE4R12CE4R12
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
Static Route T e 2
Static Route T e 3
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2252
22
For this exercise the CE devices will configure default routes towards theirconnected PE router Each P and PE router will configure static routes for the CE
networks (the aggregate networks that were created as part of the subnetwork exercisein Section 22) connected to their local ISP For example P1 and PE1 will eachconfigure a static route to CE1 networks and another static route to the CE2 networks
Note that each P and PE router will configure 2 static routes for each CE
1 To configure a default route is to configure a static route The only difference is thedestination network and mask information In a default route the wild card network
and mask is used to match all network prefix values that do not match anything elsein the route-table Use the following configuration on the edge router of your pod
For the next hop use the interface as defined on the previous page
XXXgtconfigure router static-route 00000 next-hop xxxxxxxx crarr
2 Log on to the core (P and PE) routers and configure static routes for each CE
customer network address of the CE routers in your local ISP For each networkthere are 2 paths through your ISP For this exercise you will enter both static routes
into each PPE router The difference will be the metric value that is used The valueof the metric is the total number of routers (including the local router) traversed toreach the destination device
XXXgtconfigure router static-route xxxxxxxxyy next-hop
xxxxxxxx met r i c zcrarr
3 Use the show command to verify the existence of the default and static routes
XXXgtshow router route-table crarr
How many routes are there in the PPE routerrsquos routing table _______
Explain
_____________________________________________________________________ _____________________________________________________________________
4 Once everyone has completed the default route configuration log on to the CE router
and ping and traceroute the various system interfaces of the various routers within thenetwork Log into the P and PE router and try to ping the configured host address on both the CE routers in the ISP
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________
Which devices were not reachable ______________________________
XXXgttraceroute xxxxxxxxxxxx crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2352
23
What path is being taken to the other CE within your local ISP ____________________________________________________________________
5 Shut down the link directly between the PE devices
XXXgtconfigure port XYZ shutdown crarr
Which devices are still reachable _______________________________
Explain _____________________________________________________________________
_____________________________________________________________________A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2452
24
Section 33 ndash IP Filters
Objective
In this exercise the student will configure an IP filter on the routers to block ICMP echo-
request access to an IP address range
To configure an IP filter we must first determine the address and protocol types that we
will be allowing access to and the direction where the filter will be applied In this casewe will be blocking access to any of the CE customer host addresses from the protocol
ICMP (IP Protocol type 1) We will block access in the INGRESS direction on the CEinterface towards the PE
CE Routers Only
6 Create and describe the filter ip instance on the CE device
XXXgt configure filter ip-filter 77 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er $ description ldquoBlock ICMP to Customernetworkrdquo
7 Set the default-action to forward
XXXgtconf i ggtf i l t er gti p- f i l t er $ default-action forward crarr
8 Deny access to all host address range only for ICMP echo-requests Note We will
match in the ingress direction
XXXgtconf i ggtf i l t er gti p- f i l t er $ entry 10 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match dst-ip xxxxxxxxyy crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match protocol 1 icmp-type echo-
request crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ action drop crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ exit all crarr
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful _____Explain _____________________________________________________________________
_____________________________________________________________________
10 Apply the filter on the CE to the router interface connected to the PE device
XXXgt configure router interface toPEx crarr
XXX gtconf i ggtr out ergti f $ ingress filter ip 77 crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2552
25
11 From the PE ping the attached CErsquos configured host loopback address Successful _____
12 From the CE ping the attached PErsquos system IP addresses Successful _____Explain
_____________________________________________________________________
_____________________________________________________________________
PE Routers only Do not start until CE Router section is completed
13 Create and describe the filter ip instance on the PE device
XXXgt configure filter ip-filter 77 create crarr XXXgtconf i ggtf i l t er gti p- f i l t er $ description ldquoBlock ICMP to System
Addressrdquo
14 Set the default-action to forward
XXXgtconf i ggtf i l t er gti p- f i l t er $ default-action forward crarr
15 Deny access to the system IP address only for ICMP echo-requests Note We willmatch in the ingress direction so the packets will destined to the system IP address
XXXgtconf i ggtf i l t er gti p- f i l t er $ entry 10 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match dst-ip xxxxxxxxyy crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match protocol 1 icmp-type echo-
request crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ action drop crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ exit all crarr
16 Apply the filter to the router interface connected to the CE device
XXXgtconfigure router interface toCExcrarr
XXXgtingress filter ip 77 crarr
17 From the PE ping the attached CErsquos loopback host IP address Successful _____
18 From the CE ping the attached PErsquos system IP address Successful _____Explain
_____________________________________________________________________ _____________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2652
Lab 4 Open Shortest Path First (OSPF)
Section 41 ndash Single Area OSPF
Objective
In this exercise the student will configure a single area OSPF network for each ISP Thislab will demonstrate the different databases that are created by the OSPF routing
protocol
CE4R12
26
Figure 4 OSPF in each ISP
NOTE Remove all static routes configured in the P and PE devices in the previous
labs DO NOT remove the static routes to CE networks on the PE
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
OSPF
OSPF
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2752
27
1 The first step is to enable the OSPF routing process on the router
XXX configure router ospf crarr
2 Next define the area that the interfaces will be placed in Remember that the areamust match between routers connected on the same interface for OSPF to establish an
adjacency The objective of this exercise is to configure a single area OSPF network
therefore all students should use the same area number
XXXgtconf i ggtr outergtospf $ area 0 crarr
3 Now enter into this area all the interfaces that you want OSPF to operate on and sendout its advertisements In this case place all the PE and P router interfaces inside thelocal ISP into the OSPF process area 0 Note that ISPs rarely exchange routes witheach other using an IGP protocol of any sort
XXXgtconf i ggtr out er gtospf gtar ea$ interface system crarr
XXXgtconf i ggtr outergtospf gtar eagti f $ exit crarr XXXgtconf i ggtr outergtospf gtar eagt interface toPE1
XXXgtconf i ggtr out ergtospf gtareagti f $ interface-type point-to-point crarr
Continue until all the interfaces on the PE and P routers within the ISP are enteredinto the OSPF process in area 0
XXXgtshow r out er r out e- t abl e crarr
a How many routes in the table ________ b
_________________________________________________________________ _________________________________________________________________
_________________________________________________________________ _________________________________________________________________
What is the preference and metric value of each OSPF Route
4 Use the show command to look at the OSPF neighbors of the P routers
XXXgtshow r out er ospf nei ghbor crarr
a How many neighbors do you see on the P devices _____ PE _____ CE _____
b What is the state of their adjacency ____ Why
____________________________________________________________________
____________________________________________________________________
Use the following command to show the ospf link state database This database is alisting of all LSAs that have been received by the router It is these LSAs that the SPFalgorithm uses to create the forwarding table
XXX show router ospf database detail crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2852
28
a What types of LSAs are in the database _______________________________________________________________
_______________________________________________________________ b Is the database consistent on all the ISP routers _______
5 Once everyone has completed the OSPF configuration login to the P router and ping
the other PE router system interfaces
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________Which devices were not reachable ______________________________
Explain _____________________________________________________________________ ___________________________________________________________________
6 To reach the CE networks from any of the PE and P routers the CE networks need to
be distributed into OSPF running on PE and P routers The static routes to the CEnetworks are defined on the PE routers and need to be distributed on the PE routers
To do this
a
the PE router must be configured as an ASBR (Autonomous System Border
Router) The ASBR configuration under OSPF enables a router running the OSPFrouting protocol to distribute networks external to the OSPF domain into OSPFIn this case the static routes to the CE networks are not part of the ISP OSPF
domainOn the PE routerXXXgtconf i ggtr out er gtospf gtar ea 0 asbrcrarr
b A routing policy on the PE distributes the static routes into OSPF
On the PE routerXXX configure router policy-options crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons begin crarr XXXgtconf i ggtr out ergtpol i cy- opt i ons policy-statement Export_Routes crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement $ entry 10 crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y$
from protocol static crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y
action accept crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r ygtact i on
back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons commit crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons exit all crarr XXXgtconf i ggtr outergtospf export Export_Routes
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2952
29
7 From the PE and the P routers ping all the CE networks (ie ping the CE hostloopback address) within the ISP
Which devices were reachable _______________________________
Which devices were not reachable ______________________________Explain
_____________________________________________________________________
___________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3052
Lab 5 BGP Routing
Section 51 ndash BGP Routing
Objective
In this exercise the student will configure their ISP as a BGP Autonomous System The
student will then configure the BGP routing protocol to connect the Autonomous Systemstogether and exchange routing information
CE4R12
Figure 5 BGP between ISPs and within ISPs
30
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
OSPF
OSPF
BGP
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3152
31
1 Assign your AS number to your P and PE routers (R1-R8)
XXXgtconf i ggtr out er autonomous-system 6500n (n = ISP) crarr
2 P1 and P3 P2 and P4 will be configured as external BGP peers (eBGP) Note thateBGP peers typically use the next-hop interface IP address as the neighbor address
Since the ISPs will now be peering (share an IP network) between them assign the
link between P1 and P3 host addresses from 145001031 and the link between P2and P4 will be assigned hosts from the 145002031 network
XXXgtconf i ggtr out er bgp gr oup eBGP crarr
XXXgtconf i ggtr out er gtbgpgtgroup$ nei ghbor xxxxxxxx crarr
XXXgtconf i ggtr outergtbgpgtgroupgtnei ghbor$ peer - as ltremote ASgt crarr
3 P1 and P2 P3 and P4 will be configured as internal BGP peers (iBGP) Note that
iBGP peers typically use the system interface IP address as the neighbor address
XXXgtconf i ggtr out er bgp group i BGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ nei ghbor xx xx xx xx crarr
XXXgtconf i ggtr outergtbgpgtgroupgtnei ghbor$ peer - as ltl ocal ASgt crarr
4
At this point each P router should have one internal and one external BGP session
xxx show r out er bgp summar y crarr
5
We can see the advertised routes for reach neighbor using the following command
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
a How many routes are advertised to each neighbor _____ b Explain
____________________________________________________________ __________________________________________________________
6
BGP like other distance vector protocols requires an export policy to advertise-routes to other BGP peers The most accepted way to originate a route from an ISP isto create a black-hole static route for all aggregates to be advertised This will ensure
these routes always exit to eliminate IGP related route flapping Create the black-holestatic route for the aggregate of your local ISP A black hole indicates that traffic fora particular route will be discarded unless a more specific route exists in the routing
table A black hole static-route only makes sense from an aggregation view point Foreg if there are the following routes in the routing table
XXX configure router static-route xxxxxxxxyy black-hole
preference 250
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3252
32
8 Execute the following set of commands on the core routers (R1-R4) This will exportall static routes to the eBGP peers
XXX configure router policy-options crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons begin crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons policy-statement Export_Routes crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement $ entry 10 crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y$
from protocol static crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y
action accept crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r ygtact i on
back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons commit crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons exit all crarr
XXXconf i gur e router bgp group eBGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ expor t Expor t _Routes crarr
NOTE Wait for all nodes to be fully configured before proceeding
7
Notice that there are routes being advertised now that the policy is applied
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
How many routes are in the routing table of R1-R4 ________________Explain
_____________________________________________________________________ ___________________________________________________________________
9 Log on to the PE routers and ping the other P router system interfaces of the other ISP
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________Which devices were not reachable ______________________________
Explain _____________________________________________________________________
___________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3352
Lab 6 Services
Section 61 Services Framework
Objective
In order to complete the next group of labs we need to create a topology to support the
services we will deploy The two service providers from the previous sections havemerged into one and are offering a VPLS service across their network As long as routesexist to the system addresses of all the PE devices in the provider network a VPLSservice can be created The new service provider is running OSPF as the IGP for their
core network
33
Figure 6 Service Provider core network
CE4R12
P1R1 P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
OSPF
CE3R11
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3452
34
Running an IPMPLS-based service requires a Label Distribution Protocol (wersquoll useLDP for ease of deployment) and a full mesh of Service Distribution Paths (SDPs)
Follow the steps below
Reference Terminology
R1-R4 = Provider Routers = P1-P4
R5-R8 = Provider Edge Routers = PE1-PE4R9-R12 = Customer Edge Routers = CE1-CE4
Part 1 Provider Router Configuration (P1-P4)
1) In the previous lab routing between ISPs is provided by BGP Since the ISPs have
merged they will be merged into one routing domain running OSPF as their IGP
The interfaces between R1 and R3 and between R2 and R4 must be added to OSPF to
make this a single routing domain
2) The MPLS signaling protocol that will be used in the following section is LDP LDP
must be enabled on ALL interfaces that will be required to perform MPLS Label
exchange
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr
XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toP_ is the router interface to all neighboring routers
Part 2 Provider Edge Router Configuration (PE1-PE4)
1) LDP must be enabled on ALL router interfaces in the provider core to allow labels to
be exchanged across the Provider and Provider Edge routers
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toR_ is the router interface to the P and PE routers only
LDP is an MPLS signaling protocol therefore once all routers in the network have been
correctly configured for LDP LSPs will be created dynamically based on the systemaddresses of each node in the network
3) Configure a full mesh of SDPs (Service Distribution Paths) between the PE routers
only This will allow the distribution of services across all PE routers in the networks
When yoursquove completed this section each PE node will have a total of 3 SDPs to
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3552
35
each of the other 3 PEs The SDP is identified by an integer and we will use the router
number (5 6 7 or 8) of the far end PE to identify the SDP So PE1 (R5) will have 3
SDPs numbered 6 7 and 8 to each of the other three PEs
XXXgtconf i gure servi ce sdp x mpl s cr eat e crarr
XXXgtconf i ggtser vi cegtsdp$ f ar - end xxxxxxxxxxxx crarr
XXXgtconf i ggtser vi cegtsdp$ l dp crarr
XXXgtconf i ggtser vi cegtsdp$ no shut down crarr
Where x is the router number of the destination node
Where xxxxxxxxxxxx is the system IP address of the far-end device
Part 3 Customer Edge Router Configuration (CE1-CE4)
In the following service labs the Customer Edge devices will be configured as traditional
routers Each CE router has an interface in the same IP subnet The VPLS service will join these four routers in the same way an Ethernet switch would join them Thefollowing configuration is required on each CE device
1) Create the router interface on the interface connecting the CE to the service enabled
PE devices
XXXgtconf i gure r out er i nt er f ace ser vi cesCE_ crarr
XXXgtconf i ggtr out ergti f $ addr ess 192 168 1 x 24 crarr
XXXgtconf i ggtr out ergti f $ por t X Y Z crarr XXXgtconf i ggtr outergti f $ no shutdown
Where x is the local router number
Where XYZ is the physical network port connecting the CE to the neighboring
PE
2) Create OSPF area 0 and add the Router Interface created in step 1 and the system
interface to it
XXXgtconf i gur e rout er ospf area 0 crarr
XXXgtconf i ggtr out ergtospf gtarea$ i nter f ace syst emcrarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
XXXgtconf i ggtr out ergtospf gtarea i nter f ace servi ceCE1 crarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
Part 4 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3652
36
1) LDP is the protocol used for signaling which tunnel labels will be PUSHed
SWAPped POPped while data traverses the LSP To view which labels will be used
and their function use the following command
XXX show r out er l dp bi ndi ngs act i ve crarr
a How many PUSH actions on the P PE and CE devices
_______________________ Explain _______________________________________________________________
_______________________________________________________________
__________
b How many SWAP actions on the P PE and CE devices
_______________________ Explain
_______________________________________________________________
_______________________________________________________________
__________
c How many POP actions on the P PE and CE devices
_________________________ Explain
_______________________________________________________________ _______________________________________________________________
__________
2) CE Connectivity
a How many OSPF adjacencies are there on your CE device _____
b Ping the other CE devices in the network (ping 1921681x)
Explain the results ________________________________________________________________________ ________________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3752
Section 62 VPLS Example
Objective
A VPLS is a layer 2 service that can connect multiple sites in one LAN Itrsquos like creatinga virtual Switch out of a network of Service Routers In this lab we will create a VPLSacross all the PE nodes The PE devices will connect to each other with a full mesh using
mesh-sdp Note that after the service reference topology has been configured adding
services from edge to edge does not require any further modification of the P devices
37
Figure 6 VPLS service in each ISP between PE and P routers with SAP connections to CE routers
Part 1 Provider Edge Router Configuration (R5-R8)
1) Create the VPLS service
CE4R12
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
CE3R11
VPLS 1
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3852
38
XXXgtconf i gur e servi ce vpl s 1 cust omer 1 cr eat e crarr
XXXgtconf i ggtser vi cegtvpl s$ no shut down crarr
2) SDPs are used to distribute services across multiple service routers and therefore
bind a transport tunnel to the service You will need to create a mesh-sdp between
each PE router (R5-R8) to allow full communication across the PE routers Each PE
router should have 3 mesh-SDPs at the conclusion of this step Note that a mesh-sdp
will not forward a frame out another mesh-sdp allowing for a loop free service
topology within the core
XXXgtconf i gur e ser vi ce vpl s 1 mesh- sdp x create crarr
XXXgtconf i ggtser vi cegtvpl sgtmesh- sdp$ back crarr
Where x is the sdp to the other PE routers (R5=5 R6=6 R7=7 R8=8)
3) Service Access Points are used to attach CE devices to services on PE devices
XXXgtconf i gur e servi ce vpl s 1 sap X Y Z cr eat e crarr
Where XYZ is the physical port connecting the CE device to the PE
a Were you successful at adding the SAP _______
b Explain
_______________________________________________________________
_______________________________________________________________
c Correct the problem
XXXgtconf i gur e port X Y Z shut down crarr
XXXgtconf i gur e por t X Y Z et her net mode access crarr
XXXgtconf i gur e por t X Y X no shut down crarr
Part2 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
a View the in-use Service LDP bindings on the P and PE routers (U after label
indicates in-use)
XXX show r out er l dp bi ndi ngs f ec- t ype ser vi ces crarr
a How many Ingress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3952
39
b How many Egress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
b Network Connectivity
a How many OSPF adjacencies are there on your CE device _____
b
Are you able to ping the other CE devices in the lab _____c Are you able to ping the system IP address of the P device from the CE
device ____
d Explain the results
_______________________________________________________________
_______________________________________________________________
c Services Use the following command to determine the health of your services
XXXgt show ser vi ce servi ce- usi ng crarr
a How many services are there on each device in your POD ______
b
What is their status ______c Use the following command to find out more information about your service
XXXgt show ser vi ce i d 1 base crarr
d On each PE device we can see the MAC database per service using the
following command
XXXgt show ser vi ce i d 1 f db det ai l crarr
i How many local MAC addresses are in your table ____
ii How many remote MAC addresses are in your table ____
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
XXXgtconf i gur e servi ce sdp x shutdown crarr
Where x is the SDP to the remote PE device (R5=5 R6=6 R7=7 R8=8)
i How many OSPF adjacencies are there on your CE device _____
ii Ping the system IP addresses of all other CE devices in the lab
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4052
40
iii Explain the results
_________________________________________________________
_________________________________________________________
f On the P routers observe the impact of step d
XXXgtshow r out er l dp bi ndi ngs act i ve crarr
i
How many labels are there _____________
ii Is there any difference compared to what was seen in previously in
step a ________________
Explain __________________________________________________________________
__________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4152
41
Solutions
Exercise 13 Hardware
Sample Relevant Config--------------------------------------------------
echo Card Configuration--------------------------------------------------
card 1card-type iom-20g
mda 1
mda-type m60-10100eth-tx
ingress
mcast-path-managementshutdown
exit
exit
exit
exit
--------------------------------------------------
Exercise 14 Logs
Sample Relevant Config--------------------------------------------------echo Log Configuration
--------------------------------------------------
log
log-id 21
description Main stream log
from main
to memoryexit
log-id 22
description Security Log File
from security
to memoryexitlog-id 23
description Debug-trace
from debug-trace
to memoryexit
log-id 24
description Change Log
from change
to memoryexit
exit
Exercise 21
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4252
42
Divide up the ISP address space into equal space 512 host addresses
13812016022
13812020022
13812024022
13812028022 - divide into 13812028023 and 13812030023
Take the last 13812030023 and divide that into
13812030027 A1 30 hosts
138120303227 A2 62 hosts
138120306427
138120309627 B1 92 hosts
1381203012826
1381203019226 B2 316 hosts
13812031024
Exercise 22
Divide 140100024 into 827 address spaces
140100027 Reserved Reserved
1401003227 Unused
1401006427 Unused
1401009627 Split 1401009630
14010010030
14010010430
14010010830
14010011230
14010011630
14010012030
14010012430
All interface addresses
14010012827 Aggregate 14010012826 Assigned to Customer
space
14010016027
14010019227 Aggregate 14010019226 Assigned to customer
space
14010022427
Exercise 23
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4352
43
5 Is there a difference between the outputs of the lsquoshow router interfacersquo command
and the lsquoshow router route-tablersquo command What is the difference
Yes there is a difference The route table shows me the networks that are connected to myrouter and the logical interface it is connected to The router interface command shows
me the host address assigned to the port from the network that is used on my router along
with the physical port it is bound to
Relevant Configuration from P1
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
router
interface system
address 140100132
exit
interface t-R2exit
interface to-R2
address 140100530
port 112exit
interface to-R3
address 14010010930
port 113
exitinterface to-R5
address 14010011830
port 111
exit
exit
Exercise 244 How many ARP entries are on each router at this point
There are no ARP entries in my ARP table at this point The routers do not know how to
reach the system addresses of other routers so no ARP responses are received
5 How many ARP entries are on each router at this point
I see entries for each of my directly connected peers The MAC address belongs to the
remote routerrsquos interface ARP entries are populated because all routers know of theirdirectly connected networks and will respond to ARP requests accordingly
Exercise 31
5 View the contents of the routing table and answer the following questions
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4452
44
a How many routes in the table
There are routes for all my connected networks and an additional STATIC routefor each entry I put in
b What is the preference and metric value of each type of routing entry
The LOCAL entries have a Metric and Preference of 0The Static Routes have a Metric of 1 and a Preference of 5
Exercise 323 How many routes are there in the PPE routerrsquos routing table
Even though I entered 4 static routes total on the router only 2 are active in myrouting table The router preferred the static-route with the lowest metric
4 Which devices were reachable
I was able to ping the CE routers
Which devices were not reachable
I was unable to ping the System addresses of routers 2 hops away as they do not have
routes to the remote CE system address in their table The directly attached PE routerhas a staticroute to the local CE system address from a previous step
What is the PATH to the other CE within your local ISP
CE PE PE CE
5
Shut down the link directly between the PE devices
Which Devices are still reachable
I am still able to PING the other CE in my ISP by using the alternate (floating) static-route that replaced the last route Once a interface goes operationally down routers
flush routes from their routing table that use it as their next-hop
Exercise 33
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4552
45
YES While the filter is created it is not applied to any interface yet
11 From the PE ping the attached CErsquos configured host loopback address
SuccessfulYES
12 From the CE ping the attached PErsquos system IP addresses
Successful NO The filter is blocking icmp echo-requests in only one direction therefore ping
works one way but not the other
17 From the PE ping the attached CErsquos loopback host IP address
Successful
YES ICMP echo-requests are not blocked to the Loopback segment ONLY thesystem IP
18 From the CE ping the attached PErsquos system IP address
Successful
NO The filter is now blocking ICMP echo-requests to both CE and PE systemaddresses
Sample PE Relevant Config
--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forwarddescription Block ICMP to System Address
entry 10 create
match protocol icmpdst-ip 1511003032
icmp-type echo-request
exit
action drop
exit
exitexit
--------------------------------------------------
echo Router (Network Side) Configuration
--------------------------------------------------
interface to-R12
address 15110012630 port 112
ingress filter ip 77
exit
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4652
46
Sample CE Relevant Config--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forward
description Block ICMP to System Addy
entry 10 creatematch protocol icmp
dst-ip 1511003132
icmp-type echo-request
exit
action dropexit
exit
exit
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
interface to-R8
address 15110012530
port 112ingress filter ip 77
exit
Exercise 413
c How many routes in the table
There are 5 OSPF routes in my routing table 3 System Addresses and 2 Intefacenetworks that are not directly connected to my local system
d What is the preference and metric value of each OSPF Route
The OSPF routes vary in metric depending how ldquofarrdquo away they are (OSPF usescumulative cost based on bandwidth) but all have a preference of 10
4c How many neighbors do you see on the P devices 2
PE 2
CE 0
d What is the state of their adjacency
The P and PE adjacencies are Established because there is a OSPF speaker on the
other end with the proper parameters configured
There is no OSPF adjacency to the CE router listed as none was configured
e What type of LSAs are in the database
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4752
47
Only Type 1 Router LSA are present due to the interface being configured as point-
to-point
5 Which devices were reachable
All the devices in the local ISP were now reachable
Which devices were not reachable
The devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs Also none of the CE Host Networks were reachable as therouters did not have routes for these networks in their local routing table
6 Which devices were reachable
All networks and devices in the local ISP are now reachable
Which devices were not reachable
Devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs
Sample Relevant Config
--------------------------------------------------
echo OSPFv2 Configuration
--------------------------------------------------
ospf
area 0000interface system
interface-type point-to-point
exit
interface to-R4interface-type point-to-point
exitinterface toLAN
interface-type point-to-point
exitexit
exit
exit
Exercise 515 How many routes are advertised to each neighbor
There are no routes advertised to the neighbors because BGP does not originateroutes until an export policy is created and applied to the BGP instance
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4852
48
8 How many routes are in the routing table of R1-R4
There is 1 BGP route in each of R1-R4s routing tables matching the best path tothe aggregate advertised by the remote ISPs
9 Which devices were reachable
From the PE routers only the P routers in the local ISP were reachable
Which devices were not reachable
All routers in the remote ISP were still unreachable This is due to the local PE router
not participating in the BGP routing protocol and therefore it is not aware of theaggregate route advertised from P to P router
Sample Relevant Router Config
--------------------------------------------------
echo Static Route Configuration
--------------------------------------------------
static-route 140100024 black-hole--------------------------------------------------
echo Policy Configuration
-------------------------------------------------- policy-options
begin
policy-statement Export_Routes
entry 10
from protocol static
exit
action accept
exit
exit
exit
commitexit
--------------------------------------------------
echo BGP Configuration
--------------------------------------------------
bgpgroup eBGP
export Export_Routes
exit
group ebgpneighbor 1601006
peer-as 65002
exit
exitgroup ibgp
neighbor 1401002
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4952
49
peer-as 65001
exit
exit
exit
exit
Exercise 61Part 4 Verification
1 a How many PUSH actions on the P PE and CE devices
There are 7 PUSH operations on each P and PE device There are no PUSHoperations on the CE as it is not running LDP
b How many SWAP actions on the P PE and CE devices
There are 7 SWAP operations on each P and PE device There are no SWAP
operations on the CE as it is not running LDP
c How many POP actions on the P PE and CE devices
There is 1 POP operation on each P and PE device There are no POP operationson the CE device as it is not running LDP
2
a How many OSPF adjacencies are there on your CE device
None
b Ping the other CE devices in the network (ping 1921681x)
Nothing is reachable because there is no layer 2 connectivity from CE to CE
device without creating a service
Exercise 62 3 Were you successful at adding the SAP
No The port must be in access mode before you can create a SAP on it
Part 2 Verification
1
g How many Ingress labels
There are now 3 Ingress labels on the PE devices The P and CE device has no
service labels
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5052
50
h How many SWAP actions
There are now 3 Egress labels on the PE devices The P and CE device has noservice labels
2
a
How many OSPF adjacencies are there on your CE device3
b Are you able to ping the other CE devices in the lab
YES
c Are you able to ping the system IP address of the P device from the CE
device
NO The O and PE devices are private from the service to which the CEdevices are connected on
3
a How many services are there on each device in your POD
1 per PE only
b What is their status
Operationally UP
d On each PE device we can see the MAC database per service using the
following command
iii How many local MAC addresses are in your table
1
iv How many remote MAC addresses are in your table
3
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
i How many OSPF adjacencies are there on your CE device
1
ii Ping the system IP addresses of all other CE devices in the lab
Only the CE device connected to the diagonally connected PE isreachable because it is the only one with an active SDP in both
directionsf
i How many labels are there
Same as before
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5152
51
ii Is there any difference compared to what was seen in previously
in step a
NO The LSPs created with LDP are still active only the SDP usedto bind the LSPs to the service are shut down therefore no labelswill be withdrawn
Sample PE Relevant Configuration
--------------------------------------------------echo LDP Configuration
--------------------------------------------------
ldpinterface-parameters
interface to-R1
exit
interface to-R6
exit
interface to-R5exit
exit
targeted-session
exit
exitexit
--------------------------------------------------
echo Service Configuration
--------------------------------------------------
service
customer 1 createdescription Default customer
exit
sdp 6 mpls createfar-end 1401006
ldp
keep-alive
shutdown
exit
no shutdown
exitsdp 7 mpls create
far-end 1511001
ldp
keep-alive
shutdownexit
no shutdown
exit
sdp 8 mpls create
far-end 15110030
ldpkeep-alive
shutdown
exit
no shutdown
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5252
52
exit
vpls 612 customer 1 create
stp
shutdown
exitsap 112 create
exit
mesh-sdp 6612 create
mesh-sdp 7612 create
mesh-sdp 8612 createexitno shutdown
exit
exit A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 952
9
a Observe the log file configuration
RX configure log crarr
RXgtconf i gur egtl oggt info crarr
b Observe the security log
To test the security logging open another session to the same router that you arelogged into Try logging in to the router using a wrong loginpassword
On the active session now execute a
RX show log log-id 22 crarr
Observe the failed login attempts
c Observe the Change log
RX show log log-id 24 crarr
Observe all the events in the change log What kind of events are logged here
d
Observe the Debug log Note This will be viewed when debug events are turned up in succeeding labs
e Observe the Main log
RX configure port 115 no shut crarr
RX exit crarr
RX show log log-id 21 crarr
RX configure port 115 shut crarr
f Logout from the active session and now type a
RX config log crarr
RX info crarr
Compare the output of the info command to the output obtained at the beginning of thisstep Is there a difference and why
4 Configuring and viewing alarms
Alarms on the 7x50 are not directly displayed Two log files (log id 99 and log id 100)
are configured automatically on startup to capture alarm events for layer 1 and layer 2
To view these alarms execute
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1052
10
RXgt show log log-id 99
RXgt show log log-id 100
Appropriate parameters can be used in order to display specific information
5
Save your configs
RXgt admin save
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1152
Lab 2 IP Addressing and Routing
Section 21 - ISP addressing with Enterprise Customers
Objective
In this exercise the student will design and implement an IP network addressing scheme
to support the communications between the routers as shown in the diagram below Thisis a paper exercise
Ent A1
30 hosts
Ent B2
300 hosts
11
Figure 1 Two Enterprises linked to a common ISP
Ent B1
90 hosts
Ent A2
60 hosts
ISP
Formatted Portuguese (Braz
Formatted Font (Default) TiNew Roman 12 pt Not Bold Fcolor Auto Portuguese (Brazil
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1252
12
Two enterprises A and B are connected to a central Tier 2 ISP A1 and A2 are two ofEnterprise Arsquos locations connected to the Tier 2 ISP and B1 and B2 are two of
Enterprise Brsquos locations connected to the same Tier 2
The ISP has a public IP addressing space of 13812016020 The Enterprises A and Blease their IP addressing from their ISP Enterprise A requires an IP addressing scheme
that can scale to at most 30 nodes in location A1 and 60 nodes in location A2 The
Enterprise B requires an IP addressing scheme with at most 90 nodes in location B1 andless than 300 nodes in location B2 The ISP can only lease 500 IP addresses (among thetwo enterprises) and will utilize the last part of its assigned sub-network to both theenterprises
Your tasks are to1) Extract a 500 host sub-network from the last part of the ISP IP network address of
13812016020
2) Divide the resulting sub-network into unequal sub-networks satisfying all the siterequirements for each of the enterprise locations Note The sub-networksassigned to each location do not have to be a single aggregate block so long asthey satisfy the number of addresses required
3) Wherever possible optimize address spaces among Enterprise locations
Hint Divide the assigned ISP IP sub-network into equal blocks satisfying the smallest
requirement and then combine the smaller blocks into aggregate or non aggregate
blocks
Entity Number of Host Addresses
IP Network
ISP Network 4094 13812016020
Subnetwork Assigned toEnterprise A and B
510
Enterprise A
Location A1
Location A2
Enterprise B
Location B1
Location B2
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1352
Section 22 ndash ISP addressing with P PE and CE routers
Objective
In this exercise the student will design and implement an IP network addressing scheme
to support the communications between the routers as shown in the diagram below TheIP addressing schema will be used further in the subsequent lab exercises
Figure 2 Two ISPS
There are two ISPs shown in the above diagram ISP 1 consists of routers P1 P2 PE5and PE6 ISP 2 consists of routers P3 P4 PE3 and PE4
P1 and P2 P3 and P4 are considered provider routers and serve as transit points to other
provider routers PE1 and PE2 PE3 and PE4 are provider edge routers and connect to theISP customers These routers provide Internet and other network access to the ISP
customers
13
CE4R12
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1452
14
CE 1 and CE2 are customer edge routers that represent customers of ISP 1 CE3 and CE4are routers that represent customers of ISP2 These routers provide traffic from the ISP to
the various customer entities
Each ISP is assigned the following public address space by IANA
ISP 1 140100024
ISP 2 150100024
Your task is to design an IP sub-network based on the address space provided and assignthe sub networks to the various routers based on the following requirements which are the
same for both ISPs Note All students assigned to each of the ISP must collaboratetogether
Requirements
1 The first 32 addresses in the assigned IP space for both ISPs are reserved for system
and other internal loopback addresses on the P PE Each of the routers in the ISP andwill require a system address from this block
2
The next 64 addresses in the assigned IP space for both ISPs are reserved for futureuse
3 All customer routers on both ISPs are connected to at most 60 hosts So each ISP
needs to assign two 60 host addressing schemes to represent all the customers4 All inter router links including CE-PE router links within each ISP are point to point
links however for the sake of convenience they should be assigned lsquo30rsquo based
addresses
5 ISP 1 and ISP2 provider routers are physically connected to each other but are not peering to each other
Enter the addresses in the table below
ISP Number 1 Router Port Interface name IP Address
PE1 System
toP1
toPE2
toCE1
P1 System
toP3 Not used
toP2
toPE1
PE2 System
toP2
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1552
15
toPE1
toP1
P2 System
toPE2
toP4 Not used
toP1
CE1 System Not used
toPE1
Aggregate
CE2 System Not used
toPE2
Aggregate
ISP Number 2 Router Port Interface name IP Address
PE3 System
toP3
toPE4
toCE3
P3 SystemtoP1 Not used
toP4
toPE3
PE4 System
toP4
toPE3
toCE4
P4 System
toPE4
toP3
toP2 Not used
CE3 System Not usedtoPE3
Aggregate
CE4 System Not used
toPE4
Aggregate
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1652
16
Section 23 ndash Layer 3 Interfaces
Objective
In this exercise the student will configure the layer 3 interfaces as per the IP addressing
scheme listed in the tables in the previous exercise
1 Using the following command take a look at any existing interfaces on the router
Notice that the system interface is already created This interface exists by defaultand cannot be removed The only requirement is to assign the system interface with
an IP address The system interface will be automatically used by the various routing protocols as the router-id
XXXgtshow router interface crarr
2 Assign the IP address to the system interface as per the above table on the PE and Prouters
XXXgtconf i ggtrouter crarr XXXgtconf i ggtr outer interface system crarr
XXXgtconf i ggtr out ergti f address xxxxxxxxxxxx 32 crarr
XXXgtconf i ggtr out ergti f exit crarr
3 Assign the IP addresses to the rest of the interfaces on the CE PE and P routers Thedifference between these interfaces and the system interface is the fact that the non-
system interfaces require the addition of a physical port
a The system interface being a loopback or virtual interface does not have a
physical port assigned to it b Other non-system interfaces can also be created as loopback interfaces (as
shown below) and also not required the addition of a physical port However
they need to be explicitly configured as a loopback interfaces by specifyingthe command ldquoloopbackrdquo
c The customer networks on the CE router can be specified as a loopback
interface for the purpose of aggregation however on the loopback interface asingle host address in the customer network needs to be defined
Interface Type Name Loopback Subnet Mask Port Config
Normal ldquoAny Stringrdquo No 8-31 Required
System system Implicit 32 None
Loopback ldquoAny Stringrdquo Explicit 8-31 loopback
XXXgtconf i ggtr outer interface Hosts crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1752
17
XXXgtconf i ggtr out ergti f $ address xxxxxxxxxxxxyy crarr XXXgtconf i ggtr out ergti f $ loopback
XXXgtconf i ggtr out ergti f $ exitcrarr
4 Continue until all the interfaces have been assigned an IP address and the interface
has been associated to the correct port Once completed use the show command tosee the status of the router interfaces that have just been created The administrative
and operational status should both be up If an interface shows operationally downthis could be indicative of a physical problem Use the info command to view theconfiguration of the router interfaces to ensure that they have all (with the exception
of the System interface) been associated with a port
XXXgtshow router interface crarr
XXXgtconf i ggtroutercrarr
XXXgtconf i ggtr outer info crarr
5 Using the show command check the route tables of all the CE PE and P routers inyour ISP Notice the routes that now appear in the route table and take note of their
protocol type The PE routers should see 4 routes in the route table while the Prouters should see 4 routes in the route table
XXXgtshow router route-table crarr
Is there a difference between the outputs of the lsquoshow router interfacersquo command andthe lsquoshow router route-tablersquo command What is the difference
__________
6 Using the ping command check connectivity from a router to the distant end of each
of its interfaces to the neighboring routers For example on the PE routers check theconnectivity to the distant end of the interface connecting it to the P router and on theCE router check the connectivity to the PE router
XXXgt ping xxxxxxxxxxxx crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1852
18
Section 24 ndash Testing for ICMP and ARP
Internet control messaging protocol is an IP protocol used to report on errors deliveringan IP datagram When a destination address is unreachable the router that cannot find the
destination sends an ICMP destination unreachable to the source of the IP datagram ARPis a mechanism used to find out the MAC address corresponding to a specific IP address
if one does not exist in the sourcersquos ARP cache
1 To verify ICMP messages are being generated turn on debug for ICMP packets on allcore routers To turn debug icmp on
XXXgt debug router ip icmp
2 From the edge devices attempt to ping the IP address of the far-end interface to your
core router using your edgersquos system interface address as the source address Observethe debug ICMP messages on the core routers
3 To verify ARP operation by the router turn on debug IP ARP on the routers in any
ISP (P1-P2 P3-P4 PE1 and PE2 PE3 and PE4) routers Execute the followingcommand on each of the routers
XXXgt debug router ip no icmp
XXXgt debug router ip arp
XXXgt clear router arp all
XXXgt show router arp (This should be empty now)
4 NOTE Wait until all students are at this point before proceeding
From any PE router attempt to ping the system interface IP address of all the other
directly connected routers Observe the debug ARP message Verify the ARP entryfor the neighboring interface has been added
XXXgt show router arp
How many ARP entries are on each router at this point __________
5 From any P router attempt to ping the network interface IP address of all the otherconnected routers Observe the debug ARP message Verify the ARP entry for theneighboring interface has been added
XXXgt show router arp
How many ARP entries are on each router at this point __________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1952
19
Explain ________________________________________________________________________
________________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2052
Lab 3 Dynamic IP Routing
Section 31 ndash Static Routes
Objective
In this exercise the student will configure a static route from the PE to the P router andfrom the P router to the PE router that will allow both routers to ping the system interface
of each other At this point the operator can only ping the interfaces that are directlyconnected to the router This is because those are the only networks that are known bythe router Should the operator at the PE router attempt to ping the system interface of
the P router it will fail as the PE router has no route to the destination (it is not shown inthe route-table)
1 The first step is to define the network that the operator wishes to reach In this case itwill be the address of the system interface of the distant router Once that is defined
then the router must be informed of which interface to send the information out of toreach the distant network Note when defining the ldquonext-hoprdquo interface informationthe IP address used is the distant IP address of the interface not the local IP address of
the router interface Log in to the PE router and configure a static route using thefollowing command structure The first IP address defined is the destination network
plus mask In this case it is the system interface of the P router The second IPaddress defined is the IP address of the P end of the interface that connects the P tothe PE
XXXgtconfigure router static-route xxxxxxxxyy next-hopxxxxxxxx
2 The next step is to log on to the P routers and configure a static route to the systeminterface of the PE router The command structure is the same as above The onlything that will change is the IP addresses
3
Once completed verify connectivity between the P and PE routers in your pod by pinging the system interface of the other router
XXXgt ping xxxxxxxxxxxx crarr
4 View the contents of the routing table and answer the following questions
XXXgtshow r out er r out e- t abl e crarr
a How many routes in the table ________
b What is the preference and metric value of each type of routing entry
________________________________________________________________________
________________________________________________________________________
___________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2152
Section 32 ndash Default Routes and Router Logicction 32 ndash Default Routes and Router Logic
ObjectiveObjective
In this exercise the student will configure a default route on the Customer Edge CE
router The purpose of this default route is to allow IP connectivity from the CE router tothe rest of the routers in the network This is possible due to the fact that the CE router
has only one interface towards the ISP core Therefore if the destination is not local itmust be out that interface
In this exercise the student will configure a default route on the Customer Edge CE
router The purpose of this default route is to allow IP connectivity from the CE router tothe rest of the routers in the network This is possible due to the fact that the CE router
has only one interface towards the ISP core Therefore if the destination is not local itmust be out that interface
Figure 3 Static routes CE to PE and P PE to CEFigure 3 Static routes CE to PE and P PE to CE
21
CE4R12CE4R12
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
Static Route T e 2
Static Route T e 3
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2252
22
For this exercise the CE devices will configure default routes towards theirconnected PE router Each P and PE router will configure static routes for the CE
networks (the aggregate networks that were created as part of the subnetwork exercisein Section 22) connected to their local ISP For example P1 and PE1 will eachconfigure a static route to CE1 networks and another static route to the CE2 networks
Note that each P and PE router will configure 2 static routes for each CE
1 To configure a default route is to configure a static route The only difference is thedestination network and mask information In a default route the wild card network
and mask is used to match all network prefix values that do not match anything elsein the route-table Use the following configuration on the edge router of your pod
For the next hop use the interface as defined on the previous page
XXXgtconfigure router static-route 00000 next-hop xxxxxxxx crarr
2 Log on to the core (P and PE) routers and configure static routes for each CE
customer network address of the CE routers in your local ISP For each networkthere are 2 paths through your ISP For this exercise you will enter both static routes
into each PPE router The difference will be the metric value that is used The valueof the metric is the total number of routers (including the local router) traversed toreach the destination device
XXXgtconfigure router static-route xxxxxxxxyy next-hop
xxxxxxxx met r i c zcrarr
3 Use the show command to verify the existence of the default and static routes
XXXgtshow router route-table crarr
How many routes are there in the PPE routerrsquos routing table _______
Explain
_____________________________________________________________________ _____________________________________________________________________
4 Once everyone has completed the default route configuration log on to the CE router
and ping and traceroute the various system interfaces of the various routers within thenetwork Log into the P and PE router and try to ping the configured host address on both the CE routers in the ISP
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________
Which devices were not reachable ______________________________
XXXgttraceroute xxxxxxxxxxxx crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2352
23
What path is being taken to the other CE within your local ISP ____________________________________________________________________
5 Shut down the link directly between the PE devices
XXXgtconfigure port XYZ shutdown crarr
Which devices are still reachable _______________________________
Explain _____________________________________________________________________
_____________________________________________________________________A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2452
24
Section 33 ndash IP Filters
Objective
In this exercise the student will configure an IP filter on the routers to block ICMP echo-
request access to an IP address range
To configure an IP filter we must first determine the address and protocol types that we
will be allowing access to and the direction where the filter will be applied In this casewe will be blocking access to any of the CE customer host addresses from the protocol
ICMP (IP Protocol type 1) We will block access in the INGRESS direction on the CEinterface towards the PE
CE Routers Only
6 Create and describe the filter ip instance on the CE device
XXXgt configure filter ip-filter 77 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er $ description ldquoBlock ICMP to Customernetworkrdquo
7 Set the default-action to forward
XXXgtconf i ggtf i l t er gti p- f i l t er $ default-action forward crarr
8 Deny access to all host address range only for ICMP echo-requests Note We will
match in the ingress direction
XXXgtconf i ggtf i l t er gti p- f i l t er $ entry 10 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match dst-ip xxxxxxxxyy crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match protocol 1 icmp-type echo-
request crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ action drop crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ exit all crarr
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful _____Explain _____________________________________________________________________
_____________________________________________________________________
10 Apply the filter on the CE to the router interface connected to the PE device
XXXgt configure router interface toPEx crarr
XXX gtconf i ggtr out ergti f $ ingress filter ip 77 crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2552
25
11 From the PE ping the attached CErsquos configured host loopback address Successful _____
12 From the CE ping the attached PErsquos system IP addresses Successful _____Explain
_____________________________________________________________________
_____________________________________________________________________
PE Routers only Do not start until CE Router section is completed
13 Create and describe the filter ip instance on the PE device
XXXgt configure filter ip-filter 77 create crarr XXXgtconf i ggtf i l t er gti p- f i l t er $ description ldquoBlock ICMP to System
Addressrdquo
14 Set the default-action to forward
XXXgtconf i ggtf i l t er gti p- f i l t er $ default-action forward crarr
15 Deny access to the system IP address only for ICMP echo-requests Note We willmatch in the ingress direction so the packets will destined to the system IP address
XXXgtconf i ggtf i l t er gti p- f i l t er $ entry 10 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match dst-ip xxxxxxxxyy crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match protocol 1 icmp-type echo-
request crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ action drop crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ exit all crarr
16 Apply the filter to the router interface connected to the CE device
XXXgtconfigure router interface toCExcrarr
XXXgtingress filter ip 77 crarr
17 From the PE ping the attached CErsquos loopback host IP address Successful _____
18 From the CE ping the attached PErsquos system IP address Successful _____Explain
_____________________________________________________________________ _____________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2652
Lab 4 Open Shortest Path First (OSPF)
Section 41 ndash Single Area OSPF
Objective
In this exercise the student will configure a single area OSPF network for each ISP Thislab will demonstrate the different databases that are created by the OSPF routing
protocol
CE4R12
26
Figure 4 OSPF in each ISP
NOTE Remove all static routes configured in the P and PE devices in the previous
labs DO NOT remove the static routes to CE networks on the PE
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
OSPF
OSPF
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2752
27
1 The first step is to enable the OSPF routing process on the router
XXX configure router ospf crarr
2 Next define the area that the interfaces will be placed in Remember that the areamust match between routers connected on the same interface for OSPF to establish an
adjacency The objective of this exercise is to configure a single area OSPF network
therefore all students should use the same area number
XXXgtconf i ggtr outergtospf $ area 0 crarr
3 Now enter into this area all the interfaces that you want OSPF to operate on and sendout its advertisements In this case place all the PE and P router interfaces inside thelocal ISP into the OSPF process area 0 Note that ISPs rarely exchange routes witheach other using an IGP protocol of any sort
XXXgtconf i ggtr out er gtospf gtar ea$ interface system crarr
XXXgtconf i ggtr outergtospf gtar eagti f $ exit crarr XXXgtconf i ggtr outergtospf gtar eagt interface toPE1
XXXgtconf i ggtr out ergtospf gtareagti f $ interface-type point-to-point crarr
Continue until all the interfaces on the PE and P routers within the ISP are enteredinto the OSPF process in area 0
XXXgtshow r out er r out e- t abl e crarr
a How many routes in the table ________ b
_________________________________________________________________ _________________________________________________________________
_________________________________________________________________ _________________________________________________________________
What is the preference and metric value of each OSPF Route
4 Use the show command to look at the OSPF neighbors of the P routers
XXXgtshow r out er ospf nei ghbor crarr
a How many neighbors do you see on the P devices _____ PE _____ CE _____
b What is the state of their adjacency ____ Why
____________________________________________________________________
____________________________________________________________________
Use the following command to show the ospf link state database This database is alisting of all LSAs that have been received by the router It is these LSAs that the SPFalgorithm uses to create the forwarding table
XXX show router ospf database detail crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2852
28
a What types of LSAs are in the database _______________________________________________________________
_______________________________________________________________ b Is the database consistent on all the ISP routers _______
5 Once everyone has completed the OSPF configuration login to the P router and ping
the other PE router system interfaces
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________Which devices were not reachable ______________________________
Explain _____________________________________________________________________ ___________________________________________________________________
6 To reach the CE networks from any of the PE and P routers the CE networks need to
be distributed into OSPF running on PE and P routers The static routes to the CEnetworks are defined on the PE routers and need to be distributed on the PE routers
To do this
a
the PE router must be configured as an ASBR (Autonomous System Border
Router) The ASBR configuration under OSPF enables a router running the OSPFrouting protocol to distribute networks external to the OSPF domain into OSPFIn this case the static routes to the CE networks are not part of the ISP OSPF
domainOn the PE routerXXXgtconf i ggtr out er gtospf gtar ea 0 asbrcrarr
b A routing policy on the PE distributes the static routes into OSPF
On the PE routerXXX configure router policy-options crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons begin crarr XXXgtconf i ggtr out ergtpol i cy- opt i ons policy-statement Export_Routes crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement $ entry 10 crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y$
from protocol static crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y
action accept crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r ygtact i on
back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons commit crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons exit all crarr XXXgtconf i ggtr outergtospf export Export_Routes
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2952
29
7 From the PE and the P routers ping all the CE networks (ie ping the CE hostloopback address) within the ISP
Which devices were reachable _______________________________
Which devices were not reachable ______________________________Explain
_____________________________________________________________________
___________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3052
Lab 5 BGP Routing
Section 51 ndash BGP Routing
Objective
In this exercise the student will configure their ISP as a BGP Autonomous System The
student will then configure the BGP routing protocol to connect the Autonomous Systemstogether and exchange routing information
CE4R12
Figure 5 BGP between ISPs and within ISPs
30
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
OSPF
OSPF
BGP
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3152
31
1 Assign your AS number to your P and PE routers (R1-R8)
XXXgtconf i ggtr out er autonomous-system 6500n (n = ISP) crarr
2 P1 and P3 P2 and P4 will be configured as external BGP peers (eBGP) Note thateBGP peers typically use the next-hop interface IP address as the neighbor address
Since the ISPs will now be peering (share an IP network) between them assign the
link between P1 and P3 host addresses from 145001031 and the link between P2and P4 will be assigned hosts from the 145002031 network
XXXgtconf i ggtr out er bgp gr oup eBGP crarr
XXXgtconf i ggtr out er gtbgpgtgroup$ nei ghbor xxxxxxxx crarr
XXXgtconf i ggtr outergtbgpgtgroupgtnei ghbor$ peer - as ltremote ASgt crarr
3 P1 and P2 P3 and P4 will be configured as internal BGP peers (iBGP) Note that
iBGP peers typically use the system interface IP address as the neighbor address
XXXgtconf i ggtr out er bgp group i BGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ nei ghbor xx xx xx xx crarr
XXXgtconf i ggtr outergtbgpgtgroupgtnei ghbor$ peer - as ltl ocal ASgt crarr
4
At this point each P router should have one internal and one external BGP session
xxx show r out er bgp summar y crarr
5
We can see the advertised routes for reach neighbor using the following command
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
a How many routes are advertised to each neighbor _____ b Explain
____________________________________________________________ __________________________________________________________
6
BGP like other distance vector protocols requires an export policy to advertise-routes to other BGP peers The most accepted way to originate a route from an ISP isto create a black-hole static route for all aggregates to be advertised This will ensure
these routes always exit to eliminate IGP related route flapping Create the black-holestatic route for the aggregate of your local ISP A black hole indicates that traffic fora particular route will be discarded unless a more specific route exists in the routing
table A black hole static-route only makes sense from an aggregation view point Foreg if there are the following routes in the routing table
XXX configure router static-route xxxxxxxxyy black-hole
preference 250
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3252
32
8 Execute the following set of commands on the core routers (R1-R4) This will exportall static routes to the eBGP peers
XXX configure router policy-options crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons begin crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons policy-statement Export_Routes crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement $ entry 10 crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y$
from protocol static crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y
action accept crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r ygtact i on
back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons commit crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons exit all crarr
XXXconf i gur e router bgp group eBGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ expor t Expor t _Routes crarr
NOTE Wait for all nodes to be fully configured before proceeding
7
Notice that there are routes being advertised now that the policy is applied
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
How many routes are in the routing table of R1-R4 ________________Explain
_____________________________________________________________________ ___________________________________________________________________
9 Log on to the PE routers and ping the other P router system interfaces of the other ISP
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________Which devices were not reachable ______________________________
Explain _____________________________________________________________________
___________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3352
Lab 6 Services
Section 61 Services Framework
Objective
In order to complete the next group of labs we need to create a topology to support the
services we will deploy The two service providers from the previous sections havemerged into one and are offering a VPLS service across their network As long as routesexist to the system addresses of all the PE devices in the provider network a VPLSservice can be created The new service provider is running OSPF as the IGP for their
core network
33
Figure 6 Service Provider core network
CE4R12
P1R1 P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
OSPF
CE3R11
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3452
34
Running an IPMPLS-based service requires a Label Distribution Protocol (wersquoll useLDP for ease of deployment) and a full mesh of Service Distribution Paths (SDPs)
Follow the steps below
Reference Terminology
R1-R4 = Provider Routers = P1-P4
R5-R8 = Provider Edge Routers = PE1-PE4R9-R12 = Customer Edge Routers = CE1-CE4
Part 1 Provider Router Configuration (P1-P4)
1) In the previous lab routing between ISPs is provided by BGP Since the ISPs have
merged they will be merged into one routing domain running OSPF as their IGP
The interfaces between R1 and R3 and between R2 and R4 must be added to OSPF to
make this a single routing domain
2) The MPLS signaling protocol that will be used in the following section is LDP LDP
must be enabled on ALL interfaces that will be required to perform MPLS Label
exchange
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr
XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toP_ is the router interface to all neighboring routers
Part 2 Provider Edge Router Configuration (PE1-PE4)
1) LDP must be enabled on ALL router interfaces in the provider core to allow labels to
be exchanged across the Provider and Provider Edge routers
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toR_ is the router interface to the P and PE routers only
LDP is an MPLS signaling protocol therefore once all routers in the network have been
correctly configured for LDP LSPs will be created dynamically based on the systemaddresses of each node in the network
3) Configure a full mesh of SDPs (Service Distribution Paths) between the PE routers
only This will allow the distribution of services across all PE routers in the networks
When yoursquove completed this section each PE node will have a total of 3 SDPs to
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3552
35
each of the other 3 PEs The SDP is identified by an integer and we will use the router
number (5 6 7 or 8) of the far end PE to identify the SDP So PE1 (R5) will have 3
SDPs numbered 6 7 and 8 to each of the other three PEs
XXXgtconf i gure servi ce sdp x mpl s cr eat e crarr
XXXgtconf i ggtser vi cegtsdp$ f ar - end xxxxxxxxxxxx crarr
XXXgtconf i ggtser vi cegtsdp$ l dp crarr
XXXgtconf i ggtser vi cegtsdp$ no shut down crarr
Where x is the router number of the destination node
Where xxxxxxxxxxxx is the system IP address of the far-end device
Part 3 Customer Edge Router Configuration (CE1-CE4)
In the following service labs the Customer Edge devices will be configured as traditional
routers Each CE router has an interface in the same IP subnet The VPLS service will join these four routers in the same way an Ethernet switch would join them Thefollowing configuration is required on each CE device
1) Create the router interface on the interface connecting the CE to the service enabled
PE devices
XXXgtconf i gure r out er i nt er f ace ser vi cesCE_ crarr
XXXgtconf i ggtr out ergti f $ addr ess 192 168 1 x 24 crarr
XXXgtconf i ggtr out ergti f $ por t X Y Z crarr XXXgtconf i ggtr outergti f $ no shutdown
Where x is the local router number
Where XYZ is the physical network port connecting the CE to the neighboring
PE
2) Create OSPF area 0 and add the Router Interface created in step 1 and the system
interface to it
XXXgtconf i gur e rout er ospf area 0 crarr
XXXgtconf i ggtr out ergtospf gtarea$ i nter f ace syst emcrarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
XXXgtconf i ggtr out ergtospf gtarea i nter f ace servi ceCE1 crarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
Part 4 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3652
36
1) LDP is the protocol used for signaling which tunnel labels will be PUSHed
SWAPped POPped while data traverses the LSP To view which labels will be used
and their function use the following command
XXX show r out er l dp bi ndi ngs act i ve crarr
a How many PUSH actions on the P PE and CE devices
_______________________ Explain _______________________________________________________________
_______________________________________________________________
__________
b How many SWAP actions on the P PE and CE devices
_______________________ Explain
_______________________________________________________________
_______________________________________________________________
__________
c How many POP actions on the P PE and CE devices
_________________________ Explain
_______________________________________________________________ _______________________________________________________________
__________
2) CE Connectivity
a How many OSPF adjacencies are there on your CE device _____
b Ping the other CE devices in the network (ping 1921681x)
Explain the results ________________________________________________________________________ ________________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3752
Section 62 VPLS Example
Objective
A VPLS is a layer 2 service that can connect multiple sites in one LAN Itrsquos like creatinga virtual Switch out of a network of Service Routers In this lab we will create a VPLSacross all the PE nodes The PE devices will connect to each other with a full mesh using
mesh-sdp Note that after the service reference topology has been configured adding
services from edge to edge does not require any further modification of the P devices
37
Figure 6 VPLS service in each ISP between PE and P routers with SAP connections to CE routers
Part 1 Provider Edge Router Configuration (R5-R8)
1) Create the VPLS service
CE4R12
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
CE3R11
VPLS 1
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3852
38
XXXgtconf i gur e servi ce vpl s 1 cust omer 1 cr eat e crarr
XXXgtconf i ggtser vi cegtvpl s$ no shut down crarr
2) SDPs are used to distribute services across multiple service routers and therefore
bind a transport tunnel to the service You will need to create a mesh-sdp between
each PE router (R5-R8) to allow full communication across the PE routers Each PE
router should have 3 mesh-SDPs at the conclusion of this step Note that a mesh-sdp
will not forward a frame out another mesh-sdp allowing for a loop free service
topology within the core
XXXgtconf i gur e ser vi ce vpl s 1 mesh- sdp x create crarr
XXXgtconf i ggtser vi cegtvpl sgtmesh- sdp$ back crarr
Where x is the sdp to the other PE routers (R5=5 R6=6 R7=7 R8=8)
3) Service Access Points are used to attach CE devices to services on PE devices
XXXgtconf i gur e servi ce vpl s 1 sap X Y Z cr eat e crarr
Where XYZ is the physical port connecting the CE device to the PE
a Were you successful at adding the SAP _______
b Explain
_______________________________________________________________
_______________________________________________________________
c Correct the problem
XXXgtconf i gur e port X Y Z shut down crarr
XXXgtconf i gur e por t X Y Z et her net mode access crarr
XXXgtconf i gur e por t X Y X no shut down crarr
Part2 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
a View the in-use Service LDP bindings on the P and PE routers (U after label
indicates in-use)
XXX show r out er l dp bi ndi ngs f ec- t ype ser vi ces crarr
a How many Ingress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3952
39
b How many Egress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
b Network Connectivity
a How many OSPF adjacencies are there on your CE device _____
b
Are you able to ping the other CE devices in the lab _____c Are you able to ping the system IP address of the P device from the CE
device ____
d Explain the results
_______________________________________________________________
_______________________________________________________________
c Services Use the following command to determine the health of your services
XXXgt show ser vi ce servi ce- usi ng crarr
a How many services are there on each device in your POD ______
b
What is their status ______c Use the following command to find out more information about your service
XXXgt show ser vi ce i d 1 base crarr
d On each PE device we can see the MAC database per service using the
following command
XXXgt show ser vi ce i d 1 f db det ai l crarr
i How many local MAC addresses are in your table ____
ii How many remote MAC addresses are in your table ____
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
XXXgtconf i gur e servi ce sdp x shutdown crarr
Where x is the SDP to the remote PE device (R5=5 R6=6 R7=7 R8=8)
i How many OSPF adjacencies are there on your CE device _____
ii Ping the system IP addresses of all other CE devices in the lab
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4052
40
iii Explain the results
_________________________________________________________
_________________________________________________________
f On the P routers observe the impact of step d
XXXgtshow r out er l dp bi ndi ngs act i ve crarr
i
How many labels are there _____________
ii Is there any difference compared to what was seen in previously in
step a ________________
Explain __________________________________________________________________
__________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4152
41
Solutions
Exercise 13 Hardware
Sample Relevant Config--------------------------------------------------
echo Card Configuration--------------------------------------------------
card 1card-type iom-20g
mda 1
mda-type m60-10100eth-tx
ingress
mcast-path-managementshutdown
exit
exit
exit
exit
--------------------------------------------------
Exercise 14 Logs
Sample Relevant Config--------------------------------------------------echo Log Configuration
--------------------------------------------------
log
log-id 21
description Main stream log
from main
to memoryexit
log-id 22
description Security Log File
from security
to memoryexitlog-id 23
description Debug-trace
from debug-trace
to memoryexit
log-id 24
description Change Log
from change
to memoryexit
exit
Exercise 21
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4252
42
Divide up the ISP address space into equal space 512 host addresses
13812016022
13812020022
13812024022
13812028022 - divide into 13812028023 and 13812030023
Take the last 13812030023 and divide that into
13812030027 A1 30 hosts
138120303227 A2 62 hosts
138120306427
138120309627 B1 92 hosts
1381203012826
1381203019226 B2 316 hosts
13812031024
Exercise 22
Divide 140100024 into 827 address spaces
140100027 Reserved Reserved
1401003227 Unused
1401006427 Unused
1401009627 Split 1401009630
14010010030
14010010430
14010010830
14010011230
14010011630
14010012030
14010012430
All interface addresses
14010012827 Aggregate 14010012826 Assigned to Customer
space
14010016027
14010019227 Aggregate 14010019226 Assigned to customer
space
14010022427
Exercise 23
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4352
43
5 Is there a difference between the outputs of the lsquoshow router interfacersquo command
and the lsquoshow router route-tablersquo command What is the difference
Yes there is a difference The route table shows me the networks that are connected to myrouter and the logical interface it is connected to The router interface command shows
me the host address assigned to the port from the network that is used on my router along
with the physical port it is bound to
Relevant Configuration from P1
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
router
interface system
address 140100132
exit
interface t-R2exit
interface to-R2
address 140100530
port 112exit
interface to-R3
address 14010010930
port 113
exitinterface to-R5
address 14010011830
port 111
exit
exit
Exercise 244 How many ARP entries are on each router at this point
There are no ARP entries in my ARP table at this point The routers do not know how to
reach the system addresses of other routers so no ARP responses are received
5 How many ARP entries are on each router at this point
I see entries for each of my directly connected peers The MAC address belongs to the
remote routerrsquos interface ARP entries are populated because all routers know of theirdirectly connected networks and will respond to ARP requests accordingly
Exercise 31
5 View the contents of the routing table and answer the following questions
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4452
44
a How many routes in the table
There are routes for all my connected networks and an additional STATIC routefor each entry I put in
b What is the preference and metric value of each type of routing entry
The LOCAL entries have a Metric and Preference of 0The Static Routes have a Metric of 1 and a Preference of 5
Exercise 323 How many routes are there in the PPE routerrsquos routing table
Even though I entered 4 static routes total on the router only 2 are active in myrouting table The router preferred the static-route with the lowest metric
4 Which devices were reachable
I was able to ping the CE routers
Which devices were not reachable
I was unable to ping the System addresses of routers 2 hops away as they do not have
routes to the remote CE system address in their table The directly attached PE routerhas a staticroute to the local CE system address from a previous step
What is the PATH to the other CE within your local ISP
CE PE PE CE
5
Shut down the link directly between the PE devices
Which Devices are still reachable
I am still able to PING the other CE in my ISP by using the alternate (floating) static-route that replaced the last route Once a interface goes operationally down routers
flush routes from their routing table that use it as their next-hop
Exercise 33
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4552
45
YES While the filter is created it is not applied to any interface yet
11 From the PE ping the attached CErsquos configured host loopback address
SuccessfulYES
12 From the CE ping the attached PErsquos system IP addresses
Successful NO The filter is blocking icmp echo-requests in only one direction therefore ping
works one way but not the other
17 From the PE ping the attached CErsquos loopback host IP address
Successful
YES ICMP echo-requests are not blocked to the Loopback segment ONLY thesystem IP
18 From the CE ping the attached PErsquos system IP address
Successful
NO The filter is now blocking ICMP echo-requests to both CE and PE systemaddresses
Sample PE Relevant Config
--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forwarddescription Block ICMP to System Address
entry 10 create
match protocol icmpdst-ip 1511003032
icmp-type echo-request
exit
action drop
exit
exitexit
--------------------------------------------------
echo Router (Network Side) Configuration
--------------------------------------------------
interface to-R12
address 15110012630 port 112
ingress filter ip 77
exit
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4652
46
Sample CE Relevant Config--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forward
description Block ICMP to System Addy
entry 10 creatematch protocol icmp
dst-ip 1511003132
icmp-type echo-request
exit
action dropexit
exit
exit
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
interface to-R8
address 15110012530
port 112ingress filter ip 77
exit
Exercise 413
c How many routes in the table
There are 5 OSPF routes in my routing table 3 System Addresses and 2 Intefacenetworks that are not directly connected to my local system
d What is the preference and metric value of each OSPF Route
The OSPF routes vary in metric depending how ldquofarrdquo away they are (OSPF usescumulative cost based on bandwidth) but all have a preference of 10
4c How many neighbors do you see on the P devices 2
PE 2
CE 0
d What is the state of their adjacency
The P and PE adjacencies are Established because there is a OSPF speaker on the
other end with the proper parameters configured
There is no OSPF adjacency to the CE router listed as none was configured
e What type of LSAs are in the database
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4752
47
Only Type 1 Router LSA are present due to the interface being configured as point-
to-point
5 Which devices were reachable
All the devices in the local ISP were now reachable
Which devices were not reachable
The devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs Also none of the CE Host Networks were reachable as therouters did not have routes for these networks in their local routing table
6 Which devices were reachable
All networks and devices in the local ISP are now reachable
Which devices were not reachable
Devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs
Sample Relevant Config
--------------------------------------------------
echo OSPFv2 Configuration
--------------------------------------------------
ospf
area 0000interface system
interface-type point-to-point
exit
interface to-R4interface-type point-to-point
exitinterface toLAN
interface-type point-to-point
exitexit
exit
exit
Exercise 515 How many routes are advertised to each neighbor
There are no routes advertised to the neighbors because BGP does not originateroutes until an export policy is created and applied to the BGP instance
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4852
48
8 How many routes are in the routing table of R1-R4
There is 1 BGP route in each of R1-R4s routing tables matching the best path tothe aggregate advertised by the remote ISPs
9 Which devices were reachable
From the PE routers only the P routers in the local ISP were reachable
Which devices were not reachable
All routers in the remote ISP were still unreachable This is due to the local PE router
not participating in the BGP routing protocol and therefore it is not aware of theaggregate route advertised from P to P router
Sample Relevant Router Config
--------------------------------------------------
echo Static Route Configuration
--------------------------------------------------
static-route 140100024 black-hole--------------------------------------------------
echo Policy Configuration
-------------------------------------------------- policy-options
begin
policy-statement Export_Routes
entry 10
from protocol static
exit
action accept
exit
exit
exit
commitexit
--------------------------------------------------
echo BGP Configuration
--------------------------------------------------
bgpgroup eBGP
export Export_Routes
exit
group ebgpneighbor 1601006
peer-as 65002
exit
exitgroup ibgp
neighbor 1401002
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4952
49
peer-as 65001
exit
exit
exit
exit
Exercise 61Part 4 Verification
1 a How many PUSH actions on the P PE and CE devices
There are 7 PUSH operations on each P and PE device There are no PUSHoperations on the CE as it is not running LDP
b How many SWAP actions on the P PE and CE devices
There are 7 SWAP operations on each P and PE device There are no SWAP
operations on the CE as it is not running LDP
c How many POP actions on the P PE and CE devices
There is 1 POP operation on each P and PE device There are no POP operationson the CE device as it is not running LDP
2
a How many OSPF adjacencies are there on your CE device
None
b Ping the other CE devices in the network (ping 1921681x)
Nothing is reachable because there is no layer 2 connectivity from CE to CE
device without creating a service
Exercise 62 3 Were you successful at adding the SAP
No The port must be in access mode before you can create a SAP on it
Part 2 Verification
1
g How many Ingress labels
There are now 3 Ingress labels on the PE devices The P and CE device has no
service labels
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5052
50
h How many SWAP actions
There are now 3 Egress labels on the PE devices The P and CE device has noservice labels
2
a
How many OSPF adjacencies are there on your CE device3
b Are you able to ping the other CE devices in the lab
YES
c Are you able to ping the system IP address of the P device from the CE
device
NO The O and PE devices are private from the service to which the CEdevices are connected on
3
a How many services are there on each device in your POD
1 per PE only
b What is their status
Operationally UP
d On each PE device we can see the MAC database per service using the
following command
iii How many local MAC addresses are in your table
1
iv How many remote MAC addresses are in your table
3
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
i How many OSPF adjacencies are there on your CE device
1
ii Ping the system IP addresses of all other CE devices in the lab
Only the CE device connected to the diagonally connected PE isreachable because it is the only one with an active SDP in both
directionsf
i How many labels are there
Same as before
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5152
51
ii Is there any difference compared to what was seen in previously
in step a
NO The LSPs created with LDP are still active only the SDP usedto bind the LSPs to the service are shut down therefore no labelswill be withdrawn
Sample PE Relevant Configuration
--------------------------------------------------echo LDP Configuration
--------------------------------------------------
ldpinterface-parameters
interface to-R1
exit
interface to-R6
exit
interface to-R5exit
exit
targeted-session
exit
exitexit
--------------------------------------------------
echo Service Configuration
--------------------------------------------------
service
customer 1 createdescription Default customer
exit
sdp 6 mpls createfar-end 1401006
ldp
keep-alive
shutdown
exit
no shutdown
exitsdp 7 mpls create
far-end 1511001
ldp
keep-alive
shutdownexit
no shutdown
exit
sdp 8 mpls create
far-end 15110030
ldpkeep-alive
shutdown
exit
no shutdown
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5252
52
exit
vpls 612 customer 1 create
stp
shutdown
exitsap 112 create
exit
mesh-sdp 6612 create
mesh-sdp 7612 create
mesh-sdp 8612 createexitno shutdown
exit
exit A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1052
10
RXgt show log log-id 99
RXgt show log log-id 100
Appropriate parameters can be used in order to display specific information
5
Save your configs
RXgt admin save
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1152
Lab 2 IP Addressing and Routing
Section 21 - ISP addressing with Enterprise Customers
Objective
In this exercise the student will design and implement an IP network addressing scheme
to support the communications between the routers as shown in the diagram below Thisis a paper exercise
Ent A1
30 hosts
Ent B2
300 hosts
11
Figure 1 Two Enterprises linked to a common ISP
Ent B1
90 hosts
Ent A2
60 hosts
ISP
Formatted Portuguese (Braz
Formatted Font (Default) TiNew Roman 12 pt Not Bold Fcolor Auto Portuguese (Brazil
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1252
12
Two enterprises A and B are connected to a central Tier 2 ISP A1 and A2 are two ofEnterprise Arsquos locations connected to the Tier 2 ISP and B1 and B2 are two of
Enterprise Brsquos locations connected to the same Tier 2
The ISP has a public IP addressing space of 13812016020 The Enterprises A and Blease their IP addressing from their ISP Enterprise A requires an IP addressing scheme
that can scale to at most 30 nodes in location A1 and 60 nodes in location A2 The
Enterprise B requires an IP addressing scheme with at most 90 nodes in location B1 andless than 300 nodes in location B2 The ISP can only lease 500 IP addresses (among thetwo enterprises) and will utilize the last part of its assigned sub-network to both theenterprises
Your tasks are to1) Extract a 500 host sub-network from the last part of the ISP IP network address of
13812016020
2) Divide the resulting sub-network into unequal sub-networks satisfying all the siterequirements for each of the enterprise locations Note The sub-networksassigned to each location do not have to be a single aggregate block so long asthey satisfy the number of addresses required
3) Wherever possible optimize address spaces among Enterprise locations
Hint Divide the assigned ISP IP sub-network into equal blocks satisfying the smallest
requirement and then combine the smaller blocks into aggregate or non aggregate
blocks
Entity Number of Host Addresses
IP Network
ISP Network 4094 13812016020
Subnetwork Assigned toEnterprise A and B
510
Enterprise A
Location A1
Location A2
Enterprise B
Location B1
Location B2
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1352
Section 22 ndash ISP addressing with P PE and CE routers
Objective
In this exercise the student will design and implement an IP network addressing scheme
to support the communications between the routers as shown in the diagram below TheIP addressing schema will be used further in the subsequent lab exercises
Figure 2 Two ISPS
There are two ISPs shown in the above diagram ISP 1 consists of routers P1 P2 PE5and PE6 ISP 2 consists of routers P3 P4 PE3 and PE4
P1 and P2 P3 and P4 are considered provider routers and serve as transit points to other
provider routers PE1 and PE2 PE3 and PE4 are provider edge routers and connect to theISP customers These routers provide Internet and other network access to the ISP
customers
13
CE4R12
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1452
14
CE 1 and CE2 are customer edge routers that represent customers of ISP 1 CE3 and CE4are routers that represent customers of ISP2 These routers provide traffic from the ISP to
the various customer entities
Each ISP is assigned the following public address space by IANA
ISP 1 140100024
ISP 2 150100024
Your task is to design an IP sub-network based on the address space provided and assignthe sub networks to the various routers based on the following requirements which are the
same for both ISPs Note All students assigned to each of the ISP must collaboratetogether
Requirements
1 The first 32 addresses in the assigned IP space for both ISPs are reserved for system
and other internal loopback addresses on the P PE Each of the routers in the ISP andwill require a system address from this block
2
The next 64 addresses in the assigned IP space for both ISPs are reserved for futureuse
3 All customer routers on both ISPs are connected to at most 60 hosts So each ISP
needs to assign two 60 host addressing schemes to represent all the customers4 All inter router links including CE-PE router links within each ISP are point to point
links however for the sake of convenience they should be assigned lsquo30rsquo based
addresses
5 ISP 1 and ISP2 provider routers are physically connected to each other but are not peering to each other
Enter the addresses in the table below
ISP Number 1 Router Port Interface name IP Address
PE1 System
toP1
toPE2
toCE1
P1 System
toP3 Not used
toP2
toPE1
PE2 System
toP2
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1552
15
toPE1
toP1
P2 System
toPE2
toP4 Not used
toP1
CE1 System Not used
toPE1
Aggregate
CE2 System Not used
toPE2
Aggregate
ISP Number 2 Router Port Interface name IP Address
PE3 System
toP3
toPE4
toCE3
P3 SystemtoP1 Not used
toP4
toPE3
PE4 System
toP4
toPE3
toCE4
P4 System
toPE4
toP3
toP2 Not used
CE3 System Not usedtoPE3
Aggregate
CE4 System Not used
toPE4
Aggregate
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1652
16
Section 23 ndash Layer 3 Interfaces
Objective
In this exercise the student will configure the layer 3 interfaces as per the IP addressing
scheme listed in the tables in the previous exercise
1 Using the following command take a look at any existing interfaces on the router
Notice that the system interface is already created This interface exists by defaultand cannot be removed The only requirement is to assign the system interface with
an IP address The system interface will be automatically used by the various routing protocols as the router-id
XXXgtshow router interface crarr
2 Assign the IP address to the system interface as per the above table on the PE and Prouters
XXXgtconf i ggtrouter crarr XXXgtconf i ggtr outer interface system crarr
XXXgtconf i ggtr out ergti f address xxxxxxxxxxxx 32 crarr
XXXgtconf i ggtr out ergti f exit crarr
3 Assign the IP addresses to the rest of the interfaces on the CE PE and P routers Thedifference between these interfaces and the system interface is the fact that the non-
system interfaces require the addition of a physical port
a The system interface being a loopback or virtual interface does not have a
physical port assigned to it b Other non-system interfaces can also be created as loopback interfaces (as
shown below) and also not required the addition of a physical port However
they need to be explicitly configured as a loopback interfaces by specifyingthe command ldquoloopbackrdquo
c The customer networks on the CE router can be specified as a loopback
interface for the purpose of aggregation however on the loopback interface asingle host address in the customer network needs to be defined
Interface Type Name Loopback Subnet Mask Port Config
Normal ldquoAny Stringrdquo No 8-31 Required
System system Implicit 32 None
Loopback ldquoAny Stringrdquo Explicit 8-31 loopback
XXXgtconf i ggtr outer interface Hosts crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1752
17
XXXgtconf i ggtr out ergti f $ address xxxxxxxxxxxxyy crarr XXXgtconf i ggtr out ergti f $ loopback
XXXgtconf i ggtr out ergti f $ exitcrarr
4 Continue until all the interfaces have been assigned an IP address and the interface
has been associated to the correct port Once completed use the show command tosee the status of the router interfaces that have just been created The administrative
and operational status should both be up If an interface shows operationally downthis could be indicative of a physical problem Use the info command to view theconfiguration of the router interfaces to ensure that they have all (with the exception
of the System interface) been associated with a port
XXXgtshow router interface crarr
XXXgtconf i ggtroutercrarr
XXXgtconf i ggtr outer info crarr
5 Using the show command check the route tables of all the CE PE and P routers inyour ISP Notice the routes that now appear in the route table and take note of their
protocol type The PE routers should see 4 routes in the route table while the Prouters should see 4 routes in the route table
XXXgtshow router route-table crarr
Is there a difference between the outputs of the lsquoshow router interfacersquo command andthe lsquoshow router route-tablersquo command What is the difference
__________
6 Using the ping command check connectivity from a router to the distant end of each
of its interfaces to the neighboring routers For example on the PE routers check theconnectivity to the distant end of the interface connecting it to the P router and on theCE router check the connectivity to the PE router
XXXgt ping xxxxxxxxxxxx crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1852
18
Section 24 ndash Testing for ICMP and ARP
Internet control messaging protocol is an IP protocol used to report on errors deliveringan IP datagram When a destination address is unreachable the router that cannot find the
destination sends an ICMP destination unreachable to the source of the IP datagram ARPis a mechanism used to find out the MAC address corresponding to a specific IP address
if one does not exist in the sourcersquos ARP cache
1 To verify ICMP messages are being generated turn on debug for ICMP packets on allcore routers To turn debug icmp on
XXXgt debug router ip icmp
2 From the edge devices attempt to ping the IP address of the far-end interface to your
core router using your edgersquos system interface address as the source address Observethe debug ICMP messages on the core routers
3 To verify ARP operation by the router turn on debug IP ARP on the routers in any
ISP (P1-P2 P3-P4 PE1 and PE2 PE3 and PE4) routers Execute the followingcommand on each of the routers
XXXgt debug router ip no icmp
XXXgt debug router ip arp
XXXgt clear router arp all
XXXgt show router arp (This should be empty now)
4 NOTE Wait until all students are at this point before proceeding
From any PE router attempt to ping the system interface IP address of all the other
directly connected routers Observe the debug ARP message Verify the ARP entryfor the neighboring interface has been added
XXXgt show router arp
How many ARP entries are on each router at this point __________
5 From any P router attempt to ping the network interface IP address of all the otherconnected routers Observe the debug ARP message Verify the ARP entry for theneighboring interface has been added
XXXgt show router arp
How many ARP entries are on each router at this point __________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1952
19
Explain ________________________________________________________________________
________________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2052
Lab 3 Dynamic IP Routing
Section 31 ndash Static Routes
Objective
In this exercise the student will configure a static route from the PE to the P router andfrom the P router to the PE router that will allow both routers to ping the system interface
of each other At this point the operator can only ping the interfaces that are directlyconnected to the router This is because those are the only networks that are known bythe router Should the operator at the PE router attempt to ping the system interface of
the P router it will fail as the PE router has no route to the destination (it is not shown inthe route-table)
1 The first step is to define the network that the operator wishes to reach In this case itwill be the address of the system interface of the distant router Once that is defined
then the router must be informed of which interface to send the information out of toreach the distant network Note when defining the ldquonext-hoprdquo interface informationthe IP address used is the distant IP address of the interface not the local IP address of
the router interface Log in to the PE router and configure a static route using thefollowing command structure The first IP address defined is the destination network
plus mask In this case it is the system interface of the P router The second IPaddress defined is the IP address of the P end of the interface that connects the P tothe PE
XXXgtconfigure router static-route xxxxxxxxyy next-hopxxxxxxxx
2 The next step is to log on to the P routers and configure a static route to the systeminterface of the PE router The command structure is the same as above The onlything that will change is the IP addresses
3
Once completed verify connectivity between the P and PE routers in your pod by pinging the system interface of the other router
XXXgt ping xxxxxxxxxxxx crarr
4 View the contents of the routing table and answer the following questions
XXXgtshow r out er r out e- t abl e crarr
a How many routes in the table ________
b What is the preference and metric value of each type of routing entry
________________________________________________________________________
________________________________________________________________________
___________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2152
Section 32 ndash Default Routes and Router Logicction 32 ndash Default Routes and Router Logic
ObjectiveObjective
In this exercise the student will configure a default route on the Customer Edge CE
router The purpose of this default route is to allow IP connectivity from the CE router tothe rest of the routers in the network This is possible due to the fact that the CE router
has only one interface towards the ISP core Therefore if the destination is not local itmust be out that interface
In this exercise the student will configure a default route on the Customer Edge CE
router The purpose of this default route is to allow IP connectivity from the CE router tothe rest of the routers in the network This is possible due to the fact that the CE router
has only one interface towards the ISP core Therefore if the destination is not local itmust be out that interface
Figure 3 Static routes CE to PE and P PE to CEFigure 3 Static routes CE to PE and P PE to CE
21
CE4R12CE4R12
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
Static Route T e 2
Static Route T e 3
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2252
22
For this exercise the CE devices will configure default routes towards theirconnected PE router Each P and PE router will configure static routes for the CE
networks (the aggregate networks that were created as part of the subnetwork exercisein Section 22) connected to their local ISP For example P1 and PE1 will eachconfigure a static route to CE1 networks and another static route to the CE2 networks
Note that each P and PE router will configure 2 static routes for each CE
1 To configure a default route is to configure a static route The only difference is thedestination network and mask information In a default route the wild card network
and mask is used to match all network prefix values that do not match anything elsein the route-table Use the following configuration on the edge router of your pod
For the next hop use the interface as defined on the previous page
XXXgtconfigure router static-route 00000 next-hop xxxxxxxx crarr
2 Log on to the core (P and PE) routers and configure static routes for each CE
customer network address of the CE routers in your local ISP For each networkthere are 2 paths through your ISP For this exercise you will enter both static routes
into each PPE router The difference will be the metric value that is used The valueof the metric is the total number of routers (including the local router) traversed toreach the destination device
XXXgtconfigure router static-route xxxxxxxxyy next-hop
xxxxxxxx met r i c zcrarr
3 Use the show command to verify the existence of the default and static routes
XXXgtshow router route-table crarr
How many routes are there in the PPE routerrsquos routing table _______
Explain
_____________________________________________________________________ _____________________________________________________________________
4 Once everyone has completed the default route configuration log on to the CE router
and ping and traceroute the various system interfaces of the various routers within thenetwork Log into the P and PE router and try to ping the configured host address on both the CE routers in the ISP
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________
Which devices were not reachable ______________________________
XXXgttraceroute xxxxxxxxxxxx crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2352
23
What path is being taken to the other CE within your local ISP ____________________________________________________________________
5 Shut down the link directly between the PE devices
XXXgtconfigure port XYZ shutdown crarr
Which devices are still reachable _______________________________
Explain _____________________________________________________________________
_____________________________________________________________________A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2452
24
Section 33 ndash IP Filters
Objective
In this exercise the student will configure an IP filter on the routers to block ICMP echo-
request access to an IP address range
To configure an IP filter we must first determine the address and protocol types that we
will be allowing access to and the direction where the filter will be applied In this casewe will be blocking access to any of the CE customer host addresses from the protocol
ICMP (IP Protocol type 1) We will block access in the INGRESS direction on the CEinterface towards the PE
CE Routers Only
6 Create and describe the filter ip instance on the CE device
XXXgt configure filter ip-filter 77 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er $ description ldquoBlock ICMP to Customernetworkrdquo
7 Set the default-action to forward
XXXgtconf i ggtf i l t er gti p- f i l t er $ default-action forward crarr
8 Deny access to all host address range only for ICMP echo-requests Note We will
match in the ingress direction
XXXgtconf i ggtf i l t er gti p- f i l t er $ entry 10 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match dst-ip xxxxxxxxyy crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match protocol 1 icmp-type echo-
request crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ action drop crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ exit all crarr
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful _____Explain _____________________________________________________________________
_____________________________________________________________________
10 Apply the filter on the CE to the router interface connected to the PE device
XXXgt configure router interface toPEx crarr
XXX gtconf i ggtr out ergti f $ ingress filter ip 77 crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2552
25
11 From the PE ping the attached CErsquos configured host loopback address Successful _____
12 From the CE ping the attached PErsquos system IP addresses Successful _____Explain
_____________________________________________________________________
_____________________________________________________________________
PE Routers only Do not start until CE Router section is completed
13 Create and describe the filter ip instance on the PE device
XXXgt configure filter ip-filter 77 create crarr XXXgtconf i ggtf i l t er gti p- f i l t er $ description ldquoBlock ICMP to System
Addressrdquo
14 Set the default-action to forward
XXXgtconf i ggtf i l t er gti p- f i l t er $ default-action forward crarr
15 Deny access to the system IP address only for ICMP echo-requests Note We willmatch in the ingress direction so the packets will destined to the system IP address
XXXgtconf i ggtf i l t er gti p- f i l t er $ entry 10 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match dst-ip xxxxxxxxyy crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match protocol 1 icmp-type echo-
request crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ action drop crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ exit all crarr
16 Apply the filter to the router interface connected to the CE device
XXXgtconfigure router interface toCExcrarr
XXXgtingress filter ip 77 crarr
17 From the PE ping the attached CErsquos loopback host IP address Successful _____
18 From the CE ping the attached PErsquos system IP address Successful _____Explain
_____________________________________________________________________ _____________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2652
Lab 4 Open Shortest Path First (OSPF)
Section 41 ndash Single Area OSPF
Objective
In this exercise the student will configure a single area OSPF network for each ISP Thislab will demonstrate the different databases that are created by the OSPF routing
protocol
CE4R12
26
Figure 4 OSPF in each ISP
NOTE Remove all static routes configured in the P and PE devices in the previous
labs DO NOT remove the static routes to CE networks on the PE
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
OSPF
OSPF
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2752
27
1 The first step is to enable the OSPF routing process on the router
XXX configure router ospf crarr
2 Next define the area that the interfaces will be placed in Remember that the areamust match between routers connected on the same interface for OSPF to establish an
adjacency The objective of this exercise is to configure a single area OSPF network
therefore all students should use the same area number
XXXgtconf i ggtr outergtospf $ area 0 crarr
3 Now enter into this area all the interfaces that you want OSPF to operate on and sendout its advertisements In this case place all the PE and P router interfaces inside thelocal ISP into the OSPF process area 0 Note that ISPs rarely exchange routes witheach other using an IGP protocol of any sort
XXXgtconf i ggtr out er gtospf gtar ea$ interface system crarr
XXXgtconf i ggtr outergtospf gtar eagti f $ exit crarr XXXgtconf i ggtr outergtospf gtar eagt interface toPE1
XXXgtconf i ggtr out ergtospf gtareagti f $ interface-type point-to-point crarr
Continue until all the interfaces on the PE and P routers within the ISP are enteredinto the OSPF process in area 0
XXXgtshow r out er r out e- t abl e crarr
a How many routes in the table ________ b
_________________________________________________________________ _________________________________________________________________
_________________________________________________________________ _________________________________________________________________
What is the preference and metric value of each OSPF Route
4 Use the show command to look at the OSPF neighbors of the P routers
XXXgtshow r out er ospf nei ghbor crarr
a How many neighbors do you see on the P devices _____ PE _____ CE _____
b What is the state of their adjacency ____ Why
____________________________________________________________________
____________________________________________________________________
Use the following command to show the ospf link state database This database is alisting of all LSAs that have been received by the router It is these LSAs that the SPFalgorithm uses to create the forwarding table
XXX show router ospf database detail crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2852
28
a What types of LSAs are in the database _______________________________________________________________
_______________________________________________________________ b Is the database consistent on all the ISP routers _______
5 Once everyone has completed the OSPF configuration login to the P router and ping
the other PE router system interfaces
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________Which devices were not reachable ______________________________
Explain _____________________________________________________________________ ___________________________________________________________________
6 To reach the CE networks from any of the PE and P routers the CE networks need to
be distributed into OSPF running on PE and P routers The static routes to the CEnetworks are defined on the PE routers and need to be distributed on the PE routers
To do this
a
the PE router must be configured as an ASBR (Autonomous System Border
Router) The ASBR configuration under OSPF enables a router running the OSPFrouting protocol to distribute networks external to the OSPF domain into OSPFIn this case the static routes to the CE networks are not part of the ISP OSPF
domainOn the PE routerXXXgtconf i ggtr out er gtospf gtar ea 0 asbrcrarr
b A routing policy on the PE distributes the static routes into OSPF
On the PE routerXXX configure router policy-options crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons begin crarr XXXgtconf i ggtr out ergtpol i cy- opt i ons policy-statement Export_Routes crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement $ entry 10 crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y$
from protocol static crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y
action accept crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r ygtact i on
back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons commit crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons exit all crarr XXXgtconf i ggtr outergtospf export Export_Routes
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2952
29
7 From the PE and the P routers ping all the CE networks (ie ping the CE hostloopback address) within the ISP
Which devices were reachable _______________________________
Which devices were not reachable ______________________________Explain
_____________________________________________________________________
___________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3052
Lab 5 BGP Routing
Section 51 ndash BGP Routing
Objective
In this exercise the student will configure their ISP as a BGP Autonomous System The
student will then configure the BGP routing protocol to connect the Autonomous Systemstogether and exchange routing information
CE4R12
Figure 5 BGP between ISPs and within ISPs
30
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
OSPF
OSPF
BGP
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3152
31
1 Assign your AS number to your P and PE routers (R1-R8)
XXXgtconf i ggtr out er autonomous-system 6500n (n = ISP) crarr
2 P1 and P3 P2 and P4 will be configured as external BGP peers (eBGP) Note thateBGP peers typically use the next-hop interface IP address as the neighbor address
Since the ISPs will now be peering (share an IP network) between them assign the
link between P1 and P3 host addresses from 145001031 and the link between P2and P4 will be assigned hosts from the 145002031 network
XXXgtconf i ggtr out er bgp gr oup eBGP crarr
XXXgtconf i ggtr out er gtbgpgtgroup$ nei ghbor xxxxxxxx crarr
XXXgtconf i ggtr outergtbgpgtgroupgtnei ghbor$ peer - as ltremote ASgt crarr
3 P1 and P2 P3 and P4 will be configured as internal BGP peers (iBGP) Note that
iBGP peers typically use the system interface IP address as the neighbor address
XXXgtconf i ggtr out er bgp group i BGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ nei ghbor xx xx xx xx crarr
XXXgtconf i ggtr outergtbgpgtgroupgtnei ghbor$ peer - as ltl ocal ASgt crarr
4
At this point each P router should have one internal and one external BGP session
xxx show r out er bgp summar y crarr
5
We can see the advertised routes for reach neighbor using the following command
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
a How many routes are advertised to each neighbor _____ b Explain
____________________________________________________________ __________________________________________________________
6
BGP like other distance vector protocols requires an export policy to advertise-routes to other BGP peers The most accepted way to originate a route from an ISP isto create a black-hole static route for all aggregates to be advertised This will ensure
these routes always exit to eliminate IGP related route flapping Create the black-holestatic route for the aggregate of your local ISP A black hole indicates that traffic fora particular route will be discarded unless a more specific route exists in the routing
table A black hole static-route only makes sense from an aggregation view point Foreg if there are the following routes in the routing table
XXX configure router static-route xxxxxxxxyy black-hole
preference 250
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3252
32
8 Execute the following set of commands on the core routers (R1-R4) This will exportall static routes to the eBGP peers
XXX configure router policy-options crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons begin crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons policy-statement Export_Routes crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement $ entry 10 crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y$
from protocol static crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y
action accept crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r ygtact i on
back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons commit crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons exit all crarr
XXXconf i gur e router bgp group eBGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ expor t Expor t _Routes crarr
NOTE Wait for all nodes to be fully configured before proceeding
7
Notice that there are routes being advertised now that the policy is applied
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
How many routes are in the routing table of R1-R4 ________________Explain
_____________________________________________________________________ ___________________________________________________________________
9 Log on to the PE routers and ping the other P router system interfaces of the other ISP
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________Which devices were not reachable ______________________________
Explain _____________________________________________________________________
___________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3352
Lab 6 Services
Section 61 Services Framework
Objective
In order to complete the next group of labs we need to create a topology to support the
services we will deploy The two service providers from the previous sections havemerged into one and are offering a VPLS service across their network As long as routesexist to the system addresses of all the PE devices in the provider network a VPLSservice can be created The new service provider is running OSPF as the IGP for their
core network
33
Figure 6 Service Provider core network
CE4R12
P1R1 P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
OSPF
CE3R11
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3452
34
Running an IPMPLS-based service requires a Label Distribution Protocol (wersquoll useLDP for ease of deployment) and a full mesh of Service Distribution Paths (SDPs)
Follow the steps below
Reference Terminology
R1-R4 = Provider Routers = P1-P4
R5-R8 = Provider Edge Routers = PE1-PE4R9-R12 = Customer Edge Routers = CE1-CE4
Part 1 Provider Router Configuration (P1-P4)
1) In the previous lab routing between ISPs is provided by BGP Since the ISPs have
merged they will be merged into one routing domain running OSPF as their IGP
The interfaces between R1 and R3 and between R2 and R4 must be added to OSPF to
make this a single routing domain
2) The MPLS signaling protocol that will be used in the following section is LDP LDP
must be enabled on ALL interfaces that will be required to perform MPLS Label
exchange
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr
XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toP_ is the router interface to all neighboring routers
Part 2 Provider Edge Router Configuration (PE1-PE4)
1) LDP must be enabled on ALL router interfaces in the provider core to allow labels to
be exchanged across the Provider and Provider Edge routers
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toR_ is the router interface to the P and PE routers only
LDP is an MPLS signaling protocol therefore once all routers in the network have been
correctly configured for LDP LSPs will be created dynamically based on the systemaddresses of each node in the network
3) Configure a full mesh of SDPs (Service Distribution Paths) between the PE routers
only This will allow the distribution of services across all PE routers in the networks
When yoursquove completed this section each PE node will have a total of 3 SDPs to
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3552
35
each of the other 3 PEs The SDP is identified by an integer and we will use the router
number (5 6 7 or 8) of the far end PE to identify the SDP So PE1 (R5) will have 3
SDPs numbered 6 7 and 8 to each of the other three PEs
XXXgtconf i gure servi ce sdp x mpl s cr eat e crarr
XXXgtconf i ggtser vi cegtsdp$ f ar - end xxxxxxxxxxxx crarr
XXXgtconf i ggtser vi cegtsdp$ l dp crarr
XXXgtconf i ggtser vi cegtsdp$ no shut down crarr
Where x is the router number of the destination node
Where xxxxxxxxxxxx is the system IP address of the far-end device
Part 3 Customer Edge Router Configuration (CE1-CE4)
In the following service labs the Customer Edge devices will be configured as traditional
routers Each CE router has an interface in the same IP subnet The VPLS service will join these four routers in the same way an Ethernet switch would join them Thefollowing configuration is required on each CE device
1) Create the router interface on the interface connecting the CE to the service enabled
PE devices
XXXgtconf i gure r out er i nt er f ace ser vi cesCE_ crarr
XXXgtconf i ggtr out ergti f $ addr ess 192 168 1 x 24 crarr
XXXgtconf i ggtr out ergti f $ por t X Y Z crarr XXXgtconf i ggtr outergti f $ no shutdown
Where x is the local router number
Where XYZ is the physical network port connecting the CE to the neighboring
PE
2) Create OSPF area 0 and add the Router Interface created in step 1 and the system
interface to it
XXXgtconf i gur e rout er ospf area 0 crarr
XXXgtconf i ggtr out ergtospf gtarea$ i nter f ace syst emcrarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
XXXgtconf i ggtr out ergtospf gtarea i nter f ace servi ceCE1 crarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
Part 4 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3652
36
1) LDP is the protocol used for signaling which tunnel labels will be PUSHed
SWAPped POPped while data traverses the LSP To view which labels will be used
and their function use the following command
XXX show r out er l dp bi ndi ngs act i ve crarr
a How many PUSH actions on the P PE and CE devices
_______________________ Explain _______________________________________________________________
_______________________________________________________________
__________
b How many SWAP actions on the P PE and CE devices
_______________________ Explain
_______________________________________________________________
_______________________________________________________________
__________
c How many POP actions on the P PE and CE devices
_________________________ Explain
_______________________________________________________________ _______________________________________________________________
__________
2) CE Connectivity
a How many OSPF adjacencies are there on your CE device _____
b Ping the other CE devices in the network (ping 1921681x)
Explain the results ________________________________________________________________________ ________________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3752
Section 62 VPLS Example
Objective
A VPLS is a layer 2 service that can connect multiple sites in one LAN Itrsquos like creatinga virtual Switch out of a network of Service Routers In this lab we will create a VPLSacross all the PE nodes The PE devices will connect to each other with a full mesh using
mesh-sdp Note that after the service reference topology has been configured adding
services from edge to edge does not require any further modification of the P devices
37
Figure 6 VPLS service in each ISP between PE and P routers with SAP connections to CE routers
Part 1 Provider Edge Router Configuration (R5-R8)
1) Create the VPLS service
CE4R12
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
CE3R11
VPLS 1
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3852
38
XXXgtconf i gur e servi ce vpl s 1 cust omer 1 cr eat e crarr
XXXgtconf i ggtser vi cegtvpl s$ no shut down crarr
2) SDPs are used to distribute services across multiple service routers and therefore
bind a transport tunnel to the service You will need to create a mesh-sdp between
each PE router (R5-R8) to allow full communication across the PE routers Each PE
router should have 3 mesh-SDPs at the conclusion of this step Note that a mesh-sdp
will not forward a frame out another mesh-sdp allowing for a loop free service
topology within the core
XXXgtconf i gur e ser vi ce vpl s 1 mesh- sdp x create crarr
XXXgtconf i ggtser vi cegtvpl sgtmesh- sdp$ back crarr
Where x is the sdp to the other PE routers (R5=5 R6=6 R7=7 R8=8)
3) Service Access Points are used to attach CE devices to services on PE devices
XXXgtconf i gur e servi ce vpl s 1 sap X Y Z cr eat e crarr
Where XYZ is the physical port connecting the CE device to the PE
a Were you successful at adding the SAP _______
b Explain
_______________________________________________________________
_______________________________________________________________
c Correct the problem
XXXgtconf i gur e port X Y Z shut down crarr
XXXgtconf i gur e por t X Y Z et her net mode access crarr
XXXgtconf i gur e por t X Y X no shut down crarr
Part2 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
a View the in-use Service LDP bindings on the P and PE routers (U after label
indicates in-use)
XXX show r out er l dp bi ndi ngs f ec- t ype ser vi ces crarr
a How many Ingress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3952
39
b How many Egress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
b Network Connectivity
a How many OSPF adjacencies are there on your CE device _____
b
Are you able to ping the other CE devices in the lab _____c Are you able to ping the system IP address of the P device from the CE
device ____
d Explain the results
_______________________________________________________________
_______________________________________________________________
c Services Use the following command to determine the health of your services
XXXgt show ser vi ce servi ce- usi ng crarr
a How many services are there on each device in your POD ______
b
What is their status ______c Use the following command to find out more information about your service
XXXgt show ser vi ce i d 1 base crarr
d On each PE device we can see the MAC database per service using the
following command
XXXgt show ser vi ce i d 1 f db det ai l crarr
i How many local MAC addresses are in your table ____
ii How many remote MAC addresses are in your table ____
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
XXXgtconf i gur e servi ce sdp x shutdown crarr
Where x is the SDP to the remote PE device (R5=5 R6=6 R7=7 R8=8)
i How many OSPF adjacencies are there on your CE device _____
ii Ping the system IP addresses of all other CE devices in the lab
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4052
40
iii Explain the results
_________________________________________________________
_________________________________________________________
f On the P routers observe the impact of step d
XXXgtshow r out er l dp bi ndi ngs act i ve crarr
i
How many labels are there _____________
ii Is there any difference compared to what was seen in previously in
step a ________________
Explain __________________________________________________________________
__________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4152
41
Solutions
Exercise 13 Hardware
Sample Relevant Config--------------------------------------------------
echo Card Configuration--------------------------------------------------
card 1card-type iom-20g
mda 1
mda-type m60-10100eth-tx
ingress
mcast-path-managementshutdown
exit
exit
exit
exit
--------------------------------------------------
Exercise 14 Logs
Sample Relevant Config--------------------------------------------------echo Log Configuration
--------------------------------------------------
log
log-id 21
description Main stream log
from main
to memoryexit
log-id 22
description Security Log File
from security
to memoryexitlog-id 23
description Debug-trace
from debug-trace
to memoryexit
log-id 24
description Change Log
from change
to memoryexit
exit
Exercise 21
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4252
42
Divide up the ISP address space into equal space 512 host addresses
13812016022
13812020022
13812024022
13812028022 - divide into 13812028023 and 13812030023
Take the last 13812030023 and divide that into
13812030027 A1 30 hosts
138120303227 A2 62 hosts
138120306427
138120309627 B1 92 hosts
1381203012826
1381203019226 B2 316 hosts
13812031024
Exercise 22
Divide 140100024 into 827 address spaces
140100027 Reserved Reserved
1401003227 Unused
1401006427 Unused
1401009627 Split 1401009630
14010010030
14010010430
14010010830
14010011230
14010011630
14010012030
14010012430
All interface addresses
14010012827 Aggregate 14010012826 Assigned to Customer
space
14010016027
14010019227 Aggregate 14010019226 Assigned to customer
space
14010022427
Exercise 23
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4352
43
5 Is there a difference between the outputs of the lsquoshow router interfacersquo command
and the lsquoshow router route-tablersquo command What is the difference
Yes there is a difference The route table shows me the networks that are connected to myrouter and the logical interface it is connected to The router interface command shows
me the host address assigned to the port from the network that is used on my router along
with the physical port it is bound to
Relevant Configuration from P1
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
router
interface system
address 140100132
exit
interface t-R2exit
interface to-R2
address 140100530
port 112exit
interface to-R3
address 14010010930
port 113
exitinterface to-R5
address 14010011830
port 111
exit
exit
Exercise 244 How many ARP entries are on each router at this point
There are no ARP entries in my ARP table at this point The routers do not know how to
reach the system addresses of other routers so no ARP responses are received
5 How many ARP entries are on each router at this point
I see entries for each of my directly connected peers The MAC address belongs to the
remote routerrsquos interface ARP entries are populated because all routers know of theirdirectly connected networks and will respond to ARP requests accordingly
Exercise 31
5 View the contents of the routing table and answer the following questions
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4452
44
a How many routes in the table
There are routes for all my connected networks and an additional STATIC routefor each entry I put in
b What is the preference and metric value of each type of routing entry
The LOCAL entries have a Metric and Preference of 0The Static Routes have a Metric of 1 and a Preference of 5
Exercise 323 How many routes are there in the PPE routerrsquos routing table
Even though I entered 4 static routes total on the router only 2 are active in myrouting table The router preferred the static-route with the lowest metric
4 Which devices were reachable
I was able to ping the CE routers
Which devices were not reachable
I was unable to ping the System addresses of routers 2 hops away as they do not have
routes to the remote CE system address in their table The directly attached PE routerhas a staticroute to the local CE system address from a previous step
What is the PATH to the other CE within your local ISP
CE PE PE CE
5
Shut down the link directly between the PE devices
Which Devices are still reachable
I am still able to PING the other CE in my ISP by using the alternate (floating) static-route that replaced the last route Once a interface goes operationally down routers
flush routes from their routing table that use it as their next-hop
Exercise 33
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4552
45
YES While the filter is created it is not applied to any interface yet
11 From the PE ping the attached CErsquos configured host loopback address
SuccessfulYES
12 From the CE ping the attached PErsquos system IP addresses
Successful NO The filter is blocking icmp echo-requests in only one direction therefore ping
works one way but not the other
17 From the PE ping the attached CErsquos loopback host IP address
Successful
YES ICMP echo-requests are not blocked to the Loopback segment ONLY thesystem IP
18 From the CE ping the attached PErsquos system IP address
Successful
NO The filter is now blocking ICMP echo-requests to both CE and PE systemaddresses
Sample PE Relevant Config
--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forwarddescription Block ICMP to System Address
entry 10 create
match protocol icmpdst-ip 1511003032
icmp-type echo-request
exit
action drop
exit
exitexit
--------------------------------------------------
echo Router (Network Side) Configuration
--------------------------------------------------
interface to-R12
address 15110012630 port 112
ingress filter ip 77
exit
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4652
46
Sample CE Relevant Config--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forward
description Block ICMP to System Addy
entry 10 creatematch protocol icmp
dst-ip 1511003132
icmp-type echo-request
exit
action dropexit
exit
exit
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
interface to-R8
address 15110012530
port 112ingress filter ip 77
exit
Exercise 413
c How many routes in the table
There are 5 OSPF routes in my routing table 3 System Addresses and 2 Intefacenetworks that are not directly connected to my local system
d What is the preference and metric value of each OSPF Route
The OSPF routes vary in metric depending how ldquofarrdquo away they are (OSPF usescumulative cost based on bandwidth) but all have a preference of 10
4c How many neighbors do you see on the P devices 2
PE 2
CE 0
d What is the state of their adjacency
The P and PE adjacencies are Established because there is a OSPF speaker on the
other end with the proper parameters configured
There is no OSPF adjacency to the CE router listed as none was configured
e What type of LSAs are in the database
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4752
47
Only Type 1 Router LSA are present due to the interface being configured as point-
to-point
5 Which devices were reachable
All the devices in the local ISP were now reachable
Which devices were not reachable
The devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs Also none of the CE Host Networks were reachable as therouters did not have routes for these networks in their local routing table
6 Which devices were reachable
All networks and devices in the local ISP are now reachable
Which devices were not reachable
Devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs
Sample Relevant Config
--------------------------------------------------
echo OSPFv2 Configuration
--------------------------------------------------
ospf
area 0000interface system
interface-type point-to-point
exit
interface to-R4interface-type point-to-point
exitinterface toLAN
interface-type point-to-point
exitexit
exit
exit
Exercise 515 How many routes are advertised to each neighbor
There are no routes advertised to the neighbors because BGP does not originateroutes until an export policy is created and applied to the BGP instance
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4852
48
8 How many routes are in the routing table of R1-R4
There is 1 BGP route in each of R1-R4s routing tables matching the best path tothe aggregate advertised by the remote ISPs
9 Which devices were reachable
From the PE routers only the P routers in the local ISP were reachable
Which devices were not reachable
All routers in the remote ISP were still unreachable This is due to the local PE router
not participating in the BGP routing protocol and therefore it is not aware of theaggregate route advertised from P to P router
Sample Relevant Router Config
--------------------------------------------------
echo Static Route Configuration
--------------------------------------------------
static-route 140100024 black-hole--------------------------------------------------
echo Policy Configuration
-------------------------------------------------- policy-options
begin
policy-statement Export_Routes
entry 10
from protocol static
exit
action accept
exit
exit
exit
commitexit
--------------------------------------------------
echo BGP Configuration
--------------------------------------------------
bgpgroup eBGP
export Export_Routes
exit
group ebgpneighbor 1601006
peer-as 65002
exit
exitgroup ibgp
neighbor 1401002
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4952
49
peer-as 65001
exit
exit
exit
exit
Exercise 61Part 4 Verification
1 a How many PUSH actions on the P PE and CE devices
There are 7 PUSH operations on each P and PE device There are no PUSHoperations on the CE as it is not running LDP
b How many SWAP actions on the P PE and CE devices
There are 7 SWAP operations on each P and PE device There are no SWAP
operations on the CE as it is not running LDP
c How many POP actions on the P PE and CE devices
There is 1 POP operation on each P and PE device There are no POP operationson the CE device as it is not running LDP
2
a How many OSPF adjacencies are there on your CE device
None
b Ping the other CE devices in the network (ping 1921681x)
Nothing is reachable because there is no layer 2 connectivity from CE to CE
device without creating a service
Exercise 62 3 Were you successful at adding the SAP
No The port must be in access mode before you can create a SAP on it
Part 2 Verification
1
g How many Ingress labels
There are now 3 Ingress labels on the PE devices The P and CE device has no
service labels
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5052
50
h How many SWAP actions
There are now 3 Egress labels on the PE devices The P and CE device has noservice labels
2
a
How many OSPF adjacencies are there on your CE device3
b Are you able to ping the other CE devices in the lab
YES
c Are you able to ping the system IP address of the P device from the CE
device
NO The O and PE devices are private from the service to which the CEdevices are connected on
3
a How many services are there on each device in your POD
1 per PE only
b What is their status
Operationally UP
d On each PE device we can see the MAC database per service using the
following command
iii How many local MAC addresses are in your table
1
iv How many remote MAC addresses are in your table
3
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
i How many OSPF adjacencies are there on your CE device
1
ii Ping the system IP addresses of all other CE devices in the lab
Only the CE device connected to the diagonally connected PE isreachable because it is the only one with an active SDP in both
directionsf
i How many labels are there
Same as before
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5152
51
ii Is there any difference compared to what was seen in previously
in step a
NO The LSPs created with LDP are still active only the SDP usedto bind the LSPs to the service are shut down therefore no labelswill be withdrawn
Sample PE Relevant Configuration
--------------------------------------------------echo LDP Configuration
--------------------------------------------------
ldpinterface-parameters
interface to-R1
exit
interface to-R6
exit
interface to-R5exit
exit
targeted-session
exit
exitexit
--------------------------------------------------
echo Service Configuration
--------------------------------------------------
service
customer 1 createdescription Default customer
exit
sdp 6 mpls createfar-end 1401006
ldp
keep-alive
shutdown
exit
no shutdown
exitsdp 7 mpls create
far-end 1511001
ldp
keep-alive
shutdownexit
no shutdown
exit
sdp 8 mpls create
far-end 15110030
ldpkeep-alive
shutdown
exit
no shutdown
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5252
52
exit
vpls 612 customer 1 create
stp
shutdown
exitsap 112 create
exit
mesh-sdp 6612 create
mesh-sdp 7612 create
mesh-sdp 8612 createexitno shutdown
exit
exit A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1152
Lab 2 IP Addressing and Routing
Section 21 - ISP addressing with Enterprise Customers
Objective
In this exercise the student will design and implement an IP network addressing scheme
to support the communications between the routers as shown in the diagram below Thisis a paper exercise
Ent A1
30 hosts
Ent B2
300 hosts
11
Figure 1 Two Enterprises linked to a common ISP
Ent B1
90 hosts
Ent A2
60 hosts
ISP
Formatted Portuguese (Braz
Formatted Font (Default) TiNew Roman 12 pt Not Bold Fcolor Auto Portuguese (Brazil
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1252
12
Two enterprises A and B are connected to a central Tier 2 ISP A1 and A2 are two ofEnterprise Arsquos locations connected to the Tier 2 ISP and B1 and B2 are two of
Enterprise Brsquos locations connected to the same Tier 2
The ISP has a public IP addressing space of 13812016020 The Enterprises A and Blease their IP addressing from their ISP Enterprise A requires an IP addressing scheme
that can scale to at most 30 nodes in location A1 and 60 nodes in location A2 The
Enterprise B requires an IP addressing scheme with at most 90 nodes in location B1 andless than 300 nodes in location B2 The ISP can only lease 500 IP addresses (among thetwo enterprises) and will utilize the last part of its assigned sub-network to both theenterprises
Your tasks are to1) Extract a 500 host sub-network from the last part of the ISP IP network address of
13812016020
2) Divide the resulting sub-network into unequal sub-networks satisfying all the siterequirements for each of the enterprise locations Note The sub-networksassigned to each location do not have to be a single aggregate block so long asthey satisfy the number of addresses required
3) Wherever possible optimize address spaces among Enterprise locations
Hint Divide the assigned ISP IP sub-network into equal blocks satisfying the smallest
requirement and then combine the smaller blocks into aggregate or non aggregate
blocks
Entity Number of Host Addresses
IP Network
ISP Network 4094 13812016020
Subnetwork Assigned toEnterprise A and B
510
Enterprise A
Location A1
Location A2
Enterprise B
Location B1
Location B2
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1352
Section 22 ndash ISP addressing with P PE and CE routers
Objective
In this exercise the student will design and implement an IP network addressing scheme
to support the communications between the routers as shown in the diagram below TheIP addressing schema will be used further in the subsequent lab exercises
Figure 2 Two ISPS
There are two ISPs shown in the above diagram ISP 1 consists of routers P1 P2 PE5and PE6 ISP 2 consists of routers P3 P4 PE3 and PE4
P1 and P2 P3 and P4 are considered provider routers and serve as transit points to other
provider routers PE1 and PE2 PE3 and PE4 are provider edge routers and connect to theISP customers These routers provide Internet and other network access to the ISP
customers
13
CE4R12
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1452
14
CE 1 and CE2 are customer edge routers that represent customers of ISP 1 CE3 and CE4are routers that represent customers of ISP2 These routers provide traffic from the ISP to
the various customer entities
Each ISP is assigned the following public address space by IANA
ISP 1 140100024
ISP 2 150100024
Your task is to design an IP sub-network based on the address space provided and assignthe sub networks to the various routers based on the following requirements which are the
same for both ISPs Note All students assigned to each of the ISP must collaboratetogether
Requirements
1 The first 32 addresses in the assigned IP space for both ISPs are reserved for system
and other internal loopback addresses on the P PE Each of the routers in the ISP andwill require a system address from this block
2
The next 64 addresses in the assigned IP space for both ISPs are reserved for futureuse
3 All customer routers on both ISPs are connected to at most 60 hosts So each ISP
needs to assign two 60 host addressing schemes to represent all the customers4 All inter router links including CE-PE router links within each ISP are point to point
links however for the sake of convenience they should be assigned lsquo30rsquo based
addresses
5 ISP 1 and ISP2 provider routers are physically connected to each other but are not peering to each other
Enter the addresses in the table below
ISP Number 1 Router Port Interface name IP Address
PE1 System
toP1
toPE2
toCE1
P1 System
toP3 Not used
toP2
toPE1
PE2 System
toP2
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1552
15
toPE1
toP1
P2 System
toPE2
toP4 Not used
toP1
CE1 System Not used
toPE1
Aggregate
CE2 System Not used
toPE2
Aggregate
ISP Number 2 Router Port Interface name IP Address
PE3 System
toP3
toPE4
toCE3
P3 SystemtoP1 Not used
toP4
toPE3
PE4 System
toP4
toPE3
toCE4
P4 System
toPE4
toP3
toP2 Not used
CE3 System Not usedtoPE3
Aggregate
CE4 System Not used
toPE4
Aggregate
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1652
16
Section 23 ndash Layer 3 Interfaces
Objective
In this exercise the student will configure the layer 3 interfaces as per the IP addressing
scheme listed in the tables in the previous exercise
1 Using the following command take a look at any existing interfaces on the router
Notice that the system interface is already created This interface exists by defaultand cannot be removed The only requirement is to assign the system interface with
an IP address The system interface will be automatically used by the various routing protocols as the router-id
XXXgtshow router interface crarr
2 Assign the IP address to the system interface as per the above table on the PE and Prouters
XXXgtconf i ggtrouter crarr XXXgtconf i ggtr outer interface system crarr
XXXgtconf i ggtr out ergti f address xxxxxxxxxxxx 32 crarr
XXXgtconf i ggtr out ergti f exit crarr
3 Assign the IP addresses to the rest of the interfaces on the CE PE and P routers Thedifference between these interfaces and the system interface is the fact that the non-
system interfaces require the addition of a physical port
a The system interface being a loopback or virtual interface does not have a
physical port assigned to it b Other non-system interfaces can also be created as loopback interfaces (as
shown below) and also not required the addition of a physical port However
they need to be explicitly configured as a loopback interfaces by specifyingthe command ldquoloopbackrdquo
c The customer networks on the CE router can be specified as a loopback
interface for the purpose of aggregation however on the loopback interface asingle host address in the customer network needs to be defined
Interface Type Name Loopback Subnet Mask Port Config
Normal ldquoAny Stringrdquo No 8-31 Required
System system Implicit 32 None
Loopback ldquoAny Stringrdquo Explicit 8-31 loopback
XXXgtconf i ggtr outer interface Hosts crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1752
17
XXXgtconf i ggtr out ergti f $ address xxxxxxxxxxxxyy crarr XXXgtconf i ggtr out ergti f $ loopback
XXXgtconf i ggtr out ergti f $ exitcrarr
4 Continue until all the interfaces have been assigned an IP address and the interface
has been associated to the correct port Once completed use the show command tosee the status of the router interfaces that have just been created The administrative
and operational status should both be up If an interface shows operationally downthis could be indicative of a physical problem Use the info command to view theconfiguration of the router interfaces to ensure that they have all (with the exception
of the System interface) been associated with a port
XXXgtshow router interface crarr
XXXgtconf i ggtroutercrarr
XXXgtconf i ggtr outer info crarr
5 Using the show command check the route tables of all the CE PE and P routers inyour ISP Notice the routes that now appear in the route table and take note of their
protocol type The PE routers should see 4 routes in the route table while the Prouters should see 4 routes in the route table
XXXgtshow router route-table crarr
Is there a difference between the outputs of the lsquoshow router interfacersquo command andthe lsquoshow router route-tablersquo command What is the difference
__________
6 Using the ping command check connectivity from a router to the distant end of each
of its interfaces to the neighboring routers For example on the PE routers check theconnectivity to the distant end of the interface connecting it to the P router and on theCE router check the connectivity to the PE router
XXXgt ping xxxxxxxxxxxx crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1852
18
Section 24 ndash Testing for ICMP and ARP
Internet control messaging protocol is an IP protocol used to report on errors deliveringan IP datagram When a destination address is unreachable the router that cannot find the
destination sends an ICMP destination unreachable to the source of the IP datagram ARPis a mechanism used to find out the MAC address corresponding to a specific IP address
if one does not exist in the sourcersquos ARP cache
1 To verify ICMP messages are being generated turn on debug for ICMP packets on allcore routers To turn debug icmp on
XXXgt debug router ip icmp
2 From the edge devices attempt to ping the IP address of the far-end interface to your
core router using your edgersquos system interface address as the source address Observethe debug ICMP messages on the core routers
3 To verify ARP operation by the router turn on debug IP ARP on the routers in any
ISP (P1-P2 P3-P4 PE1 and PE2 PE3 and PE4) routers Execute the followingcommand on each of the routers
XXXgt debug router ip no icmp
XXXgt debug router ip arp
XXXgt clear router arp all
XXXgt show router arp (This should be empty now)
4 NOTE Wait until all students are at this point before proceeding
From any PE router attempt to ping the system interface IP address of all the other
directly connected routers Observe the debug ARP message Verify the ARP entryfor the neighboring interface has been added
XXXgt show router arp
How many ARP entries are on each router at this point __________
5 From any P router attempt to ping the network interface IP address of all the otherconnected routers Observe the debug ARP message Verify the ARP entry for theneighboring interface has been added
XXXgt show router arp
How many ARP entries are on each router at this point __________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1952
19
Explain ________________________________________________________________________
________________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2052
Lab 3 Dynamic IP Routing
Section 31 ndash Static Routes
Objective
In this exercise the student will configure a static route from the PE to the P router andfrom the P router to the PE router that will allow both routers to ping the system interface
of each other At this point the operator can only ping the interfaces that are directlyconnected to the router This is because those are the only networks that are known bythe router Should the operator at the PE router attempt to ping the system interface of
the P router it will fail as the PE router has no route to the destination (it is not shown inthe route-table)
1 The first step is to define the network that the operator wishes to reach In this case itwill be the address of the system interface of the distant router Once that is defined
then the router must be informed of which interface to send the information out of toreach the distant network Note when defining the ldquonext-hoprdquo interface informationthe IP address used is the distant IP address of the interface not the local IP address of
the router interface Log in to the PE router and configure a static route using thefollowing command structure The first IP address defined is the destination network
plus mask In this case it is the system interface of the P router The second IPaddress defined is the IP address of the P end of the interface that connects the P tothe PE
XXXgtconfigure router static-route xxxxxxxxyy next-hopxxxxxxxx
2 The next step is to log on to the P routers and configure a static route to the systeminterface of the PE router The command structure is the same as above The onlything that will change is the IP addresses
3
Once completed verify connectivity between the P and PE routers in your pod by pinging the system interface of the other router
XXXgt ping xxxxxxxxxxxx crarr
4 View the contents of the routing table and answer the following questions
XXXgtshow r out er r out e- t abl e crarr
a How many routes in the table ________
b What is the preference and metric value of each type of routing entry
________________________________________________________________________
________________________________________________________________________
___________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2152
Section 32 ndash Default Routes and Router Logicction 32 ndash Default Routes and Router Logic
ObjectiveObjective
In this exercise the student will configure a default route on the Customer Edge CE
router The purpose of this default route is to allow IP connectivity from the CE router tothe rest of the routers in the network This is possible due to the fact that the CE router
has only one interface towards the ISP core Therefore if the destination is not local itmust be out that interface
In this exercise the student will configure a default route on the Customer Edge CE
router The purpose of this default route is to allow IP connectivity from the CE router tothe rest of the routers in the network This is possible due to the fact that the CE router
has only one interface towards the ISP core Therefore if the destination is not local itmust be out that interface
Figure 3 Static routes CE to PE and P PE to CEFigure 3 Static routes CE to PE and P PE to CE
21
CE4R12CE4R12
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
Static Route T e 2
Static Route T e 3
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2252
22
For this exercise the CE devices will configure default routes towards theirconnected PE router Each P and PE router will configure static routes for the CE
networks (the aggregate networks that were created as part of the subnetwork exercisein Section 22) connected to their local ISP For example P1 and PE1 will eachconfigure a static route to CE1 networks and another static route to the CE2 networks
Note that each P and PE router will configure 2 static routes for each CE
1 To configure a default route is to configure a static route The only difference is thedestination network and mask information In a default route the wild card network
and mask is used to match all network prefix values that do not match anything elsein the route-table Use the following configuration on the edge router of your pod
For the next hop use the interface as defined on the previous page
XXXgtconfigure router static-route 00000 next-hop xxxxxxxx crarr
2 Log on to the core (P and PE) routers and configure static routes for each CE
customer network address of the CE routers in your local ISP For each networkthere are 2 paths through your ISP For this exercise you will enter both static routes
into each PPE router The difference will be the metric value that is used The valueof the metric is the total number of routers (including the local router) traversed toreach the destination device
XXXgtconfigure router static-route xxxxxxxxyy next-hop
xxxxxxxx met r i c zcrarr
3 Use the show command to verify the existence of the default and static routes
XXXgtshow router route-table crarr
How many routes are there in the PPE routerrsquos routing table _______
Explain
_____________________________________________________________________ _____________________________________________________________________
4 Once everyone has completed the default route configuration log on to the CE router
and ping and traceroute the various system interfaces of the various routers within thenetwork Log into the P and PE router and try to ping the configured host address on both the CE routers in the ISP
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________
Which devices were not reachable ______________________________
XXXgttraceroute xxxxxxxxxxxx crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2352
23
What path is being taken to the other CE within your local ISP ____________________________________________________________________
5 Shut down the link directly between the PE devices
XXXgtconfigure port XYZ shutdown crarr
Which devices are still reachable _______________________________
Explain _____________________________________________________________________
_____________________________________________________________________A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2452
24
Section 33 ndash IP Filters
Objective
In this exercise the student will configure an IP filter on the routers to block ICMP echo-
request access to an IP address range
To configure an IP filter we must first determine the address and protocol types that we
will be allowing access to and the direction where the filter will be applied In this casewe will be blocking access to any of the CE customer host addresses from the protocol
ICMP (IP Protocol type 1) We will block access in the INGRESS direction on the CEinterface towards the PE
CE Routers Only
6 Create and describe the filter ip instance on the CE device
XXXgt configure filter ip-filter 77 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er $ description ldquoBlock ICMP to Customernetworkrdquo
7 Set the default-action to forward
XXXgtconf i ggtf i l t er gti p- f i l t er $ default-action forward crarr
8 Deny access to all host address range only for ICMP echo-requests Note We will
match in the ingress direction
XXXgtconf i ggtf i l t er gti p- f i l t er $ entry 10 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match dst-ip xxxxxxxxyy crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match protocol 1 icmp-type echo-
request crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ action drop crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ exit all crarr
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful _____Explain _____________________________________________________________________
_____________________________________________________________________
10 Apply the filter on the CE to the router interface connected to the PE device
XXXgt configure router interface toPEx crarr
XXX gtconf i ggtr out ergti f $ ingress filter ip 77 crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2552
25
11 From the PE ping the attached CErsquos configured host loopback address Successful _____
12 From the CE ping the attached PErsquos system IP addresses Successful _____Explain
_____________________________________________________________________
_____________________________________________________________________
PE Routers only Do not start until CE Router section is completed
13 Create and describe the filter ip instance on the PE device
XXXgt configure filter ip-filter 77 create crarr XXXgtconf i ggtf i l t er gti p- f i l t er $ description ldquoBlock ICMP to System
Addressrdquo
14 Set the default-action to forward
XXXgtconf i ggtf i l t er gti p- f i l t er $ default-action forward crarr
15 Deny access to the system IP address only for ICMP echo-requests Note We willmatch in the ingress direction so the packets will destined to the system IP address
XXXgtconf i ggtf i l t er gti p- f i l t er $ entry 10 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match dst-ip xxxxxxxxyy crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match protocol 1 icmp-type echo-
request crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ action drop crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ exit all crarr
16 Apply the filter to the router interface connected to the CE device
XXXgtconfigure router interface toCExcrarr
XXXgtingress filter ip 77 crarr
17 From the PE ping the attached CErsquos loopback host IP address Successful _____
18 From the CE ping the attached PErsquos system IP address Successful _____Explain
_____________________________________________________________________ _____________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2652
Lab 4 Open Shortest Path First (OSPF)
Section 41 ndash Single Area OSPF
Objective
In this exercise the student will configure a single area OSPF network for each ISP Thislab will demonstrate the different databases that are created by the OSPF routing
protocol
CE4R12
26
Figure 4 OSPF in each ISP
NOTE Remove all static routes configured in the P and PE devices in the previous
labs DO NOT remove the static routes to CE networks on the PE
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
OSPF
OSPF
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2752
27
1 The first step is to enable the OSPF routing process on the router
XXX configure router ospf crarr
2 Next define the area that the interfaces will be placed in Remember that the areamust match between routers connected on the same interface for OSPF to establish an
adjacency The objective of this exercise is to configure a single area OSPF network
therefore all students should use the same area number
XXXgtconf i ggtr outergtospf $ area 0 crarr
3 Now enter into this area all the interfaces that you want OSPF to operate on and sendout its advertisements In this case place all the PE and P router interfaces inside thelocal ISP into the OSPF process area 0 Note that ISPs rarely exchange routes witheach other using an IGP protocol of any sort
XXXgtconf i ggtr out er gtospf gtar ea$ interface system crarr
XXXgtconf i ggtr outergtospf gtar eagti f $ exit crarr XXXgtconf i ggtr outergtospf gtar eagt interface toPE1
XXXgtconf i ggtr out ergtospf gtareagti f $ interface-type point-to-point crarr
Continue until all the interfaces on the PE and P routers within the ISP are enteredinto the OSPF process in area 0
XXXgtshow r out er r out e- t abl e crarr
a How many routes in the table ________ b
_________________________________________________________________ _________________________________________________________________
_________________________________________________________________ _________________________________________________________________
What is the preference and metric value of each OSPF Route
4 Use the show command to look at the OSPF neighbors of the P routers
XXXgtshow r out er ospf nei ghbor crarr
a How many neighbors do you see on the P devices _____ PE _____ CE _____
b What is the state of their adjacency ____ Why
____________________________________________________________________
____________________________________________________________________
Use the following command to show the ospf link state database This database is alisting of all LSAs that have been received by the router It is these LSAs that the SPFalgorithm uses to create the forwarding table
XXX show router ospf database detail crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2852
28
a What types of LSAs are in the database _______________________________________________________________
_______________________________________________________________ b Is the database consistent on all the ISP routers _______
5 Once everyone has completed the OSPF configuration login to the P router and ping
the other PE router system interfaces
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________Which devices were not reachable ______________________________
Explain _____________________________________________________________________ ___________________________________________________________________
6 To reach the CE networks from any of the PE and P routers the CE networks need to
be distributed into OSPF running on PE and P routers The static routes to the CEnetworks are defined on the PE routers and need to be distributed on the PE routers
To do this
a
the PE router must be configured as an ASBR (Autonomous System Border
Router) The ASBR configuration under OSPF enables a router running the OSPFrouting protocol to distribute networks external to the OSPF domain into OSPFIn this case the static routes to the CE networks are not part of the ISP OSPF
domainOn the PE routerXXXgtconf i ggtr out er gtospf gtar ea 0 asbrcrarr
b A routing policy on the PE distributes the static routes into OSPF
On the PE routerXXX configure router policy-options crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons begin crarr XXXgtconf i ggtr out ergtpol i cy- opt i ons policy-statement Export_Routes crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement $ entry 10 crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y$
from protocol static crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y
action accept crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r ygtact i on
back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons commit crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons exit all crarr XXXgtconf i ggtr outergtospf export Export_Routes
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2952
29
7 From the PE and the P routers ping all the CE networks (ie ping the CE hostloopback address) within the ISP
Which devices were reachable _______________________________
Which devices were not reachable ______________________________Explain
_____________________________________________________________________
___________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3052
Lab 5 BGP Routing
Section 51 ndash BGP Routing
Objective
In this exercise the student will configure their ISP as a BGP Autonomous System The
student will then configure the BGP routing protocol to connect the Autonomous Systemstogether and exchange routing information
CE4R12
Figure 5 BGP between ISPs and within ISPs
30
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
OSPF
OSPF
BGP
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3152
31
1 Assign your AS number to your P and PE routers (R1-R8)
XXXgtconf i ggtr out er autonomous-system 6500n (n = ISP) crarr
2 P1 and P3 P2 and P4 will be configured as external BGP peers (eBGP) Note thateBGP peers typically use the next-hop interface IP address as the neighbor address
Since the ISPs will now be peering (share an IP network) between them assign the
link between P1 and P3 host addresses from 145001031 and the link between P2and P4 will be assigned hosts from the 145002031 network
XXXgtconf i ggtr out er bgp gr oup eBGP crarr
XXXgtconf i ggtr out er gtbgpgtgroup$ nei ghbor xxxxxxxx crarr
XXXgtconf i ggtr outergtbgpgtgroupgtnei ghbor$ peer - as ltremote ASgt crarr
3 P1 and P2 P3 and P4 will be configured as internal BGP peers (iBGP) Note that
iBGP peers typically use the system interface IP address as the neighbor address
XXXgtconf i ggtr out er bgp group i BGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ nei ghbor xx xx xx xx crarr
XXXgtconf i ggtr outergtbgpgtgroupgtnei ghbor$ peer - as ltl ocal ASgt crarr
4
At this point each P router should have one internal and one external BGP session
xxx show r out er bgp summar y crarr
5
We can see the advertised routes for reach neighbor using the following command
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
a How many routes are advertised to each neighbor _____ b Explain
____________________________________________________________ __________________________________________________________
6
BGP like other distance vector protocols requires an export policy to advertise-routes to other BGP peers The most accepted way to originate a route from an ISP isto create a black-hole static route for all aggregates to be advertised This will ensure
these routes always exit to eliminate IGP related route flapping Create the black-holestatic route for the aggregate of your local ISP A black hole indicates that traffic fora particular route will be discarded unless a more specific route exists in the routing
table A black hole static-route only makes sense from an aggregation view point Foreg if there are the following routes in the routing table
XXX configure router static-route xxxxxxxxyy black-hole
preference 250
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3252
32
8 Execute the following set of commands on the core routers (R1-R4) This will exportall static routes to the eBGP peers
XXX configure router policy-options crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons begin crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons policy-statement Export_Routes crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement $ entry 10 crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y$
from protocol static crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y
action accept crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r ygtact i on
back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons commit crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons exit all crarr
XXXconf i gur e router bgp group eBGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ expor t Expor t _Routes crarr
NOTE Wait for all nodes to be fully configured before proceeding
7
Notice that there are routes being advertised now that the policy is applied
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
How many routes are in the routing table of R1-R4 ________________Explain
_____________________________________________________________________ ___________________________________________________________________
9 Log on to the PE routers and ping the other P router system interfaces of the other ISP
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________Which devices were not reachable ______________________________
Explain _____________________________________________________________________
___________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3352
Lab 6 Services
Section 61 Services Framework
Objective
In order to complete the next group of labs we need to create a topology to support the
services we will deploy The two service providers from the previous sections havemerged into one and are offering a VPLS service across their network As long as routesexist to the system addresses of all the PE devices in the provider network a VPLSservice can be created The new service provider is running OSPF as the IGP for their
core network
33
Figure 6 Service Provider core network
CE4R12
P1R1 P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
OSPF
CE3R11
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3452
34
Running an IPMPLS-based service requires a Label Distribution Protocol (wersquoll useLDP for ease of deployment) and a full mesh of Service Distribution Paths (SDPs)
Follow the steps below
Reference Terminology
R1-R4 = Provider Routers = P1-P4
R5-R8 = Provider Edge Routers = PE1-PE4R9-R12 = Customer Edge Routers = CE1-CE4
Part 1 Provider Router Configuration (P1-P4)
1) In the previous lab routing between ISPs is provided by BGP Since the ISPs have
merged they will be merged into one routing domain running OSPF as their IGP
The interfaces between R1 and R3 and between R2 and R4 must be added to OSPF to
make this a single routing domain
2) The MPLS signaling protocol that will be used in the following section is LDP LDP
must be enabled on ALL interfaces that will be required to perform MPLS Label
exchange
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr
XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toP_ is the router interface to all neighboring routers
Part 2 Provider Edge Router Configuration (PE1-PE4)
1) LDP must be enabled on ALL router interfaces in the provider core to allow labels to
be exchanged across the Provider and Provider Edge routers
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toR_ is the router interface to the P and PE routers only
LDP is an MPLS signaling protocol therefore once all routers in the network have been
correctly configured for LDP LSPs will be created dynamically based on the systemaddresses of each node in the network
3) Configure a full mesh of SDPs (Service Distribution Paths) between the PE routers
only This will allow the distribution of services across all PE routers in the networks
When yoursquove completed this section each PE node will have a total of 3 SDPs to
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3552
35
each of the other 3 PEs The SDP is identified by an integer and we will use the router
number (5 6 7 or 8) of the far end PE to identify the SDP So PE1 (R5) will have 3
SDPs numbered 6 7 and 8 to each of the other three PEs
XXXgtconf i gure servi ce sdp x mpl s cr eat e crarr
XXXgtconf i ggtser vi cegtsdp$ f ar - end xxxxxxxxxxxx crarr
XXXgtconf i ggtser vi cegtsdp$ l dp crarr
XXXgtconf i ggtser vi cegtsdp$ no shut down crarr
Where x is the router number of the destination node
Where xxxxxxxxxxxx is the system IP address of the far-end device
Part 3 Customer Edge Router Configuration (CE1-CE4)
In the following service labs the Customer Edge devices will be configured as traditional
routers Each CE router has an interface in the same IP subnet The VPLS service will join these four routers in the same way an Ethernet switch would join them Thefollowing configuration is required on each CE device
1) Create the router interface on the interface connecting the CE to the service enabled
PE devices
XXXgtconf i gure r out er i nt er f ace ser vi cesCE_ crarr
XXXgtconf i ggtr out ergti f $ addr ess 192 168 1 x 24 crarr
XXXgtconf i ggtr out ergti f $ por t X Y Z crarr XXXgtconf i ggtr outergti f $ no shutdown
Where x is the local router number
Where XYZ is the physical network port connecting the CE to the neighboring
PE
2) Create OSPF area 0 and add the Router Interface created in step 1 and the system
interface to it
XXXgtconf i gur e rout er ospf area 0 crarr
XXXgtconf i ggtr out ergtospf gtarea$ i nter f ace syst emcrarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
XXXgtconf i ggtr out ergtospf gtarea i nter f ace servi ceCE1 crarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
Part 4 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3652
36
1) LDP is the protocol used for signaling which tunnel labels will be PUSHed
SWAPped POPped while data traverses the LSP To view which labels will be used
and their function use the following command
XXX show r out er l dp bi ndi ngs act i ve crarr
a How many PUSH actions on the P PE and CE devices
_______________________ Explain _______________________________________________________________
_______________________________________________________________
__________
b How many SWAP actions on the P PE and CE devices
_______________________ Explain
_______________________________________________________________
_______________________________________________________________
__________
c How many POP actions on the P PE and CE devices
_________________________ Explain
_______________________________________________________________ _______________________________________________________________
__________
2) CE Connectivity
a How many OSPF adjacencies are there on your CE device _____
b Ping the other CE devices in the network (ping 1921681x)
Explain the results ________________________________________________________________________ ________________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3752
Section 62 VPLS Example
Objective
A VPLS is a layer 2 service that can connect multiple sites in one LAN Itrsquos like creatinga virtual Switch out of a network of Service Routers In this lab we will create a VPLSacross all the PE nodes The PE devices will connect to each other with a full mesh using
mesh-sdp Note that after the service reference topology has been configured adding
services from edge to edge does not require any further modification of the P devices
37
Figure 6 VPLS service in each ISP between PE and P routers with SAP connections to CE routers
Part 1 Provider Edge Router Configuration (R5-R8)
1) Create the VPLS service
CE4R12
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
CE3R11
VPLS 1
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3852
38
XXXgtconf i gur e servi ce vpl s 1 cust omer 1 cr eat e crarr
XXXgtconf i ggtser vi cegtvpl s$ no shut down crarr
2) SDPs are used to distribute services across multiple service routers and therefore
bind a transport tunnel to the service You will need to create a mesh-sdp between
each PE router (R5-R8) to allow full communication across the PE routers Each PE
router should have 3 mesh-SDPs at the conclusion of this step Note that a mesh-sdp
will not forward a frame out another mesh-sdp allowing for a loop free service
topology within the core
XXXgtconf i gur e ser vi ce vpl s 1 mesh- sdp x create crarr
XXXgtconf i ggtser vi cegtvpl sgtmesh- sdp$ back crarr
Where x is the sdp to the other PE routers (R5=5 R6=6 R7=7 R8=8)
3) Service Access Points are used to attach CE devices to services on PE devices
XXXgtconf i gur e servi ce vpl s 1 sap X Y Z cr eat e crarr
Where XYZ is the physical port connecting the CE device to the PE
a Were you successful at adding the SAP _______
b Explain
_______________________________________________________________
_______________________________________________________________
c Correct the problem
XXXgtconf i gur e port X Y Z shut down crarr
XXXgtconf i gur e por t X Y Z et her net mode access crarr
XXXgtconf i gur e por t X Y X no shut down crarr
Part2 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
a View the in-use Service LDP bindings on the P and PE routers (U after label
indicates in-use)
XXX show r out er l dp bi ndi ngs f ec- t ype ser vi ces crarr
a How many Ingress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3952
39
b How many Egress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
b Network Connectivity
a How many OSPF adjacencies are there on your CE device _____
b
Are you able to ping the other CE devices in the lab _____c Are you able to ping the system IP address of the P device from the CE
device ____
d Explain the results
_______________________________________________________________
_______________________________________________________________
c Services Use the following command to determine the health of your services
XXXgt show ser vi ce servi ce- usi ng crarr
a How many services are there on each device in your POD ______
b
What is their status ______c Use the following command to find out more information about your service
XXXgt show ser vi ce i d 1 base crarr
d On each PE device we can see the MAC database per service using the
following command
XXXgt show ser vi ce i d 1 f db det ai l crarr
i How many local MAC addresses are in your table ____
ii How many remote MAC addresses are in your table ____
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
XXXgtconf i gur e servi ce sdp x shutdown crarr
Where x is the SDP to the remote PE device (R5=5 R6=6 R7=7 R8=8)
i How many OSPF adjacencies are there on your CE device _____
ii Ping the system IP addresses of all other CE devices in the lab
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4052
40
iii Explain the results
_________________________________________________________
_________________________________________________________
f On the P routers observe the impact of step d
XXXgtshow r out er l dp bi ndi ngs act i ve crarr
i
How many labels are there _____________
ii Is there any difference compared to what was seen in previously in
step a ________________
Explain __________________________________________________________________
__________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4152
41
Solutions
Exercise 13 Hardware
Sample Relevant Config--------------------------------------------------
echo Card Configuration--------------------------------------------------
card 1card-type iom-20g
mda 1
mda-type m60-10100eth-tx
ingress
mcast-path-managementshutdown
exit
exit
exit
exit
--------------------------------------------------
Exercise 14 Logs
Sample Relevant Config--------------------------------------------------echo Log Configuration
--------------------------------------------------
log
log-id 21
description Main stream log
from main
to memoryexit
log-id 22
description Security Log File
from security
to memoryexitlog-id 23
description Debug-trace
from debug-trace
to memoryexit
log-id 24
description Change Log
from change
to memoryexit
exit
Exercise 21
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4252
42
Divide up the ISP address space into equal space 512 host addresses
13812016022
13812020022
13812024022
13812028022 - divide into 13812028023 and 13812030023
Take the last 13812030023 and divide that into
13812030027 A1 30 hosts
138120303227 A2 62 hosts
138120306427
138120309627 B1 92 hosts
1381203012826
1381203019226 B2 316 hosts
13812031024
Exercise 22
Divide 140100024 into 827 address spaces
140100027 Reserved Reserved
1401003227 Unused
1401006427 Unused
1401009627 Split 1401009630
14010010030
14010010430
14010010830
14010011230
14010011630
14010012030
14010012430
All interface addresses
14010012827 Aggregate 14010012826 Assigned to Customer
space
14010016027
14010019227 Aggregate 14010019226 Assigned to customer
space
14010022427
Exercise 23
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4352
43
5 Is there a difference between the outputs of the lsquoshow router interfacersquo command
and the lsquoshow router route-tablersquo command What is the difference
Yes there is a difference The route table shows me the networks that are connected to myrouter and the logical interface it is connected to The router interface command shows
me the host address assigned to the port from the network that is used on my router along
with the physical port it is bound to
Relevant Configuration from P1
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
router
interface system
address 140100132
exit
interface t-R2exit
interface to-R2
address 140100530
port 112exit
interface to-R3
address 14010010930
port 113
exitinterface to-R5
address 14010011830
port 111
exit
exit
Exercise 244 How many ARP entries are on each router at this point
There are no ARP entries in my ARP table at this point The routers do not know how to
reach the system addresses of other routers so no ARP responses are received
5 How many ARP entries are on each router at this point
I see entries for each of my directly connected peers The MAC address belongs to the
remote routerrsquos interface ARP entries are populated because all routers know of theirdirectly connected networks and will respond to ARP requests accordingly
Exercise 31
5 View the contents of the routing table and answer the following questions
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4452
44
a How many routes in the table
There are routes for all my connected networks and an additional STATIC routefor each entry I put in
b What is the preference and metric value of each type of routing entry
The LOCAL entries have a Metric and Preference of 0The Static Routes have a Metric of 1 and a Preference of 5
Exercise 323 How many routes are there in the PPE routerrsquos routing table
Even though I entered 4 static routes total on the router only 2 are active in myrouting table The router preferred the static-route with the lowest metric
4 Which devices were reachable
I was able to ping the CE routers
Which devices were not reachable
I was unable to ping the System addresses of routers 2 hops away as they do not have
routes to the remote CE system address in their table The directly attached PE routerhas a staticroute to the local CE system address from a previous step
What is the PATH to the other CE within your local ISP
CE PE PE CE
5
Shut down the link directly between the PE devices
Which Devices are still reachable
I am still able to PING the other CE in my ISP by using the alternate (floating) static-route that replaced the last route Once a interface goes operationally down routers
flush routes from their routing table that use it as their next-hop
Exercise 33
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4552
45
YES While the filter is created it is not applied to any interface yet
11 From the PE ping the attached CErsquos configured host loopback address
SuccessfulYES
12 From the CE ping the attached PErsquos system IP addresses
Successful NO The filter is blocking icmp echo-requests in only one direction therefore ping
works one way but not the other
17 From the PE ping the attached CErsquos loopback host IP address
Successful
YES ICMP echo-requests are not blocked to the Loopback segment ONLY thesystem IP
18 From the CE ping the attached PErsquos system IP address
Successful
NO The filter is now blocking ICMP echo-requests to both CE and PE systemaddresses
Sample PE Relevant Config
--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forwarddescription Block ICMP to System Address
entry 10 create
match protocol icmpdst-ip 1511003032
icmp-type echo-request
exit
action drop
exit
exitexit
--------------------------------------------------
echo Router (Network Side) Configuration
--------------------------------------------------
interface to-R12
address 15110012630 port 112
ingress filter ip 77
exit
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4652
46
Sample CE Relevant Config--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forward
description Block ICMP to System Addy
entry 10 creatematch protocol icmp
dst-ip 1511003132
icmp-type echo-request
exit
action dropexit
exit
exit
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
interface to-R8
address 15110012530
port 112ingress filter ip 77
exit
Exercise 413
c How many routes in the table
There are 5 OSPF routes in my routing table 3 System Addresses and 2 Intefacenetworks that are not directly connected to my local system
d What is the preference and metric value of each OSPF Route
The OSPF routes vary in metric depending how ldquofarrdquo away they are (OSPF usescumulative cost based on bandwidth) but all have a preference of 10
4c How many neighbors do you see on the P devices 2
PE 2
CE 0
d What is the state of their adjacency
The P and PE adjacencies are Established because there is a OSPF speaker on the
other end with the proper parameters configured
There is no OSPF adjacency to the CE router listed as none was configured
e What type of LSAs are in the database
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4752
47
Only Type 1 Router LSA are present due to the interface being configured as point-
to-point
5 Which devices were reachable
All the devices in the local ISP were now reachable
Which devices were not reachable
The devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs Also none of the CE Host Networks were reachable as therouters did not have routes for these networks in their local routing table
6 Which devices were reachable
All networks and devices in the local ISP are now reachable
Which devices were not reachable
Devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs
Sample Relevant Config
--------------------------------------------------
echo OSPFv2 Configuration
--------------------------------------------------
ospf
area 0000interface system
interface-type point-to-point
exit
interface to-R4interface-type point-to-point
exitinterface toLAN
interface-type point-to-point
exitexit
exit
exit
Exercise 515 How many routes are advertised to each neighbor
There are no routes advertised to the neighbors because BGP does not originateroutes until an export policy is created and applied to the BGP instance
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4852
48
8 How many routes are in the routing table of R1-R4
There is 1 BGP route in each of R1-R4s routing tables matching the best path tothe aggregate advertised by the remote ISPs
9 Which devices were reachable
From the PE routers only the P routers in the local ISP were reachable
Which devices were not reachable
All routers in the remote ISP were still unreachable This is due to the local PE router
not participating in the BGP routing protocol and therefore it is not aware of theaggregate route advertised from P to P router
Sample Relevant Router Config
--------------------------------------------------
echo Static Route Configuration
--------------------------------------------------
static-route 140100024 black-hole--------------------------------------------------
echo Policy Configuration
-------------------------------------------------- policy-options
begin
policy-statement Export_Routes
entry 10
from protocol static
exit
action accept
exit
exit
exit
commitexit
--------------------------------------------------
echo BGP Configuration
--------------------------------------------------
bgpgroup eBGP
export Export_Routes
exit
group ebgpneighbor 1601006
peer-as 65002
exit
exitgroup ibgp
neighbor 1401002
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4952
49
peer-as 65001
exit
exit
exit
exit
Exercise 61Part 4 Verification
1 a How many PUSH actions on the P PE and CE devices
There are 7 PUSH operations on each P and PE device There are no PUSHoperations on the CE as it is not running LDP
b How many SWAP actions on the P PE and CE devices
There are 7 SWAP operations on each P and PE device There are no SWAP
operations on the CE as it is not running LDP
c How many POP actions on the P PE and CE devices
There is 1 POP operation on each P and PE device There are no POP operationson the CE device as it is not running LDP
2
a How many OSPF adjacencies are there on your CE device
None
b Ping the other CE devices in the network (ping 1921681x)
Nothing is reachable because there is no layer 2 connectivity from CE to CE
device without creating a service
Exercise 62 3 Were you successful at adding the SAP
No The port must be in access mode before you can create a SAP on it
Part 2 Verification
1
g How many Ingress labels
There are now 3 Ingress labels on the PE devices The P and CE device has no
service labels
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5052
50
h How many SWAP actions
There are now 3 Egress labels on the PE devices The P and CE device has noservice labels
2
a
How many OSPF adjacencies are there on your CE device3
b Are you able to ping the other CE devices in the lab
YES
c Are you able to ping the system IP address of the P device from the CE
device
NO The O and PE devices are private from the service to which the CEdevices are connected on
3
a How many services are there on each device in your POD
1 per PE only
b What is their status
Operationally UP
d On each PE device we can see the MAC database per service using the
following command
iii How many local MAC addresses are in your table
1
iv How many remote MAC addresses are in your table
3
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
i How many OSPF adjacencies are there on your CE device
1
ii Ping the system IP addresses of all other CE devices in the lab
Only the CE device connected to the diagonally connected PE isreachable because it is the only one with an active SDP in both
directionsf
i How many labels are there
Same as before
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5152
51
ii Is there any difference compared to what was seen in previously
in step a
NO The LSPs created with LDP are still active only the SDP usedto bind the LSPs to the service are shut down therefore no labelswill be withdrawn
Sample PE Relevant Configuration
--------------------------------------------------echo LDP Configuration
--------------------------------------------------
ldpinterface-parameters
interface to-R1
exit
interface to-R6
exit
interface to-R5exit
exit
targeted-session
exit
exitexit
--------------------------------------------------
echo Service Configuration
--------------------------------------------------
service
customer 1 createdescription Default customer
exit
sdp 6 mpls createfar-end 1401006
ldp
keep-alive
shutdown
exit
no shutdown
exitsdp 7 mpls create
far-end 1511001
ldp
keep-alive
shutdownexit
no shutdown
exit
sdp 8 mpls create
far-end 15110030
ldpkeep-alive
shutdown
exit
no shutdown
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5252
52
exit
vpls 612 customer 1 create
stp
shutdown
exitsap 112 create
exit
mesh-sdp 6612 create
mesh-sdp 7612 create
mesh-sdp 8612 createexitno shutdown
exit
exit A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1252
12
Two enterprises A and B are connected to a central Tier 2 ISP A1 and A2 are two ofEnterprise Arsquos locations connected to the Tier 2 ISP and B1 and B2 are two of
Enterprise Brsquos locations connected to the same Tier 2
The ISP has a public IP addressing space of 13812016020 The Enterprises A and Blease their IP addressing from their ISP Enterprise A requires an IP addressing scheme
that can scale to at most 30 nodes in location A1 and 60 nodes in location A2 The
Enterprise B requires an IP addressing scheme with at most 90 nodes in location B1 andless than 300 nodes in location B2 The ISP can only lease 500 IP addresses (among thetwo enterprises) and will utilize the last part of its assigned sub-network to both theenterprises
Your tasks are to1) Extract a 500 host sub-network from the last part of the ISP IP network address of
13812016020
2) Divide the resulting sub-network into unequal sub-networks satisfying all the siterequirements for each of the enterprise locations Note The sub-networksassigned to each location do not have to be a single aggregate block so long asthey satisfy the number of addresses required
3) Wherever possible optimize address spaces among Enterprise locations
Hint Divide the assigned ISP IP sub-network into equal blocks satisfying the smallest
requirement and then combine the smaller blocks into aggregate or non aggregate
blocks
Entity Number of Host Addresses
IP Network
ISP Network 4094 13812016020
Subnetwork Assigned toEnterprise A and B
510
Enterprise A
Location A1
Location A2
Enterprise B
Location B1
Location B2
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1352
Section 22 ndash ISP addressing with P PE and CE routers
Objective
In this exercise the student will design and implement an IP network addressing scheme
to support the communications between the routers as shown in the diagram below TheIP addressing schema will be used further in the subsequent lab exercises
Figure 2 Two ISPS
There are two ISPs shown in the above diagram ISP 1 consists of routers P1 P2 PE5and PE6 ISP 2 consists of routers P3 P4 PE3 and PE4
P1 and P2 P3 and P4 are considered provider routers and serve as transit points to other
provider routers PE1 and PE2 PE3 and PE4 are provider edge routers and connect to theISP customers These routers provide Internet and other network access to the ISP
customers
13
CE4R12
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1452
14
CE 1 and CE2 are customer edge routers that represent customers of ISP 1 CE3 and CE4are routers that represent customers of ISP2 These routers provide traffic from the ISP to
the various customer entities
Each ISP is assigned the following public address space by IANA
ISP 1 140100024
ISP 2 150100024
Your task is to design an IP sub-network based on the address space provided and assignthe sub networks to the various routers based on the following requirements which are the
same for both ISPs Note All students assigned to each of the ISP must collaboratetogether
Requirements
1 The first 32 addresses in the assigned IP space for both ISPs are reserved for system
and other internal loopback addresses on the P PE Each of the routers in the ISP andwill require a system address from this block
2
The next 64 addresses in the assigned IP space for both ISPs are reserved for futureuse
3 All customer routers on both ISPs are connected to at most 60 hosts So each ISP
needs to assign two 60 host addressing schemes to represent all the customers4 All inter router links including CE-PE router links within each ISP are point to point
links however for the sake of convenience they should be assigned lsquo30rsquo based
addresses
5 ISP 1 and ISP2 provider routers are physically connected to each other but are not peering to each other
Enter the addresses in the table below
ISP Number 1 Router Port Interface name IP Address
PE1 System
toP1
toPE2
toCE1
P1 System
toP3 Not used
toP2
toPE1
PE2 System
toP2
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1552
15
toPE1
toP1
P2 System
toPE2
toP4 Not used
toP1
CE1 System Not used
toPE1
Aggregate
CE2 System Not used
toPE2
Aggregate
ISP Number 2 Router Port Interface name IP Address
PE3 System
toP3
toPE4
toCE3
P3 SystemtoP1 Not used
toP4
toPE3
PE4 System
toP4
toPE3
toCE4
P4 System
toPE4
toP3
toP2 Not used
CE3 System Not usedtoPE3
Aggregate
CE4 System Not used
toPE4
Aggregate
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1652
16
Section 23 ndash Layer 3 Interfaces
Objective
In this exercise the student will configure the layer 3 interfaces as per the IP addressing
scheme listed in the tables in the previous exercise
1 Using the following command take a look at any existing interfaces on the router
Notice that the system interface is already created This interface exists by defaultand cannot be removed The only requirement is to assign the system interface with
an IP address The system interface will be automatically used by the various routing protocols as the router-id
XXXgtshow router interface crarr
2 Assign the IP address to the system interface as per the above table on the PE and Prouters
XXXgtconf i ggtrouter crarr XXXgtconf i ggtr outer interface system crarr
XXXgtconf i ggtr out ergti f address xxxxxxxxxxxx 32 crarr
XXXgtconf i ggtr out ergti f exit crarr
3 Assign the IP addresses to the rest of the interfaces on the CE PE and P routers Thedifference between these interfaces and the system interface is the fact that the non-
system interfaces require the addition of a physical port
a The system interface being a loopback or virtual interface does not have a
physical port assigned to it b Other non-system interfaces can also be created as loopback interfaces (as
shown below) and also not required the addition of a physical port However
they need to be explicitly configured as a loopback interfaces by specifyingthe command ldquoloopbackrdquo
c The customer networks on the CE router can be specified as a loopback
interface for the purpose of aggregation however on the loopback interface asingle host address in the customer network needs to be defined
Interface Type Name Loopback Subnet Mask Port Config
Normal ldquoAny Stringrdquo No 8-31 Required
System system Implicit 32 None
Loopback ldquoAny Stringrdquo Explicit 8-31 loopback
XXXgtconf i ggtr outer interface Hosts crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1752
17
XXXgtconf i ggtr out ergti f $ address xxxxxxxxxxxxyy crarr XXXgtconf i ggtr out ergti f $ loopback
XXXgtconf i ggtr out ergti f $ exitcrarr
4 Continue until all the interfaces have been assigned an IP address and the interface
has been associated to the correct port Once completed use the show command tosee the status of the router interfaces that have just been created The administrative
and operational status should both be up If an interface shows operationally downthis could be indicative of a physical problem Use the info command to view theconfiguration of the router interfaces to ensure that they have all (with the exception
of the System interface) been associated with a port
XXXgtshow router interface crarr
XXXgtconf i ggtroutercrarr
XXXgtconf i ggtr outer info crarr
5 Using the show command check the route tables of all the CE PE and P routers inyour ISP Notice the routes that now appear in the route table and take note of their
protocol type The PE routers should see 4 routes in the route table while the Prouters should see 4 routes in the route table
XXXgtshow router route-table crarr
Is there a difference between the outputs of the lsquoshow router interfacersquo command andthe lsquoshow router route-tablersquo command What is the difference
__________
6 Using the ping command check connectivity from a router to the distant end of each
of its interfaces to the neighboring routers For example on the PE routers check theconnectivity to the distant end of the interface connecting it to the P router and on theCE router check the connectivity to the PE router
XXXgt ping xxxxxxxxxxxx crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1852
18
Section 24 ndash Testing for ICMP and ARP
Internet control messaging protocol is an IP protocol used to report on errors deliveringan IP datagram When a destination address is unreachable the router that cannot find the
destination sends an ICMP destination unreachable to the source of the IP datagram ARPis a mechanism used to find out the MAC address corresponding to a specific IP address
if one does not exist in the sourcersquos ARP cache
1 To verify ICMP messages are being generated turn on debug for ICMP packets on allcore routers To turn debug icmp on
XXXgt debug router ip icmp
2 From the edge devices attempt to ping the IP address of the far-end interface to your
core router using your edgersquos system interface address as the source address Observethe debug ICMP messages on the core routers
3 To verify ARP operation by the router turn on debug IP ARP on the routers in any
ISP (P1-P2 P3-P4 PE1 and PE2 PE3 and PE4) routers Execute the followingcommand on each of the routers
XXXgt debug router ip no icmp
XXXgt debug router ip arp
XXXgt clear router arp all
XXXgt show router arp (This should be empty now)
4 NOTE Wait until all students are at this point before proceeding
From any PE router attempt to ping the system interface IP address of all the other
directly connected routers Observe the debug ARP message Verify the ARP entryfor the neighboring interface has been added
XXXgt show router arp
How many ARP entries are on each router at this point __________
5 From any P router attempt to ping the network interface IP address of all the otherconnected routers Observe the debug ARP message Verify the ARP entry for theneighboring interface has been added
XXXgt show router arp
How many ARP entries are on each router at this point __________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1952
19
Explain ________________________________________________________________________
________________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2052
Lab 3 Dynamic IP Routing
Section 31 ndash Static Routes
Objective
In this exercise the student will configure a static route from the PE to the P router andfrom the P router to the PE router that will allow both routers to ping the system interface
of each other At this point the operator can only ping the interfaces that are directlyconnected to the router This is because those are the only networks that are known bythe router Should the operator at the PE router attempt to ping the system interface of
the P router it will fail as the PE router has no route to the destination (it is not shown inthe route-table)
1 The first step is to define the network that the operator wishes to reach In this case itwill be the address of the system interface of the distant router Once that is defined
then the router must be informed of which interface to send the information out of toreach the distant network Note when defining the ldquonext-hoprdquo interface informationthe IP address used is the distant IP address of the interface not the local IP address of
the router interface Log in to the PE router and configure a static route using thefollowing command structure The first IP address defined is the destination network
plus mask In this case it is the system interface of the P router The second IPaddress defined is the IP address of the P end of the interface that connects the P tothe PE
XXXgtconfigure router static-route xxxxxxxxyy next-hopxxxxxxxx
2 The next step is to log on to the P routers and configure a static route to the systeminterface of the PE router The command structure is the same as above The onlything that will change is the IP addresses
3
Once completed verify connectivity between the P and PE routers in your pod by pinging the system interface of the other router
XXXgt ping xxxxxxxxxxxx crarr
4 View the contents of the routing table and answer the following questions
XXXgtshow r out er r out e- t abl e crarr
a How many routes in the table ________
b What is the preference and metric value of each type of routing entry
________________________________________________________________________
________________________________________________________________________
___________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2152
Section 32 ndash Default Routes and Router Logicction 32 ndash Default Routes and Router Logic
ObjectiveObjective
In this exercise the student will configure a default route on the Customer Edge CE
router The purpose of this default route is to allow IP connectivity from the CE router tothe rest of the routers in the network This is possible due to the fact that the CE router
has only one interface towards the ISP core Therefore if the destination is not local itmust be out that interface
In this exercise the student will configure a default route on the Customer Edge CE
router The purpose of this default route is to allow IP connectivity from the CE router tothe rest of the routers in the network This is possible due to the fact that the CE router
has only one interface towards the ISP core Therefore if the destination is not local itmust be out that interface
Figure 3 Static routes CE to PE and P PE to CEFigure 3 Static routes CE to PE and P PE to CE
21
CE4R12CE4R12
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
Static Route T e 2
Static Route T e 3
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2252
22
For this exercise the CE devices will configure default routes towards theirconnected PE router Each P and PE router will configure static routes for the CE
networks (the aggregate networks that were created as part of the subnetwork exercisein Section 22) connected to their local ISP For example P1 and PE1 will eachconfigure a static route to CE1 networks and another static route to the CE2 networks
Note that each P and PE router will configure 2 static routes for each CE
1 To configure a default route is to configure a static route The only difference is thedestination network and mask information In a default route the wild card network
and mask is used to match all network prefix values that do not match anything elsein the route-table Use the following configuration on the edge router of your pod
For the next hop use the interface as defined on the previous page
XXXgtconfigure router static-route 00000 next-hop xxxxxxxx crarr
2 Log on to the core (P and PE) routers and configure static routes for each CE
customer network address of the CE routers in your local ISP For each networkthere are 2 paths through your ISP For this exercise you will enter both static routes
into each PPE router The difference will be the metric value that is used The valueof the metric is the total number of routers (including the local router) traversed toreach the destination device
XXXgtconfigure router static-route xxxxxxxxyy next-hop
xxxxxxxx met r i c zcrarr
3 Use the show command to verify the existence of the default and static routes
XXXgtshow router route-table crarr
How many routes are there in the PPE routerrsquos routing table _______
Explain
_____________________________________________________________________ _____________________________________________________________________
4 Once everyone has completed the default route configuration log on to the CE router
and ping and traceroute the various system interfaces of the various routers within thenetwork Log into the P and PE router and try to ping the configured host address on both the CE routers in the ISP
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________
Which devices were not reachable ______________________________
XXXgttraceroute xxxxxxxxxxxx crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2352
23
What path is being taken to the other CE within your local ISP ____________________________________________________________________
5 Shut down the link directly between the PE devices
XXXgtconfigure port XYZ shutdown crarr
Which devices are still reachable _______________________________
Explain _____________________________________________________________________
_____________________________________________________________________A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2452
24
Section 33 ndash IP Filters
Objective
In this exercise the student will configure an IP filter on the routers to block ICMP echo-
request access to an IP address range
To configure an IP filter we must first determine the address and protocol types that we
will be allowing access to and the direction where the filter will be applied In this casewe will be blocking access to any of the CE customer host addresses from the protocol
ICMP (IP Protocol type 1) We will block access in the INGRESS direction on the CEinterface towards the PE
CE Routers Only
6 Create and describe the filter ip instance on the CE device
XXXgt configure filter ip-filter 77 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er $ description ldquoBlock ICMP to Customernetworkrdquo
7 Set the default-action to forward
XXXgtconf i ggtf i l t er gti p- f i l t er $ default-action forward crarr
8 Deny access to all host address range only for ICMP echo-requests Note We will
match in the ingress direction
XXXgtconf i ggtf i l t er gti p- f i l t er $ entry 10 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match dst-ip xxxxxxxxyy crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match protocol 1 icmp-type echo-
request crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ action drop crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ exit all crarr
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful _____Explain _____________________________________________________________________
_____________________________________________________________________
10 Apply the filter on the CE to the router interface connected to the PE device
XXXgt configure router interface toPEx crarr
XXX gtconf i ggtr out ergti f $ ingress filter ip 77 crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2552
25
11 From the PE ping the attached CErsquos configured host loopback address Successful _____
12 From the CE ping the attached PErsquos system IP addresses Successful _____Explain
_____________________________________________________________________
_____________________________________________________________________
PE Routers only Do not start until CE Router section is completed
13 Create and describe the filter ip instance on the PE device
XXXgt configure filter ip-filter 77 create crarr XXXgtconf i ggtf i l t er gti p- f i l t er $ description ldquoBlock ICMP to System
Addressrdquo
14 Set the default-action to forward
XXXgtconf i ggtf i l t er gti p- f i l t er $ default-action forward crarr
15 Deny access to the system IP address only for ICMP echo-requests Note We willmatch in the ingress direction so the packets will destined to the system IP address
XXXgtconf i ggtf i l t er gti p- f i l t er $ entry 10 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match dst-ip xxxxxxxxyy crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match protocol 1 icmp-type echo-
request crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ action drop crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ exit all crarr
16 Apply the filter to the router interface connected to the CE device
XXXgtconfigure router interface toCExcrarr
XXXgtingress filter ip 77 crarr
17 From the PE ping the attached CErsquos loopback host IP address Successful _____
18 From the CE ping the attached PErsquos system IP address Successful _____Explain
_____________________________________________________________________ _____________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2652
Lab 4 Open Shortest Path First (OSPF)
Section 41 ndash Single Area OSPF
Objective
In this exercise the student will configure a single area OSPF network for each ISP Thislab will demonstrate the different databases that are created by the OSPF routing
protocol
CE4R12
26
Figure 4 OSPF in each ISP
NOTE Remove all static routes configured in the P and PE devices in the previous
labs DO NOT remove the static routes to CE networks on the PE
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
OSPF
OSPF
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2752
27
1 The first step is to enable the OSPF routing process on the router
XXX configure router ospf crarr
2 Next define the area that the interfaces will be placed in Remember that the areamust match between routers connected on the same interface for OSPF to establish an
adjacency The objective of this exercise is to configure a single area OSPF network
therefore all students should use the same area number
XXXgtconf i ggtr outergtospf $ area 0 crarr
3 Now enter into this area all the interfaces that you want OSPF to operate on and sendout its advertisements In this case place all the PE and P router interfaces inside thelocal ISP into the OSPF process area 0 Note that ISPs rarely exchange routes witheach other using an IGP protocol of any sort
XXXgtconf i ggtr out er gtospf gtar ea$ interface system crarr
XXXgtconf i ggtr outergtospf gtar eagti f $ exit crarr XXXgtconf i ggtr outergtospf gtar eagt interface toPE1
XXXgtconf i ggtr out ergtospf gtareagti f $ interface-type point-to-point crarr
Continue until all the interfaces on the PE and P routers within the ISP are enteredinto the OSPF process in area 0
XXXgtshow r out er r out e- t abl e crarr
a How many routes in the table ________ b
_________________________________________________________________ _________________________________________________________________
_________________________________________________________________ _________________________________________________________________
What is the preference and metric value of each OSPF Route
4 Use the show command to look at the OSPF neighbors of the P routers
XXXgtshow r out er ospf nei ghbor crarr
a How many neighbors do you see on the P devices _____ PE _____ CE _____
b What is the state of their adjacency ____ Why
____________________________________________________________________
____________________________________________________________________
Use the following command to show the ospf link state database This database is alisting of all LSAs that have been received by the router It is these LSAs that the SPFalgorithm uses to create the forwarding table
XXX show router ospf database detail crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2852
28
a What types of LSAs are in the database _______________________________________________________________
_______________________________________________________________ b Is the database consistent on all the ISP routers _______
5 Once everyone has completed the OSPF configuration login to the P router and ping
the other PE router system interfaces
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________Which devices were not reachable ______________________________
Explain _____________________________________________________________________ ___________________________________________________________________
6 To reach the CE networks from any of the PE and P routers the CE networks need to
be distributed into OSPF running on PE and P routers The static routes to the CEnetworks are defined on the PE routers and need to be distributed on the PE routers
To do this
a
the PE router must be configured as an ASBR (Autonomous System Border
Router) The ASBR configuration under OSPF enables a router running the OSPFrouting protocol to distribute networks external to the OSPF domain into OSPFIn this case the static routes to the CE networks are not part of the ISP OSPF
domainOn the PE routerXXXgtconf i ggtr out er gtospf gtar ea 0 asbrcrarr
b A routing policy on the PE distributes the static routes into OSPF
On the PE routerXXX configure router policy-options crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons begin crarr XXXgtconf i ggtr out ergtpol i cy- opt i ons policy-statement Export_Routes crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement $ entry 10 crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y$
from protocol static crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y
action accept crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r ygtact i on
back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons commit crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons exit all crarr XXXgtconf i ggtr outergtospf export Export_Routes
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2952
29
7 From the PE and the P routers ping all the CE networks (ie ping the CE hostloopback address) within the ISP
Which devices were reachable _______________________________
Which devices were not reachable ______________________________Explain
_____________________________________________________________________
___________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3052
Lab 5 BGP Routing
Section 51 ndash BGP Routing
Objective
In this exercise the student will configure their ISP as a BGP Autonomous System The
student will then configure the BGP routing protocol to connect the Autonomous Systemstogether and exchange routing information
CE4R12
Figure 5 BGP between ISPs and within ISPs
30
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
OSPF
OSPF
BGP
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3152
31
1 Assign your AS number to your P and PE routers (R1-R8)
XXXgtconf i ggtr out er autonomous-system 6500n (n = ISP) crarr
2 P1 and P3 P2 and P4 will be configured as external BGP peers (eBGP) Note thateBGP peers typically use the next-hop interface IP address as the neighbor address
Since the ISPs will now be peering (share an IP network) between them assign the
link between P1 and P3 host addresses from 145001031 and the link between P2and P4 will be assigned hosts from the 145002031 network
XXXgtconf i ggtr out er bgp gr oup eBGP crarr
XXXgtconf i ggtr out er gtbgpgtgroup$ nei ghbor xxxxxxxx crarr
XXXgtconf i ggtr outergtbgpgtgroupgtnei ghbor$ peer - as ltremote ASgt crarr
3 P1 and P2 P3 and P4 will be configured as internal BGP peers (iBGP) Note that
iBGP peers typically use the system interface IP address as the neighbor address
XXXgtconf i ggtr out er bgp group i BGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ nei ghbor xx xx xx xx crarr
XXXgtconf i ggtr outergtbgpgtgroupgtnei ghbor$ peer - as ltl ocal ASgt crarr
4
At this point each P router should have one internal and one external BGP session
xxx show r out er bgp summar y crarr
5
We can see the advertised routes for reach neighbor using the following command
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
a How many routes are advertised to each neighbor _____ b Explain
____________________________________________________________ __________________________________________________________
6
BGP like other distance vector protocols requires an export policy to advertise-routes to other BGP peers The most accepted way to originate a route from an ISP isto create a black-hole static route for all aggregates to be advertised This will ensure
these routes always exit to eliminate IGP related route flapping Create the black-holestatic route for the aggregate of your local ISP A black hole indicates that traffic fora particular route will be discarded unless a more specific route exists in the routing
table A black hole static-route only makes sense from an aggregation view point Foreg if there are the following routes in the routing table
XXX configure router static-route xxxxxxxxyy black-hole
preference 250
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3252
32
8 Execute the following set of commands on the core routers (R1-R4) This will exportall static routes to the eBGP peers
XXX configure router policy-options crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons begin crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons policy-statement Export_Routes crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement $ entry 10 crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y$
from protocol static crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y
action accept crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r ygtact i on
back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons commit crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons exit all crarr
XXXconf i gur e router bgp group eBGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ expor t Expor t _Routes crarr
NOTE Wait for all nodes to be fully configured before proceeding
7
Notice that there are routes being advertised now that the policy is applied
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
How many routes are in the routing table of R1-R4 ________________Explain
_____________________________________________________________________ ___________________________________________________________________
9 Log on to the PE routers and ping the other P router system interfaces of the other ISP
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________Which devices were not reachable ______________________________
Explain _____________________________________________________________________
___________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3352
Lab 6 Services
Section 61 Services Framework
Objective
In order to complete the next group of labs we need to create a topology to support the
services we will deploy The two service providers from the previous sections havemerged into one and are offering a VPLS service across their network As long as routesexist to the system addresses of all the PE devices in the provider network a VPLSservice can be created The new service provider is running OSPF as the IGP for their
core network
33
Figure 6 Service Provider core network
CE4R12
P1R1 P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
OSPF
CE3R11
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3452
34
Running an IPMPLS-based service requires a Label Distribution Protocol (wersquoll useLDP for ease of deployment) and a full mesh of Service Distribution Paths (SDPs)
Follow the steps below
Reference Terminology
R1-R4 = Provider Routers = P1-P4
R5-R8 = Provider Edge Routers = PE1-PE4R9-R12 = Customer Edge Routers = CE1-CE4
Part 1 Provider Router Configuration (P1-P4)
1) In the previous lab routing between ISPs is provided by BGP Since the ISPs have
merged they will be merged into one routing domain running OSPF as their IGP
The interfaces between R1 and R3 and between R2 and R4 must be added to OSPF to
make this a single routing domain
2) The MPLS signaling protocol that will be used in the following section is LDP LDP
must be enabled on ALL interfaces that will be required to perform MPLS Label
exchange
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr
XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toP_ is the router interface to all neighboring routers
Part 2 Provider Edge Router Configuration (PE1-PE4)
1) LDP must be enabled on ALL router interfaces in the provider core to allow labels to
be exchanged across the Provider and Provider Edge routers
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toR_ is the router interface to the P and PE routers only
LDP is an MPLS signaling protocol therefore once all routers in the network have been
correctly configured for LDP LSPs will be created dynamically based on the systemaddresses of each node in the network
3) Configure a full mesh of SDPs (Service Distribution Paths) between the PE routers
only This will allow the distribution of services across all PE routers in the networks
When yoursquove completed this section each PE node will have a total of 3 SDPs to
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3552
35
each of the other 3 PEs The SDP is identified by an integer and we will use the router
number (5 6 7 or 8) of the far end PE to identify the SDP So PE1 (R5) will have 3
SDPs numbered 6 7 and 8 to each of the other three PEs
XXXgtconf i gure servi ce sdp x mpl s cr eat e crarr
XXXgtconf i ggtser vi cegtsdp$ f ar - end xxxxxxxxxxxx crarr
XXXgtconf i ggtser vi cegtsdp$ l dp crarr
XXXgtconf i ggtser vi cegtsdp$ no shut down crarr
Where x is the router number of the destination node
Where xxxxxxxxxxxx is the system IP address of the far-end device
Part 3 Customer Edge Router Configuration (CE1-CE4)
In the following service labs the Customer Edge devices will be configured as traditional
routers Each CE router has an interface in the same IP subnet The VPLS service will join these four routers in the same way an Ethernet switch would join them Thefollowing configuration is required on each CE device
1) Create the router interface on the interface connecting the CE to the service enabled
PE devices
XXXgtconf i gure r out er i nt er f ace ser vi cesCE_ crarr
XXXgtconf i ggtr out ergti f $ addr ess 192 168 1 x 24 crarr
XXXgtconf i ggtr out ergti f $ por t X Y Z crarr XXXgtconf i ggtr outergti f $ no shutdown
Where x is the local router number
Where XYZ is the physical network port connecting the CE to the neighboring
PE
2) Create OSPF area 0 and add the Router Interface created in step 1 and the system
interface to it
XXXgtconf i gur e rout er ospf area 0 crarr
XXXgtconf i ggtr out ergtospf gtarea$ i nter f ace syst emcrarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
XXXgtconf i ggtr out ergtospf gtarea i nter f ace servi ceCE1 crarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
Part 4 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3652
36
1) LDP is the protocol used for signaling which tunnel labels will be PUSHed
SWAPped POPped while data traverses the LSP To view which labels will be used
and their function use the following command
XXX show r out er l dp bi ndi ngs act i ve crarr
a How many PUSH actions on the P PE and CE devices
_______________________ Explain _______________________________________________________________
_______________________________________________________________
__________
b How many SWAP actions on the P PE and CE devices
_______________________ Explain
_______________________________________________________________
_______________________________________________________________
__________
c How many POP actions on the P PE and CE devices
_________________________ Explain
_______________________________________________________________ _______________________________________________________________
__________
2) CE Connectivity
a How many OSPF adjacencies are there on your CE device _____
b Ping the other CE devices in the network (ping 1921681x)
Explain the results ________________________________________________________________________ ________________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3752
Section 62 VPLS Example
Objective
A VPLS is a layer 2 service that can connect multiple sites in one LAN Itrsquos like creatinga virtual Switch out of a network of Service Routers In this lab we will create a VPLSacross all the PE nodes The PE devices will connect to each other with a full mesh using
mesh-sdp Note that after the service reference topology has been configured adding
services from edge to edge does not require any further modification of the P devices
37
Figure 6 VPLS service in each ISP between PE and P routers with SAP connections to CE routers
Part 1 Provider Edge Router Configuration (R5-R8)
1) Create the VPLS service
CE4R12
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
CE3R11
VPLS 1
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3852
38
XXXgtconf i gur e servi ce vpl s 1 cust omer 1 cr eat e crarr
XXXgtconf i ggtser vi cegtvpl s$ no shut down crarr
2) SDPs are used to distribute services across multiple service routers and therefore
bind a transport tunnel to the service You will need to create a mesh-sdp between
each PE router (R5-R8) to allow full communication across the PE routers Each PE
router should have 3 mesh-SDPs at the conclusion of this step Note that a mesh-sdp
will not forward a frame out another mesh-sdp allowing for a loop free service
topology within the core
XXXgtconf i gur e ser vi ce vpl s 1 mesh- sdp x create crarr
XXXgtconf i ggtser vi cegtvpl sgtmesh- sdp$ back crarr
Where x is the sdp to the other PE routers (R5=5 R6=6 R7=7 R8=8)
3) Service Access Points are used to attach CE devices to services on PE devices
XXXgtconf i gur e servi ce vpl s 1 sap X Y Z cr eat e crarr
Where XYZ is the physical port connecting the CE device to the PE
a Were you successful at adding the SAP _______
b Explain
_______________________________________________________________
_______________________________________________________________
c Correct the problem
XXXgtconf i gur e port X Y Z shut down crarr
XXXgtconf i gur e por t X Y Z et her net mode access crarr
XXXgtconf i gur e por t X Y X no shut down crarr
Part2 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
a View the in-use Service LDP bindings on the P and PE routers (U after label
indicates in-use)
XXX show r out er l dp bi ndi ngs f ec- t ype ser vi ces crarr
a How many Ingress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3952
39
b How many Egress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
b Network Connectivity
a How many OSPF adjacencies are there on your CE device _____
b
Are you able to ping the other CE devices in the lab _____c Are you able to ping the system IP address of the P device from the CE
device ____
d Explain the results
_______________________________________________________________
_______________________________________________________________
c Services Use the following command to determine the health of your services
XXXgt show ser vi ce servi ce- usi ng crarr
a How many services are there on each device in your POD ______
b
What is their status ______c Use the following command to find out more information about your service
XXXgt show ser vi ce i d 1 base crarr
d On each PE device we can see the MAC database per service using the
following command
XXXgt show ser vi ce i d 1 f db det ai l crarr
i How many local MAC addresses are in your table ____
ii How many remote MAC addresses are in your table ____
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
XXXgtconf i gur e servi ce sdp x shutdown crarr
Where x is the SDP to the remote PE device (R5=5 R6=6 R7=7 R8=8)
i How many OSPF adjacencies are there on your CE device _____
ii Ping the system IP addresses of all other CE devices in the lab
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4052
40
iii Explain the results
_________________________________________________________
_________________________________________________________
f On the P routers observe the impact of step d
XXXgtshow r out er l dp bi ndi ngs act i ve crarr
i
How many labels are there _____________
ii Is there any difference compared to what was seen in previously in
step a ________________
Explain __________________________________________________________________
__________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4152
41
Solutions
Exercise 13 Hardware
Sample Relevant Config--------------------------------------------------
echo Card Configuration--------------------------------------------------
card 1card-type iom-20g
mda 1
mda-type m60-10100eth-tx
ingress
mcast-path-managementshutdown
exit
exit
exit
exit
--------------------------------------------------
Exercise 14 Logs
Sample Relevant Config--------------------------------------------------echo Log Configuration
--------------------------------------------------
log
log-id 21
description Main stream log
from main
to memoryexit
log-id 22
description Security Log File
from security
to memoryexitlog-id 23
description Debug-trace
from debug-trace
to memoryexit
log-id 24
description Change Log
from change
to memoryexit
exit
Exercise 21
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4252
42
Divide up the ISP address space into equal space 512 host addresses
13812016022
13812020022
13812024022
13812028022 - divide into 13812028023 and 13812030023
Take the last 13812030023 and divide that into
13812030027 A1 30 hosts
138120303227 A2 62 hosts
138120306427
138120309627 B1 92 hosts
1381203012826
1381203019226 B2 316 hosts
13812031024
Exercise 22
Divide 140100024 into 827 address spaces
140100027 Reserved Reserved
1401003227 Unused
1401006427 Unused
1401009627 Split 1401009630
14010010030
14010010430
14010010830
14010011230
14010011630
14010012030
14010012430
All interface addresses
14010012827 Aggregate 14010012826 Assigned to Customer
space
14010016027
14010019227 Aggregate 14010019226 Assigned to customer
space
14010022427
Exercise 23
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4352
43
5 Is there a difference between the outputs of the lsquoshow router interfacersquo command
and the lsquoshow router route-tablersquo command What is the difference
Yes there is a difference The route table shows me the networks that are connected to myrouter and the logical interface it is connected to The router interface command shows
me the host address assigned to the port from the network that is used on my router along
with the physical port it is bound to
Relevant Configuration from P1
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
router
interface system
address 140100132
exit
interface t-R2exit
interface to-R2
address 140100530
port 112exit
interface to-R3
address 14010010930
port 113
exitinterface to-R5
address 14010011830
port 111
exit
exit
Exercise 244 How many ARP entries are on each router at this point
There are no ARP entries in my ARP table at this point The routers do not know how to
reach the system addresses of other routers so no ARP responses are received
5 How many ARP entries are on each router at this point
I see entries for each of my directly connected peers The MAC address belongs to the
remote routerrsquos interface ARP entries are populated because all routers know of theirdirectly connected networks and will respond to ARP requests accordingly
Exercise 31
5 View the contents of the routing table and answer the following questions
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4452
44
a How many routes in the table
There are routes for all my connected networks and an additional STATIC routefor each entry I put in
b What is the preference and metric value of each type of routing entry
The LOCAL entries have a Metric and Preference of 0The Static Routes have a Metric of 1 and a Preference of 5
Exercise 323 How many routes are there in the PPE routerrsquos routing table
Even though I entered 4 static routes total on the router only 2 are active in myrouting table The router preferred the static-route with the lowest metric
4 Which devices were reachable
I was able to ping the CE routers
Which devices were not reachable
I was unable to ping the System addresses of routers 2 hops away as they do not have
routes to the remote CE system address in their table The directly attached PE routerhas a staticroute to the local CE system address from a previous step
What is the PATH to the other CE within your local ISP
CE PE PE CE
5
Shut down the link directly between the PE devices
Which Devices are still reachable
I am still able to PING the other CE in my ISP by using the alternate (floating) static-route that replaced the last route Once a interface goes operationally down routers
flush routes from their routing table that use it as their next-hop
Exercise 33
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4552
45
YES While the filter is created it is not applied to any interface yet
11 From the PE ping the attached CErsquos configured host loopback address
SuccessfulYES
12 From the CE ping the attached PErsquos system IP addresses
Successful NO The filter is blocking icmp echo-requests in only one direction therefore ping
works one way but not the other
17 From the PE ping the attached CErsquos loopback host IP address
Successful
YES ICMP echo-requests are not blocked to the Loopback segment ONLY thesystem IP
18 From the CE ping the attached PErsquos system IP address
Successful
NO The filter is now blocking ICMP echo-requests to both CE and PE systemaddresses
Sample PE Relevant Config
--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forwarddescription Block ICMP to System Address
entry 10 create
match protocol icmpdst-ip 1511003032
icmp-type echo-request
exit
action drop
exit
exitexit
--------------------------------------------------
echo Router (Network Side) Configuration
--------------------------------------------------
interface to-R12
address 15110012630 port 112
ingress filter ip 77
exit
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4652
46
Sample CE Relevant Config--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forward
description Block ICMP to System Addy
entry 10 creatematch protocol icmp
dst-ip 1511003132
icmp-type echo-request
exit
action dropexit
exit
exit
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
interface to-R8
address 15110012530
port 112ingress filter ip 77
exit
Exercise 413
c How many routes in the table
There are 5 OSPF routes in my routing table 3 System Addresses and 2 Intefacenetworks that are not directly connected to my local system
d What is the preference and metric value of each OSPF Route
The OSPF routes vary in metric depending how ldquofarrdquo away they are (OSPF usescumulative cost based on bandwidth) but all have a preference of 10
4c How many neighbors do you see on the P devices 2
PE 2
CE 0
d What is the state of their adjacency
The P and PE adjacencies are Established because there is a OSPF speaker on the
other end with the proper parameters configured
There is no OSPF adjacency to the CE router listed as none was configured
e What type of LSAs are in the database
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4752
47
Only Type 1 Router LSA are present due to the interface being configured as point-
to-point
5 Which devices were reachable
All the devices in the local ISP were now reachable
Which devices were not reachable
The devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs Also none of the CE Host Networks were reachable as therouters did not have routes for these networks in their local routing table
6 Which devices were reachable
All networks and devices in the local ISP are now reachable
Which devices were not reachable
Devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs
Sample Relevant Config
--------------------------------------------------
echo OSPFv2 Configuration
--------------------------------------------------
ospf
area 0000interface system
interface-type point-to-point
exit
interface to-R4interface-type point-to-point
exitinterface toLAN
interface-type point-to-point
exitexit
exit
exit
Exercise 515 How many routes are advertised to each neighbor
There are no routes advertised to the neighbors because BGP does not originateroutes until an export policy is created and applied to the BGP instance
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4852
48
8 How many routes are in the routing table of R1-R4
There is 1 BGP route in each of R1-R4s routing tables matching the best path tothe aggregate advertised by the remote ISPs
9 Which devices were reachable
From the PE routers only the P routers in the local ISP were reachable
Which devices were not reachable
All routers in the remote ISP were still unreachable This is due to the local PE router
not participating in the BGP routing protocol and therefore it is not aware of theaggregate route advertised from P to P router
Sample Relevant Router Config
--------------------------------------------------
echo Static Route Configuration
--------------------------------------------------
static-route 140100024 black-hole--------------------------------------------------
echo Policy Configuration
-------------------------------------------------- policy-options
begin
policy-statement Export_Routes
entry 10
from protocol static
exit
action accept
exit
exit
exit
commitexit
--------------------------------------------------
echo BGP Configuration
--------------------------------------------------
bgpgroup eBGP
export Export_Routes
exit
group ebgpneighbor 1601006
peer-as 65002
exit
exitgroup ibgp
neighbor 1401002
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4952
49
peer-as 65001
exit
exit
exit
exit
Exercise 61Part 4 Verification
1 a How many PUSH actions on the P PE and CE devices
There are 7 PUSH operations on each P and PE device There are no PUSHoperations on the CE as it is not running LDP
b How many SWAP actions on the P PE and CE devices
There are 7 SWAP operations on each P and PE device There are no SWAP
operations on the CE as it is not running LDP
c How many POP actions on the P PE and CE devices
There is 1 POP operation on each P and PE device There are no POP operationson the CE device as it is not running LDP
2
a How many OSPF adjacencies are there on your CE device
None
b Ping the other CE devices in the network (ping 1921681x)
Nothing is reachable because there is no layer 2 connectivity from CE to CE
device without creating a service
Exercise 62 3 Were you successful at adding the SAP
No The port must be in access mode before you can create a SAP on it
Part 2 Verification
1
g How many Ingress labels
There are now 3 Ingress labels on the PE devices The P and CE device has no
service labels
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5052
50
h How many SWAP actions
There are now 3 Egress labels on the PE devices The P and CE device has noservice labels
2
a
How many OSPF adjacencies are there on your CE device3
b Are you able to ping the other CE devices in the lab
YES
c Are you able to ping the system IP address of the P device from the CE
device
NO The O and PE devices are private from the service to which the CEdevices are connected on
3
a How many services are there on each device in your POD
1 per PE only
b What is their status
Operationally UP
d On each PE device we can see the MAC database per service using the
following command
iii How many local MAC addresses are in your table
1
iv How many remote MAC addresses are in your table
3
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
i How many OSPF adjacencies are there on your CE device
1
ii Ping the system IP addresses of all other CE devices in the lab
Only the CE device connected to the diagonally connected PE isreachable because it is the only one with an active SDP in both
directionsf
i How many labels are there
Same as before
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5152
51
ii Is there any difference compared to what was seen in previously
in step a
NO The LSPs created with LDP are still active only the SDP usedto bind the LSPs to the service are shut down therefore no labelswill be withdrawn
Sample PE Relevant Configuration
--------------------------------------------------echo LDP Configuration
--------------------------------------------------
ldpinterface-parameters
interface to-R1
exit
interface to-R6
exit
interface to-R5exit
exit
targeted-session
exit
exitexit
--------------------------------------------------
echo Service Configuration
--------------------------------------------------
service
customer 1 createdescription Default customer
exit
sdp 6 mpls createfar-end 1401006
ldp
keep-alive
shutdown
exit
no shutdown
exitsdp 7 mpls create
far-end 1511001
ldp
keep-alive
shutdownexit
no shutdown
exit
sdp 8 mpls create
far-end 15110030
ldpkeep-alive
shutdown
exit
no shutdown
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5252
52
exit
vpls 612 customer 1 create
stp
shutdown
exitsap 112 create
exit
mesh-sdp 6612 create
mesh-sdp 7612 create
mesh-sdp 8612 createexitno shutdown
exit
exit A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1352
Section 22 ndash ISP addressing with P PE and CE routers
Objective
In this exercise the student will design and implement an IP network addressing scheme
to support the communications between the routers as shown in the diagram below TheIP addressing schema will be used further in the subsequent lab exercises
Figure 2 Two ISPS
There are two ISPs shown in the above diagram ISP 1 consists of routers P1 P2 PE5and PE6 ISP 2 consists of routers P3 P4 PE3 and PE4
P1 and P2 P3 and P4 are considered provider routers and serve as transit points to other
provider routers PE1 and PE2 PE3 and PE4 are provider edge routers and connect to theISP customers These routers provide Internet and other network access to the ISP
customers
13
CE4R12
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1452
14
CE 1 and CE2 are customer edge routers that represent customers of ISP 1 CE3 and CE4are routers that represent customers of ISP2 These routers provide traffic from the ISP to
the various customer entities
Each ISP is assigned the following public address space by IANA
ISP 1 140100024
ISP 2 150100024
Your task is to design an IP sub-network based on the address space provided and assignthe sub networks to the various routers based on the following requirements which are the
same for both ISPs Note All students assigned to each of the ISP must collaboratetogether
Requirements
1 The first 32 addresses in the assigned IP space for both ISPs are reserved for system
and other internal loopback addresses on the P PE Each of the routers in the ISP andwill require a system address from this block
2
The next 64 addresses in the assigned IP space for both ISPs are reserved for futureuse
3 All customer routers on both ISPs are connected to at most 60 hosts So each ISP
needs to assign two 60 host addressing schemes to represent all the customers4 All inter router links including CE-PE router links within each ISP are point to point
links however for the sake of convenience they should be assigned lsquo30rsquo based
addresses
5 ISP 1 and ISP2 provider routers are physically connected to each other but are not peering to each other
Enter the addresses in the table below
ISP Number 1 Router Port Interface name IP Address
PE1 System
toP1
toPE2
toCE1
P1 System
toP3 Not used
toP2
toPE1
PE2 System
toP2
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1552
15
toPE1
toP1
P2 System
toPE2
toP4 Not used
toP1
CE1 System Not used
toPE1
Aggregate
CE2 System Not used
toPE2
Aggregate
ISP Number 2 Router Port Interface name IP Address
PE3 System
toP3
toPE4
toCE3
P3 SystemtoP1 Not used
toP4
toPE3
PE4 System
toP4
toPE3
toCE4
P4 System
toPE4
toP3
toP2 Not used
CE3 System Not usedtoPE3
Aggregate
CE4 System Not used
toPE4
Aggregate
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1652
16
Section 23 ndash Layer 3 Interfaces
Objective
In this exercise the student will configure the layer 3 interfaces as per the IP addressing
scheme listed in the tables in the previous exercise
1 Using the following command take a look at any existing interfaces on the router
Notice that the system interface is already created This interface exists by defaultand cannot be removed The only requirement is to assign the system interface with
an IP address The system interface will be automatically used by the various routing protocols as the router-id
XXXgtshow router interface crarr
2 Assign the IP address to the system interface as per the above table on the PE and Prouters
XXXgtconf i ggtrouter crarr XXXgtconf i ggtr outer interface system crarr
XXXgtconf i ggtr out ergti f address xxxxxxxxxxxx 32 crarr
XXXgtconf i ggtr out ergti f exit crarr
3 Assign the IP addresses to the rest of the interfaces on the CE PE and P routers Thedifference between these interfaces and the system interface is the fact that the non-
system interfaces require the addition of a physical port
a The system interface being a loopback or virtual interface does not have a
physical port assigned to it b Other non-system interfaces can also be created as loopback interfaces (as
shown below) and also not required the addition of a physical port However
they need to be explicitly configured as a loopback interfaces by specifyingthe command ldquoloopbackrdquo
c The customer networks on the CE router can be specified as a loopback
interface for the purpose of aggregation however on the loopback interface asingle host address in the customer network needs to be defined
Interface Type Name Loopback Subnet Mask Port Config
Normal ldquoAny Stringrdquo No 8-31 Required
System system Implicit 32 None
Loopback ldquoAny Stringrdquo Explicit 8-31 loopback
XXXgtconf i ggtr outer interface Hosts crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1752
17
XXXgtconf i ggtr out ergti f $ address xxxxxxxxxxxxyy crarr XXXgtconf i ggtr out ergti f $ loopback
XXXgtconf i ggtr out ergti f $ exitcrarr
4 Continue until all the interfaces have been assigned an IP address and the interface
has been associated to the correct port Once completed use the show command tosee the status of the router interfaces that have just been created The administrative
and operational status should both be up If an interface shows operationally downthis could be indicative of a physical problem Use the info command to view theconfiguration of the router interfaces to ensure that they have all (with the exception
of the System interface) been associated with a port
XXXgtshow router interface crarr
XXXgtconf i ggtroutercrarr
XXXgtconf i ggtr outer info crarr
5 Using the show command check the route tables of all the CE PE and P routers inyour ISP Notice the routes that now appear in the route table and take note of their
protocol type The PE routers should see 4 routes in the route table while the Prouters should see 4 routes in the route table
XXXgtshow router route-table crarr
Is there a difference between the outputs of the lsquoshow router interfacersquo command andthe lsquoshow router route-tablersquo command What is the difference
__________
6 Using the ping command check connectivity from a router to the distant end of each
of its interfaces to the neighboring routers For example on the PE routers check theconnectivity to the distant end of the interface connecting it to the P router and on theCE router check the connectivity to the PE router
XXXgt ping xxxxxxxxxxxx crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1852
18
Section 24 ndash Testing for ICMP and ARP
Internet control messaging protocol is an IP protocol used to report on errors deliveringan IP datagram When a destination address is unreachable the router that cannot find the
destination sends an ICMP destination unreachable to the source of the IP datagram ARPis a mechanism used to find out the MAC address corresponding to a specific IP address
if one does not exist in the sourcersquos ARP cache
1 To verify ICMP messages are being generated turn on debug for ICMP packets on allcore routers To turn debug icmp on
XXXgt debug router ip icmp
2 From the edge devices attempt to ping the IP address of the far-end interface to your
core router using your edgersquos system interface address as the source address Observethe debug ICMP messages on the core routers
3 To verify ARP operation by the router turn on debug IP ARP on the routers in any
ISP (P1-P2 P3-P4 PE1 and PE2 PE3 and PE4) routers Execute the followingcommand on each of the routers
XXXgt debug router ip no icmp
XXXgt debug router ip arp
XXXgt clear router arp all
XXXgt show router arp (This should be empty now)
4 NOTE Wait until all students are at this point before proceeding
From any PE router attempt to ping the system interface IP address of all the other
directly connected routers Observe the debug ARP message Verify the ARP entryfor the neighboring interface has been added
XXXgt show router arp
How many ARP entries are on each router at this point __________
5 From any P router attempt to ping the network interface IP address of all the otherconnected routers Observe the debug ARP message Verify the ARP entry for theneighboring interface has been added
XXXgt show router arp
How many ARP entries are on each router at this point __________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1952
19
Explain ________________________________________________________________________
________________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2052
Lab 3 Dynamic IP Routing
Section 31 ndash Static Routes
Objective
In this exercise the student will configure a static route from the PE to the P router andfrom the P router to the PE router that will allow both routers to ping the system interface
of each other At this point the operator can only ping the interfaces that are directlyconnected to the router This is because those are the only networks that are known bythe router Should the operator at the PE router attempt to ping the system interface of
the P router it will fail as the PE router has no route to the destination (it is not shown inthe route-table)
1 The first step is to define the network that the operator wishes to reach In this case itwill be the address of the system interface of the distant router Once that is defined
then the router must be informed of which interface to send the information out of toreach the distant network Note when defining the ldquonext-hoprdquo interface informationthe IP address used is the distant IP address of the interface not the local IP address of
the router interface Log in to the PE router and configure a static route using thefollowing command structure The first IP address defined is the destination network
plus mask In this case it is the system interface of the P router The second IPaddress defined is the IP address of the P end of the interface that connects the P tothe PE
XXXgtconfigure router static-route xxxxxxxxyy next-hopxxxxxxxx
2 The next step is to log on to the P routers and configure a static route to the systeminterface of the PE router The command structure is the same as above The onlything that will change is the IP addresses
3
Once completed verify connectivity between the P and PE routers in your pod by pinging the system interface of the other router
XXXgt ping xxxxxxxxxxxx crarr
4 View the contents of the routing table and answer the following questions
XXXgtshow r out er r out e- t abl e crarr
a How many routes in the table ________
b What is the preference and metric value of each type of routing entry
________________________________________________________________________
________________________________________________________________________
___________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2152
Section 32 ndash Default Routes and Router Logicction 32 ndash Default Routes and Router Logic
ObjectiveObjective
In this exercise the student will configure a default route on the Customer Edge CE
router The purpose of this default route is to allow IP connectivity from the CE router tothe rest of the routers in the network This is possible due to the fact that the CE router
has only one interface towards the ISP core Therefore if the destination is not local itmust be out that interface
In this exercise the student will configure a default route on the Customer Edge CE
router The purpose of this default route is to allow IP connectivity from the CE router tothe rest of the routers in the network This is possible due to the fact that the CE router
has only one interface towards the ISP core Therefore if the destination is not local itmust be out that interface
Figure 3 Static routes CE to PE and P PE to CEFigure 3 Static routes CE to PE and P PE to CE
21
CE4R12CE4R12
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
Static Route T e 2
Static Route T e 3
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2252
22
For this exercise the CE devices will configure default routes towards theirconnected PE router Each P and PE router will configure static routes for the CE
networks (the aggregate networks that were created as part of the subnetwork exercisein Section 22) connected to their local ISP For example P1 and PE1 will eachconfigure a static route to CE1 networks and another static route to the CE2 networks
Note that each P and PE router will configure 2 static routes for each CE
1 To configure a default route is to configure a static route The only difference is thedestination network and mask information In a default route the wild card network
and mask is used to match all network prefix values that do not match anything elsein the route-table Use the following configuration on the edge router of your pod
For the next hop use the interface as defined on the previous page
XXXgtconfigure router static-route 00000 next-hop xxxxxxxx crarr
2 Log on to the core (P and PE) routers and configure static routes for each CE
customer network address of the CE routers in your local ISP For each networkthere are 2 paths through your ISP For this exercise you will enter both static routes
into each PPE router The difference will be the metric value that is used The valueof the metric is the total number of routers (including the local router) traversed toreach the destination device
XXXgtconfigure router static-route xxxxxxxxyy next-hop
xxxxxxxx met r i c zcrarr
3 Use the show command to verify the existence of the default and static routes
XXXgtshow router route-table crarr
How many routes are there in the PPE routerrsquos routing table _______
Explain
_____________________________________________________________________ _____________________________________________________________________
4 Once everyone has completed the default route configuration log on to the CE router
and ping and traceroute the various system interfaces of the various routers within thenetwork Log into the P and PE router and try to ping the configured host address on both the CE routers in the ISP
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________
Which devices were not reachable ______________________________
XXXgttraceroute xxxxxxxxxxxx crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2352
23
What path is being taken to the other CE within your local ISP ____________________________________________________________________
5 Shut down the link directly between the PE devices
XXXgtconfigure port XYZ shutdown crarr
Which devices are still reachable _______________________________
Explain _____________________________________________________________________
_____________________________________________________________________A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2452
24
Section 33 ndash IP Filters
Objective
In this exercise the student will configure an IP filter on the routers to block ICMP echo-
request access to an IP address range
To configure an IP filter we must first determine the address and protocol types that we
will be allowing access to and the direction where the filter will be applied In this casewe will be blocking access to any of the CE customer host addresses from the protocol
ICMP (IP Protocol type 1) We will block access in the INGRESS direction on the CEinterface towards the PE
CE Routers Only
6 Create and describe the filter ip instance on the CE device
XXXgt configure filter ip-filter 77 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er $ description ldquoBlock ICMP to Customernetworkrdquo
7 Set the default-action to forward
XXXgtconf i ggtf i l t er gti p- f i l t er $ default-action forward crarr
8 Deny access to all host address range only for ICMP echo-requests Note We will
match in the ingress direction
XXXgtconf i ggtf i l t er gti p- f i l t er $ entry 10 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match dst-ip xxxxxxxxyy crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match protocol 1 icmp-type echo-
request crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ action drop crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ exit all crarr
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful _____Explain _____________________________________________________________________
_____________________________________________________________________
10 Apply the filter on the CE to the router interface connected to the PE device
XXXgt configure router interface toPEx crarr
XXX gtconf i ggtr out ergti f $ ingress filter ip 77 crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2552
25
11 From the PE ping the attached CErsquos configured host loopback address Successful _____
12 From the CE ping the attached PErsquos system IP addresses Successful _____Explain
_____________________________________________________________________
_____________________________________________________________________
PE Routers only Do not start until CE Router section is completed
13 Create and describe the filter ip instance on the PE device
XXXgt configure filter ip-filter 77 create crarr XXXgtconf i ggtf i l t er gti p- f i l t er $ description ldquoBlock ICMP to System
Addressrdquo
14 Set the default-action to forward
XXXgtconf i ggtf i l t er gti p- f i l t er $ default-action forward crarr
15 Deny access to the system IP address only for ICMP echo-requests Note We willmatch in the ingress direction so the packets will destined to the system IP address
XXXgtconf i ggtf i l t er gti p- f i l t er $ entry 10 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match dst-ip xxxxxxxxyy crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match protocol 1 icmp-type echo-
request crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ action drop crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ exit all crarr
16 Apply the filter to the router interface connected to the CE device
XXXgtconfigure router interface toCExcrarr
XXXgtingress filter ip 77 crarr
17 From the PE ping the attached CErsquos loopback host IP address Successful _____
18 From the CE ping the attached PErsquos system IP address Successful _____Explain
_____________________________________________________________________ _____________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2652
Lab 4 Open Shortest Path First (OSPF)
Section 41 ndash Single Area OSPF
Objective
In this exercise the student will configure a single area OSPF network for each ISP Thislab will demonstrate the different databases that are created by the OSPF routing
protocol
CE4R12
26
Figure 4 OSPF in each ISP
NOTE Remove all static routes configured in the P and PE devices in the previous
labs DO NOT remove the static routes to CE networks on the PE
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
OSPF
OSPF
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2752
27
1 The first step is to enable the OSPF routing process on the router
XXX configure router ospf crarr
2 Next define the area that the interfaces will be placed in Remember that the areamust match between routers connected on the same interface for OSPF to establish an
adjacency The objective of this exercise is to configure a single area OSPF network
therefore all students should use the same area number
XXXgtconf i ggtr outergtospf $ area 0 crarr
3 Now enter into this area all the interfaces that you want OSPF to operate on and sendout its advertisements In this case place all the PE and P router interfaces inside thelocal ISP into the OSPF process area 0 Note that ISPs rarely exchange routes witheach other using an IGP protocol of any sort
XXXgtconf i ggtr out er gtospf gtar ea$ interface system crarr
XXXgtconf i ggtr outergtospf gtar eagti f $ exit crarr XXXgtconf i ggtr outergtospf gtar eagt interface toPE1
XXXgtconf i ggtr out ergtospf gtareagti f $ interface-type point-to-point crarr
Continue until all the interfaces on the PE and P routers within the ISP are enteredinto the OSPF process in area 0
XXXgtshow r out er r out e- t abl e crarr
a How many routes in the table ________ b
_________________________________________________________________ _________________________________________________________________
_________________________________________________________________ _________________________________________________________________
What is the preference and metric value of each OSPF Route
4 Use the show command to look at the OSPF neighbors of the P routers
XXXgtshow r out er ospf nei ghbor crarr
a How many neighbors do you see on the P devices _____ PE _____ CE _____
b What is the state of their adjacency ____ Why
____________________________________________________________________
____________________________________________________________________
Use the following command to show the ospf link state database This database is alisting of all LSAs that have been received by the router It is these LSAs that the SPFalgorithm uses to create the forwarding table
XXX show router ospf database detail crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2852
28
a What types of LSAs are in the database _______________________________________________________________
_______________________________________________________________ b Is the database consistent on all the ISP routers _______
5 Once everyone has completed the OSPF configuration login to the P router and ping
the other PE router system interfaces
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________Which devices were not reachable ______________________________
Explain _____________________________________________________________________ ___________________________________________________________________
6 To reach the CE networks from any of the PE and P routers the CE networks need to
be distributed into OSPF running on PE and P routers The static routes to the CEnetworks are defined on the PE routers and need to be distributed on the PE routers
To do this
a
the PE router must be configured as an ASBR (Autonomous System Border
Router) The ASBR configuration under OSPF enables a router running the OSPFrouting protocol to distribute networks external to the OSPF domain into OSPFIn this case the static routes to the CE networks are not part of the ISP OSPF
domainOn the PE routerXXXgtconf i ggtr out er gtospf gtar ea 0 asbrcrarr
b A routing policy on the PE distributes the static routes into OSPF
On the PE routerXXX configure router policy-options crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons begin crarr XXXgtconf i ggtr out ergtpol i cy- opt i ons policy-statement Export_Routes crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement $ entry 10 crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y$
from protocol static crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y
action accept crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r ygtact i on
back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons commit crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons exit all crarr XXXgtconf i ggtr outergtospf export Export_Routes
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2952
29
7 From the PE and the P routers ping all the CE networks (ie ping the CE hostloopback address) within the ISP
Which devices were reachable _______________________________
Which devices were not reachable ______________________________Explain
_____________________________________________________________________
___________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3052
Lab 5 BGP Routing
Section 51 ndash BGP Routing
Objective
In this exercise the student will configure their ISP as a BGP Autonomous System The
student will then configure the BGP routing protocol to connect the Autonomous Systemstogether and exchange routing information
CE4R12
Figure 5 BGP between ISPs and within ISPs
30
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
OSPF
OSPF
BGP
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3152
31
1 Assign your AS number to your P and PE routers (R1-R8)
XXXgtconf i ggtr out er autonomous-system 6500n (n = ISP) crarr
2 P1 and P3 P2 and P4 will be configured as external BGP peers (eBGP) Note thateBGP peers typically use the next-hop interface IP address as the neighbor address
Since the ISPs will now be peering (share an IP network) between them assign the
link between P1 and P3 host addresses from 145001031 and the link between P2and P4 will be assigned hosts from the 145002031 network
XXXgtconf i ggtr out er bgp gr oup eBGP crarr
XXXgtconf i ggtr out er gtbgpgtgroup$ nei ghbor xxxxxxxx crarr
XXXgtconf i ggtr outergtbgpgtgroupgtnei ghbor$ peer - as ltremote ASgt crarr
3 P1 and P2 P3 and P4 will be configured as internal BGP peers (iBGP) Note that
iBGP peers typically use the system interface IP address as the neighbor address
XXXgtconf i ggtr out er bgp group i BGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ nei ghbor xx xx xx xx crarr
XXXgtconf i ggtr outergtbgpgtgroupgtnei ghbor$ peer - as ltl ocal ASgt crarr
4
At this point each P router should have one internal and one external BGP session
xxx show r out er bgp summar y crarr
5
We can see the advertised routes for reach neighbor using the following command
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
a How many routes are advertised to each neighbor _____ b Explain
____________________________________________________________ __________________________________________________________
6
BGP like other distance vector protocols requires an export policy to advertise-routes to other BGP peers The most accepted way to originate a route from an ISP isto create a black-hole static route for all aggregates to be advertised This will ensure
these routes always exit to eliminate IGP related route flapping Create the black-holestatic route for the aggregate of your local ISP A black hole indicates that traffic fora particular route will be discarded unless a more specific route exists in the routing
table A black hole static-route only makes sense from an aggregation view point Foreg if there are the following routes in the routing table
XXX configure router static-route xxxxxxxxyy black-hole
preference 250
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3252
32
8 Execute the following set of commands on the core routers (R1-R4) This will exportall static routes to the eBGP peers
XXX configure router policy-options crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons begin crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons policy-statement Export_Routes crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement $ entry 10 crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y$
from protocol static crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y
action accept crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r ygtact i on
back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons commit crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons exit all crarr
XXXconf i gur e router bgp group eBGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ expor t Expor t _Routes crarr
NOTE Wait for all nodes to be fully configured before proceeding
7
Notice that there are routes being advertised now that the policy is applied
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
How many routes are in the routing table of R1-R4 ________________Explain
_____________________________________________________________________ ___________________________________________________________________
9 Log on to the PE routers and ping the other P router system interfaces of the other ISP
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________Which devices were not reachable ______________________________
Explain _____________________________________________________________________
___________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3352
Lab 6 Services
Section 61 Services Framework
Objective
In order to complete the next group of labs we need to create a topology to support the
services we will deploy The two service providers from the previous sections havemerged into one and are offering a VPLS service across their network As long as routesexist to the system addresses of all the PE devices in the provider network a VPLSservice can be created The new service provider is running OSPF as the IGP for their
core network
33
Figure 6 Service Provider core network
CE4R12
P1R1 P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
OSPF
CE3R11
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3452
34
Running an IPMPLS-based service requires a Label Distribution Protocol (wersquoll useLDP for ease of deployment) and a full mesh of Service Distribution Paths (SDPs)
Follow the steps below
Reference Terminology
R1-R4 = Provider Routers = P1-P4
R5-R8 = Provider Edge Routers = PE1-PE4R9-R12 = Customer Edge Routers = CE1-CE4
Part 1 Provider Router Configuration (P1-P4)
1) In the previous lab routing between ISPs is provided by BGP Since the ISPs have
merged they will be merged into one routing domain running OSPF as their IGP
The interfaces between R1 and R3 and between R2 and R4 must be added to OSPF to
make this a single routing domain
2) The MPLS signaling protocol that will be used in the following section is LDP LDP
must be enabled on ALL interfaces that will be required to perform MPLS Label
exchange
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr
XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toP_ is the router interface to all neighboring routers
Part 2 Provider Edge Router Configuration (PE1-PE4)
1) LDP must be enabled on ALL router interfaces in the provider core to allow labels to
be exchanged across the Provider and Provider Edge routers
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toR_ is the router interface to the P and PE routers only
LDP is an MPLS signaling protocol therefore once all routers in the network have been
correctly configured for LDP LSPs will be created dynamically based on the systemaddresses of each node in the network
3) Configure a full mesh of SDPs (Service Distribution Paths) between the PE routers
only This will allow the distribution of services across all PE routers in the networks
When yoursquove completed this section each PE node will have a total of 3 SDPs to
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3552
35
each of the other 3 PEs The SDP is identified by an integer and we will use the router
number (5 6 7 or 8) of the far end PE to identify the SDP So PE1 (R5) will have 3
SDPs numbered 6 7 and 8 to each of the other three PEs
XXXgtconf i gure servi ce sdp x mpl s cr eat e crarr
XXXgtconf i ggtser vi cegtsdp$ f ar - end xxxxxxxxxxxx crarr
XXXgtconf i ggtser vi cegtsdp$ l dp crarr
XXXgtconf i ggtser vi cegtsdp$ no shut down crarr
Where x is the router number of the destination node
Where xxxxxxxxxxxx is the system IP address of the far-end device
Part 3 Customer Edge Router Configuration (CE1-CE4)
In the following service labs the Customer Edge devices will be configured as traditional
routers Each CE router has an interface in the same IP subnet The VPLS service will join these four routers in the same way an Ethernet switch would join them Thefollowing configuration is required on each CE device
1) Create the router interface on the interface connecting the CE to the service enabled
PE devices
XXXgtconf i gure r out er i nt er f ace ser vi cesCE_ crarr
XXXgtconf i ggtr out ergti f $ addr ess 192 168 1 x 24 crarr
XXXgtconf i ggtr out ergti f $ por t X Y Z crarr XXXgtconf i ggtr outergti f $ no shutdown
Where x is the local router number
Where XYZ is the physical network port connecting the CE to the neighboring
PE
2) Create OSPF area 0 and add the Router Interface created in step 1 and the system
interface to it
XXXgtconf i gur e rout er ospf area 0 crarr
XXXgtconf i ggtr out ergtospf gtarea$ i nter f ace syst emcrarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
XXXgtconf i ggtr out ergtospf gtarea i nter f ace servi ceCE1 crarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
Part 4 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3652
36
1) LDP is the protocol used for signaling which tunnel labels will be PUSHed
SWAPped POPped while data traverses the LSP To view which labels will be used
and their function use the following command
XXX show r out er l dp bi ndi ngs act i ve crarr
a How many PUSH actions on the P PE and CE devices
_______________________ Explain _______________________________________________________________
_______________________________________________________________
__________
b How many SWAP actions on the P PE and CE devices
_______________________ Explain
_______________________________________________________________
_______________________________________________________________
__________
c How many POP actions on the P PE and CE devices
_________________________ Explain
_______________________________________________________________ _______________________________________________________________
__________
2) CE Connectivity
a How many OSPF adjacencies are there on your CE device _____
b Ping the other CE devices in the network (ping 1921681x)
Explain the results ________________________________________________________________________ ________________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3752
Section 62 VPLS Example
Objective
A VPLS is a layer 2 service that can connect multiple sites in one LAN Itrsquos like creatinga virtual Switch out of a network of Service Routers In this lab we will create a VPLSacross all the PE nodes The PE devices will connect to each other with a full mesh using
mesh-sdp Note that after the service reference topology has been configured adding
services from edge to edge does not require any further modification of the P devices
37
Figure 6 VPLS service in each ISP between PE and P routers with SAP connections to CE routers
Part 1 Provider Edge Router Configuration (R5-R8)
1) Create the VPLS service
CE4R12
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
CE3R11
VPLS 1
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3852
38
XXXgtconf i gur e servi ce vpl s 1 cust omer 1 cr eat e crarr
XXXgtconf i ggtser vi cegtvpl s$ no shut down crarr
2) SDPs are used to distribute services across multiple service routers and therefore
bind a transport tunnel to the service You will need to create a mesh-sdp between
each PE router (R5-R8) to allow full communication across the PE routers Each PE
router should have 3 mesh-SDPs at the conclusion of this step Note that a mesh-sdp
will not forward a frame out another mesh-sdp allowing for a loop free service
topology within the core
XXXgtconf i gur e ser vi ce vpl s 1 mesh- sdp x create crarr
XXXgtconf i ggtser vi cegtvpl sgtmesh- sdp$ back crarr
Where x is the sdp to the other PE routers (R5=5 R6=6 R7=7 R8=8)
3) Service Access Points are used to attach CE devices to services on PE devices
XXXgtconf i gur e servi ce vpl s 1 sap X Y Z cr eat e crarr
Where XYZ is the physical port connecting the CE device to the PE
a Were you successful at adding the SAP _______
b Explain
_______________________________________________________________
_______________________________________________________________
c Correct the problem
XXXgtconf i gur e port X Y Z shut down crarr
XXXgtconf i gur e por t X Y Z et her net mode access crarr
XXXgtconf i gur e por t X Y X no shut down crarr
Part2 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
a View the in-use Service LDP bindings on the P and PE routers (U after label
indicates in-use)
XXX show r out er l dp bi ndi ngs f ec- t ype ser vi ces crarr
a How many Ingress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3952
39
b How many Egress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
b Network Connectivity
a How many OSPF adjacencies are there on your CE device _____
b
Are you able to ping the other CE devices in the lab _____c Are you able to ping the system IP address of the P device from the CE
device ____
d Explain the results
_______________________________________________________________
_______________________________________________________________
c Services Use the following command to determine the health of your services
XXXgt show ser vi ce servi ce- usi ng crarr
a How many services are there on each device in your POD ______
b
What is their status ______c Use the following command to find out more information about your service
XXXgt show ser vi ce i d 1 base crarr
d On each PE device we can see the MAC database per service using the
following command
XXXgt show ser vi ce i d 1 f db det ai l crarr
i How many local MAC addresses are in your table ____
ii How many remote MAC addresses are in your table ____
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
XXXgtconf i gur e servi ce sdp x shutdown crarr
Where x is the SDP to the remote PE device (R5=5 R6=6 R7=7 R8=8)
i How many OSPF adjacencies are there on your CE device _____
ii Ping the system IP addresses of all other CE devices in the lab
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4052
40
iii Explain the results
_________________________________________________________
_________________________________________________________
f On the P routers observe the impact of step d
XXXgtshow r out er l dp bi ndi ngs act i ve crarr
i
How many labels are there _____________
ii Is there any difference compared to what was seen in previously in
step a ________________
Explain __________________________________________________________________
__________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4152
41
Solutions
Exercise 13 Hardware
Sample Relevant Config--------------------------------------------------
echo Card Configuration--------------------------------------------------
card 1card-type iom-20g
mda 1
mda-type m60-10100eth-tx
ingress
mcast-path-managementshutdown
exit
exit
exit
exit
--------------------------------------------------
Exercise 14 Logs
Sample Relevant Config--------------------------------------------------echo Log Configuration
--------------------------------------------------
log
log-id 21
description Main stream log
from main
to memoryexit
log-id 22
description Security Log File
from security
to memoryexitlog-id 23
description Debug-trace
from debug-trace
to memoryexit
log-id 24
description Change Log
from change
to memoryexit
exit
Exercise 21
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4252
42
Divide up the ISP address space into equal space 512 host addresses
13812016022
13812020022
13812024022
13812028022 - divide into 13812028023 and 13812030023
Take the last 13812030023 and divide that into
13812030027 A1 30 hosts
138120303227 A2 62 hosts
138120306427
138120309627 B1 92 hosts
1381203012826
1381203019226 B2 316 hosts
13812031024
Exercise 22
Divide 140100024 into 827 address spaces
140100027 Reserved Reserved
1401003227 Unused
1401006427 Unused
1401009627 Split 1401009630
14010010030
14010010430
14010010830
14010011230
14010011630
14010012030
14010012430
All interface addresses
14010012827 Aggregate 14010012826 Assigned to Customer
space
14010016027
14010019227 Aggregate 14010019226 Assigned to customer
space
14010022427
Exercise 23
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4352
43
5 Is there a difference between the outputs of the lsquoshow router interfacersquo command
and the lsquoshow router route-tablersquo command What is the difference
Yes there is a difference The route table shows me the networks that are connected to myrouter and the logical interface it is connected to The router interface command shows
me the host address assigned to the port from the network that is used on my router along
with the physical port it is bound to
Relevant Configuration from P1
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
router
interface system
address 140100132
exit
interface t-R2exit
interface to-R2
address 140100530
port 112exit
interface to-R3
address 14010010930
port 113
exitinterface to-R5
address 14010011830
port 111
exit
exit
Exercise 244 How many ARP entries are on each router at this point
There are no ARP entries in my ARP table at this point The routers do not know how to
reach the system addresses of other routers so no ARP responses are received
5 How many ARP entries are on each router at this point
I see entries for each of my directly connected peers The MAC address belongs to the
remote routerrsquos interface ARP entries are populated because all routers know of theirdirectly connected networks and will respond to ARP requests accordingly
Exercise 31
5 View the contents of the routing table and answer the following questions
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4452
44
a How many routes in the table
There are routes for all my connected networks and an additional STATIC routefor each entry I put in
b What is the preference and metric value of each type of routing entry
The LOCAL entries have a Metric and Preference of 0The Static Routes have a Metric of 1 and a Preference of 5
Exercise 323 How many routes are there in the PPE routerrsquos routing table
Even though I entered 4 static routes total on the router only 2 are active in myrouting table The router preferred the static-route with the lowest metric
4 Which devices were reachable
I was able to ping the CE routers
Which devices were not reachable
I was unable to ping the System addresses of routers 2 hops away as they do not have
routes to the remote CE system address in their table The directly attached PE routerhas a staticroute to the local CE system address from a previous step
What is the PATH to the other CE within your local ISP
CE PE PE CE
5
Shut down the link directly between the PE devices
Which Devices are still reachable
I am still able to PING the other CE in my ISP by using the alternate (floating) static-route that replaced the last route Once a interface goes operationally down routers
flush routes from their routing table that use it as their next-hop
Exercise 33
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4552
45
YES While the filter is created it is not applied to any interface yet
11 From the PE ping the attached CErsquos configured host loopback address
SuccessfulYES
12 From the CE ping the attached PErsquos system IP addresses
Successful NO The filter is blocking icmp echo-requests in only one direction therefore ping
works one way but not the other
17 From the PE ping the attached CErsquos loopback host IP address
Successful
YES ICMP echo-requests are not blocked to the Loopback segment ONLY thesystem IP
18 From the CE ping the attached PErsquos system IP address
Successful
NO The filter is now blocking ICMP echo-requests to both CE and PE systemaddresses
Sample PE Relevant Config
--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forwarddescription Block ICMP to System Address
entry 10 create
match protocol icmpdst-ip 1511003032
icmp-type echo-request
exit
action drop
exit
exitexit
--------------------------------------------------
echo Router (Network Side) Configuration
--------------------------------------------------
interface to-R12
address 15110012630 port 112
ingress filter ip 77
exit
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4652
46
Sample CE Relevant Config--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forward
description Block ICMP to System Addy
entry 10 creatematch protocol icmp
dst-ip 1511003132
icmp-type echo-request
exit
action dropexit
exit
exit
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
interface to-R8
address 15110012530
port 112ingress filter ip 77
exit
Exercise 413
c How many routes in the table
There are 5 OSPF routes in my routing table 3 System Addresses and 2 Intefacenetworks that are not directly connected to my local system
d What is the preference and metric value of each OSPF Route
The OSPF routes vary in metric depending how ldquofarrdquo away they are (OSPF usescumulative cost based on bandwidth) but all have a preference of 10
4c How many neighbors do you see on the P devices 2
PE 2
CE 0
d What is the state of their adjacency
The P and PE adjacencies are Established because there is a OSPF speaker on the
other end with the proper parameters configured
There is no OSPF adjacency to the CE router listed as none was configured
e What type of LSAs are in the database
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4752
47
Only Type 1 Router LSA are present due to the interface being configured as point-
to-point
5 Which devices were reachable
All the devices in the local ISP were now reachable
Which devices were not reachable
The devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs Also none of the CE Host Networks were reachable as therouters did not have routes for these networks in their local routing table
6 Which devices were reachable
All networks and devices in the local ISP are now reachable
Which devices were not reachable
Devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs
Sample Relevant Config
--------------------------------------------------
echo OSPFv2 Configuration
--------------------------------------------------
ospf
area 0000interface system
interface-type point-to-point
exit
interface to-R4interface-type point-to-point
exitinterface toLAN
interface-type point-to-point
exitexit
exit
exit
Exercise 515 How many routes are advertised to each neighbor
There are no routes advertised to the neighbors because BGP does not originateroutes until an export policy is created and applied to the BGP instance
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4852
48
8 How many routes are in the routing table of R1-R4
There is 1 BGP route in each of R1-R4s routing tables matching the best path tothe aggregate advertised by the remote ISPs
9 Which devices were reachable
From the PE routers only the P routers in the local ISP were reachable
Which devices were not reachable
All routers in the remote ISP were still unreachable This is due to the local PE router
not participating in the BGP routing protocol and therefore it is not aware of theaggregate route advertised from P to P router
Sample Relevant Router Config
--------------------------------------------------
echo Static Route Configuration
--------------------------------------------------
static-route 140100024 black-hole--------------------------------------------------
echo Policy Configuration
-------------------------------------------------- policy-options
begin
policy-statement Export_Routes
entry 10
from protocol static
exit
action accept
exit
exit
exit
commitexit
--------------------------------------------------
echo BGP Configuration
--------------------------------------------------
bgpgroup eBGP
export Export_Routes
exit
group ebgpneighbor 1601006
peer-as 65002
exit
exitgroup ibgp
neighbor 1401002
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4952
49
peer-as 65001
exit
exit
exit
exit
Exercise 61Part 4 Verification
1 a How many PUSH actions on the P PE and CE devices
There are 7 PUSH operations on each P and PE device There are no PUSHoperations on the CE as it is not running LDP
b How many SWAP actions on the P PE and CE devices
There are 7 SWAP operations on each P and PE device There are no SWAP
operations on the CE as it is not running LDP
c How many POP actions on the P PE and CE devices
There is 1 POP operation on each P and PE device There are no POP operationson the CE device as it is not running LDP
2
a How many OSPF adjacencies are there on your CE device
None
b Ping the other CE devices in the network (ping 1921681x)
Nothing is reachable because there is no layer 2 connectivity from CE to CE
device without creating a service
Exercise 62 3 Were you successful at adding the SAP
No The port must be in access mode before you can create a SAP on it
Part 2 Verification
1
g How many Ingress labels
There are now 3 Ingress labels on the PE devices The P and CE device has no
service labels
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5052
50
h How many SWAP actions
There are now 3 Egress labels on the PE devices The P and CE device has noservice labels
2
a
How many OSPF adjacencies are there on your CE device3
b Are you able to ping the other CE devices in the lab
YES
c Are you able to ping the system IP address of the P device from the CE
device
NO The O and PE devices are private from the service to which the CEdevices are connected on
3
a How many services are there on each device in your POD
1 per PE only
b What is their status
Operationally UP
d On each PE device we can see the MAC database per service using the
following command
iii How many local MAC addresses are in your table
1
iv How many remote MAC addresses are in your table
3
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
i How many OSPF adjacencies are there on your CE device
1
ii Ping the system IP addresses of all other CE devices in the lab
Only the CE device connected to the diagonally connected PE isreachable because it is the only one with an active SDP in both
directionsf
i How many labels are there
Same as before
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5152
51
ii Is there any difference compared to what was seen in previously
in step a
NO The LSPs created with LDP are still active only the SDP usedto bind the LSPs to the service are shut down therefore no labelswill be withdrawn
Sample PE Relevant Configuration
--------------------------------------------------echo LDP Configuration
--------------------------------------------------
ldpinterface-parameters
interface to-R1
exit
interface to-R6
exit
interface to-R5exit
exit
targeted-session
exit
exitexit
--------------------------------------------------
echo Service Configuration
--------------------------------------------------
service
customer 1 createdescription Default customer
exit
sdp 6 mpls createfar-end 1401006
ldp
keep-alive
shutdown
exit
no shutdown
exitsdp 7 mpls create
far-end 1511001
ldp
keep-alive
shutdownexit
no shutdown
exit
sdp 8 mpls create
far-end 15110030
ldpkeep-alive
shutdown
exit
no shutdown
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5252
52
exit
vpls 612 customer 1 create
stp
shutdown
exitsap 112 create
exit
mesh-sdp 6612 create
mesh-sdp 7612 create
mesh-sdp 8612 createexitno shutdown
exit
exit A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1452
14
CE 1 and CE2 are customer edge routers that represent customers of ISP 1 CE3 and CE4are routers that represent customers of ISP2 These routers provide traffic from the ISP to
the various customer entities
Each ISP is assigned the following public address space by IANA
ISP 1 140100024
ISP 2 150100024
Your task is to design an IP sub-network based on the address space provided and assignthe sub networks to the various routers based on the following requirements which are the
same for both ISPs Note All students assigned to each of the ISP must collaboratetogether
Requirements
1 The first 32 addresses in the assigned IP space for both ISPs are reserved for system
and other internal loopback addresses on the P PE Each of the routers in the ISP andwill require a system address from this block
2
The next 64 addresses in the assigned IP space for both ISPs are reserved for futureuse
3 All customer routers on both ISPs are connected to at most 60 hosts So each ISP
needs to assign two 60 host addressing schemes to represent all the customers4 All inter router links including CE-PE router links within each ISP are point to point
links however for the sake of convenience they should be assigned lsquo30rsquo based
addresses
5 ISP 1 and ISP2 provider routers are physically connected to each other but are not peering to each other
Enter the addresses in the table below
ISP Number 1 Router Port Interface name IP Address
PE1 System
toP1
toPE2
toCE1
P1 System
toP3 Not used
toP2
toPE1
PE2 System
toP2
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1552
15
toPE1
toP1
P2 System
toPE2
toP4 Not used
toP1
CE1 System Not used
toPE1
Aggregate
CE2 System Not used
toPE2
Aggregate
ISP Number 2 Router Port Interface name IP Address
PE3 System
toP3
toPE4
toCE3
P3 SystemtoP1 Not used
toP4
toPE3
PE4 System
toP4
toPE3
toCE4
P4 System
toPE4
toP3
toP2 Not used
CE3 System Not usedtoPE3
Aggregate
CE4 System Not used
toPE4
Aggregate
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1652
16
Section 23 ndash Layer 3 Interfaces
Objective
In this exercise the student will configure the layer 3 interfaces as per the IP addressing
scheme listed in the tables in the previous exercise
1 Using the following command take a look at any existing interfaces on the router
Notice that the system interface is already created This interface exists by defaultand cannot be removed The only requirement is to assign the system interface with
an IP address The system interface will be automatically used by the various routing protocols as the router-id
XXXgtshow router interface crarr
2 Assign the IP address to the system interface as per the above table on the PE and Prouters
XXXgtconf i ggtrouter crarr XXXgtconf i ggtr outer interface system crarr
XXXgtconf i ggtr out ergti f address xxxxxxxxxxxx 32 crarr
XXXgtconf i ggtr out ergti f exit crarr
3 Assign the IP addresses to the rest of the interfaces on the CE PE and P routers Thedifference between these interfaces and the system interface is the fact that the non-
system interfaces require the addition of a physical port
a The system interface being a loopback or virtual interface does not have a
physical port assigned to it b Other non-system interfaces can also be created as loopback interfaces (as
shown below) and also not required the addition of a physical port However
they need to be explicitly configured as a loopback interfaces by specifyingthe command ldquoloopbackrdquo
c The customer networks on the CE router can be specified as a loopback
interface for the purpose of aggregation however on the loopback interface asingle host address in the customer network needs to be defined
Interface Type Name Loopback Subnet Mask Port Config
Normal ldquoAny Stringrdquo No 8-31 Required
System system Implicit 32 None
Loopback ldquoAny Stringrdquo Explicit 8-31 loopback
XXXgtconf i ggtr outer interface Hosts crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1752
17
XXXgtconf i ggtr out ergti f $ address xxxxxxxxxxxxyy crarr XXXgtconf i ggtr out ergti f $ loopback
XXXgtconf i ggtr out ergti f $ exitcrarr
4 Continue until all the interfaces have been assigned an IP address and the interface
has been associated to the correct port Once completed use the show command tosee the status of the router interfaces that have just been created The administrative
and operational status should both be up If an interface shows operationally downthis could be indicative of a physical problem Use the info command to view theconfiguration of the router interfaces to ensure that they have all (with the exception
of the System interface) been associated with a port
XXXgtshow router interface crarr
XXXgtconf i ggtroutercrarr
XXXgtconf i ggtr outer info crarr
5 Using the show command check the route tables of all the CE PE and P routers inyour ISP Notice the routes that now appear in the route table and take note of their
protocol type The PE routers should see 4 routes in the route table while the Prouters should see 4 routes in the route table
XXXgtshow router route-table crarr
Is there a difference between the outputs of the lsquoshow router interfacersquo command andthe lsquoshow router route-tablersquo command What is the difference
__________
6 Using the ping command check connectivity from a router to the distant end of each
of its interfaces to the neighboring routers For example on the PE routers check theconnectivity to the distant end of the interface connecting it to the P router and on theCE router check the connectivity to the PE router
XXXgt ping xxxxxxxxxxxx crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1852
18
Section 24 ndash Testing for ICMP and ARP
Internet control messaging protocol is an IP protocol used to report on errors deliveringan IP datagram When a destination address is unreachable the router that cannot find the
destination sends an ICMP destination unreachable to the source of the IP datagram ARPis a mechanism used to find out the MAC address corresponding to a specific IP address
if one does not exist in the sourcersquos ARP cache
1 To verify ICMP messages are being generated turn on debug for ICMP packets on allcore routers To turn debug icmp on
XXXgt debug router ip icmp
2 From the edge devices attempt to ping the IP address of the far-end interface to your
core router using your edgersquos system interface address as the source address Observethe debug ICMP messages on the core routers
3 To verify ARP operation by the router turn on debug IP ARP on the routers in any
ISP (P1-P2 P3-P4 PE1 and PE2 PE3 and PE4) routers Execute the followingcommand on each of the routers
XXXgt debug router ip no icmp
XXXgt debug router ip arp
XXXgt clear router arp all
XXXgt show router arp (This should be empty now)
4 NOTE Wait until all students are at this point before proceeding
From any PE router attempt to ping the system interface IP address of all the other
directly connected routers Observe the debug ARP message Verify the ARP entryfor the neighboring interface has been added
XXXgt show router arp
How many ARP entries are on each router at this point __________
5 From any P router attempt to ping the network interface IP address of all the otherconnected routers Observe the debug ARP message Verify the ARP entry for theneighboring interface has been added
XXXgt show router arp
How many ARP entries are on each router at this point __________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1952
19
Explain ________________________________________________________________________
________________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2052
Lab 3 Dynamic IP Routing
Section 31 ndash Static Routes
Objective
In this exercise the student will configure a static route from the PE to the P router andfrom the P router to the PE router that will allow both routers to ping the system interface
of each other At this point the operator can only ping the interfaces that are directlyconnected to the router This is because those are the only networks that are known bythe router Should the operator at the PE router attempt to ping the system interface of
the P router it will fail as the PE router has no route to the destination (it is not shown inthe route-table)
1 The first step is to define the network that the operator wishes to reach In this case itwill be the address of the system interface of the distant router Once that is defined
then the router must be informed of which interface to send the information out of toreach the distant network Note when defining the ldquonext-hoprdquo interface informationthe IP address used is the distant IP address of the interface not the local IP address of
the router interface Log in to the PE router and configure a static route using thefollowing command structure The first IP address defined is the destination network
plus mask In this case it is the system interface of the P router The second IPaddress defined is the IP address of the P end of the interface that connects the P tothe PE
XXXgtconfigure router static-route xxxxxxxxyy next-hopxxxxxxxx
2 The next step is to log on to the P routers and configure a static route to the systeminterface of the PE router The command structure is the same as above The onlything that will change is the IP addresses
3
Once completed verify connectivity between the P and PE routers in your pod by pinging the system interface of the other router
XXXgt ping xxxxxxxxxxxx crarr
4 View the contents of the routing table and answer the following questions
XXXgtshow r out er r out e- t abl e crarr
a How many routes in the table ________
b What is the preference and metric value of each type of routing entry
________________________________________________________________________
________________________________________________________________________
___________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2152
Section 32 ndash Default Routes and Router Logicction 32 ndash Default Routes and Router Logic
ObjectiveObjective
In this exercise the student will configure a default route on the Customer Edge CE
router The purpose of this default route is to allow IP connectivity from the CE router tothe rest of the routers in the network This is possible due to the fact that the CE router
has only one interface towards the ISP core Therefore if the destination is not local itmust be out that interface
In this exercise the student will configure a default route on the Customer Edge CE
router The purpose of this default route is to allow IP connectivity from the CE router tothe rest of the routers in the network This is possible due to the fact that the CE router
has only one interface towards the ISP core Therefore if the destination is not local itmust be out that interface
Figure 3 Static routes CE to PE and P PE to CEFigure 3 Static routes CE to PE and P PE to CE
21
CE4R12CE4R12
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
Static Route T e 2
Static Route T e 3
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2252
22
For this exercise the CE devices will configure default routes towards theirconnected PE router Each P and PE router will configure static routes for the CE
networks (the aggregate networks that were created as part of the subnetwork exercisein Section 22) connected to their local ISP For example P1 and PE1 will eachconfigure a static route to CE1 networks and another static route to the CE2 networks
Note that each P and PE router will configure 2 static routes for each CE
1 To configure a default route is to configure a static route The only difference is thedestination network and mask information In a default route the wild card network
and mask is used to match all network prefix values that do not match anything elsein the route-table Use the following configuration on the edge router of your pod
For the next hop use the interface as defined on the previous page
XXXgtconfigure router static-route 00000 next-hop xxxxxxxx crarr
2 Log on to the core (P and PE) routers and configure static routes for each CE
customer network address of the CE routers in your local ISP For each networkthere are 2 paths through your ISP For this exercise you will enter both static routes
into each PPE router The difference will be the metric value that is used The valueof the metric is the total number of routers (including the local router) traversed toreach the destination device
XXXgtconfigure router static-route xxxxxxxxyy next-hop
xxxxxxxx met r i c zcrarr
3 Use the show command to verify the existence of the default and static routes
XXXgtshow router route-table crarr
How many routes are there in the PPE routerrsquos routing table _______
Explain
_____________________________________________________________________ _____________________________________________________________________
4 Once everyone has completed the default route configuration log on to the CE router
and ping and traceroute the various system interfaces of the various routers within thenetwork Log into the P and PE router and try to ping the configured host address on both the CE routers in the ISP
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________
Which devices were not reachable ______________________________
XXXgttraceroute xxxxxxxxxxxx crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2352
23
What path is being taken to the other CE within your local ISP ____________________________________________________________________
5 Shut down the link directly between the PE devices
XXXgtconfigure port XYZ shutdown crarr
Which devices are still reachable _______________________________
Explain _____________________________________________________________________
_____________________________________________________________________A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2452
24
Section 33 ndash IP Filters
Objective
In this exercise the student will configure an IP filter on the routers to block ICMP echo-
request access to an IP address range
To configure an IP filter we must first determine the address and protocol types that we
will be allowing access to and the direction where the filter will be applied In this casewe will be blocking access to any of the CE customer host addresses from the protocol
ICMP (IP Protocol type 1) We will block access in the INGRESS direction on the CEinterface towards the PE
CE Routers Only
6 Create and describe the filter ip instance on the CE device
XXXgt configure filter ip-filter 77 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er $ description ldquoBlock ICMP to Customernetworkrdquo
7 Set the default-action to forward
XXXgtconf i ggtf i l t er gti p- f i l t er $ default-action forward crarr
8 Deny access to all host address range only for ICMP echo-requests Note We will
match in the ingress direction
XXXgtconf i ggtf i l t er gti p- f i l t er $ entry 10 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match dst-ip xxxxxxxxyy crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match protocol 1 icmp-type echo-
request crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ action drop crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ exit all crarr
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful _____Explain _____________________________________________________________________
_____________________________________________________________________
10 Apply the filter on the CE to the router interface connected to the PE device
XXXgt configure router interface toPEx crarr
XXX gtconf i ggtr out ergti f $ ingress filter ip 77 crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2552
25
11 From the PE ping the attached CErsquos configured host loopback address Successful _____
12 From the CE ping the attached PErsquos system IP addresses Successful _____Explain
_____________________________________________________________________
_____________________________________________________________________
PE Routers only Do not start until CE Router section is completed
13 Create and describe the filter ip instance on the PE device
XXXgt configure filter ip-filter 77 create crarr XXXgtconf i ggtf i l t er gti p- f i l t er $ description ldquoBlock ICMP to System
Addressrdquo
14 Set the default-action to forward
XXXgtconf i ggtf i l t er gti p- f i l t er $ default-action forward crarr
15 Deny access to the system IP address only for ICMP echo-requests Note We willmatch in the ingress direction so the packets will destined to the system IP address
XXXgtconf i ggtf i l t er gti p- f i l t er $ entry 10 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match dst-ip xxxxxxxxyy crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match protocol 1 icmp-type echo-
request crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ action drop crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ exit all crarr
16 Apply the filter to the router interface connected to the CE device
XXXgtconfigure router interface toCExcrarr
XXXgtingress filter ip 77 crarr
17 From the PE ping the attached CErsquos loopback host IP address Successful _____
18 From the CE ping the attached PErsquos system IP address Successful _____Explain
_____________________________________________________________________ _____________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2652
Lab 4 Open Shortest Path First (OSPF)
Section 41 ndash Single Area OSPF
Objective
In this exercise the student will configure a single area OSPF network for each ISP Thislab will demonstrate the different databases that are created by the OSPF routing
protocol
CE4R12
26
Figure 4 OSPF in each ISP
NOTE Remove all static routes configured in the P and PE devices in the previous
labs DO NOT remove the static routes to CE networks on the PE
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
OSPF
OSPF
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2752
27
1 The first step is to enable the OSPF routing process on the router
XXX configure router ospf crarr
2 Next define the area that the interfaces will be placed in Remember that the areamust match between routers connected on the same interface for OSPF to establish an
adjacency The objective of this exercise is to configure a single area OSPF network
therefore all students should use the same area number
XXXgtconf i ggtr outergtospf $ area 0 crarr
3 Now enter into this area all the interfaces that you want OSPF to operate on and sendout its advertisements In this case place all the PE and P router interfaces inside thelocal ISP into the OSPF process area 0 Note that ISPs rarely exchange routes witheach other using an IGP protocol of any sort
XXXgtconf i ggtr out er gtospf gtar ea$ interface system crarr
XXXgtconf i ggtr outergtospf gtar eagti f $ exit crarr XXXgtconf i ggtr outergtospf gtar eagt interface toPE1
XXXgtconf i ggtr out ergtospf gtareagti f $ interface-type point-to-point crarr
Continue until all the interfaces on the PE and P routers within the ISP are enteredinto the OSPF process in area 0
XXXgtshow r out er r out e- t abl e crarr
a How many routes in the table ________ b
_________________________________________________________________ _________________________________________________________________
_________________________________________________________________ _________________________________________________________________
What is the preference and metric value of each OSPF Route
4 Use the show command to look at the OSPF neighbors of the P routers
XXXgtshow r out er ospf nei ghbor crarr
a How many neighbors do you see on the P devices _____ PE _____ CE _____
b What is the state of their adjacency ____ Why
____________________________________________________________________
____________________________________________________________________
Use the following command to show the ospf link state database This database is alisting of all LSAs that have been received by the router It is these LSAs that the SPFalgorithm uses to create the forwarding table
XXX show router ospf database detail crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2852
28
a What types of LSAs are in the database _______________________________________________________________
_______________________________________________________________ b Is the database consistent on all the ISP routers _______
5 Once everyone has completed the OSPF configuration login to the P router and ping
the other PE router system interfaces
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________Which devices were not reachable ______________________________
Explain _____________________________________________________________________ ___________________________________________________________________
6 To reach the CE networks from any of the PE and P routers the CE networks need to
be distributed into OSPF running on PE and P routers The static routes to the CEnetworks are defined on the PE routers and need to be distributed on the PE routers
To do this
a
the PE router must be configured as an ASBR (Autonomous System Border
Router) The ASBR configuration under OSPF enables a router running the OSPFrouting protocol to distribute networks external to the OSPF domain into OSPFIn this case the static routes to the CE networks are not part of the ISP OSPF
domainOn the PE routerXXXgtconf i ggtr out er gtospf gtar ea 0 asbrcrarr
b A routing policy on the PE distributes the static routes into OSPF
On the PE routerXXX configure router policy-options crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons begin crarr XXXgtconf i ggtr out ergtpol i cy- opt i ons policy-statement Export_Routes crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement $ entry 10 crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y$
from protocol static crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y
action accept crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r ygtact i on
back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons commit crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons exit all crarr XXXgtconf i ggtr outergtospf export Export_Routes
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2952
29
7 From the PE and the P routers ping all the CE networks (ie ping the CE hostloopback address) within the ISP
Which devices were reachable _______________________________
Which devices were not reachable ______________________________Explain
_____________________________________________________________________
___________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3052
Lab 5 BGP Routing
Section 51 ndash BGP Routing
Objective
In this exercise the student will configure their ISP as a BGP Autonomous System The
student will then configure the BGP routing protocol to connect the Autonomous Systemstogether and exchange routing information
CE4R12
Figure 5 BGP between ISPs and within ISPs
30
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
OSPF
OSPF
BGP
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3152
31
1 Assign your AS number to your P and PE routers (R1-R8)
XXXgtconf i ggtr out er autonomous-system 6500n (n = ISP) crarr
2 P1 and P3 P2 and P4 will be configured as external BGP peers (eBGP) Note thateBGP peers typically use the next-hop interface IP address as the neighbor address
Since the ISPs will now be peering (share an IP network) between them assign the
link between P1 and P3 host addresses from 145001031 and the link between P2and P4 will be assigned hosts from the 145002031 network
XXXgtconf i ggtr out er bgp gr oup eBGP crarr
XXXgtconf i ggtr out er gtbgpgtgroup$ nei ghbor xxxxxxxx crarr
XXXgtconf i ggtr outergtbgpgtgroupgtnei ghbor$ peer - as ltremote ASgt crarr
3 P1 and P2 P3 and P4 will be configured as internal BGP peers (iBGP) Note that
iBGP peers typically use the system interface IP address as the neighbor address
XXXgtconf i ggtr out er bgp group i BGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ nei ghbor xx xx xx xx crarr
XXXgtconf i ggtr outergtbgpgtgroupgtnei ghbor$ peer - as ltl ocal ASgt crarr
4
At this point each P router should have one internal and one external BGP session
xxx show r out er bgp summar y crarr
5
We can see the advertised routes for reach neighbor using the following command
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
a How many routes are advertised to each neighbor _____ b Explain
____________________________________________________________ __________________________________________________________
6
BGP like other distance vector protocols requires an export policy to advertise-routes to other BGP peers The most accepted way to originate a route from an ISP isto create a black-hole static route for all aggregates to be advertised This will ensure
these routes always exit to eliminate IGP related route flapping Create the black-holestatic route for the aggregate of your local ISP A black hole indicates that traffic fora particular route will be discarded unless a more specific route exists in the routing
table A black hole static-route only makes sense from an aggregation view point Foreg if there are the following routes in the routing table
XXX configure router static-route xxxxxxxxyy black-hole
preference 250
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3252
32
8 Execute the following set of commands on the core routers (R1-R4) This will exportall static routes to the eBGP peers
XXX configure router policy-options crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons begin crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons policy-statement Export_Routes crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement $ entry 10 crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y$
from protocol static crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y
action accept crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r ygtact i on
back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons commit crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons exit all crarr
XXXconf i gur e router bgp group eBGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ expor t Expor t _Routes crarr
NOTE Wait for all nodes to be fully configured before proceeding
7
Notice that there are routes being advertised now that the policy is applied
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
How many routes are in the routing table of R1-R4 ________________Explain
_____________________________________________________________________ ___________________________________________________________________
9 Log on to the PE routers and ping the other P router system interfaces of the other ISP
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________Which devices were not reachable ______________________________
Explain _____________________________________________________________________
___________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3352
Lab 6 Services
Section 61 Services Framework
Objective
In order to complete the next group of labs we need to create a topology to support the
services we will deploy The two service providers from the previous sections havemerged into one and are offering a VPLS service across their network As long as routesexist to the system addresses of all the PE devices in the provider network a VPLSservice can be created The new service provider is running OSPF as the IGP for their
core network
33
Figure 6 Service Provider core network
CE4R12
P1R1 P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
OSPF
CE3R11
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3452
34
Running an IPMPLS-based service requires a Label Distribution Protocol (wersquoll useLDP for ease of deployment) and a full mesh of Service Distribution Paths (SDPs)
Follow the steps below
Reference Terminology
R1-R4 = Provider Routers = P1-P4
R5-R8 = Provider Edge Routers = PE1-PE4R9-R12 = Customer Edge Routers = CE1-CE4
Part 1 Provider Router Configuration (P1-P4)
1) In the previous lab routing between ISPs is provided by BGP Since the ISPs have
merged they will be merged into one routing domain running OSPF as their IGP
The interfaces between R1 and R3 and between R2 and R4 must be added to OSPF to
make this a single routing domain
2) The MPLS signaling protocol that will be used in the following section is LDP LDP
must be enabled on ALL interfaces that will be required to perform MPLS Label
exchange
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr
XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toP_ is the router interface to all neighboring routers
Part 2 Provider Edge Router Configuration (PE1-PE4)
1) LDP must be enabled on ALL router interfaces in the provider core to allow labels to
be exchanged across the Provider and Provider Edge routers
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toR_ is the router interface to the P and PE routers only
LDP is an MPLS signaling protocol therefore once all routers in the network have been
correctly configured for LDP LSPs will be created dynamically based on the systemaddresses of each node in the network
3) Configure a full mesh of SDPs (Service Distribution Paths) between the PE routers
only This will allow the distribution of services across all PE routers in the networks
When yoursquove completed this section each PE node will have a total of 3 SDPs to
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3552
35
each of the other 3 PEs The SDP is identified by an integer and we will use the router
number (5 6 7 or 8) of the far end PE to identify the SDP So PE1 (R5) will have 3
SDPs numbered 6 7 and 8 to each of the other three PEs
XXXgtconf i gure servi ce sdp x mpl s cr eat e crarr
XXXgtconf i ggtser vi cegtsdp$ f ar - end xxxxxxxxxxxx crarr
XXXgtconf i ggtser vi cegtsdp$ l dp crarr
XXXgtconf i ggtser vi cegtsdp$ no shut down crarr
Where x is the router number of the destination node
Where xxxxxxxxxxxx is the system IP address of the far-end device
Part 3 Customer Edge Router Configuration (CE1-CE4)
In the following service labs the Customer Edge devices will be configured as traditional
routers Each CE router has an interface in the same IP subnet The VPLS service will join these four routers in the same way an Ethernet switch would join them Thefollowing configuration is required on each CE device
1) Create the router interface on the interface connecting the CE to the service enabled
PE devices
XXXgtconf i gure r out er i nt er f ace ser vi cesCE_ crarr
XXXgtconf i ggtr out ergti f $ addr ess 192 168 1 x 24 crarr
XXXgtconf i ggtr out ergti f $ por t X Y Z crarr XXXgtconf i ggtr outergti f $ no shutdown
Where x is the local router number
Where XYZ is the physical network port connecting the CE to the neighboring
PE
2) Create OSPF area 0 and add the Router Interface created in step 1 and the system
interface to it
XXXgtconf i gur e rout er ospf area 0 crarr
XXXgtconf i ggtr out ergtospf gtarea$ i nter f ace syst emcrarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
XXXgtconf i ggtr out ergtospf gtarea i nter f ace servi ceCE1 crarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
Part 4 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3652
36
1) LDP is the protocol used for signaling which tunnel labels will be PUSHed
SWAPped POPped while data traverses the LSP To view which labels will be used
and their function use the following command
XXX show r out er l dp bi ndi ngs act i ve crarr
a How many PUSH actions on the P PE and CE devices
_______________________ Explain _______________________________________________________________
_______________________________________________________________
__________
b How many SWAP actions on the P PE and CE devices
_______________________ Explain
_______________________________________________________________
_______________________________________________________________
__________
c How many POP actions on the P PE and CE devices
_________________________ Explain
_______________________________________________________________ _______________________________________________________________
__________
2) CE Connectivity
a How many OSPF adjacencies are there on your CE device _____
b Ping the other CE devices in the network (ping 1921681x)
Explain the results ________________________________________________________________________ ________________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3752
Section 62 VPLS Example
Objective
A VPLS is a layer 2 service that can connect multiple sites in one LAN Itrsquos like creatinga virtual Switch out of a network of Service Routers In this lab we will create a VPLSacross all the PE nodes The PE devices will connect to each other with a full mesh using
mesh-sdp Note that after the service reference topology has been configured adding
services from edge to edge does not require any further modification of the P devices
37
Figure 6 VPLS service in each ISP between PE and P routers with SAP connections to CE routers
Part 1 Provider Edge Router Configuration (R5-R8)
1) Create the VPLS service
CE4R12
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
CE3R11
VPLS 1
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3852
38
XXXgtconf i gur e servi ce vpl s 1 cust omer 1 cr eat e crarr
XXXgtconf i ggtser vi cegtvpl s$ no shut down crarr
2) SDPs are used to distribute services across multiple service routers and therefore
bind a transport tunnel to the service You will need to create a mesh-sdp between
each PE router (R5-R8) to allow full communication across the PE routers Each PE
router should have 3 mesh-SDPs at the conclusion of this step Note that a mesh-sdp
will not forward a frame out another mesh-sdp allowing for a loop free service
topology within the core
XXXgtconf i gur e ser vi ce vpl s 1 mesh- sdp x create crarr
XXXgtconf i ggtser vi cegtvpl sgtmesh- sdp$ back crarr
Where x is the sdp to the other PE routers (R5=5 R6=6 R7=7 R8=8)
3) Service Access Points are used to attach CE devices to services on PE devices
XXXgtconf i gur e servi ce vpl s 1 sap X Y Z cr eat e crarr
Where XYZ is the physical port connecting the CE device to the PE
a Were you successful at adding the SAP _______
b Explain
_______________________________________________________________
_______________________________________________________________
c Correct the problem
XXXgtconf i gur e port X Y Z shut down crarr
XXXgtconf i gur e por t X Y Z et her net mode access crarr
XXXgtconf i gur e por t X Y X no shut down crarr
Part2 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
a View the in-use Service LDP bindings on the P and PE routers (U after label
indicates in-use)
XXX show r out er l dp bi ndi ngs f ec- t ype ser vi ces crarr
a How many Ingress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3952
39
b How many Egress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
b Network Connectivity
a How many OSPF adjacencies are there on your CE device _____
b
Are you able to ping the other CE devices in the lab _____c Are you able to ping the system IP address of the P device from the CE
device ____
d Explain the results
_______________________________________________________________
_______________________________________________________________
c Services Use the following command to determine the health of your services
XXXgt show ser vi ce servi ce- usi ng crarr
a How many services are there on each device in your POD ______
b
What is their status ______c Use the following command to find out more information about your service
XXXgt show ser vi ce i d 1 base crarr
d On each PE device we can see the MAC database per service using the
following command
XXXgt show ser vi ce i d 1 f db det ai l crarr
i How many local MAC addresses are in your table ____
ii How many remote MAC addresses are in your table ____
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
XXXgtconf i gur e servi ce sdp x shutdown crarr
Where x is the SDP to the remote PE device (R5=5 R6=6 R7=7 R8=8)
i How many OSPF adjacencies are there on your CE device _____
ii Ping the system IP addresses of all other CE devices in the lab
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4052
40
iii Explain the results
_________________________________________________________
_________________________________________________________
f On the P routers observe the impact of step d
XXXgtshow r out er l dp bi ndi ngs act i ve crarr
i
How many labels are there _____________
ii Is there any difference compared to what was seen in previously in
step a ________________
Explain __________________________________________________________________
__________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4152
41
Solutions
Exercise 13 Hardware
Sample Relevant Config--------------------------------------------------
echo Card Configuration--------------------------------------------------
card 1card-type iom-20g
mda 1
mda-type m60-10100eth-tx
ingress
mcast-path-managementshutdown
exit
exit
exit
exit
--------------------------------------------------
Exercise 14 Logs
Sample Relevant Config--------------------------------------------------echo Log Configuration
--------------------------------------------------
log
log-id 21
description Main stream log
from main
to memoryexit
log-id 22
description Security Log File
from security
to memoryexitlog-id 23
description Debug-trace
from debug-trace
to memoryexit
log-id 24
description Change Log
from change
to memoryexit
exit
Exercise 21
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4252
42
Divide up the ISP address space into equal space 512 host addresses
13812016022
13812020022
13812024022
13812028022 - divide into 13812028023 and 13812030023
Take the last 13812030023 and divide that into
13812030027 A1 30 hosts
138120303227 A2 62 hosts
138120306427
138120309627 B1 92 hosts
1381203012826
1381203019226 B2 316 hosts
13812031024
Exercise 22
Divide 140100024 into 827 address spaces
140100027 Reserved Reserved
1401003227 Unused
1401006427 Unused
1401009627 Split 1401009630
14010010030
14010010430
14010010830
14010011230
14010011630
14010012030
14010012430
All interface addresses
14010012827 Aggregate 14010012826 Assigned to Customer
space
14010016027
14010019227 Aggregate 14010019226 Assigned to customer
space
14010022427
Exercise 23
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4352
43
5 Is there a difference between the outputs of the lsquoshow router interfacersquo command
and the lsquoshow router route-tablersquo command What is the difference
Yes there is a difference The route table shows me the networks that are connected to myrouter and the logical interface it is connected to The router interface command shows
me the host address assigned to the port from the network that is used on my router along
with the physical port it is bound to
Relevant Configuration from P1
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
router
interface system
address 140100132
exit
interface t-R2exit
interface to-R2
address 140100530
port 112exit
interface to-R3
address 14010010930
port 113
exitinterface to-R5
address 14010011830
port 111
exit
exit
Exercise 244 How many ARP entries are on each router at this point
There are no ARP entries in my ARP table at this point The routers do not know how to
reach the system addresses of other routers so no ARP responses are received
5 How many ARP entries are on each router at this point
I see entries for each of my directly connected peers The MAC address belongs to the
remote routerrsquos interface ARP entries are populated because all routers know of theirdirectly connected networks and will respond to ARP requests accordingly
Exercise 31
5 View the contents of the routing table and answer the following questions
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4452
44
a How many routes in the table
There are routes for all my connected networks and an additional STATIC routefor each entry I put in
b What is the preference and metric value of each type of routing entry
The LOCAL entries have a Metric and Preference of 0The Static Routes have a Metric of 1 and a Preference of 5
Exercise 323 How many routes are there in the PPE routerrsquos routing table
Even though I entered 4 static routes total on the router only 2 are active in myrouting table The router preferred the static-route with the lowest metric
4 Which devices were reachable
I was able to ping the CE routers
Which devices were not reachable
I was unable to ping the System addresses of routers 2 hops away as they do not have
routes to the remote CE system address in their table The directly attached PE routerhas a staticroute to the local CE system address from a previous step
What is the PATH to the other CE within your local ISP
CE PE PE CE
5
Shut down the link directly between the PE devices
Which Devices are still reachable
I am still able to PING the other CE in my ISP by using the alternate (floating) static-route that replaced the last route Once a interface goes operationally down routers
flush routes from their routing table that use it as their next-hop
Exercise 33
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4552
45
YES While the filter is created it is not applied to any interface yet
11 From the PE ping the attached CErsquos configured host loopback address
SuccessfulYES
12 From the CE ping the attached PErsquos system IP addresses
Successful NO The filter is blocking icmp echo-requests in only one direction therefore ping
works one way but not the other
17 From the PE ping the attached CErsquos loopback host IP address
Successful
YES ICMP echo-requests are not blocked to the Loopback segment ONLY thesystem IP
18 From the CE ping the attached PErsquos system IP address
Successful
NO The filter is now blocking ICMP echo-requests to both CE and PE systemaddresses
Sample PE Relevant Config
--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forwarddescription Block ICMP to System Address
entry 10 create
match protocol icmpdst-ip 1511003032
icmp-type echo-request
exit
action drop
exit
exitexit
--------------------------------------------------
echo Router (Network Side) Configuration
--------------------------------------------------
interface to-R12
address 15110012630 port 112
ingress filter ip 77
exit
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4652
46
Sample CE Relevant Config--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forward
description Block ICMP to System Addy
entry 10 creatematch protocol icmp
dst-ip 1511003132
icmp-type echo-request
exit
action dropexit
exit
exit
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
interface to-R8
address 15110012530
port 112ingress filter ip 77
exit
Exercise 413
c How many routes in the table
There are 5 OSPF routes in my routing table 3 System Addresses and 2 Intefacenetworks that are not directly connected to my local system
d What is the preference and metric value of each OSPF Route
The OSPF routes vary in metric depending how ldquofarrdquo away they are (OSPF usescumulative cost based on bandwidth) but all have a preference of 10
4c How many neighbors do you see on the P devices 2
PE 2
CE 0
d What is the state of their adjacency
The P and PE adjacencies are Established because there is a OSPF speaker on the
other end with the proper parameters configured
There is no OSPF adjacency to the CE router listed as none was configured
e What type of LSAs are in the database
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4752
47
Only Type 1 Router LSA are present due to the interface being configured as point-
to-point
5 Which devices were reachable
All the devices in the local ISP were now reachable
Which devices were not reachable
The devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs Also none of the CE Host Networks were reachable as therouters did not have routes for these networks in their local routing table
6 Which devices were reachable
All networks and devices in the local ISP are now reachable
Which devices were not reachable
Devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs
Sample Relevant Config
--------------------------------------------------
echo OSPFv2 Configuration
--------------------------------------------------
ospf
area 0000interface system
interface-type point-to-point
exit
interface to-R4interface-type point-to-point
exitinterface toLAN
interface-type point-to-point
exitexit
exit
exit
Exercise 515 How many routes are advertised to each neighbor
There are no routes advertised to the neighbors because BGP does not originateroutes until an export policy is created and applied to the BGP instance
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4852
48
8 How many routes are in the routing table of R1-R4
There is 1 BGP route in each of R1-R4s routing tables matching the best path tothe aggregate advertised by the remote ISPs
9 Which devices were reachable
From the PE routers only the P routers in the local ISP were reachable
Which devices were not reachable
All routers in the remote ISP were still unreachable This is due to the local PE router
not participating in the BGP routing protocol and therefore it is not aware of theaggregate route advertised from P to P router
Sample Relevant Router Config
--------------------------------------------------
echo Static Route Configuration
--------------------------------------------------
static-route 140100024 black-hole--------------------------------------------------
echo Policy Configuration
-------------------------------------------------- policy-options
begin
policy-statement Export_Routes
entry 10
from protocol static
exit
action accept
exit
exit
exit
commitexit
--------------------------------------------------
echo BGP Configuration
--------------------------------------------------
bgpgroup eBGP
export Export_Routes
exit
group ebgpneighbor 1601006
peer-as 65002
exit
exitgroup ibgp
neighbor 1401002
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4952
49
peer-as 65001
exit
exit
exit
exit
Exercise 61Part 4 Verification
1 a How many PUSH actions on the P PE and CE devices
There are 7 PUSH operations on each P and PE device There are no PUSHoperations on the CE as it is not running LDP
b How many SWAP actions on the P PE and CE devices
There are 7 SWAP operations on each P and PE device There are no SWAP
operations on the CE as it is not running LDP
c How many POP actions on the P PE and CE devices
There is 1 POP operation on each P and PE device There are no POP operationson the CE device as it is not running LDP
2
a How many OSPF adjacencies are there on your CE device
None
b Ping the other CE devices in the network (ping 1921681x)
Nothing is reachable because there is no layer 2 connectivity from CE to CE
device without creating a service
Exercise 62 3 Were you successful at adding the SAP
No The port must be in access mode before you can create a SAP on it
Part 2 Verification
1
g How many Ingress labels
There are now 3 Ingress labels on the PE devices The P and CE device has no
service labels
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5052
50
h How many SWAP actions
There are now 3 Egress labels on the PE devices The P and CE device has noservice labels
2
a
How many OSPF adjacencies are there on your CE device3
b Are you able to ping the other CE devices in the lab
YES
c Are you able to ping the system IP address of the P device from the CE
device
NO The O and PE devices are private from the service to which the CEdevices are connected on
3
a How many services are there on each device in your POD
1 per PE only
b What is their status
Operationally UP
d On each PE device we can see the MAC database per service using the
following command
iii How many local MAC addresses are in your table
1
iv How many remote MAC addresses are in your table
3
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
i How many OSPF adjacencies are there on your CE device
1
ii Ping the system IP addresses of all other CE devices in the lab
Only the CE device connected to the diagonally connected PE isreachable because it is the only one with an active SDP in both
directionsf
i How many labels are there
Same as before
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5152
51
ii Is there any difference compared to what was seen in previously
in step a
NO The LSPs created with LDP are still active only the SDP usedto bind the LSPs to the service are shut down therefore no labelswill be withdrawn
Sample PE Relevant Configuration
--------------------------------------------------echo LDP Configuration
--------------------------------------------------
ldpinterface-parameters
interface to-R1
exit
interface to-R6
exit
interface to-R5exit
exit
targeted-session
exit
exitexit
--------------------------------------------------
echo Service Configuration
--------------------------------------------------
service
customer 1 createdescription Default customer
exit
sdp 6 mpls createfar-end 1401006
ldp
keep-alive
shutdown
exit
no shutdown
exitsdp 7 mpls create
far-end 1511001
ldp
keep-alive
shutdownexit
no shutdown
exit
sdp 8 mpls create
far-end 15110030
ldpkeep-alive
shutdown
exit
no shutdown
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5252
52
exit
vpls 612 customer 1 create
stp
shutdown
exitsap 112 create
exit
mesh-sdp 6612 create
mesh-sdp 7612 create
mesh-sdp 8612 createexitno shutdown
exit
exit A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1552
15
toPE1
toP1
P2 System
toPE2
toP4 Not used
toP1
CE1 System Not used
toPE1
Aggregate
CE2 System Not used
toPE2
Aggregate
ISP Number 2 Router Port Interface name IP Address
PE3 System
toP3
toPE4
toCE3
P3 SystemtoP1 Not used
toP4
toPE3
PE4 System
toP4
toPE3
toCE4
P4 System
toPE4
toP3
toP2 Not used
CE3 System Not usedtoPE3
Aggregate
CE4 System Not used
toPE4
Aggregate
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1652
16
Section 23 ndash Layer 3 Interfaces
Objective
In this exercise the student will configure the layer 3 interfaces as per the IP addressing
scheme listed in the tables in the previous exercise
1 Using the following command take a look at any existing interfaces on the router
Notice that the system interface is already created This interface exists by defaultand cannot be removed The only requirement is to assign the system interface with
an IP address The system interface will be automatically used by the various routing protocols as the router-id
XXXgtshow router interface crarr
2 Assign the IP address to the system interface as per the above table on the PE and Prouters
XXXgtconf i ggtrouter crarr XXXgtconf i ggtr outer interface system crarr
XXXgtconf i ggtr out ergti f address xxxxxxxxxxxx 32 crarr
XXXgtconf i ggtr out ergti f exit crarr
3 Assign the IP addresses to the rest of the interfaces on the CE PE and P routers Thedifference between these interfaces and the system interface is the fact that the non-
system interfaces require the addition of a physical port
a The system interface being a loopback or virtual interface does not have a
physical port assigned to it b Other non-system interfaces can also be created as loopback interfaces (as
shown below) and also not required the addition of a physical port However
they need to be explicitly configured as a loopback interfaces by specifyingthe command ldquoloopbackrdquo
c The customer networks on the CE router can be specified as a loopback
interface for the purpose of aggregation however on the loopback interface asingle host address in the customer network needs to be defined
Interface Type Name Loopback Subnet Mask Port Config
Normal ldquoAny Stringrdquo No 8-31 Required
System system Implicit 32 None
Loopback ldquoAny Stringrdquo Explicit 8-31 loopback
XXXgtconf i ggtr outer interface Hosts crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1752
17
XXXgtconf i ggtr out ergti f $ address xxxxxxxxxxxxyy crarr XXXgtconf i ggtr out ergti f $ loopback
XXXgtconf i ggtr out ergti f $ exitcrarr
4 Continue until all the interfaces have been assigned an IP address and the interface
has been associated to the correct port Once completed use the show command tosee the status of the router interfaces that have just been created The administrative
and operational status should both be up If an interface shows operationally downthis could be indicative of a physical problem Use the info command to view theconfiguration of the router interfaces to ensure that they have all (with the exception
of the System interface) been associated with a port
XXXgtshow router interface crarr
XXXgtconf i ggtroutercrarr
XXXgtconf i ggtr outer info crarr
5 Using the show command check the route tables of all the CE PE and P routers inyour ISP Notice the routes that now appear in the route table and take note of their
protocol type The PE routers should see 4 routes in the route table while the Prouters should see 4 routes in the route table
XXXgtshow router route-table crarr
Is there a difference between the outputs of the lsquoshow router interfacersquo command andthe lsquoshow router route-tablersquo command What is the difference
__________
6 Using the ping command check connectivity from a router to the distant end of each
of its interfaces to the neighboring routers For example on the PE routers check theconnectivity to the distant end of the interface connecting it to the P router and on theCE router check the connectivity to the PE router
XXXgt ping xxxxxxxxxxxx crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1852
18
Section 24 ndash Testing for ICMP and ARP
Internet control messaging protocol is an IP protocol used to report on errors deliveringan IP datagram When a destination address is unreachable the router that cannot find the
destination sends an ICMP destination unreachable to the source of the IP datagram ARPis a mechanism used to find out the MAC address corresponding to a specific IP address
if one does not exist in the sourcersquos ARP cache
1 To verify ICMP messages are being generated turn on debug for ICMP packets on allcore routers To turn debug icmp on
XXXgt debug router ip icmp
2 From the edge devices attempt to ping the IP address of the far-end interface to your
core router using your edgersquos system interface address as the source address Observethe debug ICMP messages on the core routers
3 To verify ARP operation by the router turn on debug IP ARP on the routers in any
ISP (P1-P2 P3-P4 PE1 and PE2 PE3 and PE4) routers Execute the followingcommand on each of the routers
XXXgt debug router ip no icmp
XXXgt debug router ip arp
XXXgt clear router arp all
XXXgt show router arp (This should be empty now)
4 NOTE Wait until all students are at this point before proceeding
From any PE router attempt to ping the system interface IP address of all the other
directly connected routers Observe the debug ARP message Verify the ARP entryfor the neighboring interface has been added
XXXgt show router arp
How many ARP entries are on each router at this point __________
5 From any P router attempt to ping the network interface IP address of all the otherconnected routers Observe the debug ARP message Verify the ARP entry for theneighboring interface has been added
XXXgt show router arp
How many ARP entries are on each router at this point __________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1952
19
Explain ________________________________________________________________________
________________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2052
Lab 3 Dynamic IP Routing
Section 31 ndash Static Routes
Objective
In this exercise the student will configure a static route from the PE to the P router andfrom the P router to the PE router that will allow both routers to ping the system interface
of each other At this point the operator can only ping the interfaces that are directlyconnected to the router This is because those are the only networks that are known bythe router Should the operator at the PE router attempt to ping the system interface of
the P router it will fail as the PE router has no route to the destination (it is not shown inthe route-table)
1 The first step is to define the network that the operator wishes to reach In this case itwill be the address of the system interface of the distant router Once that is defined
then the router must be informed of which interface to send the information out of toreach the distant network Note when defining the ldquonext-hoprdquo interface informationthe IP address used is the distant IP address of the interface not the local IP address of
the router interface Log in to the PE router and configure a static route using thefollowing command structure The first IP address defined is the destination network
plus mask In this case it is the system interface of the P router The second IPaddress defined is the IP address of the P end of the interface that connects the P tothe PE
XXXgtconfigure router static-route xxxxxxxxyy next-hopxxxxxxxx
2 The next step is to log on to the P routers and configure a static route to the systeminterface of the PE router The command structure is the same as above The onlything that will change is the IP addresses
3
Once completed verify connectivity between the P and PE routers in your pod by pinging the system interface of the other router
XXXgt ping xxxxxxxxxxxx crarr
4 View the contents of the routing table and answer the following questions
XXXgtshow r out er r out e- t abl e crarr
a How many routes in the table ________
b What is the preference and metric value of each type of routing entry
________________________________________________________________________
________________________________________________________________________
___________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2152
Section 32 ndash Default Routes and Router Logicction 32 ndash Default Routes and Router Logic
ObjectiveObjective
In this exercise the student will configure a default route on the Customer Edge CE
router The purpose of this default route is to allow IP connectivity from the CE router tothe rest of the routers in the network This is possible due to the fact that the CE router
has only one interface towards the ISP core Therefore if the destination is not local itmust be out that interface
In this exercise the student will configure a default route on the Customer Edge CE
router The purpose of this default route is to allow IP connectivity from the CE router tothe rest of the routers in the network This is possible due to the fact that the CE router
has only one interface towards the ISP core Therefore if the destination is not local itmust be out that interface
Figure 3 Static routes CE to PE and P PE to CEFigure 3 Static routes CE to PE and P PE to CE
21
CE4R12CE4R12
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
Static Route T e 2
Static Route T e 3
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2252
22
For this exercise the CE devices will configure default routes towards theirconnected PE router Each P and PE router will configure static routes for the CE
networks (the aggregate networks that were created as part of the subnetwork exercisein Section 22) connected to their local ISP For example P1 and PE1 will eachconfigure a static route to CE1 networks and another static route to the CE2 networks
Note that each P and PE router will configure 2 static routes for each CE
1 To configure a default route is to configure a static route The only difference is thedestination network and mask information In a default route the wild card network
and mask is used to match all network prefix values that do not match anything elsein the route-table Use the following configuration on the edge router of your pod
For the next hop use the interface as defined on the previous page
XXXgtconfigure router static-route 00000 next-hop xxxxxxxx crarr
2 Log on to the core (P and PE) routers and configure static routes for each CE
customer network address of the CE routers in your local ISP For each networkthere are 2 paths through your ISP For this exercise you will enter both static routes
into each PPE router The difference will be the metric value that is used The valueof the metric is the total number of routers (including the local router) traversed toreach the destination device
XXXgtconfigure router static-route xxxxxxxxyy next-hop
xxxxxxxx met r i c zcrarr
3 Use the show command to verify the existence of the default and static routes
XXXgtshow router route-table crarr
How many routes are there in the PPE routerrsquos routing table _______
Explain
_____________________________________________________________________ _____________________________________________________________________
4 Once everyone has completed the default route configuration log on to the CE router
and ping and traceroute the various system interfaces of the various routers within thenetwork Log into the P and PE router and try to ping the configured host address on both the CE routers in the ISP
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________
Which devices were not reachable ______________________________
XXXgttraceroute xxxxxxxxxxxx crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2352
23
What path is being taken to the other CE within your local ISP ____________________________________________________________________
5 Shut down the link directly between the PE devices
XXXgtconfigure port XYZ shutdown crarr
Which devices are still reachable _______________________________
Explain _____________________________________________________________________
_____________________________________________________________________A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2452
24
Section 33 ndash IP Filters
Objective
In this exercise the student will configure an IP filter on the routers to block ICMP echo-
request access to an IP address range
To configure an IP filter we must first determine the address and protocol types that we
will be allowing access to and the direction where the filter will be applied In this casewe will be blocking access to any of the CE customer host addresses from the protocol
ICMP (IP Protocol type 1) We will block access in the INGRESS direction on the CEinterface towards the PE
CE Routers Only
6 Create and describe the filter ip instance on the CE device
XXXgt configure filter ip-filter 77 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er $ description ldquoBlock ICMP to Customernetworkrdquo
7 Set the default-action to forward
XXXgtconf i ggtf i l t er gti p- f i l t er $ default-action forward crarr
8 Deny access to all host address range only for ICMP echo-requests Note We will
match in the ingress direction
XXXgtconf i ggtf i l t er gti p- f i l t er $ entry 10 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match dst-ip xxxxxxxxyy crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match protocol 1 icmp-type echo-
request crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ action drop crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ exit all crarr
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful _____Explain _____________________________________________________________________
_____________________________________________________________________
10 Apply the filter on the CE to the router interface connected to the PE device
XXXgt configure router interface toPEx crarr
XXX gtconf i ggtr out ergti f $ ingress filter ip 77 crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2552
25
11 From the PE ping the attached CErsquos configured host loopback address Successful _____
12 From the CE ping the attached PErsquos system IP addresses Successful _____Explain
_____________________________________________________________________
_____________________________________________________________________
PE Routers only Do not start until CE Router section is completed
13 Create and describe the filter ip instance on the PE device
XXXgt configure filter ip-filter 77 create crarr XXXgtconf i ggtf i l t er gti p- f i l t er $ description ldquoBlock ICMP to System
Addressrdquo
14 Set the default-action to forward
XXXgtconf i ggtf i l t er gti p- f i l t er $ default-action forward crarr
15 Deny access to the system IP address only for ICMP echo-requests Note We willmatch in the ingress direction so the packets will destined to the system IP address
XXXgtconf i ggtf i l t er gti p- f i l t er $ entry 10 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match dst-ip xxxxxxxxyy crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match protocol 1 icmp-type echo-
request crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ action drop crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ exit all crarr
16 Apply the filter to the router interface connected to the CE device
XXXgtconfigure router interface toCExcrarr
XXXgtingress filter ip 77 crarr
17 From the PE ping the attached CErsquos loopback host IP address Successful _____
18 From the CE ping the attached PErsquos system IP address Successful _____Explain
_____________________________________________________________________ _____________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2652
Lab 4 Open Shortest Path First (OSPF)
Section 41 ndash Single Area OSPF
Objective
In this exercise the student will configure a single area OSPF network for each ISP Thislab will demonstrate the different databases that are created by the OSPF routing
protocol
CE4R12
26
Figure 4 OSPF in each ISP
NOTE Remove all static routes configured in the P and PE devices in the previous
labs DO NOT remove the static routes to CE networks on the PE
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
OSPF
OSPF
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2752
27
1 The first step is to enable the OSPF routing process on the router
XXX configure router ospf crarr
2 Next define the area that the interfaces will be placed in Remember that the areamust match between routers connected on the same interface for OSPF to establish an
adjacency The objective of this exercise is to configure a single area OSPF network
therefore all students should use the same area number
XXXgtconf i ggtr outergtospf $ area 0 crarr
3 Now enter into this area all the interfaces that you want OSPF to operate on and sendout its advertisements In this case place all the PE and P router interfaces inside thelocal ISP into the OSPF process area 0 Note that ISPs rarely exchange routes witheach other using an IGP protocol of any sort
XXXgtconf i ggtr out er gtospf gtar ea$ interface system crarr
XXXgtconf i ggtr outergtospf gtar eagti f $ exit crarr XXXgtconf i ggtr outergtospf gtar eagt interface toPE1
XXXgtconf i ggtr out ergtospf gtareagti f $ interface-type point-to-point crarr
Continue until all the interfaces on the PE and P routers within the ISP are enteredinto the OSPF process in area 0
XXXgtshow r out er r out e- t abl e crarr
a How many routes in the table ________ b
_________________________________________________________________ _________________________________________________________________
_________________________________________________________________ _________________________________________________________________
What is the preference and metric value of each OSPF Route
4 Use the show command to look at the OSPF neighbors of the P routers
XXXgtshow r out er ospf nei ghbor crarr
a How many neighbors do you see on the P devices _____ PE _____ CE _____
b What is the state of their adjacency ____ Why
____________________________________________________________________
____________________________________________________________________
Use the following command to show the ospf link state database This database is alisting of all LSAs that have been received by the router It is these LSAs that the SPFalgorithm uses to create the forwarding table
XXX show router ospf database detail crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2852
28
a What types of LSAs are in the database _______________________________________________________________
_______________________________________________________________ b Is the database consistent on all the ISP routers _______
5 Once everyone has completed the OSPF configuration login to the P router and ping
the other PE router system interfaces
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________Which devices were not reachable ______________________________
Explain _____________________________________________________________________ ___________________________________________________________________
6 To reach the CE networks from any of the PE and P routers the CE networks need to
be distributed into OSPF running on PE and P routers The static routes to the CEnetworks are defined on the PE routers and need to be distributed on the PE routers
To do this
a
the PE router must be configured as an ASBR (Autonomous System Border
Router) The ASBR configuration under OSPF enables a router running the OSPFrouting protocol to distribute networks external to the OSPF domain into OSPFIn this case the static routes to the CE networks are not part of the ISP OSPF
domainOn the PE routerXXXgtconf i ggtr out er gtospf gtar ea 0 asbrcrarr
b A routing policy on the PE distributes the static routes into OSPF
On the PE routerXXX configure router policy-options crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons begin crarr XXXgtconf i ggtr out ergtpol i cy- opt i ons policy-statement Export_Routes crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement $ entry 10 crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y$
from protocol static crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y
action accept crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r ygtact i on
back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons commit crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons exit all crarr XXXgtconf i ggtr outergtospf export Export_Routes
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2952
29
7 From the PE and the P routers ping all the CE networks (ie ping the CE hostloopback address) within the ISP
Which devices were reachable _______________________________
Which devices were not reachable ______________________________Explain
_____________________________________________________________________
___________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3052
Lab 5 BGP Routing
Section 51 ndash BGP Routing
Objective
In this exercise the student will configure their ISP as a BGP Autonomous System The
student will then configure the BGP routing protocol to connect the Autonomous Systemstogether and exchange routing information
CE4R12
Figure 5 BGP between ISPs and within ISPs
30
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
OSPF
OSPF
BGP
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3152
31
1 Assign your AS number to your P and PE routers (R1-R8)
XXXgtconf i ggtr out er autonomous-system 6500n (n = ISP) crarr
2 P1 and P3 P2 and P4 will be configured as external BGP peers (eBGP) Note thateBGP peers typically use the next-hop interface IP address as the neighbor address
Since the ISPs will now be peering (share an IP network) between them assign the
link between P1 and P3 host addresses from 145001031 and the link between P2and P4 will be assigned hosts from the 145002031 network
XXXgtconf i ggtr out er bgp gr oup eBGP crarr
XXXgtconf i ggtr out er gtbgpgtgroup$ nei ghbor xxxxxxxx crarr
XXXgtconf i ggtr outergtbgpgtgroupgtnei ghbor$ peer - as ltremote ASgt crarr
3 P1 and P2 P3 and P4 will be configured as internal BGP peers (iBGP) Note that
iBGP peers typically use the system interface IP address as the neighbor address
XXXgtconf i ggtr out er bgp group i BGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ nei ghbor xx xx xx xx crarr
XXXgtconf i ggtr outergtbgpgtgroupgtnei ghbor$ peer - as ltl ocal ASgt crarr
4
At this point each P router should have one internal and one external BGP session
xxx show r out er bgp summar y crarr
5
We can see the advertised routes for reach neighbor using the following command
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
a How many routes are advertised to each neighbor _____ b Explain
____________________________________________________________ __________________________________________________________
6
BGP like other distance vector protocols requires an export policy to advertise-routes to other BGP peers The most accepted way to originate a route from an ISP isto create a black-hole static route for all aggregates to be advertised This will ensure
these routes always exit to eliminate IGP related route flapping Create the black-holestatic route for the aggregate of your local ISP A black hole indicates that traffic fora particular route will be discarded unless a more specific route exists in the routing
table A black hole static-route only makes sense from an aggregation view point Foreg if there are the following routes in the routing table
XXX configure router static-route xxxxxxxxyy black-hole
preference 250
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3252
32
8 Execute the following set of commands on the core routers (R1-R4) This will exportall static routes to the eBGP peers
XXX configure router policy-options crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons begin crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons policy-statement Export_Routes crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement $ entry 10 crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y$
from protocol static crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y
action accept crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r ygtact i on
back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons commit crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons exit all crarr
XXXconf i gur e router bgp group eBGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ expor t Expor t _Routes crarr
NOTE Wait for all nodes to be fully configured before proceeding
7
Notice that there are routes being advertised now that the policy is applied
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
How many routes are in the routing table of R1-R4 ________________Explain
_____________________________________________________________________ ___________________________________________________________________
9 Log on to the PE routers and ping the other P router system interfaces of the other ISP
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________Which devices were not reachable ______________________________
Explain _____________________________________________________________________
___________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3352
Lab 6 Services
Section 61 Services Framework
Objective
In order to complete the next group of labs we need to create a topology to support the
services we will deploy The two service providers from the previous sections havemerged into one and are offering a VPLS service across their network As long as routesexist to the system addresses of all the PE devices in the provider network a VPLSservice can be created The new service provider is running OSPF as the IGP for their
core network
33
Figure 6 Service Provider core network
CE4R12
P1R1 P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
OSPF
CE3R11
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3452
34
Running an IPMPLS-based service requires a Label Distribution Protocol (wersquoll useLDP for ease of deployment) and a full mesh of Service Distribution Paths (SDPs)
Follow the steps below
Reference Terminology
R1-R4 = Provider Routers = P1-P4
R5-R8 = Provider Edge Routers = PE1-PE4R9-R12 = Customer Edge Routers = CE1-CE4
Part 1 Provider Router Configuration (P1-P4)
1) In the previous lab routing between ISPs is provided by BGP Since the ISPs have
merged they will be merged into one routing domain running OSPF as their IGP
The interfaces between R1 and R3 and between R2 and R4 must be added to OSPF to
make this a single routing domain
2) The MPLS signaling protocol that will be used in the following section is LDP LDP
must be enabled on ALL interfaces that will be required to perform MPLS Label
exchange
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr
XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toP_ is the router interface to all neighboring routers
Part 2 Provider Edge Router Configuration (PE1-PE4)
1) LDP must be enabled on ALL router interfaces in the provider core to allow labels to
be exchanged across the Provider and Provider Edge routers
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toR_ is the router interface to the P and PE routers only
LDP is an MPLS signaling protocol therefore once all routers in the network have been
correctly configured for LDP LSPs will be created dynamically based on the systemaddresses of each node in the network
3) Configure a full mesh of SDPs (Service Distribution Paths) between the PE routers
only This will allow the distribution of services across all PE routers in the networks
When yoursquove completed this section each PE node will have a total of 3 SDPs to
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3552
35
each of the other 3 PEs The SDP is identified by an integer and we will use the router
number (5 6 7 or 8) of the far end PE to identify the SDP So PE1 (R5) will have 3
SDPs numbered 6 7 and 8 to each of the other three PEs
XXXgtconf i gure servi ce sdp x mpl s cr eat e crarr
XXXgtconf i ggtser vi cegtsdp$ f ar - end xxxxxxxxxxxx crarr
XXXgtconf i ggtser vi cegtsdp$ l dp crarr
XXXgtconf i ggtser vi cegtsdp$ no shut down crarr
Where x is the router number of the destination node
Where xxxxxxxxxxxx is the system IP address of the far-end device
Part 3 Customer Edge Router Configuration (CE1-CE4)
In the following service labs the Customer Edge devices will be configured as traditional
routers Each CE router has an interface in the same IP subnet The VPLS service will join these four routers in the same way an Ethernet switch would join them Thefollowing configuration is required on each CE device
1) Create the router interface on the interface connecting the CE to the service enabled
PE devices
XXXgtconf i gure r out er i nt er f ace ser vi cesCE_ crarr
XXXgtconf i ggtr out ergti f $ addr ess 192 168 1 x 24 crarr
XXXgtconf i ggtr out ergti f $ por t X Y Z crarr XXXgtconf i ggtr outergti f $ no shutdown
Where x is the local router number
Where XYZ is the physical network port connecting the CE to the neighboring
PE
2) Create OSPF area 0 and add the Router Interface created in step 1 and the system
interface to it
XXXgtconf i gur e rout er ospf area 0 crarr
XXXgtconf i ggtr out ergtospf gtarea$ i nter f ace syst emcrarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
XXXgtconf i ggtr out ergtospf gtarea i nter f ace servi ceCE1 crarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
Part 4 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3652
36
1) LDP is the protocol used for signaling which tunnel labels will be PUSHed
SWAPped POPped while data traverses the LSP To view which labels will be used
and their function use the following command
XXX show r out er l dp bi ndi ngs act i ve crarr
a How many PUSH actions on the P PE and CE devices
_______________________ Explain _______________________________________________________________
_______________________________________________________________
__________
b How many SWAP actions on the P PE and CE devices
_______________________ Explain
_______________________________________________________________
_______________________________________________________________
__________
c How many POP actions on the P PE and CE devices
_________________________ Explain
_______________________________________________________________ _______________________________________________________________
__________
2) CE Connectivity
a How many OSPF adjacencies are there on your CE device _____
b Ping the other CE devices in the network (ping 1921681x)
Explain the results ________________________________________________________________________ ________________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3752
Section 62 VPLS Example
Objective
A VPLS is a layer 2 service that can connect multiple sites in one LAN Itrsquos like creatinga virtual Switch out of a network of Service Routers In this lab we will create a VPLSacross all the PE nodes The PE devices will connect to each other with a full mesh using
mesh-sdp Note that after the service reference topology has been configured adding
services from edge to edge does not require any further modification of the P devices
37
Figure 6 VPLS service in each ISP between PE and P routers with SAP connections to CE routers
Part 1 Provider Edge Router Configuration (R5-R8)
1) Create the VPLS service
CE4R12
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
CE3R11
VPLS 1
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3852
38
XXXgtconf i gur e servi ce vpl s 1 cust omer 1 cr eat e crarr
XXXgtconf i ggtser vi cegtvpl s$ no shut down crarr
2) SDPs are used to distribute services across multiple service routers and therefore
bind a transport tunnel to the service You will need to create a mesh-sdp between
each PE router (R5-R8) to allow full communication across the PE routers Each PE
router should have 3 mesh-SDPs at the conclusion of this step Note that a mesh-sdp
will not forward a frame out another mesh-sdp allowing for a loop free service
topology within the core
XXXgtconf i gur e ser vi ce vpl s 1 mesh- sdp x create crarr
XXXgtconf i ggtser vi cegtvpl sgtmesh- sdp$ back crarr
Where x is the sdp to the other PE routers (R5=5 R6=6 R7=7 R8=8)
3) Service Access Points are used to attach CE devices to services on PE devices
XXXgtconf i gur e servi ce vpl s 1 sap X Y Z cr eat e crarr
Where XYZ is the physical port connecting the CE device to the PE
a Were you successful at adding the SAP _______
b Explain
_______________________________________________________________
_______________________________________________________________
c Correct the problem
XXXgtconf i gur e port X Y Z shut down crarr
XXXgtconf i gur e por t X Y Z et her net mode access crarr
XXXgtconf i gur e por t X Y X no shut down crarr
Part2 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
a View the in-use Service LDP bindings on the P and PE routers (U after label
indicates in-use)
XXX show r out er l dp bi ndi ngs f ec- t ype ser vi ces crarr
a How many Ingress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3952
39
b How many Egress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
b Network Connectivity
a How many OSPF adjacencies are there on your CE device _____
b
Are you able to ping the other CE devices in the lab _____c Are you able to ping the system IP address of the P device from the CE
device ____
d Explain the results
_______________________________________________________________
_______________________________________________________________
c Services Use the following command to determine the health of your services
XXXgt show ser vi ce servi ce- usi ng crarr
a How many services are there on each device in your POD ______
b
What is their status ______c Use the following command to find out more information about your service
XXXgt show ser vi ce i d 1 base crarr
d On each PE device we can see the MAC database per service using the
following command
XXXgt show ser vi ce i d 1 f db det ai l crarr
i How many local MAC addresses are in your table ____
ii How many remote MAC addresses are in your table ____
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
XXXgtconf i gur e servi ce sdp x shutdown crarr
Where x is the SDP to the remote PE device (R5=5 R6=6 R7=7 R8=8)
i How many OSPF adjacencies are there on your CE device _____
ii Ping the system IP addresses of all other CE devices in the lab
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4052
40
iii Explain the results
_________________________________________________________
_________________________________________________________
f On the P routers observe the impact of step d
XXXgtshow r out er l dp bi ndi ngs act i ve crarr
i
How many labels are there _____________
ii Is there any difference compared to what was seen in previously in
step a ________________
Explain __________________________________________________________________
__________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4152
41
Solutions
Exercise 13 Hardware
Sample Relevant Config--------------------------------------------------
echo Card Configuration--------------------------------------------------
card 1card-type iom-20g
mda 1
mda-type m60-10100eth-tx
ingress
mcast-path-managementshutdown
exit
exit
exit
exit
--------------------------------------------------
Exercise 14 Logs
Sample Relevant Config--------------------------------------------------echo Log Configuration
--------------------------------------------------
log
log-id 21
description Main stream log
from main
to memoryexit
log-id 22
description Security Log File
from security
to memoryexitlog-id 23
description Debug-trace
from debug-trace
to memoryexit
log-id 24
description Change Log
from change
to memoryexit
exit
Exercise 21
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4252
42
Divide up the ISP address space into equal space 512 host addresses
13812016022
13812020022
13812024022
13812028022 - divide into 13812028023 and 13812030023
Take the last 13812030023 and divide that into
13812030027 A1 30 hosts
138120303227 A2 62 hosts
138120306427
138120309627 B1 92 hosts
1381203012826
1381203019226 B2 316 hosts
13812031024
Exercise 22
Divide 140100024 into 827 address spaces
140100027 Reserved Reserved
1401003227 Unused
1401006427 Unused
1401009627 Split 1401009630
14010010030
14010010430
14010010830
14010011230
14010011630
14010012030
14010012430
All interface addresses
14010012827 Aggregate 14010012826 Assigned to Customer
space
14010016027
14010019227 Aggregate 14010019226 Assigned to customer
space
14010022427
Exercise 23
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4352
43
5 Is there a difference between the outputs of the lsquoshow router interfacersquo command
and the lsquoshow router route-tablersquo command What is the difference
Yes there is a difference The route table shows me the networks that are connected to myrouter and the logical interface it is connected to The router interface command shows
me the host address assigned to the port from the network that is used on my router along
with the physical port it is bound to
Relevant Configuration from P1
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
router
interface system
address 140100132
exit
interface t-R2exit
interface to-R2
address 140100530
port 112exit
interface to-R3
address 14010010930
port 113
exitinterface to-R5
address 14010011830
port 111
exit
exit
Exercise 244 How many ARP entries are on each router at this point
There are no ARP entries in my ARP table at this point The routers do not know how to
reach the system addresses of other routers so no ARP responses are received
5 How many ARP entries are on each router at this point
I see entries for each of my directly connected peers The MAC address belongs to the
remote routerrsquos interface ARP entries are populated because all routers know of theirdirectly connected networks and will respond to ARP requests accordingly
Exercise 31
5 View the contents of the routing table and answer the following questions
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4452
44
a How many routes in the table
There are routes for all my connected networks and an additional STATIC routefor each entry I put in
b What is the preference and metric value of each type of routing entry
The LOCAL entries have a Metric and Preference of 0The Static Routes have a Metric of 1 and a Preference of 5
Exercise 323 How many routes are there in the PPE routerrsquos routing table
Even though I entered 4 static routes total on the router only 2 are active in myrouting table The router preferred the static-route with the lowest metric
4 Which devices were reachable
I was able to ping the CE routers
Which devices were not reachable
I was unable to ping the System addresses of routers 2 hops away as they do not have
routes to the remote CE system address in their table The directly attached PE routerhas a staticroute to the local CE system address from a previous step
What is the PATH to the other CE within your local ISP
CE PE PE CE
5
Shut down the link directly between the PE devices
Which Devices are still reachable
I am still able to PING the other CE in my ISP by using the alternate (floating) static-route that replaced the last route Once a interface goes operationally down routers
flush routes from their routing table that use it as their next-hop
Exercise 33
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4552
45
YES While the filter is created it is not applied to any interface yet
11 From the PE ping the attached CErsquos configured host loopback address
SuccessfulYES
12 From the CE ping the attached PErsquos system IP addresses
Successful NO The filter is blocking icmp echo-requests in only one direction therefore ping
works one way but not the other
17 From the PE ping the attached CErsquos loopback host IP address
Successful
YES ICMP echo-requests are not blocked to the Loopback segment ONLY thesystem IP
18 From the CE ping the attached PErsquos system IP address
Successful
NO The filter is now blocking ICMP echo-requests to both CE and PE systemaddresses
Sample PE Relevant Config
--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forwarddescription Block ICMP to System Address
entry 10 create
match protocol icmpdst-ip 1511003032
icmp-type echo-request
exit
action drop
exit
exitexit
--------------------------------------------------
echo Router (Network Side) Configuration
--------------------------------------------------
interface to-R12
address 15110012630 port 112
ingress filter ip 77
exit
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4652
46
Sample CE Relevant Config--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forward
description Block ICMP to System Addy
entry 10 creatematch protocol icmp
dst-ip 1511003132
icmp-type echo-request
exit
action dropexit
exit
exit
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
interface to-R8
address 15110012530
port 112ingress filter ip 77
exit
Exercise 413
c How many routes in the table
There are 5 OSPF routes in my routing table 3 System Addresses and 2 Intefacenetworks that are not directly connected to my local system
d What is the preference and metric value of each OSPF Route
The OSPF routes vary in metric depending how ldquofarrdquo away they are (OSPF usescumulative cost based on bandwidth) but all have a preference of 10
4c How many neighbors do you see on the P devices 2
PE 2
CE 0
d What is the state of their adjacency
The P and PE adjacencies are Established because there is a OSPF speaker on the
other end with the proper parameters configured
There is no OSPF adjacency to the CE router listed as none was configured
e What type of LSAs are in the database
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4752
47
Only Type 1 Router LSA are present due to the interface being configured as point-
to-point
5 Which devices were reachable
All the devices in the local ISP were now reachable
Which devices were not reachable
The devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs Also none of the CE Host Networks were reachable as therouters did not have routes for these networks in their local routing table
6 Which devices were reachable
All networks and devices in the local ISP are now reachable
Which devices were not reachable
Devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs
Sample Relevant Config
--------------------------------------------------
echo OSPFv2 Configuration
--------------------------------------------------
ospf
area 0000interface system
interface-type point-to-point
exit
interface to-R4interface-type point-to-point
exitinterface toLAN
interface-type point-to-point
exitexit
exit
exit
Exercise 515 How many routes are advertised to each neighbor
There are no routes advertised to the neighbors because BGP does not originateroutes until an export policy is created and applied to the BGP instance
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4852
48
8 How many routes are in the routing table of R1-R4
There is 1 BGP route in each of R1-R4s routing tables matching the best path tothe aggregate advertised by the remote ISPs
9 Which devices were reachable
From the PE routers only the P routers in the local ISP were reachable
Which devices were not reachable
All routers in the remote ISP were still unreachable This is due to the local PE router
not participating in the BGP routing protocol and therefore it is not aware of theaggregate route advertised from P to P router
Sample Relevant Router Config
--------------------------------------------------
echo Static Route Configuration
--------------------------------------------------
static-route 140100024 black-hole--------------------------------------------------
echo Policy Configuration
-------------------------------------------------- policy-options
begin
policy-statement Export_Routes
entry 10
from protocol static
exit
action accept
exit
exit
exit
commitexit
--------------------------------------------------
echo BGP Configuration
--------------------------------------------------
bgpgroup eBGP
export Export_Routes
exit
group ebgpneighbor 1601006
peer-as 65002
exit
exitgroup ibgp
neighbor 1401002
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4952
49
peer-as 65001
exit
exit
exit
exit
Exercise 61Part 4 Verification
1 a How many PUSH actions on the P PE and CE devices
There are 7 PUSH operations on each P and PE device There are no PUSHoperations on the CE as it is not running LDP
b How many SWAP actions on the P PE and CE devices
There are 7 SWAP operations on each P and PE device There are no SWAP
operations on the CE as it is not running LDP
c How many POP actions on the P PE and CE devices
There is 1 POP operation on each P and PE device There are no POP operationson the CE device as it is not running LDP
2
a How many OSPF adjacencies are there on your CE device
None
b Ping the other CE devices in the network (ping 1921681x)
Nothing is reachable because there is no layer 2 connectivity from CE to CE
device without creating a service
Exercise 62 3 Were you successful at adding the SAP
No The port must be in access mode before you can create a SAP on it
Part 2 Verification
1
g How many Ingress labels
There are now 3 Ingress labels on the PE devices The P and CE device has no
service labels
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5052
50
h How many SWAP actions
There are now 3 Egress labels on the PE devices The P and CE device has noservice labels
2
a
How many OSPF adjacencies are there on your CE device3
b Are you able to ping the other CE devices in the lab
YES
c Are you able to ping the system IP address of the P device from the CE
device
NO The O and PE devices are private from the service to which the CEdevices are connected on
3
a How many services are there on each device in your POD
1 per PE only
b What is their status
Operationally UP
d On each PE device we can see the MAC database per service using the
following command
iii How many local MAC addresses are in your table
1
iv How many remote MAC addresses are in your table
3
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
i How many OSPF adjacencies are there on your CE device
1
ii Ping the system IP addresses of all other CE devices in the lab
Only the CE device connected to the diagonally connected PE isreachable because it is the only one with an active SDP in both
directionsf
i How many labels are there
Same as before
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5152
51
ii Is there any difference compared to what was seen in previously
in step a
NO The LSPs created with LDP are still active only the SDP usedto bind the LSPs to the service are shut down therefore no labelswill be withdrawn
Sample PE Relevant Configuration
--------------------------------------------------echo LDP Configuration
--------------------------------------------------
ldpinterface-parameters
interface to-R1
exit
interface to-R6
exit
interface to-R5exit
exit
targeted-session
exit
exitexit
--------------------------------------------------
echo Service Configuration
--------------------------------------------------
service
customer 1 createdescription Default customer
exit
sdp 6 mpls createfar-end 1401006
ldp
keep-alive
shutdown
exit
no shutdown
exitsdp 7 mpls create
far-end 1511001
ldp
keep-alive
shutdownexit
no shutdown
exit
sdp 8 mpls create
far-end 15110030
ldpkeep-alive
shutdown
exit
no shutdown
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5252
52
exit
vpls 612 customer 1 create
stp
shutdown
exitsap 112 create
exit
mesh-sdp 6612 create
mesh-sdp 7612 create
mesh-sdp 8612 createexitno shutdown
exit
exit A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1652
16
Section 23 ndash Layer 3 Interfaces
Objective
In this exercise the student will configure the layer 3 interfaces as per the IP addressing
scheme listed in the tables in the previous exercise
1 Using the following command take a look at any existing interfaces on the router
Notice that the system interface is already created This interface exists by defaultand cannot be removed The only requirement is to assign the system interface with
an IP address The system interface will be automatically used by the various routing protocols as the router-id
XXXgtshow router interface crarr
2 Assign the IP address to the system interface as per the above table on the PE and Prouters
XXXgtconf i ggtrouter crarr XXXgtconf i ggtr outer interface system crarr
XXXgtconf i ggtr out ergti f address xxxxxxxxxxxx 32 crarr
XXXgtconf i ggtr out ergti f exit crarr
3 Assign the IP addresses to the rest of the interfaces on the CE PE and P routers Thedifference between these interfaces and the system interface is the fact that the non-
system interfaces require the addition of a physical port
a The system interface being a loopback or virtual interface does not have a
physical port assigned to it b Other non-system interfaces can also be created as loopback interfaces (as
shown below) and also not required the addition of a physical port However
they need to be explicitly configured as a loopback interfaces by specifyingthe command ldquoloopbackrdquo
c The customer networks on the CE router can be specified as a loopback
interface for the purpose of aggregation however on the loopback interface asingle host address in the customer network needs to be defined
Interface Type Name Loopback Subnet Mask Port Config
Normal ldquoAny Stringrdquo No 8-31 Required
System system Implicit 32 None
Loopback ldquoAny Stringrdquo Explicit 8-31 loopback
XXXgtconf i ggtr outer interface Hosts crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1752
17
XXXgtconf i ggtr out ergti f $ address xxxxxxxxxxxxyy crarr XXXgtconf i ggtr out ergti f $ loopback
XXXgtconf i ggtr out ergti f $ exitcrarr
4 Continue until all the interfaces have been assigned an IP address and the interface
has been associated to the correct port Once completed use the show command tosee the status of the router interfaces that have just been created The administrative
and operational status should both be up If an interface shows operationally downthis could be indicative of a physical problem Use the info command to view theconfiguration of the router interfaces to ensure that they have all (with the exception
of the System interface) been associated with a port
XXXgtshow router interface crarr
XXXgtconf i ggtroutercrarr
XXXgtconf i ggtr outer info crarr
5 Using the show command check the route tables of all the CE PE and P routers inyour ISP Notice the routes that now appear in the route table and take note of their
protocol type The PE routers should see 4 routes in the route table while the Prouters should see 4 routes in the route table
XXXgtshow router route-table crarr
Is there a difference between the outputs of the lsquoshow router interfacersquo command andthe lsquoshow router route-tablersquo command What is the difference
__________
6 Using the ping command check connectivity from a router to the distant end of each
of its interfaces to the neighboring routers For example on the PE routers check theconnectivity to the distant end of the interface connecting it to the P router and on theCE router check the connectivity to the PE router
XXXgt ping xxxxxxxxxxxx crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1852
18
Section 24 ndash Testing for ICMP and ARP
Internet control messaging protocol is an IP protocol used to report on errors deliveringan IP datagram When a destination address is unreachable the router that cannot find the
destination sends an ICMP destination unreachable to the source of the IP datagram ARPis a mechanism used to find out the MAC address corresponding to a specific IP address
if one does not exist in the sourcersquos ARP cache
1 To verify ICMP messages are being generated turn on debug for ICMP packets on allcore routers To turn debug icmp on
XXXgt debug router ip icmp
2 From the edge devices attempt to ping the IP address of the far-end interface to your
core router using your edgersquos system interface address as the source address Observethe debug ICMP messages on the core routers
3 To verify ARP operation by the router turn on debug IP ARP on the routers in any
ISP (P1-P2 P3-P4 PE1 and PE2 PE3 and PE4) routers Execute the followingcommand on each of the routers
XXXgt debug router ip no icmp
XXXgt debug router ip arp
XXXgt clear router arp all
XXXgt show router arp (This should be empty now)
4 NOTE Wait until all students are at this point before proceeding
From any PE router attempt to ping the system interface IP address of all the other
directly connected routers Observe the debug ARP message Verify the ARP entryfor the neighboring interface has been added
XXXgt show router arp
How many ARP entries are on each router at this point __________
5 From any P router attempt to ping the network interface IP address of all the otherconnected routers Observe the debug ARP message Verify the ARP entry for theneighboring interface has been added
XXXgt show router arp
How many ARP entries are on each router at this point __________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1952
19
Explain ________________________________________________________________________
________________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2052
Lab 3 Dynamic IP Routing
Section 31 ndash Static Routes
Objective
In this exercise the student will configure a static route from the PE to the P router andfrom the P router to the PE router that will allow both routers to ping the system interface
of each other At this point the operator can only ping the interfaces that are directlyconnected to the router This is because those are the only networks that are known bythe router Should the operator at the PE router attempt to ping the system interface of
the P router it will fail as the PE router has no route to the destination (it is not shown inthe route-table)
1 The first step is to define the network that the operator wishes to reach In this case itwill be the address of the system interface of the distant router Once that is defined
then the router must be informed of which interface to send the information out of toreach the distant network Note when defining the ldquonext-hoprdquo interface informationthe IP address used is the distant IP address of the interface not the local IP address of
the router interface Log in to the PE router and configure a static route using thefollowing command structure The first IP address defined is the destination network
plus mask In this case it is the system interface of the P router The second IPaddress defined is the IP address of the P end of the interface that connects the P tothe PE
XXXgtconfigure router static-route xxxxxxxxyy next-hopxxxxxxxx
2 The next step is to log on to the P routers and configure a static route to the systeminterface of the PE router The command structure is the same as above The onlything that will change is the IP addresses
3
Once completed verify connectivity between the P and PE routers in your pod by pinging the system interface of the other router
XXXgt ping xxxxxxxxxxxx crarr
4 View the contents of the routing table and answer the following questions
XXXgtshow r out er r out e- t abl e crarr
a How many routes in the table ________
b What is the preference and metric value of each type of routing entry
________________________________________________________________________
________________________________________________________________________
___________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2152
Section 32 ndash Default Routes and Router Logicction 32 ndash Default Routes and Router Logic
ObjectiveObjective
In this exercise the student will configure a default route on the Customer Edge CE
router The purpose of this default route is to allow IP connectivity from the CE router tothe rest of the routers in the network This is possible due to the fact that the CE router
has only one interface towards the ISP core Therefore if the destination is not local itmust be out that interface
In this exercise the student will configure a default route on the Customer Edge CE
router The purpose of this default route is to allow IP connectivity from the CE router tothe rest of the routers in the network This is possible due to the fact that the CE router
has only one interface towards the ISP core Therefore if the destination is not local itmust be out that interface
Figure 3 Static routes CE to PE and P PE to CEFigure 3 Static routes CE to PE and P PE to CE
21
CE4R12CE4R12
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
Static Route T e 2
Static Route T e 3
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2252
22
For this exercise the CE devices will configure default routes towards theirconnected PE router Each P and PE router will configure static routes for the CE
networks (the aggregate networks that were created as part of the subnetwork exercisein Section 22) connected to their local ISP For example P1 and PE1 will eachconfigure a static route to CE1 networks and another static route to the CE2 networks
Note that each P and PE router will configure 2 static routes for each CE
1 To configure a default route is to configure a static route The only difference is thedestination network and mask information In a default route the wild card network
and mask is used to match all network prefix values that do not match anything elsein the route-table Use the following configuration on the edge router of your pod
For the next hop use the interface as defined on the previous page
XXXgtconfigure router static-route 00000 next-hop xxxxxxxx crarr
2 Log on to the core (P and PE) routers and configure static routes for each CE
customer network address of the CE routers in your local ISP For each networkthere are 2 paths through your ISP For this exercise you will enter both static routes
into each PPE router The difference will be the metric value that is used The valueof the metric is the total number of routers (including the local router) traversed toreach the destination device
XXXgtconfigure router static-route xxxxxxxxyy next-hop
xxxxxxxx met r i c zcrarr
3 Use the show command to verify the existence of the default and static routes
XXXgtshow router route-table crarr
How many routes are there in the PPE routerrsquos routing table _______
Explain
_____________________________________________________________________ _____________________________________________________________________
4 Once everyone has completed the default route configuration log on to the CE router
and ping and traceroute the various system interfaces of the various routers within thenetwork Log into the P and PE router and try to ping the configured host address on both the CE routers in the ISP
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________
Which devices were not reachable ______________________________
XXXgttraceroute xxxxxxxxxxxx crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2352
23
What path is being taken to the other CE within your local ISP ____________________________________________________________________
5 Shut down the link directly between the PE devices
XXXgtconfigure port XYZ shutdown crarr
Which devices are still reachable _______________________________
Explain _____________________________________________________________________
_____________________________________________________________________A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2452
24
Section 33 ndash IP Filters
Objective
In this exercise the student will configure an IP filter on the routers to block ICMP echo-
request access to an IP address range
To configure an IP filter we must first determine the address and protocol types that we
will be allowing access to and the direction where the filter will be applied In this casewe will be blocking access to any of the CE customer host addresses from the protocol
ICMP (IP Protocol type 1) We will block access in the INGRESS direction on the CEinterface towards the PE
CE Routers Only
6 Create and describe the filter ip instance on the CE device
XXXgt configure filter ip-filter 77 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er $ description ldquoBlock ICMP to Customernetworkrdquo
7 Set the default-action to forward
XXXgtconf i ggtf i l t er gti p- f i l t er $ default-action forward crarr
8 Deny access to all host address range only for ICMP echo-requests Note We will
match in the ingress direction
XXXgtconf i ggtf i l t er gti p- f i l t er $ entry 10 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match dst-ip xxxxxxxxyy crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match protocol 1 icmp-type echo-
request crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ action drop crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ exit all crarr
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful _____Explain _____________________________________________________________________
_____________________________________________________________________
10 Apply the filter on the CE to the router interface connected to the PE device
XXXgt configure router interface toPEx crarr
XXX gtconf i ggtr out ergti f $ ingress filter ip 77 crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2552
25
11 From the PE ping the attached CErsquos configured host loopback address Successful _____
12 From the CE ping the attached PErsquos system IP addresses Successful _____Explain
_____________________________________________________________________
_____________________________________________________________________
PE Routers only Do not start until CE Router section is completed
13 Create and describe the filter ip instance on the PE device
XXXgt configure filter ip-filter 77 create crarr XXXgtconf i ggtf i l t er gti p- f i l t er $ description ldquoBlock ICMP to System
Addressrdquo
14 Set the default-action to forward
XXXgtconf i ggtf i l t er gti p- f i l t er $ default-action forward crarr
15 Deny access to the system IP address only for ICMP echo-requests Note We willmatch in the ingress direction so the packets will destined to the system IP address
XXXgtconf i ggtf i l t er gti p- f i l t er $ entry 10 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match dst-ip xxxxxxxxyy crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match protocol 1 icmp-type echo-
request crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ action drop crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ exit all crarr
16 Apply the filter to the router interface connected to the CE device
XXXgtconfigure router interface toCExcrarr
XXXgtingress filter ip 77 crarr
17 From the PE ping the attached CErsquos loopback host IP address Successful _____
18 From the CE ping the attached PErsquos system IP address Successful _____Explain
_____________________________________________________________________ _____________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2652
Lab 4 Open Shortest Path First (OSPF)
Section 41 ndash Single Area OSPF
Objective
In this exercise the student will configure a single area OSPF network for each ISP Thislab will demonstrate the different databases that are created by the OSPF routing
protocol
CE4R12
26
Figure 4 OSPF in each ISP
NOTE Remove all static routes configured in the P and PE devices in the previous
labs DO NOT remove the static routes to CE networks on the PE
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
OSPF
OSPF
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2752
27
1 The first step is to enable the OSPF routing process on the router
XXX configure router ospf crarr
2 Next define the area that the interfaces will be placed in Remember that the areamust match between routers connected on the same interface for OSPF to establish an
adjacency The objective of this exercise is to configure a single area OSPF network
therefore all students should use the same area number
XXXgtconf i ggtr outergtospf $ area 0 crarr
3 Now enter into this area all the interfaces that you want OSPF to operate on and sendout its advertisements In this case place all the PE and P router interfaces inside thelocal ISP into the OSPF process area 0 Note that ISPs rarely exchange routes witheach other using an IGP protocol of any sort
XXXgtconf i ggtr out er gtospf gtar ea$ interface system crarr
XXXgtconf i ggtr outergtospf gtar eagti f $ exit crarr XXXgtconf i ggtr outergtospf gtar eagt interface toPE1
XXXgtconf i ggtr out ergtospf gtareagti f $ interface-type point-to-point crarr
Continue until all the interfaces on the PE and P routers within the ISP are enteredinto the OSPF process in area 0
XXXgtshow r out er r out e- t abl e crarr
a How many routes in the table ________ b
_________________________________________________________________ _________________________________________________________________
_________________________________________________________________ _________________________________________________________________
What is the preference and metric value of each OSPF Route
4 Use the show command to look at the OSPF neighbors of the P routers
XXXgtshow r out er ospf nei ghbor crarr
a How many neighbors do you see on the P devices _____ PE _____ CE _____
b What is the state of their adjacency ____ Why
____________________________________________________________________
____________________________________________________________________
Use the following command to show the ospf link state database This database is alisting of all LSAs that have been received by the router It is these LSAs that the SPFalgorithm uses to create the forwarding table
XXX show router ospf database detail crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2852
28
a What types of LSAs are in the database _______________________________________________________________
_______________________________________________________________ b Is the database consistent on all the ISP routers _______
5 Once everyone has completed the OSPF configuration login to the P router and ping
the other PE router system interfaces
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________Which devices were not reachable ______________________________
Explain _____________________________________________________________________ ___________________________________________________________________
6 To reach the CE networks from any of the PE and P routers the CE networks need to
be distributed into OSPF running on PE and P routers The static routes to the CEnetworks are defined on the PE routers and need to be distributed on the PE routers
To do this
a
the PE router must be configured as an ASBR (Autonomous System Border
Router) The ASBR configuration under OSPF enables a router running the OSPFrouting protocol to distribute networks external to the OSPF domain into OSPFIn this case the static routes to the CE networks are not part of the ISP OSPF
domainOn the PE routerXXXgtconf i ggtr out er gtospf gtar ea 0 asbrcrarr
b A routing policy on the PE distributes the static routes into OSPF
On the PE routerXXX configure router policy-options crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons begin crarr XXXgtconf i ggtr out ergtpol i cy- opt i ons policy-statement Export_Routes crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement $ entry 10 crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y$
from protocol static crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y
action accept crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r ygtact i on
back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons commit crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons exit all crarr XXXgtconf i ggtr outergtospf export Export_Routes
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2952
29
7 From the PE and the P routers ping all the CE networks (ie ping the CE hostloopback address) within the ISP
Which devices were reachable _______________________________
Which devices were not reachable ______________________________Explain
_____________________________________________________________________
___________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3052
Lab 5 BGP Routing
Section 51 ndash BGP Routing
Objective
In this exercise the student will configure their ISP as a BGP Autonomous System The
student will then configure the BGP routing protocol to connect the Autonomous Systemstogether and exchange routing information
CE4R12
Figure 5 BGP between ISPs and within ISPs
30
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
OSPF
OSPF
BGP
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3152
31
1 Assign your AS number to your P and PE routers (R1-R8)
XXXgtconf i ggtr out er autonomous-system 6500n (n = ISP) crarr
2 P1 and P3 P2 and P4 will be configured as external BGP peers (eBGP) Note thateBGP peers typically use the next-hop interface IP address as the neighbor address
Since the ISPs will now be peering (share an IP network) between them assign the
link between P1 and P3 host addresses from 145001031 and the link between P2and P4 will be assigned hosts from the 145002031 network
XXXgtconf i ggtr out er bgp gr oup eBGP crarr
XXXgtconf i ggtr out er gtbgpgtgroup$ nei ghbor xxxxxxxx crarr
XXXgtconf i ggtr outergtbgpgtgroupgtnei ghbor$ peer - as ltremote ASgt crarr
3 P1 and P2 P3 and P4 will be configured as internal BGP peers (iBGP) Note that
iBGP peers typically use the system interface IP address as the neighbor address
XXXgtconf i ggtr out er bgp group i BGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ nei ghbor xx xx xx xx crarr
XXXgtconf i ggtr outergtbgpgtgroupgtnei ghbor$ peer - as ltl ocal ASgt crarr
4
At this point each P router should have one internal and one external BGP session
xxx show r out er bgp summar y crarr
5
We can see the advertised routes for reach neighbor using the following command
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
a How many routes are advertised to each neighbor _____ b Explain
____________________________________________________________ __________________________________________________________
6
BGP like other distance vector protocols requires an export policy to advertise-routes to other BGP peers The most accepted way to originate a route from an ISP isto create a black-hole static route for all aggregates to be advertised This will ensure
these routes always exit to eliminate IGP related route flapping Create the black-holestatic route for the aggregate of your local ISP A black hole indicates that traffic fora particular route will be discarded unless a more specific route exists in the routing
table A black hole static-route only makes sense from an aggregation view point Foreg if there are the following routes in the routing table
XXX configure router static-route xxxxxxxxyy black-hole
preference 250
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3252
32
8 Execute the following set of commands on the core routers (R1-R4) This will exportall static routes to the eBGP peers
XXX configure router policy-options crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons begin crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons policy-statement Export_Routes crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement $ entry 10 crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y$
from protocol static crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y
action accept crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r ygtact i on
back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons commit crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons exit all crarr
XXXconf i gur e router bgp group eBGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ expor t Expor t _Routes crarr
NOTE Wait for all nodes to be fully configured before proceeding
7
Notice that there are routes being advertised now that the policy is applied
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
How many routes are in the routing table of R1-R4 ________________Explain
_____________________________________________________________________ ___________________________________________________________________
9 Log on to the PE routers and ping the other P router system interfaces of the other ISP
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________Which devices were not reachable ______________________________
Explain _____________________________________________________________________
___________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3352
Lab 6 Services
Section 61 Services Framework
Objective
In order to complete the next group of labs we need to create a topology to support the
services we will deploy The two service providers from the previous sections havemerged into one and are offering a VPLS service across their network As long as routesexist to the system addresses of all the PE devices in the provider network a VPLSservice can be created The new service provider is running OSPF as the IGP for their
core network
33
Figure 6 Service Provider core network
CE4R12
P1R1 P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
OSPF
CE3R11
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3452
34
Running an IPMPLS-based service requires a Label Distribution Protocol (wersquoll useLDP for ease of deployment) and a full mesh of Service Distribution Paths (SDPs)
Follow the steps below
Reference Terminology
R1-R4 = Provider Routers = P1-P4
R5-R8 = Provider Edge Routers = PE1-PE4R9-R12 = Customer Edge Routers = CE1-CE4
Part 1 Provider Router Configuration (P1-P4)
1) In the previous lab routing between ISPs is provided by BGP Since the ISPs have
merged they will be merged into one routing domain running OSPF as their IGP
The interfaces between R1 and R3 and between R2 and R4 must be added to OSPF to
make this a single routing domain
2) The MPLS signaling protocol that will be used in the following section is LDP LDP
must be enabled on ALL interfaces that will be required to perform MPLS Label
exchange
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr
XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toP_ is the router interface to all neighboring routers
Part 2 Provider Edge Router Configuration (PE1-PE4)
1) LDP must be enabled on ALL router interfaces in the provider core to allow labels to
be exchanged across the Provider and Provider Edge routers
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toR_ is the router interface to the P and PE routers only
LDP is an MPLS signaling protocol therefore once all routers in the network have been
correctly configured for LDP LSPs will be created dynamically based on the systemaddresses of each node in the network
3) Configure a full mesh of SDPs (Service Distribution Paths) between the PE routers
only This will allow the distribution of services across all PE routers in the networks
When yoursquove completed this section each PE node will have a total of 3 SDPs to
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3552
35
each of the other 3 PEs The SDP is identified by an integer and we will use the router
number (5 6 7 or 8) of the far end PE to identify the SDP So PE1 (R5) will have 3
SDPs numbered 6 7 and 8 to each of the other three PEs
XXXgtconf i gure servi ce sdp x mpl s cr eat e crarr
XXXgtconf i ggtser vi cegtsdp$ f ar - end xxxxxxxxxxxx crarr
XXXgtconf i ggtser vi cegtsdp$ l dp crarr
XXXgtconf i ggtser vi cegtsdp$ no shut down crarr
Where x is the router number of the destination node
Where xxxxxxxxxxxx is the system IP address of the far-end device
Part 3 Customer Edge Router Configuration (CE1-CE4)
In the following service labs the Customer Edge devices will be configured as traditional
routers Each CE router has an interface in the same IP subnet The VPLS service will join these four routers in the same way an Ethernet switch would join them Thefollowing configuration is required on each CE device
1) Create the router interface on the interface connecting the CE to the service enabled
PE devices
XXXgtconf i gure r out er i nt er f ace ser vi cesCE_ crarr
XXXgtconf i ggtr out ergti f $ addr ess 192 168 1 x 24 crarr
XXXgtconf i ggtr out ergti f $ por t X Y Z crarr XXXgtconf i ggtr outergti f $ no shutdown
Where x is the local router number
Where XYZ is the physical network port connecting the CE to the neighboring
PE
2) Create OSPF area 0 and add the Router Interface created in step 1 and the system
interface to it
XXXgtconf i gur e rout er ospf area 0 crarr
XXXgtconf i ggtr out ergtospf gtarea$ i nter f ace syst emcrarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
XXXgtconf i ggtr out ergtospf gtarea i nter f ace servi ceCE1 crarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
Part 4 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3652
36
1) LDP is the protocol used for signaling which tunnel labels will be PUSHed
SWAPped POPped while data traverses the LSP To view which labels will be used
and their function use the following command
XXX show r out er l dp bi ndi ngs act i ve crarr
a How many PUSH actions on the P PE and CE devices
_______________________ Explain _______________________________________________________________
_______________________________________________________________
__________
b How many SWAP actions on the P PE and CE devices
_______________________ Explain
_______________________________________________________________
_______________________________________________________________
__________
c How many POP actions on the P PE and CE devices
_________________________ Explain
_______________________________________________________________ _______________________________________________________________
__________
2) CE Connectivity
a How many OSPF adjacencies are there on your CE device _____
b Ping the other CE devices in the network (ping 1921681x)
Explain the results ________________________________________________________________________ ________________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3752
Section 62 VPLS Example
Objective
A VPLS is a layer 2 service that can connect multiple sites in one LAN Itrsquos like creatinga virtual Switch out of a network of Service Routers In this lab we will create a VPLSacross all the PE nodes The PE devices will connect to each other with a full mesh using
mesh-sdp Note that after the service reference topology has been configured adding
services from edge to edge does not require any further modification of the P devices
37
Figure 6 VPLS service in each ISP between PE and P routers with SAP connections to CE routers
Part 1 Provider Edge Router Configuration (R5-R8)
1) Create the VPLS service
CE4R12
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
CE3R11
VPLS 1
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3852
38
XXXgtconf i gur e servi ce vpl s 1 cust omer 1 cr eat e crarr
XXXgtconf i ggtser vi cegtvpl s$ no shut down crarr
2) SDPs are used to distribute services across multiple service routers and therefore
bind a transport tunnel to the service You will need to create a mesh-sdp between
each PE router (R5-R8) to allow full communication across the PE routers Each PE
router should have 3 mesh-SDPs at the conclusion of this step Note that a mesh-sdp
will not forward a frame out another mesh-sdp allowing for a loop free service
topology within the core
XXXgtconf i gur e ser vi ce vpl s 1 mesh- sdp x create crarr
XXXgtconf i ggtser vi cegtvpl sgtmesh- sdp$ back crarr
Where x is the sdp to the other PE routers (R5=5 R6=6 R7=7 R8=8)
3) Service Access Points are used to attach CE devices to services on PE devices
XXXgtconf i gur e servi ce vpl s 1 sap X Y Z cr eat e crarr
Where XYZ is the physical port connecting the CE device to the PE
a Were you successful at adding the SAP _______
b Explain
_______________________________________________________________
_______________________________________________________________
c Correct the problem
XXXgtconf i gur e port X Y Z shut down crarr
XXXgtconf i gur e por t X Y Z et her net mode access crarr
XXXgtconf i gur e por t X Y X no shut down crarr
Part2 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
a View the in-use Service LDP bindings on the P and PE routers (U after label
indicates in-use)
XXX show r out er l dp bi ndi ngs f ec- t ype ser vi ces crarr
a How many Ingress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3952
39
b How many Egress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
b Network Connectivity
a How many OSPF adjacencies are there on your CE device _____
b
Are you able to ping the other CE devices in the lab _____c Are you able to ping the system IP address of the P device from the CE
device ____
d Explain the results
_______________________________________________________________
_______________________________________________________________
c Services Use the following command to determine the health of your services
XXXgt show ser vi ce servi ce- usi ng crarr
a How many services are there on each device in your POD ______
b
What is their status ______c Use the following command to find out more information about your service
XXXgt show ser vi ce i d 1 base crarr
d On each PE device we can see the MAC database per service using the
following command
XXXgt show ser vi ce i d 1 f db det ai l crarr
i How many local MAC addresses are in your table ____
ii How many remote MAC addresses are in your table ____
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
XXXgtconf i gur e servi ce sdp x shutdown crarr
Where x is the SDP to the remote PE device (R5=5 R6=6 R7=7 R8=8)
i How many OSPF adjacencies are there on your CE device _____
ii Ping the system IP addresses of all other CE devices in the lab
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4052
40
iii Explain the results
_________________________________________________________
_________________________________________________________
f On the P routers observe the impact of step d
XXXgtshow r out er l dp bi ndi ngs act i ve crarr
i
How many labels are there _____________
ii Is there any difference compared to what was seen in previously in
step a ________________
Explain __________________________________________________________________
__________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4152
41
Solutions
Exercise 13 Hardware
Sample Relevant Config--------------------------------------------------
echo Card Configuration--------------------------------------------------
card 1card-type iom-20g
mda 1
mda-type m60-10100eth-tx
ingress
mcast-path-managementshutdown
exit
exit
exit
exit
--------------------------------------------------
Exercise 14 Logs
Sample Relevant Config--------------------------------------------------echo Log Configuration
--------------------------------------------------
log
log-id 21
description Main stream log
from main
to memoryexit
log-id 22
description Security Log File
from security
to memoryexitlog-id 23
description Debug-trace
from debug-trace
to memoryexit
log-id 24
description Change Log
from change
to memoryexit
exit
Exercise 21
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4252
42
Divide up the ISP address space into equal space 512 host addresses
13812016022
13812020022
13812024022
13812028022 - divide into 13812028023 and 13812030023
Take the last 13812030023 and divide that into
13812030027 A1 30 hosts
138120303227 A2 62 hosts
138120306427
138120309627 B1 92 hosts
1381203012826
1381203019226 B2 316 hosts
13812031024
Exercise 22
Divide 140100024 into 827 address spaces
140100027 Reserved Reserved
1401003227 Unused
1401006427 Unused
1401009627 Split 1401009630
14010010030
14010010430
14010010830
14010011230
14010011630
14010012030
14010012430
All interface addresses
14010012827 Aggregate 14010012826 Assigned to Customer
space
14010016027
14010019227 Aggregate 14010019226 Assigned to customer
space
14010022427
Exercise 23
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4352
43
5 Is there a difference between the outputs of the lsquoshow router interfacersquo command
and the lsquoshow router route-tablersquo command What is the difference
Yes there is a difference The route table shows me the networks that are connected to myrouter and the logical interface it is connected to The router interface command shows
me the host address assigned to the port from the network that is used on my router along
with the physical port it is bound to
Relevant Configuration from P1
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
router
interface system
address 140100132
exit
interface t-R2exit
interface to-R2
address 140100530
port 112exit
interface to-R3
address 14010010930
port 113
exitinterface to-R5
address 14010011830
port 111
exit
exit
Exercise 244 How many ARP entries are on each router at this point
There are no ARP entries in my ARP table at this point The routers do not know how to
reach the system addresses of other routers so no ARP responses are received
5 How many ARP entries are on each router at this point
I see entries for each of my directly connected peers The MAC address belongs to the
remote routerrsquos interface ARP entries are populated because all routers know of theirdirectly connected networks and will respond to ARP requests accordingly
Exercise 31
5 View the contents of the routing table and answer the following questions
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4452
44
a How many routes in the table
There are routes for all my connected networks and an additional STATIC routefor each entry I put in
b What is the preference and metric value of each type of routing entry
The LOCAL entries have a Metric and Preference of 0The Static Routes have a Metric of 1 and a Preference of 5
Exercise 323 How many routes are there in the PPE routerrsquos routing table
Even though I entered 4 static routes total on the router only 2 are active in myrouting table The router preferred the static-route with the lowest metric
4 Which devices were reachable
I was able to ping the CE routers
Which devices were not reachable
I was unable to ping the System addresses of routers 2 hops away as they do not have
routes to the remote CE system address in their table The directly attached PE routerhas a staticroute to the local CE system address from a previous step
What is the PATH to the other CE within your local ISP
CE PE PE CE
5
Shut down the link directly between the PE devices
Which Devices are still reachable
I am still able to PING the other CE in my ISP by using the alternate (floating) static-route that replaced the last route Once a interface goes operationally down routers
flush routes from their routing table that use it as their next-hop
Exercise 33
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4552
45
YES While the filter is created it is not applied to any interface yet
11 From the PE ping the attached CErsquos configured host loopback address
SuccessfulYES
12 From the CE ping the attached PErsquos system IP addresses
Successful NO The filter is blocking icmp echo-requests in only one direction therefore ping
works one way but not the other
17 From the PE ping the attached CErsquos loopback host IP address
Successful
YES ICMP echo-requests are not blocked to the Loopback segment ONLY thesystem IP
18 From the CE ping the attached PErsquos system IP address
Successful
NO The filter is now blocking ICMP echo-requests to both CE and PE systemaddresses
Sample PE Relevant Config
--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forwarddescription Block ICMP to System Address
entry 10 create
match protocol icmpdst-ip 1511003032
icmp-type echo-request
exit
action drop
exit
exitexit
--------------------------------------------------
echo Router (Network Side) Configuration
--------------------------------------------------
interface to-R12
address 15110012630 port 112
ingress filter ip 77
exit
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4652
46
Sample CE Relevant Config--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forward
description Block ICMP to System Addy
entry 10 creatematch protocol icmp
dst-ip 1511003132
icmp-type echo-request
exit
action dropexit
exit
exit
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
interface to-R8
address 15110012530
port 112ingress filter ip 77
exit
Exercise 413
c How many routes in the table
There are 5 OSPF routes in my routing table 3 System Addresses and 2 Intefacenetworks that are not directly connected to my local system
d What is the preference and metric value of each OSPF Route
The OSPF routes vary in metric depending how ldquofarrdquo away they are (OSPF usescumulative cost based on bandwidth) but all have a preference of 10
4c How many neighbors do you see on the P devices 2
PE 2
CE 0
d What is the state of their adjacency
The P and PE adjacencies are Established because there is a OSPF speaker on the
other end with the proper parameters configured
There is no OSPF adjacency to the CE router listed as none was configured
e What type of LSAs are in the database
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4752
47
Only Type 1 Router LSA are present due to the interface being configured as point-
to-point
5 Which devices were reachable
All the devices in the local ISP were now reachable
Which devices were not reachable
The devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs Also none of the CE Host Networks were reachable as therouters did not have routes for these networks in their local routing table
6 Which devices were reachable
All networks and devices in the local ISP are now reachable
Which devices were not reachable
Devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs
Sample Relevant Config
--------------------------------------------------
echo OSPFv2 Configuration
--------------------------------------------------
ospf
area 0000interface system
interface-type point-to-point
exit
interface to-R4interface-type point-to-point
exitinterface toLAN
interface-type point-to-point
exitexit
exit
exit
Exercise 515 How many routes are advertised to each neighbor
There are no routes advertised to the neighbors because BGP does not originateroutes until an export policy is created and applied to the BGP instance
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4852
48
8 How many routes are in the routing table of R1-R4
There is 1 BGP route in each of R1-R4s routing tables matching the best path tothe aggregate advertised by the remote ISPs
9 Which devices were reachable
From the PE routers only the P routers in the local ISP were reachable
Which devices were not reachable
All routers in the remote ISP were still unreachable This is due to the local PE router
not participating in the BGP routing protocol and therefore it is not aware of theaggregate route advertised from P to P router
Sample Relevant Router Config
--------------------------------------------------
echo Static Route Configuration
--------------------------------------------------
static-route 140100024 black-hole--------------------------------------------------
echo Policy Configuration
-------------------------------------------------- policy-options
begin
policy-statement Export_Routes
entry 10
from protocol static
exit
action accept
exit
exit
exit
commitexit
--------------------------------------------------
echo BGP Configuration
--------------------------------------------------
bgpgroup eBGP
export Export_Routes
exit
group ebgpneighbor 1601006
peer-as 65002
exit
exitgroup ibgp
neighbor 1401002
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4952
49
peer-as 65001
exit
exit
exit
exit
Exercise 61Part 4 Verification
1 a How many PUSH actions on the P PE and CE devices
There are 7 PUSH operations on each P and PE device There are no PUSHoperations on the CE as it is not running LDP
b How many SWAP actions on the P PE and CE devices
There are 7 SWAP operations on each P and PE device There are no SWAP
operations on the CE as it is not running LDP
c How many POP actions on the P PE and CE devices
There is 1 POP operation on each P and PE device There are no POP operationson the CE device as it is not running LDP
2
a How many OSPF adjacencies are there on your CE device
None
b Ping the other CE devices in the network (ping 1921681x)
Nothing is reachable because there is no layer 2 connectivity from CE to CE
device without creating a service
Exercise 62 3 Were you successful at adding the SAP
No The port must be in access mode before you can create a SAP on it
Part 2 Verification
1
g How many Ingress labels
There are now 3 Ingress labels on the PE devices The P and CE device has no
service labels
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5052
50
h How many SWAP actions
There are now 3 Egress labels on the PE devices The P and CE device has noservice labels
2
a
How many OSPF adjacencies are there on your CE device3
b Are you able to ping the other CE devices in the lab
YES
c Are you able to ping the system IP address of the P device from the CE
device
NO The O and PE devices are private from the service to which the CEdevices are connected on
3
a How many services are there on each device in your POD
1 per PE only
b What is their status
Operationally UP
d On each PE device we can see the MAC database per service using the
following command
iii How many local MAC addresses are in your table
1
iv How many remote MAC addresses are in your table
3
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
i How many OSPF adjacencies are there on your CE device
1
ii Ping the system IP addresses of all other CE devices in the lab
Only the CE device connected to the diagonally connected PE isreachable because it is the only one with an active SDP in both
directionsf
i How many labels are there
Same as before
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5152
51
ii Is there any difference compared to what was seen in previously
in step a
NO The LSPs created with LDP are still active only the SDP usedto bind the LSPs to the service are shut down therefore no labelswill be withdrawn
Sample PE Relevant Configuration
--------------------------------------------------echo LDP Configuration
--------------------------------------------------
ldpinterface-parameters
interface to-R1
exit
interface to-R6
exit
interface to-R5exit
exit
targeted-session
exit
exitexit
--------------------------------------------------
echo Service Configuration
--------------------------------------------------
service
customer 1 createdescription Default customer
exit
sdp 6 mpls createfar-end 1401006
ldp
keep-alive
shutdown
exit
no shutdown
exitsdp 7 mpls create
far-end 1511001
ldp
keep-alive
shutdownexit
no shutdown
exit
sdp 8 mpls create
far-end 15110030
ldpkeep-alive
shutdown
exit
no shutdown
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5252
52
exit
vpls 612 customer 1 create
stp
shutdown
exitsap 112 create
exit
mesh-sdp 6612 create
mesh-sdp 7612 create
mesh-sdp 8612 createexitno shutdown
exit
exit A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1752
17
XXXgtconf i ggtr out ergti f $ address xxxxxxxxxxxxyy crarr XXXgtconf i ggtr out ergti f $ loopback
XXXgtconf i ggtr out ergti f $ exitcrarr
4 Continue until all the interfaces have been assigned an IP address and the interface
has been associated to the correct port Once completed use the show command tosee the status of the router interfaces that have just been created The administrative
and operational status should both be up If an interface shows operationally downthis could be indicative of a physical problem Use the info command to view theconfiguration of the router interfaces to ensure that they have all (with the exception
of the System interface) been associated with a port
XXXgtshow router interface crarr
XXXgtconf i ggtroutercrarr
XXXgtconf i ggtr outer info crarr
5 Using the show command check the route tables of all the CE PE and P routers inyour ISP Notice the routes that now appear in the route table and take note of their
protocol type The PE routers should see 4 routes in the route table while the Prouters should see 4 routes in the route table
XXXgtshow router route-table crarr
Is there a difference between the outputs of the lsquoshow router interfacersquo command andthe lsquoshow router route-tablersquo command What is the difference
__________
6 Using the ping command check connectivity from a router to the distant end of each
of its interfaces to the neighboring routers For example on the PE routers check theconnectivity to the distant end of the interface connecting it to the P router and on theCE router check the connectivity to the PE router
XXXgt ping xxxxxxxxxxxx crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1852
18
Section 24 ndash Testing for ICMP and ARP
Internet control messaging protocol is an IP protocol used to report on errors deliveringan IP datagram When a destination address is unreachable the router that cannot find the
destination sends an ICMP destination unreachable to the source of the IP datagram ARPis a mechanism used to find out the MAC address corresponding to a specific IP address
if one does not exist in the sourcersquos ARP cache
1 To verify ICMP messages are being generated turn on debug for ICMP packets on allcore routers To turn debug icmp on
XXXgt debug router ip icmp
2 From the edge devices attempt to ping the IP address of the far-end interface to your
core router using your edgersquos system interface address as the source address Observethe debug ICMP messages on the core routers
3 To verify ARP operation by the router turn on debug IP ARP on the routers in any
ISP (P1-P2 P3-P4 PE1 and PE2 PE3 and PE4) routers Execute the followingcommand on each of the routers
XXXgt debug router ip no icmp
XXXgt debug router ip arp
XXXgt clear router arp all
XXXgt show router arp (This should be empty now)
4 NOTE Wait until all students are at this point before proceeding
From any PE router attempt to ping the system interface IP address of all the other
directly connected routers Observe the debug ARP message Verify the ARP entryfor the neighboring interface has been added
XXXgt show router arp
How many ARP entries are on each router at this point __________
5 From any P router attempt to ping the network interface IP address of all the otherconnected routers Observe the debug ARP message Verify the ARP entry for theneighboring interface has been added
XXXgt show router arp
How many ARP entries are on each router at this point __________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1952
19
Explain ________________________________________________________________________
________________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2052
Lab 3 Dynamic IP Routing
Section 31 ndash Static Routes
Objective
In this exercise the student will configure a static route from the PE to the P router andfrom the P router to the PE router that will allow both routers to ping the system interface
of each other At this point the operator can only ping the interfaces that are directlyconnected to the router This is because those are the only networks that are known bythe router Should the operator at the PE router attempt to ping the system interface of
the P router it will fail as the PE router has no route to the destination (it is not shown inthe route-table)
1 The first step is to define the network that the operator wishes to reach In this case itwill be the address of the system interface of the distant router Once that is defined
then the router must be informed of which interface to send the information out of toreach the distant network Note when defining the ldquonext-hoprdquo interface informationthe IP address used is the distant IP address of the interface not the local IP address of
the router interface Log in to the PE router and configure a static route using thefollowing command structure The first IP address defined is the destination network
plus mask In this case it is the system interface of the P router The second IPaddress defined is the IP address of the P end of the interface that connects the P tothe PE
XXXgtconfigure router static-route xxxxxxxxyy next-hopxxxxxxxx
2 The next step is to log on to the P routers and configure a static route to the systeminterface of the PE router The command structure is the same as above The onlything that will change is the IP addresses
3
Once completed verify connectivity between the P and PE routers in your pod by pinging the system interface of the other router
XXXgt ping xxxxxxxxxxxx crarr
4 View the contents of the routing table and answer the following questions
XXXgtshow r out er r out e- t abl e crarr
a How many routes in the table ________
b What is the preference and metric value of each type of routing entry
________________________________________________________________________
________________________________________________________________________
___________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2152
Section 32 ndash Default Routes and Router Logicction 32 ndash Default Routes and Router Logic
ObjectiveObjective
In this exercise the student will configure a default route on the Customer Edge CE
router The purpose of this default route is to allow IP connectivity from the CE router tothe rest of the routers in the network This is possible due to the fact that the CE router
has only one interface towards the ISP core Therefore if the destination is not local itmust be out that interface
In this exercise the student will configure a default route on the Customer Edge CE
router The purpose of this default route is to allow IP connectivity from the CE router tothe rest of the routers in the network This is possible due to the fact that the CE router
has only one interface towards the ISP core Therefore if the destination is not local itmust be out that interface
Figure 3 Static routes CE to PE and P PE to CEFigure 3 Static routes CE to PE and P PE to CE
21
CE4R12CE4R12
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
Static Route T e 2
Static Route T e 3
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2252
22
For this exercise the CE devices will configure default routes towards theirconnected PE router Each P and PE router will configure static routes for the CE
networks (the aggregate networks that were created as part of the subnetwork exercisein Section 22) connected to their local ISP For example P1 and PE1 will eachconfigure a static route to CE1 networks and another static route to the CE2 networks
Note that each P and PE router will configure 2 static routes for each CE
1 To configure a default route is to configure a static route The only difference is thedestination network and mask information In a default route the wild card network
and mask is used to match all network prefix values that do not match anything elsein the route-table Use the following configuration on the edge router of your pod
For the next hop use the interface as defined on the previous page
XXXgtconfigure router static-route 00000 next-hop xxxxxxxx crarr
2 Log on to the core (P and PE) routers and configure static routes for each CE
customer network address of the CE routers in your local ISP For each networkthere are 2 paths through your ISP For this exercise you will enter both static routes
into each PPE router The difference will be the metric value that is used The valueof the metric is the total number of routers (including the local router) traversed toreach the destination device
XXXgtconfigure router static-route xxxxxxxxyy next-hop
xxxxxxxx met r i c zcrarr
3 Use the show command to verify the existence of the default and static routes
XXXgtshow router route-table crarr
How many routes are there in the PPE routerrsquos routing table _______
Explain
_____________________________________________________________________ _____________________________________________________________________
4 Once everyone has completed the default route configuration log on to the CE router
and ping and traceroute the various system interfaces of the various routers within thenetwork Log into the P and PE router and try to ping the configured host address on both the CE routers in the ISP
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________
Which devices were not reachable ______________________________
XXXgttraceroute xxxxxxxxxxxx crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2352
23
What path is being taken to the other CE within your local ISP ____________________________________________________________________
5 Shut down the link directly between the PE devices
XXXgtconfigure port XYZ shutdown crarr
Which devices are still reachable _______________________________
Explain _____________________________________________________________________
_____________________________________________________________________A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2452
24
Section 33 ndash IP Filters
Objective
In this exercise the student will configure an IP filter on the routers to block ICMP echo-
request access to an IP address range
To configure an IP filter we must first determine the address and protocol types that we
will be allowing access to and the direction where the filter will be applied In this casewe will be blocking access to any of the CE customer host addresses from the protocol
ICMP (IP Protocol type 1) We will block access in the INGRESS direction on the CEinterface towards the PE
CE Routers Only
6 Create and describe the filter ip instance on the CE device
XXXgt configure filter ip-filter 77 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er $ description ldquoBlock ICMP to Customernetworkrdquo
7 Set the default-action to forward
XXXgtconf i ggtf i l t er gti p- f i l t er $ default-action forward crarr
8 Deny access to all host address range only for ICMP echo-requests Note We will
match in the ingress direction
XXXgtconf i ggtf i l t er gti p- f i l t er $ entry 10 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match dst-ip xxxxxxxxyy crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match protocol 1 icmp-type echo-
request crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ action drop crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ exit all crarr
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful _____Explain _____________________________________________________________________
_____________________________________________________________________
10 Apply the filter on the CE to the router interface connected to the PE device
XXXgt configure router interface toPEx crarr
XXX gtconf i ggtr out ergti f $ ingress filter ip 77 crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2552
25
11 From the PE ping the attached CErsquos configured host loopback address Successful _____
12 From the CE ping the attached PErsquos system IP addresses Successful _____Explain
_____________________________________________________________________
_____________________________________________________________________
PE Routers only Do not start until CE Router section is completed
13 Create and describe the filter ip instance on the PE device
XXXgt configure filter ip-filter 77 create crarr XXXgtconf i ggtf i l t er gti p- f i l t er $ description ldquoBlock ICMP to System
Addressrdquo
14 Set the default-action to forward
XXXgtconf i ggtf i l t er gti p- f i l t er $ default-action forward crarr
15 Deny access to the system IP address only for ICMP echo-requests Note We willmatch in the ingress direction so the packets will destined to the system IP address
XXXgtconf i ggtf i l t er gti p- f i l t er $ entry 10 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match dst-ip xxxxxxxxyy crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match protocol 1 icmp-type echo-
request crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ action drop crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ exit all crarr
16 Apply the filter to the router interface connected to the CE device
XXXgtconfigure router interface toCExcrarr
XXXgtingress filter ip 77 crarr
17 From the PE ping the attached CErsquos loopback host IP address Successful _____
18 From the CE ping the attached PErsquos system IP address Successful _____Explain
_____________________________________________________________________ _____________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2652
Lab 4 Open Shortest Path First (OSPF)
Section 41 ndash Single Area OSPF
Objective
In this exercise the student will configure a single area OSPF network for each ISP Thislab will demonstrate the different databases that are created by the OSPF routing
protocol
CE4R12
26
Figure 4 OSPF in each ISP
NOTE Remove all static routes configured in the P and PE devices in the previous
labs DO NOT remove the static routes to CE networks on the PE
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
OSPF
OSPF
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2752
27
1 The first step is to enable the OSPF routing process on the router
XXX configure router ospf crarr
2 Next define the area that the interfaces will be placed in Remember that the areamust match between routers connected on the same interface for OSPF to establish an
adjacency The objective of this exercise is to configure a single area OSPF network
therefore all students should use the same area number
XXXgtconf i ggtr outergtospf $ area 0 crarr
3 Now enter into this area all the interfaces that you want OSPF to operate on and sendout its advertisements In this case place all the PE and P router interfaces inside thelocal ISP into the OSPF process area 0 Note that ISPs rarely exchange routes witheach other using an IGP protocol of any sort
XXXgtconf i ggtr out er gtospf gtar ea$ interface system crarr
XXXgtconf i ggtr outergtospf gtar eagti f $ exit crarr XXXgtconf i ggtr outergtospf gtar eagt interface toPE1
XXXgtconf i ggtr out ergtospf gtareagti f $ interface-type point-to-point crarr
Continue until all the interfaces on the PE and P routers within the ISP are enteredinto the OSPF process in area 0
XXXgtshow r out er r out e- t abl e crarr
a How many routes in the table ________ b
_________________________________________________________________ _________________________________________________________________
_________________________________________________________________ _________________________________________________________________
What is the preference and metric value of each OSPF Route
4 Use the show command to look at the OSPF neighbors of the P routers
XXXgtshow r out er ospf nei ghbor crarr
a How many neighbors do you see on the P devices _____ PE _____ CE _____
b What is the state of their adjacency ____ Why
____________________________________________________________________
____________________________________________________________________
Use the following command to show the ospf link state database This database is alisting of all LSAs that have been received by the router It is these LSAs that the SPFalgorithm uses to create the forwarding table
XXX show router ospf database detail crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2852
28
a What types of LSAs are in the database _______________________________________________________________
_______________________________________________________________ b Is the database consistent on all the ISP routers _______
5 Once everyone has completed the OSPF configuration login to the P router and ping
the other PE router system interfaces
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________Which devices were not reachable ______________________________
Explain _____________________________________________________________________ ___________________________________________________________________
6 To reach the CE networks from any of the PE and P routers the CE networks need to
be distributed into OSPF running on PE and P routers The static routes to the CEnetworks are defined on the PE routers and need to be distributed on the PE routers
To do this
a
the PE router must be configured as an ASBR (Autonomous System Border
Router) The ASBR configuration under OSPF enables a router running the OSPFrouting protocol to distribute networks external to the OSPF domain into OSPFIn this case the static routes to the CE networks are not part of the ISP OSPF
domainOn the PE routerXXXgtconf i ggtr out er gtospf gtar ea 0 asbrcrarr
b A routing policy on the PE distributes the static routes into OSPF
On the PE routerXXX configure router policy-options crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons begin crarr XXXgtconf i ggtr out ergtpol i cy- opt i ons policy-statement Export_Routes crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement $ entry 10 crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y$
from protocol static crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y
action accept crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r ygtact i on
back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons commit crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons exit all crarr XXXgtconf i ggtr outergtospf export Export_Routes
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2952
29
7 From the PE and the P routers ping all the CE networks (ie ping the CE hostloopback address) within the ISP
Which devices were reachable _______________________________
Which devices were not reachable ______________________________Explain
_____________________________________________________________________
___________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3052
Lab 5 BGP Routing
Section 51 ndash BGP Routing
Objective
In this exercise the student will configure their ISP as a BGP Autonomous System The
student will then configure the BGP routing protocol to connect the Autonomous Systemstogether and exchange routing information
CE4R12
Figure 5 BGP between ISPs and within ISPs
30
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
OSPF
OSPF
BGP
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3152
31
1 Assign your AS number to your P and PE routers (R1-R8)
XXXgtconf i ggtr out er autonomous-system 6500n (n = ISP) crarr
2 P1 and P3 P2 and P4 will be configured as external BGP peers (eBGP) Note thateBGP peers typically use the next-hop interface IP address as the neighbor address
Since the ISPs will now be peering (share an IP network) between them assign the
link between P1 and P3 host addresses from 145001031 and the link between P2and P4 will be assigned hosts from the 145002031 network
XXXgtconf i ggtr out er bgp gr oup eBGP crarr
XXXgtconf i ggtr out er gtbgpgtgroup$ nei ghbor xxxxxxxx crarr
XXXgtconf i ggtr outergtbgpgtgroupgtnei ghbor$ peer - as ltremote ASgt crarr
3 P1 and P2 P3 and P4 will be configured as internal BGP peers (iBGP) Note that
iBGP peers typically use the system interface IP address as the neighbor address
XXXgtconf i ggtr out er bgp group i BGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ nei ghbor xx xx xx xx crarr
XXXgtconf i ggtr outergtbgpgtgroupgtnei ghbor$ peer - as ltl ocal ASgt crarr
4
At this point each P router should have one internal and one external BGP session
xxx show r out er bgp summar y crarr
5
We can see the advertised routes for reach neighbor using the following command
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
a How many routes are advertised to each neighbor _____ b Explain
____________________________________________________________ __________________________________________________________
6
BGP like other distance vector protocols requires an export policy to advertise-routes to other BGP peers The most accepted way to originate a route from an ISP isto create a black-hole static route for all aggregates to be advertised This will ensure
these routes always exit to eliminate IGP related route flapping Create the black-holestatic route for the aggregate of your local ISP A black hole indicates that traffic fora particular route will be discarded unless a more specific route exists in the routing
table A black hole static-route only makes sense from an aggregation view point Foreg if there are the following routes in the routing table
XXX configure router static-route xxxxxxxxyy black-hole
preference 250
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3252
32
8 Execute the following set of commands on the core routers (R1-R4) This will exportall static routes to the eBGP peers
XXX configure router policy-options crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons begin crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons policy-statement Export_Routes crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement $ entry 10 crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y$
from protocol static crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y
action accept crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r ygtact i on
back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons commit crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons exit all crarr
XXXconf i gur e router bgp group eBGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ expor t Expor t _Routes crarr
NOTE Wait for all nodes to be fully configured before proceeding
7
Notice that there are routes being advertised now that the policy is applied
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
How many routes are in the routing table of R1-R4 ________________Explain
_____________________________________________________________________ ___________________________________________________________________
9 Log on to the PE routers and ping the other P router system interfaces of the other ISP
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________Which devices were not reachable ______________________________
Explain _____________________________________________________________________
___________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3352
Lab 6 Services
Section 61 Services Framework
Objective
In order to complete the next group of labs we need to create a topology to support the
services we will deploy The two service providers from the previous sections havemerged into one and are offering a VPLS service across their network As long as routesexist to the system addresses of all the PE devices in the provider network a VPLSservice can be created The new service provider is running OSPF as the IGP for their
core network
33
Figure 6 Service Provider core network
CE4R12
P1R1 P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
OSPF
CE3R11
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3452
34
Running an IPMPLS-based service requires a Label Distribution Protocol (wersquoll useLDP for ease of deployment) and a full mesh of Service Distribution Paths (SDPs)
Follow the steps below
Reference Terminology
R1-R4 = Provider Routers = P1-P4
R5-R8 = Provider Edge Routers = PE1-PE4R9-R12 = Customer Edge Routers = CE1-CE4
Part 1 Provider Router Configuration (P1-P4)
1) In the previous lab routing between ISPs is provided by BGP Since the ISPs have
merged they will be merged into one routing domain running OSPF as their IGP
The interfaces between R1 and R3 and between R2 and R4 must be added to OSPF to
make this a single routing domain
2) The MPLS signaling protocol that will be used in the following section is LDP LDP
must be enabled on ALL interfaces that will be required to perform MPLS Label
exchange
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr
XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toP_ is the router interface to all neighboring routers
Part 2 Provider Edge Router Configuration (PE1-PE4)
1) LDP must be enabled on ALL router interfaces in the provider core to allow labels to
be exchanged across the Provider and Provider Edge routers
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toR_ is the router interface to the P and PE routers only
LDP is an MPLS signaling protocol therefore once all routers in the network have been
correctly configured for LDP LSPs will be created dynamically based on the systemaddresses of each node in the network
3) Configure a full mesh of SDPs (Service Distribution Paths) between the PE routers
only This will allow the distribution of services across all PE routers in the networks
When yoursquove completed this section each PE node will have a total of 3 SDPs to
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3552
35
each of the other 3 PEs The SDP is identified by an integer and we will use the router
number (5 6 7 or 8) of the far end PE to identify the SDP So PE1 (R5) will have 3
SDPs numbered 6 7 and 8 to each of the other three PEs
XXXgtconf i gure servi ce sdp x mpl s cr eat e crarr
XXXgtconf i ggtser vi cegtsdp$ f ar - end xxxxxxxxxxxx crarr
XXXgtconf i ggtser vi cegtsdp$ l dp crarr
XXXgtconf i ggtser vi cegtsdp$ no shut down crarr
Where x is the router number of the destination node
Where xxxxxxxxxxxx is the system IP address of the far-end device
Part 3 Customer Edge Router Configuration (CE1-CE4)
In the following service labs the Customer Edge devices will be configured as traditional
routers Each CE router has an interface in the same IP subnet The VPLS service will join these four routers in the same way an Ethernet switch would join them Thefollowing configuration is required on each CE device
1) Create the router interface on the interface connecting the CE to the service enabled
PE devices
XXXgtconf i gure r out er i nt er f ace ser vi cesCE_ crarr
XXXgtconf i ggtr out ergti f $ addr ess 192 168 1 x 24 crarr
XXXgtconf i ggtr out ergti f $ por t X Y Z crarr XXXgtconf i ggtr outergti f $ no shutdown
Where x is the local router number
Where XYZ is the physical network port connecting the CE to the neighboring
PE
2) Create OSPF area 0 and add the Router Interface created in step 1 and the system
interface to it
XXXgtconf i gur e rout er ospf area 0 crarr
XXXgtconf i ggtr out ergtospf gtarea$ i nter f ace syst emcrarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
XXXgtconf i ggtr out ergtospf gtarea i nter f ace servi ceCE1 crarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
Part 4 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3652
36
1) LDP is the protocol used for signaling which tunnel labels will be PUSHed
SWAPped POPped while data traverses the LSP To view which labels will be used
and their function use the following command
XXX show r out er l dp bi ndi ngs act i ve crarr
a How many PUSH actions on the P PE and CE devices
_______________________ Explain _______________________________________________________________
_______________________________________________________________
__________
b How many SWAP actions on the P PE and CE devices
_______________________ Explain
_______________________________________________________________
_______________________________________________________________
__________
c How many POP actions on the P PE and CE devices
_________________________ Explain
_______________________________________________________________ _______________________________________________________________
__________
2) CE Connectivity
a How many OSPF adjacencies are there on your CE device _____
b Ping the other CE devices in the network (ping 1921681x)
Explain the results ________________________________________________________________________ ________________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3752
Section 62 VPLS Example
Objective
A VPLS is a layer 2 service that can connect multiple sites in one LAN Itrsquos like creatinga virtual Switch out of a network of Service Routers In this lab we will create a VPLSacross all the PE nodes The PE devices will connect to each other with a full mesh using
mesh-sdp Note that after the service reference topology has been configured adding
services from edge to edge does not require any further modification of the P devices
37
Figure 6 VPLS service in each ISP between PE and P routers with SAP connections to CE routers
Part 1 Provider Edge Router Configuration (R5-R8)
1) Create the VPLS service
CE4R12
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
CE3R11
VPLS 1
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3852
38
XXXgtconf i gur e servi ce vpl s 1 cust omer 1 cr eat e crarr
XXXgtconf i ggtser vi cegtvpl s$ no shut down crarr
2) SDPs are used to distribute services across multiple service routers and therefore
bind a transport tunnel to the service You will need to create a mesh-sdp between
each PE router (R5-R8) to allow full communication across the PE routers Each PE
router should have 3 mesh-SDPs at the conclusion of this step Note that a mesh-sdp
will not forward a frame out another mesh-sdp allowing for a loop free service
topology within the core
XXXgtconf i gur e ser vi ce vpl s 1 mesh- sdp x create crarr
XXXgtconf i ggtser vi cegtvpl sgtmesh- sdp$ back crarr
Where x is the sdp to the other PE routers (R5=5 R6=6 R7=7 R8=8)
3) Service Access Points are used to attach CE devices to services on PE devices
XXXgtconf i gur e servi ce vpl s 1 sap X Y Z cr eat e crarr
Where XYZ is the physical port connecting the CE device to the PE
a Were you successful at adding the SAP _______
b Explain
_______________________________________________________________
_______________________________________________________________
c Correct the problem
XXXgtconf i gur e port X Y Z shut down crarr
XXXgtconf i gur e por t X Y Z et her net mode access crarr
XXXgtconf i gur e por t X Y X no shut down crarr
Part2 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
a View the in-use Service LDP bindings on the P and PE routers (U after label
indicates in-use)
XXX show r out er l dp bi ndi ngs f ec- t ype ser vi ces crarr
a How many Ingress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3952
39
b How many Egress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
b Network Connectivity
a How many OSPF adjacencies are there on your CE device _____
b
Are you able to ping the other CE devices in the lab _____c Are you able to ping the system IP address of the P device from the CE
device ____
d Explain the results
_______________________________________________________________
_______________________________________________________________
c Services Use the following command to determine the health of your services
XXXgt show ser vi ce servi ce- usi ng crarr
a How many services are there on each device in your POD ______
b
What is their status ______c Use the following command to find out more information about your service
XXXgt show ser vi ce i d 1 base crarr
d On each PE device we can see the MAC database per service using the
following command
XXXgt show ser vi ce i d 1 f db det ai l crarr
i How many local MAC addresses are in your table ____
ii How many remote MAC addresses are in your table ____
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
XXXgtconf i gur e servi ce sdp x shutdown crarr
Where x is the SDP to the remote PE device (R5=5 R6=6 R7=7 R8=8)
i How many OSPF adjacencies are there on your CE device _____
ii Ping the system IP addresses of all other CE devices in the lab
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4052
40
iii Explain the results
_________________________________________________________
_________________________________________________________
f On the P routers observe the impact of step d
XXXgtshow r out er l dp bi ndi ngs act i ve crarr
i
How many labels are there _____________
ii Is there any difference compared to what was seen in previously in
step a ________________
Explain __________________________________________________________________
__________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4152
41
Solutions
Exercise 13 Hardware
Sample Relevant Config--------------------------------------------------
echo Card Configuration--------------------------------------------------
card 1card-type iom-20g
mda 1
mda-type m60-10100eth-tx
ingress
mcast-path-managementshutdown
exit
exit
exit
exit
--------------------------------------------------
Exercise 14 Logs
Sample Relevant Config--------------------------------------------------echo Log Configuration
--------------------------------------------------
log
log-id 21
description Main stream log
from main
to memoryexit
log-id 22
description Security Log File
from security
to memoryexitlog-id 23
description Debug-trace
from debug-trace
to memoryexit
log-id 24
description Change Log
from change
to memoryexit
exit
Exercise 21
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4252
42
Divide up the ISP address space into equal space 512 host addresses
13812016022
13812020022
13812024022
13812028022 - divide into 13812028023 and 13812030023
Take the last 13812030023 and divide that into
13812030027 A1 30 hosts
138120303227 A2 62 hosts
138120306427
138120309627 B1 92 hosts
1381203012826
1381203019226 B2 316 hosts
13812031024
Exercise 22
Divide 140100024 into 827 address spaces
140100027 Reserved Reserved
1401003227 Unused
1401006427 Unused
1401009627 Split 1401009630
14010010030
14010010430
14010010830
14010011230
14010011630
14010012030
14010012430
All interface addresses
14010012827 Aggregate 14010012826 Assigned to Customer
space
14010016027
14010019227 Aggregate 14010019226 Assigned to customer
space
14010022427
Exercise 23
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4352
43
5 Is there a difference between the outputs of the lsquoshow router interfacersquo command
and the lsquoshow router route-tablersquo command What is the difference
Yes there is a difference The route table shows me the networks that are connected to myrouter and the logical interface it is connected to The router interface command shows
me the host address assigned to the port from the network that is used on my router along
with the physical port it is bound to
Relevant Configuration from P1
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
router
interface system
address 140100132
exit
interface t-R2exit
interface to-R2
address 140100530
port 112exit
interface to-R3
address 14010010930
port 113
exitinterface to-R5
address 14010011830
port 111
exit
exit
Exercise 244 How many ARP entries are on each router at this point
There are no ARP entries in my ARP table at this point The routers do not know how to
reach the system addresses of other routers so no ARP responses are received
5 How many ARP entries are on each router at this point
I see entries for each of my directly connected peers The MAC address belongs to the
remote routerrsquos interface ARP entries are populated because all routers know of theirdirectly connected networks and will respond to ARP requests accordingly
Exercise 31
5 View the contents of the routing table and answer the following questions
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4452
44
a How many routes in the table
There are routes for all my connected networks and an additional STATIC routefor each entry I put in
b What is the preference and metric value of each type of routing entry
The LOCAL entries have a Metric and Preference of 0The Static Routes have a Metric of 1 and a Preference of 5
Exercise 323 How many routes are there in the PPE routerrsquos routing table
Even though I entered 4 static routes total on the router only 2 are active in myrouting table The router preferred the static-route with the lowest metric
4 Which devices were reachable
I was able to ping the CE routers
Which devices were not reachable
I was unable to ping the System addresses of routers 2 hops away as they do not have
routes to the remote CE system address in their table The directly attached PE routerhas a staticroute to the local CE system address from a previous step
What is the PATH to the other CE within your local ISP
CE PE PE CE
5
Shut down the link directly between the PE devices
Which Devices are still reachable
I am still able to PING the other CE in my ISP by using the alternate (floating) static-route that replaced the last route Once a interface goes operationally down routers
flush routes from their routing table that use it as their next-hop
Exercise 33
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4552
45
YES While the filter is created it is not applied to any interface yet
11 From the PE ping the attached CErsquos configured host loopback address
SuccessfulYES
12 From the CE ping the attached PErsquos system IP addresses
Successful NO The filter is blocking icmp echo-requests in only one direction therefore ping
works one way but not the other
17 From the PE ping the attached CErsquos loopback host IP address
Successful
YES ICMP echo-requests are not blocked to the Loopback segment ONLY thesystem IP
18 From the CE ping the attached PErsquos system IP address
Successful
NO The filter is now blocking ICMP echo-requests to both CE and PE systemaddresses
Sample PE Relevant Config
--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forwarddescription Block ICMP to System Address
entry 10 create
match protocol icmpdst-ip 1511003032
icmp-type echo-request
exit
action drop
exit
exitexit
--------------------------------------------------
echo Router (Network Side) Configuration
--------------------------------------------------
interface to-R12
address 15110012630 port 112
ingress filter ip 77
exit
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4652
46
Sample CE Relevant Config--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forward
description Block ICMP to System Addy
entry 10 creatematch protocol icmp
dst-ip 1511003132
icmp-type echo-request
exit
action dropexit
exit
exit
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
interface to-R8
address 15110012530
port 112ingress filter ip 77
exit
Exercise 413
c How many routes in the table
There are 5 OSPF routes in my routing table 3 System Addresses and 2 Intefacenetworks that are not directly connected to my local system
d What is the preference and metric value of each OSPF Route
The OSPF routes vary in metric depending how ldquofarrdquo away they are (OSPF usescumulative cost based on bandwidth) but all have a preference of 10
4c How many neighbors do you see on the P devices 2
PE 2
CE 0
d What is the state of their adjacency
The P and PE adjacencies are Established because there is a OSPF speaker on the
other end with the proper parameters configured
There is no OSPF adjacency to the CE router listed as none was configured
e What type of LSAs are in the database
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4752
47
Only Type 1 Router LSA are present due to the interface being configured as point-
to-point
5 Which devices were reachable
All the devices in the local ISP were now reachable
Which devices were not reachable
The devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs Also none of the CE Host Networks were reachable as therouters did not have routes for these networks in their local routing table
6 Which devices were reachable
All networks and devices in the local ISP are now reachable
Which devices were not reachable
Devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs
Sample Relevant Config
--------------------------------------------------
echo OSPFv2 Configuration
--------------------------------------------------
ospf
area 0000interface system
interface-type point-to-point
exit
interface to-R4interface-type point-to-point
exitinterface toLAN
interface-type point-to-point
exitexit
exit
exit
Exercise 515 How many routes are advertised to each neighbor
There are no routes advertised to the neighbors because BGP does not originateroutes until an export policy is created and applied to the BGP instance
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4852
48
8 How many routes are in the routing table of R1-R4
There is 1 BGP route in each of R1-R4s routing tables matching the best path tothe aggregate advertised by the remote ISPs
9 Which devices were reachable
From the PE routers only the P routers in the local ISP were reachable
Which devices were not reachable
All routers in the remote ISP were still unreachable This is due to the local PE router
not participating in the BGP routing protocol and therefore it is not aware of theaggregate route advertised from P to P router
Sample Relevant Router Config
--------------------------------------------------
echo Static Route Configuration
--------------------------------------------------
static-route 140100024 black-hole--------------------------------------------------
echo Policy Configuration
-------------------------------------------------- policy-options
begin
policy-statement Export_Routes
entry 10
from protocol static
exit
action accept
exit
exit
exit
commitexit
--------------------------------------------------
echo BGP Configuration
--------------------------------------------------
bgpgroup eBGP
export Export_Routes
exit
group ebgpneighbor 1601006
peer-as 65002
exit
exitgroup ibgp
neighbor 1401002
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4952
49
peer-as 65001
exit
exit
exit
exit
Exercise 61Part 4 Verification
1 a How many PUSH actions on the P PE and CE devices
There are 7 PUSH operations on each P and PE device There are no PUSHoperations on the CE as it is not running LDP
b How many SWAP actions on the P PE and CE devices
There are 7 SWAP operations on each P and PE device There are no SWAP
operations on the CE as it is not running LDP
c How many POP actions on the P PE and CE devices
There is 1 POP operation on each P and PE device There are no POP operationson the CE device as it is not running LDP
2
a How many OSPF adjacencies are there on your CE device
None
b Ping the other CE devices in the network (ping 1921681x)
Nothing is reachable because there is no layer 2 connectivity from CE to CE
device without creating a service
Exercise 62 3 Were you successful at adding the SAP
No The port must be in access mode before you can create a SAP on it
Part 2 Verification
1
g How many Ingress labels
There are now 3 Ingress labels on the PE devices The P and CE device has no
service labels
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5052
50
h How many SWAP actions
There are now 3 Egress labels on the PE devices The P and CE device has noservice labels
2
a
How many OSPF adjacencies are there on your CE device3
b Are you able to ping the other CE devices in the lab
YES
c Are you able to ping the system IP address of the P device from the CE
device
NO The O and PE devices are private from the service to which the CEdevices are connected on
3
a How many services are there on each device in your POD
1 per PE only
b What is their status
Operationally UP
d On each PE device we can see the MAC database per service using the
following command
iii How many local MAC addresses are in your table
1
iv How many remote MAC addresses are in your table
3
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
i How many OSPF adjacencies are there on your CE device
1
ii Ping the system IP addresses of all other CE devices in the lab
Only the CE device connected to the diagonally connected PE isreachable because it is the only one with an active SDP in both
directionsf
i How many labels are there
Same as before
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5152
51
ii Is there any difference compared to what was seen in previously
in step a
NO The LSPs created with LDP are still active only the SDP usedto bind the LSPs to the service are shut down therefore no labelswill be withdrawn
Sample PE Relevant Configuration
--------------------------------------------------echo LDP Configuration
--------------------------------------------------
ldpinterface-parameters
interface to-R1
exit
interface to-R6
exit
interface to-R5exit
exit
targeted-session
exit
exitexit
--------------------------------------------------
echo Service Configuration
--------------------------------------------------
service
customer 1 createdescription Default customer
exit
sdp 6 mpls createfar-end 1401006
ldp
keep-alive
shutdown
exit
no shutdown
exitsdp 7 mpls create
far-end 1511001
ldp
keep-alive
shutdownexit
no shutdown
exit
sdp 8 mpls create
far-end 15110030
ldpkeep-alive
shutdown
exit
no shutdown
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5252
52
exit
vpls 612 customer 1 create
stp
shutdown
exitsap 112 create
exit
mesh-sdp 6612 create
mesh-sdp 7612 create
mesh-sdp 8612 createexitno shutdown
exit
exit A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1852
18
Section 24 ndash Testing for ICMP and ARP
Internet control messaging protocol is an IP protocol used to report on errors deliveringan IP datagram When a destination address is unreachable the router that cannot find the
destination sends an ICMP destination unreachable to the source of the IP datagram ARPis a mechanism used to find out the MAC address corresponding to a specific IP address
if one does not exist in the sourcersquos ARP cache
1 To verify ICMP messages are being generated turn on debug for ICMP packets on allcore routers To turn debug icmp on
XXXgt debug router ip icmp
2 From the edge devices attempt to ping the IP address of the far-end interface to your
core router using your edgersquos system interface address as the source address Observethe debug ICMP messages on the core routers
3 To verify ARP operation by the router turn on debug IP ARP on the routers in any
ISP (P1-P2 P3-P4 PE1 and PE2 PE3 and PE4) routers Execute the followingcommand on each of the routers
XXXgt debug router ip no icmp
XXXgt debug router ip arp
XXXgt clear router arp all
XXXgt show router arp (This should be empty now)
4 NOTE Wait until all students are at this point before proceeding
From any PE router attempt to ping the system interface IP address of all the other
directly connected routers Observe the debug ARP message Verify the ARP entryfor the neighboring interface has been added
XXXgt show router arp
How many ARP entries are on each router at this point __________
5 From any P router attempt to ping the network interface IP address of all the otherconnected routers Observe the debug ARP message Verify the ARP entry for theneighboring interface has been added
XXXgt show router arp
How many ARP entries are on each router at this point __________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1952
19
Explain ________________________________________________________________________
________________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2052
Lab 3 Dynamic IP Routing
Section 31 ndash Static Routes
Objective
In this exercise the student will configure a static route from the PE to the P router andfrom the P router to the PE router that will allow both routers to ping the system interface
of each other At this point the operator can only ping the interfaces that are directlyconnected to the router This is because those are the only networks that are known bythe router Should the operator at the PE router attempt to ping the system interface of
the P router it will fail as the PE router has no route to the destination (it is not shown inthe route-table)
1 The first step is to define the network that the operator wishes to reach In this case itwill be the address of the system interface of the distant router Once that is defined
then the router must be informed of which interface to send the information out of toreach the distant network Note when defining the ldquonext-hoprdquo interface informationthe IP address used is the distant IP address of the interface not the local IP address of
the router interface Log in to the PE router and configure a static route using thefollowing command structure The first IP address defined is the destination network
plus mask In this case it is the system interface of the P router The second IPaddress defined is the IP address of the P end of the interface that connects the P tothe PE
XXXgtconfigure router static-route xxxxxxxxyy next-hopxxxxxxxx
2 The next step is to log on to the P routers and configure a static route to the systeminterface of the PE router The command structure is the same as above The onlything that will change is the IP addresses
3
Once completed verify connectivity between the P and PE routers in your pod by pinging the system interface of the other router
XXXgt ping xxxxxxxxxxxx crarr
4 View the contents of the routing table and answer the following questions
XXXgtshow r out er r out e- t abl e crarr
a How many routes in the table ________
b What is the preference and metric value of each type of routing entry
________________________________________________________________________
________________________________________________________________________
___________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2152
Section 32 ndash Default Routes and Router Logicction 32 ndash Default Routes and Router Logic
ObjectiveObjective
In this exercise the student will configure a default route on the Customer Edge CE
router The purpose of this default route is to allow IP connectivity from the CE router tothe rest of the routers in the network This is possible due to the fact that the CE router
has only one interface towards the ISP core Therefore if the destination is not local itmust be out that interface
In this exercise the student will configure a default route on the Customer Edge CE
router The purpose of this default route is to allow IP connectivity from the CE router tothe rest of the routers in the network This is possible due to the fact that the CE router
has only one interface towards the ISP core Therefore if the destination is not local itmust be out that interface
Figure 3 Static routes CE to PE and P PE to CEFigure 3 Static routes CE to PE and P PE to CE
21
CE4R12CE4R12
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
Static Route T e 2
Static Route T e 3
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2252
22
For this exercise the CE devices will configure default routes towards theirconnected PE router Each P and PE router will configure static routes for the CE
networks (the aggregate networks that were created as part of the subnetwork exercisein Section 22) connected to their local ISP For example P1 and PE1 will eachconfigure a static route to CE1 networks and another static route to the CE2 networks
Note that each P and PE router will configure 2 static routes for each CE
1 To configure a default route is to configure a static route The only difference is thedestination network and mask information In a default route the wild card network
and mask is used to match all network prefix values that do not match anything elsein the route-table Use the following configuration on the edge router of your pod
For the next hop use the interface as defined on the previous page
XXXgtconfigure router static-route 00000 next-hop xxxxxxxx crarr
2 Log on to the core (P and PE) routers and configure static routes for each CE
customer network address of the CE routers in your local ISP For each networkthere are 2 paths through your ISP For this exercise you will enter both static routes
into each PPE router The difference will be the metric value that is used The valueof the metric is the total number of routers (including the local router) traversed toreach the destination device
XXXgtconfigure router static-route xxxxxxxxyy next-hop
xxxxxxxx met r i c zcrarr
3 Use the show command to verify the existence of the default and static routes
XXXgtshow router route-table crarr
How many routes are there in the PPE routerrsquos routing table _______
Explain
_____________________________________________________________________ _____________________________________________________________________
4 Once everyone has completed the default route configuration log on to the CE router
and ping and traceroute the various system interfaces of the various routers within thenetwork Log into the P and PE router and try to ping the configured host address on both the CE routers in the ISP
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________
Which devices were not reachable ______________________________
XXXgttraceroute xxxxxxxxxxxx crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2352
23
What path is being taken to the other CE within your local ISP ____________________________________________________________________
5 Shut down the link directly between the PE devices
XXXgtconfigure port XYZ shutdown crarr
Which devices are still reachable _______________________________
Explain _____________________________________________________________________
_____________________________________________________________________A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2452
24
Section 33 ndash IP Filters
Objective
In this exercise the student will configure an IP filter on the routers to block ICMP echo-
request access to an IP address range
To configure an IP filter we must first determine the address and protocol types that we
will be allowing access to and the direction where the filter will be applied In this casewe will be blocking access to any of the CE customer host addresses from the protocol
ICMP (IP Protocol type 1) We will block access in the INGRESS direction on the CEinterface towards the PE
CE Routers Only
6 Create and describe the filter ip instance on the CE device
XXXgt configure filter ip-filter 77 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er $ description ldquoBlock ICMP to Customernetworkrdquo
7 Set the default-action to forward
XXXgtconf i ggtf i l t er gti p- f i l t er $ default-action forward crarr
8 Deny access to all host address range only for ICMP echo-requests Note We will
match in the ingress direction
XXXgtconf i ggtf i l t er gti p- f i l t er $ entry 10 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match dst-ip xxxxxxxxyy crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match protocol 1 icmp-type echo-
request crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ action drop crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ exit all crarr
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful _____Explain _____________________________________________________________________
_____________________________________________________________________
10 Apply the filter on the CE to the router interface connected to the PE device
XXXgt configure router interface toPEx crarr
XXX gtconf i ggtr out ergti f $ ingress filter ip 77 crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2552
25
11 From the PE ping the attached CErsquos configured host loopback address Successful _____
12 From the CE ping the attached PErsquos system IP addresses Successful _____Explain
_____________________________________________________________________
_____________________________________________________________________
PE Routers only Do not start until CE Router section is completed
13 Create and describe the filter ip instance on the PE device
XXXgt configure filter ip-filter 77 create crarr XXXgtconf i ggtf i l t er gti p- f i l t er $ description ldquoBlock ICMP to System
Addressrdquo
14 Set the default-action to forward
XXXgtconf i ggtf i l t er gti p- f i l t er $ default-action forward crarr
15 Deny access to the system IP address only for ICMP echo-requests Note We willmatch in the ingress direction so the packets will destined to the system IP address
XXXgtconf i ggtf i l t er gti p- f i l t er $ entry 10 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match dst-ip xxxxxxxxyy crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match protocol 1 icmp-type echo-
request crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ action drop crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ exit all crarr
16 Apply the filter to the router interface connected to the CE device
XXXgtconfigure router interface toCExcrarr
XXXgtingress filter ip 77 crarr
17 From the PE ping the attached CErsquos loopback host IP address Successful _____
18 From the CE ping the attached PErsquos system IP address Successful _____Explain
_____________________________________________________________________ _____________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2652
Lab 4 Open Shortest Path First (OSPF)
Section 41 ndash Single Area OSPF
Objective
In this exercise the student will configure a single area OSPF network for each ISP Thislab will demonstrate the different databases that are created by the OSPF routing
protocol
CE4R12
26
Figure 4 OSPF in each ISP
NOTE Remove all static routes configured in the P and PE devices in the previous
labs DO NOT remove the static routes to CE networks on the PE
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
OSPF
OSPF
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2752
27
1 The first step is to enable the OSPF routing process on the router
XXX configure router ospf crarr
2 Next define the area that the interfaces will be placed in Remember that the areamust match between routers connected on the same interface for OSPF to establish an
adjacency The objective of this exercise is to configure a single area OSPF network
therefore all students should use the same area number
XXXgtconf i ggtr outergtospf $ area 0 crarr
3 Now enter into this area all the interfaces that you want OSPF to operate on and sendout its advertisements In this case place all the PE and P router interfaces inside thelocal ISP into the OSPF process area 0 Note that ISPs rarely exchange routes witheach other using an IGP protocol of any sort
XXXgtconf i ggtr out er gtospf gtar ea$ interface system crarr
XXXgtconf i ggtr outergtospf gtar eagti f $ exit crarr XXXgtconf i ggtr outergtospf gtar eagt interface toPE1
XXXgtconf i ggtr out ergtospf gtareagti f $ interface-type point-to-point crarr
Continue until all the interfaces on the PE and P routers within the ISP are enteredinto the OSPF process in area 0
XXXgtshow r out er r out e- t abl e crarr
a How many routes in the table ________ b
_________________________________________________________________ _________________________________________________________________
_________________________________________________________________ _________________________________________________________________
What is the preference and metric value of each OSPF Route
4 Use the show command to look at the OSPF neighbors of the P routers
XXXgtshow r out er ospf nei ghbor crarr
a How many neighbors do you see on the P devices _____ PE _____ CE _____
b What is the state of their adjacency ____ Why
____________________________________________________________________
____________________________________________________________________
Use the following command to show the ospf link state database This database is alisting of all LSAs that have been received by the router It is these LSAs that the SPFalgorithm uses to create the forwarding table
XXX show router ospf database detail crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2852
28
a What types of LSAs are in the database _______________________________________________________________
_______________________________________________________________ b Is the database consistent on all the ISP routers _______
5 Once everyone has completed the OSPF configuration login to the P router and ping
the other PE router system interfaces
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________Which devices were not reachable ______________________________
Explain _____________________________________________________________________ ___________________________________________________________________
6 To reach the CE networks from any of the PE and P routers the CE networks need to
be distributed into OSPF running on PE and P routers The static routes to the CEnetworks are defined on the PE routers and need to be distributed on the PE routers
To do this
a
the PE router must be configured as an ASBR (Autonomous System Border
Router) The ASBR configuration under OSPF enables a router running the OSPFrouting protocol to distribute networks external to the OSPF domain into OSPFIn this case the static routes to the CE networks are not part of the ISP OSPF
domainOn the PE routerXXXgtconf i ggtr out er gtospf gtar ea 0 asbrcrarr
b A routing policy on the PE distributes the static routes into OSPF
On the PE routerXXX configure router policy-options crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons begin crarr XXXgtconf i ggtr out ergtpol i cy- opt i ons policy-statement Export_Routes crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement $ entry 10 crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y$
from protocol static crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y
action accept crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r ygtact i on
back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons commit crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons exit all crarr XXXgtconf i ggtr outergtospf export Export_Routes
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2952
29
7 From the PE and the P routers ping all the CE networks (ie ping the CE hostloopback address) within the ISP
Which devices were reachable _______________________________
Which devices were not reachable ______________________________Explain
_____________________________________________________________________
___________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3052
Lab 5 BGP Routing
Section 51 ndash BGP Routing
Objective
In this exercise the student will configure their ISP as a BGP Autonomous System The
student will then configure the BGP routing protocol to connect the Autonomous Systemstogether and exchange routing information
CE4R12
Figure 5 BGP between ISPs and within ISPs
30
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
OSPF
OSPF
BGP
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3152
31
1 Assign your AS number to your P and PE routers (R1-R8)
XXXgtconf i ggtr out er autonomous-system 6500n (n = ISP) crarr
2 P1 and P3 P2 and P4 will be configured as external BGP peers (eBGP) Note thateBGP peers typically use the next-hop interface IP address as the neighbor address
Since the ISPs will now be peering (share an IP network) between them assign the
link between P1 and P3 host addresses from 145001031 and the link between P2and P4 will be assigned hosts from the 145002031 network
XXXgtconf i ggtr out er bgp gr oup eBGP crarr
XXXgtconf i ggtr out er gtbgpgtgroup$ nei ghbor xxxxxxxx crarr
XXXgtconf i ggtr outergtbgpgtgroupgtnei ghbor$ peer - as ltremote ASgt crarr
3 P1 and P2 P3 and P4 will be configured as internal BGP peers (iBGP) Note that
iBGP peers typically use the system interface IP address as the neighbor address
XXXgtconf i ggtr out er bgp group i BGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ nei ghbor xx xx xx xx crarr
XXXgtconf i ggtr outergtbgpgtgroupgtnei ghbor$ peer - as ltl ocal ASgt crarr
4
At this point each P router should have one internal and one external BGP session
xxx show r out er bgp summar y crarr
5
We can see the advertised routes for reach neighbor using the following command
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
a How many routes are advertised to each neighbor _____ b Explain
____________________________________________________________ __________________________________________________________
6
BGP like other distance vector protocols requires an export policy to advertise-routes to other BGP peers The most accepted way to originate a route from an ISP isto create a black-hole static route for all aggregates to be advertised This will ensure
these routes always exit to eliminate IGP related route flapping Create the black-holestatic route for the aggregate of your local ISP A black hole indicates that traffic fora particular route will be discarded unless a more specific route exists in the routing
table A black hole static-route only makes sense from an aggregation view point Foreg if there are the following routes in the routing table
XXX configure router static-route xxxxxxxxyy black-hole
preference 250
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3252
32
8 Execute the following set of commands on the core routers (R1-R4) This will exportall static routes to the eBGP peers
XXX configure router policy-options crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons begin crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons policy-statement Export_Routes crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement $ entry 10 crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y$
from protocol static crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y
action accept crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r ygtact i on
back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons commit crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons exit all crarr
XXXconf i gur e router bgp group eBGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ expor t Expor t _Routes crarr
NOTE Wait for all nodes to be fully configured before proceeding
7
Notice that there are routes being advertised now that the policy is applied
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
How many routes are in the routing table of R1-R4 ________________Explain
_____________________________________________________________________ ___________________________________________________________________
9 Log on to the PE routers and ping the other P router system interfaces of the other ISP
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________Which devices were not reachable ______________________________
Explain _____________________________________________________________________
___________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3352
Lab 6 Services
Section 61 Services Framework
Objective
In order to complete the next group of labs we need to create a topology to support the
services we will deploy The two service providers from the previous sections havemerged into one and are offering a VPLS service across their network As long as routesexist to the system addresses of all the PE devices in the provider network a VPLSservice can be created The new service provider is running OSPF as the IGP for their
core network
33
Figure 6 Service Provider core network
CE4R12
P1R1 P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
OSPF
CE3R11
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3452
34
Running an IPMPLS-based service requires a Label Distribution Protocol (wersquoll useLDP for ease of deployment) and a full mesh of Service Distribution Paths (SDPs)
Follow the steps below
Reference Terminology
R1-R4 = Provider Routers = P1-P4
R5-R8 = Provider Edge Routers = PE1-PE4R9-R12 = Customer Edge Routers = CE1-CE4
Part 1 Provider Router Configuration (P1-P4)
1) In the previous lab routing between ISPs is provided by BGP Since the ISPs have
merged they will be merged into one routing domain running OSPF as their IGP
The interfaces between R1 and R3 and between R2 and R4 must be added to OSPF to
make this a single routing domain
2) The MPLS signaling protocol that will be used in the following section is LDP LDP
must be enabled on ALL interfaces that will be required to perform MPLS Label
exchange
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr
XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toP_ is the router interface to all neighboring routers
Part 2 Provider Edge Router Configuration (PE1-PE4)
1) LDP must be enabled on ALL router interfaces in the provider core to allow labels to
be exchanged across the Provider and Provider Edge routers
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toR_ is the router interface to the P and PE routers only
LDP is an MPLS signaling protocol therefore once all routers in the network have been
correctly configured for LDP LSPs will be created dynamically based on the systemaddresses of each node in the network
3) Configure a full mesh of SDPs (Service Distribution Paths) between the PE routers
only This will allow the distribution of services across all PE routers in the networks
When yoursquove completed this section each PE node will have a total of 3 SDPs to
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3552
35
each of the other 3 PEs The SDP is identified by an integer and we will use the router
number (5 6 7 or 8) of the far end PE to identify the SDP So PE1 (R5) will have 3
SDPs numbered 6 7 and 8 to each of the other three PEs
XXXgtconf i gure servi ce sdp x mpl s cr eat e crarr
XXXgtconf i ggtser vi cegtsdp$ f ar - end xxxxxxxxxxxx crarr
XXXgtconf i ggtser vi cegtsdp$ l dp crarr
XXXgtconf i ggtser vi cegtsdp$ no shut down crarr
Where x is the router number of the destination node
Where xxxxxxxxxxxx is the system IP address of the far-end device
Part 3 Customer Edge Router Configuration (CE1-CE4)
In the following service labs the Customer Edge devices will be configured as traditional
routers Each CE router has an interface in the same IP subnet The VPLS service will join these four routers in the same way an Ethernet switch would join them Thefollowing configuration is required on each CE device
1) Create the router interface on the interface connecting the CE to the service enabled
PE devices
XXXgtconf i gure r out er i nt er f ace ser vi cesCE_ crarr
XXXgtconf i ggtr out ergti f $ addr ess 192 168 1 x 24 crarr
XXXgtconf i ggtr out ergti f $ por t X Y Z crarr XXXgtconf i ggtr outergti f $ no shutdown
Where x is the local router number
Where XYZ is the physical network port connecting the CE to the neighboring
PE
2) Create OSPF area 0 and add the Router Interface created in step 1 and the system
interface to it
XXXgtconf i gur e rout er ospf area 0 crarr
XXXgtconf i ggtr out ergtospf gtarea$ i nter f ace syst emcrarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
XXXgtconf i ggtr out ergtospf gtarea i nter f ace servi ceCE1 crarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
Part 4 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3652
36
1) LDP is the protocol used for signaling which tunnel labels will be PUSHed
SWAPped POPped while data traverses the LSP To view which labels will be used
and their function use the following command
XXX show r out er l dp bi ndi ngs act i ve crarr
a How many PUSH actions on the P PE and CE devices
_______________________ Explain _______________________________________________________________
_______________________________________________________________
__________
b How many SWAP actions on the P PE and CE devices
_______________________ Explain
_______________________________________________________________
_______________________________________________________________
__________
c How many POP actions on the P PE and CE devices
_________________________ Explain
_______________________________________________________________ _______________________________________________________________
__________
2) CE Connectivity
a How many OSPF adjacencies are there on your CE device _____
b Ping the other CE devices in the network (ping 1921681x)
Explain the results ________________________________________________________________________ ________________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3752
Section 62 VPLS Example
Objective
A VPLS is a layer 2 service that can connect multiple sites in one LAN Itrsquos like creatinga virtual Switch out of a network of Service Routers In this lab we will create a VPLSacross all the PE nodes The PE devices will connect to each other with a full mesh using
mesh-sdp Note that after the service reference topology has been configured adding
services from edge to edge does not require any further modification of the P devices
37
Figure 6 VPLS service in each ISP between PE and P routers with SAP connections to CE routers
Part 1 Provider Edge Router Configuration (R5-R8)
1) Create the VPLS service
CE4R12
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
CE3R11
VPLS 1
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3852
38
XXXgtconf i gur e servi ce vpl s 1 cust omer 1 cr eat e crarr
XXXgtconf i ggtser vi cegtvpl s$ no shut down crarr
2) SDPs are used to distribute services across multiple service routers and therefore
bind a transport tunnel to the service You will need to create a mesh-sdp between
each PE router (R5-R8) to allow full communication across the PE routers Each PE
router should have 3 mesh-SDPs at the conclusion of this step Note that a mesh-sdp
will not forward a frame out another mesh-sdp allowing for a loop free service
topology within the core
XXXgtconf i gur e ser vi ce vpl s 1 mesh- sdp x create crarr
XXXgtconf i ggtser vi cegtvpl sgtmesh- sdp$ back crarr
Where x is the sdp to the other PE routers (R5=5 R6=6 R7=7 R8=8)
3) Service Access Points are used to attach CE devices to services on PE devices
XXXgtconf i gur e servi ce vpl s 1 sap X Y Z cr eat e crarr
Where XYZ is the physical port connecting the CE device to the PE
a Were you successful at adding the SAP _______
b Explain
_______________________________________________________________
_______________________________________________________________
c Correct the problem
XXXgtconf i gur e port X Y Z shut down crarr
XXXgtconf i gur e por t X Y Z et her net mode access crarr
XXXgtconf i gur e por t X Y X no shut down crarr
Part2 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
a View the in-use Service LDP bindings on the P and PE routers (U after label
indicates in-use)
XXX show r out er l dp bi ndi ngs f ec- t ype ser vi ces crarr
a How many Ingress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3952
39
b How many Egress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
b Network Connectivity
a How many OSPF adjacencies are there on your CE device _____
b
Are you able to ping the other CE devices in the lab _____c Are you able to ping the system IP address of the P device from the CE
device ____
d Explain the results
_______________________________________________________________
_______________________________________________________________
c Services Use the following command to determine the health of your services
XXXgt show ser vi ce servi ce- usi ng crarr
a How many services are there on each device in your POD ______
b
What is their status ______c Use the following command to find out more information about your service
XXXgt show ser vi ce i d 1 base crarr
d On each PE device we can see the MAC database per service using the
following command
XXXgt show ser vi ce i d 1 f db det ai l crarr
i How many local MAC addresses are in your table ____
ii How many remote MAC addresses are in your table ____
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
XXXgtconf i gur e servi ce sdp x shutdown crarr
Where x is the SDP to the remote PE device (R5=5 R6=6 R7=7 R8=8)
i How many OSPF adjacencies are there on your CE device _____
ii Ping the system IP addresses of all other CE devices in the lab
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4052
40
iii Explain the results
_________________________________________________________
_________________________________________________________
f On the P routers observe the impact of step d
XXXgtshow r out er l dp bi ndi ngs act i ve crarr
i
How many labels are there _____________
ii Is there any difference compared to what was seen in previously in
step a ________________
Explain __________________________________________________________________
__________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4152
41
Solutions
Exercise 13 Hardware
Sample Relevant Config--------------------------------------------------
echo Card Configuration--------------------------------------------------
card 1card-type iom-20g
mda 1
mda-type m60-10100eth-tx
ingress
mcast-path-managementshutdown
exit
exit
exit
exit
--------------------------------------------------
Exercise 14 Logs
Sample Relevant Config--------------------------------------------------echo Log Configuration
--------------------------------------------------
log
log-id 21
description Main stream log
from main
to memoryexit
log-id 22
description Security Log File
from security
to memoryexitlog-id 23
description Debug-trace
from debug-trace
to memoryexit
log-id 24
description Change Log
from change
to memoryexit
exit
Exercise 21
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4252
42
Divide up the ISP address space into equal space 512 host addresses
13812016022
13812020022
13812024022
13812028022 - divide into 13812028023 and 13812030023
Take the last 13812030023 and divide that into
13812030027 A1 30 hosts
138120303227 A2 62 hosts
138120306427
138120309627 B1 92 hosts
1381203012826
1381203019226 B2 316 hosts
13812031024
Exercise 22
Divide 140100024 into 827 address spaces
140100027 Reserved Reserved
1401003227 Unused
1401006427 Unused
1401009627 Split 1401009630
14010010030
14010010430
14010010830
14010011230
14010011630
14010012030
14010012430
All interface addresses
14010012827 Aggregate 14010012826 Assigned to Customer
space
14010016027
14010019227 Aggregate 14010019226 Assigned to customer
space
14010022427
Exercise 23
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4352
43
5 Is there a difference between the outputs of the lsquoshow router interfacersquo command
and the lsquoshow router route-tablersquo command What is the difference
Yes there is a difference The route table shows me the networks that are connected to myrouter and the logical interface it is connected to The router interface command shows
me the host address assigned to the port from the network that is used on my router along
with the physical port it is bound to
Relevant Configuration from P1
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
router
interface system
address 140100132
exit
interface t-R2exit
interface to-R2
address 140100530
port 112exit
interface to-R3
address 14010010930
port 113
exitinterface to-R5
address 14010011830
port 111
exit
exit
Exercise 244 How many ARP entries are on each router at this point
There are no ARP entries in my ARP table at this point The routers do not know how to
reach the system addresses of other routers so no ARP responses are received
5 How many ARP entries are on each router at this point
I see entries for each of my directly connected peers The MAC address belongs to the
remote routerrsquos interface ARP entries are populated because all routers know of theirdirectly connected networks and will respond to ARP requests accordingly
Exercise 31
5 View the contents of the routing table and answer the following questions
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4452
44
a How many routes in the table
There are routes for all my connected networks and an additional STATIC routefor each entry I put in
b What is the preference and metric value of each type of routing entry
The LOCAL entries have a Metric and Preference of 0The Static Routes have a Metric of 1 and a Preference of 5
Exercise 323 How many routes are there in the PPE routerrsquos routing table
Even though I entered 4 static routes total on the router only 2 are active in myrouting table The router preferred the static-route with the lowest metric
4 Which devices were reachable
I was able to ping the CE routers
Which devices were not reachable
I was unable to ping the System addresses of routers 2 hops away as they do not have
routes to the remote CE system address in their table The directly attached PE routerhas a staticroute to the local CE system address from a previous step
What is the PATH to the other CE within your local ISP
CE PE PE CE
5
Shut down the link directly between the PE devices
Which Devices are still reachable
I am still able to PING the other CE in my ISP by using the alternate (floating) static-route that replaced the last route Once a interface goes operationally down routers
flush routes from their routing table that use it as their next-hop
Exercise 33
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4552
45
YES While the filter is created it is not applied to any interface yet
11 From the PE ping the attached CErsquos configured host loopback address
SuccessfulYES
12 From the CE ping the attached PErsquos system IP addresses
Successful NO The filter is blocking icmp echo-requests in only one direction therefore ping
works one way but not the other
17 From the PE ping the attached CErsquos loopback host IP address
Successful
YES ICMP echo-requests are not blocked to the Loopback segment ONLY thesystem IP
18 From the CE ping the attached PErsquos system IP address
Successful
NO The filter is now blocking ICMP echo-requests to both CE and PE systemaddresses
Sample PE Relevant Config
--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forwarddescription Block ICMP to System Address
entry 10 create
match protocol icmpdst-ip 1511003032
icmp-type echo-request
exit
action drop
exit
exitexit
--------------------------------------------------
echo Router (Network Side) Configuration
--------------------------------------------------
interface to-R12
address 15110012630 port 112
ingress filter ip 77
exit
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4652
46
Sample CE Relevant Config--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forward
description Block ICMP to System Addy
entry 10 creatematch protocol icmp
dst-ip 1511003132
icmp-type echo-request
exit
action dropexit
exit
exit
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
interface to-R8
address 15110012530
port 112ingress filter ip 77
exit
Exercise 413
c How many routes in the table
There are 5 OSPF routes in my routing table 3 System Addresses and 2 Intefacenetworks that are not directly connected to my local system
d What is the preference and metric value of each OSPF Route
The OSPF routes vary in metric depending how ldquofarrdquo away they are (OSPF usescumulative cost based on bandwidth) but all have a preference of 10
4c How many neighbors do you see on the P devices 2
PE 2
CE 0
d What is the state of their adjacency
The P and PE adjacencies are Established because there is a OSPF speaker on the
other end with the proper parameters configured
There is no OSPF adjacency to the CE router listed as none was configured
e What type of LSAs are in the database
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4752
47
Only Type 1 Router LSA are present due to the interface being configured as point-
to-point
5 Which devices were reachable
All the devices in the local ISP were now reachable
Which devices were not reachable
The devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs Also none of the CE Host Networks were reachable as therouters did not have routes for these networks in their local routing table
6 Which devices were reachable
All networks and devices in the local ISP are now reachable
Which devices were not reachable
Devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs
Sample Relevant Config
--------------------------------------------------
echo OSPFv2 Configuration
--------------------------------------------------
ospf
area 0000interface system
interface-type point-to-point
exit
interface to-R4interface-type point-to-point
exitinterface toLAN
interface-type point-to-point
exitexit
exit
exit
Exercise 515 How many routes are advertised to each neighbor
There are no routes advertised to the neighbors because BGP does not originateroutes until an export policy is created and applied to the BGP instance
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4852
48
8 How many routes are in the routing table of R1-R4
There is 1 BGP route in each of R1-R4s routing tables matching the best path tothe aggregate advertised by the remote ISPs
9 Which devices were reachable
From the PE routers only the P routers in the local ISP were reachable
Which devices were not reachable
All routers in the remote ISP were still unreachable This is due to the local PE router
not participating in the BGP routing protocol and therefore it is not aware of theaggregate route advertised from P to P router
Sample Relevant Router Config
--------------------------------------------------
echo Static Route Configuration
--------------------------------------------------
static-route 140100024 black-hole--------------------------------------------------
echo Policy Configuration
-------------------------------------------------- policy-options
begin
policy-statement Export_Routes
entry 10
from protocol static
exit
action accept
exit
exit
exit
commitexit
--------------------------------------------------
echo BGP Configuration
--------------------------------------------------
bgpgroup eBGP
export Export_Routes
exit
group ebgpneighbor 1601006
peer-as 65002
exit
exitgroup ibgp
neighbor 1401002
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4952
49
peer-as 65001
exit
exit
exit
exit
Exercise 61Part 4 Verification
1 a How many PUSH actions on the P PE and CE devices
There are 7 PUSH operations on each P and PE device There are no PUSHoperations on the CE as it is not running LDP
b How many SWAP actions on the P PE and CE devices
There are 7 SWAP operations on each P and PE device There are no SWAP
operations on the CE as it is not running LDP
c How many POP actions on the P PE and CE devices
There is 1 POP operation on each P and PE device There are no POP operationson the CE device as it is not running LDP
2
a How many OSPF adjacencies are there on your CE device
None
b Ping the other CE devices in the network (ping 1921681x)
Nothing is reachable because there is no layer 2 connectivity from CE to CE
device without creating a service
Exercise 62 3 Were you successful at adding the SAP
No The port must be in access mode before you can create a SAP on it
Part 2 Verification
1
g How many Ingress labels
There are now 3 Ingress labels on the PE devices The P and CE device has no
service labels
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5052
50
h How many SWAP actions
There are now 3 Egress labels on the PE devices The P and CE device has noservice labels
2
a
How many OSPF adjacencies are there on your CE device3
b Are you able to ping the other CE devices in the lab
YES
c Are you able to ping the system IP address of the P device from the CE
device
NO The O and PE devices are private from the service to which the CEdevices are connected on
3
a How many services are there on each device in your POD
1 per PE only
b What is their status
Operationally UP
d On each PE device we can see the MAC database per service using the
following command
iii How many local MAC addresses are in your table
1
iv How many remote MAC addresses are in your table
3
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
i How many OSPF adjacencies are there on your CE device
1
ii Ping the system IP addresses of all other CE devices in the lab
Only the CE device connected to the diagonally connected PE isreachable because it is the only one with an active SDP in both
directionsf
i How many labels are there
Same as before
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5152
51
ii Is there any difference compared to what was seen in previously
in step a
NO The LSPs created with LDP are still active only the SDP usedto bind the LSPs to the service are shut down therefore no labelswill be withdrawn
Sample PE Relevant Configuration
--------------------------------------------------echo LDP Configuration
--------------------------------------------------
ldpinterface-parameters
interface to-R1
exit
interface to-R6
exit
interface to-R5exit
exit
targeted-session
exit
exitexit
--------------------------------------------------
echo Service Configuration
--------------------------------------------------
service
customer 1 createdescription Default customer
exit
sdp 6 mpls createfar-end 1401006
ldp
keep-alive
shutdown
exit
no shutdown
exitsdp 7 mpls create
far-end 1511001
ldp
keep-alive
shutdownexit
no shutdown
exit
sdp 8 mpls create
far-end 15110030
ldpkeep-alive
shutdown
exit
no shutdown
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5252
52
exit
vpls 612 customer 1 create
stp
shutdown
exitsap 112 create
exit
mesh-sdp 6612 create
mesh-sdp 7612 create
mesh-sdp 8612 createexitno shutdown
exit
exit A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 1952
19
Explain ________________________________________________________________________
________________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2052
Lab 3 Dynamic IP Routing
Section 31 ndash Static Routes
Objective
In this exercise the student will configure a static route from the PE to the P router andfrom the P router to the PE router that will allow both routers to ping the system interface
of each other At this point the operator can only ping the interfaces that are directlyconnected to the router This is because those are the only networks that are known bythe router Should the operator at the PE router attempt to ping the system interface of
the P router it will fail as the PE router has no route to the destination (it is not shown inthe route-table)
1 The first step is to define the network that the operator wishes to reach In this case itwill be the address of the system interface of the distant router Once that is defined
then the router must be informed of which interface to send the information out of toreach the distant network Note when defining the ldquonext-hoprdquo interface informationthe IP address used is the distant IP address of the interface not the local IP address of
the router interface Log in to the PE router and configure a static route using thefollowing command structure The first IP address defined is the destination network
plus mask In this case it is the system interface of the P router The second IPaddress defined is the IP address of the P end of the interface that connects the P tothe PE
XXXgtconfigure router static-route xxxxxxxxyy next-hopxxxxxxxx
2 The next step is to log on to the P routers and configure a static route to the systeminterface of the PE router The command structure is the same as above The onlything that will change is the IP addresses
3
Once completed verify connectivity between the P and PE routers in your pod by pinging the system interface of the other router
XXXgt ping xxxxxxxxxxxx crarr
4 View the contents of the routing table and answer the following questions
XXXgtshow r out er r out e- t abl e crarr
a How many routes in the table ________
b What is the preference and metric value of each type of routing entry
________________________________________________________________________
________________________________________________________________________
___________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2152
Section 32 ndash Default Routes and Router Logicction 32 ndash Default Routes and Router Logic
ObjectiveObjective
In this exercise the student will configure a default route on the Customer Edge CE
router The purpose of this default route is to allow IP connectivity from the CE router tothe rest of the routers in the network This is possible due to the fact that the CE router
has only one interface towards the ISP core Therefore if the destination is not local itmust be out that interface
In this exercise the student will configure a default route on the Customer Edge CE
router The purpose of this default route is to allow IP connectivity from the CE router tothe rest of the routers in the network This is possible due to the fact that the CE router
has only one interface towards the ISP core Therefore if the destination is not local itmust be out that interface
Figure 3 Static routes CE to PE and P PE to CEFigure 3 Static routes CE to PE and P PE to CE
21
CE4R12CE4R12
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
Static Route T e 2
Static Route T e 3
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2252
22
For this exercise the CE devices will configure default routes towards theirconnected PE router Each P and PE router will configure static routes for the CE
networks (the aggregate networks that were created as part of the subnetwork exercisein Section 22) connected to their local ISP For example P1 and PE1 will eachconfigure a static route to CE1 networks and another static route to the CE2 networks
Note that each P and PE router will configure 2 static routes for each CE
1 To configure a default route is to configure a static route The only difference is thedestination network and mask information In a default route the wild card network
and mask is used to match all network prefix values that do not match anything elsein the route-table Use the following configuration on the edge router of your pod
For the next hop use the interface as defined on the previous page
XXXgtconfigure router static-route 00000 next-hop xxxxxxxx crarr
2 Log on to the core (P and PE) routers and configure static routes for each CE
customer network address of the CE routers in your local ISP For each networkthere are 2 paths through your ISP For this exercise you will enter both static routes
into each PPE router The difference will be the metric value that is used The valueof the metric is the total number of routers (including the local router) traversed toreach the destination device
XXXgtconfigure router static-route xxxxxxxxyy next-hop
xxxxxxxx met r i c zcrarr
3 Use the show command to verify the existence of the default and static routes
XXXgtshow router route-table crarr
How many routes are there in the PPE routerrsquos routing table _______
Explain
_____________________________________________________________________ _____________________________________________________________________
4 Once everyone has completed the default route configuration log on to the CE router
and ping and traceroute the various system interfaces of the various routers within thenetwork Log into the P and PE router and try to ping the configured host address on both the CE routers in the ISP
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________
Which devices were not reachable ______________________________
XXXgttraceroute xxxxxxxxxxxx crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2352
23
What path is being taken to the other CE within your local ISP ____________________________________________________________________
5 Shut down the link directly between the PE devices
XXXgtconfigure port XYZ shutdown crarr
Which devices are still reachable _______________________________
Explain _____________________________________________________________________
_____________________________________________________________________A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2452
24
Section 33 ndash IP Filters
Objective
In this exercise the student will configure an IP filter on the routers to block ICMP echo-
request access to an IP address range
To configure an IP filter we must first determine the address and protocol types that we
will be allowing access to and the direction where the filter will be applied In this casewe will be blocking access to any of the CE customer host addresses from the protocol
ICMP (IP Protocol type 1) We will block access in the INGRESS direction on the CEinterface towards the PE
CE Routers Only
6 Create and describe the filter ip instance on the CE device
XXXgt configure filter ip-filter 77 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er $ description ldquoBlock ICMP to Customernetworkrdquo
7 Set the default-action to forward
XXXgtconf i ggtf i l t er gti p- f i l t er $ default-action forward crarr
8 Deny access to all host address range only for ICMP echo-requests Note We will
match in the ingress direction
XXXgtconf i ggtf i l t er gti p- f i l t er $ entry 10 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match dst-ip xxxxxxxxyy crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match protocol 1 icmp-type echo-
request crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ action drop crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ exit all crarr
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful _____Explain _____________________________________________________________________
_____________________________________________________________________
10 Apply the filter on the CE to the router interface connected to the PE device
XXXgt configure router interface toPEx crarr
XXX gtconf i ggtr out ergti f $ ingress filter ip 77 crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2552
25
11 From the PE ping the attached CErsquos configured host loopback address Successful _____
12 From the CE ping the attached PErsquos system IP addresses Successful _____Explain
_____________________________________________________________________
_____________________________________________________________________
PE Routers only Do not start until CE Router section is completed
13 Create and describe the filter ip instance on the PE device
XXXgt configure filter ip-filter 77 create crarr XXXgtconf i ggtf i l t er gti p- f i l t er $ description ldquoBlock ICMP to System
Addressrdquo
14 Set the default-action to forward
XXXgtconf i ggtf i l t er gti p- f i l t er $ default-action forward crarr
15 Deny access to the system IP address only for ICMP echo-requests Note We willmatch in the ingress direction so the packets will destined to the system IP address
XXXgtconf i ggtf i l t er gti p- f i l t er $ entry 10 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match dst-ip xxxxxxxxyy crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match protocol 1 icmp-type echo-
request crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ action drop crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ exit all crarr
16 Apply the filter to the router interface connected to the CE device
XXXgtconfigure router interface toCExcrarr
XXXgtingress filter ip 77 crarr
17 From the PE ping the attached CErsquos loopback host IP address Successful _____
18 From the CE ping the attached PErsquos system IP address Successful _____Explain
_____________________________________________________________________ _____________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2652
Lab 4 Open Shortest Path First (OSPF)
Section 41 ndash Single Area OSPF
Objective
In this exercise the student will configure a single area OSPF network for each ISP Thislab will demonstrate the different databases that are created by the OSPF routing
protocol
CE4R12
26
Figure 4 OSPF in each ISP
NOTE Remove all static routes configured in the P and PE devices in the previous
labs DO NOT remove the static routes to CE networks on the PE
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
OSPF
OSPF
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2752
27
1 The first step is to enable the OSPF routing process on the router
XXX configure router ospf crarr
2 Next define the area that the interfaces will be placed in Remember that the areamust match between routers connected on the same interface for OSPF to establish an
adjacency The objective of this exercise is to configure a single area OSPF network
therefore all students should use the same area number
XXXgtconf i ggtr outergtospf $ area 0 crarr
3 Now enter into this area all the interfaces that you want OSPF to operate on and sendout its advertisements In this case place all the PE and P router interfaces inside thelocal ISP into the OSPF process area 0 Note that ISPs rarely exchange routes witheach other using an IGP protocol of any sort
XXXgtconf i ggtr out er gtospf gtar ea$ interface system crarr
XXXgtconf i ggtr outergtospf gtar eagti f $ exit crarr XXXgtconf i ggtr outergtospf gtar eagt interface toPE1
XXXgtconf i ggtr out ergtospf gtareagti f $ interface-type point-to-point crarr
Continue until all the interfaces on the PE and P routers within the ISP are enteredinto the OSPF process in area 0
XXXgtshow r out er r out e- t abl e crarr
a How many routes in the table ________ b
_________________________________________________________________ _________________________________________________________________
_________________________________________________________________ _________________________________________________________________
What is the preference and metric value of each OSPF Route
4 Use the show command to look at the OSPF neighbors of the P routers
XXXgtshow r out er ospf nei ghbor crarr
a How many neighbors do you see on the P devices _____ PE _____ CE _____
b What is the state of their adjacency ____ Why
____________________________________________________________________
____________________________________________________________________
Use the following command to show the ospf link state database This database is alisting of all LSAs that have been received by the router It is these LSAs that the SPFalgorithm uses to create the forwarding table
XXX show router ospf database detail crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2852
28
a What types of LSAs are in the database _______________________________________________________________
_______________________________________________________________ b Is the database consistent on all the ISP routers _______
5 Once everyone has completed the OSPF configuration login to the P router and ping
the other PE router system interfaces
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________Which devices were not reachable ______________________________
Explain _____________________________________________________________________ ___________________________________________________________________
6 To reach the CE networks from any of the PE and P routers the CE networks need to
be distributed into OSPF running on PE and P routers The static routes to the CEnetworks are defined on the PE routers and need to be distributed on the PE routers
To do this
a
the PE router must be configured as an ASBR (Autonomous System Border
Router) The ASBR configuration under OSPF enables a router running the OSPFrouting protocol to distribute networks external to the OSPF domain into OSPFIn this case the static routes to the CE networks are not part of the ISP OSPF
domainOn the PE routerXXXgtconf i ggtr out er gtospf gtar ea 0 asbrcrarr
b A routing policy on the PE distributes the static routes into OSPF
On the PE routerXXX configure router policy-options crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons begin crarr XXXgtconf i ggtr out ergtpol i cy- opt i ons policy-statement Export_Routes crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement $ entry 10 crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y$
from protocol static crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y
action accept crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r ygtact i on
back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons commit crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons exit all crarr XXXgtconf i ggtr outergtospf export Export_Routes
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2952
29
7 From the PE and the P routers ping all the CE networks (ie ping the CE hostloopback address) within the ISP
Which devices were reachable _______________________________
Which devices were not reachable ______________________________Explain
_____________________________________________________________________
___________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3052
Lab 5 BGP Routing
Section 51 ndash BGP Routing
Objective
In this exercise the student will configure their ISP as a BGP Autonomous System The
student will then configure the BGP routing protocol to connect the Autonomous Systemstogether and exchange routing information
CE4R12
Figure 5 BGP between ISPs and within ISPs
30
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
OSPF
OSPF
BGP
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3152
31
1 Assign your AS number to your P and PE routers (R1-R8)
XXXgtconf i ggtr out er autonomous-system 6500n (n = ISP) crarr
2 P1 and P3 P2 and P4 will be configured as external BGP peers (eBGP) Note thateBGP peers typically use the next-hop interface IP address as the neighbor address
Since the ISPs will now be peering (share an IP network) between them assign the
link between P1 and P3 host addresses from 145001031 and the link between P2and P4 will be assigned hosts from the 145002031 network
XXXgtconf i ggtr out er bgp gr oup eBGP crarr
XXXgtconf i ggtr out er gtbgpgtgroup$ nei ghbor xxxxxxxx crarr
XXXgtconf i ggtr outergtbgpgtgroupgtnei ghbor$ peer - as ltremote ASgt crarr
3 P1 and P2 P3 and P4 will be configured as internal BGP peers (iBGP) Note that
iBGP peers typically use the system interface IP address as the neighbor address
XXXgtconf i ggtr out er bgp group i BGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ nei ghbor xx xx xx xx crarr
XXXgtconf i ggtr outergtbgpgtgroupgtnei ghbor$ peer - as ltl ocal ASgt crarr
4
At this point each P router should have one internal and one external BGP session
xxx show r out er bgp summar y crarr
5
We can see the advertised routes for reach neighbor using the following command
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
a How many routes are advertised to each neighbor _____ b Explain
____________________________________________________________ __________________________________________________________
6
BGP like other distance vector protocols requires an export policy to advertise-routes to other BGP peers The most accepted way to originate a route from an ISP isto create a black-hole static route for all aggregates to be advertised This will ensure
these routes always exit to eliminate IGP related route flapping Create the black-holestatic route for the aggregate of your local ISP A black hole indicates that traffic fora particular route will be discarded unless a more specific route exists in the routing
table A black hole static-route only makes sense from an aggregation view point Foreg if there are the following routes in the routing table
XXX configure router static-route xxxxxxxxyy black-hole
preference 250
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3252
32
8 Execute the following set of commands on the core routers (R1-R4) This will exportall static routes to the eBGP peers
XXX configure router policy-options crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons begin crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons policy-statement Export_Routes crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement $ entry 10 crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y$
from protocol static crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y
action accept crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r ygtact i on
back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons commit crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons exit all crarr
XXXconf i gur e router bgp group eBGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ expor t Expor t _Routes crarr
NOTE Wait for all nodes to be fully configured before proceeding
7
Notice that there are routes being advertised now that the policy is applied
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
How many routes are in the routing table of R1-R4 ________________Explain
_____________________________________________________________________ ___________________________________________________________________
9 Log on to the PE routers and ping the other P router system interfaces of the other ISP
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________Which devices were not reachable ______________________________
Explain _____________________________________________________________________
___________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3352
Lab 6 Services
Section 61 Services Framework
Objective
In order to complete the next group of labs we need to create a topology to support the
services we will deploy The two service providers from the previous sections havemerged into one and are offering a VPLS service across their network As long as routesexist to the system addresses of all the PE devices in the provider network a VPLSservice can be created The new service provider is running OSPF as the IGP for their
core network
33
Figure 6 Service Provider core network
CE4R12
P1R1 P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
OSPF
CE3R11
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3452
34
Running an IPMPLS-based service requires a Label Distribution Protocol (wersquoll useLDP for ease of deployment) and a full mesh of Service Distribution Paths (SDPs)
Follow the steps below
Reference Terminology
R1-R4 = Provider Routers = P1-P4
R5-R8 = Provider Edge Routers = PE1-PE4R9-R12 = Customer Edge Routers = CE1-CE4
Part 1 Provider Router Configuration (P1-P4)
1) In the previous lab routing between ISPs is provided by BGP Since the ISPs have
merged they will be merged into one routing domain running OSPF as their IGP
The interfaces between R1 and R3 and between R2 and R4 must be added to OSPF to
make this a single routing domain
2) The MPLS signaling protocol that will be used in the following section is LDP LDP
must be enabled on ALL interfaces that will be required to perform MPLS Label
exchange
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr
XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toP_ is the router interface to all neighboring routers
Part 2 Provider Edge Router Configuration (PE1-PE4)
1) LDP must be enabled on ALL router interfaces in the provider core to allow labels to
be exchanged across the Provider and Provider Edge routers
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toR_ is the router interface to the P and PE routers only
LDP is an MPLS signaling protocol therefore once all routers in the network have been
correctly configured for LDP LSPs will be created dynamically based on the systemaddresses of each node in the network
3) Configure a full mesh of SDPs (Service Distribution Paths) between the PE routers
only This will allow the distribution of services across all PE routers in the networks
When yoursquove completed this section each PE node will have a total of 3 SDPs to
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3552
35
each of the other 3 PEs The SDP is identified by an integer and we will use the router
number (5 6 7 or 8) of the far end PE to identify the SDP So PE1 (R5) will have 3
SDPs numbered 6 7 and 8 to each of the other three PEs
XXXgtconf i gure servi ce sdp x mpl s cr eat e crarr
XXXgtconf i ggtser vi cegtsdp$ f ar - end xxxxxxxxxxxx crarr
XXXgtconf i ggtser vi cegtsdp$ l dp crarr
XXXgtconf i ggtser vi cegtsdp$ no shut down crarr
Where x is the router number of the destination node
Where xxxxxxxxxxxx is the system IP address of the far-end device
Part 3 Customer Edge Router Configuration (CE1-CE4)
In the following service labs the Customer Edge devices will be configured as traditional
routers Each CE router has an interface in the same IP subnet The VPLS service will join these four routers in the same way an Ethernet switch would join them Thefollowing configuration is required on each CE device
1) Create the router interface on the interface connecting the CE to the service enabled
PE devices
XXXgtconf i gure r out er i nt er f ace ser vi cesCE_ crarr
XXXgtconf i ggtr out ergti f $ addr ess 192 168 1 x 24 crarr
XXXgtconf i ggtr out ergti f $ por t X Y Z crarr XXXgtconf i ggtr outergti f $ no shutdown
Where x is the local router number
Where XYZ is the physical network port connecting the CE to the neighboring
PE
2) Create OSPF area 0 and add the Router Interface created in step 1 and the system
interface to it
XXXgtconf i gur e rout er ospf area 0 crarr
XXXgtconf i ggtr out ergtospf gtarea$ i nter f ace syst emcrarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
XXXgtconf i ggtr out ergtospf gtarea i nter f ace servi ceCE1 crarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
Part 4 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3652
36
1) LDP is the protocol used for signaling which tunnel labels will be PUSHed
SWAPped POPped while data traverses the LSP To view which labels will be used
and their function use the following command
XXX show r out er l dp bi ndi ngs act i ve crarr
a How many PUSH actions on the P PE and CE devices
_______________________ Explain _______________________________________________________________
_______________________________________________________________
__________
b How many SWAP actions on the P PE and CE devices
_______________________ Explain
_______________________________________________________________
_______________________________________________________________
__________
c How many POP actions on the P PE and CE devices
_________________________ Explain
_______________________________________________________________ _______________________________________________________________
__________
2) CE Connectivity
a How many OSPF adjacencies are there on your CE device _____
b Ping the other CE devices in the network (ping 1921681x)
Explain the results ________________________________________________________________________ ________________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3752
Section 62 VPLS Example
Objective
A VPLS is a layer 2 service that can connect multiple sites in one LAN Itrsquos like creatinga virtual Switch out of a network of Service Routers In this lab we will create a VPLSacross all the PE nodes The PE devices will connect to each other with a full mesh using
mesh-sdp Note that after the service reference topology has been configured adding
services from edge to edge does not require any further modification of the P devices
37
Figure 6 VPLS service in each ISP between PE and P routers with SAP connections to CE routers
Part 1 Provider Edge Router Configuration (R5-R8)
1) Create the VPLS service
CE4R12
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
CE3R11
VPLS 1
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3852
38
XXXgtconf i gur e servi ce vpl s 1 cust omer 1 cr eat e crarr
XXXgtconf i ggtser vi cegtvpl s$ no shut down crarr
2) SDPs are used to distribute services across multiple service routers and therefore
bind a transport tunnel to the service You will need to create a mesh-sdp between
each PE router (R5-R8) to allow full communication across the PE routers Each PE
router should have 3 mesh-SDPs at the conclusion of this step Note that a mesh-sdp
will not forward a frame out another mesh-sdp allowing for a loop free service
topology within the core
XXXgtconf i gur e ser vi ce vpl s 1 mesh- sdp x create crarr
XXXgtconf i ggtser vi cegtvpl sgtmesh- sdp$ back crarr
Where x is the sdp to the other PE routers (R5=5 R6=6 R7=7 R8=8)
3) Service Access Points are used to attach CE devices to services on PE devices
XXXgtconf i gur e servi ce vpl s 1 sap X Y Z cr eat e crarr
Where XYZ is the physical port connecting the CE device to the PE
a Were you successful at adding the SAP _______
b Explain
_______________________________________________________________
_______________________________________________________________
c Correct the problem
XXXgtconf i gur e port X Y Z shut down crarr
XXXgtconf i gur e por t X Y Z et her net mode access crarr
XXXgtconf i gur e por t X Y X no shut down crarr
Part2 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
a View the in-use Service LDP bindings on the P and PE routers (U after label
indicates in-use)
XXX show r out er l dp bi ndi ngs f ec- t ype ser vi ces crarr
a How many Ingress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3952
39
b How many Egress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
b Network Connectivity
a How many OSPF adjacencies are there on your CE device _____
b
Are you able to ping the other CE devices in the lab _____c Are you able to ping the system IP address of the P device from the CE
device ____
d Explain the results
_______________________________________________________________
_______________________________________________________________
c Services Use the following command to determine the health of your services
XXXgt show ser vi ce servi ce- usi ng crarr
a How many services are there on each device in your POD ______
b
What is their status ______c Use the following command to find out more information about your service
XXXgt show ser vi ce i d 1 base crarr
d On each PE device we can see the MAC database per service using the
following command
XXXgt show ser vi ce i d 1 f db det ai l crarr
i How many local MAC addresses are in your table ____
ii How many remote MAC addresses are in your table ____
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
XXXgtconf i gur e servi ce sdp x shutdown crarr
Where x is the SDP to the remote PE device (R5=5 R6=6 R7=7 R8=8)
i How many OSPF adjacencies are there on your CE device _____
ii Ping the system IP addresses of all other CE devices in the lab
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4052
40
iii Explain the results
_________________________________________________________
_________________________________________________________
f On the P routers observe the impact of step d
XXXgtshow r out er l dp bi ndi ngs act i ve crarr
i
How many labels are there _____________
ii Is there any difference compared to what was seen in previously in
step a ________________
Explain __________________________________________________________________
__________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4152
41
Solutions
Exercise 13 Hardware
Sample Relevant Config--------------------------------------------------
echo Card Configuration--------------------------------------------------
card 1card-type iom-20g
mda 1
mda-type m60-10100eth-tx
ingress
mcast-path-managementshutdown
exit
exit
exit
exit
--------------------------------------------------
Exercise 14 Logs
Sample Relevant Config--------------------------------------------------echo Log Configuration
--------------------------------------------------
log
log-id 21
description Main stream log
from main
to memoryexit
log-id 22
description Security Log File
from security
to memoryexitlog-id 23
description Debug-trace
from debug-trace
to memoryexit
log-id 24
description Change Log
from change
to memoryexit
exit
Exercise 21
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4252
42
Divide up the ISP address space into equal space 512 host addresses
13812016022
13812020022
13812024022
13812028022 - divide into 13812028023 and 13812030023
Take the last 13812030023 and divide that into
13812030027 A1 30 hosts
138120303227 A2 62 hosts
138120306427
138120309627 B1 92 hosts
1381203012826
1381203019226 B2 316 hosts
13812031024
Exercise 22
Divide 140100024 into 827 address spaces
140100027 Reserved Reserved
1401003227 Unused
1401006427 Unused
1401009627 Split 1401009630
14010010030
14010010430
14010010830
14010011230
14010011630
14010012030
14010012430
All interface addresses
14010012827 Aggregate 14010012826 Assigned to Customer
space
14010016027
14010019227 Aggregate 14010019226 Assigned to customer
space
14010022427
Exercise 23
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4352
43
5 Is there a difference between the outputs of the lsquoshow router interfacersquo command
and the lsquoshow router route-tablersquo command What is the difference
Yes there is a difference The route table shows me the networks that are connected to myrouter and the logical interface it is connected to The router interface command shows
me the host address assigned to the port from the network that is used on my router along
with the physical port it is bound to
Relevant Configuration from P1
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
router
interface system
address 140100132
exit
interface t-R2exit
interface to-R2
address 140100530
port 112exit
interface to-R3
address 14010010930
port 113
exitinterface to-R5
address 14010011830
port 111
exit
exit
Exercise 244 How many ARP entries are on each router at this point
There are no ARP entries in my ARP table at this point The routers do not know how to
reach the system addresses of other routers so no ARP responses are received
5 How many ARP entries are on each router at this point
I see entries for each of my directly connected peers The MAC address belongs to the
remote routerrsquos interface ARP entries are populated because all routers know of theirdirectly connected networks and will respond to ARP requests accordingly
Exercise 31
5 View the contents of the routing table and answer the following questions
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4452
44
a How many routes in the table
There are routes for all my connected networks and an additional STATIC routefor each entry I put in
b What is the preference and metric value of each type of routing entry
The LOCAL entries have a Metric and Preference of 0The Static Routes have a Metric of 1 and a Preference of 5
Exercise 323 How many routes are there in the PPE routerrsquos routing table
Even though I entered 4 static routes total on the router only 2 are active in myrouting table The router preferred the static-route with the lowest metric
4 Which devices were reachable
I was able to ping the CE routers
Which devices were not reachable
I was unable to ping the System addresses of routers 2 hops away as they do not have
routes to the remote CE system address in their table The directly attached PE routerhas a staticroute to the local CE system address from a previous step
What is the PATH to the other CE within your local ISP
CE PE PE CE
5
Shut down the link directly between the PE devices
Which Devices are still reachable
I am still able to PING the other CE in my ISP by using the alternate (floating) static-route that replaced the last route Once a interface goes operationally down routers
flush routes from their routing table that use it as their next-hop
Exercise 33
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4552
45
YES While the filter is created it is not applied to any interface yet
11 From the PE ping the attached CErsquos configured host loopback address
SuccessfulYES
12 From the CE ping the attached PErsquos system IP addresses
Successful NO The filter is blocking icmp echo-requests in only one direction therefore ping
works one way but not the other
17 From the PE ping the attached CErsquos loopback host IP address
Successful
YES ICMP echo-requests are not blocked to the Loopback segment ONLY thesystem IP
18 From the CE ping the attached PErsquos system IP address
Successful
NO The filter is now blocking ICMP echo-requests to both CE and PE systemaddresses
Sample PE Relevant Config
--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forwarddescription Block ICMP to System Address
entry 10 create
match protocol icmpdst-ip 1511003032
icmp-type echo-request
exit
action drop
exit
exitexit
--------------------------------------------------
echo Router (Network Side) Configuration
--------------------------------------------------
interface to-R12
address 15110012630 port 112
ingress filter ip 77
exit
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4652
46
Sample CE Relevant Config--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forward
description Block ICMP to System Addy
entry 10 creatematch protocol icmp
dst-ip 1511003132
icmp-type echo-request
exit
action dropexit
exit
exit
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
interface to-R8
address 15110012530
port 112ingress filter ip 77
exit
Exercise 413
c How many routes in the table
There are 5 OSPF routes in my routing table 3 System Addresses and 2 Intefacenetworks that are not directly connected to my local system
d What is the preference and metric value of each OSPF Route
The OSPF routes vary in metric depending how ldquofarrdquo away they are (OSPF usescumulative cost based on bandwidth) but all have a preference of 10
4c How many neighbors do you see on the P devices 2
PE 2
CE 0
d What is the state of their adjacency
The P and PE adjacencies are Established because there is a OSPF speaker on the
other end with the proper parameters configured
There is no OSPF adjacency to the CE router listed as none was configured
e What type of LSAs are in the database
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4752
47
Only Type 1 Router LSA are present due to the interface being configured as point-
to-point
5 Which devices were reachable
All the devices in the local ISP were now reachable
Which devices were not reachable
The devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs Also none of the CE Host Networks were reachable as therouters did not have routes for these networks in their local routing table
6 Which devices were reachable
All networks and devices in the local ISP are now reachable
Which devices were not reachable
Devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs
Sample Relevant Config
--------------------------------------------------
echo OSPFv2 Configuration
--------------------------------------------------
ospf
area 0000interface system
interface-type point-to-point
exit
interface to-R4interface-type point-to-point
exitinterface toLAN
interface-type point-to-point
exitexit
exit
exit
Exercise 515 How many routes are advertised to each neighbor
There are no routes advertised to the neighbors because BGP does not originateroutes until an export policy is created and applied to the BGP instance
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4852
48
8 How many routes are in the routing table of R1-R4
There is 1 BGP route in each of R1-R4s routing tables matching the best path tothe aggregate advertised by the remote ISPs
9 Which devices were reachable
From the PE routers only the P routers in the local ISP were reachable
Which devices were not reachable
All routers in the remote ISP were still unreachable This is due to the local PE router
not participating in the BGP routing protocol and therefore it is not aware of theaggregate route advertised from P to P router
Sample Relevant Router Config
--------------------------------------------------
echo Static Route Configuration
--------------------------------------------------
static-route 140100024 black-hole--------------------------------------------------
echo Policy Configuration
-------------------------------------------------- policy-options
begin
policy-statement Export_Routes
entry 10
from protocol static
exit
action accept
exit
exit
exit
commitexit
--------------------------------------------------
echo BGP Configuration
--------------------------------------------------
bgpgroup eBGP
export Export_Routes
exit
group ebgpneighbor 1601006
peer-as 65002
exit
exitgroup ibgp
neighbor 1401002
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4952
49
peer-as 65001
exit
exit
exit
exit
Exercise 61Part 4 Verification
1 a How many PUSH actions on the P PE and CE devices
There are 7 PUSH operations on each P and PE device There are no PUSHoperations on the CE as it is not running LDP
b How many SWAP actions on the P PE and CE devices
There are 7 SWAP operations on each P and PE device There are no SWAP
operations on the CE as it is not running LDP
c How many POP actions on the P PE and CE devices
There is 1 POP operation on each P and PE device There are no POP operationson the CE device as it is not running LDP
2
a How many OSPF adjacencies are there on your CE device
None
b Ping the other CE devices in the network (ping 1921681x)
Nothing is reachable because there is no layer 2 connectivity from CE to CE
device without creating a service
Exercise 62 3 Were you successful at adding the SAP
No The port must be in access mode before you can create a SAP on it
Part 2 Verification
1
g How many Ingress labels
There are now 3 Ingress labels on the PE devices The P and CE device has no
service labels
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5052
50
h How many SWAP actions
There are now 3 Egress labels on the PE devices The P and CE device has noservice labels
2
a
How many OSPF adjacencies are there on your CE device3
b Are you able to ping the other CE devices in the lab
YES
c Are you able to ping the system IP address of the P device from the CE
device
NO The O and PE devices are private from the service to which the CEdevices are connected on
3
a How many services are there on each device in your POD
1 per PE only
b What is their status
Operationally UP
d On each PE device we can see the MAC database per service using the
following command
iii How many local MAC addresses are in your table
1
iv How many remote MAC addresses are in your table
3
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
i How many OSPF adjacencies are there on your CE device
1
ii Ping the system IP addresses of all other CE devices in the lab
Only the CE device connected to the diagonally connected PE isreachable because it is the only one with an active SDP in both
directionsf
i How many labels are there
Same as before
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5152
51
ii Is there any difference compared to what was seen in previously
in step a
NO The LSPs created with LDP are still active only the SDP usedto bind the LSPs to the service are shut down therefore no labelswill be withdrawn
Sample PE Relevant Configuration
--------------------------------------------------echo LDP Configuration
--------------------------------------------------
ldpinterface-parameters
interface to-R1
exit
interface to-R6
exit
interface to-R5exit
exit
targeted-session
exit
exitexit
--------------------------------------------------
echo Service Configuration
--------------------------------------------------
service
customer 1 createdescription Default customer
exit
sdp 6 mpls createfar-end 1401006
ldp
keep-alive
shutdown
exit
no shutdown
exitsdp 7 mpls create
far-end 1511001
ldp
keep-alive
shutdownexit
no shutdown
exit
sdp 8 mpls create
far-end 15110030
ldpkeep-alive
shutdown
exit
no shutdown
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5252
52
exit
vpls 612 customer 1 create
stp
shutdown
exitsap 112 create
exit
mesh-sdp 6612 create
mesh-sdp 7612 create
mesh-sdp 8612 createexitno shutdown
exit
exit A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2052
Lab 3 Dynamic IP Routing
Section 31 ndash Static Routes
Objective
In this exercise the student will configure a static route from the PE to the P router andfrom the P router to the PE router that will allow both routers to ping the system interface
of each other At this point the operator can only ping the interfaces that are directlyconnected to the router This is because those are the only networks that are known bythe router Should the operator at the PE router attempt to ping the system interface of
the P router it will fail as the PE router has no route to the destination (it is not shown inthe route-table)
1 The first step is to define the network that the operator wishes to reach In this case itwill be the address of the system interface of the distant router Once that is defined
then the router must be informed of which interface to send the information out of toreach the distant network Note when defining the ldquonext-hoprdquo interface informationthe IP address used is the distant IP address of the interface not the local IP address of
the router interface Log in to the PE router and configure a static route using thefollowing command structure The first IP address defined is the destination network
plus mask In this case it is the system interface of the P router The second IPaddress defined is the IP address of the P end of the interface that connects the P tothe PE
XXXgtconfigure router static-route xxxxxxxxyy next-hopxxxxxxxx
2 The next step is to log on to the P routers and configure a static route to the systeminterface of the PE router The command structure is the same as above The onlything that will change is the IP addresses
3
Once completed verify connectivity between the P and PE routers in your pod by pinging the system interface of the other router
XXXgt ping xxxxxxxxxxxx crarr
4 View the contents of the routing table and answer the following questions
XXXgtshow r out er r out e- t abl e crarr
a How many routes in the table ________
b What is the preference and metric value of each type of routing entry
________________________________________________________________________
________________________________________________________________________
___________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2152
Section 32 ndash Default Routes and Router Logicction 32 ndash Default Routes and Router Logic
ObjectiveObjective
In this exercise the student will configure a default route on the Customer Edge CE
router The purpose of this default route is to allow IP connectivity from the CE router tothe rest of the routers in the network This is possible due to the fact that the CE router
has only one interface towards the ISP core Therefore if the destination is not local itmust be out that interface
In this exercise the student will configure a default route on the Customer Edge CE
router The purpose of this default route is to allow IP connectivity from the CE router tothe rest of the routers in the network This is possible due to the fact that the CE router
has only one interface towards the ISP core Therefore if the destination is not local itmust be out that interface
Figure 3 Static routes CE to PE and P PE to CEFigure 3 Static routes CE to PE and P PE to CE
21
CE4R12CE4R12
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
Static Route T e 2
Static Route T e 3
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2252
22
For this exercise the CE devices will configure default routes towards theirconnected PE router Each P and PE router will configure static routes for the CE
networks (the aggregate networks that were created as part of the subnetwork exercisein Section 22) connected to their local ISP For example P1 and PE1 will eachconfigure a static route to CE1 networks and another static route to the CE2 networks
Note that each P and PE router will configure 2 static routes for each CE
1 To configure a default route is to configure a static route The only difference is thedestination network and mask information In a default route the wild card network
and mask is used to match all network prefix values that do not match anything elsein the route-table Use the following configuration on the edge router of your pod
For the next hop use the interface as defined on the previous page
XXXgtconfigure router static-route 00000 next-hop xxxxxxxx crarr
2 Log on to the core (P and PE) routers and configure static routes for each CE
customer network address of the CE routers in your local ISP For each networkthere are 2 paths through your ISP For this exercise you will enter both static routes
into each PPE router The difference will be the metric value that is used The valueof the metric is the total number of routers (including the local router) traversed toreach the destination device
XXXgtconfigure router static-route xxxxxxxxyy next-hop
xxxxxxxx met r i c zcrarr
3 Use the show command to verify the existence of the default and static routes
XXXgtshow router route-table crarr
How many routes are there in the PPE routerrsquos routing table _______
Explain
_____________________________________________________________________ _____________________________________________________________________
4 Once everyone has completed the default route configuration log on to the CE router
and ping and traceroute the various system interfaces of the various routers within thenetwork Log into the P and PE router and try to ping the configured host address on both the CE routers in the ISP
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________
Which devices were not reachable ______________________________
XXXgttraceroute xxxxxxxxxxxx crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2352
23
What path is being taken to the other CE within your local ISP ____________________________________________________________________
5 Shut down the link directly between the PE devices
XXXgtconfigure port XYZ shutdown crarr
Which devices are still reachable _______________________________
Explain _____________________________________________________________________
_____________________________________________________________________A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2452
24
Section 33 ndash IP Filters
Objective
In this exercise the student will configure an IP filter on the routers to block ICMP echo-
request access to an IP address range
To configure an IP filter we must first determine the address and protocol types that we
will be allowing access to and the direction where the filter will be applied In this casewe will be blocking access to any of the CE customer host addresses from the protocol
ICMP (IP Protocol type 1) We will block access in the INGRESS direction on the CEinterface towards the PE
CE Routers Only
6 Create and describe the filter ip instance on the CE device
XXXgt configure filter ip-filter 77 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er $ description ldquoBlock ICMP to Customernetworkrdquo
7 Set the default-action to forward
XXXgtconf i ggtf i l t er gti p- f i l t er $ default-action forward crarr
8 Deny access to all host address range only for ICMP echo-requests Note We will
match in the ingress direction
XXXgtconf i ggtf i l t er gti p- f i l t er $ entry 10 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match dst-ip xxxxxxxxyy crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match protocol 1 icmp-type echo-
request crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ action drop crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ exit all crarr
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful _____Explain _____________________________________________________________________
_____________________________________________________________________
10 Apply the filter on the CE to the router interface connected to the PE device
XXXgt configure router interface toPEx crarr
XXX gtconf i ggtr out ergti f $ ingress filter ip 77 crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2552
25
11 From the PE ping the attached CErsquos configured host loopback address Successful _____
12 From the CE ping the attached PErsquos system IP addresses Successful _____Explain
_____________________________________________________________________
_____________________________________________________________________
PE Routers only Do not start until CE Router section is completed
13 Create and describe the filter ip instance on the PE device
XXXgt configure filter ip-filter 77 create crarr XXXgtconf i ggtf i l t er gti p- f i l t er $ description ldquoBlock ICMP to System
Addressrdquo
14 Set the default-action to forward
XXXgtconf i ggtf i l t er gti p- f i l t er $ default-action forward crarr
15 Deny access to the system IP address only for ICMP echo-requests Note We willmatch in the ingress direction so the packets will destined to the system IP address
XXXgtconf i ggtf i l t er gti p- f i l t er $ entry 10 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match dst-ip xxxxxxxxyy crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match protocol 1 icmp-type echo-
request crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ action drop crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ exit all crarr
16 Apply the filter to the router interface connected to the CE device
XXXgtconfigure router interface toCExcrarr
XXXgtingress filter ip 77 crarr
17 From the PE ping the attached CErsquos loopback host IP address Successful _____
18 From the CE ping the attached PErsquos system IP address Successful _____Explain
_____________________________________________________________________ _____________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2652
Lab 4 Open Shortest Path First (OSPF)
Section 41 ndash Single Area OSPF
Objective
In this exercise the student will configure a single area OSPF network for each ISP Thislab will demonstrate the different databases that are created by the OSPF routing
protocol
CE4R12
26
Figure 4 OSPF in each ISP
NOTE Remove all static routes configured in the P and PE devices in the previous
labs DO NOT remove the static routes to CE networks on the PE
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
OSPF
OSPF
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2752
27
1 The first step is to enable the OSPF routing process on the router
XXX configure router ospf crarr
2 Next define the area that the interfaces will be placed in Remember that the areamust match between routers connected on the same interface for OSPF to establish an
adjacency The objective of this exercise is to configure a single area OSPF network
therefore all students should use the same area number
XXXgtconf i ggtr outergtospf $ area 0 crarr
3 Now enter into this area all the interfaces that you want OSPF to operate on and sendout its advertisements In this case place all the PE and P router interfaces inside thelocal ISP into the OSPF process area 0 Note that ISPs rarely exchange routes witheach other using an IGP protocol of any sort
XXXgtconf i ggtr out er gtospf gtar ea$ interface system crarr
XXXgtconf i ggtr outergtospf gtar eagti f $ exit crarr XXXgtconf i ggtr outergtospf gtar eagt interface toPE1
XXXgtconf i ggtr out ergtospf gtareagti f $ interface-type point-to-point crarr
Continue until all the interfaces on the PE and P routers within the ISP are enteredinto the OSPF process in area 0
XXXgtshow r out er r out e- t abl e crarr
a How many routes in the table ________ b
_________________________________________________________________ _________________________________________________________________
_________________________________________________________________ _________________________________________________________________
What is the preference and metric value of each OSPF Route
4 Use the show command to look at the OSPF neighbors of the P routers
XXXgtshow r out er ospf nei ghbor crarr
a How many neighbors do you see on the P devices _____ PE _____ CE _____
b What is the state of their adjacency ____ Why
____________________________________________________________________
____________________________________________________________________
Use the following command to show the ospf link state database This database is alisting of all LSAs that have been received by the router It is these LSAs that the SPFalgorithm uses to create the forwarding table
XXX show router ospf database detail crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2852
28
a What types of LSAs are in the database _______________________________________________________________
_______________________________________________________________ b Is the database consistent on all the ISP routers _______
5 Once everyone has completed the OSPF configuration login to the P router and ping
the other PE router system interfaces
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________Which devices were not reachable ______________________________
Explain _____________________________________________________________________ ___________________________________________________________________
6 To reach the CE networks from any of the PE and P routers the CE networks need to
be distributed into OSPF running on PE and P routers The static routes to the CEnetworks are defined on the PE routers and need to be distributed on the PE routers
To do this
a
the PE router must be configured as an ASBR (Autonomous System Border
Router) The ASBR configuration under OSPF enables a router running the OSPFrouting protocol to distribute networks external to the OSPF domain into OSPFIn this case the static routes to the CE networks are not part of the ISP OSPF
domainOn the PE routerXXXgtconf i ggtr out er gtospf gtar ea 0 asbrcrarr
b A routing policy on the PE distributes the static routes into OSPF
On the PE routerXXX configure router policy-options crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons begin crarr XXXgtconf i ggtr out ergtpol i cy- opt i ons policy-statement Export_Routes crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement $ entry 10 crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y$
from protocol static crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y
action accept crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r ygtact i on
back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons commit crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons exit all crarr XXXgtconf i ggtr outergtospf export Export_Routes
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2952
29
7 From the PE and the P routers ping all the CE networks (ie ping the CE hostloopback address) within the ISP
Which devices were reachable _______________________________
Which devices were not reachable ______________________________Explain
_____________________________________________________________________
___________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3052
Lab 5 BGP Routing
Section 51 ndash BGP Routing
Objective
In this exercise the student will configure their ISP as a BGP Autonomous System The
student will then configure the BGP routing protocol to connect the Autonomous Systemstogether and exchange routing information
CE4R12
Figure 5 BGP between ISPs and within ISPs
30
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
OSPF
OSPF
BGP
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3152
31
1 Assign your AS number to your P and PE routers (R1-R8)
XXXgtconf i ggtr out er autonomous-system 6500n (n = ISP) crarr
2 P1 and P3 P2 and P4 will be configured as external BGP peers (eBGP) Note thateBGP peers typically use the next-hop interface IP address as the neighbor address
Since the ISPs will now be peering (share an IP network) between them assign the
link between P1 and P3 host addresses from 145001031 and the link between P2and P4 will be assigned hosts from the 145002031 network
XXXgtconf i ggtr out er bgp gr oup eBGP crarr
XXXgtconf i ggtr out er gtbgpgtgroup$ nei ghbor xxxxxxxx crarr
XXXgtconf i ggtr outergtbgpgtgroupgtnei ghbor$ peer - as ltremote ASgt crarr
3 P1 and P2 P3 and P4 will be configured as internal BGP peers (iBGP) Note that
iBGP peers typically use the system interface IP address as the neighbor address
XXXgtconf i ggtr out er bgp group i BGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ nei ghbor xx xx xx xx crarr
XXXgtconf i ggtr outergtbgpgtgroupgtnei ghbor$ peer - as ltl ocal ASgt crarr
4
At this point each P router should have one internal and one external BGP session
xxx show r out er bgp summar y crarr
5
We can see the advertised routes for reach neighbor using the following command
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
a How many routes are advertised to each neighbor _____ b Explain
____________________________________________________________ __________________________________________________________
6
BGP like other distance vector protocols requires an export policy to advertise-routes to other BGP peers The most accepted way to originate a route from an ISP isto create a black-hole static route for all aggregates to be advertised This will ensure
these routes always exit to eliminate IGP related route flapping Create the black-holestatic route for the aggregate of your local ISP A black hole indicates that traffic fora particular route will be discarded unless a more specific route exists in the routing
table A black hole static-route only makes sense from an aggregation view point Foreg if there are the following routes in the routing table
XXX configure router static-route xxxxxxxxyy black-hole
preference 250
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3252
32
8 Execute the following set of commands on the core routers (R1-R4) This will exportall static routes to the eBGP peers
XXX configure router policy-options crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons begin crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons policy-statement Export_Routes crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement $ entry 10 crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y$
from protocol static crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y
action accept crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r ygtact i on
back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons commit crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons exit all crarr
XXXconf i gur e router bgp group eBGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ expor t Expor t _Routes crarr
NOTE Wait for all nodes to be fully configured before proceeding
7
Notice that there are routes being advertised now that the policy is applied
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
How many routes are in the routing table of R1-R4 ________________Explain
_____________________________________________________________________ ___________________________________________________________________
9 Log on to the PE routers and ping the other P router system interfaces of the other ISP
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________Which devices were not reachable ______________________________
Explain _____________________________________________________________________
___________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3352
Lab 6 Services
Section 61 Services Framework
Objective
In order to complete the next group of labs we need to create a topology to support the
services we will deploy The two service providers from the previous sections havemerged into one and are offering a VPLS service across their network As long as routesexist to the system addresses of all the PE devices in the provider network a VPLSservice can be created The new service provider is running OSPF as the IGP for their
core network
33
Figure 6 Service Provider core network
CE4R12
P1R1 P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
OSPF
CE3R11
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3452
34
Running an IPMPLS-based service requires a Label Distribution Protocol (wersquoll useLDP for ease of deployment) and a full mesh of Service Distribution Paths (SDPs)
Follow the steps below
Reference Terminology
R1-R4 = Provider Routers = P1-P4
R5-R8 = Provider Edge Routers = PE1-PE4R9-R12 = Customer Edge Routers = CE1-CE4
Part 1 Provider Router Configuration (P1-P4)
1) In the previous lab routing between ISPs is provided by BGP Since the ISPs have
merged they will be merged into one routing domain running OSPF as their IGP
The interfaces between R1 and R3 and between R2 and R4 must be added to OSPF to
make this a single routing domain
2) The MPLS signaling protocol that will be used in the following section is LDP LDP
must be enabled on ALL interfaces that will be required to perform MPLS Label
exchange
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr
XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toP_ is the router interface to all neighboring routers
Part 2 Provider Edge Router Configuration (PE1-PE4)
1) LDP must be enabled on ALL router interfaces in the provider core to allow labels to
be exchanged across the Provider and Provider Edge routers
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toR_ is the router interface to the P and PE routers only
LDP is an MPLS signaling protocol therefore once all routers in the network have been
correctly configured for LDP LSPs will be created dynamically based on the systemaddresses of each node in the network
3) Configure a full mesh of SDPs (Service Distribution Paths) between the PE routers
only This will allow the distribution of services across all PE routers in the networks
When yoursquove completed this section each PE node will have a total of 3 SDPs to
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3552
35
each of the other 3 PEs The SDP is identified by an integer and we will use the router
number (5 6 7 or 8) of the far end PE to identify the SDP So PE1 (R5) will have 3
SDPs numbered 6 7 and 8 to each of the other three PEs
XXXgtconf i gure servi ce sdp x mpl s cr eat e crarr
XXXgtconf i ggtser vi cegtsdp$ f ar - end xxxxxxxxxxxx crarr
XXXgtconf i ggtser vi cegtsdp$ l dp crarr
XXXgtconf i ggtser vi cegtsdp$ no shut down crarr
Where x is the router number of the destination node
Where xxxxxxxxxxxx is the system IP address of the far-end device
Part 3 Customer Edge Router Configuration (CE1-CE4)
In the following service labs the Customer Edge devices will be configured as traditional
routers Each CE router has an interface in the same IP subnet The VPLS service will join these four routers in the same way an Ethernet switch would join them Thefollowing configuration is required on each CE device
1) Create the router interface on the interface connecting the CE to the service enabled
PE devices
XXXgtconf i gure r out er i nt er f ace ser vi cesCE_ crarr
XXXgtconf i ggtr out ergti f $ addr ess 192 168 1 x 24 crarr
XXXgtconf i ggtr out ergti f $ por t X Y Z crarr XXXgtconf i ggtr outergti f $ no shutdown
Where x is the local router number
Where XYZ is the physical network port connecting the CE to the neighboring
PE
2) Create OSPF area 0 and add the Router Interface created in step 1 and the system
interface to it
XXXgtconf i gur e rout er ospf area 0 crarr
XXXgtconf i ggtr out ergtospf gtarea$ i nter f ace syst emcrarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
XXXgtconf i ggtr out ergtospf gtarea i nter f ace servi ceCE1 crarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
Part 4 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3652
36
1) LDP is the protocol used for signaling which tunnel labels will be PUSHed
SWAPped POPped while data traverses the LSP To view which labels will be used
and their function use the following command
XXX show r out er l dp bi ndi ngs act i ve crarr
a How many PUSH actions on the P PE and CE devices
_______________________ Explain _______________________________________________________________
_______________________________________________________________
__________
b How many SWAP actions on the P PE and CE devices
_______________________ Explain
_______________________________________________________________
_______________________________________________________________
__________
c How many POP actions on the P PE and CE devices
_________________________ Explain
_______________________________________________________________ _______________________________________________________________
__________
2) CE Connectivity
a How many OSPF adjacencies are there on your CE device _____
b Ping the other CE devices in the network (ping 1921681x)
Explain the results ________________________________________________________________________ ________________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3752
Section 62 VPLS Example
Objective
A VPLS is a layer 2 service that can connect multiple sites in one LAN Itrsquos like creatinga virtual Switch out of a network of Service Routers In this lab we will create a VPLSacross all the PE nodes The PE devices will connect to each other with a full mesh using
mesh-sdp Note that after the service reference topology has been configured adding
services from edge to edge does not require any further modification of the P devices
37
Figure 6 VPLS service in each ISP between PE and P routers with SAP connections to CE routers
Part 1 Provider Edge Router Configuration (R5-R8)
1) Create the VPLS service
CE4R12
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
CE3R11
VPLS 1
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3852
38
XXXgtconf i gur e servi ce vpl s 1 cust omer 1 cr eat e crarr
XXXgtconf i ggtser vi cegtvpl s$ no shut down crarr
2) SDPs are used to distribute services across multiple service routers and therefore
bind a transport tunnel to the service You will need to create a mesh-sdp between
each PE router (R5-R8) to allow full communication across the PE routers Each PE
router should have 3 mesh-SDPs at the conclusion of this step Note that a mesh-sdp
will not forward a frame out another mesh-sdp allowing for a loop free service
topology within the core
XXXgtconf i gur e ser vi ce vpl s 1 mesh- sdp x create crarr
XXXgtconf i ggtser vi cegtvpl sgtmesh- sdp$ back crarr
Where x is the sdp to the other PE routers (R5=5 R6=6 R7=7 R8=8)
3) Service Access Points are used to attach CE devices to services on PE devices
XXXgtconf i gur e servi ce vpl s 1 sap X Y Z cr eat e crarr
Where XYZ is the physical port connecting the CE device to the PE
a Were you successful at adding the SAP _______
b Explain
_______________________________________________________________
_______________________________________________________________
c Correct the problem
XXXgtconf i gur e port X Y Z shut down crarr
XXXgtconf i gur e por t X Y Z et her net mode access crarr
XXXgtconf i gur e por t X Y X no shut down crarr
Part2 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
a View the in-use Service LDP bindings on the P and PE routers (U after label
indicates in-use)
XXX show r out er l dp bi ndi ngs f ec- t ype ser vi ces crarr
a How many Ingress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3952
39
b How many Egress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
b Network Connectivity
a How many OSPF adjacencies are there on your CE device _____
b
Are you able to ping the other CE devices in the lab _____c Are you able to ping the system IP address of the P device from the CE
device ____
d Explain the results
_______________________________________________________________
_______________________________________________________________
c Services Use the following command to determine the health of your services
XXXgt show ser vi ce servi ce- usi ng crarr
a How many services are there on each device in your POD ______
b
What is their status ______c Use the following command to find out more information about your service
XXXgt show ser vi ce i d 1 base crarr
d On each PE device we can see the MAC database per service using the
following command
XXXgt show ser vi ce i d 1 f db det ai l crarr
i How many local MAC addresses are in your table ____
ii How many remote MAC addresses are in your table ____
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
XXXgtconf i gur e servi ce sdp x shutdown crarr
Where x is the SDP to the remote PE device (R5=5 R6=6 R7=7 R8=8)
i How many OSPF adjacencies are there on your CE device _____
ii Ping the system IP addresses of all other CE devices in the lab
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4052
40
iii Explain the results
_________________________________________________________
_________________________________________________________
f On the P routers observe the impact of step d
XXXgtshow r out er l dp bi ndi ngs act i ve crarr
i
How many labels are there _____________
ii Is there any difference compared to what was seen in previously in
step a ________________
Explain __________________________________________________________________
__________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4152
41
Solutions
Exercise 13 Hardware
Sample Relevant Config--------------------------------------------------
echo Card Configuration--------------------------------------------------
card 1card-type iom-20g
mda 1
mda-type m60-10100eth-tx
ingress
mcast-path-managementshutdown
exit
exit
exit
exit
--------------------------------------------------
Exercise 14 Logs
Sample Relevant Config--------------------------------------------------echo Log Configuration
--------------------------------------------------
log
log-id 21
description Main stream log
from main
to memoryexit
log-id 22
description Security Log File
from security
to memoryexitlog-id 23
description Debug-trace
from debug-trace
to memoryexit
log-id 24
description Change Log
from change
to memoryexit
exit
Exercise 21
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4252
42
Divide up the ISP address space into equal space 512 host addresses
13812016022
13812020022
13812024022
13812028022 - divide into 13812028023 and 13812030023
Take the last 13812030023 and divide that into
13812030027 A1 30 hosts
138120303227 A2 62 hosts
138120306427
138120309627 B1 92 hosts
1381203012826
1381203019226 B2 316 hosts
13812031024
Exercise 22
Divide 140100024 into 827 address spaces
140100027 Reserved Reserved
1401003227 Unused
1401006427 Unused
1401009627 Split 1401009630
14010010030
14010010430
14010010830
14010011230
14010011630
14010012030
14010012430
All interface addresses
14010012827 Aggregate 14010012826 Assigned to Customer
space
14010016027
14010019227 Aggregate 14010019226 Assigned to customer
space
14010022427
Exercise 23
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4352
43
5 Is there a difference between the outputs of the lsquoshow router interfacersquo command
and the lsquoshow router route-tablersquo command What is the difference
Yes there is a difference The route table shows me the networks that are connected to myrouter and the logical interface it is connected to The router interface command shows
me the host address assigned to the port from the network that is used on my router along
with the physical port it is bound to
Relevant Configuration from P1
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
router
interface system
address 140100132
exit
interface t-R2exit
interface to-R2
address 140100530
port 112exit
interface to-R3
address 14010010930
port 113
exitinterface to-R5
address 14010011830
port 111
exit
exit
Exercise 244 How many ARP entries are on each router at this point
There are no ARP entries in my ARP table at this point The routers do not know how to
reach the system addresses of other routers so no ARP responses are received
5 How many ARP entries are on each router at this point
I see entries for each of my directly connected peers The MAC address belongs to the
remote routerrsquos interface ARP entries are populated because all routers know of theirdirectly connected networks and will respond to ARP requests accordingly
Exercise 31
5 View the contents of the routing table and answer the following questions
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4452
44
a How many routes in the table
There are routes for all my connected networks and an additional STATIC routefor each entry I put in
b What is the preference and metric value of each type of routing entry
The LOCAL entries have a Metric and Preference of 0The Static Routes have a Metric of 1 and a Preference of 5
Exercise 323 How many routes are there in the PPE routerrsquos routing table
Even though I entered 4 static routes total on the router only 2 are active in myrouting table The router preferred the static-route with the lowest metric
4 Which devices were reachable
I was able to ping the CE routers
Which devices were not reachable
I was unable to ping the System addresses of routers 2 hops away as they do not have
routes to the remote CE system address in their table The directly attached PE routerhas a staticroute to the local CE system address from a previous step
What is the PATH to the other CE within your local ISP
CE PE PE CE
5
Shut down the link directly between the PE devices
Which Devices are still reachable
I am still able to PING the other CE in my ISP by using the alternate (floating) static-route that replaced the last route Once a interface goes operationally down routers
flush routes from their routing table that use it as their next-hop
Exercise 33
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4552
45
YES While the filter is created it is not applied to any interface yet
11 From the PE ping the attached CErsquos configured host loopback address
SuccessfulYES
12 From the CE ping the attached PErsquos system IP addresses
Successful NO The filter is blocking icmp echo-requests in only one direction therefore ping
works one way but not the other
17 From the PE ping the attached CErsquos loopback host IP address
Successful
YES ICMP echo-requests are not blocked to the Loopback segment ONLY thesystem IP
18 From the CE ping the attached PErsquos system IP address
Successful
NO The filter is now blocking ICMP echo-requests to both CE and PE systemaddresses
Sample PE Relevant Config
--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forwarddescription Block ICMP to System Address
entry 10 create
match protocol icmpdst-ip 1511003032
icmp-type echo-request
exit
action drop
exit
exitexit
--------------------------------------------------
echo Router (Network Side) Configuration
--------------------------------------------------
interface to-R12
address 15110012630 port 112
ingress filter ip 77
exit
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4652
46
Sample CE Relevant Config--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forward
description Block ICMP to System Addy
entry 10 creatematch protocol icmp
dst-ip 1511003132
icmp-type echo-request
exit
action dropexit
exit
exit
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
interface to-R8
address 15110012530
port 112ingress filter ip 77
exit
Exercise 413
c How many routes in the table
There are 5 OSPF routes in my routing table 3 System Addresses and 2 Intefacenetworks that are not directly connected to my local system
d What is the preference and metric value of each OSPF Route
The OSPF routes vary in metric depending how ldquofarrdquo away they are (OSPF usescumulative cost based on bandwidth) but all have a preference of 10
4c How many neighbors do you see on the P devices 2
PE 2
CE 0
d What is the state of their adjacency
The P and PE adjacencies are Established because there is a OSPF speaker on the
other end with the proper parameters configured
There is no OSPF adjacency to the CE router listed as none was configured
e What type of LSAs are in the database
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4752
47
Only Type 1 Router LSA are present due to the interface being configured as point-
to-point
5 Which devices were reachable
All the devices in the local ISP were now reachable
Which devices were not reachable
The devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs Also none of the CE Host Networks were reachable as therouters did not have routes for these networks in their local routing table
6 Which devices were reachable
All networks and devices in the local ISP are now reachable
Which devices were not reachable
Devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs
Sample Relevant Config
--------------------------------------------------
echo OSPFv2 Configuration
--------------------------------------------------
ospf
area 0000interface system
interface-type point-to-point
exit
interface to-R4interface-type point-to-point
exitinterface toLAN
interface-type point-to-point
exitexit
exit
exit
Exercise 515 How many routes are advertised to each neighbor
There are no routes advertised to the neighbors because BGP does not originateroutes until an export policy is created and applied to the BGP instance
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4852
48
8 How many routes are in the routing table of R1-R4
There is 1 BGP route in each of R1-R4s routing tables matching the best path tothe aggregate advertised by the remote ISPs
9 Which devices were reachable
From the PE routers only the P routers in the local ISP were reachable
Which devices were not reachable
All routers in the remote ISP were still unreachable This is due to the local PE router
not participating in the BGP routing protocol and therefore it is not aware of theaggregate route advertised from P to P router
Sample Relevant Router Config
--------------------------------------------------
echo Static Route Configuration
--------------------------------------------------
static-route 140100024 black-hole--------------------------------------------------
echo Policy Configuration
-------------------------------------------------- policy-options
begin
policy-statement Export_Routes
entry 10
from protocol static
exit
action accept
exit
exit
exit
commitexit
--------------------------------------------------
echo BGP Configuration
--------------------------------------------------
bgpgroup eBGP
export Export_Routes
exit
group ebgpneighbor 1601006
peer-as 65002
exit
exitgroup ibgp
neighbor 1401002
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4952
49
peer-as 65001
exit
exit
exit
exit
Exercise 61Part 4 Verification
1 a How many PUSH actions on the P PE and CE devices
There are 7 PUSH operations on each P and PE device There are no PUSHoperations on the CE as it is not running LDP
b How many SWAP actions on the P PE and CE devices
There are 7 SWAP operations on each P and PE device There are no SWAP
operations on the CE as it is not running LDP
c How many POP actions on the P PE and CE devices
There is 1 POP operation on each P and PE device There are no POP operationson the CE device as it is not running LDP
2
a How many OSPF adjacencies are there on your CE device
None
b Ping the other CE devices in the network (ping 1921681x)
Nothing is reachable because there is no layer 2 connectivity from CE to CE
device without creating a service
Exercise 62 3 Were you successful at adding the SAP
No The port must be in access mode before you can create a SAP on it
Part 2 Verification
1
g How many Ingress labels
There are now 3 Ingress labels on the PE devices The P and CE device has no
service labels
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5052
50
h How many SWAP actions
There are now 3 Egress labels on the PE devices The P and CE device has noservice labels
2
a
How many OSPF adjacencies are there on your CE device3
b Are you able to ping the other CE devices in the lab
YES
c Are you able to ping the system IP address of the P device from the CE
device
NO The O and PE devices are private from the service to which the CEdevices are connected on
3
a How many services are there on each device in your POD
1 per PE only
b What is their status
Operationally UP
d On each PE device we can see the MAC database per service using the
following command
iii How many local MAC addresses are in your table
1
iv How many remote MAC addresses are in your table
3
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
i How many OSPF adjacencies are there on your CE device
1
ii Ping the system IP addresses of all other CE devices in the lab
Only the CE device connected to the diagonally connected PE isreachable because it is the only one with an active SDP in both
directionsf
i How many labels are there
Same as before
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5152
51
ii Is there any difference compared to what was seen in previously
in step a
NO The LSPs created with LDP are still active only the SDP usedto bind the LSPs to the service are shut down therefore no labelswill be withdrawn
Sample PE Relevant Configuration
--------------------------------------------------echo LDP Configuration
--------------------------------------------------
ldpinterface-parameters
interface to-R1
exit
interface to-R6
exit
interface to-R5exit
exit
targeted-session
exit
exitexit
--------------------------------------------------
echo Service Configuration
--------------------------------------------------
service
customer 1 createdescription Default customer
exit
sdp 6 mpls createfar-end 1401006
ldp
keep-alive
shutdown
exit
no shutdown
exitsdp 7 mpls create
far-end 1511001
ldp
keep-alive
shutdownexit
no shutdown
exit
sdp 8 mpls create
far-end 15110030
ldpkeep-alive
shutdown
exit
no shutdown
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5252
52
exit
vpls 612 customer 1 create
stp
shutdown
exitsap 112 create
exit
mesh-sdp 6612 create
mesh-sdp 7612 create
mesh-sdp 8612 createexitno shutdown
exit
exit A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2152
Section 32 ndash Default Routes and Router Logicction 32 ndash Default Routes and Router Logic
ObjectiveObjective
In this exercise the student will configure a default route on the Customer Edge CE
router The purpose of this default route is to allow IP connectivity from the CE router tothe rest of the routers in the network This is possible due to the fact that the CE router
has only one interface towards the ISP core Therefore if the destination is not local itmust be out that interface
In this exercise the student will configure a default route on the Customer Edge CE
router The purpose of this default route is to allow IP connectivity from the CE router tothe rest of the routers in the network This is possible due to the fact that the CE router
has only one interface towards the ISP core Therefore if the destination is not local itmust be out that interface
Figure 3 Static routes CE to PE and P PE to CEFigure 3 Static routes CE to PE and P PE to CE
21
CE4R12CE4R12
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
Static Route T e 2
Static Route T e 3
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2252
22
For this exercise the CE devices will configure default routes towards theirconnected PE router Each P and PE router will configure static routes for the CE
networks (the aggregate networks that were created as part of the subnetwork exercisein Section 22) connected to their local ISP For example P1 and PE1 will eachconfigure a static route to CE1 networks and another static route to the CE2 networks
Note that each P and PE router will configure 2 static routes for each CE
1 To configure a default route is to configure a static route The only difference is thedestination network and mask information In a default route the wild card network
and mask is used to match all network prefix values that do not match anything elsein the route-table Use the following configuration on the edge router of your pod
For the next hop use the interface as defined on the previous page
XXXgtconfigure router static-route 00000 next-hop xxxxxxxx crarr
2 Log on to the core (P and PE) routers and configure static routes for each CE
customer network address of the CE routers in your local ISP For each networkthere are 2 paths through your ISP For this exercise you will enter both static routes
into each PPE router The difference will be the metric value that is used The valueof the metric is the total number of routers (including the local router) traversed toreach the destination device
XXXgtconfigure router static-route xxxxxxxxyy next-hop
xxxxxxxx met r i c zcrarr
3 Use the show command to verify the existence of the default and static routes
XXXgtshow router route-table crarr
How many routes are there in the PPE routerrsquos routing table _______
Explain
_____________________________________________________________________ _____________________________________________________________________
4 Once everyone has completed the default route configuration log on to the CE router
and ping and traceroute the various system interfaces of the various routers within thenetwork Log into the P and PE router and try to ping the configured host address on both the CE routers in the ISP
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________
Which devices were not reachable ______________________________
XXXgttraceroute xxxxxxxxxxxx crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2352
23
What path is being taken to the other CE within your local ISP ____________________________________________________________________
5 Shut down the link directly between the PE devices
XXXgtconfigure port XYZ shutdown crarr
Which devices are still reachable _______________________________
Explain _____________________________________________________________________
_____________________________________________________________________A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2452
24
Section 33 ndash IP Filters
Objective
In this exercise the student will configure an IP filter on the routers to block ICMP echo-
request access to an IP address range
To configure an IP filter we must first determine the address and protocol types that we
will be allowing access to and the direction where the filter will be applied In this casewe will be blocking access to any of the CE customer host addresses from the protocol
ICMP (IP Protocol type 1) We will block access in the INGRESS direction on the CEinterface towards the PE
CE Routers Only
6 Create and describe the filter ip instance on the CE device
XXXgt configure filter ip-filter 77 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er $ description ldquoBlock ICMP to Customernetworkrdquo
7 Set the default-action to forward
XXXgtconf i ggtf i l t er gti p- f i l t er $ default-action forward crarr
8 Deny access to all host address range only for ICMP echo-requests Note We will
match in the ingress direction
XXXgtconf i ggtf i l t er gti p- f i l t er $ entry 10 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match dst-ip xxxxxxxxyy crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match protocol 1 icmp-type echo-
request crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ action drop crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ exit all crarr
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful _____Explain _____________________________________________________________________
_____________________________________________________________________
10 Apply the filter on the CE to the router interface connected to the PE device
XXXgt configure router interface toPEx crarr
XXX gtconf i ggtr out ergti f $ ingress filter ip 77 crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2552
25
11 From the PE ping the attached CErsquos configured host loopback address Successful _____
12 From the CE ping the attached PErsquos system IP addresses Successful _____Explain
_____________________________________________________________________
_____________________________________________________________________
PE Routers only Do not start until CE Router section is completed
13 Create and describe the filter ip instance on the PE device
XXXgt configure filter ip-filter 77 create crarr XXXgtconf i ggtf i l t er gti p- f i l t er $ description ldquoBlock ICMP to System
Addressrdquo
14 Set the default-action to forward
XXXgtconf i ggtf i l t er gti p- f i l t er $ default-action forward crarr
15 Deny access to the system IP address only for ICMP echo-requests Note We willmatch in the ingress direction so the packets will destined to the system IP address
XXXgtconf i ggtf i l t er gti p- f i l t er $ entry 10 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match dst-ip xxxxxxxxyy crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match protocol 1 icmp-type echo-
request crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ action drop crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ exit all crarr
16 Apply the filter to the router interface connected to the CE device
XXXgtconfigure router interface toCExcrarr
XXXgtingress filter ip 77 crarr
17 From the PE ping the attached CErsquos loopback host IP address Successful _____
18 From the CE ping the attached PErsquos system IP address Successful _____Explain
_____________________________________________________________________ _____________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2652
Lab 4 Open Shortest Path First (OSPF)
Section 41 ndash Single Area OSPF
Objective
In this exercise the student will configure a single area OSPF network for each ISP Thislab will demonstrate the different databases that are created by the OSPF routing
protocol
CE4R12
26
Figure 4 OSPF in each ISP
NOTE Remove all static routes configured in the P and PE devices in the previous
labs DO NOT remove the static routes to CE networks on the PE
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
OSPF
OSPF
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2752
27
1 The first step is to enable the OSPF routing process on the router
XXX configure router ospf crarr
2 Next define the area that the interfaces will be placed in Remember that the areamust match between routers connected on the same interface for OSPF to establish an
adjacency The objective of this exercise is to configure a single area OSPF network
therefore all students should use the same area number
XXXgtconf i ggtr outergtospf $ area 0 crarr
3 Now enter into this area all the interfaces that you want OSPF to operate on and sendout its advertisements In this case place all the PE and P router interfaces inside thelocal ISP into the OSPF process area 0 Note that ISPs rarely exchange routes witheach other using an IGP protocol of any sort
XXXgtconf i ggtr out er gtospf gtar ea$ interface system crarr
XXXgtconf i ggtr outergtospf gtar eagti f $ exit crarr XXXgtconf i ggtr outergtospf gtar eagt interface toPE1
XXXgtconf i ggtr out ergtospf gtareagti f $ interface-type point-to-point crarr
Continue until all the interfaces on the PE and P routers within the ISP are enteredinto the OSPF process in area 0
XXXgtshow r out er r out e- t abl e crarr
a How many routes in the table ________ b
_________________________________________________________________ _________________________________________________________________
_________________________________________________________________ _________________________________________________________________
What is the preference and metric value of each OSPF Route
4 Use the show command to look at the OSPF neighbors of the P routers
XXXgtshow r out er ospf nei ghbor crarr
a How many neighbors do you see on the P devices _____ PE _____ CE _____
b What is the state of their adjacency ____ Why
____________________________________________________________________
____________________________________________________________________
Use the following command to show the ospf link state database This database is alisting of all LSAs that have been received by the router It is these LSAs that the SPFalgorithm uses to create the forwarding table
XXX show router ospf database detail crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2852
28
a What types of LSAs are in the database _______________________________________________________________
_______________________________________________________________ b Is the database consistent on all the ISP routers _______
5 Once everyone has completed the OSPF configuration login to the P router and ping
the other PE router system interfaces
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________Which devices were not reachable ______________________________
Explain _____________________________________________________________________ ___________________________________________________________________
6 To reach the CE networks from any of the PE and P routers the CE networks need to
be distributed into OSPF running on PE and P routers The static routes to the CEnetworks are defined on the PE routers and need to be distributed on the PE routers
To do this
a
the PE router must be configured as an ASBR (Autonomous System Border
Router) The ASBR configuration under OSPF enables a router running the OSPFrouting protocol to distribute networks external to the OSPF domain into OSPFIn this case the static routes to the CE networks are not part of the ISP OSPF
domainOn the PE routerXXXgtconf i ggtr out er gtospf gtar ea 0 asbrcrarr
b A routing policy on the PE distributes the static routes into OSPF
On the PE routerXXX configure router policy-options crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons begin crarr XXXgtconf i ggtr out ergtpol i cy- opt i ons policy-statement Export_Routes crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement $ entry 10 crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y$
from protocol static crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y
action accept crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r ygtact i on
back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons commit crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons exit all crarr XXXgtconf i ggtr outergtospf export Export_Routes
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2952
29
7 From the PE and the P routers ping all the CE networks (ie ping the CE hostloopback address) within the ISP
Which devices were reachable _______________________________
Which devices were not reachable ______________________________Explain
_____________________________________________________________________
___________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3052
Lab 5 BGP Routing
Section 51 ndash BGP Routing
Objective
In this exercise the student will configure their ISP as a BGP Autonomous System The
student will then configure the BGP routing protocol to connect the Autonomous Systemstogether and exchange routing information
CE4R12
Figure 5 BGP between ISPs and within ISPs
30
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
OSPF
OSPF
BGP
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3152
31
1 Assign your AS number to your P and PE routers (R1-R8)
XXXgtconf i ggtr out er autonomous-system 6500n (n = ISP) crarr
2 P1 and P3 P2 and P4 will be configured as external BGP peers (eBGP) Note thateBGP peers typically use the next-hop interface IP address as the neighbor address
Since the ISPs will now be peering (share an IP network) between them assign the
link between P1 and P3 host addresses from 145001031 and the link between P2and P4 will be assigned hosts from the 145002031 network
XXXgtconf i ggtr out er bgp gr oup eBGP crarr
XXXgtconf i ggtr out er gtbgpgtgroup$ nei ghbor xxxxxxxx crarr
XXXgtconf i ggtr outergtbgpgtgroupgtnei ghbor$ peer - as ltremote ASgt crarr
3 P1 and P2 P3 and P4 will be configured as internal BGP peers (iBGP) Note that
iBGP peers typically use the system interface IP address as the neighbor address
XXXgtconf i ggtr out er bgp group i BGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ nei ghbor xx xx xx xx crarr
XXXgtconf i ggtr outergtbgpgtgroupgtnei ghbor$ peer - as ltl ocal ASgt crarr
4
At this point each P router should have one internal and one external BGP session
xxx show r out er bgp summar y crarr
5
We can see the advertised routes for reach neighbor using the following command
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
a How many routes are advertised to each neighbor _____ b Explain
____________________________________________________________ __________________________________________________________
6
BGP like other distance vector protocols requires an export policy to advertise-routes to other BGP peers The most accepted way to originate a route from an ISP isto create a black-hole static route for all aggregates to be advertised This will ensure
these routes always exit to eliminate IGP related route flapping Create the black-holestatic route for the aggregate of your local ISP A black hole indicates that traffic fora particular route will be discarded unless a more specific route exists in the routing
table A black hole static-route only makes sense from an aggregation view point Foreg if there are the following routes in the routing table
XXX configure router static-route xxxxxxxxyy black-hole
preference 250
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3252
32
8 Execute the following set of commands on the core routers (R1-R4) This will exportall static routes to the eBGP peers
XXX configure router policy-options crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons begin crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons policy-statement Export_Routes crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement $ entry 10 crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y$
from protocol static crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y
action accept crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r ygtact i on
back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons commit crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons exit all crarr
XXXconf i gur e router bgp group eBGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ expor t Expor t _Routes crarr
NOTE Wait for all nodes to be fully configured before proceeding
7
Notice that there are routes being advertised now that the policy is applied
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
How many routes are in the routing table of R1-R4 ________________Explain
_____________________________________________________________________ ___________________________________________________________________
9 Log on to the PE routers and ping the other P router system interfaces of the other ISP
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________Which devices were not reachable ______________________________
Explain _____________________________________________________________________
___________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3352
Lab 6 Services
Section 61 Services Framework
Objective
In order to complete the next group of labs we need to create a topology to support the
services we will deploy The two service providers from the previous sections havemerged into one and are offering a VPLS service across their network As long as routesexist to the system addresses of all the PE devices in the provider network a VPLSservice can be created The new service provider is running OSPF as the IGP for their
core network
33
Figure 6 Service Provider core network
CE4R12
P1R1 P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
OSPF
CE3R11
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3452
34
Running an IPMPLS-based service requires a Label Distribution Protocol (wersquoll useLDP for ease of deployment) and a full mesh of Service Distribution Paths (SDPs)
Follow the steps below
Reference Terminology
R1-R4 = Provider Routers = P1-P4
R5-R8 = Provider Edge Routers = PE1-PE4R9-R12 = Customer Edge Routers = CE1-CE4
Part 1 Provider Router Configuration (P1-P4)
1) In the previous lab routing between ISPs is provided by BGP Since the ISPs have
merged they will be merged into one routing domain running OSPF as their IGP
The interfaces between R1 and R3 and between R2 and R4 must be added to OSPF to
make this a single routing domain
2) The MPLS signaling protocol that will be used in the following section is LDP LDP
must be enabled on ALL interfaces that will be required to perform MPLS Label
exchange
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr
XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toP_ is the router interface to all neighboring routers
Part 2 Provider Edge Router Configuration (PE1-PE4)
1) LDP must be enabled on ALL router interfaces in the provider core to allow labels to
be exchanged across the Provider and Provider Edge routers
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toR_ is the router interface to the P and PE routers only
LDP is an MPLS signaling protocol therefore once all routers in the network have been
correctly configured for LDP LSPs will be created dynamically based on the systemaddresses of each node in the network
3) Configure a full mesh of SDPs (Service Distribution Paths) between the PE routers
only This will allow the distribution of services across all PE routers in the networks
When yoursquove completed this section each PE node will have a total of 3 SDPs to
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3552
35
each of the other 3 PEs The SDP is identified by an integer and we will use the router
number (5 6 7 or 8) of the far end PE to identify the SDP So PE1 (R5) will have 3
SDPs numbered 6 7 and 8 to each of the other three PEs
XXXgtconf i gure servi ce sdp x mpl s cr eat e crarr
XXXgtconf i ggtser vi cegtsdp$ f ar - end xxxxxxxxxxxx crarr
XXXgtconf i ggtser vi cegtsdp$ l dp crarr
XXXgtconf i ggtser vi cegtsdp$ no shut down crarr
Where x is the router number of the destination node
Where xxxxxxxxxxxx is the system IP address of the far-end device
Part 3 Customer Edge Router Configuration (CE1-CE4)
In the following service labs the Customer Edge devices will be configured as traditional
routers Each CE router has an interface in the same IP subnet The VPLS service will join these four routers in the same way an Ethernet switch would join them Thefollowing configuration is required on each CE device
1) Create the router interface on the interface connecting the CE to the service enabled
PE devices
XXXgtconf i gure r out er i nt er f ace ser vi cesCE_ crarr
XXXgtconf i ggtr out ergti f $ addr ess 192 168 1 x 24 crarr
XXXgtconf i ggtr out ergti f $ por t X Y Z crarr XXXgtconf i ggtr outergti f $ no shutdown
Where x is the local router number
Where XYZ is the physical network port connecting the CE to the neighboring
PE
2) Create OSPF area 0 and add the Router Interface created in step 1 and the system
interface to it
XXXgtconf i gur e rout er ospf area 0 crarr
XXXgtconf i ggtr out ergtospf gtarea$ i nter f ace syst emcrarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
XXXgtconf i ggtr out ergtospf gtarea i nter f ace servi ceCE1 crarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
Part 4 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3652
36
1) LDP is the protocol used for signaling which tunnel labels will be PUSHed
SWAPped POPped while data traverses the LSP To view which labels will be used
and their function use the following command
XXX show r out er l dp bi ndi ngs act i ve crarr
a How many PUSH actions on the P PE and CE devices
_______________________ Explain _______________________________________________________________
_______________________________________________________________
__________
b How many SWAP actions on the P PE and CE devices
_______________________ Explain
_______________________________________________________________
_______________________________________________________________
__________
c How many POP actions on the P PE and CE devices
_________________________ Explain
_______________________________________________________________ _______________________________________________________________
__________
2) CE Connectivity
a How many OSPF adjacencies are there on your CE device _____
b Ping the other CE devices in the network (ping 1921681x)
Explain the results ________________________________________________________________________ ________________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3752
Section 62 VPLS Example
Objective
A VPLS is a layer 2 service that can connect multiple sites in one LAN Itrsquos like creatinga virtual Switch out of a network of Service Routers In this lab we will create a VPLSacross all the PE nodes The PE devices will connect to each other with a full mesh using
mesh-sdp Note that after the service reference topology has been configured adding
services from edge to edge does not require any further modification of the P devices
37
Figure 6 VPLS service in each ISP between PE and P routers with SAP connections to CE routers
Part 1 Provider Edge Router Configuration (R5-R8)
1) Create the VPLS service
CE4R12
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
CE3R11
VPLS 1
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3852
38
XXXgtconf i gur e servi ce vpl s 1 cust omer 1 cr eat e crarr
XXXgtconf i ggtser vi cegtvpl s$ no shut down crarr
2) SDPs are used to distribute services across multiple service routers and therefore
bind a transport tunnel to the service You will need to create a mesh-sdp between
each PE router (R5-R8) to allow full communication across the PE routers Each PE
router should have 3 mesh-SDPs at the conclusion of this step Note that a mesh-sdp
will not forward a frame out another mesh-sdp allowing for a loop free service
topology within the core
XXXgtconf i gur e ser vi ce vpl s 1 mesh- sdp x create crarr
XXXgtconf i ggtser vi cegtvpl sgtmesh- sdp$ back crarr
Where x is the sdp to the other PE routers (R5=5 R6=6 R7=7 R8=8)
3) Service Access Points are used to attach CE devices to services on PE devices
XXXgtconf i gur e servi ce vpl s 1 sap X Y Z cr eat e crarr
Where XYZ is the physical port connecting the CE device to the PE
a Were you successful at adding the SAP _______
b Explain
_______________________________________________________________
_______________________________________________________________
c Correct the problem
XXXgtconf i gur e port X Y Z shut down crarr
XXXgtconf i gur e por t X Y Z et her net mode access crarr
XXXgtconf i gur e por t X Y X no shut down crarr
Part2 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
a View the in-use Service LDP bindings on the P and PE routers (U after label
indicates in-use)
XXX show r out er l dp bi ndi ngs f ec- t ype ser vi ces crarr
a How many Ingress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3952
39
b How many Egress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
b Network Connectivity
a How many OSPF adjacencies are there on your CE device _____
b
Are you able to ping the other CE devices in the lab _____c Are you able to ping the system IP address of the P device from the CE
device ____
d Explain the results
_______________________________________________________________
_______________________________________________________________
c Services Use the following command to determine the health of your services
XXXgt show ser vi ce servi ce- usi ng crarr
a How many services are there on each device in your POD ______
b
What is their status ______c Use the following command to find out more information about your service
XXXgt show ser vi ce i d 1 base crarr
d On each PE device we can see the MAC database per service using the
following command
XXXgt show ser vi ce i d 1 f db det ai l crarr
i How many local MAC addresses are in your table ____
ii How many remote MAC addresses are in your table ____
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
XXXgtconf i gur e servi ce sdp x shutdown crarr
Where x is the SDP to the remote PE device (R5=5 R6=6 R7=7 R8=8)
i How many OSPF adjacencies are there on your CE device _____
ii Ping the system IP addresses of all other CE devices in the lab
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4052
40
iii Explain the results
_________________________________________________________
_________________________________________________________
f On the P routers observe the impact of step d
XXXgtshow r out er l dp bi ndi ngs act i ve crarr
i
How many labels are there _____________
ii Is there any difference compared to what was seen in previously in
step a ________________
Explain __________________________________________________________________
__________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4152
41
Solutions
Exercise 13 Hardware
Sample Relevant Config--------------------------------------------------
echo Card Configuration--------------------------------------------------
card 1card-type iom-20g
mda 1
mda-type m60-10100eth-tx
ingress
mcast-path-managementshutdown
exit
exit
exit
exit
--------------------------------------------------
Exercise 14 Logs
Sample Relevant Config--------------------------------------------------echo Log Configuration
--------------------------------------------------
log
log-id 21
description Main stream log
from main
to memoryexit
log-id 22
description Security Log File
from security
to memoryexitlog-id 23
description Debug-trace
from debug-trace
to memoryexit
log-id 24
description Change Log
from change
to memoryexit
exit
Exercise 21
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4252
42
Divide up the ISP address space into equal space 512 host addresses
13812016022
13812020022
13812024022
13812028022 - divide into 13812028023 and 13812030023
Take the last 13812030023 and divide that into
13812030027 A1 30 hosts
138120303227 A2 62 hosts
138120306427
138120309627 B1 92 hosts
1381203012826
1381203019226 B2 316 hosts
13812031024
Exercise 22
Divide 140100024 into 827 address spaces
140100027 Reserved Reserved
1401003227 Unused
1401006427 Unused
1401009627 Split 1401009630
14010010030
14010010430
14010010830
14010011230
14010011630
14010012030
14010012430
All interface addresses
14010012827 Aggregate 14010012826 Assigned to Customer
space
14010016027
14010019227 Aggregate 14010019226 Assigned to customer
space
14010022427
Exercise 23
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4352
43
5 Is there a difference between the outputs of the lsquoshow router interfacersquo command
and the lsquoshow router route-tablersquo command What is the difference
Yes there is a difference The route table shows me the networks that are connected to myrouter and the logical interface it is connected to The router interface command shows
me the host address assigned to the port from the network that is used on my router along
with the physical port it is bound to
Relevant Configuration from P1
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
router
interface system
address 140100132
exit
interface t-R2exit
interface to-R2
address 140100530
port 112exit
interface to-R3
address 14010010930
port 113
exitinterface to-R5
address 14010011830
port 111
exit
exit
Exercise 244 How many ARP entries are on each router at this point
There are no ARP entries in my ARP table at this point The routers do not know how to
reach the system addresses of other routers so no ARP responses are received
5 How many ARP entries are on each router at this point
I see entries for each of my directly connected peers The MAC address belongs to the
remote routerrsquos interface ARP entries are populated because all routers know of theirdirectly connected networks and will respond to ARP requests accordingly
Exercise 31
5 View the contents of the routing table and answer the following questions
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4452
44
a How many routes in the table
There are routes for all my connected networks and an additional STATIC routefor each entry I put in
b What is the preference and metric value of each type of routing entry
The LOCAL entries have a Metric and Preference of 0The Static Routes have a Metric of 1 and a Preference of 5
Exercise 323 How many routes are there in the PPE routerrsquos routing table
Even though I entered 4 static routes total on the router only 2 are active in myrouting table The router preferred the static-route with the lowest metric
4 Which devices were reachable
I was able to ping the CE routers
Which devices were not reachable
I was unable to ping the System addresses of routers 2 hops away as they do not have
routes to the remote CE system address in their table The directly attached PE routerhas a staticroute to the local CE system address from a previous step
What is the PATH to the other CE within your local ISP
CE PE PE CE
5
Shut down the link directly between the PE devices
Which Devices are still reachable
I am still able to PING the other CE in my ISP by using the alternate (floating) static-route that replaced the last route Once a interface goes operationally down routers
flush routes from their routing table that use it as their next-hop
Exercise 33
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4552
45
YES While the filter is created it is not applied to any interface yet
11 From the PE ping the attached CErsquos configured host loopback address
SuccessfulYES
12 From the CE ping the attached PErsquos system IP addresses
Successful NO The filter is blocking icmp echo-requests in only one direction therefore ping
works one way but not the other
17 From the PE ping the attached CErsquos loopback host IP address
Successful
YES ICMP echo-requests are not blocked to the Loopback segment ONLY thesystem IP
18 From the CE ping the attached PErsquos system IP address
Successful
NO The filter is now blocking ICMP echo-requests to both CE and PE systemaddresses
Sample PE Relevant Config
--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forwarddescription Block ICMP to System Address
entry 10 create
match protocol icmpdst-ip 1511003032
icmp-type echo-request
exit
action drop
exit
exitexit
--------------------------------------------------
echo Router (Network Side) Configuration
--------------------------------------------------
interface to-R12
address 15110012630 port 112
ingress filter ip 77
exit
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4652
46
Sample CE Relevant Config--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forward
description Block ICMP to System Addy
entry 10 creatematch protocol icmp
dst-ip 1511003132
icmp-type echo-request
exit
action dropexit
exit
exit
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
interface to-R8
address 15110012530
port 112ingress filter ip 77
exit
Exercise 413
c How many routes in the table
There are 5 OSPF routes in my routing table 3 System Addresses and 2 Intefacenetworks that are not directly connected to my local system
d What is the preference and metric value of each OSPF Route
The OSPF routes vary in metric depending how ldquofarrdquo away they are (OSPF usescumulative cost based on bandwidth) but all have a preference of 10
4c How many neighbors do you see on the P devices 2
PE 2
CE 0
d What is the state of their adjacency
The P and PE adjacencies are Established because there is a OSPF speaker on the
other end with the proper parameters configured
There is no OSPF adjacency to the CE router listed as none was configured
e What type of LSAs are in the database
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4752
47
Only Type 1 Router LSA are present due to the interface being configured as point-
to-point
5 Which devices were reachable
All the devices in the local ISP were now reachable
Which devices were not reachable
The devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs Also none of the CE Host Networks were reachable as therouters did not have routes for these networks in their local routing table
6 Which devices were reachable
All networks and devices in the local ISP are now reachable
Which devices were not reachable
Devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs
Sample Relevant Config
--------------------------------------------------
echo OSPFv2 Configuration
--------------------------------------------------
ospf
area 0000interface system
interface-type point-to-point
exit
interface to-R4interface-type point-to-point
exitinterface toLAN
interface-type point-to-point
exitexit
exit
exit
Exercise 515 How many routes are advertised to each neighbor
There are no routes advertised to the neighbors because BGP does not originateroutes until an export policy is created and applied to the BGP instance
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4852
48
8 How many routes are in the routing table of R1-R4
There is 1 BGP route in each of R1-R4s routing tables matching the best path tothe aggregate advertised by the remote ISPs
9 Which devices were reachable
From the PE routers only the P routers in the local ISP were reachable
Which devices were not reachable
All routers in the remote ISP were still unreachable This is due to the local PE router
not participating in the BGP routing protocol and therefore it is not aware of theaggregate route advertised from P to P router
Sample Relevant Router Config
--------------------------------------------------
echo Static Route Configuration
--------------------------------------------------
static-route 140100024 black-hole--------------------------------------------------
echo Policy Configuration
-------------------------------------------------- policy-options
begin
policy-statement Export_Routes
entry 10
from protocol static
exit
action accept
exit
exit
exit
commitexit
--------------------------------------------------
echo BGP Configuration
--------------------------------------------------
bgpgroup eBGP
export Export_Routes
exit
group ebgpneighbor 1601006
peer-as 65002
exit
exitgroup ibgp
neighbor 1401002
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4952
49
peer-as 65001
exit
exit
exit
exit
Exercise 61Part 4 Verification
1 a How many PUSH actions on the P PE and CE devices
There are 7 PUSH operations on each P and PE device There are no PUSHoperations on the CE as it is not running LDP
b How many SWAP actions on the P PE and CE devices
There are 7 SWAP operations on each P and PE device There are no SWAP
operations on the CE as it is not running LDP
c How many POP actions on the P PE and CE devices
There is 1 POP operation on each P and PE device There are no POP operationson the CE device as it is not running LDP
2
a How many OSPF adjacencies are there on your CE device
None
b Ping the other CE devices in the network (ping 1921681x)
Nothing is reachable because there is no layer 2 connectivity from CE to CE
device without creating a service
Exercise 62 3 Were you successful at adding the SAP
No The port must be in access mode before you can create a SAP on it
Part 2 Verification
1
g How many Ingress labels
There are now 3 Ingress labels on the PE devices The P and CE device has no
service labels
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5052
50
h How many SWAP actions
There are now 3 Egress labels on the PE devices The P and CE device has noservice labels
2
a
How many OSPF adjacencies are there on your CE device3
b Are you able to ping the other CE devices in the lab
YES
c Are you able to ping the system IP address of the P device from the CE
device
NO The O and PE devices are private from the service to which the CEdevices are connected on
3
a How many services are there on each device in your POD
1 per PE only
b What is their status
Operationally UP
d On each PE device we can see the MAC database per service using the
following command
iii How many local MAC addresses are in your table
1
iv How many remote MAC addresses are in your table
3
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
i How many OSPF adjacencies are there on your CE device
1
ii Ping the system IP addresses of all other CE devices in the lab
Only the CE device connected to the diagonally connected PE isreachable because it is the only one with an active SDP in both
directionsf
i How many labels are there
Same as before
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5152
51
ii Is there any difference compared to what was seen in previously
in step a
NO The LSPs created with LDP are still active only the SDP usedto bind the LSPs to the service are shut down therefore no labelswill be withdrawn
Sample PE Relevant Configuration
--------------------------------------------------echo LDP Configuration
--------------------------------------------------
ldpinterface-parameters
interface to-R1
exit
interface to-R6
exit
interface to-R5exit
exit
targeted-session
exit
exitexit
--------------------------------------------------
echo Service Configuration
--------------------------------------------------
service
customer 1 createdescription Default customer
exit
sdp 6 mpls createfar-end 1401006
ldp
keep-alive
shutdown
exit
no shutdown
exitsdp 7 mpls create
far-end 1511001
ldp
keep-alive
shutdownexit
no shutdown
exit
sdp 8 mpls create
far-end 15110030
ldpkeep-alive
shutdown
exit
no shutdown
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5252
52
exit
vpls 612 customer 1 create
stp
shutdown
exitsap 112 create
exit
mesh-sdp 6612 create
mesh-sdp 7612 create
mesh-sdp 8612 createexitno shutdown
exit
exit A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2252
22
For this exercise the CE devices will configure default routes towards theirconnected PE router Each P and PE router will configure static routes for the CE
networks (the aggregate networks that were created as part of the subnetwork exercisein Section 22) connected to their local ISP For example P1 and PE1 will eachconfigure a static route to CE1 networks and another static route to the CE2 networks
Note that each P and PE router will configure 2 static routes for each CE
1 To configure a default route is to configure a static route The only difference is thedestination network and mask information In a default route the wild card network
and mask is used to match all network prefix values that do not match anything elsein the route-table Use the following configuration on the edge router of your pod
For the next hop use the interface as defined on the previous page
XXXgtconfigure router static-route 00000 next-hop xxxxxxxx crarr
2 Log on to the core (P and PE) routers and configure static routes for each CE
customer network address of the CE routers in your local ISP For each networkthere are 2 paths through your ISP For this exercise you will enter both static routes
into each PPE router The difference will be the metric value that is used The valueof the metric is the total number of routers (including the local router) traversed toreach the destination device
XXXgtconfigure router static-route xxxxxxxxyy next-hop
xxxxxxxx met r i c zcrarr
3 Use the show command to verify the existence of the default and static routes
XXXgtshow router route-table crarr
How many routes are there in the PPE routerrsquos routing table _______
Explain
_____________________________________________________________________ _____________________________________________________________________
4 Once everyone has completed the default route configuration log on to the CE router
and ping and traceroute the various system interfaces of the various routers within thenetwork Log into the P and PE router and try to ping the configured host address on both the CE routers in the ISP
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________
Which devices were not reachable ______________________________
XXXgttraceroute xxxxxxxxxxxx crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2352
23
What path is being taken to the other CE within your local ISP ____________________________________________________________________
5 Shut down the link directly between the PE devices
XXXgtconfigure port XYZ shutdown crarr
Which devices are still reachable _______________________________
Explain _____________________________________________________________________
_____________________________________________________________________A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2452
24
Section 33 ndash IP Filters
Objective
In this exercise the student will configure an IP filter on the routers to block ICMP echo-
request access to an IP address range
To configure an IP filter we must first determine the address and protocol types that we
will be allowing access to and the direction where the filter will be applied In this casewe will be blocking access to any of the CE customer host addresses from the protocol
ICMP (IP Protocol type 1) We will block access in the INGRESS direction on the CEinterface towards the PE
CE Routers Only
6 Create and describe the filter ip instance on the CE device
XXXgt configure filter ip-filter 77 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er $ description ldquoBlock ICMP to Customernetworkrdquo
7 Set the default-action to forward
XXXgtconf i ggtf i l t er gti p- f i l t er $ default-action forward crarr
8 Deny access to all host address range only for ICMP echo-requests Note We will
match in the ingress direction
XXXgtconf i ggtf i l t er gti p- f i l t er $ entry 10 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match dst-ip xxxxxxxxyy crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match protocol 1 icmp-type echo-
request crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ action drop crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ exit all crarr
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful _____Explain _____________________________________________________________________
_____________________________________________________________________
10 Apply the filter on the CE to the router interface connected to the PE device
XXXgt configure router interface toPEx crarr
XXX gtconf i ggtr out ergti f $ ingress filter ip 77 crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2552
25
11 From the PE ping the attached CErsquos configured host loopback address Successful _____
12 From the CE ping the attached PErsquos system IP addresses Successful _____Explain
_____________________________________________________________________
_____________________________________________________________________
PE Routers only Do not start until CE Router section is completed
13 Create and describe the filter ip instance on the PE device
XXXgt configure filter ip-filter 77 create crarr XXXgtconf i ggtf i l t er gti p- f i l t er $ description ldquoBlock ICMP to System
Addressrdquo
14 Set the default-action to forward
XXXgtconf i ggtf i l t er gti p- f i l t er $ default-action forward crarr
15 Deny access to the system IP address only for ICMP echo-requests Note We willmatch in the ingress direction so the packets will destined to the system IP address
XXXgtconf i ggtf i l t er gti p- f i l t er $ entry 10 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match dst-ip xxxxxxxxyy crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match protocol 1 icmp-type echo-
request crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ action drop crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ exit all crarr
16 Apply the filter to the router interface connected to the CE device
XXXgtconfigure router interface toCExcrarr
XXXgtingress filter ip 77 crarr
17 From the PE ping the attached CErsquos loopback host IP address Successful _____
18 From the CE ping the attached PErsquos system IP address Successful _____Explain
_____________________________________________________________________ _____________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2652
Lab 4 Open Shortest Path First (OSPF)
Section 41 ndash Single Area OSPF
Objective
In this exercise the student will configure a single area OSPF network for each ISP Thislab will demonstrate the different databases that are created by the OSPF routing
protocol
CE4R12
26
Figure 4 OSPF in each ISP
NOTE Remove all static routes configured in the P and PE devices in the previous
labs DO NOT remove the static routes to CE networks on the PE
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
OSPF
OSPF
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2752
27
1 The first step is to enable the OSPF routing process on the router
XXX configure router ospf crarr
2 Next define the area that the interfaces will be placed in Remember that the areamust match between routers connected on the same interface for OSPF to establish an
adjacency The objective of this exercise is to configure a single area OSPF network
therefore all students should use the same area number
XXXgtconf i ggtr outergtospf $ area 0 crarr
3 Now enter into this area all the interfaces that you want OSPF to operate on and sendout its advertisements In this case place all the PE and P router interfaces inside thelocal ISP into the OSPF process area 0 Note that ISPs rarely exchange routes witheach other using an IGP protocol of any sort
XXXgtconf i ggtr out er gtospf gtar ea$ interface system crarr
XXXgtconf i ggtr outergtospf gtar eagti f $ exit crarr XXXgtconf i ggtr outergtospf gtar eagt interface toPE1
XXXgtconf i ggtr out ergtospf gtareagti f $ interface-type point-to-point crarr
Continue until all the interfaces on the PE and P routers within the ISP are enteredinto the OSPF process in area 0
XXXgtshow r out er r out e- t abl e crarr
a How many routes in the table ________ b
_________________________________________________________________ _________________________________________________________________
_________________________________________________________________ _________________________________________________________________
What is the preference and metric value of each OSPF Route
4 Use the show command to look at the OSPF neighbors of the P routers
XXXgtshow r out er ospf nei ghbor crarr
a How many neighbors do you see on the P devices _____ PE _____ CE _____
b What is the state of their adjacency ____ Why
____________________________________________________________________
____________________________________________________________________
Use the following command to show the ospf link state database This database is alisting of all LSAs that have been received by the router It is these LSAs that the SPFalgorithm uses to create the forwarding table
XXX show router ospf database detail crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2852
28
a What types of LSAs are in the database _______________________________________________________________
_______________________________________________________________ b Is the database consistent on all the ISP routers _______
5 Once everyone has completed the OSPF configuration login to the P router and ping
the other PE router system interfaces
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________Which devices were not reachable ______________________________
Explain _____________________________________________________________________ ___________________________________________________________________
6 To reach the CE networks from any of the PE and P routers the CE networks need to
be distributed into OSPF running on PE and P routers The static routes to the CEnetworks are defined on the PE routers and need to be distributed on the PE routers
To do this
a
the PE router must be configured as an ASBR (Autonomous System Border
Router) The ASBR configuration under OSPF enables a router running the OSPFrouting protocol to distribute networks external to the OSPF domain into OSPFIn this case the static routes to the CE networks are not part of the ISP OSPF
domainOn the PE routerXXXgtconf i ggtr out er gtospf gtar ea 0 asbrcrarr
b A routing policy on the PE distributes the static routes into OSPF
On the PE routerXXX configure router policy-options crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons begin crarr XXXgtconf i ggtr out ergtpol i cy- opt i ons policy-statement Export_Routes crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement $ entry 10 crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y$
from protocol static crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y
action accept crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r ygtact i on
back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons commit crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons exit all crarr XXXgtconf i ggtr outergtospf export Export_Routes
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2952
29
7 From the PE and the P routers ping all the CE networks (ie ping the CE hostloopback address) within the ISP
Which devices were reachable _______________________________
Which devices were not reachable ______________________________Explain
_____________________________________________________________________
___________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3052
Lab 5 BGP Routing
Section 51 ndash BGP Routing
Objective
In this exercise the student will configure their ISP as a BGP Autonomous System The
student will then configure the BGP routing protocol to connect the Autonomous Systemstogether and exchange routing information
CE4R12
Figure 5 BGP between ISPs and within ISPs
30
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
OSPF
OSPF
BGP
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3152
31
1 Assign your AS number to your P and PE routers (R1-R8)
XXXgtconf i ggtr out er autonomous-system 6500n (n = ISP) crarr
2 P1 and P3 P2 and P4 will be configured as external BGP peers (eBGP) Note thateBGP peers typically use the next-hop interface IP address as the neighbor address
Since the ISPs will now be peering (share an IP network) between them assign the
link between P1 and P3 host addresses from 145001031 and the link between P2and P4 will be assigned hosts from the 145002031 network
XXXgtconf i ggtr out er bgp gr oup eBGP crarr
XXXgtconf i ggtr out er gtbgpgtgroup$ nei ghbor xxxxxxxx crarr
XXXgtconf i ggtr outergtbgpgtgroupgtnei ghbor$ peer - as ltremote ASgt crarr
3 P1 and P2 P3 and P4 will be configured as internal BGP peers (iBGP) Note that
iBGP peers typically use the system interface IP address as the neighbor address
XXXgtconf i ggtr out er bgp group i BGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ nei ghbor xx xx xx xx crarr
XXXgtconf i ggtr outergtbgpgtgroupgtnei ghbor$ peer - as ltl ocal ASgt crarr
4
At this point each P router should have one internal and one external BGP session
xxx show r out er bgp summar y crarr
5
We can see the advertised routes for reach neighbor using the following command
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
a How many routes are advertised to each neighbor _____ b Explain
____________________________________________________________ __________________________________________________________
6
BGP like other distance vector protocols requires an export policy to advertise-routes to other BGP peers The most accepted way to originate a route from an ISP isto create a black-hole static route for all aggregates to be advertised This will ensure
these routes always exit to eliminate IGP related route flapping Create the black-holestatic route for the aggregate of your local ISP A black hole indicates that traffic fora particular route will be discarded unless a more specific route exists in the routing
table A black hole static-route only makes sense from an aggregation view point Foreg if there are the following routes in the routing table
XXX configure router static-route xxxxxxxxyy black-hole
preference 250
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3252
32
8 Execute the following set of commands on the core routers (R1-R4) This will exportall static routes to the eBGP peers
XXX configure router policy-options crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons begin crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons policy-statement Export_Routes crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement $ entry 10 crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y$
from protocol static crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y
action accept crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r ygtact i on
back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons commit crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons exit all crarr
XXXconf i gur e router bgp group eBGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ expor t Expor t _Routes crarr
NOTE Wait for all nodes to be fully configured before proceeding
7
Notice that there are routes being advertised now that the policy is applied
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
How many routes are in the routing table of R1-R4 ________________Explain
_____________________________________________________________________ ___________________________________________________________________
9 Log on to the PE routers and ping the other P router system interfaces of the other ISP
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________Which devices were not reachable ______________________________
Explain _____________________________________________________________________
___________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3352
Lab 6 Services
Section 61 Services Framework
Objective
In order to complete the next group of labs we need to create a topology to support the
services we will deploy The two service providers from the previous sections havemerged into one and are offering a VPLS service across their network As long as routesexist to the system addresses of all the PE devices in the provider network a VPLSservice can be created The new service provider is running OSPF as the IGP for their
core network
33
Figure 6 Service Provider core network
CE4R12
P1R1 P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
OSPF
CE3R11
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3452
34
Running an IPMPLS-based service requires a Label Distribution Protocol (wersquoll useLDP for ease of deployment) and a full mesh of Service Distribution Paths (SDPs)
Follow the steps below
Reference Terminology
R1-R4 = Provider Routers = P1-P4
R5-R8 = Provider Edge Routers = PE1-PE4R9-R12 = Customer Edge Routers = CE1-CE4
Part 1 Provider Router Configuration (P1-P4)
1) In the previous lab routing between ISPs is provided by BGP Since the ISPs have
merged they will be merged into one routing domain running OSPF as their IGP
The interfaces between R1 and R3 and between R2 and R4 must be added to OSPF to
make this a single routing domain
2) The MPLS signaling protocol that will be used in the following section is LDP LDP
must be enabled on ALL interfaces that will be required to perform MPLS Label
exchange
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr
XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toP_ is the router interface to all neighboring routers
Part 2 Provider Edge Router Configuration (PE1-PE4)
1) LDP must be enabled on ALL router interfaces in the provider core to allow labels to
be exchanged across the Provider and Provider Edge routers
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toR_ is the router interface to the P and PE routers only
LDP is an MPLS signaling protocol therefore once all routers in the network have been
correctly configured for LDP LSPs will be created dynamically based on the systemaddresses of each node in the network
3) Configure a full mesh of SDPs (Service Distribution Paths) between the PE routers
only This will allow the distribution of services across all PE routers in the networks
When yoursquove completed this section each PE node will have a total of 3 SDPs to
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3552
35
each of the other 3 PEs The SDP is identified by an integer and we will use the router
number (5 6 7 or 8) of the far end PE to identify the SDP So PE1 (R5) will have 3
SDPs numbered 6 7 and 8 to each of the other three PEs
XXXgtconf i gure servi ce sdp x mpl s cr eat e crarr
XXXgtconf i ggtser vi cegtsdp$ f ar - end xxxxxxxxxxxx crarr
XXXgtconf i ggtser vi cegtsdp$ l dp crarr
XXXgtconf i ggtser vi cegtsdp$ no shut down crarr
Where x is the router number of the destination node
Where xxxxxxxxxxxx is the system IP address of the far-end device
Part 3 Customer Edge Router Configuration (CE1-CE4)
In the following service labs the Customer Edge devices will be configured as traditional
routers Each CE router has an interface in the same IP subnet The VPLS service will join these four routers in the same way an Ethernet switch would join them Thefollowing configuration is required on each CE device
1) Create the router interface on the interface connecting the CE to the service enabled
PE devices
XXXgtconf i gure r out er i nt er f ace ser vi cesCE_ crarr
XXXgtconf i ggtr out ergti f $ addr ess 192 168 1 x 24 crarr
XXXgtconf i ggtr out ergti f $ por t X Y Z crarr XXXgtconf i ggtr outergti f $ no shutdown
Where x is the local router number
Where XYZ is the physical network port connecting the CE to the neighboring
PE
2) Create OSPF area 0 and add the Router Interface created in step 1 and the system
interface to it
XXXgtconf i gur e rout er ospf area 0 crarr
XXXgtconf i ggtr out ergtospf gtarea$ i nter f ace syst emcrarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
XXXgtconf i ggtr out ergtospf gtarea i nter f ace servi ceCE1 crarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
Part 4 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3652
36
1) LDP is the protocol used for signaling which tunnel labels will be PUSHed
SWAPped POPped while data traverses the LSP To view which labels will be used
and their function use the following command
XXX show r out er l dp bi ndi ngs act i ve crarr
a How many PUSH actions on the P PE and CE devices
_______________________ Explain _______________________________________________________________
_______________________________________________________________
__________
b How many SWAP actions on the P PE and CE devices
_______________________ Explain
_______________________________________________________________
_______________________________________________________________
__________
c How many POP actions on the P PE and CE devices
_________________________ Explain
_______________________________________________________________ _______________________________________________________________
__________
2) CE Connectivity
a How many OSPF adjacencies are there on your CE device _____
b Ping the other CE devices in the network (ping 1921681x)
Explain the results ________________________________________________________________________ ________________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3752
Section 62 VPLS Example
Objective
A VPLS is a layer 2 service that can connect multiple sites in one LAN Itrsquos like creatinga virtual Switch out of a network of Service Routers In this lab we will create a VPLSacross all the PE nodes The PE devices will connect to each other with a full mesh using
mesh-sdp Note that after the service reference topology has been configured adding
services from edge to edge does not require any further modification of the P devices
37
Figure 6 VPLS service in each ISP between PE and P routers with SAP connections to CE routers
Part 1 Provider Edge Router Configuration (R5-R8)
1) Create the VPLS service
CE4R12
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
CE3R11
VPLS 1
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3852
38
XXXgtconf i gur e servi ce vpl s 1 cust omer 1 cr eat e crarr
XXXgtconf i ggtser vi cegtvpl s$ no shut down crarr
2) SDPs are used to distribute services across multiple service routers and therefore
bind a transport tunnel to the service You will need to create a mesh-sdp between
each PE router (R5-R8) to allow full communication across the PE routers Each PE
router should have 3 mesh-SDPs at the conclusion of this step Note that a mesh-sdp
will not forward a frame out another mesh-sdp allowing for a loop free service
topology within the core
XXXgtconf i gur e ser vi ce vpl s 1 mesh- sdp x create crarr
XXXgtconf i ggtser vi cegtvpl sgtmesh- sdp$ back crarr
Where x is the sdp to the other PE routers (R5=5 R6=6 R7=7 R8=8)
3) Service Access Points are used to attach CE devices to services on PE devices
XXXgtconf i gur e servi ce vpl s 1 sap X Y Z cr eat e crarr
Where XYZ is the physical port connecting the CE device to the PE
a Were you successful at adding the SAP _______
b Explain
_______________________________________________________________
_______________________________________________________________
c Correct the problem
XXXgtconf i gur e port X Y Z shut down crarr
XXXgtconf i gur e por t X Y Z et her net mode access crarr
XXXgtconf i gur e por t X Y X no shut down crarr
Part2 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
a View the in-use Service LDP bindings on the P and PE routers (U after label
indicates in-use)
XXX show r out er l dp bi ndi ngs f ec- t ype ser vi ces crarr
a How many Ingress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3952
39
b How many Egress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
b Network Connectivity
a How many OSPF adjacencies are there on your CE device _____
b
Are you able to ping the other CE devices in the lab _____c Are you able to ping the system IP address of the P device from the CE
device ____
d Explain the results
_______________________________________________________________
_______________________________________________________________
c Services Use the following command to determine the health of your services
XXXgt show ser vi ce servi ce- usi ng crarr
a How many services are there on each device in your POD ______
b
What is their status ______c Use the following command to find out more information about your service
XXXgt show ser vi ce i d 1 base crarr
d On each PE device we can see the MAC database per service using the
following command
XXXgt show ser vi ce i d 1 f db det ai l crarr
i How many local MAC addresses are in your table ____
ii How many remote MAC addresses are in your table ____
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
XXXgtconf i gur e servi ce sdp x shutdown crarr
Where x is the SDP to the remote PE device (R5=5 R6=6 R7=7 R8=8)
i How many OSPF adjacencies are there on your CE device _____
ii Ping the system IP addresses of all other CE devices in the lab
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4052
40
iii Explain the results
_________________________________________________________
_________________________________________________________
f On the P routers observe the impact of step d
XXXgtshow r out er l dp bi ndi ngs act i ve crarr
i
How many labels are there _____________
ii Is there any difference compared to what was seen in previously in
step a ________________
Explain __________________________________________________________________
__________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4152
41
Solutions
Exercise 13 Hardware
Sample Relevant Config--------------------------------------------------
echo Card Configuration--------------------------------------------------
card 1card-type iom-20g
mda 1
mda-type m60-10100eth-tx
ingress
mcast-path-managementshutdown
exit
exit
exit
exit
--------------------------------------------------
Exercise 14 Logs
Sample Relevant Config--------------------------------------------------echo Log Configuration
--------------------------------------------------
log
log-id 21
description Main stream log
from main
to memoryexit
log-id 22
description Security Log File
from security
to memoryexitlog-id 23
description Debug-trace
from debug-trace
to memoryexit
log-id 24
description Change Log
from change
to memoryexit
exit
Exercise 21
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4252
42
Divide up the ISP address space into equal space 512 host addresses
13812016022
13812020022
13812024022
13812028022 - divide into 13812028023 and 13812030023
Take the last 13812030023 and divide that into
13812030027 A1 30 hosts
138120303227 A2 62 hosts
138120306427
138120309627 B1 92 hosts
1381203012826
1381203019226 B2 316 hosts
13812031024
Exercise 22
Divide 140100024 into 827 address spaces
140100027 Reserved Reserved
1401003227 Unused
1401006427 Unused
1401009627 Split 1401009630
14010010030
14010010430
14010010830
14010011230
14010011630
14010012030
14010012430
All interface addresses
14010012827 Aggregate 14010012826 Assigned to Customer
space
14010016027
14010019227 Aggregate 14010019226 Assigned to customer
space
14010022427
Exercise 23
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4352
43
5 Is there a difference between the outputs of the lsquoshow router interfacersquo command
and the lsquoshow router route-tablersquo command What is the difference
Yes there is a difference The route table shows me the networks that are connected to myrouter and the logical interface it is connected to The router interface command shows
me the host address assigned to the port from the network that is used on my router along
with the physical port it is bound to
Relevant Configuration from P1
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
router
interface system
address 140100132
exit
interface t-R2exit
interface to-R2
address 140100530
port 112exit
interface to-R3
address 14010010930
port 113
exitinterface to-R5
address 14010011830
port 111
exit
exit
Exercise 244 How many ARP entries are on each router at this point
There are no ARP entries in my ARP table at this point The routers do not know how to
reach the system addresses of other routers so no ARP responses are received
5 How many ARP entries are on each router at this point
I see entries for each of my directly connected peers The MAC address belongs to the
remote routerrsquos interface ARP entries are populated because all routers know of theirdirectly connected networks and will respond to ARP requests accordingly
Exercise 31
5 View the contents of the routing table and answer the following questions
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4452
44
a How many routes in the table
There are routes for all my connected networks and an additional STATIC routefor each entry I put in
b What is the preference and metric value of each type of routing entry
The LOCAL entries have a Metric and Preference of 0The Static Routes have a Metric of 1 and a Preference of 5
Exercise 323 How many routes are there in the PPE routerrsquos routing table
Even though I entered 4 static routes total on the router only 2 are active in myrouting table The router preferred the static-route with the lowest metric
4 Which devices were reachable
I was able to ping the CE routers
Which devices were not reachable
I was unable to ping the System addresses of routers 2 hops away as they do not have
routes to the remote CE system address in their table The directly attached PE routerhas a staticroute to the local CE system address from a previous step
What is the PATH to the other CE within your local ISP
CE PE PE CE
5
Shut down the link directly between the PE devices
Which Devices are still reachable
I am still able to PING the other CE in my ISP by using the alternate (floating) static-route that replaced the last route Once a interface goes operationally down routers
flush routes from their routing table that use it as their next-hop
Exercise 33
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4552
45
YES While the filter is created it is not applied to any interface yet
11 From the PE ping the attached CErsquos configured host loopback address
SuccessfulYES
12 From the CE ping the attached PErsquos system IP addresses
Successful NO The filter is blocking icmp echo-requests in only one direction therefore ping
works one way but not the other
17 From the PE ping the attached CErsquos loopback host IP address
Successful
YES ICMP echo-requests are not blocked to the Loopback segment ONLY thesystem IP
18 From the CE ping the attached PErsquos system IP address
Successful
NO The filter is now blocking ICMP echo-requests to both CE and PE systemaddresses
Sample PE Relevant Config
--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forwarddescription Block ICMP to System Address
entry 10 create
match protocol icmpdst-ip 1511003032
icmp-type echo-request
exit
action drop
exit
exitexit
--------------------------------------------------
echo Router (Network Side) Configuration
--------------------------------------------------
interface to-R12
address 15110012630 port 112
ingress filter ip 77
exit
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4652
46
Sample CE Relevant Config--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forward
description Block ICMP to System Addy
entry 10 creatematch protocol icmp
dst-ip 1511003132
icmp-type echo-request
exit
action dropexit
exit
exit
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
interface to-R8
address 15110012530
port 112ingress filter ip 77
exit
Exercise 413
c How many routes in the table
There are 5 OSPF routes in my routing table 3 System Addresses and 2 Intefacenetworks that are not directly connected to my local system
d What is the preference and metric value of each OSPF Route
The OSPF routes vary in metric depending how ldquofarrdquo away they are (OSPF usescumulative cost based on bandwidth) but all have a preference of 10
4c How many neighbors do you see on the P devices 2
PE 2
CE 0
d What is the state of their adjacency
The P and PE adjacencies are Established because there is a OSPF speaker on the
other end with the proper parameters configured
There is no OSPF adjacency to the CE router listed as none was configured
e What type of LSAs are in the database
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4752
47
Only Type 1 Router LSA are present due to the interface being configured as point-
to-point
5 Which devices were reachable
All the devices in the local ISP were now reachable
Which devices were not reachable
The devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs Also none of the CE Host Networks were reachable as therouters did not have routes for these networks in their local routing table
6 Which devices were reachable
All networks and devices in the local ISP are now reachable
Which devices were not reachable
Devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs
Sample Relevant Config
--------------------------------------------------
echo OSPFv2 Configuration
--------------------------------------------------
ospf
area 0000interface system
interface-type point-to-point
exit
interface to-R4interface-type point-to-point
exitinterface toLAN
interface-type point-to-point
exitexit
exit
exit
Exercise 515 How many routes are advertised to each neighbor
There are no routes advertised to the neighbors because BGP does not originateroutes until an export policy is created and applied to the BGP instance
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4852
48
8 How many routes are in the routing table of R1-R4
There is 1 BGP route in each of R1-R4s routing tables matching the best path tothe aggregate advertised by the remote ISPs
9 Which devices were reachable
From the PE routers only the P routers in the local ISP were reachable
Which devices were not reachable
All routers in the remote ISP were still unreachable This is due to the local PE router
not participating in the BGP routing protocol and therefore it is not aware of theaggregate route advertised from P to P router
Sample Relevant Router Config
--------------------------------------------------
echo Static Route Configuration
--------------------------------------------------
static-route 140100024 black-hole--------------------------------------------------
echo Policy Configuration
-------------------------------------------------- policy-options
begin
policy-statement Export_Routes
entry 10
from protocol static
exit
action accept
exit
exit
exit
commitexit
--------------------------------------------------
echo BGP Configuration
--------------------------------------------------
bgpgroup eBGP
export Export_Routes
exit
group ebgpneighbor 1601006
peer-as 65002
exit
exitgroup ibgp
neighbor 1401002
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4952
49
peer-as 65001
exit
exit
exit
exit
Exercise 61Part 4 Verification
1 a How many PUSH actions on the P PE and CE devices
There are 7 PUSH operations on each P and PE device There are no PUSHoperations on the CE as it is not running LDP
b How many SWAP actions on the P PE and CE devices
There are 7 SWAP operations on each P and PE device There are no SWAP
operations on the CE as it is not running LDP
c How many POP actions on the P PE and CE devices
There is 1 POP operation on each P and PE device There are no POP operationson the CE device as it is not running LDP
2
a How many OSPF adjacencies are there on your CE device
None
b Ping the other CE devices in the network (ping 1921681x)
Nothing is reachable because there is no layer 2 connectivity from CE to CE
device without creating a service
Exercise 62 3 Were you successful at adding the SAP
No The port must be in access mode before you can create a SAP on it
Part 2 Verification
1
g How many Ingress labels
There are now 3 Ingress labels on the PE devices The P and CE device has no
service labels
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5052
50
h How many SWAP actions
There are now 3 Egress labels on the PE devices The P and CE device has noservice labels
2
a
How many OSPF adjacencies are there on your CE device3
b Are you able to ping the other CE devices in the lab
YES
c Are you able to ping the system IP address of the P device from the CE
device
NO The O and PE devices are private from the service to which the CEdevices are connected on
3
a How many services are there on each device in your POD
1 per PE only
b What is their status
Operationally UP
d On each PE device we can see the MAC database per service using the
following command
iii How many local MAC addresses are in your table
1
iv How many remote MAC addresses are in your table
3
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
i How many OSPF adjacencies are there on your CE device
1
ii Ping the system IP addresses of all other CE devices in the lab
Only the CE device connected to the diagonally connected PE isreachable because it is the only one with an active SDP in both
directionsf
i How many labels are there
Same as before
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5152
51
ii Is there any difference compared to what was seen in previously
in step a
NO The LSPs created with LDP are still active only the SDP usedto bind the LSPs to the service are shut down therefore no labelswill be withdrawn
Sample PE Relevant Configuration
--------------------------------------------------echo LDP Configuration
--------------------------------------------------
ldpinterface-parameters
interface to-R1
exit
interface to-R6
exit
interface to-R5exit
exit
targeted-session
exit
exitexit
--------------------------------------------------
echo Service Configuration
--------------------------------------------------
service
customer 1 createdescription Default customer
exit
sdp 6 mpls createfar-end 1401006
ldp
keep-alive
shutdown
exit
no shutdown
exitsdp 7 mpls create
far-end 1511001
ldp
keep-alive
shutdownexit
no shutdown
exit
sdp 8 mpls create
far-end 15110030
ldpkeep-alive
shutdown
exit
no shutdown
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5252
52
exit
vpls 612 customer 1 create
stp
shutdown
exitsap 112 create
exit
mesh-sdp 6612 create
mesh-sdp 7612 create
mesh-sdp 8612 createexitno shutdown
exit
exit A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2352
23
What path is being taken to the other CE within your local ISP ____________________________________________________________________
5 Shut down the link directly between the PE devices
XXXgtconfigure port XYZ shutdown crarr
Which devices are still reachable _______________________________
Explain _____________________________________________________________________
_____________________________________________________________________A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2452
24
Section 33 ndash IP Filters
Objective
In this exercise the student will configure an IP filter on the routers to block ICMP echo-
request access to an IP address range
To configure an IP filter we must first determine the address and protocol types that we
will be allowing access to and the direction where the filter will be applied In this casewe will be blocking access to any of the CE customer host addresses from the protocol
ICMP (IP Protocol type 1) We will block access in the INGRESS direction on the CEinterface towards the PE
CE Routers Only
6 Create and describe the filter ip instance on the CE device
XXXgt configure filter ip-filter 77 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er $ description ldquoBlock ICMP to Customernetworkrdquo
7 Set the default-action to forward
XXXgtconf i ggtf i l t er gti p- f i l t er $ default-action forward crarr
8 Deny access to all host address range only for ICMP echo-requests Note We will
match in the ingress direction
XXXgtconf i ggtf i l t er gti p- f i l t er $ entry 10 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match dst-ip xxxxxxxxyy crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match protocol 1 icmp-type echo-
request crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ action drop crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ exit all crarr
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful _____Explain _____________________________________________________________________
_____________________________________________________________________
10 Apply the filter on the CE to the router interface connected to the PE device
XXXgt configure router interface toPEx crarr
XXX gtconf i ggtr out ergti f $ ingress filter ip 77 crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2552
25
11 From the PE ping the attached CErsquos configured host loopback address Successful _____
12 From the CE ping the attached PErsquos system IP addresses Successful _____Explain
_____________________________________________________________________
_____________________________________________________________________
PE Routers only Do not start until CE Router section is completed
13 Create and describe the filter ip instance on the PE device
XXXgt configure filter ip-filter 77 create crarr XXXgtconf i ggtf i l t er gti p- f i l t er $ description ldquoBlock ICMP to System
Addressrdquo
14 Set the default-action to forward
XXXgtconf i ggtf i l t er gti p- f i l t er $ default-action forward crarr
15 Deny access to the system IP address only for ICMP echo-requests Note We willmatch in the ingress direction so the packets will destined to the system IP address
XXXgtconf i ggtf i l t er gti p- f i l t er $ entry 10 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match dst-ip xxxxxxxxyy crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match protocol 1 icmp-type echo-
request crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ action drop crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ exit all crarr
16 Apply the filter to the router interface connected to the CE device
XXXgtconfigure router interface toCExcrarr
XXXgtingress filter ip 77 crarr
17 From the PE ping the attached CErsquos loopback host IP address Successful _____
18 From the CE ping the attached PErsquos system IP address Successful _____Explain
_____________________________________________________________________ _____________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2652
Lab 4 Open Shortest Path First (OSPF)
Section 41 ndash Single Area OSPF
Objective
In this exercise the student will configure a single area OSPF network for each ISP Thislab will demonstrate the different databases that are created by the OSPF routing
protocol
CE4R12
26
Figure 4 OSPF in each ISP
NOTE Remove all static routes configured in the P and PE devices in the previous
labs DO NOT remove the static routes to CE networks on the PE
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
OSPF
OSPF
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2752
27
1 The first step is to enable the OSPF routing process on the router
XXX configure router ospf crarr
2 Next define the area that the interfaces will be placed in Remember that the areamust match between routers connected on the same interface for OSPF to establish an
adjacency The objective of this exercise is to configure a single area OSPF network
therefore all students should use the same area number
XXXgtconf i ggtr outergtospf $ area 0 crarr
3 Now enter into this area all the interfaces that you want OSPF to operate on and sendout its advertisements In this case place all the PE and P router interfaces inside thelocal ISP into the OSPF process area 0 Note that ISPs rarely exchange routes witheach other using an IGP protocol of any sort
XXXgtconf i ggtr out er gtospf gtar ea$ interface system crarr
XXXgtconf i ggtr outergtospf gtar eagti f $ exit crarr XXXgtconf i ggtr outergtospf gtar eagt interface toPE1
XXXgtconf i ggtr out ergtospf gtareagti f $ interface-type point-to-point crarr
Continue until all the interfaces on the PE and P routers within the ISP are enteredinto the OSPF process in area 0
XXXgtshow r out er r out e- t abl e crarr
a How many routes in the table ________ b
_________________________________________________________________ _________________________________________________________________
_________________________________________________________________ _________________________________________________________________
What is the preference and metric value of each OSPF Route
4 Use the show command to look at the OSPF neighbors of the P routers
XXXgtshow r out er ospf nei ghbor crarr
a How many neighbors do you see on the P devices _____ PE _____ CE _____
b What is the state of their adjacency ____ Why
____________________________________________________________________
____________________________________________________________________
Use the following command to show the ospf link state database This database is alisting of all LSAs that have been received by the router It is these LSAs that the SPFalgorithm uses to create the forwarding table
XXX show router ospf database detail crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2852
28
a What types of LSAs are in the database _______________________________________________________________
_______________________________________________________________ b Is the database consistent on all the ISP routers _______
5 Once everyone has completed the OSPF configuration login to the P router and ping
the other PE router system interfaces
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________Which devices were not reachable ______________________________
Explain _____________________________________________________________________ ___________________________________________________________________
6 To reach the CE networks from any of the PE and P routers the CE networks need to
be distributed into OSPF running on PE and P routers The static routes to the CEnetworks are defined on the PE routers and need to be distributed on the PE routers
To do this
a
the PE router must be configured as an ASBR (Autonomous System Border
Router) The ASBR configuration under OSPF enables a router running the OSPFrouting protocol to distribute networks external to the OSPF domain into OSPFIn this case the static routes to the CE networks are not part of the ISP OSPF
domainOn the PE routerXXXgtconf i ggtr out er gtospf gtar ea 0 asbrcrarr
b A routing policy on the PE distributes the static routes into OSPF
On the PE routerXXX configure router policy-options crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons begin crarr XXXgtconf i ggtr out ergtpol i cy- opt i ons policy-statement Export_Routes crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement $ entry 10 crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y$
from protocol static crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y
action accept crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r ygtact i on
back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons commit crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons exit all crarr XXXgtconf i ggtr outergtospf export Export_Routes
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2952
29
7 From the PE and the P routers ping all the CE networks (ie ping the CE hostloopback address) within the ISP
Which devices were reachable _______________________________
Which devices were not reachable ______________________________Explain
_____________________________________________________________________
___________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3052
Lab 5 BGP Routing
Section 51 ndash BGP Routing
Objective
In this exercise the student will configure their ISP as a BGP Autonomous System The
student will then configure the BGP routing protocol to connect the Autonomous Systemstogether and exchange routing information
CE4R12
Figure 5 BGP between ISPs and within ISPs
30
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
OSPF
OSPF
BGP
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3152
31
1 Assign your AS number to your P and PE routers (R1-R8)
XXXgtconf i ggtr out er autonomous-system 6500n (n = ISP) crarr
2 P1 and P3 P2 and P4 will be configured as external BGP peers (eBGP) Note thateBGP peers typically use the next-hop interface IP address as the neighbor address
Since the ISPs will now be peering (share an IP network) between them assign the
link between P1 and P3 host addresses from 145001031 and the link between P2and P4 will be assigned hosts from the 145002031 network
XXXgtconf i ggtr out er bgp gr oup eBGP crarr
XXXgtconf i ggtr out er gtbgpgtgroup$ nei ghbor xxxxxxxx crarr
XXXgtconf i ggtr outergtbgpgtgroupgtnei ghbor$ peer - as ltremote ASgt crarr
3 P1 and P2 P3 and P4 will be configured as internal BGP peers (iBGP) Note that
iBGP peers typically use the system interface IP address as the neighbor address
XXXgtconf i ggtr out er bgp group i BGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ nei ghbor xx xx xx xx crarr
XXXgtconf i ggtr outergtbgpgtgroupgtnei ghbor$ peer - as ltl ocal ASgt crarr
4
At this point each P router should have one internal and one external BGP session
xxx show r out er bgp summar y crarr
5
We can see the advertised routes for reach neighbor using the following command
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
a How many routes are advertised to each neighbor _____ b Explain
____________________________________________________________ __________________________________________________________
6
BGP like other distance vector protocols requires an export policy to advertise-routes to other BGP peers The most accepted way to originate a route from an ISP isto create a black-hole static route for all aggregates to be advertised This will ensure
these routes always exit to eliminate IGP related route flapping Create the black-holestatic route for the aggregate of your local ISP A black hole indicates that traffic fora particular route will be discarded unless a more specific route exists in the routing
table A black hole static-route only makes sense from an aggregation view point Foreg if there are the following routes in the routing table
XXX configure router static-route xxxxxxxxyy black-hole
preference 250
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3252
32
8 Execute the following set of commands on the core routers (R1-R4) This will exportall static routes to the eBGP peers
XXX configure router policy-options crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons begin crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons policy-statement Export_Routes crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement $ entry 10 crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y$
from protocol static crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y
action accept crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r ygtact i on
back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons commit crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons exit all crarr
XXXconf i gur e router bgp group eBGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ expor t Expor t _Routes crarr
NOTE Wait for all nodes to be fully configured before proceeding
7
Notice that there are routes being advertised now that the policy is applied
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
How many routes are in the routing table of R1-R4 ________________Explain
_____________________________________________________________________ ___________________________________________________________________
9 Log on to the PE routers and ping the other P router system interfaces of the other ISP
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________Which devices were not reachable ______________________________
Explain _____________________________________________________________________
___________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3352
Lab 6 Services
Section 61 Services Framework
Objective
In order to complete the next group of labs we need to create a topology to support the
services we will deploy The two service providers from the previous sections havemerged into one and are offering a VPLS service across their network As long as routesexist to the system addresses of all the PE devices in the provider network a VPLSservice can be created The new service provider is running OSPF as the IGP for their
core network
33
Figure 6 Service Provider core network
CE4R12
P1R1 P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
OSPF
CE3R11
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3452
34
Running an IPMPLS-based service requires a Label Distribution Protocol (wersquoll useLDP for ease of deployment) and a full mesh of Service Distribution Paths (SDPs)
Follow the steps below
Reference Terminology
R1-R4 = Provider Routers = P1-P4
R5-R8 = Provider Edge Routers = PE1-PE4R9-R12 = Customer Edge Routers = CE1-CE4
Part 1 Provider Router Configuration (P1-P4)
1) In the previous lab routing between ISPs is provided by BGP Since the ISPs have
merged they will be merged into one routing domain running OSPF as their IGP
The interfaces between R1 and R3 and between R2 and R4 must be added to OSPF to
make this a single routing domain
2) The MPLS signaling protocol that will be used in the following section is LDP LDP
must be enabled on ALL interfaces that will be required to perform MPLS Label
exchange
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr
XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toP_ is the router interface to all neighboring routers
Part 2 Provider Edge Router Configuration (PE1-PE4)
1) LDP must be enabled on ALL router interfaces in the provider core to allow labels to
be exchanged across the Provider and Provider Edge routers
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toR_ is the router interface to the P and PE routers only
LDP is an MPLS signaling protocol therefore once all routers in the network have been
correctly configured for LDP LSPs will be created dynamically based on the systemaddresses of each node in the network
3) Configure a full mesh of SDPs (Service Distribution Paths) between the PE routers
only This will allow the distribution of services across all PE routers in the networks
When yoursquove completed this section each PE node will have a total of 3 SDPs to
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3552
35
each of the other 3 PEs The SDP is identified by an integer and we will use the router
number (5 6 7 or 8) of the far end PE to identify the SDP So PE1 (R5) will have 3
SDPs numbered 6 7 and 8 to each of the other three PEs
XXXgtconf i gure servi ce sdp x mpl s cr eat e crarr
XXXgtconf i ggtser vi cegtsdp$ f ar - end xxxxxxxxxxxx crarr
XXXgtconf i ggtser vi cegtsdp$ l dp crarr
XXXgtconf i ggtser vi cegtsdp$ no shut down crarr
Where x is the router number of the destination node
Where xxxxxxxxxxxx is the system IP address of the far-end device
Part 3 Customer Edge Router Configuration (CE1-CE4)
In the following service labs the Customer Edge devices will be configured as traditional
routers Each CE router has an interface in the same IP subnet The VPLS service will join these four routers in the same way an Ethernet switch would join them Thefollowing configuration is required on each CE device
1) Create the router interface on the interface connecting the CE to the service enabled
PE devices
XXXgtconf i gure r out er i nt er f ace ser vi cesCE_ crarr
XXXgtconf i ggtr out ergti f $ addr ess 192 168 1 x 24 crarr
XXXgtconf i ggtr out ergti f $ por t X Y Z crarr XXXgtconf i ggtr outergti f $ no shutdown
Where x is the local router number
Where XYZ is the physical network port connecting the CE to the neighboring
PE
2) Create OSPF area 0 and add the Router Interface created in step 1 and the system
interface to it
XXXgtconf i gur e rout er ospf area 0 crarr
XXXgtconf i ggtr out ergtospf gtarea$ i nter f ace syst emcrarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
XXXgtconf i ggtr out ergtospf gtarea i nter f ace servi ceCE1 crarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
Part 4 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3652
36
1) LDP is the protocol used for signaling which tunnel labels will be PUSHed
SWAPped POPped while data traverses the LSP To view which labels will be used
and their function use the following command
XXX show r out er l dp bi ndi ngs act i ve crarr
a How many PUSH actions on the P PE and CE devices
_______________________ Explain _______________________________________________________________
_______________________________________________________________
__________
b How many SWAP actions on the P PE and CE devices
_______________________ Explain
_______________________________________________________________
_______________________________________________________________
__________
c How many POP actions on the P PE and CE devices
_________________________ Explain
_______________________________________________________________ _______________________________________________________________
__________
2) CE Connectivity
a How many OSPF adjacencies are there on your CE device _____
b Ping the other CE devices in the network (ping 1921681x)
Explain the results ________________________________________________________________________ ________________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3752
Section 62 VPLS Example
Objective
A VPLS is a layer 2 service that can connect multiple sites in one LAN Itrsquos like creatinga virtual Switch out of a network of Service Routers In this lab we will create a VPLSacross all the PE nodes The PE devices will connect to each other with a full mesh using
mesh-sdp Note that after the service reference topology has been configured adding
services from edge to edge does not require any further modification of the P devices
37
Figure 6 VPLS service in each ISP between PE and P routers with SAP connections to CE routers
Part 1 Provider Edge Router Configuration (R5-R8)
1) Create the VPLS service
CE4R12
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
CE3R11
VPLS 1
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3852
38
XXXgtconf i gur e servi ce vpl s 1 cust omer 1 cr eat e crarr
XXXgtconf i ggtser vi cegtvpl s$ no shut down crarr
2) SDPs are used to distribute services across multiple service routers and therefore
bind a transport tunnel to the service You will need to create a mesh-sdp between
each PE router (R5-R8) to allow full communication across the PE routers Each PE
router should have 3 mesh-SDPs at the conclusion of this step Note that a mesh-sdp
will not forward a frame out another mesh-sdp allowing for a loop free service
topology within the core
XXXgtconf i gur e ser vi ce vpl s 1 mesh- sdp x create crarr
XXXgtconf i ggtser vi cegtvpl sgtmesh- sdp$ back crarr
Where x is the sdp to the other PE routers (R5=5 R6=6 R7=7 R8=8)
3) Service Access Points are used to attach CE devices to services on PE devices
XXXgtconf i gur e servi ce vpl s 1 sap X Y Z cr eat e crarr
Where XYZ is the physical port connecting the CE device to the PE
a Were you successful at adding the SAP _______
b Explain
_______________________________________________________________
_______________________________________________________________
c Correct the problem
XXXgtconf i gur e port X Y Z shut down crarr
XXXgtconf i gur e por t X Y Z et her net mode access crarr
XXXgtconf i gur e por t X Y X no shut down crarr
Part2 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
a View the in-use Service LDP bindings on the P and PE routers (U after label
indicates in-use)
XXX show r out er l dp bi ndi ngs f ec- t ype ser vi ces crarr
a How many Ingress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3952
39
b How many Egress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
b Network Connectivity
a How many OSPF adjacencies are there on your CE device _____
b
Are you able to ping the other CE devices in the lab _____c Are you able to ping the system IP address of the P device from the CE
device ____
d Explain the results
_______________________________________________________________
_______________________________________________________________
c Services Use the following command to determine the health of your services
XXXgt show ser vi ce servi ce- usi ng crarr
a How many services are there on each device in your POD ______
b
What is their status ______c Use the following command to find out more information about your service
XXXgt show ser vi ce i d 1 base crarr
d On each PE device we can see the MAC database per service using the
following command
XXXgt show ser vi ce i d 1 f db det ai l crarr
i How many local MAC addresses are in your table ____
ii How many remote MAC addresses are in your table ____
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
XXXgtconf i gur e servi ce sdp x shutdown crarr
Where x is the SDP to the remote PE device (R5=5 R6=6 R7=7 R8=8)
i How many OSPF adjacencies are there on your CE device _____
ii Ping the system IP addresses of all other CE devices in the lab
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4052
40
iii Explain the results
_________________________________________________________
_________________________________________________________
f On the P routers observe the impact of step d
XXXgtshow r out er l dp bi ndi ngs act i ve crarr
i
How many labels are there _____________
ii Is there any difference compared to what was seen in previously in
step a ________________
Explain __________________________________________________________________
__________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4152
41
Solutions
Exercise 13 Hardware
Sample Relevant Config--------------------------------------------------
echo Card Configuration--------------------------------------------------
card 1card-type iom-20g
mda 1
mda-type m60-10100eth-tx
ingress
mcast-path-managementshutdown
exit
exit
exit
exit
--------------------------------------------------
Exercise 14 Logs
Sample Relevant Config--------------------------------------------------echo Log Configuration
--------------------------------------------------
log
log-id 21
description Main stream log
from main
to memoryexit
log-id 22
description Security Log File
from security
to memoryexitlog-id 23
description Debug-trace
from debug-trace
to memoryexit
log-id 24
description Change Log
from change
to memoryexit
exit
Exercise 21
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4252
42
Divide up the ISP address space into equal space 512 host addresses
13812016022
13812020022
13812024022
13812028022 - divide into 13812028023 and 13812030023
Take the last 13812030023 and divide that into
13812030027 A1 30 hosts
138120303227 A2 62 hosts
138120306427
138120309627 B1 92 hosts
1381203012826
1381203019226 B2 316 hosts
13812031024
Exercise 22
Divide 140100024 into 827 address spaces
140100027 Reserved Reserved
1401003227 Unused
1401006427 Unused
1401009627 Split 1401009630
14010010030
14010010430
14010010830
14010011230
14010011630
14010012030
14010012430
All interface addresses
14010012827 Aggregate 14010012826 Assigned to Customer
space
14010016027
14010019227 Aggregate 14010019226 Assigned to customer
space
14010022427
Exercise 23
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4352
43
5 Is there a difference between the outputs of the lsquoshow router interfacersquo command
and the lsquoshow router route-tablersquo command What is the difference
Yes there is a difference The route table shows me the networks that are connected to myrouter and the logical interface it is connected to The router interface command shows
me the host address assigned to the port from the network that is used on my router along
with the physical port it is bound to
Relevant Configuration from P1
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
router
interface system
address 140100132
exit
interface t-R2exit
interface to-R2
address 140100530
port 112exit
interface to-R3
address 14010010930
port 113
exitinterface to-R5
address 14010011830
port 111
exit
exit
Exercise 244 How many ARP entries are on each router at this point
There are no ARP entries in my ARP table at this point The routers do not know how to
reach the system addresses of other routers so no ARP responses are received
5 How many ARP entries are on each router at this point
I see entries for each of my directly connected peers The MAC address belongs to the
remote routerrsquos interface ARP entries are populated because all routers know of theirdirectly connected networks and will respond to ARP requests accordingly
Exercise 31
5 View the contents of the routing table and answer the following questions
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4452
44
a How many routes in the table
There are routes for all my connected networks and an additional STATIC routefor each entry I put in
b What is the preference and metric value of each type of routing entry
The LOCAL entries have a Metric and Preference of 0The Static Routes have a Metric of 1 and a Preference of 5
Exercise 323 How many routes are there in the PPE routerrsquos routing table
Even though I entered 4 static routes total on the router only 2 are active in myrouting table The router preferred the static-route with the lowest metric
4 Which devices were reachable
I was able to ping the CE routers
Which devices were not reachable
I was unable to ping the System addresses of routers 2 hops away as they do not have
routes to the remote CE system address in their table The directly attached PE routerhas a staticroute to the local CE system address from a previous step
What is the PATH to the other CE within your local ISP
CE PE PE CE
5
Shut down the link directly between the PE devices
Which Devices are still reachable
I am still able to PING the other CE in my ISP by using the alternate (floating) static-route that replaced the last route Once a interface goes operationally down routers
flush routes from their routing table that use it as their next-hop
Exercise 33
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4552
45
YES While the filter is created it is not applied to any interface yet
11 From the PE ping the attached CErsquos configured host loopback address
SuccessfulYES
12 From the CE ping the attached PErsquos system IP addresses
Successful NO The filter is blocking icmp echo-requests in only one direction therefore ping
works one way but not the other
17 From the PE ping the attached CErsquos loopback host IP address
Successful
YES ICMP echo-requests are not blocked to the Loopback segment ONLY thesystem IP
18 From the CE ping the attached PErsquos system IP address
Successful
NO The filter is now blocking ICMP echo-requests to both CE and PE systemaddresses
Sample PE Relevant Config
--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forwarddescription Block ICMP to System Address
entry 10 create
match protocol icmpdst-ip 1511003032
icmp-type echo-request
exit
action drop
exit
exitexit
--------------------------------------------------
echo Router (Network Side) Configuration
--------------------------------------------------
interface to-R12
address 15110012630 port 112
ingress filter ip 77
exit
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4652
46
Sample CE Relevant Config--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forward
description Block ICMP to System Addy
entry 10 creatematch protocol icmp
dst-ip 1511003132
icmp-type echo-request
exit
action dropexit
exit
exit
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
interface to-R8
address 15110012530
port 112ingress filter ip 77
exit
Exercise 413
c How many routes in the table
There are 5 OSPF routes in my routing table 3 System Addresses and 2 Intefacenetworks that are not directly connected to my local system
d What is the preference and metric value of each OSPF Route
The OSPF routes vary in metric depending how ldquofarrdquo away they are (OSPF usescumulative cost based on bandwidth) but all have a preference of 10
4c How many neighbors do you see on the P devices 2
PE 2
CE 0
d What is the state of their adjacency
The P and PE adjacencies are Established because there is a OSPF speaker on the
other end with the proper parameters configured
There is no OSPF adjacency to the CE router listed as none was configured
e What type of LSAs are in the database
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4752
47
Only Type 1 Router LSA are present due to the interface being configured as point-
to-point
5 Which devices were reachable
All the devices in the local ISP were now reachable
Which devices were not reachable
The devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs Also none of the CE Host Networks were reachable as therouters did not have routes for these networks in their local routing table
6 Which devices were reachable
All networks and devices in the local ISP are now reachable
Which devices were not reachable
Devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs
Sample Relevant Config
--------------------------------------------------
echo OSPFv2 Configuration
--------------------------------------------------
ospf
area 0000interface system
interface-type point-to-point
exit
interface to-R4interface-type point-to-point
exitinterface toLAN
interface-type point-to-point
exitexit
exit
exit
Exercise 515 How many routes are advertised to each neighbor
There are no routes advertised to the neighbors because BGP does not originateroutes until an export policy is created and applied to the BGP instance
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4852
48
8 How many routes are in the routing table of R1-R4
There is 1 BGP route in each of R1-R4s routing tables matching the best path tothe aggregate advertised by the remote ISPs
9 Which devices were reachable
From the PE routers only the P routers in the local ISP were reachable
Which devices were not reachable
All routers in the remote ISP were still unreachable This is due to the local PE router
not participating in the BGP routing protocol and therefore it is not aware of theaggregate route advertised from P to P router
Sample Relevant Router Config
--------------------------------------------------
echo Static Route Configuration
--------------------------------------------------
static-route 140100024 black-hole--------------------------------------------------
echo Policy Configuration
-------------------------------------------------- policy-options
begin
policy-statement Export_Routes
entry 10
from protocol static
exit
action accept
exit
exit
exit
commitexit
--------------------------------------------------
echo BGP Configuration
--------------------------------------------------
bgpgroup eBGP
export Export_Routes
exit
group ebgpneighbor 1601006
peer-as 65002
exit
exitgroup ibgp
neighbor 1401002
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4952
49
peer-as 65001
exit
exit
exit
exit
Exercise 61Part 4 Verification
1 a How many PUSH actions on the P PE and CE devices
There are 7 PUSH operations on each P and PE device There are no PUSHoperations on the CE as it is not running LDP
b How many SWAP actions on the P PE and CE devices
There are 7 SWAP operations on each P and PE device There are no SWAP
operations on the CE as it is not running LDP
c How many POP actions on the P PE and CE devices
There is 1 POP operation on each P and PE device There are no POP operationson the CE device as it is not running LDP
2
a How many OSPF adjacencies are there on your CE device
None
b Ping the other CE devices in the network (ping 1921681x)
Nothing is reachable because there is no layer 2 connectivity from CE to CE
device without creating a service
Exercise 62 3 Were you successful at adding the SAP
No The port must be in access mode before you can create a SAP on it
Part 2 Verification
1
g How many Ingress labels
There are now 3 Ingress labels on the PE devices The P and CE device has no
service labels
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5052
50
h How many SWAP actions
There are now 3 Egress labels on the PE devices The P and CE device has noservice labels
2
a
How many OSPF adjacencies are there on your CE device3
b Are you able to ping the other CE devices in the lab
YES
c Are you able to ping the system IP address of the P device from the CE
device
NO The O and PE devices are private from the service to which the CEdevices are connected on
3
a How many services are there on each device in your POD
1 per PE only
b What is their status
Operationally UP
d On each PE device we can see the MAC database per service using the
following command
iii How many local MAC addresses are in your table
1
iv How many remote MAC addresses are in your table
3
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
i How many OSPF adjacencies are there on your CE device
1
ii Ping the system IP addresses of all other CE devices in the lab
Only the CE device connected to the diagonally connected PE isreachable because it is the only one with an active SDP in both
directionsf
i How many labels are there
Same as before
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5152
51
ii Is there any difference compared to what was seen in previously
in step a
NO The LSPs created with LDP are still active only the SDP usedto bind the LSPs to the service are shut down therefore no labelswill be withdrawn
Sample PE Relevant Configuration
--------------------------------------------------echo LDP Configuration
--------------------------------------------------
ldpinterface-parameters
interface to-R1
exit
interface to-R6
exit
interface to-R5exit
exit
targeted-session
exit
exitexit
--------------------------------------------------
echo Service Configuration
--------------------------------------------------
service
customer 1 createdescription Default customer
exit
sdp 6 mpls createfar-end 1401006
ldp
keep-alive
shutdown
exit
no shutdown
exitsdp 7 mpls create
far-end 1511001
ldp
keep-alive
shutdownexit
no shutdown
exit
sdp 8 mpls create
far-end 15110030
ldpkeep-alive
shutdown
exit
no shutdown
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5252
52
exit
vpls 612 customer 1 create
stp
shutdown
exitsap 112 create
exit
mesh-sdp 6612 create
mesh-sdp 7612 create
mesh-sdp 8612 createexitno shutdown
exit
exit A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2452
24
Section 33 ndash IP Filters
Objective
In this exercise the student will configure an IP filter on the routers to block ICMP echo-
request access to an IP address range
To configure an IP filter we must first determine the address and protocol types that we
will be allowing access to and the direction where the filter will be applied In this casewe will be blocking access to any of the CE customer host addresses from the protocol
ICMP (IP Protocol type 1) We will block access in the INGRESS direction on the CEinterface towards the PE
CE Routers Only
6 Create and describe the filter ip instance on the CE device
XXXgt configure filter ip-filter 77 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er $ description ldquoBlock ICMP to Customernetworkrdquo
7 Set the default-action to forward
XXXgtconf i ggtf i l t er gti p- f i l t er $ default-action forward crarr
8 Deny access to all host address range only for ICMP echo-requests Note We will
match in the ingress direction
XXXgtconf i ggtf i l t er gti p- f i l t er $ entry 10 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match dst-ip xxxxxxxxyy crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match protocol 1 icmp-type echo-
request crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ action drop crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ exit all crarr
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful _____Explain _____________________________________________________________________
_____________________________________________________________________
10 Apply the filter on the CE to the router interface connected to the PE device
XXXgt configure router interface toPEx crarr
XXX gtconf i ggtr out ergti f $ ingress filter ip 77 crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2552
25
11 From the PE ping the attached CErsquos configured host loopback address Successful _____
12 From the CE ping the attached PErsquos system IP addresses Successful _____Explain
_____________________________________________________________________
_____________________________________________________________________
PE Routers only Do not start until CE Router section is completed
13 Create and describe the filter ip instance on the PE device
XXXgt configure filter ip-filter 77 create crarr XXXgtconf i ggtf i l t er gti p- f i l t er $ description ldquoBlock ICMP to System
Addressrdquo
14 Set the default-action to forward
XXXgtconf i ggtf i l t er gti p- f i l t er $ default-action forward crarr
15 Deny access to the system IP address only for ICMP echo-requests Note We willmatch in the ingress direction so the packets will destined to the system IP address
XXXgtconf i ggtf i l t er gti p- f i l t er $ entry 10 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match dst-ip xxxxxxxxyy crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match protocol 1 icmp-type echo-
request crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ action drop crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ exit all crarr
16 Apply the filter to the router interface connected to the CE device
XXXgtconfigure router interface toCExcrarr
XXXgtingress filter ip 77 crarr
17 From the PE ping the attached CErsquos loopback host IP address Successful _____
18 From the CE ping the attached PErsquos system IP address Successful _____Explain
_____________________________________________________________________ _____________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2652
Lab 4 Open Shortest Path First (OSPF)
Section 41 ndash Single Area OSPF
Objective
In this exercise the student will configure a single area OSPF network for each ISP Thislab will demonstrate the different databases that are created by the OSPF routing
protocol
CE4R12
26
Figure 4 OSPF in each ISP
NOTE Remove all static routes configured in the P and PE devices in the previous
labs DO NOT remove the static routes to CE networks on the PE
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
OSPF
OSPF
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2752
27
1 The first step is to enable the OSPF routing process on the router
XXX configure router ospf crarr
2 Next define the area that the interfaces will be placed in Remember that the areamust match between routers connected on the same interface for OSPF to establish an
adjacency The objective of this exercise is to configure a single area OSPF network
therefore all students should use the same area number
XXXgtconf i ggtr outergtospf $ area 0 crarr
3 Now enter into this area all the interfaces that you want OSPF to operate on and sendout its advertisements In this case place all the PE and P router interfaces inside thelocal ISP into the OSPF process area 0 Note that ISPs rarely exchange routes witheach other using an IGP protocol of any sort
XXXgtconf i ggtr out er gtospf gtar ea$ interface system crarr
XXXgtconf i ggtr outergtospf gtar eagti f $ exit crarr XXXgtconf i ggtr outergtospf gtar eagt interface toPE1
XXXgtconf i ggtr out ergtospf gtareagti f $ interface-type point-to-point crarr
Continue until all the interfaces on the PE and P routers within the ISP are enteredinto the OSPF process in area 0
XXXgtshow r out er r out e- t abl e crarr
a How many routes in the table ________ b
_________________________________________________________________ _________________________________________________________________
_________________________________________________________________ _________________________________________________________________
What is the preference and metric value of each OSPF Route
4 Use the show command to look at the OSPF neighbors of the P routers
XXXgtshow r out er ospf nei ghbor crarr
a How many neighbors do you see on the P devices _____ PE _____ CE _____
b What is the state of their adjacency ____ Why
____________________________________________________________________
____________________________________________________________________
Use the following command to show the ospf link state database This database is alisting of all LSAs that have been received by the router It is these LSAs that the SPFalgorithm uses to create the forwarding table
XXX show router ospf database detail crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2852
28
a What types of LSAs are in the database _______________________________________________________________
_______________________________________________________________ b Is the database consistent on all the ISP routers _______
5 Once everyone has completed the OSPF configuration login to the P router and ping
the other PE router system interfaces
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________Which devices were not reachable ______________________________
Explain _____________________________________________________________________ ___________________________________________________________________
6 To reach the CE networks from any of the PE and P routers the CE networks need to
be distributed into OSPF running on PE and P routers The static routes to the CEnetworks are defined on the PE routers and need to be distributed on the PE routers
To do this
a
the PE router must be configured as an ASBR (Autonomous System Border
Router) The ASBR configuration under OSPF enables a router running the OSPFrouting protocol to distribute networks external to the OSPF domain into OSPFIn this case the static routes to the CE networks are not part of the ISP OSPF
domainOn the PE routerXXXgtconf i ggtr out er gtospf gtar ea 0 asbrcrarr
b A routing policy on the PE distributes the static routes into OSPF
On the PE routerXXX configure router policy-options crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons begin crarr XXXgtconf i ggtr out ergtpol i cy- opt i ons policy-statement Export_Routes crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement $ entry 10 crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y$
from protocol static crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y
action accept crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r ygtact i on
back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons commit crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons exit all crarr XXXgtconf i ggtr outergtospf export Export_Routes
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2952
29
7 From the PE and the P routers ping all the CE networks (ie ping the CE hostloopback address) within the ISP
Which devices were reachable _______________________________
Which devices were not reachable ______________________________Explain
_____________________________________________________________________
___________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3052
Lab 5 BGP Routing
Section 51 ndash BGP Routing
Objective
In this exercise the student will configure their ISP as a BGP Autonomous System The
student will then configure the BGP routing protocol to connect the Autonomous Systemstogether and exchange routing information
CE4R12
Figure 5 BGP between ISPs and within ISPs
30
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
OSPF
OSPF
BGP
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3152
31
1 Assign your AS number to your P and PE routers (R1-R8)
XXXgtconf i ggtr out er autonomous-system 6500n (n = ISP) crarr
2 P1 and P3 P2 and P4 will be configured as external BGP peers (eBGP) Note thateBGP peers typically use the next-hop interface IP address as the neighbor address
Since the ISPs will now be peering (share an IP network) between them assign the
link between P1 and P3 host addresses from 145001031 and the link between P2and P4 will be assigned hosts from the 145002031 network
XXXgtconf i ggtr out er bgp gr oup eBGP crarr
XXXgtconf i ggtr out er gtbgpgtgroup$ nei ghbor xxxxxxxx crarr
XXXgtconf i ggtr outergtbgpgtgroupgtnei ghbor$ peer - as ltremote ASgt crarr
3 P1 and P2 P3 and P4 will be configured as internal BGP peers (iBGP) Note that
iBGP peers typically use the system interface IP address as the neighbor address
XXXgtconf i ggtr out er bgp group i BGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ nei ghbor xx xx xx xx crarr
XXXgtconf i ggtr outergtbgpgtgroupgtnei ghbor$ peer - as ltl ocal ASgt crarr
4
At this point each P router should have one internal and one external BGP session
xxx show r out er bgp summar y crarr
5
We can see the advertised routes for reach neighbor using the following command
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
a How many routes are advertised to each neighbor _____ b Explain
____________________________________________________________ __________________________________________________________
6
BGP like other distance vector protocols requires an export policy to advertise-routes to other BGP peers The most accepted way to originate a route from an ISP isto create a black-hole static route for all aggregates to be advertised This will ensure
these routes always exit to eliminate IGP related route flapping Create the black-holestatic route for the aggregate of your local ISP A black hole indicates that traffic fora particular route will be discarded unless a more specific route exists in the routing
table A black hole static-route only makes sense from an aggregation view point Foreg if there are the following routes in the routing table
XXX configure router static-route xxxxxxxxyy black-hole
preference 250
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3252
32
8 Execute the following set of commands on the core routers (R1-R4) This will exportall static routes to the eBGP peers
XXX configure router policy-options crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons begin crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons policy-statement Export_Routes crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement $ entry 10 crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y$
from protocol static crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y
action accept crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r ygtact i on
back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons commit crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons exit all crarr
XXXconf i gur e router bgp group eBGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ expor t Expor t _Routes crarr
NOTE Wait for all nodes to be fully configured before proceeding
7
Notice that there are routes being advertised now that the policy is applied
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
How many routes are in the routing table of R1-R4 ________________Explain
_____________________________________________________________________ ___________________________________________________________________
9 Log on to the PE routers and ping the other P router system interfaces of the other ISP
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________Which devices were not reachable ______________________________
Explain _____________________________________________________________________
___________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3352
Lab 6 Services
Section 61 Services Framework
Objective
In order to complete the next group of labs we need to create a topology to support the
services we will deploy The two service providers from the previous sections havemerged into one and are offering a VPLS service across their network As long as routesexist to the system addresses of all the PE devices in the provider network a VPLSservice can be created The new service provider is running OSPF as the IGP for their
core network
33
Figure 6 Service Provider core network
CE4R12
P1R1 P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
OSPF
CE3R11
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3452
34
Running an IPMPLS-based service requires a Label Distribution Protocol (wersquoll useLDP for ease of deployment) and a full mesh of Service Distribution Paths (SDPs)
Follow the steps below
Reference Terminology
R1-R4 = Provider Routers = P1-P4
R5-R8 = Provider Edge Routers = PE1-PE4R9-R12 = Customer Edge Routers = CE1-CE4
Part 1 Provider Router Configuration (P1-P4)
1) In the previous lab routing between ISPs is provided by BGP Since the ISPs have
merged they will be merged into one routing domain running OSPF as their IGP
The interfaces between R1 and R3 and between R2 and R4 must be added to OSPF to
make this a single routing domain
2) The MPLS signaling protocol that will be used in the following section is LDP LDP
must be enabled on ALL interfaces that will be required to perform MPLS Label
exchange
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr
XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toP_ is the router interface to all neighboring routers
Part 2 Provider Edge Router Configuration (PE1-PE4)
1) LDP must be enabled on ALL router interfaces in the provider core to allow labels to
be exchanged across the Provider and Provider Edge routers
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toR_ is the router interface to the P and PE routers only
LDP is an MPLS signaling protocol therefore once all routers in the network have been
correctly configured for LDP LSPs will be created dynamically based on the systemaddresses of each node in the network
3) Configure a full mesh of SDPs (Service Distribution Paths) between the PE routers
only This will allow the distribution of services across all PE routers in the networks
When yoursquove completed this section each PE node will have a total of 3 SDPs to
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3552
35
each of the other 3 PEs The SDP is identified by an integer and we will use the router
number (5 6 7 or 8) of the far end PE to identify the SDP So PE1 (R5) will have 3
SDPs numbered 6 7 and 8 to each of the other three PEs
XXXgtconf i gure servi ce sdp x mpl s cr eat e crarr
XXXgtconf i ggtser vi cegtsdp$ f ar - end xxxxxxxxxxxx crarr
XXXgtconf i ggtser vi cegtsdp$ l dp crarr
XXXgtconf i ggtser vi cegtsdp$ no shut down crarr
Where x is the router number of the destination node
Where xxxxxxxxxxxx is the system IP address of the far-end device
Part 3 Customer Edge Router Configuration (CE1-CE4)
In the following service labs the Customer Edge devices will be configured as traditional
routers Each CE router has an interface in the same IP subnet The VPLS service will join these four routers in the same way an Ethernet switch would join them Thefollowing configuration is required on each CE device
1) Create the router interface on the interface connecting the CE to the service enabled
PE devices
XXXgtconf i gure r out er i nt er f ace ser vi cesCE_ crarr
XXXgtconf i ggtr out ergti f $ addr ess 192 168 1 x 24 crarr
XXXgtconf i ggtr out ergti f $ por t X Y Z crarr XXXgtconf i ggtr outergti f $ no shutdown
Where x is the local router number
Where XYZ is the physical network port connecting the CE to the neighboring
PE
2) Create OSPF area 0 and add the Router Interface created in step 1 and the system
interface to it
XXXgtconf i gur e rout er ospf area 0 crarr
XXXgtconf i ggtr out ergtospf gtarea$ i nter f ace syst emcrarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
XXXgtconf i ggtr out ergtospf gtarea i nter f ace servi ceCE1 crarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
Part 4 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3652
36
1) LDP is the protocol used for signaling which tunnel labels will be PUSHed
SWAPped POPped while data traverses the LSP To view which labels will be used
and their function use the following command
XXX show r out er l dp bi ndi ngs act i ve crarr
a How many PUSH actions on the P PE and CE devices
_______________________ Explain _______________________________________________________________
_______________________________________________________________
__________
b How many SWAP actions on the P PE and CE devices
_______________________ Explain
_______________________________________________________________
_______________________________________________________________
__________
c How many POP actions on the P PE and CE devices
_________________________ Explain
_______________________________________________________________ _______________________________________________________________
__________
2) CE Connectivity
a How many OSPF adjacencies are there on your CE device _____
b Ping the other CE devices in the network (ping 1921681x)
Explain the results ________________________________________________________________________ ________________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3752
Section 62 VPLS Example
Objective
A VPLS is a layer 2 service that can connect multiple sites in one LAN Itrsquos like creatinga virtual Switch out of a network of Service Routers In this lab we will create a VPLSacross all the PE nodes The PE devices will connect to each other with a full mesh using
mesh-sdp Note that after the service reference topology has been configured adding
services from edge to edge does not require any further modification of the P devices
37
Figure 6 VPLS service in each ISP between PE and P routers with SAP connections to CE routers
Part 1 Provider Edge Router Configuration (R5-R8)
1) Create the VPLS service
CE4R12
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
CE3R11
VPLS 1
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3852
38
XXXgtconf i gur e servi ce vpl s 1 cust omer 1 cr eat e crarr
XXXgtconf i ggtser vi cegtvpl s$ no shut down crarr
2) SDPs are used to distribute services across multiple service routers and therefore
bind a transport tunnel to the service You will need to create a mesh-sdp between
each PE router (R5-R8) to allow full communication across the PE routers Each PE
router should have 3 mesh-SDPs at the conclusion of this step Note that a mesh-sdp
will not forward a frame out another mesh-sdp allowing for a loop free service
topology within the core
XXXgtconf i gur e ser vi ce vpl s 1 mesh- sdp x create crarr
XXXgtconf i ggtser vi cegtvpl sgtmesh- sdp$ back crarr
Where x is the sdp to the other PE routers (R5=5 R6=6 R7=7 R8=8)
3) Service Access Points are used to attach CE devices to services on PE devices
XXXgtconf i gur e servi ce vpl s 1 sap X Y Z cr eat e crarr
Where XYZ is the physical port connecting the CE device to the PE
a Were you successful at adding the SAP _______
b Explain
_______________________________________________________________
_______________________________________________________________
c Correct the problem
XXXgtconf i gur e port X Y Z shut down crarr
XXXgtconf i gur e por t X Y Z et her net mode access crarr
XXXgtconf i gur e por t X Y X no shut down crarr
Part2 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
a View the in-use Service LDP bindings on the P and PE routers (U after label
indicates in-use)
XXX show r out er l dp bi ndi ngs f ec- t ype ser vi ces crarr
a How many Ingress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3952
39
b How many Egress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
b Network Connectivity
a How many OSPF adjacencies are there on your CE device _____
b
Are you able to ping the other CE devices in the lab _____c Are you able to ping the system IP address of the P device from the CE
device ____
d Explain the results
_______________________________________________________________
_______________________________________________________________
c Services Use the following command to determine the health of your services
XXXgt show ser vi ce servi ce- usi ng crarr
a How many services are there on each device in your POD ______
b
What is their status ______c Use the following command to find out more information about your service
XXXgt show ser vi ce i d 1 base crarr
d On each PE device we can see the MAC database per service using the
following command
XXXgt show ser vi ce i d 1 f db det ai l crarr
i How many local MAC addresses are in your table ____
ii How many remote MAC addresses are in your table ____
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
XXXgtconf i gur e servi ce sdp x shutdown crarr
Where x is the SDP to the remote PE device (R5=5 R6=6 R7=7 R8=8)
i How many OSPF adjacencies are there on your CE device _____
ii Ping the system IP addresses of all other CE devices in the lab
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4052
40
iii Explain the results
_________________________________________________________
_________________________________________________________
f On the P routers observe the impact of step d
XXXgtshow r out er l dp bi ndi ngs act i ve crarr
i
How many labels are there _____________
ii Is there any difference compared to what was seen in previously in
step a ________________
Explain __________________________________________________________________
__________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4152
41
Solutions
Exercise 13 Hardware
Sample Relevant Config--------------------------------------------------
echo Card Configuration--------------------------------------------------
card 1card-type iom-20g
mda 1
mda-type m60-10100eth-tx
ingress
mcast-path-managementshutdown
exit
exit
exit
exit
--------------------------------------------------
Exercise 14 Logs
Sample Relevant Config--------------------------------------------------echo Log Configuration
--------------------------------------------------
log
log-id 21
description Main stream log
from main
to memoryexit
log-id 22
description Security Log File
from security
to memoryexitlog-id 23
description Debug-trace
from debug-trace
to memoryexit
log-id 24
description Change Log
from change
to memoryexit
exit
Exercise 21
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4252
42
Divide up the ISP address space into equal space 512 host addresses
13812016022
13812020022
13812024022
13812028022 - divide into 13812028023 and 13812030023
Take the last 13812030023 and divide that into
13812030027 A1 30 hosts
138120303227 A2 62 hosts
138120306427
138120309627 B1 92 hosts
1381203012826
1381203019226 B2 316 hosts
13812031024
Exercise 22
Divide 140100024 into 827 address spaces
140100027 Reserved Reserved
1401003227 Unused
1401006427 Unused
1401009627 Split 1401009630
14010010030
14010010430
14010010830
14010011230
14010011630
14010012030
14010012430
All interface addresses
14010012827 Aggregate 14010012826 Assigned to Customer
space
14010016027
14010019227 Aggregate 14010019226 Assigned to customer
space
14010022427
Exercise 23
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4352
43
5 Is there a difference between the outputs of the lsquoshow router interfacersquo command
and the lsquoshow router route-tablersquo command What is the difference
Yes there is a difference The route table shows me the networks that are connected to myrouter and the logical interface it is connected to The router interface command shows
me the host address assigned to the port from the network that is used on my router along
with the physical port it is bound to
Relevant Configuration from P1
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
router
interface system
address 140100132
exit
interface t-R2exit
interface to-R2
address 140100530
port 112exit
interface to-R3
address 14010010930
port 113
exitinterface to-R5
address 14010011830
port 111
exit
exit
Exercise 244 How many ARP entries are on each router at this point
There are no ARP entries in my ARP table at this point The routers do not know how to
reach the system addresses of other routers so no ARP responses are received
5 How many ARP entries are on each router at this point
I see entries for each of my directly connected peers The MAC address belongs to the
remote routerrsquos interface ARP entries are populated because all routers know of theirdirectly connected networks and will respond to ARP requests accordingly
Exercise 31
5 View the contents of the routing table and answer the following questions
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4452
44
a How many routes in the table
There are routes for all my connected networks and an additional STATIC routefor each entry I put in
b What is the preference and metric value of each type of routing entry
The LOCAL entries have a Metric and Preference of 0The Static Routes have a Metric of 1 and a Preference of 5
Exercise 323 How many routes are there in the PPE routerrsquos routing table
Even though I entered 4 static routes total on the router only 2 are active in myrouting table The router preferred the static-route with the lowest metric
4 Which devices were reachable
I was able to ping the CE routers
Which devices were not reachable
I was unable to ping the System addresses of routers 2 hops away as they do not have
routes to the remote CE system address in their table The directly attached PE routerhas a staticroute to the local CE system address from a previous step
What is the PATH to the other CE within your local ISP
CE PE PE CE
5
Shut down the link directly between the PE devices
Which Devices are still reachable
I am still able to PING the other CE in my ISP by using the alternate (floating) static-route that replaced the last route Once a interface goes operationally down routers
flush routes from their routing table that use it as their next-hop
Exercise 33
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4552
45
YES While the filter is created it is not applied to any interface yet
11 From the PE ping the attached CErsquos configured host loopback address
SuccessfulYES
12 From the CE ping the attached PErsquos system IP addresses
Successful NO The filter is blocking icmp echo-requests in only one direction therefore ping
works one way but not the other
17 From the PE ping the attached CErsquos loopback host IP address
Successful
YES ICMP echo-requests are not blocked to the Loopback segment ONLY thesystem IP
18 From the CE ping the attached PErsquos system IP address
Successful
NO The filter is now blocking ICMP echo-requests to both CE and PE systemaddresses
Sample PE Relevant Config
--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forwarddescription Block ICMP to System Address
entry 10 create
match protocol icmpdst-ip 1511003032
icmp-type echo-request
exit
action drop
exit
exitexit
--------------------------------------------------
echo Router (Network Side) Configuration
--------------------------------------------------
interface to-R12
address 15110012630 port 112
ingress filter ip 77
exit
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4652
46
Sample CE Relevant Config--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forward
description Block ICMP to System Addy
entry 10 creatematch protocol icmp
dst-ip 1511003132
icmp-type echo-request
exit
action dropexit
exit
exit
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
interface to-R8
address 15110012530
port 112ingress filter ip 77
exit
Exercise 413
c How many routes in the table
There are 5 OSPF routes in my routing table 3 System Addresses and 2 Intefacenetworks that are not directly connected to my local system
d What is the preference and metric value of each OSPF Route
The OSPF routes vary in metric depending how ldquofarrdquo away they are (OSPF usescumulative cost based on bandwidth) but all have a preference of 10
4c How many neighbors do you see on the P devices 2
PE 2
CE 0
d What is the state of their adjacency
The P and PE adjacencies are Established because there is a OSPF speaker on the
other end with the proper parameters configured
There is no OSPF adjacency to the CE router listed as none was configured
e What type of LSAs are in the database
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4752
47
Only Type 1 Router LSA are present due to the interface being configured as point-
to-point
5 Which devices were reachable
All the devices in the local ISP were now reachable
Which devices were not reachable
The devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs Also none of the CE Host Networks were reachable as therouters did not have routes for these networks in their local routing table
6 Which devices were reachable
All networks and devices in the local ISP are now reachable
Which devices were not reachable
Devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs
Sample Relevant Config
--------------------------------------------------
echo OSPFv2 Configuration
--------------------------------------------------
ospf
area 0000interface system
interface-type point-to-point
exit
interface to-R4interface-type point-to-point
exitinterface toLAN
interface-type point-to-point
exitexit
exit
exit
Exercise 515 How many routes are advertised to each neighbor
There are no routes advertised to the neighbors because BGP does not originateroutes until an export policy is created and applied to the BGP instance
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4852
48
8 How many routes are in the routing table of R1-R4
There is 1 BGP route in each of R1-R4s routing tables matching the best path tothe aggregate advertised by the remote ISPs
9 Which devices were reachable
From the PE routers only the P routers in the local ISP were reachable
Which devices were not reachable
All routers in the remote ISP were still unreachable This is due to the local PE router
not participating in the BGP routing protocol and therefore it is not aware of theaggregate route advertised from P to P router
Sample Relevant Router Config
--------------------------------------------------
echo Static Route Configuration
--------------------------------------------------
static-route 140100024 black-hole--------------------------------------------------
echo Policy Configuration
-------------------------------------------------- policy-options
begin
policy-statement Export_Routes
entry 10
from protocol static
exit
action accept
exit
exit
exit
commitexit
--------------------------------------------------
echo BGP Configuration
--------------------------------------------------
bgpgroup eBGP
export Export_Routes
exit
group ebgpneighbor 1601006
peer-as 65002
exit
exitgroup ibgp
neighbor 1401002
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4952
49
peer-as 65001
exit
exit
exit
exit
Exercise 61Part 4 Verification
1 a How many PUSH actions on the P PE and CE devices
There are 7 PUSH operations on each P and PE device There are no PUSHoperations on the CE as it is not running LDP
b How many SWAP actions on the P PE and CE devices
There are 7 SWAP operations on each P and PE device There are no SWAP
operations on the CE as it is not running LDP
c How many POP actions on the P PE and CE devices
There is 1 POP operation on each P and PE device There are no POP operationson the CE device as it is not running LDP
2
a How many OSPF adjacencies are there on your CE device
None
b Ping the other CE devices in the network (ping 1921681x)
Nothing is reachable because there is no layer 2 connectivity from CE to CE
device without creating a service
Exercise 62 3 Were you successful at adding the SAP
No The port must be in access mode before you can create a SAP on it
Part 2 Verification
1
g How many Ingress labels
There are now 3 Ingress labels on the PE devices The P and CE device has no
service labels
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5052
50
h How many SWAP actions
There are now 3 Egress labels on the PE devices The P and CE device has noservice labels
2
a
How many OSPF adjacencies are there on your CE device3
b Are you able to ping the other CE devices in the lab
YES
c Are you able to ping the system IP address of the P device from the CE
device
NO The O and PE devices are private from the service to which the CEdevices are connected on
3
a How many services are there on each device in your POD
1 per PE only
b What is their status
Operationally UP
d On each PE device we can see the MAC database per service using the
following command
iii How many local MAC addresses are in your table
1
iv How many remote MAC addresses are in your table
3
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
i How many OSPF adjacencies are there on your CE device
1
ii Ping the system IP addresses of all other CE devices in the lab
Only the CE device connected to the diagonally connected PE isreachable because it is the only one with an active SDP in both
directionsf
i How many labels are there
Same as before
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5152
51
ii Is there any difference compared to what was seen in previously
in step a
NO The LSPs created with LDP are still active only the SDP usedto bind the LSPs to the service are shut down therefore no labelswill be withdrawn
Sample PE Relevant Configuration
--------------------------------------------------echo LDP Configuration
--------------------------------------------------
ldpinterface-parameters
interface to-R1
exit
interface to-R6
exit
interface to-R5exit
exit
targeted-session
exit
exitexit
--------------------------------------------------
echo Service Configuration
--------------------------------------------------
service
customer 1 createdescription Default customer
exit
sdp 6 mpls createfar-end 1401006
ldp
keep-alive
shutdown
exit
no shutdown
exitsdp 7 mpls create
far-end 1511001
ldp
keep-alive
shutdownexit
no shutdown
exit
sdp 8 mpls create
far-end 15110030
ldpkeep-alive
shutdown
exit
no shutdown
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5252
52
exit
vpls 612 customer 1 create
stp
shutdown
exitsap 112 create
exit
mesh-sdp 6612 create
mesh-sdp 7612 create
mesh-sdp 8612 createexitno shutdown
exit
exit A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2552
25
11 From the PE ping the attached CErsquos configured host loopback address Successful _____
12 From the CE ping the attached PErsquos system IP addresses Successful _____Explain
_____________________________________________________________________
_____________________________________________________________________
PE Routers only Do not start until CE Router section is completed
13 Create and describe the filter ip instance on the PE device
XXXgt configure filter ip-filter 77 create crarr XXXgtconf i ggtf i l t er gti p- f i l t er $ description ldquoBlock ICMP to System
Addressrdquo
14 Set the default-action to forward
XXXgtconf i ggtf i l t er gti p- f i l t er $ default-action forward crarr
15 Deny access to the system IP address only for ICMP echo-requests Note We willmatch in the ingress direction so the packets will destined to the system IP address
XXXgtconf i ggtf i l t er gti p- f i l t er $ entry 10 create crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match dst-ip xxxxxxxxyy crarr XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ match protocol 1 icmp-type echo-
request crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ action drop crarr
XXXgtconf i ggtf i l t er gti p- f i l t er gtent r y$ exit all crarr
16 Apply the filter to the router interface connected to the CE device
XXXgtconfigure router interface toCExcrarr
XXXgtingress filter ip 77 crarr
17 From the PE ping the attached CErsquos loopback host IP address Successful _____
18 From the CE ping the attached PErsquos system IP address Successful _____Explain
_____________________________________________________________________ _____________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2652
Lab 4 Open Shortest Path First (OSPF)
Section 41 ndash Single Area OSPF
Objective
In this exercise the student will configure a single area OSPF network for each ISP Thislab will demonstrate the different databases that are created by the OSPF routing
protocol
CE4R12
26
Figure 4 OSPF in each ISP
NOTE Remove all static routes configured in the P and PE devices in the previous
labs DO NOT remove the static routes to CE networks on the PE
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
OSPF
OSPF
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2752
27
1 The first step is to enable the OSPF routing process on the router
XXX configure router ospf crarr
2 Next define the area that the interfaces will be placed in Remember that the areamust match between routers connected on the same interface for OSPF to establish an
adjacency The objective of this exercise is to configure a single area OSPF network
therefore all students should use the same area number
XXXgtconf i ggtr outergtospf $ area 0 crarr
3 Now enter into this area all the interfaces that you want OSPF to operate on and sendout its advertisements In this case place all the PE and P router interfaces inside thelocal ISP into the OSPF process area 0 Note that ISPs rarely exchange routes witheach other using an IGP protocol of any sort
XXXgtconf i ggtr out er gtospf gtar ea$ interface system crarr
XXXgtconf i ggtr outergtospf gtar eagti f $ exit crarr XXXgtconf i ggtr outergtospf gtar eagt interface toPE1
XXXgtconf i ggtr out ergtospf gtareagti f $ interface-type point-to-point crarr
Continue until all the interfaces on the PE and P routers within the ISP are enteredinto the OSPF process in area 0
XXXgtshow r out er r out e- t abl e crarr
a How many routes in the table ________ b
_________________________________________________________________ _________________________________________________________________
_________________________________________________________________ _________________________________________________________________
What is the preference and metric value of each OSPF Route
4 Use the show command to look at the OSPF neighbors of the P routers
XXXgtshow r out er ospf nei ghbor crarr
a How many neighbors do you see on the P devices _____ PE _____ CE _____
b What is the state of their adjacency ____ Why
____________________________________________________________________
____________________________________________________________________
Use the following command to show the ospf link state database This database is alisting of all LSAs that have been received by the router It is these LSAs that the SPFalgorithm uses to create the forwarding table
XXX show router ospf database detail crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2852
28
a What types of LSAs are in the database _______________________________________________________________
_______________________________________________________________ b Is the database consistent on all the ISP routers _______
5 Once everyone has completed the OSPF configuration login to the P router and ping
the other PE router system interfaces
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________Which devices were not reachable ______________________________
Explain _____________________________________________________________________ ___________________________________________________________________
6 To reach the CE networks from any of the PE and P routers the CE networks need to
be distributed into OSPF running on PE and P routers The static routes to the CEnetworks are defined on the PE routers and need to be distributed on the PE routers
To do this
a
the PE router must be configured as an ASBR (Autonomous System Border
Router) The ASBR configuration under OSPF enables a router running the OSPFrouting protocol to distribute networks external to the OSPF domain into OSPFIn this case the static routes to the CE networks are not part of the ISP OSPF
domainOn the PE routerXXXgtconf i ggtr out er gtospf gtar ea 0 asbrcrarr
b A routing policy on the PE distributes the static routes into OSPF
On the PE routerXXX configure router policy-options crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons begin crarr XXXgtconf i ggtr out ergtpol i cy- opt i ons policy-statement Export_Routes crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement $ entry 10 crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y$
from protocol static crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y
action accept crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r ygtact i on
back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons commit crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons exit all crarr XXXgtconf i ggtr outergtospf export Export_Routes
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2952
29
7 From the PE and the P routers ping all the CE networks (ie ping the CE hostloopback address) within the ISP
Which devices were reachable _______________________________
Which devices were not reachable ______________________________Explain
_____________________________________________________________________
___________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3052
Lab 5 BGP Routing
Section 51 ndash BGP Routing
Objective
In this exercise the student will configure their ISP as a BGP Autonomous System The
student will then configure the BGP routing protocol to connect the Autonomous Systemstogether and exchange routing information
CE4R12
Figure 5 BGP between ISPs and within ISPs
30
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
OSPF
OSPF
BGP
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3152
31
1 Assign your AS number to your P and PE routers (R1-R8)
XXXgtconf i ggtr out er autonomous-system 6500n (n = ISP) crarr
2 P1 and P3 P2 and P4 will be configured as external BGP peers (eBGP) Note thateBGP peers typically use the next-hop interface IP address as the neighbor address
Since the ISPs will now be peering (share an IP network) between them assign the
link between P1 and P3 host addresses from 145001031 and the link between P2and P4 will be assigned hosts from the 145002031 network
XXXgtconf i ggtr out er bgp gr oup eBGP crarr
XXXgtconf i ggtr out er gtbgpgtgroup$ nei ghbor xxxxxxxx crarr
XXXgtconf i ggtr outergtbgpgtgroupgtnei ghbor$ peer - as ltremote ASgt crarr
3 P1 and P2 P3 and P4 will be configured as internal BGP peers (iBGP) Note that
iBGP peers typically use the system interface IP address as the neighbor address
XXXgtconf i ggtr out er bgp group i BGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ nei ghbor xx xx xx xx crarr
XXXgtconf i ggtr outergtbgpgtgroupgtnei ghbor$ peer - as ltl ocal ASgt crarr
4
At this point each P router should have one internal and one external BGP session
xxx show r out er bgp summar y crarr
5
We can see the advertised routes for reach neighbor using the following command
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
a How many routes are advertised to each neighbor _____ b Explain
____________________________________________________________ __________________________________________________________
6
BGP like other distance vector protocols requires an export policy to advertise-routes to other BGP peers The most accepted way to originate a route from an ISP isto create a black-hole static route for all aggregates to be advertised This will ensure
these routes always exit to eliminate IGP related route flapping Create the black-holestatic route for the aggregate of your local ISP A black hole indicates that traffic fora particular route will be discarded unless a more specific route exists in the routing
table A black hole static-route only makes sense from an aggregation view point Foreg if there are the following routes in the routing table
XXX configure router static-route xxxxxxxxyy black-hole
preference 250
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3252
32
8 Execute the following set of commands on the core routers (R1-R4) This will exportall static routes to the eBGP peers
XXX configure router policy-options crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons begin crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons policy-statement Export_Routes crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement $ entry 10 crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y$
from protocol static crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y
action accept crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r ygtact i on
back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons commit crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons exit all crarr
XXXconf i gur e router bgp group eBGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ expor t Expor t _Routes crarr
NOTE Wait for all nodes to be fully configured before proceeding
7
Notice that there are routes being advertised now that the policy is applied
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
How many routes are in the routing table of R1-R4 ________________Explain
_____________________________________________________________________ ___________________________________________________________________
9 Log on to the PE routers and ping the other P router system interfaces of the other ISP
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________Which devices were not reachable ______________________________
Explain _____________________________________________________________________
___________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3352
Lab 6 Services
Section 61 Services Framework
Objective
In order to complete the next group of labs we need to create a topology to support the
services we will deploy The two service providers from the previous sections havemerged into one and are offering a VPLS service across their network As long as routesexist to the system addresses of all the PE devices in the provider network a VPLSservice can be created The new service provider is running OSPF as the IGP for their
core network
33
Figure 6 Service Provider core network
CE4R12
P1R1 P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
OSPF
CE3R11
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3452
34
Running an IPMPLS-based service requires a Label Distribution Protocol (wersquoll useLDP for ease of deployment) and a full mesh of Service Distribution Paths (SDPs)
Follow the steps below
Reference Terminology
R1-R4 = Provider Routers = P1-P4
R5-R8 = Provider Edge Routers = PE1-PE4R9-R12 = Customer Edge Routers = CE1-CE4
Part 1 Provider Router Configuration (P1-P4)
1) In the previous lab routing between ISPs is provided by BGP Since the ISPs have
merged they will be merged into one routing domain running OSPF as their IGP
The interfaces between R1 and R3 and between R2 and R4 must be added to OSPF to
make this a single routing domain
2) The MPLS signaling protocol that will be used in the following section is LDP LDP
must be enabled on ALL interfaces that will be required to perform MPLS Label
exchange
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr
XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toP_ is the router interface to all neighboring routers
Part 2 Provider Edge Router Configuration (PE1-PE4)
1) LDP must be enabled on ALL router interfaces in the provider core to allow labels to
be exchanged across the Provider and Provider Edge routers
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toR_ is the router interface to the P and PE routers only
LDP is an MPLS signaling protocol therefore once all routers in the network have been
correctly configured for LDP LSPs will be created dynamically based on the systemaddresses of each node in the network
3) Configure a full mesh of SDPs (Service Distribution Paths) between the PE routers
only This will allow the distribution of services across all PE routers in the networks
When yoursquove completed this section each PE node will have a total of 3 SDPs to
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3552
35
each of the other 3 PEs The SDP is identified by an integer and we will use the router
number (5 6 7 or 8) of the far end PE to identify the SDP So PE1 (R5) will have 3
SDPs numbered 6 7 and 8 to each of the other three PEs
XXXgtconf i gure servi ce sdp x mpl s cr eat e crarr
XXXgtconf i ggtser vi cegtsdp$ f ar - end xxxxxxxxxxxx crarr
XXXgtconf i ggtser vi cegtsdp$ l dp crarr
XXXgtconf i ggtser vi cegtsdp$ no shut down crarr
Where x is the router number of the destination node
Where xxxxxxxxxxxx is the system IP address of the far-end device
Part 3 Customer Edge Router Configuration (CE1-CE4)
In the following service labs the Customer Edge devices will be configured as traditional
routers Each CE router has an interface in the same IP subnet The VPLS service will join these four routers in the same way an Ethernet switch would join them Thefollowing configuration is required on each CE device
1) Create the router interface on the interface connecting the CE to the service enabled
PE devices
XXXgtconf i gure r out er i nt er f ace ser vi cesCE_ crarr
XXXgtconf i ggtr out ergti f $ addr ess 192 168 1 x 24 crarr
XXXgtconf i ggtr out ergti f $ por t X Y Z crarr XXXgtconf i ggtr outergti f $ no shutdown
Where x is the local router number
Where XYZ is the physical network port connecting the CE to the neighboring
PE
2) Create OSPF area 0 and add the Router Interface created in step 1 and the system
interface to it
XXXgtconf i gur e rout er ospf area 0 crarr
XXXgtconf i ggtr out ergtospf gtarea$ i nter f ace syst emcrarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
XXXgtconf i ggtr out ergtospf gtarea i nter f ace servi ceCE1 crarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
Part 4 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3652
36
1) LDP is the protocol used for signaling which tunnel labels will be PUSHed
SWAPped POPped while data traverses the LSP To view which labels will be used
and their function use the following command
XXX show r out er l dp bi ndi ngs act i ve crarr
a How many PUSH actions on the P PE and CE devices
_______________________ Explain _______________________________________________________________
_______________________________________________________________
__________
b How many SWAP actions on the P PE and CE devices
_______________________ Explain
_______________________________________________________________
_______________________________________________________________
__________
c How many POP actions on the P PE and CE devices
_________________________ Explain
_______________________________________________________________ _______________________________________________________________
__________
2) CE Connectivity
a How many OSPF adjacencies are there on your CE device _____
b Ping the other CE devices in the network (ping 1921681x)
Explain the results ________________________________________________________________________ ________________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3752
Section 62 VPLS Example
Objective
A VPLS is a layer 2 service that can connect multiple sites in one LAN Itrsquos like creatinga virtual Switch out of a network of Service Routers In this lab we will create a VPLSacross all the PE nodes The PE devices will connect to each other with a full mesh using
mesh-sdp Note that after the service reference topology has been configured adding
services from edge to edge does not require any further modification of the P devices
37
Figure 6 VPLS service in each ISP between PE and P routers with SAP connections to CE routers
Part 1 Provider Edge Router Configuration (R5-R8)
1) Create the VPLS service
CE4R12
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
CE3R11
VPLS 1
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3852
38
XXXgtconf i gur e servi ce vpl s 1 cust omer 1 cr eat e crarr
XXXgtconf i ggtser vi cegtvpl s$ no shut down crarr
2) SDPs are used to distribute services across multiple service routers and therefore
bind a transport tunnel to the service You will need to create a mesh-sdp between
each PE router (R5-R8) to allow full communication across the PE routers Each PE
router should have 3 mesh-SDPs at the conclusion of this step Note that a mesh-sdp
will not forward a frame out another mesh-sdp allowing for a loop free service
topology within the core
XXXgtconf i gur e ser vi ce vpl s 1 mesh- sdp x create crarr
XXXgtconf i ggtser vi cegtvpl sgtmesh- sdp$ back crarr
Where x is the sdp to the other PE routers (R5=5 R6=6 R7=7 R8=8)
3) Service Access Points are used to attach CE devices to services on PE devices
XXXgtconf i gur e servi ce vpl s 1 sap X Y Z cr eat e crarr
Where XYZ is the physical port connecting the CE device to the PE
a Were you successful at adding the SAP _______
b Explain
_______________________________________________________________
_______________________________________________________________
c Correct the problem
XXXgtconf i gur e port X Y Z shut down crarr
XXXgtconf i gur e por t X Y Z et her net mode access crarr
XXXgtconf i gur e por t X Y X no shut down crarr
Part2 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
a View the in-use Service LDP bindings on the P and PE routers (U after label
indicates in-use)
XXX show r out er l dp bi ndi ngs f ec- t ype ser vi ces crarr
a How many Ingress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3952
39
b How many Egress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
b Network Connectivity
a How many OSPF adjacencies are there on your CE device _____
b
Are you able to ping the other CE devices in the lab _____c Are you able to ping the system IP address of the P device from the CE
device ____
d Explain the results
_______________________________________________________________
_______________________________________________________________
c Services Use the following command to determine the health of your services
XXXgt show ser vi ce servi ce- usi ng crarr
a How many services are there on each device in your POD ______
b
What is their status ______c Use the following command to find out more information about your service
XXXgt show ser vi ce i d 1 base crarr
d On each PE device we can see the MAC database per service using the
following command
XXXgt show ser vi ce i d 1 f db det ai l crarr
i How many local MAC addresses are in your table ____
ii How many remote MAC addresses are in your table ____
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
XXXgtconf i gur e servi ce sdp x shutdown crarr
Where x is the SDP to the remote PE device (R5=5 R6=6 R7=7 R8=8)
i How many OSPF adjacencies are there on your CE device _____
ii Ping the system IP addresses of all other CE devices in the lab
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4052
40
iii Explain the results
_________________________________________________________
_________________________________________________________
f On the P routers observe the impact of step d
XXXgtshow r out er l dp bi ndi ngs act i ve crarr
i
How many labels are there _____________
ii Is there any difference compared to what was seen in previously in
step a ________________
Explain __________________________________________________________________
__________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4152
41
Solutions
Exercise 13 Hardware
Sample Relevant Config--------------------------------------------------
echo Card Configuration--------------------------------------------------
card 1card-type iom-20g
mda 1
mda-type m60-10100eth-tx
ingress
mcast-path-managementshutdown
exit
exit
exit
exit
--------------------------------------------------
Exercise 14 Logs
Sample Relevant Config--------------------------------------------------echo Log Configuration
--------------------------------------------------
log
log-id 21
description Main stream log
from main
to memoryexit
log-id 22
description Security Log File
from security
to memoryexitlog-id 23
description Debug-trace
from debug-trace
to memoryexit
log-id 24
description Change Log
from change
to memoryexit
exit
Exercise 21
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4252
42
Divide up the ISP address space into equal space 512 host addresses
13812016022
13812020022
13812024022
13812028022 - divide into 13812028023 and 13812030023
Take the last 13812030023 and divide that into
13812030027 A1 30 hosts
138120303227 A2 62 hosts
138120306427
138120309627 B1 92 hosts
1381203012826
1381203019226 B2 316 hosts
13812031024
Exercise 22
Divide 140100024 into 827 address spaces
140100027 Reserved Reserved
1401003227 Unused
1401006427 Unused
1401009627 Split 1401009630
14010010030
14010010430
14010010830
14010011230
14010011630
14010012030
14010012430
All interface addresses
14010012827 Aggregate 14010012826 Assigned to Customer
space
14010016027
14010019227 Aggregate 14010019226 Assigned to customer
space
14010022427
Exercise 23
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4352
43
5 Is there a difference between the outputs of the lsquoshow router interfacersquo command
and the lsquoshow router route-tablersquo command What is the difference
Yes there is a difference The route table shows me the networks that are connected to myrouter and the logical interface it is connected to The router interface command shows
me the host address assigned to the port from the network that is used on my router along
with the physical port it is bound to
Relevant Configuration from P1
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
router
interface system
address 140100132
exit
interface t-R2exit
interface to-R2
address 140100530
port 112exit
interface to-R3
address 14010010930
port 113
exitinterface to-R5
address 14010011830
port 111
exit
exit
Exercise 244 How many ARP entries are on each router at this point
There are no ARP entries in my ARP table at this point The routers do not know how to
reach the system addresses of other routers so no ARP responses are received
5 How many ARP entries are on each router at this point
I see entries for each of my directly connected peers The MAC address belongs to the
remote routerrsquos interface ARP entries are populated because all routers know of theirdirectly connected networks and will respond to ARP requests accordingly
Exercise 31
5 View the contents of the routing table and answer the following questions
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4452
44
a How many routes in the table
There are routes for all my connected networks and an additional STATIC routefor each entry I put in
b What is the preference and metric value of each type of routing entry
The LOCAL entries have a Metric and Preference of 0The Static Routes have a Metric of 1 and a Preference of 5
Exercise 323 How many routes are there in the PPE routerrsquos routing table
Even though I entered 4 static routes total on the router only 2 are active in myrouting table The router preferred the static-route with the lowest metric
4 Which devices were reachable
I was able to ping the CE routers
Which devices were not reachable
I was unable to ping the System addresses of routers 2 hops away as they do not have
routes to the remote CE system address in their table The directly attached PE routerhas a staticroute to the local CE system address from a previous step
What is the PATH to the other CE within your local ISP
CE PE PE CE
5
Shut down the link directly between the PE devices
Which Devices are still reachable
I am still able to PING the other CE in my ISP by using the alternate (floating) static-route that replaced the last route Once a interface goes operationally down routers
flush routes from their routing table that use it as their next-hop
Exercise 33
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4552
45
YES While the filter is created it is not applied to any interface yet
11 From the PE ping the attached CErsquos configured host loopback address
SuccessfulYES
12 From the CE ping the attached PErsquos system IP addresses
Successful NO The filter is blocking icmp echo-requests in only one direction therefore ping
works one way but not the other
17 From the PE ping the attached CErsquos loopback host IP address
Successful
YES ICMP echo-requests are not blocked to the Loopback segment ONLY thesystem IP
18 From the CE ping the attached PErsquos system IP address
Successful
NO The filter is now blocking ICMP echo-requests to both CE and PE systemaddresses
Sample PE Relevant Config
--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forwarddescription Block ICMP to System Address
entry 10 create
match protocol icmpdst-ip 1511003032
icmp-type echo-request
exit
action drop
exit
exitexit
--------------------------------------------------
echo Router (Network Side) Configuration
--------------------------------------------------
interface to-R12
address 15110012630 port 112
ingress filter ip 77
exit
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4652
46
Sample CE Relevant Config--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forward
description Block ICMP to System Addy
entry 10 creatematch protocol icmp
dst-ip 1511003132
icmp-type echo-request
exit
action dropexit
exit
exit
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
interface to-R8
address 15110012530
port 112ingress filter ip 77
exit
Exercise 413
c How many routes in the table
There are 5 OSPF routes in my routing table 3 System Addresses and 2 Intefacenetworks that are not directly connected to my local system
d What is the preference and metric value of each OSPF Route
The OSPF routes vary in metric depending how ldquofarrdquo away they are (OSPF usescumulative cost based on bandwidth) but all have a preference of 10
4c How many neighbors do you see on the P devices 2
PE 2
CE 0
d What is the state of their adjacency
The P and PE adjacencies are Established because there is a OSPF speaker on the
other end with the proper parameters configured
There is no OSPF adjacency to the CE router listed as none was configured
e What type of LSAs are in the database
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4752
47
Only Type 1 Router LSA are present due to the interface being configured as point-
to-point
5 Which devices were reachable
All the devices in the local ISP were now reachable
Which devices were not reachable
The devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs Also none of the CE Host Networks were reachable as therouters did not have routes for these networks in their local routing table
6 Which devices were reachable
All networks and devices in the local ISP are now reachable
Which devices were not reachable
Devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs
Sample Relevant Config
--------------------------------------------------
echo OSPFv2 Configuration
--------------------------------------------------
ospf
area 0000interface system
interface-type point-to-point
exit
interface to-R4interface-type point-to-point
exitinterface toLAN
interface-type point-to-point
exitexit
exit
exit
Exercise 515 How many routes are advertised to each neighbor
There are no routes advertised to the neighbors because BGP does not originateroutes until an export policy is created and applied to the BGP instance
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4852
48
8 How many routes are in the routing table of R1-R4
There is 1 BGP route in each of R1-R4s routing tables matching the best path tothe aggregate advertised by the remote ISPs
9 Which devices were reachable
From the PE routers only the P routers in the local ISP were reachable
Which devices were not reachable
All routers in the remote ISP were still unreachable This is due to the local PE router
not participating in the BGP routing protocol and therefore it is not aware of theaggregate route advertised from P to P router
Sample Relevant Router Config
--------------------------------------------------
echo Static Route Configuration
--------------------------------------------------
static-route 140100024 black-hole--------------------------------------------------
echo Policy Configuration
-------------------------------------------------- policy-options
begin
policy-statement Export_Routes
entry 10
from protocol static
exit
action accept
exit
exit
exit
commitexit
--------------------------------------------------
echo BGP Configuration
--------------------------------------------------
bgpgroup eBGP
export Export_Routes
exit
group ebgpneighbor 1601006
peer-as 65002
exit
exitgroup ibgp
neighbor 1401002
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4952
49
peer-as 65001
exit
exit
exit
exit
Exercise 61Part 4 Verification
1 a How many PUSH actions on the P PE and CE devices
There are 7 PUSH operations on each P and PE device There are no PUSHoperations on the CE as it is not running LDP
b How many SWAP actions on the P PE and CE devices
There are 7 SWAP operations on each P and PE device There are no SWAP
operations on the CE as it is not running LDP
c How many POP actions on the P PE and CE devices
There is 1 POP operation on each P and PE device There are no POP operationson the CE device as it is not running LDP
2
a How many OSPF adjacencies are there on your CE device
None
b Ping the other CE devices in the network (ping 1921681x)
Nothing is reachable because there is no layer 2 connectivity from CE to CE
device without creating a service
Exercise 62 3 Were you successful at adding the SAP
No The port must be in access mode before you can create a SAP on it
Part 2 Verification
1
g How many Ingress labels
There are now 3 Ingress labels on the PE devices The P and CE device has no
service labels
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5052
50
h How many SWAP actions
There are now 3 Egress labels on the PE devices The P and CE device has noservice labels
2
a
How many OSPF adjacencies are there on your CE device3
b Are you able to ping the other CE devices in the lab
YES
c Are you able to ping the system IP address of the P device from the CE
device
NO The O and PE devices are private from the service to which the CEdevices are connected on
3
a How many services are there on each device in your POD
1 per PE only
b What is their status
Operationally UP
d On each PE device we can see the MAC database per service using the
following command
iii How many local MAC addresses are in your table
1
iv How many remote MAC addresses are in your table
3
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
i How many OSPF adjacencies are there on your CE device
1
ii Ping the system IP addresses of all other CE devices in the lab
Only the CE device connected to the diagonally connected PE isreachable because it is the only one with an active SDP in both
directionsf
i How many labels are there
Same as before
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5152
51
ii Is there any difference compared to what was seen in previously
in step a
NO The LSPs created with LDP are still active only the SDP usedto bind the LSPs to the service are shut down therefore no labelswill be withdrawn
Sample PE Relevant Configuration
--------------------------------------------------echo LDP Configuration
--------------------------------------------------
ldpinterface-parameters
interface to-R1
exit
interface to-R6
exit
interface to-R5exit
exit
targeted-session
exit
exitexit
--------------------------------------------------
echo Service Configuration
--------------------------------------------------
service
customer 1 createdescription Default customer
exit
sdp 6 mpls createfar-end 1401006
ldp
keep-alive
shutdown
exit
no shutdown
exitsdp 7 mpls create
far-end 1511001
ldp
keep-alive
shutdownexit
no shutdown
exit
sdp 8 mpls create
far-end 15110030
ldpkeep-alive
shutdown
exit
no shutdown
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5252
52
exit
vpls 612 customer 1 create
stp
shutdown
exitsap 112 create
exit
mesh-sdp 6612 create
mesh-sdp 7612 create
mesh-sdp 8612 createexitno shutdown
exit
exit A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2652
Lab 4 Open Shortest Path First (OSPF)
Section 41 ndash Single Area OSPF
Objective
In this exercise the student will configure a single area OSPF network for each ISP Thislab will demonstrate the different databases that are created by the OSPF routing
protocol
CE4R12
26
Figure 4 OSPF in each ISP
NOTE Remove all static routes configured in the P and PE devices in the previous
labs DO NOT remove the static routes to CE networks on the PE
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
OSPF
OSPF
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2752
27
1 The first step is to enable the OSPF routing process on the router
XXX configure router ospf crarr
2 Next define the area that the interfaces will be placed in Remember that the areamust match between routers connected on the same interface for OSPF to establish an
adjacency The objective of this exercise is to configure a single area OSPF network
therefore all students should use the same area number
XXXgtconf i ggtr outergtospf $ area 0 crarr
3 Now enter into this area all the interfaces that you want OSPF to operate on and sendout its advertisements In this case place all the PE and P router interfaces inside thelocal ISP into the OSPF process area 0 Note that ISPs rarely exchange routes witheach other using an IGP protocol of any sort
XXXgtconf i ggtr out er gtospf gtar ea$ interface system crarr
XXXgtconf i ggtr outergtospf gtar eagti f $ exit crarr XXXgtconf i ggtr outergtospf gtar eagt interface toPE1
XXXgtconf i ggtr out ergtospf gtareagti f $ interface-type point-to-point crarr
Continue until all the interfaces on the PE and P routers within the ISP are enteredinto the OSPF process in area 0
XXXgtshow r out er r out e- t abl e crarr
a How many routes in the table ________ b
_________________________________________________________________ _________________________________________________________________
_________________________________________________________________ _________________________________________________________________
What is the preference and metric value of each OSPF Route
4 Use the show command to look at the OSPF neighbors of the P routers
XXXgtshow r out er ospf nei ghbor crarr
a How many neighbors do you see on the P devices _____ PE _____ CE _____
b What is the state of their adjacency ____ Why
____________________________________________________________________
____________________________________________________________________
Use the following command to show the ospf link state database This database is alisting of all LSAs that have been received by the router It is these LSAs that the SPFalgorithm uses to create the forwarding table
XXX show router ospf database detail crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2852
28
a What types of LSAs are in the database _______________________________________________________________
_______________________________________________________________ b Is the database consistent on all the ISP routers _______
5 Once everyone has completed the OSPF configuration login to the P router and ping
the other PE router system interfaces
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________Which devices were not reachable ______________________________
Explain _____________________________________________________________________ ___________________________________________________________________
6 To reach the CE networks from any of the PE and P routers the CE networks need to
be distributed into OSPF running on PE and P routers The static routes to the CEnetworks are defined on the PE routers and need to be distributed on the PE routers
To do this
a
the PE router must be configured as an ASBR (Autonomous System Border
Router) The ASBR configuration under OSPF enables a router running the OSPFrouting protocol to distribute networks external to the OSPF domain into OSPFIn this case the static routes to the CE networks are not part of the ISP OSPF
domainOn the PE routerXXXgtconf i ggtr out er gtospf gtar ea 0 asbrcrarr
b A routing policy on the PE distributes the static routes into OSPF
On the PE routerXXX configure router policy-options crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons begin crarr XXXgtconf i ggtr out ergtpol i cy- opt i ons policy-statement Export_Routes crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement $ entry 10 crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y$
from protocol static crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y
action accept crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r ygtact i on
back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons commit crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons exit all crarr XXXgtconf i ggtr outergtospf export Export_Routes
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2952
29
7 From the PE and the P routers ping all the CE networks (ie ping the CE hostloopback address) within the ISP
Which devices were reachable _______________________________
Which devices were not reachable ______________________________Explain
_____________________________________________________________________
___________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3052
Lab 5 BGP Routing
Section 51 ndash BGP Routing
Objective
In this exercise the student will configure their ISP as a BGP Autonomous System The
student will then configure the BGP routing protocol to connect the Autonomous Systemstogether and exchange routing information
CE4R12
Figure 5 BGP between ISPs and within ISPs
30
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
OSPF
OSPF
BGP
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3152
31
1 Assign your AS number to your P and PE routers (R1-R8)
XXXgtconf i ggtr out er autonomous-system 6500n (n = ISP) crarr
2 P1 and P3 P2 and P4 will be configured as external BGP peers (eBGP) Note thateBGP peers typically use the next-hop interface IP address as the neighbor address
Since the ISPs will now be peering (share an IP network) between them assign the
link between P1 and P3 host addresses from 145001031 and the link between P2and P4 will be assigned hosts from the 145002031 network
XXXgtconf i ggtr out er bgp gr oup eBGP crarr
XXXgtconf i ggtr out er gtbgpgtgroup$ nei ghbor xxxxxxxx crarr
XXXgtconf i ggtr outergtbgpgtgroupgtnei ghbor$ peer - as ltremote ASgt crarr
3 P1 and P2 P3 and P4 will be configured as internal BGP peers (iBGP) Note that
iBGP peers typically use the system interface IP address as the neighbor address
XXXgtconf i ggtr out er bgp group i BGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ nei ghbor xx xx xx xx crarr
XXXgtconf i ggtr outergtbgpgtgroupgtnei ghbor$ peer - as ltl ocal ASgt crarr
4
At this point each P router should have one internal and one external BGP session
xxx show r out er bgp summar y crarr
5
We can see the advertised routes for reach neighbor using the following command
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
a How many routes are advertised to each neighbor _____ b Explain
____________________________________________________________ __________________________________________________________
6
BGP like other distance vector protocols requires an export policy to advertise-routes to other BGP peers The most accepted way to originate a route from an ISP isto create a black-hole static route for all aggregates to be advertised This will ensure
these routes always exit to eliminate IGP related route flapping Create the black-holestatic route for the aggregate of your local ISP A black hole indicates that traffic fora particular route will be discarded unless a more specific route exists in the routing
table A black hole static-route only makes sense from an aggregation view point Foreg if there are the following routes in the routing table
XXX configure router static-route xxxxxxxxyy black-hole
preference 250
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3252
32
8 Execute the following set of commands on the core routers (R1-R4) This will exportall static routes to the eBGP peers
XXX configure router policy-options crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons begin crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons policy-statement Export_Routes crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement $ entry 10 crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y$
from protocol static crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y
action accept crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r ygtact i on
back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons commit crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons exit all crarr
XXXconf i gur e router bgp group eBGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ expor t Expor t _Routes crarr
NOTE Wait for all nodes to be fully configured before proceeding
7
Notice that there are routes being advertised now that the policy is applied
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
How many routes are in the routing table of R1-R4 ________________Explain
_____________________________________________________________________ ___________________________________________________________________
9 Log on to the PE routers and ping the other P router system interfaces of the other ISP
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________Which devices were not reachable ______________________________
Explain _____________________________________________________________________
___________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3352
Lab 6 Services
Section 61 Services Framework
Objective
In order to complete the next group of labs we need to create a topology to support the
services we will deploy The two service providers from the previous sections havemerged into one and are offering a VPLS service across their network As long as routesexist to the system addresses of all the PE devices in the provider network a VPLSservice can be created The new service provider is running OSPF as the IGP for their
core network
33
Figure 6 Service Provider core network
CE4R12
P1R1 P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
OSPF
CE3R11
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3452
34
Running an IPMPLS-based service requires a Label Distribution Protocol (wersquoll useLDP for ease of deployment) and a full mesh of Service Distribution Paths (SDPs)
Follow the steps below
Reference Terminology
R1-R4 = Provider Routers = P1-P4
R5-R8 = Provider Edge Routers = PE1-PE4R9-R12 = Customer Edge Routers = CE1-CE4
Part 1 Provider Router Configuration (P1-P4)
1) In the previous lab routing between ISPs is provided by BGP Since the ISPs have
merged they will be merged into one routing domain running OSPF as their IGP
The interfaces between R1 and R3 and between R2 and R4 must be added to OSPF to
make this a single routing domain
2) The MPLS signaling protocol that will be used in the following section is LDP LDP
must be enabled on ALL interfaces that will be required to perform MPLS Label
exchange
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr
XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toP_ is the router interface to all neighboring routers
Part 2 Provider Edge Router Configuration (PE1-PE4)
1) LDP must be enabled on ALL router interfaces in the provider core to allow labels to
be exchanged across the Provider and Provider Edge routers
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toR_ is the router interface to the P and PE routers only
LDP is an MPLS signaling protocol therefore once all routers in the network have been
correctly configured for LDP LSPs will be created dynamically based on the systemaddresses of each node in the network
3) Configure a full mesh of SDPs (Service Distribution Paths) between the PE routers
only This will allow the distribution of services across all PE routers in the networks
When yoursquove completed this section each PE node will have a total of 3 SDPs to
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3552
35
each of the other 3 PEs The SDP is identified by an integer and we will use the router
number (5 6 7 or 8) of the far end PE to identify the SDP So PE1 (R5) will have 3
SDPs numbered 6 7 and 8 to each of the other three PEs
XXXgtconf i gure servi ce sdp x mpl s cr eat e crarr
XXXgtconf i ggtser vi cegtsdp$ f ar - end xxxxxxxxxxxx crarr
XXXgtconf i ggtser vi cegtsdp$ l dp crarr
XXXgtconf i ggtser vi cegtsdp$ no shut down crarr
Where x is the router number of the destination node
Where xxxxxxxxxxxx is the system IP address of the far-end device
Part 3 Customer Edge Router Configuration (CE1-CE4)
In the following service labs the Customer Edge devices will be configured as traditional
routers Each CE router has an interface in the same IP subnet The VPLS service will join these four routers in the same way an Ethernet switch would join them Thefollowing configuration is required on each CE device
1) Create the router interface on the interface connecting the CE to the service enabled
PE devices
XXXgtconf i gure r out er i nt er f ace ser vi cesCE_ crarr
XXXgtconf i ggtr out ergti f $ addr ess 192 168 1 x 24 crarr
XXXgtconf i ggtr out ergti f $ por t X Y Z crarr XXXgtconf i ggtr outergti f $ no shutdown
Where x is the local router number
Where XYZ is the physical network port connecting the CE to the neighboring
PE
2) Create OSPF area 0 and add the Router Interface created in step 1 and the system
interface to it
XXXgtconf i gur e rout er ospf area 0 crarr
XXXgtconf i ggtr out ergtospf gtarea$ i nter f ace syst emcrarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
XXXgtconf i ggtr out ergtospf gtarea i nter f ace servi ceCE1 crarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
Part 4 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3652
36
1) LDP is the protocol used for signaling which tunnel labels will be PUSHed
SWAPped POPped while data traverses the LSP To view which labels will be used
and their function use the following command
XXX show r out er l dp bi ndi ngs act i ve crarr
a How many PUSH actions on the P PE and CE devices
_______________________ Explain _______________________________________________________________
_______________________________________________________________
__________
b How many SWAP actions on the P PE and CE devices
_______________________ Explain
_______________________________________________________________
_______________________________________________________________
__________
c How many POP actions on the P PE and CE devices
_________________________ Explain
_______________________________________________________________ _______________________________________________________________
__________
2) CE Connectivity
a How many OSPF adjacencies are there on your CE device _____
b Ping the other CE devices in the network (ping 1921681x)
Explain the results ________________________________________________________________________ ________________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3752
Section 62 VPLS Example
Objective
A VPLS is a layer 2 service that can connect multiple sites in one LAN Itrsquos like creatinga virtual Switch out of a network of Service Routers In this lab we will create a VPLSacross all the PE nodes The PE devices will connect to each other with a full mesh using
mesh-sdp Note that after the service reference topology has been configured adding
services from edge to edge does not require any further modification of the P devices
37
Figure 6 VPLS service in each ISP between PE and P routers with SAP connections to CE routers
Part 1 Provider Edge Router Configuration (R5-R8)
1) Create the VPLS service
CE4R12
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
CE3R11
VPLS 1
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3852
38
XXXgtconf i gur e servi ce vpl s 1 cust omer 1 cr eat e crarr
XXXgtconf i ggtser vi cegtvpl s$ no shut down crarr
2) SDPs are used to distribute services across multiple service routers and therefore
bind a transport tunnel to the service You will need to create a mesh-sdp between
each PE router (R5-R8) to allow full communication across the PE routers Each PE
router should have 3 mesh-SDPs at the conclusion of this step Note that a mesh-sdp
will not forward a frame out another mesh-sdp allowing for a loop free service
topology within the core
XXXgtconf i gur e ser vi ce vpl s 1 mesh- sdp x create crarr
XXXgtconf i ggtser vi cegtvpl sgtmesh- sdp$ back crarr
Where x is the sdp to the other PE routers (R5=5 R6=6 R7=7 R8=8)
3) Service Access Points are used to attach CE devices to services on PE devices
XXXgtconf i gur e servi ce vpl s 1 sap X Y Z cr eat e crarr
Where XYZ is the physical port connecting the CE device to the PE
a Were you successful at adding the SAP _______
b Explain
_______________________________________________________________
_______________________________________________________________
c Correct the problem
XXXgtconf i gur e port X Y Z shut down crarr
XXXgtconf i gur e por t X Y Z et her net mode access crarr
XXXgtconf i gur e por t X Y X no shut down crarr
Part2 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
a View the in-use Service LDP bindings on the P and PE routers (U after label
indicates in-use)
XXX show r out er l dp bi ndi ngs f ec- t ype ser vi ces crarr
a How many Ingress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3952
39
b How many Egress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
b Network Connectivity
a How many OSPF adjacencies are there on your CE device _____
b
Are you able to ping the other CE devices in the lab _____c Are you able to ping the system IP address of the P device from the CE
device ____
d Explain the results
_______________________________________________________________
_______________________________________________________________
c Services Use the following command to determine the health of your services
XXXgt show ser vi ce servi ce- usi ng crarr
a How many services are there on each device in your POD ______
b
What is their status ______c Use the following command to find out more information about your service
XXXgt show ser vi ce i d 1 base crarr
d On each PE device we can see the MAC database per service using the
following command
XXXgt show ser vi ce i d 1 f db det ai l crarr
i How many local MAC addresses are in your table ____
ii How many remote MAC addresses are in your table ____
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
XXXgtconf i gur e servi ce sdp x shutdown crarr
Where x is the SDP to the remote PE device (R5=5 R6=6 R7=7 R8=8)
i How many OSPF adjacencies are there on your CE device _____
ii Ping the system IP addresses of all other CE devices in the lab
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4052
40
iii Explain the results
_________________________________________________________
_________________________________________________________
f On the P routers observe the impact of step d
XXXgtshow r out er l dp bi ndi ngs act i ve crarr
i
How many labels are there _____________
ii Is there any difference compared to what was seen in previously in
step a ________________
Explain __________________________________________________________________
__________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4152
41
Solutions
Exercise 13 Hardware
Sample Relevant Config--------------------------------------------------
echo Card Configuration--------------------------------------------------
card 1card-type iom-20g
mda 1
mda-type m60-10100eth-tx
ingress
mcast-path-managementshutdown
exit
exit
exit
exit
--------------------------------------------------
Exercise 14 Logs
Sample Relevant Config--------------------------------------------------echo Log Configuration
--------------------------------------------------
log
log-id 21
description Main stream log
from main
to memoryexit
log-id 22
description Security Log File
from security
to memoryexitlog-id 23
description Debug-trace
from debug-trace
to memoryexit
log-id 24
description Change Log
from change
to memoryexit
exit
Exercise 21
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4252
42
Divide up the ISP address space into equal space 512 host addresses
13812016022
13812020022
13812024022
13812028022 - divide into 13812028023 and 13812030023
Take the last 13812030023 and divide that into
13812030027 A1 30 hosts
138120303227 A2 62 hosts
138120306427
138120309627 B1 92 hosts
1381203012826
1381203019226 B2 316 hosts
13812031024
Exercise 22
Divide 140100024 into 827 address spaces
140100027 Reserved Reserved
1401003227 Unused
1401006427 Unused
1401009627 Split 1401009630
14010010030
14010010430
14010010830
14010011230
14010011630
14010012030
14010012430
All interface addresses
14010012827 Aggregate 14010012826 Assigned to Customer
space
14010016027
14010019227 Aggregate 14010019226 Assigned to customer
space
14010022427
Exercise 23
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4352
43
5 Is there a difference between the outputs of the lsquoshow router interfacersquo command
and the lsquoshow router route-tablersquo command What is the difference
Yes there is a difference The route table shows me the networks that are connected to myrouter and the logical interface it is connected to The router interface command shows
me the host address assigned to the port from the network that is used on my router along
with the physical port it is bound to
Relevant Configuration from P1
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
router
interface system
address 140100132
exit
interface t-R2exit
interface to-R2
address 140100530
port 112exit
interface to-R3
address 14010010930
port 113
exitinterface to-R5
address 14010011830
port 111
exit
exit
Exercise 244 How many ARP entries are on each router at this point
There are no ARP entries in my ARP table at this point The routers do not know how to
reach the system addresses of other routers so no ARP responses are received
5 How many ARP entries are on each router at this point
I see entries for each of my directly connected peers The MAC address belongs to the
remote routerrsquos interface ARP entries are populated because all routers know of theirdirectly connected networks and will respond to ARP requests accordingly
Exercise 31
5 View the contents of the routing table and answer the following questions
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4452
44
a How many routes in the table
There are routes for all my connected networks and an additional STATIC routefor each entry I put in
b What is the preference and metric value of each type of routing entry
The LOCAL entries have a Metric and Preference of 0The Static Routes have a Metric of 1 and a Preference of 5
Exercise 323 How many routes are there in the PPE routerrsquos routing table
Even though I entered 4 static routes total on the router only 2 are active in myrouting table The router preferred the static-route with the lowest metric
4 Which devices were reachable
I was able to ping the CE routers
Which devices were not reachable
I was unable to ping the System addresses of routers 2 hops away as they do not have
routes to the remote CE system address in their table The directly attached PE routerhas a staticroute to the local CE system address from a previous step
What is the PATH to the other CE within your local ISP
CE PE PE CE
5
Shut down the link directly between the PE devices
Which Devices are still reachable
I am still able to PING the other CE in my ISP by using the alternate (floating) static-route that replaced the last route Once a interface goes operationally down routers
flush routes from their routing table that use it as their next-hop
Exercise 33
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4552
45
YES While the filter is created it is not applied to any interface yet
11 From the PE ping the attached CErsquos configured host loopback address
SuccessfulYES
12 From the CE ping the attached PErsquos system IP addresses
Successful NO The filter is blocking icmp echo-requests in only one direction therefore ping
works one way but not the other
17 From the PE ping the attached CErsquos loopback host IP address
Successful
YES ICMP echo-requests are not blocked to the Loopback segment ONLY thesystem IP
18 From the CE ping the attached PErsquos system IP address
Successful
NO The filter is now blocking ICMP echo-requests to both CE and PE systemaddresses
Sample PE Relevant Config
--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forwarddescription Block ICMP to System Address
entry 10 create
match protocol icmpdst-ip 1511003032
icmp-type echo-request
exit
action drop
exit
exitexit
--------------------------------------------------
echo Router (Network Side) Configuration
--------------------------------------------------
interface to-R12
address 15110012630 port 112
ingress filter ip 77
exit
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4652
46
Sample CE Relevant Config--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forward
description Block ICMP to System Addy
entry 10 creatematch protocol icmp
dst-ip 1511003132
icmp-type echo-request
exit
action dropexit
exit
exit
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
interface to-R8
address 15110012530
port 112ingress filter ip 77
exit
Exercise 413
c How many routes in the table
There are 5 OSPF routes in my routing table 3 System Addresses and 2 Intefacenetworks that are not directly connected to my local system
d What is the preference and metric value of each OSPF Route
The OSPF routes vary in metric depending how ldquofarrdquo away they are (OSPF usescumulative cost based on bandwidth) but all have a preference of 10
4c How many neighbors do you see on the P devices 2
PE 2
CE 0
d What is the state of their adjacency
The P and PE adjacencies are Established because there is a OSPF speaker on the
other end with the proper parameters configured
There is no OSPF adjacency to the CE router listed as none was configured
e What type of LSAs are in the database
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4752
47
Only Type 1 Router LSA are present due to the interface being configured as point-
to-point
5 Which devices were reachable
All the devices in the local ISP were now reachable
Which devices were not reachable
The devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs Also none of the CE Host Networks were reachable as therouters did not have routes for these networks in their local routing table
6 Which devices were reachable
All networks and devices in the local ISP are now reachable
Which devices were not reachable
Devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs
Sample Relevant Config
--------------------------------------------------
echo OSPFv2 Configuration
--------------------------------------------------
ospf
area 0000interface system
interface-type point-to-point
exit
interface to-R4interface-type point-to-point
exitinterface toLAN
interface-type point-to-point
exitexit
exit
exit
Exercise 515 How many routes are advertised to each neighbor
There are no routes advertised to the neighbors because BGP does not originateroutes until an export policy is created and applied to the BGP instance
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4852
48
8 How many routes are in the routing table of R1-R4
There is 1 BGP route in each of R1-R4s routing tables matching the best path tothe aggregate advertised by the remote ISPs
9 Which devices were reachable
From the PE routers only the P routers in the local ISP were reachable
Which devices were not reachable
All routers in the remote ISP were still unreachable This is due to the local PE router
not participating in the BGP routing protocol and therefore it is not aware of theaggregate route advertised from P to P router
Sample Relevant Router Config
--------------------------------------------------
echo Static Route Configuration
--------------------------------------------------
static-route 140100024 black-hole--------------------------------------------------
echo Policy Configuration
-------------------------------------------------- policy-options
begin
policy-statement Export_Routes
entry 10
from protocol static
exit
action accept
exit
exit
exit
commitexit
--------------------------------------------------
echo BGP Configuration
--------------------------------------------------
bgpgroup eBGP
export Export_Routes
exit
group ebgpneighbor 1601006
peer-as 65002
exit
exitgroup ibgp
neighbor 1401002
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4952
49
peer-as 65001
exit
exit
exit
exit
Exercise 61Part 4 Verification
1 a How many PUSH actions on the P PE and CE devices
There are 7 PUSH operations on each P and PE device There are no PUSHoperations on the CE as it is not running LDP
b How many SWAP actions on the P PE and CE devices
There are 7 SWAP operations on each P and PE device There are no SWAP
operations on the CE as it is not running LDP
c How many POP actions on the P PE and CE devices
There is 1 POP operation on each P and PE device There are no POP operationson the CE device as it is not running LDP
2
a How many OSPF adjacencies are there on your CE device
None
b Ping the other CE devices in the network (ping 1921681x)
Nothing is reachable because there is no layer 2 connectivity from CE to CE
device without creating a service
Exercise 62 3 Were you successful at adding the SAP
No The port must be in access mode before you can create a SAP on it
Part 2 Verification
1
g How many Ingress labels
There are now 3 Ingress labels on the PE devices The P and CE device has no
service labels
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5052
50
h How many SWAP actions
There are now 3 Egress labels on the PE devices The P and CE device has noservice labels
2
a
How many OSPF adjacencies are there on your CE device3
b Are you able to ping the other CE devices in the lab
YES
c Are you able to ping the system IP address of the P device from the CE
device
NO The O and PE devices are private from the service to which the CEdevices are connected on
3
a How many services are there on each device in your POD
1 per PE only
b What is their status
Operationally UP
d On each PE device we can see the MAC database per service using the
following command
iii How many local MAC addresses are in your table
1
iv How many remote MAC addresses are in your table
3
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
i How many OSPF adjacencies are there on your CE device
1
ii Ping the system IP addresses of all other CE devices in the lab
Only the CE device connected to the diagonally connected PE isreachable because it is the only one with an active SDP in both
directionsf
i How many labels are there
Same as before
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5152
51
ii Is there any difference compared to what was seen in previously
in step a
NO The LSPs created with LDP are still active only the SDP usedto bind the LSPs to the service are shut down therefore no labelswill be withdrawn
Sample PE Relevant Configuration
--------------------------------------------------echo LDP Configuration
--------------------------------------------------
ldpinterface-parameters
interface to-R1
exit
interface to-R6
exit
interface to-R5exit
exit
targeted-session
exit
exitexit
--------------------------------------------------
echo Service Configuration
--------------------------------------------------
service
customer 1 createdescription Default customer
exit
sdp 6 mpls createfar-end 1401006
ldp
keep-alive
shutdown
exit
no shutdown
exitsdp 7 mpls create
far-end 1511001
ldp
keep-alive
shutdownexit
no shutdown
exit
sdp 8 mpls create
far-end 15110030
ldpkeep-alive
shutdown
exit
no shutdown
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5252
52
exit
vpls 612 customer 1 create
stp
shutdown
exitsap 112 create
exit
mesh-sdp 6612 create
mesh-sdp 7612 create
mesh-sdp 8612 createexitno shutdown
exit
exit A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2752
27
1 The first step is to enable the OSPF routing process on the router
XXX configure router ospf crarr
2 Next define the area that the interfaces will be placed in Remember that the areamust match between routers connected on the same interface for OSPF to establish an
adjacency The objective of this exercise is to configure a single area OSPF network
therefore all students should use the same area number
XXXgtconf i ggtr outergtospf $ area 0 crarr
3 Now enter into this area all the interfaces that you want OSPF to operate on and sendout its advertisements In this case place all the PE and P router interfaces inside thelocal ISP into the OSPF process area 0 Note that ISPs rarely exchange routes witheach other using an IGP protocol of any sort
XXXgtconf i ggtr out er gtospf gtar ea$ interface system crarr
XXXgtconf i ggtr outergtospf gtar eagti f $ exit crarr XXXgtconf i ggtr outergtospf gtar eagt interface toPE1
XXXgtconf i ggtr out ergtospf gtareagti f $ interface-type point-to-point crarr
Continue until all the interfaces on the PE and P routers within the ISP are enteredinto the OSPF process in area 0
XXXgtshow r out er r out e- t abl e crarr
a How many routes in the table ________ b
_________________________________________________________________ _________________________________________________________________
_________________________________________________________________ _________________________________________________________________
What is the preference and metric value of each OSPF Route
4 Use the show command to look at the OSPF neighbors of the P routers
XXXgtshow r out er ospf nei ghbor crarr
a How many neighbors do you see on the P devices _____ PE _____ CE _____
b What is the state of their adjacency ____ Why
____________________________________________________________________
____________________________________________________________________
Use the following command to show the ospf link state database This database is alisting of all LSAs that have been received by the router It is these LSAs that the SPFalgorithm uses to create the forwarding table
XXX show router ospf database detail crarr
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2852
28
a What types of LSAs are in the database _______________________________________________________________
_______________________________________________________________ b Is the database consistent on all the ISP routers _______
5 Once everyone has completed the OSPF configuration login to the P router and ping
the other PE router system interfaces
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________Which devices were not reachable ______________________________
Explain _____________________________________________________________________ ___________________________________________________________________
6 To reach the CE networks from any of the PE and P routers the CE networks need to
be distributed into OSPF running on PE and P routers The static routes to the CEnetworks are defined on the PE routers and need to be distributed on the PE routers
To do this
a
the PE router must be configured as an ASBR (Autonomous System Border
Router) The ASBR configuration under OSPF enables a router running the OSPFrouting protocol to distribute networks external to the OSPF domain into OSPFIn this case the static routes to the CE networks are not part of the ISP OSPF
domainOn the PE routerXXXgtconf i ggtr out er gtospf gtar ea 0 asbrcrarr
b A routing policy on the PE distributes the static routes into OSPF
On the PE routerXXX configure router policy-options crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons begin crarr XXXgtconf i ggtr out ergtpol i cy- opt i ons policy-statement Export_Routes crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement $ entry 10 crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y$
from protocol static crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y
action accept crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r ygtact i on
back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons commit crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons exit all crarr XXXgtconf i ggtr outergtospf export Export_Routes
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2952
29
7 From the PE and the P routers ping all the CE networks (ie ping the CE hostloopback address) within the ISP
Which devices were reachable _______________________________
Which devices were not reachable ______________________________Explain
_____________________________________________________________________
___________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3052
Lab 5 BGP Routing
Section 51 ndash BGP Routing
Objective
In this exercise the student will configure their ISP as a BGP Autonomous System The
student will then configure the BGP routing protocol to connect the Autonomous Systemstogether and exchange routing information
CE4R12
Figure 5 BGP between ISPs and within ISPs
30
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
OSPF
OSPF
BGP
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3152
31
1 Assign your AS number to your P and PE routers (R1-R8)
XXXgtconf i ggtr out er autonomous-system 6500n (n = ISP) crarr
2 P1 and P3 P2 and P4 will be configured as external BGP peers (eBGP) Note thateBGP peers typically use the next-hop interface IP address as the neighbor address
Since the ISPs will now be peering (share an IP network) between them assign the
link between P1 and P3 host addresses from 145001031 and the link between P2and P4 will be assigned hosts from the 145002031 network
XXXgtconf i ggtr out er bgp gr oup eBGP crarr
XXXgtconf i ggtr out er gtbgpgtgroup$ nei ghbor xxxxxxxx crarr
XXXgtconf i ggtr outergtbgpgtgroupgtnei ghbor$ peer - as ltremote ASgt crarr
3 P1 and P2 P3 and P4 will be configured as internal BGP peers (iBGP) Note that
iBGP peers typically use the system interface IP address as the neighbor address
XXXgtconf i ggtr out er bgp group i BGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ nei ghbor xx xx xx xx crarr
XXXgtconf i ggtr outergtbgpgtgroupgtnei ghbor$ peer - as ltl ocal ASgt crarr
4
At this point each P router should have one internal and one external BGP session
xxx show r out er bgp summar y crarr
5
We can see the advertised routes for reach neighbor using the following command
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
a How many routes are advertised to each neighbor _____ b Explain
____________________________________________________________ __________________________________________________________
6
BGP like other distance vector protocols requires an export policy to advertise-routes to other BGP peers The most accepted way to originate a route from an ISP isto create a black-hole static route for all aggregates to be advertised This will ensure
these routes always exit to eliminate IGP related route flapping Create the black-holestatic route for the aggregate of your local ISP A black hole indicates that traffic fora particular route will be discarded unless a more specific route exists in the routing
table A black hole static-route only makes sense from an aggregation view point Foreg if there are the following routes in the routing table
XXX configure router static-route xxxxxxxxyy black-hole
preference 250
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3252
32
8 Execute the following set of commands on the core routers (R1-R4) This will exportall static routes to the eBGP peers
XXX configure router policy-options crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons begin crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons policy-statement Export_Routes crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement $ entry 10 crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y$
from protocol static crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y
action accept crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r ygtact i on
back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons commit crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons exit all crarr
XXXconf i gur e router bgp group eBGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ expor t Expor t _Routes crarr
NOTE Wait for all nodes to be fully configured before proceeding
7
Notice that there are routes being advertised now that the policy is applied
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
How many routes are in the routing table of R1-R4 ________________Explain
_____________________________________________________________________ ___________________________________________________________________
9 Log on to the PE routers and ping the other P router system interfaces of the other ISP
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________Which devices were not reachable ______________________________
Explain _____________________________________________________________________
___________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3352
Lab 6 Services
Section 61 Services Framework
Objective
In order to complete the next group of labs we need to create a topology to support the
services we will deploy The two service providers from the previous sections havemerged into one and are offering a VPLS service across their network As long as routesexist to the system addresses of all the PE devices in the provider network a VPLSservice can be created The new service provider is running OSPF as the IGP for their
core network
33
Figure 6 Service Provider core network
CE4R12
P1R1 P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
OSPF
CE3R11
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3452
34
Running an IPMPLS-based service requires a Label Distribution Protocol (wersquoll useLDP for ease of deployment) and a full mesh of Service Distribution Paths (SDPs)
Follow the steps below
Reference Terminology
R1-R4 = Provider Routers = P1-P4
R5-R8 = Provider Edge Routers = PE1-PE4R9-R12 = Customer Edge Routers = CE1-CE4
Part 1 Provider Router Configuration (P1-P4)
1) In the previous lab routing between ISPs is provided by BGP Since the ISPs have
merged they will be merged into one routing domain running OSPF as their IGP
The interfaces between R1 and R3 and between R2 and R4 must be added to OSPF to
make this a single routing domain
2) The MPLS signaling protocol that will be used in the following section is LDP LDP
must be enabled on ALL interfaces that will be required to perform MPLS Label
exchange
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr
XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toP_ is the router interface to all neighboring routers
Part 2 Provider Edge Router Configuration (PE1-PE4)
1) LDP must be enabled on ALL router interfaces in the provider core to allow labels to
be exchanged across the Provider and Provider Edge routers
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toR_ is the router interface to the P and PE routers only
LDP is an MPLS signaling protocol therefore once all routers in the network have been
correctly configured for LDP LSPs will be created dynamically based on the systemaddresses of each node in the network
3) Configure a full mesh of SDPs (Service Distribution Paths) between the PE routers
only This will allow the distribution of services across all PE routers in the networks
When yoursquove completed this section each PE node will have a total of 3 SDPs to
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3552
35
each of the other 3 PEs The SDP is identified by an integer and we will use the router
number (5 6 7 or 8) of the far end PE to identify the SDP So PE1 (R5) will have 3
SDPs numbered 6 7 and 8 to each of the other three PEs
XXXgtconf i gure servi ce sdp x mpl s cr eat e crarr
XXXgtconf i ggtser vi cegtsdp$ f ar - end xxxxxxxxxxxx crarr
XXXgtconf i ggtser vi cegtsdp$ l dp crarr
XXXgtconf i ggtser vi cegtsdp$ no shut down crarr
Where x is the router number of the destination node
Where xxxxxxxxxxxx is the system IP address of the far-end device
Part 3 Customer Edge Router Configuration (CE1-CE4)
In the following service labs the Customer Edge devices will be configured as traditional
routers Each CE router has an interface in the same IP subnet The VPLS service will join these four routers in the same way an Ethernet switch would join them Thefollowing configuration is required on each CE device
1) Create the router interface on the interface connecting the CE to the service enabled
PE devices
XXXgtconf i gure r out er i nt er f ace ser vi cesCE_ crarr
XXXgtconf i ggtr out ergti f $ addr ess 192 168 1 x 24 crarr
XXXgtconf i ggtr out ergti f $ por t X Y Z crarr XXXgtconf i ggtr outergti f $ no shutdown
Where x is the local router number
Where XYZ is the physical network port connecting the CE to the neighboring
PE
2) Create OSPF area 0 and add the Router Interface created in step 1 and the system
interface to it
XXXgtconf i gur e rout er ospf area 0 crarr
XXXgtconf i ggtr out ergtospf gtarea$ i nter f ace syst emcrarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
XXXgtconf i ggtr out ergtospf gtarea i nter f ace servi ceCE1 crarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
Part 4 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3652
36
1) LDP is the protocol used for signaling which tunnel labels will be PUSHed
SWAPped POPped while data traverses the LSP To view which labels will be used
and their function use the following command
XXX show r out er l dp bi ndi ngs act i ve crarr
a How many PUSH actions on the P PE and CE devices
_______________________ Explain _______________________________________________________________
_______________________________________________________________
__________
b How many SWAP actions on the P PE and CE devices
_______________________ Explain
_______________________________________________________________
_______________________________________________________________
__________
c How many POP actions on the P PE and CE devices
_________________________ Explain
_______________________________________________________________ _______________________________________________________________
__________
2) CE Connectivity
a How many OSPF adjacencies are there on your CE device _____
b Ping the other CE devices in the network (ping 1921681x)
Explain the results ________________________________________________________________________ ________________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3752
Section 62 VPLS Example
Objective
A VPLS is a layer 2 service that can connect multiple sites in one LAN Itrsquos like creatinga virtual Switch out of a network of Service Routers In this lab we will create a VPLSacross all the PE nodes The PE devices will connect to each other with a full mesh using
mesh-sdp Note that after the service reference topology has been configured adding
services from edge to edge does not require any further modification of the P devices
37
Figure 6 VPLS service in each ISP between PE and P routers with SAP connections to CE routers
Part 1 Provider Edge Router Configuration (R5-R8)
1) Create the VPLS service
CE4R12
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
CE3R11
VPLS 1
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3852
38
XXXgtconf i gur e servi ce vpl s 1 cust omer 1 cr eat e crarr
XXXgtconf i ggtser vi cegtvpl s$ no shut down crarr
2) SDPs are used to distribute services across multiple service routers and therefore
bind a transport tunnel to the service You will need to create a mesh-sdp between
each PE router (R5-R8) to allow full communication across the PE routers Each PE
router should have 3 mesh-SDPs at the conclusion of this step Note that a mesh-sdp
will not forward a frame out another mesh-sdp allowing for a loop free service
topology within the core
XXXgtconf i gur e ser vi ce vpl s 1 mesh- sdp x create crarr
XXXgtconf i ggtser vi cegtvpl sgtmesh- sdp$ back crarr
Where x is the sdp to the other PE routers (R5=5 R6=6 R7=7 R8=8)
3) Service Access Points are used to attach CE devices to services on PE devices
XXXgtconf i gur e servi ce vpl s 1 sap X Y Z cr eat e crarr
Where XYZ is the physical port connecting the CE device to the PE
a Were you successful at adding the SAP _______
b Explain
_______________________________________________________________
_______________________________________________________________
c Correct the problem
XXXgtconf i gur e port X Y Z shut down crarr
XXXgtconf i gur e por t X Y Z et her net mode access crarr
XXXgtconf i gur e por t X Y X no shut down crarr
Part2 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
a View the in-use Service LDP bindings on the P and PE routers (U after label
indicates in-use)
XXX show r out er l dp bi ndi ngs f ec- t ype ser vi ces crarr
a How many Ingress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3952
39
b How many Egress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
b Network Connectivity
a How many OSPF adjacencies are there on your CE device _____
b
Are you able to ping the other CE devices in the lab _____c Are you able to ping the system IP address of the P device from the CE
device ____
d Explain the results
_______________________________________________________________
_______________________________________________________________
c Services Use the following command to determine the health of your services
XXXgt show ser vi ce servi ce- usi ng crarr
a How many services are there on each device in your POD ______
b
What is their status ______c Use the following command to find out more information about your service
XXXgt show ser vi ce i d 1 base crarr
d On each PE device we can see the MAC database per service using the
following command
XXXgt show ser vi ce i d 1 f db det ai l crarr
i How many local MAC addresses are in your table ____
ii How many remote MAC addresses are in your table ____
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
XXXgtconf i gur e servi ce sdp x shutdown crarr
Where x is the SDP to the remote PE device (R5=5 R6=6 R7=7 R8=8)
i How many OSPF adjacencies are there on your CE device _____
ii Ping the system IP addresses of all other CE devices in the lab
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4052
40
iii Explain the results
_________________________________________________________
_________________________________________________________
f On the P routers observe the impact of step d
XXXgtshow r out er l dp bi ndi ngs act i ve crarr
i
How many labels are there _____________
ii Is there any difference compared to what was seen in previously in
step a ________________
Explain __________________________________________________________________
__________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4152
41
Solutions
Exercise 13 Hardware
Sample Relevant Config--------------------------------------------------
echo Card Configuration--------------------------------------------------
card 1card-type iom-20g
mda 1
mda-type m60-10100eth-tx
ingress
mcast-path-managementshutdown
exit
exit
exit
exit
--------------------------------------------------
Exercise 14 Logs
Sample Relevant Config--------------------------------------------------echo Log Configuration
--------------------------------------------------
log
log-id 21
description Main stream log
from main
to memoryexit
log-id 22
description Security Log File
from security
to memoryexitlog-id 23
description Debug-trace
from debug-trace
to memoryexit
log-id 24
description Change Log
from change
to memoryexit
exit
Exercise 21
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4252
42
Divide up the ISP address space into equal space 512 host addresses
13812016022
13812020022
13812024022
13812028022 - divide into 13812028023 and 13812030023
Take the last 13812030023 and divide that into
13812030027 A1 30 hosts
138120303227 A2 62 hosts
138120306427
138120309627 B1 92 hosts
1381203012826
1381203019226 B2 316 hosts
13812031024
Exercise 22
Divide 140100024 into 827 address spaces
140100027 Reserved Reserved
1401003227 Unused
1401006427 Unused
1401009627 Split 1401009630
14010010030
14010010430
14010010830
14010011230
14010011630
14010012030
14010012430
All interface addresses
14010012827 Aggregate 14010012826 Assigned to Customer
space
14010016027
14010019227 Aggregate 14010019226 Assigned to customer
space
14010022427
Exercise 23
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4352
43
5 Is there a difference between the outputs of the lsquoshow router interfacersquo command
and the lsquoshow router route-tablersquo command What is the difference
Yes there is a difference The route table shows me the networks that are connected to myrouter and the logical interface it is connected to The router interface command shows
me the host address assigned to the port from the network that is used on my router along
with the physical port it is bound to
Relevant Configuration from P1
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
router
interface system
address 140100132
exit
interface t-R2exit
interface to-R2
address 140100530
port 112exit
interface to-R3
address 14010010930
port 113
exitinterface to-R5
address 14010011830
port 111
exit
exit
Exercise 244 How many ARP entries are on each router at this point
There are no ARP entries in my ARP table at this point The routers do not know how to
reach the system addresses of other routers so no ARP responses are received
5 How many ARP entries are on each router at this point
I see entries for each of my directly connected peers The MAC address belongs to the
remote routerrsquos interface ARP entries are populated because all routers know of theirdirectly connected networks and will respond to ARP requests accordingly
Exercise 31
5 View the contents of the routing table and answer the following questions
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4452
44
a How many routes in the table
There are routes for all my connected networks and an additional STATIC routefor each entry I put in
b What is the preference and metric value of each type of routing entry
The LOCAL entries have a Metric and Preference of 0The Static Routes have a Metric of 1 and a Preference of 5
Exercise 323 How many routes are there in the PPE routerrsquos routing table
Even though I entered 4 static routes total on the router only 2 are active in myrouting table The router preferred the static-route with the lowest metric
4 Which devices were reachable
I was able to ping the CE routers
Which devices were not reachable
I was unable to ping the System addresses of routers 2 hops away as they do not have
routes to the remote CE system address in their table The directly attached PE routerhas a staticroute to the local CE system address from a previous step
What is the PATH to the other CE within your local ISP
CE PE PE CE
5
Shut down the link directly between the PE devices
Which Devices are still reachable
I am still able to PING the other CE in my ISP by using the alternate (floating) static-route that replaced the last route Once a interface goes operationally down routers
flush routes from their routing table that use it as their next-hop
Exercise 33
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4552
45
YES While the filter is created it is not applied to any interface yet
11 From the PE ping the attached CErsquos configured host loopback address
SuccessfulYES
12 From the CE ping the attached PErsquos system IP addresses
Successful NO The filter is blocking icmp echo-requests in only one direction therefore ping
works one way but not the other
17 From the PE ping the attached CErsquos loopback host IP address
Successful
YES ICMP echo-requests are not blocked to the Loopback segment ONLY thesystem IP
18 From the CE ping the attached PErsquos system IP address
Successful
NO The filter is now blocking ICMP echo-requests to both CE and PE systemaddresses
Sample PE Relevant Config
--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forwarddescription Block ICMP to System Address
entry 10 create
match protocol icmpdst-ip 1511003032
icmp-type echo-request
exit
action drop
exit
exitexit
--------------------------------------------------
echo Router (Network Side) Configuration
--------------------------------------------------
interface to-R12
address 15110012630 port 112
ingress filter ip 77
exit
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4652
46
Sample CE Relevant Config--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forward
description Block ICMP to System Addy
entry 10 creatematch protocol icmp
dst-ip 1511003132
icmp-type echo-request
exit
action dropexit
exit
exit
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
interface to-R8
address 15110012530
port 112ingress filter ip 77
exit
Exercise 413
c How many routes in the table
There are 5 OSPF routes in my routing table 3 System Addresses and 2 Intefacenetworks that are not directly connected to my local system
d What is the preference and metric value of each OSPF Route
The OSPF routes vary in metric depending how ldquofarrdquo away they are (OSPF usescumulative cost based on bandwidth) but all have a preference of 10
4c How many neighbors do you see on the P devices 2
PE 2
CE 0
d What is the state of their adjacency
The P and PE adjacencies are Established because there is a OSPF speaker on the
other end with the proper parameters configured
There is no OSPF adjacency to the CE router listed as none was configured
e What type of LSAs are in the database
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4752
47
Only Type 1 Router LSA are present due to the interface being configured as point-
to-point
5 Which devices were reachable
All the devices in the local ISP were now reachable
Which devices were not reachable
The devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs Also none of the CE Host Networks were reachable as therouters did not have routes for these networks in their local routing table
6 Which devices were reachable
All networks and devices in the local ISP are now reachable
Which devices were not reachable
Devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs
Sample Relevant Config
--------------------------------------------------
echo OSPFv2 Configuration
--------------------------------------------------
ospf
area 0000interface system
interface-type point-to-point
exit
interface to-R4interface-type point-to-point
exitinterface toLAN
interface-type point-to-point
exitexit
exit
exit
Exercise 515 How many routes are advertised to each neighbor
There are no routes advertised to the neighbors because BGP does not originateroutes until an export policy is created and applied to the BGP instance
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4852
48
8 How many routes are in the routing table of R1-R4
There is 1 BGP route in each of R1-R4s routing tables matching the best path tothe aggregate advertised by the remote ISPs
9 Which devices were reachable
From the PE routers only the P routers in the local ISP were reachable
Which devices were not reachable
All routers in the remote ISP were still unreachable This is due to the local PE router
not participating in the BGP routing protocol and therefore it is not aware of theaggregate route advertised from P to P router
Sample Relevant Router Config
--------------------------------------------------
echo Static Route Configuration
--------------------------------------------------
static-route 140100024 black-hole--------------------------------------------------
echo Policy Configuration
-------------------------------------------------- policy-options
begin
policy-statement Export_Routes
entry 10
from protocol static
exit
action accept
exit
exit
exit
commitexit
--------------------------------------------------
echo BGP Configuration
--------------------------------------------------
bgpgroup eBGP
export Export_Routes
exit
group ebgpneighbor 1601006
peer-as 65002
exit
exitgroup ibgp
neighbor 1401002
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4952
49
peer-as 65001
exit
exit
exit
exit
Exercise 61Part 4 Verification
1 a How many PUSH actions on the P PE and CE devices
There are 7 PUSH operations on each P and PE device There are no PUSHoperations on the CE as it is not running LDP
b How many SWAP actions on the P PE and CE devices
There are 7 SWAP operations on each P and PE device There are no SWAP
operations on the CE as it is not running LDP
c How many POP actions on the P PE and CE devices
There is 1 POP operation on each P and PE device There are no POP operationson the CE device as it is not running LDP
2
a How many OSPF adjacencies are there on your CE device
None
b Ping the other CE devices in the network (ping 1921681x)
Nothing is reachable because there is no layer 2 connectivity from CE to CE
device without creating a service
Exercise 62 3 Were you successful at adding the SAP
No The port must be in access mode before you can create a SAP on it
Part 2 Verification
1
g How many Ingress labels
There are now 3 Ingress labels on the PE devices The P and CE device has no
service labels
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5052
50
h How many SWAP actions
There are now 3 Egress labels on the PE devices The P and CE device has noservice labels
2
a
How many OSPF adjacencies are there on your CE device3
b Are you able to ping the other CE devices in the lab
YES
c Are you able to ping the system IP address of the P device from the CE
device
NO The O and PE devices are private from the service to which the CEdevices are connected on
3
a How many services are there on each device in your POD
1 per PE only
b What is their status
Operationally UP
d On each PE device we can see the MAC database per service using the
following command
iii How many local MAC addresses are in your table
1
iv How many remote MAC addresses are in your table
3
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
i How many OSPF adjacencies are there on your CE device
1
ii Ping the system IP addresses of all other CE devices in the lab
Only the CE device connected to the diagonally connected PE isreachable because it is the only one with an active SDP in both
directionsf
i How many labels are there
Same as before
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5152
51
ii Is there any difference compared to what was seen in previously
in step a
NO The LSPs created with LDP are still active only the SDP usedto bind the LSPs to the service are shut down therefore no labelswill be withdrawn
Sample PE Relevant Configuration
--------------------------------------------------echo LDP Configuration
--------------------------------------------------
ldpinterface-parameters
interface to-R1
exit
interface to-R6
exit
interface to-R5exit
exit
targeted-session
exit
exitexit
--------------------------------------------------
echo Service Configuration
--------------------------------------------------
service
customer 1 createdescription Default customer
exit
sdp 6 mpls createfar-end 1401006
ldp
keep-alive
shutdown
exit
no shutdown
exitsdp 7 mpls create
far-end 1511001
ldp
keep-alive
shutdownexit
no shutdown
exit
sdp 8 mpls create
far-end 15110030
ldpkeep-alive
shutdown
exit
no shutdown
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5252
52
exit
vpls 612 customer 1 create
stp
shutdown
exitsap 112 create
exit
mesh-sdp 6612 create
mesh-sdp 7612 create
mesh-sdp 8612 createexitno shutdown
exit
exit A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2852
28
a What types of LSAs are in the database _______________________________________________________________
_______________________________________________________________ b Is the database consistent on all the ISP routers _______
5 Once everyone has completed the OSPF configuration login to the P router and ping
the other PE router system interfaces
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________Which devices were not reachable ______________________________
Explain _____________________________________________________________________ ___________________________________________________________________
6 To reach the CE networks from any of the PE and P routers the CE networks need to
be distributed into OSPF running on PE and P routers The static routes to the CEnetworks are defined on the PE routers and need to be distributed on the PE routers
To do this
a
the PE router must be configured as an ASBR (Autonomous System Border
Router) The ASBR configuration under OSPF enables a router running the OSPFrouting protocol to distribute networks external to the OSPF domain into OSPFIn this case the static routes to the CE networks are not part of the ISP OSPF
domainOn the PE routerXXXgtconf i ggtr out er gtospf gtar ea 0 asbrcrarr
b A routing policy on the PE distributes the static routes into OSPF
On the PE routerXXX configure router policy-options crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons begin crarr XXXgtconf i ggtr out ergtpol i cy- opt i ons policy-statement Export_Routes crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement $ entry 10 crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y$
from protocol static crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y
action accept crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r ygtact i on
back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons commit crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons exit all crarr XXXgtconf i ggtr outergtospf export Export_Routes
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2952
29
7 From the PE and the P routers ping all the CE networks (ie ping the CE hostloopback address) within the ISP
Which devices were reachable _______________________________
Which devices were not reachable ______________________________Explain
_____________________________________________________________________
___________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3052
Lab 5 BGP Routing
Section 51 ndash BGP Routing
Objective
In this exercise the student will configure their ISP as a BGP Autonomous System The
student will then configure the BGP routing protocol to connect the Autonomous Systemstogether and exchange routing information
CE4R12
Figure 5 BGP between ISPs and within ISPs
30
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
OSPF
OSPF
BGP
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3152
31
1 Assign your AS number to your P and PE routers (R1-R8)
XXXgtconf i ggtr out er autonomous-system 6500n (n = ISP) crarr
2 P1 and P3 P2 and P4 will be configured as external BGP peers (eBGP) Note thateBGP peers typically use the next-hop interface IP address as the neighbor address
Since the ISPs will now be peering (share an IP network) between them assign the
link between P1 and P3 host addresses from 145001031 and the link between P2and P4 will be assigned hosts from the 145002031 network
XXXgtconf i ggtr out er bgp gr oup eBGP crarr
XXXgtconf i ggtr out er gtbgpgtgroup$ nei ghbor xxxxxxxx crarr
XXXgtconf i ggtr outergtbgpgtgroupgtnei ghbor$ peer - as ltremote ASgt crarr
3 P1 and P2 P3 and P4 will be configured as internal BGP peers (iBGP) Note that
iBGP peers typically use the system interface IP address as the neighbor address
XXXgtconf i ggtr out er bgp group i BGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ nei ghbor xx xx xx xx crarr
XXXgtconf i ggtr outergtbgpgtgroupgtnei ghbor$ peer - as ltl ocal ASgt crarr
4
At this point each P router should have one internal and one external BGP session
xxx show r out er bgp summar y crarr
5
We can see the advertised routes for reach neighbor using the following command
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
a How many routes are advertised to each neighbor _____ b Explain
____________________________________________________________ __________________________________________________________
6
BGP like other distance vector protocols requires an export policy to advertise-routes to other BGP peers The most accepted way to originate a route from an ISP isto create a black-hole static route for all aggregates to be advertised This will ensure
these routes always exit to eliminate IGP related route flapping Create the black-holestatic route for the aggregate of your local ISP A black hole indicates that traffic fora particular route will be discarded unless a more specific route exists in the routing
table A black hole static-route only makes sense from an aggregation view point Foreg if there are the following routes in the routing table
XXX configure router static-route xxxxxxxxyy black-hole
preference 250
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3252
32
8 Execute the following set of commands on the core routers (R1-R4) This will exportall static routes to the eBGP peers
XXX configure router policy-options crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons begin crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons policy-statement Export_Routes crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement $ entry 10 crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y$
from protocol static crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y
action accept crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r ygtact i on
back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons commit crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons exit all crarr
XXXconf i gur e router bgp group eBGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ expor t Expor t _Routes crarr
NOTE Wait for all nodes to be fully configured before proceeding
7
Notice that there are routes being advertised now that the policy is applied
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
How many routes are in the routing table of R1-R4 ________________Explain
_____________________________________________________________________ ___________________________________________________________________
9 Log on to the PE routers and ping the other P router system interfaces of the other ISP
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________Which devices were not reachable ______________________________
Explain _____________________________________________________________________
___________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3352
Lab 6 Services
Section 61 Services Framework
Objective
In order to complete the next group of labs we need to create a topology to support the
services we will deploy The two service providers from the previous sections havemerged into one and are offering a VPLS service across their network As long as routesexist to the system addresses of all the PE devices in the provider network a VPLSservice can be created The new service provider is running OSPF as the IGP for their
core network
33
Figure 6 Service Provider core network
CE4R12
P1R1 P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
OSPF
CE3R11
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3452
34
Running an IPMPLS-based service requires a Label Distribution Protocol (wersquoll useLDP for ease of deployment) and a full mesh of Service Distribution Paths (SDPs)
Follow the steps below
Reference Terminology
R1-R4 = Provider Routers = P1-P4
R5-R8 = Provider Edge Routers = PE1-PE4R9-R12 = Customer Edge Routers = CE1-CE4
Part 1 Provider Router Configuration (P1-P4)
1) In the previous lab routing between ISPs is provided by BGP Since the ISPs have
merged they will be merged into one routing domain running OSPF as their IGP
The interfaces between R1 and R3 and between R2 and R4 must be added to OSPF to
make this a single routing domain
2) The MPLS signaling protocol that will be used in the following section is LDP LDP
must be enabled on ALL interfaces that will be required to perform MPLS Label
exchange
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr
XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toP_ is the router interface to all neighboring routers
Part 2 Provider Edge Router Configuration (PE1-PE4)
1) LDP must be enabled on ALL router interfaces in the provider core to allow labels to
be exchanged across the Provider and Provider Edge routers
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toR_ is the router interface to the P and PE routers only
LDP is an MPLS signaling protocol therefore once all routers in the network have been
correctly configured for LDP LSPs will be created dynamically based on the systemaddresses of each node in the network
3) Configure a full mesh of SDPs (Service Distribution Paths) between the PE routers
only This will allow the distribution of services across all PE routers in the networks
When yoursquove completed this section each PE node will have a total of 3 SDPs to
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3552
35
each of the other 3 PEs The SDP is identified by an integer and we will use the router
number (5 6 7 or 8) of the far end PE to identify the SDP So PE1 (R5) will have 3
SDPs numbered 6 7 and 8 to each of the other three PEs
XXXgtconf i gure servi ce sdp x mpl s cr eat e crarr
XXXgtconf i ggtser vi cegtsdp$ f ar - end xxxxxxxxxxxx crarr
XXXgtconf i ggtser vi cegtsdp$ l dp crarr
XXXgtconf i ggtser vi cegtsdp$ no shut down crarr
Where x is the router number of the destination node
Where xxxxxxxxxxxx is the system IP address of the far-end device
Part 3 Customer Edge Router Configuration (CE1-CE4)
In the following service labs the Customer Edge devices will be configured as traditional
routers Each CE router has an interface in the same IP subnet The VPLS service will join these four routers in the same way an Ethernet switch would join them Thefollowing configuration is required on each CE device
1) Create the router interface on the interface connecting the CE to the service enabled
PE devices
XXXgtconf i gure r out er i nt er f ace ser vi cesCE_ crarr
XXXgtconf i ggtr out ergti f $ addr ess 192 168 1 x 24 crarr
XXXgtconf i ggtr out ergti f $ por t X Y Z crarr XXXgtconf i ggtr outergti f $ no shutdown
Where x is the local router number
Where XYZ is the physical network port connecting the CE to the neighboring
PE
2) Create OSPF area 0 and add the Router Interface created in step 1 and the system
interface to it
XXXgtconf i gur e rout er ospf area 0 crarr
XXXgtconf i ggtr out ergtospf gtarea$ i nter f ace syst emcrarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
XXXgtconf i ggtr out ergtospf gtarea i nter f ace servi ceCE1 crarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
Part 4 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3652
36
1) LDP is the protocol used for signaling which tunnel labels will be PUSHed
SWAPped POPped while data traverses the LSP To view which labels will be used
and their function use the following command
XXX show r out er l dp bi ndi ngs act i ve crarr
a How many PUSH actions on the P PE and CE devices
_______________________ Explain _______________________________________________________________
_______________________________________________________________
__________
b How many SWAP actions on the P PE and CE devices
_______________________ Explain
_______________________________________________________________
_______________________________________________________________
__________
c How many POP actions on the P PE and CE devices
_________________________ Explain
_______________________________________________________________ _______________________________________________________________
__________
2) CE Connectivity
a How many OSPF adjacencies are there on your CE device _____
b Ping the other CE devices in the network (ping 1921681x)
Explain the results ________________________________________________________________________ ________________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3752
Section 62 VPLS Example
Objective
A VPLS is a layer 2 service that can connect multiple sites in one LAN Itrsquos like creatinga virtual Switch out of a network of Service Routers In this lab we will create a VPLSacross all the PE nodes The PE devices will connect to each other with a full mesh using
mesh-sdp Note that after the service reference topology has been configured adding
services from edge to edge does not require any further modification of the P devices
37
Figure 6 VPLS service in each ISP between PE and P routers with SAP connections to CE routers
Part 1 Provider Edge Router Configuration (R5-R8)
1) Create the VPLS service
CE4R12
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
CE3R11
VPLS 1
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3852
38
XXXgtconf i gur e servi ce vpl s 1 cust omer 1 cr eat e crarr
XXXgtconf i ggtser vi cegtvpl s$ no shut down crarr
2) SDPs are used to distribute services across multiple service routers and therefore
bind a transport tunnel to the service You will need to create a mesh-sdp between
each PE router (R5-R8) to allow full communication across the PE routers Each PE
router should have 3 mesh-SDPs at the conclusion of this step Note that a mesh-sdp
will not forward a frame out another mesh-sdp allowing for a loop free service
topology within the core
XXXgtconf i gur e ser vi ce vpl s 1 mesh- sdp x create crarr
XXXgtconf i ggtser vi cegtvpl sgtmesh- sdp$ back crarr
Where x is the sdp to the other PE routers (R5=5 R6=6 R7=7 R8=8)
3) Service Access Points are used to attach CE devices to services on PE devices
XXXgtconf i gur e servi ce vpl s 1 sap X Y Z cr eat e crarr
Where XYZ is the physical port connecting the CE device to the PE
a Were you successful at adding the SAP _______
b Explain
_______________________________________________________________
_______________________________________________________________
c Correct the problem
XXXgtconf i gur e port X Y Z shut down crarr
XXXgtconf i gur e por t X Y Z et her net mode access crarr
XXXgtconf i gur e por t X Y X no shut down crarr
Part2 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
a View the in-use Service LDP bindings on the P and PE routers (U after label
indicates in-use)
XXX show r out er l dp bi ndi ngs f ec- t ype ser vi ces crarr
a How many Ingress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3952
39
b How many Egress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
b Network Connectivity
a How many OSPF adjacencies are there on your CE device _____
b
Are you able to ping the other CE devices in the lab _____c Are you able to ping the system IP address of the P device from the CE
device ____
d Explain the results
_______________________________________________________________
_______________________________________________________________
c Services Use the following command to determine the health of your services
XXXgt show ser vi ce servi ce- usi ng crarr
a How many services are there on each device in your POD ______
b
What is their status ______c Use the following command to find out more information about your service
XXXgt show ser vi ce i d 1 base crarr
d On each PE device we can see the MAC database per service using the
following command
XXXgt show ser vi ce i d 1 f db det ai l crarr
i How many local MAC addresses are in your table ____
ii How many remote MAC addresses are in your table ____
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
XXXgtconf i gur e servi ce sdp x shutdown crarr
Where x is the SDP to the remote PE device (R5=5 R6=6 R7=7 R8=8)
i How many OSPF adjacencies are there on your CE device _____
ii Ping the system IP addresses of all other CE devices in the lab
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4052
40
iii Explain the results
_________________________________________________________
_________________________________________________________
f On the P routers observe the impact of step d
XXXgtshow r out er l dp bi ndi ngs act i ve crarr
i
How many labels are there _____________
ii Is there any difference compared to what was seen in previously in
step a ________________
Explain __________________________________________________________________
__________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4152
41
Solutions
Exercise 13 Hardware
Sample Relevant Config--------------------------------------------------
echo Card Configuration--------------------------------------------------
card 1card-type iom-20g
mda 1
mda-type m60-10100eth-tx
ingress
mcast-path-managementshutdown
exit
exit
exit
exit
--------------------------------------------------
Exercise 14 Logs
Sample Relevant Config--------------------------------------------------echo Log Configuration
--------------------------------------------------
log
log-id 21
description Main stream log
from main
to memoryexit
log-id 22
description Security Log File
from security
to memoryexitlog-id 23
description Debug-trace
from debug-trace
to memoryexit
log-id 24
description Change Log
from change
to memoryexit
exit
Exercise 21
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4252
42
Divide up the ISP address space into equal space 512 host addresses
13812016022
13812020022
13812024022
13812028022 - divide into 13812028023 and 13812030023
Take the last 13812030023 and divide that into
13812030027 A1 30 hosts
138120303227 A2 62 hosts
138120306427
138120309627 B1 92 hosts
1381203012826
1381203019226 B2 316 hosts
13812031024
Exercise 22
Divide 140100024 into 827 address spaces
140100027 Reserved Reserved
1401003227 Unused
1401006427 Unused
1401009627 Split 1401009630
14010010030
14010010430
14010010830
14010011230
14010011630
14010012030
14010012430
All interface addresses
14010012827 Aggregate 14010012826 Assigned to Customer
space
14010016027
14010019227 Aggregate 14010019226 Assigned to customer
space
14010022427
Exercise 23
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4352
43
5 Is there a difference between the outputs of the lsquoshow router interfacersquo command
and the lsquoshow router route-tablersquo command What is the difference
Yes there is a difference The route table shows me the networks that are connected to myrouter and the logical interface it is connected to The router interface command shows
me the host address assigned to the port from the network that is used on my router along
with the physical port it is bound to
Relevant Configuration from P1
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
router
interface system
address 140100132
exit
interface t-R2exit
interface to-R2
address 140100530
port 112exit
interface to-R3
address 14010010930
port 113
exitinterface to-R5
address 14010011830
port 111
exit
exit
Exercise 244 How many ARP entries are on each router at this point
There are no ARP entries in my ARP table at this point The routers do not know how to
reach the system addresses of other routers so no ARP responses are received
5 How many ARP entries are on each router at this point
I see entries for each of my directly connected peers The MAC address belongs to the
remote routerrsquos interface ARP entries are populated because all routers know of theirdirectly connected networks and will respond to ARP requests accordingly
Exercise 31
5 View the contents of the routing table and answer the following questions
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4452
44
a How many routes in the table
There are routes for all my connected networks and an additional STATIC routefor each entry I put in
b What is the preference and metric value of each type of routing entry
The LOCAL entries have a Metric and Preference of 0The Static Routes have a Metric of 1 and a Preference of 5
Exercise 323 How many routes are there in the PPE routerrsquos routing table
Even though I entered 4 static routes total on the router only 2 are active in myrouting table The router preferred the static-route with the lowest metric
4 Which devices were reachable
I was able to ping the CE routers
Which devices were not reachable
I was unable to ping the System addresses of routers 2 hops away as they do not have
routes to the remote CE system address in their table The directly attached PE routerhas a staticroute to the local CE system address from a previous step
What is the PATH to the other CE within your local ISP
CE PE PE CE
5
Shut down the link directly between the PE devices
Which Devices are still reachable
I am still able to PING the other CE in my ISP by using the alternate (floating) static-route that replaced the last route Once a interface goes operationally down routers
flush routes from their routing table that use it as their next-hop
Exercise 33
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4552
45
YES While the filter is created it is not applied to any interface yet
11 From the PE ping the attached CErsquos configured host loopback address
SuccessfulYES
12 From the CE ping the attached PErsquos system IP addresses
Successful NO The filter is blocking icmp echo-requests in only one direction therefore ping
works one way but not the other
17 From the PE ping the attached CErsquos loopback host IP address
Successful
YES ICMP echo-requests are not blocked to the Loopback segment ONLY thesystem IP
18 From the CE ping the attached PErsquos system IP address
Successful
NO The filter is now blocking ICMP echo-requests to both CE and PE systemaddresses
Sample PE Relevant Config
--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forwarddescription Block ICMP to System Address
entry 10 create
match protocol icmpdst-ip 1511003032
icmp-type echo-request
exit
action drop
exit
exitexit
--------------------------------------------------
echo Router (Network Side) Configuration
--------------------------------------------------
interface to-R12
address 15110012630 port 112
ingress filter ip 77
exit
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4652
46
Sample CE Relevant Config--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forward
description Block ICMP to System Addy
entry 10 creatematch protocol icmp
dst-ip 1511003132
icmp-type echo-request
exit
action dropexit
exit
exit
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
interface to-R8
address 15110012530
port 112ingress filter ip 77
exit
Exercise 413
c How many routes in the table
There are 5 OSPF routes in my routing table 3 System Addresses and 2 Intefacenetworks that are not directly connected to my local system
d What is the preference and metric value of each OSPF Route
The OSPF routes vary in metric depending how ldquofarrdquo away they are (OSPF usescumulative cost based on bandwidth) but all have a preference of 10
4c How many neighbors do you see on the P devices 2
PE 2
CE 0
d What is the state of their adjacency
The P and PE adjacencies are Established because there is a OSPF speaker on the
other end with the proper parameters configured
There is no OSPF adjacency to the CE router listed as none was configured
e What type of LSAs are in the database
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4752
47
Only Type 1 Router LSA are present due to the interface being configured as point-
to-point
5 Which devices were reachable
All the devices in the local ISP were now reachable
Which devices were not reachable
The devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs Also none of the CE Host Networks were reachable as therouters did not have routes for these networks in their local routing table
6 Which devices were reachable
All networks and devices in the local ISP are now reachable
Which devices were not reachable
Devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs
Sample Relevant Config
--------------------------------------------------
echo OSPFv2 Configuration
--------------------------------------------------
ospf
area 0000interface system
interface-type point-to-point
exit
interface to-R4interface-type point-to-point
exitinterface toLAN
interface-type point-to-point
exitexit
exit
exit
Exercise 515 How many routes are advertised to each neighbor
There are no routes advertised to the neighbors because BGP does not originateroutes until an export policy is created and applied to the BGP instance
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4852
48
8 How many routes are in the routing table of R1-R4
There is 1 BGP route in each of R1-R4s routing tables matching the best path tothe aggregate advertised by the remote ISPs
9 Which devices were reachable
From the PE routers only the P routers in the local ISP were reachable
Which devices were not reachable
All routers in the remote ISP were still unreachable This is due to the local PE router
not participating in the BGP routing protocol and therefore it is not aware of theaggregate route advertised from P to P router
Sample Relevant Router Config
--------------------------------------------------
echo Static Route Configuration
--------------------------------------------------
static-route 140100024 black-hole--------------------------------------------------
echo Policy Configuration
-------------------------------------------------- policy-options
begin
policy-statement Export_Routes
entry 10
from protocol static
exit
action accept
exit
exit
exit
commitexit
--------------------------------------------------
echo BGP Configuration
--------------------------------------------------
bgpgroup eBGP
export Export_Routes
exit
group ebgpneighbor 1601006
peer-as 65002
exit
exitgroup ibgp
neighbor 1401002
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4952
49
peer-as 65001
exit
exit
exit
exit
Exercise 61Part 4 Verification
1 a How many PUSH actions on the P PE and CE devices
There are 7 PUSH operations on each P and PE device There are no PUSHoperations on the CE as it is not running LDP
b How many SWAP actions on the P PE and CE devices
There are 7 SWAP operations on each P and PE device There are no SWAP
operations on the CE as it is not running LDP
c How many POP actions on the P PE and CE devices
There is 1 POP operation on each P and PE device There are no POP operationson the CE device as it is not running LDP
2
a How many OSPF adjacencies are there on your CE device
None
b Ping the other CE devices in the network (ping 1921681x)
Nothing is reachable because there is no layer 2 connectivity from CE to CE
device without creating a service
Exercise 62 3 Were you successful at adding the SAP
No The port must be in access mode before you can create a SAP on it
Part 2 Verification
1
g How many Ingress labels
There are now 3 Ingress labels on the PE devices The P and CE device has no
service labels
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5052
50
h How many SWAP actions
There are now 3 Egress labels on the PE devices The P and CE device has noservice labels
2
a
How many OSPF adjacencies are there on your CE device3
b Are you able to ping the other CE devices in the lab
YES
c Are you able to ping the system IP address of the P device from the CE
device
NO The O and PE devices are private from the service to which the CEdevices are connected on
3
a How many services are there on each device in your POD
1 per PE only
b What is their status
Operationally UP
d On each PE device we can see the MAC database per service using the
following command
iii How many local MAC addresses are in your table
1
iv How many remote MAC addresses are in your table
3
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
i How many OSPF adjacencies are there on your CE device
1
ii Ping the system IP addresses of all other CE devices in the lab
Only the CE device connected to the diagonally connected PE isreachable because it is the only one with an active SDP in both
directionsf
i How many labels are there
Same as before
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5152
51
ii Is there any difference compared to what was seen in previously
in step a
NO The LSPs created with LDP are still active only the SDP usedto bind the LSPs to the service are shut down therefore no labelswill be withdrawn
Sample PE Relevant Configuration
--------------------------------------------------echo LDP Configuration
--------------------------------------------------
ldpinterface-parameters
interface to-R1
exit
interface to-R6
exit
interface to-R5exit
exit
targeted-session
exit
exitexit
--------------------------------------------------
echo Service Configuration
--------------------------------------------------
service
customer 1 createdescription Default customer
exit
sdp 6 mpls createfar-end 1401006
ldp
keep-alive
shutdown
exit
no shutdown
exitsdp 7 mpls create
far-end 1511001
ldp
keep-alive
shutdownexit
no shutdown
exit
sdp 8 mpls create
far-end 15110030
ldpkeep-alive
shutdown
exit
no shutdown
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5252
52
exit
vpls 612 customer 1 create
stp
shutdown
exitsap 112 create
exit
mesh-sdp 6612 create
mesh-sdp 7612 create
mesh-sdp 8612 createexitno shutdown
exit
exit A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 2952
29
7 From the PE and the P routers ping all the CE networks (ie ping the CE hostloopback address) within the ISP
Which devices were reachable _______________________________
Which devices were not reachable ______________________________Explain
_____________________________________________________________________
___________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3052
Lab 5 BGP Routing
Section 51 ndash BGP Routing
Objective
In this exercise the student will configure their ISP as a BGP Autonomous System The
student will then configure the BGP routing protocol to connect the Autonomous Systemstogether and exchange routing information
CE4R12
Figure 5 BGP between ISPs and within ISPs
30
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
OSPF
OSPF
BGP
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3152
31
1 Assign your AS number to your P and PE routers (R1-R8)
XXXgtconf i ggtr out er autonomous-system 6500n (n = ISP) crarr
2 P1 and P3 P2 and P4 will be configured as external BGP peers (eBGP) Note thateBGP peers typically use the next-hop interface IP address as the neighbor address
Since the ISPs will now be peering (share an IP network) between them assign the
link between P1 and P3 host addresses from 145001031 and the link between P2and P4 will be assigned hosts from the 145002031 network
XXXgtconf i ggtr out er bgp gr oup eBGP crarr
XXXgtconf i ggtr out er gtbgpgtgroup$ nei ghbor xxxxxxxx crarr
XXXgtconf i ggtr outergtbgpgtgroupgtnei ghbor$ peer - as ltremote ASgt crarr
3 P1 and P2 P3 and P4 will be configured as internal BGP peers (iBGP) Note that
iBGP peers typically use the system interface IP address as the neighbor address
XXXgtconf i ggtr out er bgp group i BGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ nei ghbor xx xx xx xx crarr
XXXgtconf i ggtr outergtbgpgtgroupgtnei ghbor$ peer - as ltl ocal ASgt crarr
4
At this point each P router should have one internal and one external BGP session
xxx show r out er bgp summar y crarr
5
We can see the advertised routes for reach neighbor using the following command
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
a How many routes are advertised to each neighbor _____ b Explain
____________________________________________________________ __________________________________________________________
6
BGP like other distance vector protocols requires an export policy to advertise-routes to other BGP peers The most accepted way to originate a route from an ISP isto create a black-hole static route for all aggregates to be advertised This will ensure
these routes always exit to eliminate IGP related route flapping Create the black-holestatic route for the aggregate of your local ISP A black hole indicates that traffic fora particular route will be discarded unless a more specific route exists in the routing
table A black hole static-route only makes sense from an aggregation view point Foreg if there are the following routes in the routing table
XXX configure router static-route xxxxxxxxyy black-hole
preference 250
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3252
32
8 Execute the following set of commands on the core routers (R1-R4) This will exportall static routes to the eBGP peers
XXX configure router policy-options crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons begin crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons policy-statement Export_Routes crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement $ entry 10 crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y$
from protocol static crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y
action accept crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r ygtact i on
back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons commit crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons exit all crarr
XXXconf i gur e router bgp group eBGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ expor t Expor t _Routes crarr
NOTE Wait for all nodes to be fully configured before proceeding
7
Notice that there are routes being advertised now that the policy is applied
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
How many routes are in the routing table of R1-R4 ________________Explain
_____________________________________________________________________ ___________________________________________________________________
9 Log on to the PE routers and ping the other P router system interfaces of the other ISP
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________Which devices were not reachable ______________________________
Explain _____________________________________________________________________
___________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3352
Lab 6 Services
Section 61 Services Framework
Objective
In order to complete the next group of labs we need to create a topology to support the
services we will deploy The two service providers from the previous sections havemerged into one and are offering a VPLS service across their network As long as routesexist to the system addresses of all the PE devices in the provider network a VPLSservice can be created The new service provider is running OSPF as the IGP for their
core network
33
Figure 6 Service Provider core network
CE4R12
P1R1 P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
OSPF
CE3R11
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3452
34
Running an IPMPLS-based service requires a Label Distribution Protocol (wersquoll useLDP for ease of deployment) and a full mesh of Service Distribution Paths (SDPs)
Follow the steps below
Reference Terminology
R1-R4 = Provider Routers = P1-P4
R5-R8 = Provider Edge Routers = PE1-PE4R9-R12 = Customer Edge Routers = CE1-CE4
Part 1 Provider Router Configuration (P1-P4)
1) In the previous lab routing between ISPs is provided by BGP Since the ISPs have
merged they will be merged into one routing domain running OSPF as their IGP
The interfaces between R1 and R3 and between R2 and R4 must be added to OSPF to
make this a single routing domain
2) The MPLS signaling protocol that will be used in the following section is LDP LDP
must be enabled on ALL interfaces that will be required to perform MPLS Label
exchange
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr
XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toP_ is the router interface to all neighboring routers
Part 2 Provider Edge Router Configuration (PE1-PE4)
1) LDP must be enabled on ALL router interfaces in the provider core to allow labels to
be exchanged across the Provider and Provider Edge routers
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toR_ is the router interface to the P and PE routers only
LDP is an MPLS signaling protocol therefore once all routers in the network have been
correctly configured for LDP LSPs will be created dynamically based on the systemaddresses of each node in the network
3) Configure a full mesh of SDPs (Service Distribution Paths) between the PE routers
only This will allow the distribution of services across all PE routers in the networks
When yoursquove completed this section each PE node will have a total of 3 SDPs to
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3552
35
each of the other 3 PEs The SDP is identified by an integer and we will use the router
number (5 6 7 or 8) of the far end PE to identify the SDP So PE1 (R5) will have 3
SDPs numbered 6 7 and 8 to each of the other three PEs
XXXgtconf i gure servi ce sdp x mpl s cr eat e crarr
XXXgtconf i ggtser vi cegtsdp$ f ar - end xxxxxxxxxxxx crarr
XXXgtconf i ggtser vi cegtsdp$ l dp crarr
XXXgtconf i ggtser vi cegtsdp$ no shut down crarr
Where x is the router number of the destination node
Where xxxxxxxxxxxx is the system IP address of the far-end device
Part 3 Customer Edge Router Configuration (CE1-CE4)
In the following service labs the Customer Edge devices will be configured as traditional
routers Each CE router has an interface in the same IP subnet The VPLS service will join these four routers in the same way an Ethernet switch would join them Thefollowing configuration is required on each CE device
1) Create the router interface on the interface connecting the CE to the service enabled
PE devices
XXXgtconf i gure r out er i nt er f ace ser vi cesCE_ crarr
XXXgtconf i ggtr out ergti f $ addr ess 192 168 1 x 24 crarr
XXXgtconf i ggtr out ergti f $ por t X Y Z crarr XXXgtconf i ggtr outergti f $ no shutdown
Where x is the local router number
Where XYZ is the physical network port connecting the CE to the neighboring
PE
2) Create OSPF area 0 and add the Router Interface created in step 1 and the system
interface to it
XXXgtconf i gur e rout er ospf area 0 crarr
XXXgtconf i ggtr out ergtospf gtarea$ i nter f ace syst emcrarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
XXXgtconf i ggtr out ergtospf gtarea i nter f ace servi ceCE1 crarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
Part 4 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3652
36
1) LDP is the protocol used for signaling which tunnel labels will be PUSHed
SWAPped POPped while data traverses the LSP To view which labels will be used
and their function use the following command
XXX show r out er l dp bi ndi ngs act i ve crarr
a How many PUSH actions on the P PE and CE devices
_______________________ Explain _______________________________________________________________
_______________________________________________________________
__________
b How many SWAP actions on the P PE and CE devices
_______________________ Explain
_______________________________________________________________
_______________________________________________________________
__________
c How many POP actions on the P PE and CE devices
_________________________ Explain
_______________________________________________________________ _______________________________________________________________
__________
2) CE Connectivity
a How many OSPF adjacencies are there on your CE device _____
b Ping the other CE devices in the network (ping 1921681x)
Explain the results ________________________________________________________________________ ________________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3752
Section 62 VPLS Example
Objective
A VPLS is a layer 2 service that can connect multiple sites in one LAN Itrsquos like creatinga virtual Switch out of a network of Service Routers In this lab we will create a VPLSacross all the PE nodes The PE devices will connect to each other with a full mesh using
mesh-sdp Note that after the service reference topology has been configured adding
services from edge to edge does not require any further modification of the P devices
37
Figure 6 VPLS service in each ISP between PE and P routers with SAP connections to CE routers
Part 1 Provider Edge Router Configuration (R5-R8)
1) Create the VPLS service
CE4R12
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
CE3R11
VPLS 1
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3852
38
XXXgtconf i gur e servi ce vpl s 1 cust omer 1 cr eat e crarr
XXXgtconf i ggtser vi cegtvpl s$ no shut down crarr
2) SDPs are used to distribute services across multiple service routers and therefore
bind a transport tunnel to the service You will need to create a mesh-sdp between
each PE router (R5-R8) to allow full communication across the PE routers Each PE
router should have 3 mesh-SDPs at the conclusion of this step Note that a mesh-sdp
will not forward a frame out another mesh-sdp allowing for a loop free service
topology within the core
XXXgtconf i gur e ser vi ce vpl s 1 mesh- sdp x create crarr
XXXgtconf i ggtser vi cegtvpl sgtmesh- sdp$ back crarr
Where x is the sdp to the other PE routers (R5=5 R6=6 R7=7 R8=8)
3) Service Access Points are used to attach CE devices to services on PE devices
XXXgtconf i gur e servi ce vpl s 1 sap X Y Z cr eat e crarr
Where XYZ is the physical port connecting the CE device to the PE
a Were you successful at adding the SAP _______
b Explain
_______________________________________________________________
_______________________________________________________________
c Correct the problem
XXXgtconf i gur e port X Y Z shut down crarr
XXXgtconf i gur e por t X Y Z et her net mode access crarr
XXXgtconf i gur e por t X Y X no shut down crarr
Part2 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
a View the in-use Service LDP bindings on the P and PE routers (U after label
indicates in-use)
XXX show r out er l dp bi ndi ngs f ec- t ype ser vi ces crarr
a How many Ingress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3952
39
b How many Egress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
b Network Connectivity
a How many OSPF adjacencies are there on your CE device _____
b
Are you able to ping the other CE devices in the lab _____c Are you able to ping the system IP address of the P device from the CE
device ____
d Explain the results
_______________________________________________________________
_______________________________________________________________
c Services Use the following command to determine the health of your services
XXXgt show ser vi ce servi ce- usi ng crarr
a How many services are there on each device in your POD ______
b
What is their status ______c Use the following command to find out more information about your service
XXXgt show ser vi ce i d 1 base crarr
d On each PE device we can see the MAC database per service using the
following command
XXXgt show ser vi ce i d 1 f db det ai l crarr
i How many local MAC addresses are in your table ____
ii How many remote MAC addresses are in your table ____
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
XXXgtconf i gur e servi ce sdp x shutdown crarr
Where x is the SDP to the remote PE device (R5=5 R6=6 R7=7 R8=8)
i How many OSPF adjacencies are there on your CE device _____
ii Ping the system IP addresses of all other CE devices in the lab
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4052
40
iii Explain the results
_________________________________________________________
_________________________________________________________
f On the P routers observe the impact of step d
XXXgtshow r out er l dp bi ndi ngs act i ve crarr
i
How many labels are there _____________
ii Is there any difference compared to what was seen in previously in
step a ________________
Explain __________________________________________________________________
__________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4152
41
Solutions
Exercise 13 Hardware
Sample Relevant Config--------------------------------------------------
echo Card Configuration--------------------------------------------------
card 1card-type iom-20g
mda 1
mda-type m60-10100eth-tx
ingress
mcast-path-managementshutdown
exit
exit
exit
exit
--------------------------------------------------
Exercise 14 Logs
Sample Relevant Config--------------------------------------------------echo Log Configuration
--------------------------------------------------
log
log-id 21
description Main stream log
from main
to memoryexit
log-id 22
description Security Log File
from security
to memoryexitlog-id 23
description Debug-trace
from debug-trace
to memoryexit
log-id 24
description Change Log
from change
to memoryexit
exit
Exercise 21
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4252
42
Divide up the ISP address space into equal space 512 host addresses
13812016022
13812020022
13812024022
13812028022 - divide into 13812028023 and 13812030023
Take the last 13812030023 and divide that into
13812030027 A1 30 hosts
138120303227 A2 62 hosts
138120306427
138120309627 B1 92 hosts
1381203012826
1381203019226 B2 316 hosts
13812031024
Exercise 22
Divide 140100024 into 827 address spaces
140100027 Reserved Reserved
1401003227 Unused
1401006427 Unused
1401009627 Split 1401009630
14010010030
14010010430
14010010830
14010011230
14010011630
14010012030
14010012430
All interface addresses
14010012827 Aggregate 14010012826 Assigned to Customer
space
14010016027
14010019227 Aggregate 14010019226 Assigned to customer
space
14010022427
Exercise 23
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4352
43
5 Is there a difference between the outputs of the lsquoshow router interfacersquo command
and the lsquoshow router route-tablersquo command What is the difference
Yes there is a difference The route table shows me the networks that are connected to myrouter and the logical interface it is connected to The router interface command shows
me the host address assigned to the port from the network that is used on my router along
with the physical port it is bound to
Relevant Configuration from P1
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
router
interface system
address 140100132
exit
interface t-R2exit
interface to-R2
address 140100530
port 112exit
interface to-R3
address 14010010930
port 113
exitinterface to-R5
address 14010011830
port 111
exit
exit
Exercise 244 How many ARP entries are on each router at this point
There are no ARP entries in my ARP table at this point The routers do not know how to
reach the system addresses of other routers so no ARP responses are received
5 How many ARP entries are on each router at this point
I see entries for each of my directly connected peers The MAC address belongs to the
remote routerrsquos interface ARP entries are populated because all routers know of theirdirectly connected networks and will respond to ARP requests accordingly
Exercise 31
5 View the contents of the routing table and answer the following questions
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4452
44
a How many routes in the table
There are routes for all my connected networks and an additional STATIC routefor each entry I put in
b What is the preference and metric value of each type of routing entry
The LOCAL entries have a Metric and Preference of 0The Static Routes have a Metric of 1 and a Preference of 5
Exercise 323 How many routes are there in the PPE routerrsquos routing table
Even though I entered 4 static routes total on the router only 2 are active in myrouting table The router preferred the static-route with the lowest metric
4 Which devices were reachable
I was able to ping the CE routers
Which devices were not reachable
I was unable to ping the System addresses of routers 2 hops away as they do not have
routes to the remote CE system address in their table The directly attached PE routerhas a staticroute to the local CE system address from a previous step
What is the PATH to the other CE within your local ISP
CE PE PE CE
5
Shut down the link directly between the PE devices
Which Devices are still reachable
I am still able to PING the other CE in my ISP by using the alternate (floating) static-route that replaced the last route Once a interface goes operationally down routers
flush routes from their routing table that use it as their next-hop
Exercise 33
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4552
45
YES While the filter is created it is not applied to any interface yet
11 From the PE ping the attached CErsquos configured host loopback address
SuccessfulYES
12 From the CE ping the attached PErsquos system IP addresses
Successful NO The filter is blocking icmp echo-requests in only one direction therefore ping
works one way but not the other
17 From the PE ping the attached CErsquos loopback host IP address
Successful
YES ICMP echo-requests are not blocked to the Loopback segment ONLY thesystem IP
18 From the CE ping the attached PErsquos system IP address
Successful
NO The filter is now blocking ICMP echo-requests to both CE and PE systemaddresses
Sample PE Relevant Config
--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forwarddescription Block ICMP to System Address
entry 10 create
match protocol icmpdst-ip 1511003032
icmp-type echo-request
exit
action drop
exit
exitexit
--------------------------------------------------
echo Router (Network Side) Configuration
--------------------------------------------------
interface to-R12
address 15110012630 port 112
ingress filter ip 77
exit
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4652
46
Sample CE Relevant Config--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forward
description Block ICMP to System Addy
entry 10 creatematch protocol icmp
dst-ip 1511003132
icmp-type echo-request
exit
action dropexit
exit
exit
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
interface to-R8
address 15110012530
port 112ingress filter ip 77
exit
Exercise 413
c How many routes in the table
There are 5 OSPF routes in my routing table 3 System Addresses and 2 Intefacenetworks that are not directly connected to my local system
d What is the preference and metric value of each OSPF Route
The OSPF routes vary in metric depending how ldquofarrdquo away they are (OSPF usescumulative cost based on bandwidth) but all have a preference of 10
4c How many neighbors do you see on the P devices 2
PE 2
CE 0
d What is the state of their adjacency
The P and PE adjacencies are Established because there is a OSPF speaker on the
other end with the proper parameters configured
There is no OSPF adjacency to the CE router listed as none was configured
e What type of LSAs are in the database
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4752
47
Only Type 1 Router LSA are present due to the interface being configured as point-
to-point
5 Which devices were reachable
All the devices in the local ISP were now reachable
Which devices were not reachable
The devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs Also none of the CE Host Networks were reachable as therouters did not have routes for these networks in their local routing table
6 Which devices were reachable
All networks and devices in the local ISP are now reachable
Which devices were not reachable
Devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs
Sample Relevant Config
--------------------------------------------------
echo OSPFv2 Configuration
--------------------------------------------------
ospf
area 0000interface system
interface-type point-to-point
exit
interface to-R4interface-type point-to-point
exitinterface toLAN
interface-type point-to-point
exitexit
exit
exit
Exercise 515 How many routes are advertised to each neighbor
There are no routes advertised to the neighbors because BGP does not originateroutes until an export policy is created and applied to the BGP instance
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4852
48
8 How many routes are in the routing table of R1-R4
There is 1 BGP route in each of R1-R4s routing tables matching the best path tothe aggregate advertised by the remote ISPs
9 Which devices were reachable
From the PE routers only the P routers in the local ISP were reachable
Which devices were not reachable
All routers in the remote ISP were still unreachable This is due to the local PE router
not participating in the BGP routing protocol and therefore it is not aware of theaggregate route advertised from P to P router
Sample Relevant Router Config
--------------------------------------------------
echo Static Route Configuration
--------------------------------------------------
static-route 140100024 black-hole--------------------------------------------------
echo Policy Configuration
-------------------------------------------------- policy-options
begin
policy-statement Export_Routes
entry 10
from protocol static
exit
action accept
exit
exit
exit
commitexit
--------------------------------------------------
echo BGP Configuration
--------------------------------------------------
bgpgroup eBGP
export Export_Routes
exit
group ebgpneighbor 1601006
peer-as 65002
exit
exitgroup ibgp
neighbor 1401002
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4952
49
peer-as 65001
exit
exit
exit
exit
Exercise 61Part 4 Verification
1 a How many PUSH actions on the P PE and CE devices
There are 7 PUSH operations on each P and PE device There are no PUSHoperations on the CE as it is not running LDP
b How many SWAP actions on the P PE and CE devices
There are 7 SWAP operations on each P and PE device There are no SWAP
operations on the CE as it is not running LDP
c How many POP actions on the P PE and CE devices
There is 1 POP operation on each P and PE device There are no POP operationson the CE device as it is not running LDP
2
a How many OSPF adjacencies are there on your CE device
None
b Ping the other CE devices in the network (ping 1921681x)
Nothing is reachable because there is no layer 2 connectivity from CE to CE
device without creating a service
Exercise 62 3 Were you successful at adding the SAP
No The port must be in access mode before you can create a SAP on it
Part 2 Verification
1
g How many Ingress labels
There are now 3 Ingress labels on the PE devices The P and CE device has no
service labels
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5052
50
h How many SWAP actions
There are now 3 Egress labels on the PE devices The P and CE device has noservice labels
2
a
How many OSPF adjacencies are there on your CE device3
b Are you able to ping the other CE devices in the lab
YES
c Are you able to ping the system IP address of the P device from the CE
device
NO The O and PE devices are private from the service to which the CEdevices are connected on
3
a How many services are there on each device in your POD
1 per PE only
b What is their status
Operationally UP
d On each PE device we can see the MAC database per service using the
following command
iii How many local MAC addresses are in your table
1
iv How many remote MAC addresses are in your table
3
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
i How many OSPF adjacencies are there on your CE device
1
ii Ping the system IP addresses of all other CE devices in the lab
Only the CE device connected to the diagonally connected PE isreachable because it is the only one with an active SDP in both
directionsf
i How many labels are there
Same as before
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5152
51
ii Is there any difference compared to what was seen in previously
in step a
NO The LSPs created with LDP are still active only the SDP usedto bind the LSPs to the service are shut down therefore no labelswill be withdrawn
Sample PE Relevant Configuration
--------------------------------------------------echo LDP Configuration
--------------------------------------------------
ldpinterface-parameters
interface to-R1
exit
interface to-R6
exit
interface to-R5exit
exit
targeted-session
exit
exitexit
--------------------------------------------------
echo Service Configuration
--------------------------------------------------
service
customer 1 createdescription Default customer
exit
sdp 6 mpls createfar-end 1401006
ldp
keep-alive
shutdown
exit
no shutdown
exitsdp 7 mpls create
far-end 1511001
ldp
keep-alive
shutdownexit
no shutdown
exit
sdp 8 mpls create
far-end 15110030
ldpkeep-alive
shutdown
exit
no shutdown
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5252
52
exit
vpls 612 customer 1 create
stp
shutdown
exitsap 112 create
exit
mesh-sdp 6612 create
mesh-sdp 7612 create
mesh-sdp 8612 createexitno shutdown
exit
exit A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3052
Lab 5 BGP Routing
Section 51 ndash BGP Routing
Objective
In this exercise the student will configure their ISP as a BGP Autonomous System The
student will then configure the BGP routing protocol to connect the Autonomous Systemstogether and exchange routing information
CE4R12
Figure 5 BGP between ISPs and within ISPs
30
ISP 1
ISP 2
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9
CE3R11
CE2R10
OSPF
OSPF
BGP
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3152
31
1 Assign your AS number to your P and PE routers (R1-R8)
XXXgtconf i ggtr out er autonomous-system 6500n (n = ISP) crarr
2 P1 and P3 P2 and P4 will be configured as external BGP peers (eBGP) Note thateBGP peers typically use the next-hop interface IP address as the neighbor address
Since the ISPs will now be peering (share an IP network) between them assign the
link between P1 and P3 host addresses from 145001031 and the link between P2and P4 will be assigned hosts from the 145002031 network
XXXgtconf i ggtr out er bgp gr oup eBGP crarr
XXXgtconf i ggtr out er gtbgpgtgroup$ nei ghbor xxxxxxxx crarr
XXXgtconf i ggtr outergtbgpgtgroupgtnei ghbor$ peer - as ltremote ASgt crarr
3 P1 and P2 P3 and P4 will be configured as internal BGP peers (iBGP) Note that
iBGP peers typically use the system interface IP address as the neighbor address
XXXgtconf i ggtr out er bgp group i BGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ nei ghbor xx xx xx xx crarr
XXXgtconf i ggtr outergtbgpgtgroupgtnei ghbor$ peer - as ltl ocal ASgt crarr
4
At this point each P router should have one internal and one external BGP session
xxx show r out er bgp summar y crarr
5
We can see the advertised routes for reach neighbor using the following command
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
a How many routes are advertised to each neighbor _____ b Explain
____________________________________________________________ __________________________________________________________
6
BGP like other distance vector protocols requires an export policy to advertise-routes to other BGP peers The most accepted way to originate a route from an ISP isto create a black-hole static route for all aggregates to be advertised This will ensure
these routes always exit to eliminate IGP related route flapping Create the black-holestatic route for the aggregate of your local ISP A black hole indicates that traffic fora particular route will be discarded unless a more specific route exists in the routing
table A black hole static-route only makes sense from an aggregation view point Foreg if there are the following routes in the routing table
XXX configure router static-route xxxxxxxxyy black-hole
preference 250
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3252
32
8 Execute the following set of commands on the core routers (R1-R4) This will exportall static routes to the eBGP peers
XXX configure router policy-options crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons begin crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons policy-statement Export_Routes crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement $ entry 10 crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y$
from protocol static crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y
action accept crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r ygtact i on
back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons commit crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons exit all crarr
XXXconf i gur e router bgp group eBGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ expor t Expor t _Routes crarr
NOTE Wait for all nodes to be fully configured before proceeding
7
Notice that there are routes being advertised now that the policy is applied
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
How many routes are in the routing table of R1-R4 ________________Explain
_____________________________________________________________________ ___________________________________________________________________
9 Log on to the PE routers and ping the other P router system interfaces of the other ISP
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________Which devices were not reachable ______________________________
Explain _____________________________________________________________________
___________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3352
Lab 6 Services
Section 61 Services Framework
Objective
In order to complete the next group of labs we need to create a topology to support the
services we will deploy The two service providers from the previous sections havemerged into one and are offering a VPLS service across their network As long as routesexist to the system addresses of all the PE devices in the provider network a VPLSservice can be created The new service provider is running OSPF as the IGP for their
core network
33
Figure 6 Service Provider core network
CE4R12
P1R1 P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
OSPF
CE3R11
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3452
34
Running an IPMPLS-based service requires a Label Distribution Protocol (wersquoll useLDP for ease of deployment) and a full mesh of Service Distribution Paths (SDPs)
Follow the steps below
Reference Terminology
R1-R4 = Provider Routers = P1-P4
R5-R8 = Provider Edge Routers = PE1-PE4R9-R12 = Customer Edge Routers = CE1-CE4
Part 1 Provider Router Configuration (P1-P4)
1) In the previous lab routing between ISPs is provided by BGP Since the ISPs have
merged they will be merged into one routing domain running OSPF as their IGP
The interfaces between R1 and R3 and between R2 and R4 must be added to OSPF to
make this a single routing domain
2) The MPLS signaling protocol that will be used in the following section is LDP LDP
must be enabled on ALL interfaces that will be required to perform MPLS Label
exchange
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr
XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toP_ is the router interface to all neighboring routers
Part 2 Provider Edge Router Configuration (PE1-PE4)
1) LDP must be enabled on ALL router interfaces in the provider core to allow labels to
be exchanged across the Provider and Provider Edge routers
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toR_ is the router interface to the P and PE routers only
LDP is an MPLS signaling protocol therefore once all routers in the network have been
correctly configured for LDP LSPs will be created dynamically based on the systemaddresses of each node in the network
3) Configure a full mesh of SDPs (Service Distribution Paths) between the PE routers
only This will allow the distribution of services across all PE routers in the networks
When yoursquove completed this section each PE node will have a total of 3 SDPs to
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3552
35
each of the other 3 PEs The SDP is identified by an integer and we will use the router
number (5 6 7 or 8) of the far end PE to identify the SDP So PE1 (R5) will have 3
SDPs numbered 6 7 and 8 to each of the other three PEs
XXXgtconf i gure servi ce sdp x mpl s cr eat e crarr
XXXgtconf i ggtser vi cegtsdp$ f ar - end xxxxxxxxxxxx crarr
XXXgtconf i ggtser vi cegtsdp$ l dp crarr
XXXgtconf i ggtser vi cegtsdp$ no shut down crarr
Where x is the router number of the destination node
Where xxxxxxxxxxxx is the system IP address of the far-end device
Part 3 Customer Edge Router Configuration (CE1-CE4)
In the following service labs the Customer Edge devices will be configured as traditional
routers Each CE router has an interface in the same IP subnet The VPLS service will join these four routers in the same way an Ethernet switch would join them Thefollowing configuration is required on each CE device
1) Create the router interface on the interface connecting the CE to the service enabled
PE devices
XXXgtconf i gure r out er i nt er f ace ser vi cesCE_ crarr
XXXgtconf i ggtr out ergti f $ addr ess 192 168 1 x 24 crarr
XXXgtconf i ggtr out ergti f $ por t X Y Z crarr XXXgtconf i ggtr outergti f $ no shutdown
Where x is the local router number
Where XYZ is the physical network port connecting the CE to the neighboring
PE
2) Create OSPF area 0 and add the Router Interface created in step 1 and the system
interface to it
XXXgtconf i gur e rout er ospf area 0 crarr
XXXgtconf i ggtr out ergtospf gtarea$ i nter f ace syst emcrarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
XXXgtconf i ggtr out ergtospf gtarea i nter f ace servi ceCE1 crarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
Part 4 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3652
36
1) LDP is the protocol used for signaling which tunnel labels will be PUSHed
SWAPped POPped while data traverses the LSP To view which labels will be used
and their function use the following command
XXX show r out er l dp bi ndi ngs act i ve crarr
a How many PUSH actions on the P PE and CE devices
_______________________ Explain _______________________________________________________________
_______________________________________________________________
__________
b How many SWAP actions on the P PE and CE devices
_______________________ Explain
_______________________________________________________________
_______________________________________________________________
__________
c How many POP actions on the P PE and CE devices
_________________________ Explain
_______________________________________________________________ _______________________________________________________________
__________
2) CE Connectivity
a How many OSPF adjacencies are there on your CE device _____
b Ping the other CE devices in the network (ping 1921681x)
Explain the results ________________________________________________________________________ ________________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3752
Section 62 VPLS Example
Objective
A VPLS is a layer 2 service that can connect multiple sites in one LAN Itrsquos like creatinga virtual Switch out of a network of Service Routers In this lab we will create a VPLSacross all the PE nodes The PE devices will connect to each other with a full mesh using
mesh-sdp Note that after the service reference topology has been configured adding
services from edge to edge does not require any further modification of the P devices
37
Figure 6 VPLS service in each ISP between PE and P routers with SAP connections to CE routers
Part 1 Provider Edge Router Configuration (R5-R8)
1) Create the VPLS service
CE4R12
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
CE3R11
VPLS 1
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3852
38
XXXgtconf i gur e servi ce vpl s 1 cust omer 1 cr eat e crarr
XXXgtconf i ggtser vi cegtvpl s$ no shut down crarr
2) SDPs are used to distribute services across multiple service routers and therefore
bind a transport tunnel to the service You will need to create a mesh-sdp between
each PE router (R5-R8) to allow full communication across the PE routers Each PE
router should have 3 mesh-SDPs at the conclusion of this step Note that a mesh-sdp
will not forward a frame out another mesh-sdp allowing for a loop free service
topology within the core
XXXgtconf i gur e ser vi ce vpl s 1 mesh- sdp x create crarr
XXXgtconf i ggtser vi cegtvpl sgtmesh- sdp$ back crarr
Where x is the sdp to the other PE routers (R5=5 R6=6 R7=7 R8=8)
3) Service Access Points are used to attach CE devices to services on PE devices
XXXgtconf i gur e servi ce vpl s 1 sap X Y Z cr eat e crarr
Where XYZ is the physical port connecting the CE device to the PE
a Were you successful at adding the SAP _______
b Explain
_______________________________________________________________
_______________________________________________________________
c Correct the problem
XXXgtconf i gur e port X Y Z shut down crarr
XXXgtconf i gur e por t X Y Z et her net mode access crarr
XXXgtconf i gur e por t X Y X no shut down crarr
Part2 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
a View the in-use Service LDP bindings on the P and PE routers (U after label
indicates in-use)
XXX show r out er l dp bi ndi ngs f ec- t ype ser vi ces crarr
a How many Ingress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3952
39
b How many Egress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
b Network Connectivity
a How many OSPF adjacencies are there on your CE device _____
b
Are you able to ping the other CE devices in the lab _____c Are you able to ping the system IP address of the P device from the CE
device ____
d Explain the results
_______________________________________________________________
_______________________________________________________________
c Services Use the following command to determine the health of your services
XXXgt show ser vi ce servi ce- usi ng crarr
a How many services are there on each device in your POD ______
b
What is their status ______c Use the following command to find out more information about your service
XXXgt show ser vi ce i d 1 base crarr
d On each PE device we can see the MAC database per service using the
following command
XXXgt show ser vi ce i d 1 f db det ai l crarr
i How many local MAC addresses are in your table ____
ii How many remote MAC addresses are in your table ____
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
XXXgtconf i gur e servi ce sdp x shutdown crarr
Where x is the SDP to the remote PE device (R5=5 R6=6 R7=7 R8=8)
i How many OSPF adjacencies are there on your CE device _____
ii Ping the system IP addresses of all other CE devices in the lab
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4052
40
iii Explain the results
_________________________________________________________
_________________________________________________________
f On the P routers observe the impact of step d
XXXgtshow r out er l dp bi ndi ngs act i ve crarr
i
How many labels are there _____________
ii Is there any difference compared to what was seen in previously in
step a ________________
Explain __________________________________________________________________
__________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4152
41
Solutions
Exercise 13 Hardware
Sample Relevant Config--------------------------------------------------
echo Card Configuration--------------------------------------------------
card 1card-type iom-20g
mda 1
mda-type m60-10100eth-tx
ingress
mcast-path-managementshutdown
exit
exit
exit
exit
--------------------------------------------------
Exercise 14 Logs
Sample Relevant Config--------------------------------------------------echo Log Configuration
--------------------------------------------------
log
log-id 21
description Main stream log
from main
to memoryexit
log-id 22
description Security Log File
from security
to memoryexitlog-id 23
description Debug-trace
from debug-trace
to memoryexit
log-id 24
description Change Log
from change
to memoryexit
exit
Exercise 21
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4252
42
Divide up the ISP address space into equal space 512 host addresses
13812016022
13812020022
13812024022
13812028022 - divide into 13812028023 and 13812030023
Take the last 13812030023 and divide that into
13812030027 A1 30 hosts
138120303227 A2 62 hosts
138120306427
138120309627 B1 92 hosts
1381203012826
1381203019226 B2 316 hosts
13812031024
Exercise 22
Divide 140100024 into 827 address spaces
140100027 Reserved Reserved
1401003227 Unused
1401006427 Unused
1401009627 Split 1401009630
14010010030
14010010430
14010010830
14010011230
14010011630
14010012030
14010012430
All interface addresses
14010012827 Aggregate 14010012826 Assigned to Customer
space
14010016027
14010019227 Aggregate 14010019226 Assigned to customer
space
14010022427
Exercise 23
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4352
43
5 Is there a difference between the outputs of the lsquoshow router interfacersquo command
and the lsquoshow router route-tablersquo command What is the difference
Yes there is a difference The route table shows me the networks that are connected to myrouter and the logical interface it is connected to The router interface command shows
me the host address assigned to the port from the network that is used on my router along
with the physical port it is bound to
Relevant Configuration from P1
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
router
interface system
address 140100132
exit
interface t-R2exit
interface to-R2
address 140100530
port 112exit
interface to-R3
address 14010010930
port 113
exitinterface to-R5
address 14010011830
port 111
exit
exit
Exercise 244 How many ARP entries are on each router at this point
There are no ARP entries in my ARP table at this point The routers do not know how to
reach the system addresses of other routers so no ARP responses are received
5 How many ARP entries are on each router at this point
I see entries for each of my directly connected peers The MAC address belongs to the
remote routerrsquos interface ARP entries are populated because all routers know of theirdirectly connected networks and will respond to ARP requests accordingly
Exercise 31
5 View the contents of the routing table and answer the following questions
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4452
44
a How many routes in the table
There are routes for all my connected networks and an additional STATIC routefor each entry I put in
b What is the preference and metric value of each type of routing entry
The LOCAL entries have a Metric and Preference of 0The Static Routes have a Metric of 1 and a Preference of 5
Exercise 323 How many routes are there in the PPE routerrsquos routing table
Even though I entered 4 static routes total on the router only 2 are active in myrouting table The router preferred the static-route with the lowest metric
4 Which devices were reachable
I was able to ping the CE routers
Which devices were not reachable
I was unable to ping the System addresses of routers 2 hops away as they do not have
routes to the remote CE system address in their table The directly attached PE routerhas a staticroute to the local CE system address from a previous step
What is the PATH to the other CE within your local ISP
CE PE PE CE
5
Shut down the link directly between the PE devices
Which Devices are still reachable
I am still able to PING the other CE in my ISP by using the alternate (floating) static-route that replaced the last route Once a interface goes operationally down routers
flush routes from their routing table that use it as their next-hop
Exercise 33
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4552
45
YES While the filter is created it is not applied to any interface yet
11 From the PE ping the attached CErsquos configured host loopback address
SuccessfulYES
12 From the CE ping the attached PErsquos system IP addresses
Successful NO The filter is blocking icmp echo-requests in only one direction therefore ping
works one way but not the other
17 From the PE ping the attached CErsquos loopback host IP address
Successful
YES ICMP echo-requests are not blocked to the Loopback segment ONLY thesystem IP
18 From the CE ping the attached PErsquos system IP address
Successful
NO The filter is now blocking ICMP echo-requests to both CE and PE systemaddresses
Sample PE Relevant Config
--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forwarddescription Block ICMP to System Address
entry 10 create
match protocol icmpdst-ip 1511003032
icmp-type echo-request
exit
action drop
exit
exitexit
--------------------------------------------------
echo Router (Network Side) Configuration
--------------------------------------------------
interface to-R12
address 15110012630 port 112
ingress filter ip 77
exit
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4652
46
Sample CE Relevant Config--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forward
description Block ICMP to System Addy
entry 10 creatematch protocol icmp
dst-ip 1511003132
icmp-type echo-request
exit
action dropexit
exit
exit
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
interface to-R8
address 15110012530
port 112ingress filter ip 77
exit
Exercise 413
c How many routes in the table
There are 5 OSPF routes in my routing table 3 System Addresses and 2 Intefacenetworks that are not directly connected to my local system
d What is the preference and metric value of each OSPF Route
The OSPF routes vary in metric depending how ldquofarrdquo away they are (OSPF usescumulative cost based on bandwidth) but all have a preference of 10
4c How many neighbors do you see on the P devices 2
PE 2
CE 0
d What is the state of their adjacency
The P and PE adjacencies are Established because there is a OSPF speaker on the
other end with the proper parameters configured
There is no OSPF adjacency to the CE router listed as none was configured
e What type of LSAs are in the database
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4752
47
Only Type 1 Router LSA are present due to the interface being configured as point-
to-point
5 Which devices were reachable
All the devices in the local ISP were now reachable
Which devices were not reachable
The devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs Also none of the CE Host Networks were reachable as therouters did not have routes for these networks in their local routing table
6 Which devices were reachable
All networks and devices in the local ISP are now reachable
Which devices were not reachable
Devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs
Sample Relevant Config
--------------------------------------------------
echo OSPFv2 Configuration
--------------------------------------------------
ospf
area 0000interface system
interface-type point-to-point
exit
interface to-R4interface-type point-to-point
exitinterface toLAN
interface-type point-to-point
exitexit
exit
exit
Exercise 515 How many routes are advertised to each neighbor
There are no routes advertised to the neighbors because BGP does not originateroutes until an export policy is created and applied to the BGP instance
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4852
48
8 How many routes are in the routing table of R1-R4
There is 1 BGP route in each of R1-R4s routing tables matching the best path tothe aggregate advertised by the remote ISPs
9 Which devices were reachable
From the PE routers only the P routers in the local ISP were reachable
Which devices were not reachable
All routers in the remote ISP were still unreachable This is due to the local PE router
not participating in the BGP routing protocol and therefore it is not aware of theaggregate route advertised from P to P router
Sample Relevant Router Config
--------------------------------------------------
echo Static Route Configuration
--------------------------------------------------
static-route 140100024 black-hole--------------------------------------------------
echo Policy Configuration
-------------------------------------------------- policy-options
begin
policy-statement Export_Routes
entry 10
from protocol static
exit
action accept
exit
exit
exit
commitexit
--------------------------------------------------
echo BGP Configuration
--------------------------------------------------
bgpgroup eBGP
export Export_Routes
exit
group ebgpneighbor 1601006
peer-as 65002
exit
exitgroup ibgp
neighbor 1401002
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4952
49
peer-as 65001
exit
exit
exit
exit
Exercise 61Part 4 Verification
1 a How many PUSH actions on the P PE and CE devices
There are 7 PUSH operations on each P and PE device There are no PUSHoperations on the CE as it is not running LDP
b How many SWAP actions on the P PE and CE devices
There are 7 SWAP operations on each P and PE device There are no SWAP
operations on the CE as it is not running LDP
c How many POP actions on the P PE and CE devices
There is 1 POP operation on each P and PE device There are no POP operationson the CE device as it is not running LDP
2
a How many OSPF adjacencies are there on your CE device
None
b Ping the other CE devices in the network (ping 1921681x)
Nothing is reachable because there is no layer 2 connectivity from CE to CE
device without creating a service
Exercise 62 3 Were you successful at adding the SAP
No The port must be in access mode before you can create a SAP on it
Part 2 Verification
1
g How many Ingress labels
There are now 3 Ingress labels on the PE devices The P and CE device has no
service labels
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5052
50
h How many SWAP actions
There are now 3 Egress labels on the PE devices The P and CE device has noservice labels
2
a
How many OSPF adjacencies are there on your CE device3
b Are you able to ping the other CE devices in the lab
YES
c Are you able to ping the system IP address of the P device from the CE
device
NO The O and PE devices are private from the service to which the CEdevices are connected on
3
a How many services are there on each device in your POD
1 per PE only
b What is their status
Operationally UP
d On each PE device we can see the MAC database per service using the
following command
iii How many local MAC addresses are in your table
1
iv How many remote MAC addresses are in your table
3
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
i How many OSPF adjacencies are there on your CE device
1
ii Ping the system IP addresses of all other CE devices in the lab
Only the CE device connected to the diagonally connected PE isreachable because it is the only one with an active SDP in both
directionsf
i How many labels are there
Same as before
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5152
51
ii Is there any difference compared to what was seen in previously
in step a
NO The LSPs created with LDP are still active only the SDP usedto bind the LSPs to the service are shut down therefore no labelswill be withdrawn
Sample PE Relevant Configuration
--------------------------------------------------echo LDP Configuration
--------------------------------------------------
ldpinterface-parameters
interface to-R1
exit
interface to-R6
exit
interface to-R5exit
exit
targeted-session
exit
exitexit
--------------------------------------------------
echo Service Configuration
--------------------------------------------------
service
customer 1 createdescription Default customer
exit
sdp 6 mpls createfar-end 1401006
ldp
keep-alive
shutdown
exit
no shutdown
exitsdp 7 mpls create
far-end 1511001
ldp
keep-alive
shutdownexit
no shutdown
exit
sdp 8 mpls create
far-end 15110030
ldpkeep-alive
shutdown
exit
no shutdown
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5252
52
exit
vpls 612 customer 1 create
stp
shutdown
exitsap 112 create
exit
mesh-sdp 6612 create
mesh-sdp 7612 create
mesh-sdp 8612 createexitno shutdown
exit
exit A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3152
31
1 Assign your AS number to your P and PE routers (R1-R8)
XXXgtconf i ggtr out er autonomous-system 6500n (n = ISP) crarr
2 P1 and P3 P2 and P4 will be configured as external BGP peers (eBGP) Note thateBGP peers typically use the next-hop interface IP address as the neighbor address
Since the ISPs will now be peering (share an IP network) between them assign the
link between P1 and P3 host addresses from 145001031 and the link between P2and P4 will be assigned hosts from the 145002031 network
XXXgtconf i ggtr out er bgp gr oup eBGP crarr
XXXgtconf i ggtr out er gtbgpgtgroup$ nei ghbor xxxxxxxx crarr
XXXgtconf i ggtr outergtbgpgtgroupgtnei ghbor$ peer - as ltremote ASgt crarr
3 P1 and P2 P3 and P4 will be configured as internal BGP peers (iBGP) Note that
iBGP peers typically use the system interface IP address as the neighbor address
XXXgtconf i ggtr out er bgp group i BGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ nei ghbor xx xx xx xx crarr
XXXgtconf i ggtr outergtbgpgtgroupgtnei ghbor$ peer - as ltl ocal ASgt crarr
4
At this point each P router should have one internal and one external BGP session
xxx show r out er bgp summar y crarr
5
We can see the advertised routes for reach neighbor using the following command
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
a How many routes are advertised to each neighbor _____ b Explain
____________________________________________________________ __________________________________________________________
6
BGP like other distance vector protocols requires an export policy to advertise-routes to other BGP peers The most accepted way to originate a route from an ISP isto create a black-hole static route for all aggregates to be advertised This will ensure
these routes always exit to eliminate IGP related route flapping Create the black-holestatic route for the aggregate of your local ISP A black hole indicates that traffic fora particular route will be discarded unless a more specific route exists in the routing
table A black hole static-route only makes sense from an aggregation view point Foreg if there are the following routes in the routing table
XXX configure router static-route xxxxxxxxyy black-hole
preference 250
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3252
32
8 Execute the following set of commands on the core routers (R1-R4) This will exportall static routes to the eBGP peers
XXX configure router policy-options crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons begin crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons policy-statement Export_Routes crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement $ entry 10 crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y$
from protocol static crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y
action accept crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r ygtact i on
back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons commit crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons exit all crarr
XXXconf i gur e router bgp group eBGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ expor t Expor t _Routes crarr
NOTE Wait for all nodes to be fully configured before proceeding
7
Notice that there are routes being advertised now that the policy is applied
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
How many routes are in the routing table of R1-R4 ________________Explain
_____________________________________________________________________ ___________________________________________________________________
9 Log on to the PE routers and ping the other P router system interfaces of the other ISP
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________Which devices were not reachable ______________________________
Explain _____________________________________________________________________
___________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3352
Lab 6 Services
Section 61 Services Framework
Objective
In order to complete the next group of labs we need to create a topology to support the
services we will deploy The two service providers from the previous sections havemerged into one and are offering a VPLS service across their network As long as routesexist to the system addresses of all the PE devices in the provider network a VPLSservice can be created The new service provider is running OSPF as the IGP for their
core network
33
Figure 6 Service Provider core network
CE4R12
P1R1 P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
OSPF
CE3R11
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3452
34
Running an IPMPLS-based service requires a Label Distribution Protocol (wersquoll useLDP for ease of deployment) and a full mesh of Service Distribution Paths (SDPs)
Follow the steps below
Reference Terminology
R1-R4 = Provider Routers = P1-P4
R5-R8 = Provider Edge Routers = PE1-PE4R9-R12 = Customer Edge Routers = CE1-CE4
Part 1 Provider Router Configuration (P1-P4)
1) In the previous lab routing between ISPs is provided by BGP Since the ISPs have
merged they will be merged into one routing domain running OSPF as their IGP
The interfaces between R1 and R3 and between R2 and R4 must be added to OSPF to
make this a single routing domain
2) The MPLS signaling protocol that will be used in the following section is LDP LDP
must be enabled on ALL interfaces that will be required to perform MPLS Label
exchange
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr
XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toP_ is the router interface to all neighboring routers
Part 2 Provider Edge Router Configuration (PE1-PE4)
1) LDP must be enabled on ALL router interfaces in the provider core to allow labels to
be exchanged across the Provider and Provider Edge routers
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toR_ is the router interface to the P and PE routers only
LDP is an MPLS signaling protocol therefore once all routers in the network have been
correctly configured for LDP LSPs will be created dynamically based on the systemaddresses of each node in the network
3) Configure a full mesh of SDPs (Service Distribution Paths) between the PE routers
only This will allow the distribution of services across all PE routers in the networks
When yoursquove completed this section each PE node will have a total of 3 SDPs to
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3552
35
each of the other 3 PEs The SDP is identified by an integer and we will use the router
number (5 6 7 or 8) of the far end PE to identify the SDP So PE1 (R5) will have 3
SDPs numbered 6 7 and 8 to each of the other three PEs
XXXgtconf i gure servi ce sdp x mpl s cr eat e crarr
XXXgtconf i ggtser vi cegtsdp$ f ar - end xxxxxxxxxxxx crarr
XXXgtconf i ggtser vi cegtsdp$ l dp crarr
XXXgtconf i ggtser vi cegtsdp$ no shut down crarr
Where x is the router number of the destination node
Where xxxxxxxxxxxx is the system IP address of the far-end device
Part 3 Customer Edge Router Configuration (CE1-CE4)
In the following service labs the Customer Edge devices will be configured as traditional
routers Each CE router has an interface in the same IP subnet The VPLS service will join these four routers in the same way an Ethernet switch would join them Thefollowing configuration is required on each CE device
1) Create the router interface on the interface connecting the CE to the service enabled
PE devices
XXXgtconf i gure r out er i nt er f ace ser vi cesCE_ crarr
XXXgtconf i ggtr out ergti f $ addr ess 192 168 1 x 24 crarr
XXXgtconf i ggtr out ergti f $ por t X Y Z crarr XXXgtconf i ggtr outergti f $ no shutdown
Where x is the local router number
Where XYZ is the physical network port connecting the CE to the neighboring
PE
2) Create OSPF area 0 and add the Router Interface created in step 1 and the system
interface to it
XXXgtconf i gur e rout er ospf area 0 crarr
XXXgtconf i ggtr out ergtospf gtarea$ i nter f ace syst emcrarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
XXXgtconf i ggtr out ergtospf gtarea i nter f ace servi ceCE1 crarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
Part 4 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3652
36
1) LDP is the protocol used for signaling which tunnel labels will be PUSHed
SWAPped POPped while data traverses the LSP To view which labels will be used
and their function use the following command
XXX show r out er l dp bi ndi ngs act i ve crarr
a How many PUSH actions on the P PE and CE devices
_______________________ Explain _______________________________________________________________
_______________________________________________________________
__________
b How many SWAP actions on the P PE and CE devices
_______________________ Explain
_______________________________________________________________
_______________________________________________________________
__________
c How many POP actions on the P PE and CE devices
_________________________ Explain
_______________________________________________________________ _______________________________________________________________
__________
2) CE Connectivity
a How many OSPF adjacencies are there on your CE device _____
b Ping the other CE devices in the network (ping 1921681x)
Explain the results ________________________________________________________________________ ________________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3752
Section 62 VPLS Example
Objective
A VPLS is a layer 2 service that can connect multiple sites in one LAN Itrsquos like creatinga virtual Switch out of a network of Service Routers In this lab we will create a VPLSacross all the PE nodes The PE devices will connect to each other with a full mesh using
mesh-sdp Note that after the service reference topology has been configured adding
services from edge to edge does not require any further modification of the P devices
37
Figure 6 VPLS service in each ISP between PE and P routers with SAP connections to CE routers
Part 1 Provider Edge Router Configuration (R5-R8)
1) Create the VPLS service
CE4R12
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
CE3R11
VPLS 1
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3852
38
XXXgtconf i gur e servi ce vpl s 1 cust omer 1 cr eat e crarr
XXXgtconf i ggtser vi cegtvpl s$ no shut down crarr
2) SDPs are used to distribute services across multiple service routers and therefore
bind a transport tunnel to the service You will need to create a mesh-sdp between
each PE router (R5-R8) to allow full communication across the PE routers Each PE
router should have 3 mesh-SDPs at the conclusion of this step Note that a mesh-sdp
will not forward a frame out another mesh-sdp allowing for a loop free service
topology within the core
XXXgtconf i gur e ser vi ce vpl s 1 mesh- sdp x create crarr
XXXgtconf i ggtser vi cegtvpl sgtmesh- sdp$ back crarr
Where x is the sdp to the other PE routers (R5=5 R6=6 R7=7 R8=8)
3) Service Access Points are used to attach CE devices to services on PE devices
XXXgtconf i gur e servi ce vpl s 1 sap X Y Z cr eat e crarr
Where XYZ is the physical port connecting the CE device to the PE
a Were you successful at adding the SAP _______
b Explain
_______________________________________________________________
_______________________________________________________________
c Correct the problem
XXXgtconf i gur e port X Y Z shut down crarr
XXXgtconf i gur e por t X Y Z et her net mode access crarr
XXXgtconf i gur e por t X Y X no shut down crarr
Part2 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
a View the in-use Service LDP bindings on the P and PE routers (U after label
indicates in-use)
XXX show r out er l dp bi ndi ngs f ec- t ype ser vi ces crarr
a How many Ingress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3952
39
b How many Egress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
b Network Connectivity
a How many OSPF adjacencies are there on your CE device _____
b
Are you able to ping the other CE devices in the lab _____c Are you able to ping the system IP address of the P device from the CE
device ____
d Explain the results
_______________________________________________________________
_______________________________________________________________
c Services Use the following command to determine the health of your services
XXXgt show ser vi ce servi ce- usi ng crarr
a How many services are there on each device in your POD ______
b
What is their status ______c Use the following command to find out more information about your service
XXXgt show ser vi ce i d 1 base crarr
d On each PE device we can see the MAC database per service using the
following command
XXXgt show ser vi ce i d 1 f db det ai l crarr
i How many local MAC addresses are in your table ____
ii How many remote MAC addresses are in your table ____
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
XXXgtconf i gur e servi ce sdp x shutdown crarr
Where x is the SDP to the remote PE device (R5=5 R6=6 R7=7 R8=8)
i How many OSPF adjacencies are there on your CE device _____
ii Ping the system IP addresses of all other CE devices in the lab
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4052
40
iii Explain the results
_________________________________________________________
_________________________________________________________
f On the P routers observe the impact of step d
XXXgtshow r out er l dp bi ndi ngs act i ve crarr
i
How many labels are there _____________
ii Is there any difference compared to what was seen in previously in
step a ________________
Explain __________________________________________________________________
__________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4152
41
Solutions
Exercise 13 Hardware
Sample Relevant Config--------------------------------------------------
echo Card Configuration--------------------------------------------------
card 1card-type iom-20g
mda 1
mda-type m60-10100eth-tx
ingress
mcast-path-managementshutdown
exit
exit
exit
exit
--------------------------------------------------
Exercise 14 Logs
Sample Relevant Config--------------------------------------------------echo Log Configuration
--------------------------------------------------
log
log-id 21
description Main stream log
from main
to memoryexit
log-id 22
description Security Log File
from security
to memoryexitlog-id 23
description Debug-trace
from debug-trace
to memoryexit
log-id 24
description Change Log
from change
to memoryexit
exit
Exercise 21
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4252
42
Divide up the ISP address space into equal space 512 host addresses
13812016022
13812020022
13812024022
13812028022 - divide into 13812028023 and 13812030023
Take the last 13812030023 and divide that into
13812030027 A1 30 hosts
138120303227 A2 62 hosts
138120306427
138120309627 B1 92 hosts
1381203012826
1381203019226 B2 316 hosts
13812031024
Exercise 22
Divide 140100024 into 827 address spaces
140100027 Reserved Reserved
1401003227 Unused
1401006427 Unused
1401009627 Split 1401009630
14010010030
14010010430
14010010830
14010011230
14010011630
14010012030
14010012430
All interface addresses
14010012827 Aggregate 14010012826 Assigned to Customer
space
14010016027
14010019227 Aggregate 14010019226 Assigned to customer
space
14010022427
Exercise 23
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4352
43
5 Is there a difference between the outputs of the lsquoshow router interfacersquo command
and the lsquoshow router route-tablersquo command What is the difference
Yes there is a difference The route table shows me the networks that are connected to myrouter and the logical interface it is connected to The router interface command shows
me the host address assigned to the port from the network that is used on my router along
with the physical port it is bound to
Relevant Configuration from P1
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
router
interface system
address 140100132
exit
interface t-R2exit
interface to-R2
address 140100530
port 112exit
interface to-R3
address 14010010930
port 113
exitinterface to-R5
address 14010011830
port 111
exit
exit
Exercise 244 How many ARP entries are on each router at this point
There are no ARP entries in my ARP table at this point The routers do not know how to
reach the system addresses of other routers so no ARP responses are received
5 How many ARP entries are on each router at this point
I see entries for each of my directly connected peers The MAC address belongs to the
remote routerrsquos interface ARP entries are populated because all routers know of theirdirectly connected networks and will respond to ARP requests accordingly
Exercise 31
5 View the contents of the routing table and answer the following questions
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4452
44
a How many routes in the table
There are routes for all my connected networks and an additional STATIC routefor each entry I put in
b What is the preference and metric value of each type of routing entry
The LOCAL entries have a Metric and Preference of 0The Static Routes have a Metric of 1 and a Preference of 5
Exercise 323 How many routes are there in the PPE routerrsquos routing table
Even though I entered 4 static routes total on the router only 2 are active in myrouting table The router preferred the static-route with the lowest metric
4 Which devices were reachable
I was able to ping the CE routers
Which devices were not reachable
I was unable to ping the System addresses of routers 2 hops away as they do not have
routes to the remote CE system address in their table The directly attached PE routerhas a staticroute to the local CE system address from a previous step
What is the PATH to the other CE within your local ISP
CE PE PE CE
5
Shut down the link directly between the PE devices
Which Devices are still reachable
I am still able to PING the other CE in my ISP by using the alternate (floating) static-route that replaced the last route Once a interface goes operationally down routers
flush routes from their routing table that use it as their next-hop
Exercise 33
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4552
45
YES While the filter is created it is not applied to any interface yet
11 From the PE ping the attached CErsquos configured host loopback address
SuccessfulYES
12 From the CE ping the attached PErsquos system IP addresses
Successful NO The filter is blocking icmp echo-requests in only one direction therefore ping
works one way but not the other
17 From the PE ping the attached CErsquos loopback host IP address
Successful
YES ICMP echo-requests are not blocked to the Loopback segment ONLY thesystem IP
18 From the CE ping the attached PErsquos system IP address
Successful
NO The filter is now blocking ICMP echo-requests to both CE and PE systemaddresses
Sample PE Relevant Config
--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forwarddescription Block ICMP to System Address
entry 10 create
match protocol icmpdst-ip 1511003032
icmp-type echo-request
exit
action drop
exit
exitexit
--------------------------------------------------
echo Router (Network Side) Configuration
--------------------------------------------------
interface to-R12
address 15110012630 port 112
ingress filter ip 77
exit
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4652
46
Sample CE Relevant Config--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forward
description Block ICMP to System Addy
entry 10 creatematch protocol icmp
dst-ip 1511003132
icmp-type echo-request
exit
action dropexit
exit
exit
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
interface to-R8
address 15110012530
port 112ingress filter ip 77
exit
Exercise 413
c How many routes in the table
There are 5 OSPF routes in my routing table 3 System Addresses and 2 Intefacenetworks that are not directly connected to my local system
d What is the preference and metric value of each OSPF Route
The OSPF routes vary in metric depending how ldquofarrdquo away they are (OSPF usescumulative cost based on bandwidth) but all have a preference of 10
4c How many neighbors do you see on the P devices 2
PE 2
CE 0
d What is the state of their adjacency
The P and PE adjacencies are Established because there is a OSPF speaker on the
other end with the proper parameters configured
There is no OSPF adjacency to the CE router listed as none was configured
e What type of LSAs are in the database
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4752
47
Only Type 1 Router LSA are present due to the interface being configured as point-
to-point
5 Which devices were reachable
All the devices in the local ISP were now reachable
Which devices were not reachable
The devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs Also none of the CE Host Networks were reachable as therouters did not have routes for these networks in their local routing table
6 Which devices were reachable
All networks and devices in the local ISP are now reachable
Which devices were not reachable
Devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs
Sample Relevant Config
--------------------------------------------------
echo OSPFv2 Configuration
--------------------------------------------------
ospf
area 0000interface system
interface-type point-to-point
exit
interface to-R4interface-type point-to-point
exitinterface toLAN
interface-type point-to-point
exitexit
exit
exit
Exercise 515 How many routes are advertised to each neighbor
There are no routes advertised to the neighbors because BGP does not originateroutes until an export policy is created and applied to the BGP instance
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4852
48
8 How many routes are in the routing table of R1-R4
There is 1 BGP route in each of R1-R4s routing tables matching the best path tothe aggregate advertised by the remote ISPs
9 Which devices were reachable
From the PE routers only the P routers in the local ISP were reachable
Which devices were not reachable
All routers in the remote ISP were still unreachable This is due to the local PE router
not participating in the BGP routing protocol and therefore it is not aware of theaggregate route advertised from P to P router
Sample Relevant Router Config
--------------------------------------------------
echo Static Route Configuration
--------------------------------------------------
static-route 140100024 black-hole--------------------------------------------------
echo Policy Configuration
-------------------------------------------------- policy-options
begin
policy-statement Export_Routes
entry 10
from protocol static
exit
action accept
exit
exit
exit
commitexit
--------------------------------------------------
echo BGP Configuration
--------------------------------------------------
bgpgroup eBGP
export Export_Routes
exit
group ebgpneighbor 1601006
peer-as 65002
exit
exitgroup ibgp
neighbor 1401002
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4952
49
peer-as 65001
exit
exit
exit
exit
Exercise 61Part 4 Verification
1 a How many PUSH actions on the P PE and CE devices
There are 7 PUSH operations on each P and PE device There are no PUSHoperations on the CE as it is not running LDP
b How many SWAP actions on the P PE and CE devices
There are 7 SWAP operations on each P and PE device There are no SWAP
operations on the CE as it is not running LDP
c How many POP actions on the P PE and CE devices
There is 1 POP operation on each P and PE device There are no POP operationson the CE device as it is not running LDP
2
a How many OSPF adjacencies are there on your CE device
None
b Ping the other CE devices in the network (ping 1921681x)
Nothing is reachable because there is no layer 2 connectivity from CE to CE
device without creating a service
Exercise 62 3 Were you successful at adding the SAP
No The port must be in access mode before you can create a SAP on it
Part 2 Verification
1
g How many Ingress labels
There are now 3 Ingress labels on the PE devices The P and CE device has no
service labels
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5052
50
h How many SWAP actions
There are now 3 Egress labels on the PE devices The P and CE device has noservice labels
2
a
How many OSPF adjacencies are there on your CE device3
b Are you able to ping the other CE devices in the lab
YES
c Are you able to ping the system IP address of the P device from the CE
device
NO The O and PE devices are private from the service to which the CEdevices are connected on
3
a How many services are there on each device in your POD
1 per PE only
b What is their status
Operationally UP
d On each PE device we can see the MAC database per service using the
following command
iii How many local MAC addresses are in your table
1
iv How many remote MAC addresses are in your table
3
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
i How many OSPF adjacencies are there on your CE device
1
ii Ping the system IP addresses of all other CE devices in the lab
Only the CE device connected to the diagonally connected PE isreachable because it is the only one with an active SDP in both
directionsf
i How many labels are there
Same as before
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5152
51
ii Is there any difference compared to what was seen in previously
in step a
NO The LSPs created with LDP are still active only the SDP usedto bind the LSPs to the service are shut down therefore no labelswill be withdrawn
Sample PE Relevant Configuration
--------------------------------------------------echo LDP Configuration
--------------------------------------------------
ldpinterface-parameters
interface to-R1
exit
interface to-R6
exit
interface to-R5exit
exit
targeted-session
exit
exitexit
--------------------------------------------------
echo Service Configuration
--------------------------------------------------
service
customer 1 createdescription Default customer
exit
sdp 6 mpls createfar-end 1401006
ldp
keep-alive
shutdown
exit
no shutdown
exitsdp 7 mpls create
far-end 1511001
ldp
keep-alive
shutdownexit
no shutdown
exit
sdp 8 mpls create
far-end 15110030
ldpkeep-alive
shutdown
exit
no shutdown
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5252
52
exit
vpls 612 customer 1 create
stp
shutdown
exitsap 112 create
exit
mesh-sdp 6612 create
mesh-sdp 7612 create
mesh-sdp 8612 createexitno shutdown
exit
exit A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3252
32
8 Execute the following set of commands on the core routers (R1-R4) This will exportall static routes to the eBGP peers
XXX configure router policy-options crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons begin crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons policy-statement Export_Routes crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement $ entry 10 crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y$
from protocol static crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y
action accept crarr XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r ygtact i on
back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement gtent r y back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i onsgtpol i cy- st atement back crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons commit crarr
XXXgtconf i ggtr out ergtpol i cy- opt i ons exit all crarr
XXXconf i gur e router bgp group eBGP crarr
XXXgtconf i ggtr outergtbgpgtgroup$ expor t Expor t _Routes crarr
NOTE Wait for all nodes to be fully configured before proceeding
7
Notice that there are routes being advertised now that the policy is applied
xxx show r outer bgp nei ghbor xxxxxxxx adver t i sed- r out es crarr
How many routes are in the routing table of R1-R4 ________________Explain
_____________________________________________________________________ ___________________________________________________________________
9 Log on to the PE routers and ping the other P router system interfaces of the other ISP
XXXgt ping xxxxxxxxxxxx crarr
Which devices were reachable _______________________________Which devices were not reachable ______________________________
Explain _____________________________________________________________________
___________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3352
Lab 6 Services
Section 61 Services Framework
Objective
In order to complete the next group of labs we need to create a topology to support the
services we will deploy The two service providers from the previous sections havemerged into one and are offering a VPLS service across their network As long as routesexist to the system addresses of all the PE devices in the provider network a VPLSservice can be created The new service provider is running OSPF as the IGP for their
core network
33
Figure 6 Service Provider core network
CE4R12
P1R1 P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
OSPF
CE3R11
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3452
34
Running an IPMPLS-based service requires a Label Distribution Protocol (wersquoll useLDP for ease of deployment) and a full mesh of Service Distribution Paths (SDPs)
Follow the steps below
Reference Terminology
R1-R4 = Provider Routers = P1-P4
R5-R8 = Provider Edge Routers = PE1-PE4R9-R12 = Customer Edge Routers = CE1-CE4
Part 1 Provider Router Configuration (P1-P4)
1) In the previous lab routing between ISPs is provided by BGP Since the ISPs have
merged they will be merged into one routing domain running OSPF as their IGP
The interfaces between R1 and R3 and between R2 and R4 must be added to OSPF to
make this a single routing domain
2) The MPLS signaling protocol that will be used in the following section is LDP LDP
must be enabled on ALL interfaces that will be required to perform MPLS Label
exchange
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr
XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toP_ is the router interface to all neighboring routers
Part 2 Provider Edge Router Configuration (PE1-PE4)
1) LDP must be enabled on ALL router interfaces in the provider core to allow labels to
be exchanged across the Provider and Provider Edge routers
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toR_ is the router interface to the P and PE routers only
LDP is an MPLS signaling protocol therefore once all routers in the network have been
correctly configured for LDP LSPs will be created dynamically based on the systemaddresses of each node in the network
3) Configure a full mesh of SDPs (Service Distribution Paths) between the PE routers
only This will allow the distribution of services across all PE routers in the networks
When yoursquove completed this section each PE node will have a total of 3 SDPs to
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3552
35
each of the other 3 PEs The SDP is identified by an integer and we will use the router
number (5 6 7 or 8) of the far end PE to identify the SDP So PE1 (R5) will have 3
SDPs numbered 6 7 and 8 to each of the other three PEs
XXXgtconf i gure servi ce sdp x mpl s cr eat e crarr
XXXgtconf i ggtser vi cegtsdp$ f ar - end xxxxxxxxxxxx crarr
XXXgtconf i ggtser vi cegtsdp$ l dp crarr
XXXgtconf i ggtser vi cegtsdp$ no shut down crarr
Where x is the router number of the destination node
Where xxxxxxxxxxxx is the system IP address of the far-end device
Part 3 Customer Edge Router Configuration (CE1-CE4)
In the following service labs the Customer Edge devices will be configured as traditional
routers Each CE router has an interface in the same IP subnet The VPLS service will join these four routers in the same way an Ethernet switch would join them Thefollowing configuration is required on each CE device
1) Create the router interface on the interface connecting the CE to the service enabled
PE devices
XXXgtconf i gure r out er i nt er f ace ser vi cesCE_ crarr
XXXgtconf i ggtr out ergti f $ addr ess 192 168 1 x 24 crarr
XXXgtconf i ggtr out ergti f $ por t X Y Z crarr XXXgtconf i ggtr outergti f $ no shutdown
Where x is the local router number
Where XYZ is the physical network port connecting the CE to the neighboring
PE
2) Create OSPF area 0 and add the Router Interface created in step 1 and the system
interface to it
XXXgtconf i gur e rout er ospf area 0 crarr
XXXgtconf i ggtr out ergtospf gtarea$ i nter f ace syst emcrarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
XXXgtconf i ggtr out ergtospf gtarea i nter f ace servi ceCE1 crarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
Part 4 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3652
36
1) LDP is the protocol used for signaling which tunnel labels will be PUSHed
SWAPped POPped while data traverses the LSP To view which labels will be used
and their function use the following command
XXX show r out er l dp bi ndi ngs act i ve crarr
a How many PUSH actions on the P PE and CE devices
_______________________ Explain _______________________________________________________________
_______________________________________________________________
__________
b How many SWAP actions on the P PE and CE devices
_______________________ Explain
_______________________________________________________________
_______________________________________________________________
__________
c How many POP actions on the P PE and CE devices
_________________________ Explain
_______________________________________________________________ _______________________________________________________________
__________
2) CE Connectivity
a How many OSPF adjacencies are there on your CE device _____
b Ping the other CE devices in the network (ping 1921681x)
Explain the results ________________________________________________________________________ ________________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3752
Section 62 VPLS Example
Objective
A VPLS is a layer 2 service that can connect multiple sites in one LAN Itrsquos like creatinga virtual Switch out of a network of Service Routers In this lab we will create a VPLSacross all the PE nodes The PE devices will connect to each other with a full mesh using
mesh-sdp Note that after the service reference topology has been configured adding
services from edge to edge does not require any further modification of the P devices
37
Figure 6 VPLS service in each ISP between PE and P routers with SAP connections to CE routers
Part 1 Provider Edge Router Configuration (R5-R8)
1) Create the VPLS service
CE4R12
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
CE3R11
VPLS 1
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3852
38
XXXgtconf i gur e servi ce vpl s 1 cust omer 1 cr eat e crarr
XXXgtconf i ggtser vi cegtvpl s$ no shut down crarr
2) SDPs are used to distribute services across multiple service routers and therefore
bind a transport tunnel to the service You will need to create a mesh-sdp between
each PE router (R5-R8) to allow full communication across the PE routers Each PE
router should have 3 mesh-SDPs at the conclusion of this step Note that a mesh-sdp
will not forward a frame out another mesh-sdp allowing for a loop free service
topology within the core
XXXgtconf i gur e ser vi ce vpl s 1 mesh- sdp x create crarr
XXXgtconf i ggtser vi cegtvpl sgtmesh- sdp$ back crarr
Where x is the sdp to the other PE routers (R5=5 R6=6 R7=7 R8=8)
3) Service Access Points are used to attach CE devices to services on PE devices
XXXgtconf i gur e servi ce vpl s 1 sap X Y Z cr eat e crarr
Where XYZ is the physical port connecting the CE device to the PE
a Were you successful at adding the SAP _______
b Explain
_______________________________________________________________
_______________________________________________________________
c Correct the problem
XXXgtconf i gur e port X Y Z shut down crarr
XXXgtconf i gur e por t X Y Z et her net mode access crarr
XXXgtconf i gur e por t X Y X no shut down crarr
Part2 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
a View the in-use Service LDP bindings on the P and PE routers (U after label
indicates in-use)
XXX show r out er l dp bi ndi ngs f ec- t ype ser vi ces crarr
a How many Ingress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3952
39
b How many Egress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
b Network Connectivity
a How many OSPF adjacencies are there on your CE device _____
b
Are you able to ping the other CE devices in the lab _____c Are you able to ping the system IP address of the P device from the CE
device ____
d Explain the results
_______________________________________________________________
_______________________________________________________________
c Services Use the following command to determine the health of your services
XXXgt show ser vi ce servi ce- usi ng crarr
a How many services are there on each device in your POD ______
b
What is their status ______c Use the following command to find out more information about your service
XXXgt show ser vi ce i d 1 base crarr
d On each PE device we can see the MAC database per service using the
following command
XXXgt show ser vi ce i d 1 f db det ai l crarr
i How many local MAC addresses are in your table ____
ii How many remote MAC addresses are in your table ____
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
XXXgtconf i gur e servi ce sdp x shutdown crarr
Where x is the SDP to the remote PE device (R5=5 R6=6 R7=7 R8=8)
i How many OSPF adjacencies are there on your CE device _____
ii Ping the system IP addresses of all other CE devices in the lab
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4052
40
iii Explain the results
_________________________________________________________
_________________________________________________________
f On the P routers observe the impact of step d
XXXgtshow r out er l dp bi ndi ngs act i ve crarr
i
How many labels are there _____________
ii Is there any difference compared to what was seen in previously in
step a ________________
Explain __________________________________________________________________
__________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4152
41
Solutions
Exercise 13 Hardware
Sample Relevant Config--------------------------------------------------
echo Card Configuration--------------------------------------------------
card 1card-type iom-20g
mda 1
mda-type m60-10100eth-tx
ingress
mcast-path-managementshutdown
exit
exit
exit
exit
--------------------------------------------------
Exercise 14 Logs
Sample Relevant Config--------------------------------------------------echo Log Configuration
--------------------------------------------------
log
log-id 21
description Main stream log
from main
to memoryexit
log-id 22
description Security Log File
from security
to memoryexitlog-id 23
description Debug-trace
from debug-trace
to memoryexit
log-id 24
description Change Log
from change
to memoryexit
exit
Exercise 21
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4252
42
Divide up the ISP address space into equal space 512 host addresses
13812016022
13812020022
13812024022
13812028022 - divide into 13812028023 and 13812030023
Take the last 13812030023 and divide that into
13812030027 A1 30 hosts
138120303227 A2 62 hosts
138120306427
138120309627 B1 92 hosts
1381203012826
1381203019226 B2 316 hosts
13812031024
Exercise 22
Divide 140100024 into 827 address spaces
140100027 Reserved Reserved
1401003227 Unused
1401006427 Unused
1401009627 Split 1401009630
14010010030
14010010430
14010010830
14010011230
14010011630
14010012030
14010012430
All interface addresses
14010012827 Aggregate 14010012826 Assigned to Customer
space
14010016027
14010019227 Aggregate 14010019226 Assigned to customer
space
14010022427
Exercise 23
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4352
43
5 Is there a difference between the outputs of the lsquoshow router interfacersquo command
and the lsquoshow router route-tablersquo command What is the difference
Yes there is a difference The route table shows me the networks that are connected to myrouter and the logical interface it is connected to The router interface command shows
me the host address assigned to the port from the network that is used on my router along
with the physical port it is bound to
Relevant Configuration from P1
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
router
interface system
address 140100132
exit
interface t-R2exit
interface to-R2
address 140100530
port 112exit
interface to-R3
address 14010010930
port 113
exitinterface to-R5
address 14010011830
port 111
exit
exit
Exercise 244 How many ARP entries are on each router at this point
There are no ARP entries in my ARP table at this point The routers do not know how to
reach the system addresses of other routers so no ARP responses are received
5 How many ARP entries are on each router at this point
I see entries for each of my directly connected peers The MAC address belongs to the
remote routerrsquos interface ARP entries are populated because all routers know of theirdirectly connected networks and will respond to ARP requests accordingly
Exercise 31
5 View the contents of the routing table and answer the following questions
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4452
44
a How many routes in the table
There are routes for all my connected networks and an additional STATIC routefor each entry I put in
b What is the preference and metric value of each type of routing entry
The LOCAL entries have a Metric and Preference of 0The Static Routes have a Metric of 1 and a Preference of 5
Exercise 323 How many routes are there in the PPE routerrsquos routing table
Even though I entered 4 static routes total on the router only 2 are active in myrouting table The router preferred the static-route with the lowest metric
4 Which devices were reachable
I was able to ping the CE routers
Which devices were not reachable
I was unable to ping the System addresses of routers 2 hops away as they do not have
routes to the remote CE system address in their table The directly attached PE routerhas a staticroute to the local CE system address from a previous step
What is the PATH to the other CE within your local ISP
CE PE PE CE
5
Shut down the link directly between the PE devices
Which Devices are still reachable
I am still able to PING the other CE in my ISP by using the alternate (floating) static-route that replaced the last route Once a interface goes operationally down routers
flush routes from their routing table that use it as their next-hop
Exercise 33
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4552
45
YES While the filter is created it is not applied to any interface yet
11 From the PE ping the attached CErsquos configured host loopback address
SuccessfulYES
12 From the CE ping the attached PErsquos system IP addresses
Successful NO The filter is blocking icmp echo-requests in only one direction therefore ping
works one way but not the other
17 From the PE ping the attached CErsquos loopback host IP address
Successful
YES ICMP echo-requests are not blocked to the Loopback segment ONLY thesystem IP
18 From the CE ping the attached PErsquos system IP address
Successful
NO The filter is now blocking ICMP echo-requests to both CE and PE systemaddresses
Sample PE Relevant Config
--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forwarddescription Block ICMP to System Address
entry 10 create
match protocol icmpdst-ip 1511003032
icmp-type echo-request
exit
action drop
exit
exitexit
--------------------------------------------------
echo Router (Network Side) Configuration
--------------------------------------------------
interface to-R12
address 15110012630 port 112
ingress filter ip 77
exit
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4652
46
Sample CE Relevant Config--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forward
description Block ICMP to System Addy
entry 10 creatematch protocol icmp
dst-ip 1511003132
icmp-type echo-request
exit
action dropexit
exit
exit
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
interface to-R8
address 15110012530
port 112ingress filter ip 77
exit
Exercise 413
c How many routes in the table
There are 5 OSPF routes in my routing table 3 System Addresses and 2 Intefacenetworks that are not directly connected to my local system
d What is the preference and metric value of each OSPF Route
The OSPF routes vary in metric depending how ldquofarrdquo away they are (OSPF usescumulative cost based on bandwidth) but all have a preference of 10
4c How many neighbors do you see on the P devices 2
PE 2
CE 0
d What is the state of their adjacency
The P and PE adjacencies are Established because there is a OSPF speaker on the
other end with the proper parameters configured
There is no OSPF adjacency to the CE router listed as none was configured
e What type of LSAs are in the database
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4752
47
Only Type 1 Router LSA are present due to the interface being configured as point-
to-point
5 Which devices were reachable
All the devices in the local ISP were now reachable
Which devices were not reachable
The devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs Also none of the CE Host Networks were reachable as therouters did not have routes for these networks in their local routing table
6 Which devices were reachable
All networks and devices in the local ISP are now reachable
Which devices were not reachable
Devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs
Sample Relevant Config
--------------------------------------------------
echo OSPFv2 Configuration
--------------------------------------------------
ospf
area 0000interface system
interface-type point-to-point
exit
interface to-R4interface-type point-to-point
exitinterface toLAN
interface-type point-to-point
exitexit
exit
exit
Exercise 515 How many routes are advertised to each neighbor
There are no routes advertised to the neighbors because BGP does not originateroutes until an export policy is created and applied to the BGP instance
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4852
48
8 How many routes are in the routing table of R1-R4
There is 1 BGP route in each of R1-R4s routing tables matching the best path tothe aggregate advertised by the remote ISPs
9 Which devices were reachable
From the PE routers only the P routers in the local ISP were reachable
Which devices were not reachable
All routers in the remote ISP were still unreachable This is due to the local PE router
not participating in the BGP routing protocol and therefore it is not aware of theaggregate route advertised from P to P router
Sample Relevant Router Config
--------------------------------------------------
echo Static Route Configuration
--------------------------------------------------
static-route 140100024 black-hole--------------------------------------------------
echo Policy Configuration
-------------------------------------------------- policy-options
begin
policy-statement Export_Routes
entry 10
from protocol static
exit
action accept
exit
exit
exit
commitexit
--------------------------------------------------
echo BGP Configuration
--------------------------------------------------
bgpgroup eBGP
export Export_Routes
exit
group ebgpneighbor 1601006
peer-as 65002
exit
exitgroup ibgp
neighbor 1401002
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4952
49
peer-as 65001
exit
exit
exit
exit
Exercise 61Part 4 Verification
1 a How many PUSH actions on the P PE and CE devices
There are 7 PUSH operations on each P and PE device There are no PUSHoperations on the CE as it is not running LDP
b How many SWAP actions on the P PE and CE devices
There are 7 SWAP operations on each P and PE device There are no SWAP
operations on the CE as it is not running LDP
c How many POP actions on the P PE and CE devices
There is 1 POP operation on each P and PE device There are no POP operationson the CE device as it is not running LDP
2
a How many OSPF adjacencies are there on your CE device
None
b Ping the other CE devices in the network (ping 1921681x)
Nothing is reachable because there is no layer 2 connectivity from CE to CE
device without creating a service
Exercise 62 3 Were you successful at adding the SAP
No The port must be in access mode before you can create a SAP on it
Part 2 Verification
1
g How many Ingress labels
There are now 3 Ingress labels on the PE devices The P and CE device has no
service labels
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5052
50
h How many SWAP actions
There are now 3 Egress labels on the PE devices The P and CE device has noservice labels
2
a
How many OSPF adjacencies are there on your CE device3
b Are you able to ping the other CE devices in the lab
YES
c Are you able to ping the system IP address of the P device from the CE
device
NO The O and PE devices are private from the service to which the CEdevices are connected on
3
a How many services are there on each device in your POD
1 per PE only
b What is their status
Operationally UP
d On each PE device we can see the MAC database per service using the
following command
iii How many local MAC addresses are in your table
1
iv How many remote MAC addresses are in your table
3
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
i How many OSPF adjacencies are there on your CE device
1
ii Ping the system IP addresses of all other CE devices in the lab
Only the CE device connected to the diagonally connected PE isreachable because it is the only one with an active SDP in both
directionsf
i How many labels are there
Same as before
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5152
51
ii Is there any difference compared to what was seen in previously
in step a
NO The LSPs created with LDP are still active only the SDP usedto bind the LSPs to the service are shut down therefore no labelswill be withdrawn
Sample PE Relevant Configuration
--------------------------------------------------echo LDP Configuration
--------------------------------------------------
ldpinterface-parameters
interface to-R1
exit
interface to-R6
exit
interface to-R5exit
exit
targeted-session
exit
exitexit
--------------------------------------------------
echo Service Configuration
--------------------------------------------------
service
customer 1 createdescription Default customer
exit
sdp 6 mpls createfar-end 1401006
ldp
keep-alive
shutdown
exit
no shutdown
exitsdp 7 mpls create
far-end 1511001
ldp
keep-alive
shutdownexit
no shutdown
exit
sdp 8 mpls create
far-end 15110030
ldpkeep-alive
shutdown
exit
no shutdown
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5252
52
exit
vpls 612 customer 1 create
stp
shutdown
exitsap 112 create
exit
mesh-sdp 6612 create
mesh-sdp 7612 create
mesh-sdp 8612 createexitno shutdown
exit
exit A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3352
Lab 6 Services
Section 61 Services Framework
Objective
In order to complete the next group of labs we need to create a topology to support the
services we will deploy The two service providers from the previous sections havemerged into one and are offering a VPLS service across their network As long as routesexist to the system addresses of all the PE devices in the provider network a VPLSservice can be created The new service provider is running OSPF as the IGP for their
core network
33
Figure 6 Service Provider core network
CE4R12
P1R1 P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
OSPF
CE3R11
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3452
34
Running an IPMPLS-based service requires a Label Distribution Protocol (wersquoll useLDP for ease of deployment) and a full mesh of Service Distribution Paths (SDPs)
Follow the steps below
Reference Terminology
R1-R4 = Provider Routers = P1-P4
R5-R8 = Provider Edge Routers = PE1-PE4R9-R12 = Customer Edge Routers = CE1-CE4
Part 1 Provider Router Configuration (P1-P4)
1) In the previous lab routing between ISPs is provided by BGP Since the ISPs have
merged they will be merged into one routing domain running OSPF as their IGP
The interfaces between R1 and R3 and between R2 and R4 must be added to OSPF to
make this a single routing domain
2) The MPLS signaling protocol that will be used in the following section is LDP LDP
must be enabled on ALL interfaces that will be required to perform MPLS Label
exchange
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr
XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toP_ is the router interface to all neighboring routers
Part 2 Provider Edge Router Configuration (PE1-PE4)
1) LDP must be enabled on ALL router interfaces in the provider core to allow labels to
be exchanged across the Provider and Provider Edge routers
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toR_ is the router interface to the P and PE routers only
LDP is an MPLS signaling protocol therefore once all routers in the network have been
correctly configured for LDP LSPs will be created dynamically based on the systemaddresses of each node in the network
3) Configure a full mesh of SDPs (Service Distribution Paths) between the PE routers
only This will allow the distribution of services across all PE routers in the networks
When yoursquove completed this section each PE node will have a total of 3 SDPs to
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3552
35
each of the other 3 PEs The SDP is identified by an integer and we will use the router
number (5 6 7 or 8) of the far end PE to identify the SDP So PE1 (R5) will have 3
SDPs numbered 6 7 and 8 to each of the other three PEs
XXXgtconf i gure servi ce sdp x mpl s cr eat e crarr
XXXgtconf i ggtser vi cegtsdp$ f ar - end xxxxxxxxxxxx crarr
XXXgtconf i ggtser vi cegtsdp$ l dp crarr
XXXgtconf i ggtser vi cegtsdp$ no shut down crarr
Where x is the router number of the destination node
Where xxxxxxxxxxxx is the system IP address of the far-end device
Part 3 Customer Edge Router Configuration (CE1-CE4)
In the following service labs the Customer Edge devices will be configured as traditional
routers Each CE router has an interface in the same IP subnet The VPLS service will join these four routers in the same way an Ethernet switch would join them Thefollowing configuration is required on each CE device
1) Create the router interface on the interface connecting the CE to the service enabled
PE devices
XXXgtconf i gure r out er i nt er f ace ser vi cesCE_ crarr
XXXgtconf i ggtr out ergti f $ addr ess 192 168 1 x 24 crarr
XXXgtconf i ggtr out ergti f $ por t X Y Z crarr XXXgtconf i ggtr outergti f $ no shutdown
Where x is the local router number
Where XYZ is the physical network port connecting the CE to the neighboring
PE
2) Create OSPF area 0 and add the Router Interface created in step 1 and the system
interface to it
XXXgtconf i gur e rout er ospf area 0 crarr
XXXgtconf i ggtr out ergtospf gtarea$ i nter f ace syst emcrarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
XXXgtconf i ggtr out ergtospf gtarea i nter f ace servi ceCE1 crarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
Part 4 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3652
36
1) LDP is the protocol used for signaling which tunnel labels will be PUSHed
SWAPped POPped while data traverses the LSP To view which labels will be used
and their function use the following command
XXX show r out er l dp bi ndi ngs act i ve crarr
a How many PUSH actions on the P PE and CE devices
_______________________ Explain _______________________________________________________________
_______________________________________________________________
__________
b How many SWAP actions on the P PE and CE devices
_______________________ Explain
_______________________________________________________________
_______________________________________________________________
__________
c How many POP actions on the P PE and CE devices
_________________________ Explain
_______________________________________________________________ _______________________________________________________________
__________
2) CE Connectivity
a How many OSPF adjacencies are there on your CE device _____
b Ping the other CE devices in the network (ping 1921681x)
Explain the results ________________________________________________________________________ ________________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3752
Section 62 VPLS Example
Objective
A VPLS is a layer 2 service that can connect multiple sites in one LAN Itrsquos like creatinga virtual Switch out of a network of Service Routers In this lab we will create a VPLSacross all the PE nodes The PE devices will connect to each other with a full mesh using
mesh-sdp Note that after the service reference topology has been configured adding
services from edge to edge does not require any further modification of the P devices
37
Figure 6 VPLS service in each ISP between PE and P routers with SAP connections to CE routers
Part 1 Provider Edge Router Configuration (R5-R8)
1) Create the VPLS service
CE4R12
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
CE3R11
VPLS 1
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3852
38
XXXgtconf i gur e servi ce vpl s 1 cust omer 1 cr eat e crarr
XXXgtconf i ggtser vi cegtvpl s$ no shut down crarr
2) SDPs are used to distribute services across multiple service routers and therefore
bind a transport tunnel to the service You will need to create a mesh-sdp between
each PE router (R5-R8) to allow full communication across the PE routers Each PE
router should have 3 mesh-SDPs at the conclusion of this step Note that a mesh-sdp
will not forward a frame out another mesh-sdp allowing for a loop free service
topology within the core
XXXgtconf i gur e ser vi ce vpl s 1 mesh- sdp x create crarr
XXXgtconf i ggtser vi cegtvpl sgtmesh- sdp$ back crarr
Where x is the sdp to the other PE routers (R5=5 R6=6 R7=7 R8=8)
3) Service Access Points are used to attach CE devices to services on PE devices
XXXgtconf i gur e servi ce vpl s 1 sap X Y Z cr eat e crarr
Where XYZ is the physical port connecting the CE device to the PE
a Were you successful at adding the SAP _______
b Explain
_______________________________________________________________
_______________________________________________________________
c Correct the problem
XXXgtconf i gur e port X Y Z shut down crarr
XXXgtconf i gur e por t X Y Z et her net mode access crarr
XXXgtconf i gur e por t X Y X no shut down crarr
Part2 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
a View the in-use Service LDP bindings on the P and PE routers (U after label
indicates in-use)
XXX show r out er l dp bi ndi ngs f ec- t ype ser vi ces crarr
a How many Ingress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3952
39
b How many Egress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
b Network Connectivity
a How many OSPF adjacencies are there on your CE device _____
b
Are you able to ping the other CE devices in the lab _____c Are you able to ping the system IP address of the P device from the CE
device ____
d Explain the results
_______________________________________________________________
_______________________________________________________________
c Services Use the following command to determine the health of your services
XXXgt show ser vi ce servi ce- usi ng crarr
a How many services are there on each device in your POD ______
b
What is their status ______c Use the following command to find out more information about your service
XXXgt show ser vi ce i d 1 base crarr
d On each PE device we can see the MAC database per service using the
following command
XXXgt show ser vi ce i d 1 f db det ai l crarr
i How many local MAC addresses are in your table ____
ii How many remote MAC addresses are in your table ____
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
XXXgtconf i gur e servi ce sdp x shutdown crarr
Where x is the SDP to the remote PE device (R5=5 R6=6 R7=7 R8=8)
i How many OSPF adjacencies are there on your CE device _____
ii Ping the system IP addresses of all other CE devices in the lab
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4052
40
iii Explain the results
_________________________________________________________
_________________________________________________________
f On the P routers observe the impact of step d
XXXgtshow r out er l dp bi ndi ngs act i ve crarr
i
How many labels are there _____________
ii Is there any difference compared to what was seen in previously in
step a ________________
Explain __________________________________________________________________
__________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4152
41
Solutions
Exercise 13 Hardware
Sample Relevant Config--------------------------------------------------
echo Card Configuration--------------------------------------------------
card 1card-type iom-20g
mda 1
mda-type m60-10100eth-tx
ingress
mcast-path-managementshutdown
exit
exit
exit
exit
--------------------------------------------------
Exercise 14 Logs
Sample Relevant Config--------------------------------------------------echo Log Configuration
--------------------------------------------------
log
log-id 21
description Main stream log
from main
to memoryexit
log-id 22
description Security Log File
from security
to memoryexitlog-id 23
description Debug-trace
from debug-trace
to memoryexit
log-id 24
description Change Log
from change
to memoryexit
exit
Exercise 21
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4252
42
Divide up the ISP address space into equal space 512 host addresses
13812016022
13812020022
13812024022
13812028022 - divide into 13812028023 and 13812030023
Take the last 13812030023 and divide that into
13812030027 A1 30 hosts
138120303227 A2 62 hosts
138120306427
138120309627 B1 92 hosts
1381203012826
1381203019226 B2 316 hosts
13812031024
Exercise 22
Divide 140100024 into 827 address spaces
140100027 Reserved Reserved
1401003227 Unused
1401006427 Unused
1401009627 Split 1401009630
14010010030
14010010430
14010010830
14010011230
14010011630
14010012030
14010012430
All interface addresses
14010012827 Aggregate 14010012826 Assigned to Customer
space
14010016027
14010019227 Aggregate 14010019226 Assigned to customer
space
14010022427
Exercise 23
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4352
43
5 Is there a difference between the outputs of the lsquoshow router interfacersquo command
and the lsquoshow router route-tablersquo command What is the difference
Yes there is a difference The route table shows me the networks that are connected to myrouter and the logical interface it is connected to The router interface command shows
me the host address assigned to the port from the network that is used on my router along
with the physical port it is bound to
Relevant Configuration from P1
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
router
interface system
address 140100132
exit
interface t-R2exit
interface to-R2
address 140100530
port 112exit
interface to-R3
address 14010010930
port 113
exitinterface to-R5
address 14010011830
port 111
exit
exit
Exercise 244 How many ARP entries are on each router at this point
There are no ARP entries in my ARP table at this point The routers do not know how to
reach the system addresses of other routers so no ARP responses are received
5 How many ARP entries are on each router at this point
I see entries for each of my directly connected peers The MAC address belongs to the
remote routerrsquos interface ARP entries are populated because all routers know of theirdirectly connected networks and will respond to ARP requests accordingly
Exercise 31
5 View the contents of the routing table and answer the following questions
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4452
44
a How many routes in the table
There are routes for all my connected networks and an additional STATIC routefor each entry I put in
b What is the preference and metric value of each type of routing entry
The LOCAL entries have a Metric and Preference of 0The Static Routes have a Metric of 1 and a Preference of 5
Exercise 323 How many routes are there in the PPE routerrsquos routing table
Even though I entered 4 static routes total on the router only 2 are active in myrouting table The router preferred the static-route with the lowest metric
4 Which devices were reachable
I was able to ping the CE routers
Which devices were not reachable
I was unable to ping the System addresses of routers 2 hops away as they do not have
routes to the remote CE system address in their table The directly attached PE routerhas a staticroute to the local CE system address from a previous step
What is the PATH to the other CE within your local ISP
CE PE PE CE
5
Shut down the link directly between the PE devices
Which Devices are still reachable
I am still able to PING the other CE in my ISP by using the alternate (floating) static-route that replaced the last route Once a interface goes operationally down routers
flush routes from their routing table that use it as their next-hop
Exercise 33
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4552
45
YES While the filter is created it is not applied to any interface yet
11 From the PE ping the attached CErsquos configured host loopback address
SuccessfulYES
12 From the CE ping the attached PErsquos system IP addresses
Successful NO The filter is blocking icmp echo-requests in only one direction therefore ping
works one way but not the other
17 From the PE ping the attached CErsquos loopback host IP address
Successful
YES ICMP echo-requests are not blocked to the Loopback segment ONLY thesystem IP
18 From the CE ping the attached PErsquos system IP address
Successful
NO The filter is now blocking ICMP echo-requests to both CE and PE systemaddresses
Sample PE Relevant Config
--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forwarddescription Block ICMP to System Address
entry 10 create
match protocol icmpdst-ip 1511003032
icmp-type echo-request
exit
action drop
exit
exitexit
--------------------------------------------------
echo Router (Network Side) Configuration
--------------------------------------------------
interface to-R12
address 15110012630 port 112
ingress filter ip 77
exit
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4652
46
Sample CE Relevant Config--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forward
description Block ICMP to System Addy
entry 10 creatematch protocol icmp
dst-ip 1511003132
icmp-type echo-request
exit
action dropexit
exit
exit
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
interface to-R8
address 15110012530
port 112ingress filter ip 77
exit
Exercise 413
c How many routes in the table
There are 5 OSPF routes in my routing table 3 System Addresses and 2 Intefacenetworks that are not directly connected to my local system
d What is the preference and metric value of each OSPF Route
The OSPF routes vary in metric depending how ldquofarrdquo away they are (OSPF usescumulative cost based on bandwidth) but all have a preference of 10
4c How many neighbors do you see on the P devices 2
PE 2
CE 0
d What is the state of their adjacency
The P and PE adjacencies are Established because there is a OSPF speaker on the
other end with the proper parameters configured
There is no OSPF adjacency to the CE router listed as none was configured
e What type of LSAs are in the database
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4752
47
Only Type 1 Router LSA are present due to the interface being configured as point-
to-point
5 Which devices were reachable
All the devices in the local ISP were now reachable
Which devices were not reachable
The devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs Also none of the CE Host Networks were reachable as therouters did not have routes for these networks in their local routing table
6 Which devices were reachable
All networks and devices in the local ISP are now reachable
Which devices were not reachable
Devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs
Sample Relevant Config
--------------------------------------------------
echo OSPFv2 Configuration
--------------------------------------------------
ospf
area 0000interface system
interface-type point-to-point
exit
interface to-R4interface-type point-to-point
exitinterface toLAN
interface-type point-to-point
exitexit
exit
exit
Exercise 515 How many routes are advertised to each neighbor
There are no routes advertised to the neighbors because BGP does not originateroutes until an export policy is created and applied to the BGP instance
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4852
48
8 How many routes are in the routing table of R1-R4
There is 1 BGP route in each of R1-R4s routing tables matching the best path tothe aggregate advertised by the remote ISPs
9 Which devices were reachable
From the PE routers only the P routers in the local ISP were reachable
Which devices were not reachable
All routers in the remote ISP were still unreachable This is due to the local PE router
not participating in the BGP routing protocol and therefore it is not aware of theaggregate route advertised from P to P router
Sample Relevant Router Config
--------------------------------------------------
echo Static Route Configuration
--------------------------------------------------
static-route 140100024 black-hole--------------------------------------------------
echo Policy Configuration
-------------------------------------------------- policy-options
begin
policy-statement Export_Routes
entry 10
from protocol static
exit
action accept
exit
exit
exit
commitexit
--------------------------------------------------
echo BGP Configuration
--------------------------------------------------
bgpgroup eBGP
export Export_Routes
exit
group ebgpneighbor 1601006
peer-as 65002
exit
exitgroup ibgp
neighbor 1401002
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4952
49
peer-as 65001
exit
exit
exit
exit
Exercise 61Part 4 Verification
1 a How many PUSH actions on the P PE and CE devices
There are 7 PUSH operations on each P and PE device There are no PUSHoperations on the CE as it is not running LDP
b How many SWAP actions on the P PE and CE devices
There are 7 SWAP operations on each P and PE device There are no SWAP
operations on the CE as it is not running LDP
c How many POP actions on the P PE and CE devices
There is 1 POP operation on each P and PE device There are no POP operationson the CE device as it is not running LDP
2
a How many OSPF adjacencies are there on your CE device
None
b Ping the other CE devices in the network (ping 1921681x)
Nothing is reachable because there is no layer 2 connectivity from CE to CE
device without creating a service
Exercise 62 3 Were you successful at adding the SAP
No The port must be in access mode before you can create a SAP on it
Part 2 Verification
1
g How many Ingress labels
There are now 3 Ingress labels on the PE devices The P and CE device has no
service labels
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5052
50
h How many SWAP actions
There are now 3 Egress labels on the PE devices The P and CE device has noservice labels
2
a
How many OSPF adjacencies are there on your CE device3
b Are you able to ping the other CE devices in the lab
YES
c Are you able to ping the system IP address of the P device from the CE
device
NO The O and PE devices are private from the service to which the CEdevices are connected on
3
a How many services are there on each device in your POD
1 per PE only
b What is their status
Operationally UP
d On each PE device we can see the MAC database per service using the
following command
iii How many local MAC addresses are in your table
1
iv How many remote MAC addresses are in your table
3
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
i How many OSPF adjacencies are there on your CE device
1
ii Ping the system IP addresses of all other CE devices in the lab
Only the CE device connected to the diagonally connected PE isreachable because it is the only one with an active SDP in both
directionsf
i How many labels are there
Same as before
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5152
51
ii Is there any difference compared to what was seen in previously
in step a
NO The LSPs created with LDP are still active only the SDP usedto bind the LSPs to the service are shut down therefore no labelswill be withdrawn
Sample PE Relevant Configuration
--------------------------------------------------echo LDP Configuration
--------------------------------------------------
ldpinterface-parameters
interface to-R1
exit
interface to-R6
exit
interface to-R5exit
exit
targeted-session
exit
exitexit
--------------------------------------------------
echo Service Configuration
--------------------------------------------------
service
customer 1 createdescription Default customer
exit
sdp 6 mpls createfar-end 1401006
ldp
keep-alive
shutdown
exit
no shutdown
exitsdp 7 mpls create
far-end 1511001
ldp
keep-alive
shutdownexit
no shutdown
exit
sdp 8 mpls create
far-end 15110030
ldpkeep-alive
shutdown
exit
no shutdown
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5252
52
exit
vpls 612 customer 1 create
stp
shutdown
exitsap 112 create
exit
mesh-sdp 6612 create
mesh-sdp 7612 create
mesh-sdp 8612 createexitno shutdown
exit
exit A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3452
34
Running an IPMPLS-based service requires a Label Distribution Protocol (wersquoll useLDP for ease of deployment) and a full mesh of Service Distribution Paths (SDPs)
Follow the steps below
Reference Terminology
R1-R4 = Provider Routers = P1-P4
R5-R8 = Provider Edge Routers = PE1-PE4R9-R12 = Customer Edge Routers = CE1-CE4
Part 1 Provider Router Configuration (P1-P4)
1) In the previous lab routing between ISPs is provided by BGP Since the ISPs have
merged they will be merged into one routing domain running OSPF as their IGP
The interfaces between R1 and R3 and between R2 and R4 must be added to OSPF to
make this a single routing domain
2) The MPLS signaling protocol that will be used in the following section is LDP LDP
must be enabled on ALL interfaces that will be required to perform MPLS Label
exchange
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr
XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toP_ is the router interface to all neighboring routers
Part 2 Provider Edge Router Configuration (PE1-PE4)
1) LDP must be enabled on ALL router interfaces in the provider core to allow labels to
be exchanged across the Provider and Provider Edge routers
XXXgtconf i gur e r out er l dp i nt erf ace- parameter s i nt erf ace toP_ crarr XXXgtconf i ggtr out ergtl dpgti f - par amsgti f $ exi t crarr
XXXgtconf i gur e r out er l dp no shut crarr
Where toR_ is the router interface to the P and PE routers only
LDP is an MPLS signaling protocol therefore once all routers in the network have been
correctly configured for LDP LSPs will be created dynamically based on the systemaddresses of each node in the network
3) Configure a full mesh of SDPs (Service Distribution Paths) between the PE routers
only This will allow the distribution of services across all PE routers in the networks
When yoursquove completed this section each PE node will have a total of 3 SDPs to
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3552
35
each of the other 3 PEs The SDP is identified by an integer and we will use the router
number (5 6 7 or 8) of the far end PE to identify the SDP So PE1 (R5) will have 3
SDPs numbered 6 7 and 8 to each of the other three PEs
XXXgtconf i gure servi ce sdp x mpl s cr eat e crarr
XXXgtconf i ggtser vi cegtsdp$ f ar - end xxxxxxxxxxxx crarr
XXXgtconf i ggtser vi cegtsdp$ l dp crarr
XXXgtconf i ggtser vi cegtsdp$ no shut down crarr
Where x is the router number of the destination node
Where xxxxxxxxxxxx is the system IP address of the far-end device
Part 3 Customer Edge Router Configuration (CE1-CE4)
In the following service labs the Customer Edge devices will be configured as traditional
routers Each CE router has an interface in the same IP subnet The VPLS service will join these four routers in the same way an Ethernet switch would join them Thefollowing configuration is required on each CE device
1) Create the router interface on the interface connecting the CE to the service enabled
PE devices
XXXgtconf i gure r out er i nt er f ace ser vi cesCE_ crarr
XXXgtconf i ggtr out ergti f $ addr ess 192 168 1 x 24 crarr
XXXgtconf i ggtr out ergti f $ por t X Y Z crarr XXXgtconf i ggtr outergti f $ no shutdown
Where x is the local router number
Where XYZ is the physical network port connecting the CE to the neighboring
PE
2) Create OSPF area 0 and add the Router Interface created in step 1 and the system
interface to it
XXXgtconf i gur e rout er ospf area 0 crarr
XXXgtconf i ggtr out ergtospf gtarea$ i nter f ace syst emcrarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
XXXgtconf i ggtr out ergtospf gtarea i nter f ace servi ceCE1 crarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
Part 4 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3652
36
1) LDP is the protocol used for signaling which tunnel labels will be PUSHed
SWAPped POPped while data traverses the LSP To view which labels will be used
and their function use the following command
XXX show r out er l dp bi ndi ngs act i ve crarr
a How many PUSH actions on the P PE and CE devices
_______________________ Explain _______________________________________________________________
_______________________________________________________________
__________
b How many SWAP actions on the P PE and CE devices
_______________________ Explain
_______________________________________________________________
_______________________________________________________________
__________
c How many POP actions on the P PE and CE devices
_________________________ Explain
_______________________________________________________________ _______________________________________________________________
__________
2) CE Connectivity
a How many OSPF adjacencies are there on your CE device _____
b Ping the other CE devices in the network (ping 1921681x)
Explain the results ________________________________________________________________________ ________________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3752
Section 62 VPLS Example
Objective
A VPLS is a layer 2 service that can connect multiple sites in one LAN Itrsquos like creatinga virtual Switch out of a network of Service Routers In this lab we will create a VPLSacross all the PE nodes The PE devices will connect to each other with a full mesh using
mesh-sdp Note that after the service reference topology has been configured adding
services from edge to edge does not require any further modification of the P devices
37
Figure 6 VPLS service in each ISP between PE and P routers with SAP connections to CE routers
Part 1 Provider Edge Router Configuration (R5-R8)
1) Create the VPLS service
CE4R12
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
CE3R11
VPLS 1
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3852
38
XXXgtconf i gur e servi ce vpl s 1 cust omer 1 cr eat e crarr
XXXgtconf i ggtser vi cegtvpl s$ no shut down crarr
2) SDPs are used to distribute services across multiple service routers and therefore
bind a transport tunnel to the service You will need to create a mesh-sdp between
each PE router (R5-R8) to allow full communication across the PE routers Each PE
router should have 3 mesh-SDPs at the conclusion of this step Note that a mesh-sdp
will not forward a frame out another mesh-sdp allowing for a loop free service
topology within the core
XXXgtconf i gur e ser vi ce vpl s 1 mesh- sdp x create crarr
XXXgtconf i ggtser vi cegtvpl sgtmesh- sdp$ back crarr
Where x is the sdp to the other PE routers (R5=5 R6=6 R7=7 R8=8)
3) Service Access Points are used to attach CE devices to services on PE devices
XXXgtconf i gur e servi ce vpl s 1 sap X Y Z cr eat e crarr
Where XYZ is the physical port connecting the CE device to the PE
a Were you successful at adding the SAP _______
b Explain
_______________________________________________________________
_______________________________________________________________
c Correct the problem
XXXgtconf i gur e port X Y Z shut down crarr
XXXgtconf i gur e por t X Y Z et her net mode access crarr
XXXgtconf i gur e por t X Y X no shut down crarr
Part2 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
a View the in-use Service LDP bindings on the P and PE routers (U after label
indicates in-use)
XXX show r out er l dp bi ndi ngs f ec- t ype ser vi ces crarr
a How many Ingress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3952
39
b How many Egress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
b Network Connectivity
a How many OSPF adjacencies are there on your CE device _____
b
Are you able to ping the other CE devices in the lab _____c Are you able to ping the system IP address of the P device from the CE
device ____
d Explain the results
_______________________________________________________________
_______________________________________________________________
c Services Use the following command to determine the health of your services
XXXgt show ser vi ce servi ce- usi ng crarr
a How many services are there on each device in your POD ______
b
What is their status ______c Use the following command to find out more information about your service
XXXgt show ser vi ce i d 1 base crarr
d On each PE device we can see the MAC database per service using the
following command
XXXgt show ser vi ce i d 1 f db det ai l crarr
i How many local MAC addresses are in your table ____
ii How many remote MAC addresses are in your table ____
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
XXXgtconf i gur e servi ce sdp x shutdown crarr
Where x is the SDP to the remote PE device (R5=5 R6=6 R7=7 R8=8)
i How many OSPF adjacencies are there on your CE device _____
ii Ping the system IP addresses of all other CE devices in the lab
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4052
40
iii Explain the results
_________________________________________________________
_________________________________________________________
f On the P routers observe the impact of step d
XXXgtshow r out er l dp bi ndi ngs act i ve crarr
i
How many labels are there _____________
ii Is there any difference compared to what was seen in previously in
step a ________________
Explain __________________________________________________________________
__________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4152
41
Solutions
Exercise 13 Hardware
Sample Relevant Config--------------------------------------------------
echo Card Configuration--------------------------------------------------
card 1card-type iom-20g
mda 1
mda-type m60-10100eth-tx
ingress
mcast-path-managementshutdown
exit
exit
exit
exit
--------------------------------------------------
Exercise 14 Logs
Sample Relevant Config--------------------------------------------------echo Log Configuration
--------------------------------------------------
log
log-id 21
description Main stream log
from main
to memoryexit
log-id 22
description Security Log File
from security
to memoryexitlog-id 23
description Debug-trace
from debug-trace
to memoryexit
log-id 24
description Change Log
from change
to memoryexit
exit
Exercise 21
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4252
42
Divide up the ISP address space into equal space 512 host addresses
13812016022
13812020022
13812024022
13812028022 - divide into 13812028023 and 13812030023
Take the last 13812030023 and divide that into
13812030027 A1 30 hosts
138120303227 A2 62 hosts
138120306427
138120309627 B1 92 hosts
1381203012826
1381203019226 B2 316 hosts
13812031024
Exercise 22
Divide 140100024 into 827 address spaces
140100027 Reserved Reserved
1401003227 Unused
1401006427 Unused
1401009627 Split 1401009630
14010010030
14010010430
14010010830
14010011230
14010011630
14010012030
14010012430
All interface addresses
14010012827 Aggregate 14010012826 Assigned to Customer
space
14010016027
14010019227 Aggregate 14010019226 Assigned to customer
space
14010022427
Exercise 23
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4352
43
5 Is there a difference between the outputs of the lsquoshow router interfacersquo command
and the lsquoshow router route-tablersquo command What is the difference
Yes there is a difference The route table shows me the networks that are connected to myrouter and the logical interface it is connected to The router interface command shows
me the host address assigned to the port from the network that is used on my router along
with the physical port it is bound to
Relevant Configuration from P1
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
router
interface system
address 140100132
exit
interface t-R2exit
interface to-R2
address 140100530
port 112exit
interface to-R3
address 14010010930
port 113
exitinterface to-R5
address 14010011830
port 111
exit
exit
Exercise 244 How many ARP entries are on each router at this point
There are no ARP entries in my ARP table at this point The routers do not know how to
reach the system addresses of other routers so no ARP responses are received
5 How many ARP entries are on each router at this point
I see entries for each of my directly connected peers The MAC address belongs to the
remote routerrsquos interface ARP entries are populated because all routers know of theirdirectly connected networks and will respond to ARP requests accordingly
Exercise 31
5 View the contents of the routing table and answer the following questions
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4452
44
a How many routes in the table
There are routes for all my connected networks and an additional STATIC routefor each entry I put in
b What is the preference and metric value of each type of routing entry
The LOCAL entries have a Metric and Preference of 0The Static Routes have a Metric of 1 and a Preference of 5
Exercise 323 How many routes are there in the PPE routerrsquos routing table
Even though I entered 4 static routes total on the router only 2 are active in myrouting table The router preferred the static-route with the lowest metric
4 Which devices were reachable
I was able to ping the CE routers
Which devices were not reachable
I was unable to ping the System addresses of routers 2 hops away as they do not have
routes to the remote CE system address in their table The directly attached PE routerhas a staticroute to the local CE system address from a previous step
What is the PATH to the other CE within your local ISP
CE PE PE CE
5
Shut down the link directly between the PE devices
Which Devices are still reachable
I am still able to PING the other CE in my ISP by using the alternate (floating) static-route that replaced the last route Once a interface goes operationally down routers
flush routes from their routing table that use it as their next-hop
Exercise 33
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4552
45
YES While the filter is created it is not applied to any interface yet
11 From the PE ping the attached CErsquos configured host loopback address
SuccessfulYES
12 From the CE ping the attached PErsquos system IP addresses
Successful NO The filter is blocking icmp echo-requests in only one direction therefore ping
works one way but not the other
17 From the PE ping the attached CErsquos loopback host IP address
Successful
YES ICMP echo-requests are not blocked to the Loopback segment ONLY thesystem IP
18 From the CE ping the attached PErsquos system IP address
Successful
NO The filter is now blocking ICMP echo-requests to both CE and PE systemaddresses
Sample PE Relevant Config
--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forwarddescription Block ICMP to System Address
entry 10 create
match protocol icmpdst-ip 1511003032
icmp-type echo-request
exit
action drop
exit
exitexit
--------------------------------------------------
echo Router (Network Side) Configuration
--------------------------------------------------
interface to-R12
address 15110012630 port 112
ingress filter ip 77
exit
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4652
46
Sample CE Relevant Config--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forward
description Block ICMP to System Addy
entry 10 creatematch protocol icmp
dst-ip 1511003132
icmp-type echo-request
exit
action dropexit
exit
exit
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
interface to-R8
address 15110012530
port 112ingress filter ip 77
exit
Exercise 413
c How many routes in the table
There are 5 OSPF routes in my routing table 3 System Addresses and 2 Intefacenetworks that are not directly connected to my local system
d What is the preference and metric value of each OSPF Route
The OSPF routes vary in metric depending how ldquofarrdquo away they are (OSPF usescumulative cost based on bandwidth) but all have a preference of 10
4c How many neighbors do you see on the P devices 2
PE 2
CE 0
d What is the state of their adjacency
The P and PE adjacencies are Established because there is a OSPF speaker on the
other end with the proper parameters configured
There is no OSPF adjacency to the CE router listed as none was configured
e What type of LSAs are in the database
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4752
47
Only Type 1 Router LSA are present due to the interface being configured as point-
to-point
5 Which devices were reachable
All the devices in the local ISP were now reachable
Which devices were not reachable
The devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs Also none of the CE Host Networks were reachable as therouters did not have routes for these networks in their local routing table
6 Which devices were reachable
All networks and devices in the local ISP are now reachable
Which devices were not reachable
Devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs
Sample Relevant Config
--------------------------------------------------
echo OSPFv2 Configuration
--------------------------------------------------
ospf
area 0000interface system
interface-type point-to-point
exit
interface to-R4interface-type point-to-point
exitinterface toLAN
interface-type point-to-point
exitexit
exit
exit
Exercise 515 How many routes are advertised to each neighbor
There are no routes advertised to the neighbors because BGP does not originateroutes until an export policy is created and applied to the BGP instance
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4852
48
8 How many routes are in the routing table of R1-R4
There is 1 BGP route in each of R1-R4s routing tables matching the best path tothe aggregate advertised by the remote ISPs
9 Which devices were reachable
From the PE routers only the P routers in the local ISP were reachable
Which devices were not reachable
All routers in the remote ISP were still unreachable This is due to the local PE router
not participating in the BGP routing protocol and therefore it is not aware of theaggregate route advertised from P to P router
Sample Relevant Router Config
--------------------------------------------------
echo Static Route Configuration
--------------------------------------------------
static-route 140100024 black-hole--------------------------------------------------
echo Policy Configuration
-------------------------------------------------- policy-options
begin
policy-statement Export_Routes
entry 10
from protocol static
exit
action accept
exit
exit
exit
commitexit
--------------------------------------------------
echo BGP Configuration
--------------------------------------------------
bgpgroup eBGP
export Export_Routes
exit
group ebgpneighbor 1601006
peer-as 65002
exit
exitgroup ibgp
neighbor 1401002
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4952
49
peer-as 65001
exit
exit
exit
exit
Exercise 61Part 4 Verification
1 a How many PUSH actions on the P PE and CE devices
There are 7 PUSH operations on each P and PE device There are no PUSHoperations on the CE as it is not running LDP
b How many SWAP actions on the P PE and CE devices
There are 7 SWAP operations on each P and PE device There are no SWAP
operations on the CE as it is not running LDP
c How many POP actions on the P PE and CE devices
There is 1 POP operation on each P and PE device There are no POP operationson the CE device as it is not running LDP
2
a How many OSPF adjacencies are there on your CE device
None
b Ping the other CE devices in the network (ping 1921681x)
Nothing is reachable because there is no layer 2 connectivity from CE to CE
device without creating a service
Exercise 62 3 Were you successful at adding the SAP
No The port must be in access mode before you can create a SAP on it
Part 2 Verification
1
g How many Ingress labels
There are now 3 Ingress labels on the PE devices The P and CE device has no
service labels
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5052
50
h How many SWAP actions
There are now 3 Egress labels on the PE devices The P and CE device has noservice labels
2
a
How many OSPF adjacencies are there on your CE device3
b Are you able to ping the other CE devices in the lab
YES
c Are you able to ping the system IP address of the P device from the CE
device
NO The O and PE devices are private from the service to which the CEdevices are connected on
3
a How many services are there on each device in your POD
1 per PE only
b What is their status
Operationally UP
d On each PE device we can see the MAC database per service using the
following command
iii How many local MAC addresses are in your table
1
iv How many remote MAC addresses are in your table
3
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
i How many OSPF adjacencies are there on your CE device
1
ii Ping the system IP addresses of all other CE devices in the lab
Only the CE device connected to the diagonally connected PE isreachable because it is the only one with an active SDP in both
directionsf
i How many labels are there
Same as before
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5152
51
ii Is there any difference compared to what was seen in previously
in step a
NO The LSPs created with LDP are still active only the SDP usedto bind the LSPs to the service are shut down therefore no labelswill be withdrawn
Sample PE Relevant Configuration
--------------------------------------------------echo LDP Configuration
--------------------------------------------------
ldpinterface-parameters
interface to-R1
exit
interface to-R6
exit
interface to-R5exit
exit
targeted-session
exit
exitexit
--------------------------------------------------
echo Service Configuration
--------------------------------------------------
service
customer 1 createdescription Default customer
exit
sdp 6 mpls createfar-end 1401006
ldp
keep-alive
shutdown
exit
no shutdown
exitsdp 7 mpls create
far-end 1511001
ldp
keep-alive
shutdownexit
no shutdown
exit
sdp 8 mpls create
far-end 15110030
ldpkeep-alive
shutdown
exit
no shutdown
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5252
52
exit
vpls 612 customer 1 create
stp
shutdown
exitsap 112 create
exit
mesh-sdp 6612 create
mesh-sdp 7612 create
mesh-sdp 8612 createexitno shutdown
exit
exit A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3552
35
each of the other 3 PEs The SDP is identified by an integer and we will use the router
number (5 6 7 or 8) of the far end PE to identify the SDP So PE1 (R5) will have 3
SDPs numbered 6 7 and 8 to each of the other three PEs
XXXgtconf i gure servi ce sdp x mpl s cr eat e crarr
XXXgtconf i ggtser vi cegtsdp$ f ar - end xxxxxxxxxxxx crarr
XXXgtconf i ggtser vi cegtsdp$ l dp crarr
XXXgtconf i ggtser vi cegtsdp$ no shut down crarr
Where x is the router number of the destination node
Where xxxxxxxxxxxx is the system IP address of the far-end device
Part 3 Customer Edge Router Configuration (CE1-CE4)
In the following service labs the Customer Edge devices will be configured as traditional
routers Each CE router has an interface in the same IP subnet The VPLS service will join these four routers in the same way an Ethernet switch would join them Thefollowing configuration is required on each CE device
1) Create the router interface on the interface connecting the CE to the service enabled
PE devices
XXXgtconf i gure r out er i nt er f ace ser vi cesCE_ crarr
XXXgtconf i ggtr out ergti f $ addr ess 192 168 1 x 24 crarr
XXXgtconf i ggtr out ergti f $ por t X Y Z crarr XXXgtconf i ggtr outergti f $ no shutdown
Where x is the local router number
Where XYZ is the physical network port connecting the CE to the neighboring
PE
2) Create OSPF area 0 and add the Router Interface created in step 1 and the system
interface to it
XXXgtconf i gur e rout er ospf area 0 crarr
XXXgtconf i ggtr out ergtospf gtarea$ i nter f ace syst emcrarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
XXXgtconf i ggtr out ergtospf gtarea i nter f ace servi ceCE1 crarr
XXXgtconf i ggtr outergtospf gtar eagti f $ back crarr
Part 4 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3652
36
1) LDP is the protocol used for signaling which tunnel labels will be PUSHed
SWAPped POPped while data traverses the LSP To view which labels will be used
and their function use the following command
XXX show r out er l dp bi ndi ngs act i ve crarr
a How many PUSH actions on the P PE and CE devices
_______________________ Explain _______________________________________________________________
_______________________________________________________________
__________
b How many SWAP actions on the P PE and CE devices
_______________________ Explain
_______________________________________________________________
_______________________________________________________________
__________
c How many POP actions on the P PE and CE devices
_________________________ Explain
_______________________________________________________________ _______________________________________________________________
__________
2) CE Connectivity
a How many OSPF adjacencies are there on your CE device _____
b Ping the other CE devices in the network (ping 1921681x)
Explain the results ________________________________________________________________________ ________________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3752
Section 62 VPLS Example
Objective
A VPLS is a layer 2 service that can connect multiple sites in one LAN Itrsquos like creatinga virtual Switch out of a network of Service Routers In this lab we will create a VPLSacross all the PE nodes The PE devices will connect to each other with a full mesh using
mesh-sdp Note that after the service reference topology has been configured adding
services from edge to edge does not require any further modification of the P devices
37
Figure 6 VPLS service in each ISP between PE and P routers with SAP connections to CE routers
Part 1 Provider Edge Router Configuration (R5-R8)
1) Create the VPLS service
CE4R12
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
CE3R11
VPLS 1
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3852
38
XXXgtconf i gur e servi ce vpl s 1 cust omer 1 cr eat e crarr
XXXgtconf i ggtser vi cegtvpl s$ no shut down crarr
2) SDPs are used to distribute services across multiple service routers and therefore
bind a transport tunnel to the service You will need to create a mesh-sdp between
each PE router (R5-R8) to allow full communication across the PE routers Each PE
router should have 3 mesh-SDPs at the conclusion of this step Note that a mesh-sdp
will not forward a frame out another mesh-sdp allowing for a loop free service
topology within the core
XXXgtconf i gur e ser vi ce vpl s 1 mesh- sdp x create crarr
XXXgtconf i ggtser vi cegtvpl sgtmesh- sdp$ back crarr
Where x is the sdp to the other PE routers (R5=5 R6=6 R7=7 R8=8)
3) Service Access Points are used to attach CE devices to services on PE devices
XXXgtconf i gur e servi ce vpl s 1 sap X Y Z cr eat e crarr
Where XYZ is the physical port connecting the CE device to the PE
a Were you successful at adding the SAP _______
b Explain
_______________________________________________________________
_______________________________________________________________
c Correct the problem
XXXgtconf i gur e port X Y Z shut down crarr
XXXgtconf i gur e por t X Y Z et her net mode access crarr
XXXgtconf i gur e por t X Y X no shut down crarr
Part2 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
a View the in-use Service LDP bindings on the P and PE routers (U after label
indicates in-use)
XXX show r out er l dp bi ndi ngs f ec- t ype ser vi ces crarr
a How many Ingress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3952
39
b How many Egress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
b Network Connectivity
a How many OSPF adjacencies are there on your CE device _____
b
Are you able to ping the other CE devices in the lab _____c Are you able to ping the system IP address of the P device from the CE
device ____
d Explain the results
_______________________________________________________________
_______________________________________________________________
c Services Use the following command to determine the health of your services
XXXgt show ser vi ce servi ce- usi ng crarr
a How many services are there on each device in your POD ______
b
What is their status ______c Use the following command to find out more information about your service
XXXgt show ser vi ce i d 1 base crarr
d On each PE device we can see the MAC database per service using the
following command
XXXgt show ser vi ce i d 1 f db det ai l crarr
i How many local MAC addresses are in your table ____
ii How many remote MAC addresses are in your table ____
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
XXXgtconf i gur e servi ce sdp x shutdown crarr
Where x is the SDP to the remote PE device (R5=5 R6=6 R7=7 R8=8)
i How many OSPF adjacencies are there on your CE device _____
ii Ping the system IP addresses of all other CE devices in the lab
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4052
40
iii Explain the results
_________________________________________________________
_________________________________________________________
f On the P routers observe the impact of step d
XXXgtshow r out er l dp bi ndi ngs act i ve crarr
i
How many labels are there _____________
ii Is there any difference compared to what was seen in previously in
step a ________________
Explain __________________________________________________________________
__________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4152
41
Solutions
Exercise 13 Hardware
Sample Relevant Config--------------------------------------------------
echo Card Configuration--------------------------------------------------
card 1card-type iom-20g
mda 1
mda-type m60-10100eth-tx
ingress
mcast-path-managementshutdown
exit
exit
exit
exit
--------------------------------------------------
Exercise 14 Logs
Sample Relevant Config--------------------------------------------------echo Log Configuration
--------------------------------------------------
log
log-id 21
description Main stream log
from main
to memoryexit
log-id 22
description Security Log File
from security
to memoryexitlog-id 23
description Debug-trace
from debug-trace
to memoryexit
log-id 24
description Change Log
from change
to memoryexit
exit
Exercise 21
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4252
42
Divide up the ISP address space into equal space 512 host addresses
13812016022
13812020022
13812024022
13812028022 - divide into 13812028023 and 13812030023
Take the last 13812030023 and divide that into
13812030027 A1 30 hosts
138120303227 A2 62 hosts
138120306427
138120309627 B1 92 hosts
1381203012826
1381203019226 B2 316 hosts
13812031024
Exercise 22
Divide 140100024 into 827 address spaces
140100027 Reserved Reserved
1401003227 Unused
1401006427 Unused
1401009627 Split 1401009630
14010010030
14010010430
14010010830
14010011230
14010011630
14010012030
14010012430
All interface addresses
14010012827 Aggregate 14010012826 Assigned to Customer
space
14010016027
14010019227 Aggregate 14010019226 Assigned to customer
space
14010022427
Exercise 23
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4352
43
5 Is there a difference between the outputs of the lsquoshow router interfacersquo command
and the lsquoshow router route-tablersquo command What is the difference
Yes there is a difference The route table shows me the networks that are connected to myrouter and the logical interface it is connected to The router interface command shows
me the host address assigned to the port from the network that is used on my router along
with the physical port it is bound to
Relevant Configuration from P1
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
router
interface system
address 140100132
exit
interface t-R2exit
interface to-R2
address 140100530
port 112exit
interface to-R3
address 14010010930
port 113
exitinterface to-R5
address 14010011830
port 111
exit
exit
Exercise 244 How many ARP entries are on each router at this point
There are no ARP entries in my ARP table at this point The routers do not know how to
reach the system addresses of other routers so no ARP responses are received
5 How many ARP entries are on each router at this point
I see entries for each of my directly connected peers The MAC address belongs to the
remote routerrsquos interface ARP entries are populated because all routers know of theirdirectly connected networks and will respond to ARP requests accordingly
Exercise 31
5 View the contents of the routing table and answer the following questions
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4452
44
a How many routes in the table
There are routes for all my connected networks and an additional STATIC routefor each entry I put in
b What is the preference and metric value of each type of routing entry
The LOCAL entries have a Metric and Preference of 0The Static Routes have a Metric of 1 and a Preference of 5
Exercise 323 How many routes are there in the PPE routerrsquos routing table
Even though I entered 4 static routes total on the router only 2 are active in myrouting table The router preferred the static-route with the lowest metric
4 Which devices were reachable
I was able to ping the CE routers
Which devices were not reachable
I was unable to ping the System addresses of routers 2 hops away as they do not have
routes to the remote CE system address in their table The directly attached PE routerhas a staticroute to the local CE system address from a previous step
What is the PATH to the other CE within your local ISP
CE PE PE CE
5
Shut down the link directly between the PE devices
Which Devices are still reachable
I am still able to PING the other CE in my ISP by using the alternate (floating) static-route that replaced the last route Once a interface goes operationally down routers
flush routes from their routing table that use it as their next-hop
Exercise 33
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4552
45
YES While the filter is created it is not applied to any interface yet
11 From the PE ping the attached CErsquos configured host loopback address
SuccessfulYES
12 From the CE ping the attached PErsquos system IP addresses
Successful NO The filter is blocking icmp echo-requests in only one direction therefore ping
works one way but not the other
17 From the PE ping the attached CErsquos loopback host IP address
Successful
YES ICMP echo-requests are not blocked to the Loopback segment ONLY thesystem IP
18 From the CE ping the attached PErsquos system IP address
Successful
NO The filter is now blocking ICMP echo-requests to both CE and PE systemaddresses
Sample PE Relevant Config
--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forwarddescription Block ICMP to System Address
entry 10 create
match protocol icmpdst-ip 1511003032
icmp-type echo-request
exit
action drop
exit
exitexit
--------------------------------------------------
echo Router (Network Side) Configuration
--------------------------------------------------
interface to-R12
address 15110012630 port 112
ingress filter ip 77
exit
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4652
46
Sample CE Relevant Config--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forward
description Block ICMP to System Addy
entry 10 creatematch protocol icmp
dst-ip 1511003132
icmp-type echo-request
exit
action dropexit
exit
exit
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
interface to-R8
address 15110012530
port 112ingress filter ip 77
exit
Exercise 413
c How many routes in the table
There are 5 OSPF routes in my routing table 3 System Addresses and 2 Intefacenetworks that are not directly connected to my local system
d What is the preference and metric value of each OSPF Route
The OSPF routes vary in metric depending how ldquofarrdquo away they are (OSPF usescumulative cost based on bandwidth) but all have a preference of 10
4c How many neighbors do you see on the P devices 2
PE 2
CE 0
d What is the state of their adjacency
The P and PE adjacencies are Established because there is a OSPF speaker on the
other end with the proper parameters configured
There is no OSPF adjacency to the CE router listed as none was configured
e What type of LSAs are in the database
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4752
47
Only Type 1 Router LSA are present due to the interface being configured as point-
to-point
5 Which devices were reachable
All the devices in the local ISP were now reachable
Which devices were not reachable
The devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs Also none of the CE Host Networks were reachable as therouters did not have routes for these networks in their local routing table
6 Which devices were reachable
All networks and devices in the local ISP are now reachable
Which devices were not reachable
Devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs
Sample Relevant Config
--------------------------------------------------
echo OSPFv2 Configuration
--------------------------------------------------
ospf
area 0000interface system
interface-type point-to-point
exit
interface to-R4interface-type point-to-point
exitinterface toLAN
interface-type point-to-point
exitexit
exit
exit
Exercise 515 How many routes are advertised to each neighbor
There are no routes advertised to the neighbors because BGP does not originateroutes until an export policy is created and applied to the BGP instance
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4852
48
8 How many routes are in the routing table of R1-R4
There is 1 BGP route in each of R1-R4s routing tables matching the best path tothe aggregate advertised by the remote ISPs
9 Which devices were reachable
From the PE routers only the P routers in the local ISP were reachable
Which devices were not reachable
All routers in the remote ISP were still unreachable This is due to the local PE router
not participating in the BGP routing protocol and therefore it is not aware of theaggregate route advertised from P to P router
Sample Relevant Router Config
--------------------------------------------------
echo Static Route Configuration
--------------------------------------------------
static-route 140100024 black-hole--------------------------------------------------
echo Policy Configuration
-------------------------------------------------- policy-options
begin
policy-statement Export_Routes
entry 10
from protocol static
exit
action accept
exit
exit
exit
commitexit
--------------------------------------------------
echo BGP Configuration
--------------------------------------------------
bgpgroup eBGP
export Export_Routes
exit
group ebgpneighbor 1601006
peer-as 65002
exit
exitgroup ibgp
neighbor 1401002
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4952
49
peer-as 65001
exit
exit
exit
exit
Exercise 61Part 4 Verification
1 a How many PUSH actions on the P PE and CE devices
There are 7 PUSH operations on each P and PE device There are no PUSHoperations on the CE as it is not running LDP
b How many SWAP actions on the P PE and CE devices
There are 7 SWAP operations on each P and PE device There are no SWAP
operations on the CE as it is not running LDP
c How many POP actions on the P PE and CE devices
There is 1 POP operation on each P and PE device There are no POP operationson the CE device as it is not running LDP
2
a How many OSPF adjacencies are there on your CE device
None
b Ping the other CE devices in the network (ping 1921681x)
Nothing is reachable because there is no layer 2 connectivity from CE to CE
device without creating a service
Exercise 62 3 Were you successful at adding the SAP
No The port must be in access mode before you can create a SAP on it
Part 2 Verification
1
g How many Ingress labels
There are now 3 Ingress labels on the PE devices The P and CE device has no
service labels
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5052
50
h How many SWAP actions
There are now 3 Egress labels on the PE devices The P and CE device has noservice labels
2
a
How many OSPF adjacencies are there on your CE device3
b Are you able to ping the other CE devices in the lab
YES
c Are you able to ping the system IP address of the P device from the CE
device
NO The O and PE devices are private from the service to which the CEdevices are connected on
3
a How many services are there on each device in your POD
1 per PE only
b What is their status
Operationally UP
d On each PE device we can see the MAC database per service using the
following command
iii How many local MAC addresses are in your table
1
iv How many remote MAC addresses are in your table
3
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
i How many OSPF adjacencies are there on your CE device
1
ii Ping the system IP addresses of all other CE devices in the lab
Only the CE device connected to the diagonally connected PE isreachable because it is the only one with an active SDP in both
directionsf
i How many labels are there
Same as before
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5152
51
ii Is there any difference compared to what was seen in previously
in step a
NO The LSPs created with LDP are still active only the SDP usedto bind the LSPs to the service are shut down therefore no labelswill be withdrawn
Sample PE Relevant Configuration
--------------------------------------------------echo LDP Configuration
--------------------------------------------------
ldpinterface-parameters
interface to-R1
exit
interface to-R6
exit
interface to-R5exit
exit
targeted-session
exit
exitexit
--------------------------------------------------
echo Service Configuration
--------------------------------------------------
service
customer 1 createdescription Default customer
exit
sdp 6 mpls createfar-end 1401006
ldp
keep-alive
shutdown
exit
no shutdown
exitsdp 7 mpls create
far-end 1511001
ldp
keep-alive
shutdownexit
no shutdown
exit
sdp 8 mpls create
far-end 15110030
ldpkeep-alive
shutdown
exit
no shutdown
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5252
52
exit
vpls 612 customer 1 create
stp
shutdown
exitsap 112 create
exit
mesh-sdp 6612 create
mesh-sdp 7612 create
mesh-sdp 8612 createexitno shutdown
exit
exit A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3652
36
1) LDP is the protocol used for signaling which tunnel labels will be PUSHed
SWAPped POPped while data traverses the LSP To view which labels will be used
and their function use the following command
XXX show r out er l dp bi ndi ngs act i ve crarr
a How many PUSH actions on the P PE and CE devices
_______________________ Explain _______________________________________________________________
_______________________________________________________________
__________
b How many SWAP actions on the P PE and CE devices
_______________________ Explain
_______________________________________________________________
_______________________________________________________________
__________
c How many POP actions on the P PE and CE devices
_________________________ Explain
_______________________________________________________________ _______________________________________________________________
__________
2) CE Connectivity
a How many OSPF adjacencies are there on your CE device _____
b Ping the other CE devices in the network (ping 1921681x)
Explain the results ________________________________________________________________________ ________________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3752
Section 62 VPLS Example
Objective
A VPLS is a layer 2 service that can connect multiple sites in one LAN Itrsquos like creatinga virtual Switch out of a network of Service Routers In this lab we will create a VPLSacross all the PE nodes The PE devices will connect to each other with a full mesh using
mesh-sdp Note that after the service reference topology has been configured adding
services from edge to edge does not require any further modification of the P devices
37
Figure 6 VPLS service in each ISP between PE and P routers with SAP connections to CE routers
Part 1 Provider Edge Router Configuration (R5-R8)
1) Create the VPLS service
CE4R12
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
CE3R11
VPLS 1
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3852
38
XXXgtconf i gur e servi ce vpl s 1 cust omer 1 cr eat e crarr
XXXgtconf i ggtser vi cegtvpl s$ no shut down crarr
2) SDPs are used to distribute services across multiple service routers and therefore
bind a transport tunnel to the service You will need to create a mesh-sdp between
each PE router (R5-R8) to allow full communication across the PE routers Each PE
router should have 3 mesh-SDPs at the conclusion of this step Note that a mesh-sdp
will not forward a frame out another mesh-sdp allowing for a loop free service
topology within the core
XXXgtconf i gur e ser vi ce vpl s 1 mesh- sdp x create crarr
XXXgtconf i ggtser vi cegtvpl sgtmesh- sdp$ back crarr
Where x is the sdp to the other PE routers (R5=5 R6=6 R7=7 R8=8)
3) Service Access Points are used to attach CE devices to services on PE devices
XXXgtconf i gur e servi ce vpl s 1 sap X Y Z cr eat e crarr
Where XYZ is the physical port connecting the CE device to the PE
a Were you successful at adding the SAP _______
b Explain
_______________________________________________________________
_______________________________________________________________
c Correct the problem
XXXgtconf i gur e port X Y Z shut down crarr
XXXgtconf i gur e por t X Y Z et her net mode access crarr
XXXgtconf i gur e por t X Y X no shut down crarr
Part2 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
a View the in-use Service LDP bindings on the P and PE routers (U after label
indicates in-use)
XXX show r out er l dp bi ndi ngs f ec- t ype ser vi ces crarr
a How many Ingress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3952
39
b How many Egress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
b Network Connectivity
a How many OSPF adjacencies are there on your CE device _____
b
Are you able to ping the other CE devices in the lab _____c Are you able to ping the system IP address of the P device from the CE
device ____
d Explain the results
_______________________________________________________________
_______________________________________________________________
c Services Use the following command to determine the health of your services
XXXgt show ser vi ce servi ce- usi ng crarr
a How many services are there on each device in your POD ______
b
What is their status ______c Use the following command to find out more information about your service
XXXgt show ser vi ce i d 1 base crarr
d On each PE device we can see the MAC database per service using the
following command
XXXgt show ser vi ce i d 1 f db det ai l crarr
i How many local MAC addresses are in your table ____
ii How many remote MAC addresses are in your table ____
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
XXXgtconf i gur e servi ce sdp x shutdown crarr
Where x is the SDP to the remote PE device (R5=5 R6=6 R7=7 R8=8)
i How many OSPF adjacencies are there on your CE device _____
ii Ping the system IP addresses of all other CE devices in the lab
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4052
40
iii Explain the results
_________________________________________________________
_________________________________________________________
f On the P routers observe the impact of step d
XXXgtshow r out er l dp bi ndi ngs act i ve crarr
i
How many labels are there _____________
ii Is there any difference compared to what was seen in previously in
step a ________________
Explain __________________________________________________________________
__________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4152
41
Solutions
Exercise 13 Hardware
Sample Relevant Config--------------------------------------------------
echo Card Configuration--------------------------------------------------
card 1card-type iom-20g
mda 1
mda-type m60-10100eth-tx
ingress
mcast-path-managementshutdown
exit
exit
exit
exit
--------------------------------------------------
Exercise 14 Logs
Sample Relevant Config--------------------------------------------------echo Log Configuration
--------------------------------------------------
log
log-id 21
description Main stream log
from main
to memoryexit
log-id 22
description Security Log File
from security
to memoryexitlog-id 23
description Debug-trace
from debug-trace
to memoryexit
log-id 24
description Change Log
from change
to memoryexit
exit
Exercise 21
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4252
42
Divide up the ISP address space into equal space 512 host addresses
13812016022
13812020022
13812024022
13812028022 - divide into 13812028023 and 13812030023
Take the last 13812030023 and divide that into
13812030027 A1 30 hosts
138120303227 A2 62 hosts
138120306427
138120309627 B1 92 hosts
1381203012826
1381203019226 B2 316 hosts
13812031024
Exercise 22
Divide 140100024 into 827 address spaces
140100027 Reserved Reserved
1401003227 Unused
1401006427 Unused
1401009627 Split 1401009630
14010010030
14010010430
14010010830
14010011230
14010011630
14010012030
14010012430
All interface addresses
14010012827 Aggregate 14010012826 Assigned to Customer
space
14010016027
14010019227 Aggregate 14010019226 Assigned to customer
space
14010022427
Exercise 23
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4352
43
5 Is there a difference between the outputs of the lsquoshow router interfacersquo command
and the lsquoshow router route-tablersquo command What is the difference
Yes there is a difference The route table shows me the networks that are connected to myrouter and the logical interface it is connected to The router interface command shows
me the host address assigned to the port from the network that is used on my router along
with the physical port it is bound to
Relevant Configuration from P1
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
router
interface system
address 140100132
exit
interface t-R2exit
interface to-R2
address 140100530
port 112exit
interface to-R3
address 14010010930
port 113
exitinterface to-R5
address 14010011830
port 111
exit
exit
Exercise 244 How many ARP entries are on each router at this point
There are no ARP entries in my ARP table at this point The routers do not know how to
reach the system addresses of other routers so no ARP responses are received
5 How many ARP entries are on each router at this point
I see entries for each of my directly connected peers The MAC address belongs to the
remote routerrsquos interface ARP entries are populated because all routers know of theirdirectly connected networks and will respond to ARP requests accordingly
Exercise 31
5 View the contents of the routing table and answer the following questions
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4452
44
a How many routes in the table
There are routes for all my connected networks and an additional STATIC routefor each entry I put in
b What is the preference and metric value of each type of routing entry
The LOCAL entries have a Metric and Preference of 0The Static Routes have a Metric of 1 and a Preference of 5
Exercise 323 How many routes are there in the PPE routerrsquos routing table
Even though I entered 4 static routes total on the router only 2 are active in myrouting table The router preferred the static-route with the lowest metric
4 Which devices were reachable
I was able to ping the CE routers
Which devices were not reachable
I was unable to ping the System addresses of routers 2 hops away as they do not have
routes to the remote CE system address in their table The directly attached PE routerhas a staticroute to the local CE system address from a previous step
What is the PATH to the other CE within your local ISP
CE PE PE CE
5
Shut down the link directly between the PE devices
Which Devices are still reachable
I am still able to PING the other CE in my ISP by using the alternate (floating) static-route that replaced the last route Once a interface goes operationally down routers
flush routes from their routing table that use it as their next-hop
Exercise 33
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4552
45
YES While the filter is created it is not applied to any interface yet
11 From the PE ping the attached CErsquos configured host loopback address
SuccessfulYES
12 From the CE ping the attached PErsquos system IP addresses
Successful NO The filter is blocking icmp echo-requests in only one direction therefore ping
works one way but not the other
17 From the PE ping the attached CErsquos loopback host IP address
Successful
YES ICMP echo-requests are not blocked to the Loopback segment ONLY thesystem IP
18 From the CE ping the attached PErsquos system IP address
Successful
NO The filter is now blocking ICMP echo-requests to both CE and PE systemaddresses
Sample PE Relevant Config
--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forwarddescription Block ICMP to System Address
entry 10 create
match protocol icmpdst-ip 1511003032
icmp-type echo-request
exit
action drop
exit
exitexit
--------------------------------------------------
echo Router (Network Side) Configuration
--------------------------------------------------
interface to-R12
address 15110012630 port 112
ingress filter ip 77
exit
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4652
46
Sample CE Relevant Config--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forward
description Block ICMP to System Addy
entry 10 creatematch protocol icmp
dst-ip 1511003132
icmp-type echo-request
exit
action dropexit
exit
exit
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
interface to-R8
address 15110012530
port 112ingress filter ip 77
exit
Exercise 413
c How many routes in the table
There are 5 OSPF routes in my routing table 3 System Addresses and 2 Intefacenetworks that are not directly connected to my local system
d What is the preference and metric value of each OSPF Route
The OSPF routes vary in metric depending how ldquofarrdquo away they are (OSPF usescumulative cost based on bandwidth) but all have a preference of 10
4c How many neighbors do you see on the P devices 2
PE 2
CE 0
d What is the state of their adjacency
The P and PE adjacencies are Established because there is a OSPF speaker on the
other end with the proper parameters configured
There is no OSPF adjacency to the CE router listed as none was configured
e What type of LSAs are in the database
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4752
47
Only Type 1 Router LSA are present due to the interface being configured as point-
to-point
5 Which devices were reachable
All the devices in the local ISP were now reachable
Which devices were not reachable
The devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs Also none of the CE Host Networks were reachable as therouters did not have routes for these networks in their local routing table
6 Which devices were reachable
All networks and devices in the local ISP are now reachable
Which devices were not reachable
Devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs
Sample Relevant Config
--------------------------------------------------
echo OSPFv2 Configuration
--------------------------------------------------
ospf
area 0000interface system
interface-type point-to-point
exit
interface to-R4interface-type point-to-point
exitinterface toLAN
interface-type point-to-point
exitexit
exit
exit
Exercise 515 How many routes are advertised to each neighbor
There are no routes advertised to the neighbors because BGP does not originateroutes until an export policy is created and applied to the BGP instance
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4852
48
8 How many routes are in the routing table of R1-R4
There is 1 BGP route in each of R1-R4s routing tables matching the best path tothe aggregate advertised by the remote ISPs
9 Which devices were reachable
From the PE routers only the P routers in the local ISP were reachable
Which devices were not reachable
All routers in the remote ISP were still unreachable This is due to the local PE router
not participating in the BGP routing protocol and therefore it is not aware of theaggregate route advertised from P to P router
Sample Relevant Router Config
--------------------------------------------------
echo Static Route Configuration
--------------------------------------------------
static-route 140100024 black-hole--------------------------------------------------
echo Policy Configuration
-------------------------------------------------- policy-options
begin
policy-statement Export_Routes
entry 10
from protocol static
exit
action accept
exit
exit
exit
commitexit
--------------------------------------------------
echo BGP Configuration
--------------------------------------------------
bgpgroup eBGP
export Export_Routes
exit
group ebgpneighbor 1601006
peer-as 65002
exit
exitgroup ibgp
neighbor 1401002
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4952
49
peer-as 65001
exit
exit
exit
exit
Exercise 61Part 4 Verification
1 a How many PUSH actions on the P PE and CE devices
There are 7 PUSH operations on each P and PE device There are no PUSHoperations on the CE as it is not running LDP
b How many SWAP actions on the P PE and CE devices
There are 7 SWAP operations on each P and PE device There are no SWAP
operations on the CE as it is not running LDP
c How many POP actions on the P PE and CE devices
There is 1 POP operation on each P and PE device There are no POP operationson the CE device as it is not running LDP
2
a How many OSPF adjacencies are there on your CE device
None
b Ping the other CE devices in the network (ping 1921681x)
Nothing is reachable because there is no layer 2 connectivity from CE to CE
device without creating a service
Exercise 62 3 Were you successful at adding the SAP
No The port must be in access mode before you can create a SAP on it
Part 2 Verification
1
g How many Ingress labels
There are now 3 Ingress labels on the PE devices The P and CE device has no
service labels
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5052
50
h How many SWAP actions
There are now 3 Egress labels on the PE devices The P and CE device has noservice labels
2
a
How many OSPF adjacencies are there on your CE device3
b Are you able to ping the other CE devices in the lab
YES
c Are you able to ping the system IP address of the P device from the CE
device
NO The O and PE devices are private from the service to which the CEdevices are connected on
3
a How many services are there on each device in your POD
1 per PE only
b What is their status
Operationally UP
d On each PE device we can see the MAC database per service using the
following command
iii How many local MAC addresses are in your table
1
iv How many remote MAC addresses are in your table
3
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
i How many OSPF adjacencies are there on your CE device
1
ii Ping the system IP addresses of all other CE devices in the lab
Only the CE device connected to the diagonally connected PE isreachable because it is the only one with an active SDP in both
directionsf
i How many labels are there
Same as before
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5152
51
ii Is there any difference compared to what was seen in previously
in step a
NO The LSPs created with LDP are still active only the SDP usedto bind the LSPs to the service are shut down therefore no labelswill be withdrawn
Sample PE Relevant Configuration
--------------------------------------------------echo LDP Configuration
--------------------------------------------------
ldpinterface-parameters
interface to-R1
exit
interface to-R6
exit
interface to-R5exit
exit
targeted-session
exit
exitexit
--------------------------------------------------
echo Service Configuration
--------------------------------------------------
service
customer 1 createdescription Default customer
exit
sdp 6 mpls createfar-end 1401006
ldp
keep-alive
shutdown
exit
no shutdown
exitsdp 7 mpls create
far-end 1511001
ldp
keep-alive
shutdownexit
no shutdown
exit
sdp 8 mpls create
far-end 15110030
ldpkeep-alive
shutdown
exit
no shutdown
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5252
52
exit
vpls 612 customer 1 create
stp
shutdown
exitsap 112 create
exit
mesh-sdp 6612 create
mesh-sdp 7612 create
mesh-sdp 8612 createexitno shutdown
exit
exit A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3752
Section 62 VPLS Example
Objective
A VPLS is a layer 2 service that can connect multiple sites in one LAN Itrsquos like creatinga virtual Switch out of a network of Service Routers In this lab we will create a VPLSacross all the PE nodes The PE devices will connect to each other with a full mesh using
mesh-sdp Note that after the service reference topology has been configured adding
services from edge to edge does not require any further modification of the P devices
37
Figure 6 VPLS service in each ISP between PE and P routers with SAP connections to CE routers
Part 1 Provider Edge Router Configuration (R5-R8)
1) Create the VPLS service
CE4R12
P1R1P2R2
P3R3P4R4
PE2R6
PE3R7
PE1R5
PE4R8
CE1R9 CE2R10
CE3R11
VPLS 1
Formatted Font Bold
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3852
38
XXXgtconf i gur e servi ce vpl s 1 cust omer 1 cr eat e crarr
XXXgtconf i ggtser vi cegtvpl s$ no shut down crarr
2) SDPs are used to distribute services across multiple service routers and therefore
bind a transport tunnel to the service You will need to create a mesh-sdp between
each PE router (R5-R8) to allow full communication across the PE routers Each PE
router should have 3 mesh-SDPs at the conclusion of this step Note that a mesh-sdp
will not forward a frame out another mesh-sdp allowing for a loop free service
topology within the core
XXXgtconf i gur e ser vi ce vpl s 1 mesh- sdp x create crarr
XXXgtconf i ggtser vi cegtvpl sgtmesh- sdp$ back crarr
Where x is the sdp to the other PE routers (R5=5 R6=6 R7=7 R8=8)
3) Service Access Points are used to attach CE devices to services on PE devices
XXXgtconf i gur e servi ce vpl s 1 sap X Y Z cr eat e crarr
Where XYZ is the physical port connecting the CE device to the PE
a Were you successful at adding the SAP _______
b Explain
_______________________________________________________________
_______________________________________________________________
c Correct the problem
XXXgtconf i gur e port X Y Z shut down crarr
XXXgtconf i gur e por t X Y Z et her net mode access crarr
XXXgtconf i gur e por t X Y X no shut down crarr
Part2 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
a View the in-use Service LDP bindings on the P and PE routers (U after label
indicates in-use)
XXX show r out er l dp bi ndi ngs f ec- t ype ser vi ces crarr
a How many Ingress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3952
39
b How many Egress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
b Network Connectivity
a How many OSPF adjacencies are there on your CE device _____
b
Are you able to ping the other CE devices in the lab _____c Are you able to ping the system IP address of the P device from the CE
device ____
d Explain the results
_______________________________________________________________
_______________________________________________________________
c Services Use the following command to determine the health of your services
XXXgt show ser vi ce servi ce- usi ng crarr
a How many services are there on each device in your POD ______
b
What is their status ______c Use the following command to find out more information about your service
XXXgt show ser vi ce i d 1 base crarr
d On each PE device we can see the MAC database per service using the
following command
XXXgt show ser vi ce i d 1 f db det ai l crarr
i How many local MAC addresses are in your table ____
ii How many remote MAC addresses are in your table ____
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
XXXgtconf i gur e servi ce sdp x shutdown crarr
Where x is the SDP to the remote PE device (R5=5 R6=6 R7=7 R8=8)
i How many OSPF adjacencies are there on your CE device _____
ii Ping the system IP addresses of all other CE devices in the lab
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4052
40
iii Explain the results
_________________________________________________________
_________________________________________________________
f On the P routers observe the impact of step d
XXXgtshow r out er l dp bi ndi ngs act i ve crarr
i
How many labels are there _____________
ii Is there any difference compared to what was seen in previously in
step a ________________
Explain __________________________________________________________________
__________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4152
41
Solutions
Exercise 13 Hardware
Sample Relevant Config--------------------------------------------------
echo Card Configuration--------------------------------------------------
card 1card-type iom-20g
mda 1
mda-type m60-10100eth-tx
ingress
mcast-path-managementshutdown
exit
exit
exit
exit
--------------------------------------------------
Exercise 14 Logs
Sample Relevant Config--------------------------------------------------echo Log Configuration
--------------------------------------------------
log
log-id 21
description Main stream log
from main
to memoryexit
log-id 22
description Security Log File
from security
to memoryexitlog-id 23
description Debug-trace
from debug-trace
to memoryexit
log-id 24
description Change Log
from change
to memoryexit
exit
Exercise 21
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4252
42
Divide up the ISP address space into equal space 512 host addresses
13812016022
13812020022
13812024022
13812028022 - divide into 13812028023 and 13812030023
Take the last 13812030023 and divide that into
13812030027 A1 30 hosts
138120303227 A2 62 hosts
138120306427
138120309627 B1 92 hosts
1381203012826
1381203019226 B2 316 hosts
13812031024
Exercise 22
Divide 140100024 into 827 address spaces
140100027 Reserved Reserved
1401003227 Unused
1401006427 Unused
1401009627 Split 1401009630
14010010030
14010010430
14010010830
14010011230
14010011630
14010012030
14010012430
All interface addresses
14010012827 Aggregate 14010012826 Assigned to Customer
space
14010016027
14010019227 Aggregate 14010019226 Assigned to customer
space
14010022427
Exercise 23
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4352
43
5 Is there a difference between the outputs of the lsquoshow router interfacersquo command
and the lsquoshow router route-tablersquo command What is the difference
Yes there is a difference The route table shows me the networks that are connected to myrouter and the logical interface it is connected to The router interface command shows
me the host address assigned to the port from the network that is used on my router along
with the physical port it is bound to
Relevant Configuration from P1
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
router
interface system
address 140100132
exit
interface t-R2exit
interface to-R2
address 140100530
port 112exit
interface to-R3
address 14010010930
port 113
exitinterface to-R5
address 14010011830
port 111
exit
exit
Exercise 244 How many ARP entries are on each router at this point
There are no ARP entries in my ARP table at this point The routers do not know how to
reach the system addresses of other routers so no ARP responses are received
5 How many ARP entries are on each router at this point
I see entries for each of my directly connected peers The MAC address belongs to the
remote routerrsquos interface ARP entries are populated because all routers know of theirdirectly connected networks and will respond to ARP requests accordingly
Exercise 31
5 View the contents of the routing table and answer the following questions
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4452
44
a How many routes in the table
There are routes for all my connected networks and an additional STATIC routefor each entry I put in
b What is the preference and metric value of each type of routing entry
The LOCAL entries have a Metric and Preference of 0The Static Routes have a Metric of 1 and a Preference of 5
Exercise 323 How many routes are there in the PPE routerrsquos routing table
Even though I entered 4 static routes total on the router only 2 are active in myrouting table The router preferred the static-route with the lowest metric
4 Which devices were reachable
I was able to ping the CE routers
Which devices were not reachable
I was unable to ping the System addresses of routers 2 hops away as they do not have
routes to the remote CE system address in their table The directly attached PE routerhas a staticroute to the local CE system address from a previous step
What is the PATH to the other CE within your local ISP
CE PE PE CE
5
Shut down the link directly between the PE devices
Which Devices are still reachable
I am still able to PING the other CE in my ISP by using the alternate (floating) static-route that replaced the last route Once a interface goes operationally down routers
flush routes from their routing table that use it as their next-hop
Exercise 33
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4552
45
YES While the filter is created it is not applied to any interface yet
11 From the PE ping the attached CErsquos configured host loopback address
SuccessfulYES
12 From the CE ping the attached PErsquos system IP addresses
Successful NO The filter is blocking icmp echo-requests in only one direction therefore ping
works one way but not the other
17 From the PE ping the attached CErsquos loopback host IP address
Successful
YES ICMP echo-requests are not blocked to the Loopback segment ONLY thesystem IP
18 From the CE ping the attached PErsquos system IP address
Successful
NO The filter is now blocking ICMP echo-requests to both CE and PE systemaddresses
Sample PE Relevant Config
--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forwarddescription Block ICMP to System Address
entry 10 create
match protocol icmpdst-ip 1511003032
icmp-type echo-request
exit
action drop
exit
exitexit
--------------------------------------------------
echo Router (Network Side) Configuration
--------------------------------------------------
interface to-R12
address 15110012630 port 112
ingress filter ip 77
exit
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4652
46
Sample CE Relevant Config--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forward
description Block ICMP to System Addy
entry 10 creatematch protocol icmp
dst-ip 1511003132
icmp-type echo-request
exit
action dropexit
exit
exit
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
interface to-R8
address 15110012530
port 112ingress filter ip 77
exit
Exercise 413
c How many routes in the table
There are 5 OSPF routes in my routing table 3 System Addresses and 2 Intefacenetworks that are not directly connected to my local system
d What is the preference and metric value of each OSPF Route
The OSPF routes vary in metric depending how ldquofarrdquo away they are (OSPF usescumulative cost based on bandwidth) but all have a preference of 10
4c How many neighbors do you see on the P devices 2
PE 2
CE 0
d What is the state of their adjacency
The P and PE adjacencies are Established because there is a OSPF speaker on the
other end with the proper parameters configured
There is no OSPF adjacency to the CE router listed as none was configured
e What type of LSAs are in the database
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4752
47
Only Type 1 Router LSA are present due to the interface being configured as point-
to-point
5 Which devices were reachable
All the devices in the local ISP were now reachable
Which devices were not reachable
The devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs Also none of the CE Host Networks were reachable as therouters did not have routes for these networks in their local routing table
6 Which devices were reachable
All networks and devices in the local ISP are now reachable
Which devices were not reachable
Devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs
Sample Relevant Config
--------------------------------------------------
echo OSPFv2 Configuration
--------------------------------------------------
ospf
area 0000interface system
interface-type point-to-point
exit
interface to-R4interface-type point-to-point
exitinterface toLAN
interface-type point-to-point
exitexit
exit
exit
Exercise 515 How many routes are advertised to each neighbor
There are no routes advertised to the neighbors because BGP does not originateroutes until an export policy is created and applied to the BGP instance
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4852
48
8 How many routes are in the routing table of R1-R4
There is 1 BGP route in each of R1-R4s routing tables matching the best path tothe aggregate advertised by the remote ISPs
9 Which devices were reachable
From the PE routers only the P routers in the local ISP were reachable
Which devices were not reachable
All routers in the remote ISP were still unreachable This is due to the local PE router
not participating in the BGP routing protocol and therefore it is not aware of theaggregate route advertised from P to P router
Sample Relevant Router Config
--------------------------------------------------
echo Static Route Configuration
--------------------------------------------------
static-route 140100024 black-hole--------------------------------------------------
echo Policy Configuration
-------------------------------------------------- policy-options
begin
policy-statement Export_Routes
entry 10
from protocol static
exit
action accept
exit
exit
exit
commitexit
--------------------------------------------------
echo BGP Configuration
--------------------------------------------------
bgpgroup eBGP
export Export_Routes
exit
group ebgpneighbor 1601006
peer-as 65002
exit
exitgroup ibgp
neighbor 1401002
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4952
49
peer-as 65001
exit
exit
exit
exit
Exercise 61Part 4 Verification
1 a How many PUSH actions on the P PE and CE devices
There are 7 PUSH operations on each P and PE device There are no PUSHoperations on the CE as it is not running LDP
b How many SWAP actions on the P PE and CE devices
There are 7 SWAP operations on each P and PE device There are no SWAP
operations on the CE as it is not running LDP
c How many POP actions on the P PE and CE devices
There is 1 POP operation on each P and PE device There are no POP operationson the CE device as it is not running LDP
2
a How many OSPF adjacencies are there on your CE device
None
b Ping the other CE devices in the network (ping 1921681x)
Nothing is reachable because there is no layer 2 connectivity from CE to CE
device without creating a service
Exercise 62 3 Were you successful at adding the SAP
No The port must be in access mode before you can create a SAP on it
Part 2 Verification
1
g How many Ingress labels
There are now 3 Ingress labels on the PE devices The P and CE device has no
service labels
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5052
50
h How many SWAP actions
There are now 3 Egress labels on the PE devices The P and CE device has noservice labels
2
a
How many OSPF adjacencies are there on your CE device3
b Are you able to ping the other CE devices in the lab
YES
c Are you able to ping the system IP address of the P device from the CE
device
NO The O and PE devices are private from the service to which the CEdevices are connected on
3
a How many services are there on each device in your POD
1 per PE only
b What is their status
Operationally UP
d On each PE device we can see the MAC database per service using the
following command
iii How many local MAC addresses are in your table
1
iv How many remote MAC addresses are in your table
3
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
i How many OSPF adjacencies are there on your CE device
1
ii Ping the system IP addresses of all other CE devices in the lab
Only the CE device connected to the diagonally connected PE isreachable because it is the only one with an active SDP in both
directionsf
i How many labels are there
Same as before
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5152
51
ii Is there any difference compared to what was seen in previously
in step a
NO The LSPs created with LDP are still active only the SDP usedto bind the LSPs to the service are shut down therefore no labelswill be withdrawn
Sample PE Relevant Configuration
--------------------------------------------------echo LDP Configuration
--------------------------------------------------
ldpinterface-parameters
interface to-R1
exit
interface to-R6
exit
interface to-R5exit
exit
targeted-session
exit
exitexit
--------------------------------------------------
echo Service Configuration
--------------------------------------------------
service
customer 1 createdescription Default customer
exit
sdp 6 mpls createfar-end 1401006
ldp
keep-alive
shutdown
exit
no shutdown
exitsdp 7 mpls create
far-end 1511001
ldp
keep-alive
shutdownexit
no shutdown
exit
sdp 8 mpls create
far-end 15110030
ldpkeep-alive
shutdown
exit
no shutdown
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5252
52
exit
vpls 612 customer 1 create
stp
shutdown
exitsap 112 create
exit
mesh-sdp 6612 create
mesh-sdp 7612 create
mesh-sdp 8612 createexitno shutdown
exit
exit A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3852
38
XXXgtconf i gur e servi ce vpl s 1 cust omer 1 cr eat e crarr
XXXgtconf i ggtser vi cegtvpl s$ no shut down crarr
2) SDPs are used to distribute services across multiple service routers and therefore
bind a transport tunnel to the service You will need to create a mesh-sdp between
each PE router (R5-R8) to allow full communication across the PE routers Each PE
router should have 3 mesh-SDPs at the conclusion of this step Note that a mesh-sdp
will not forward a frame out another mesh-sdp allowing for a loop free service
topology within the core
XXXgtconf i gur e ser vi ce vpl s 1 mesh- sdp x create crarr
XXXgtconf i ggtser vi cegtvpl sgtmesh- sdp$ back crarr
Where x is the sdp to the other PE routers (R5=5 R6=6 R7=7 R8=8)
3) Service Access Points are used to attach CE devices to services on PE devices
XXXgtconf i gur e servi ce vpl s 1 sap X Y Z cr eat e crarr
Where XYZ is the physical port connecting the CE device to the PE
a Were you successful at adding the SAP _______
b Explain
_______________________________________________________________
_______________________________________________________________
c Correct the problem
XXXgtconf i gur e port X Y Z shut down crarr
XXXgtconf i gur e por t X Y Z et her net mode access crarr
XXXgtconf i gur e por t X Y X no shut down crarr
Part2 Verification
NOTE Wait till your peer nodes are also at this step before proceeding
a View the in-use Service LDP bindings on the P and PE routers (U after label
indicates in-use)
XXX show r out er l dp bi ndi ngs f ec- t ype ser vi ces crarr
a How many Ingress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3952
39
b How many Egress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
b Network Connectivity
a How many OSPF adjacencies are there on your CE device _____
b
Are you able to ping the other CE devices in the lab _____c Are you able to ping the system IP address of the P device from the CE
device ____
d Explain the results
_______________________________________________________________
_______________________________________________________________
c Services Use the following command to determine the health of your services
XXXgt show ser vi ce servi ce- usi ng crarr
a How many services are there on each device in your POD ______
b
What is their status ______c Use the following command to find out more information about your service
XXXgt show ser vi ce i d 1 base crarr
d On each PE device we can see the MAC database per service using the
following command
XXXgt show ser vi ce i d 1 f db det ai l crarr
i How many local MAC addresses are in your table ____
ii How many remote MAC addresses are in your table ____
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
XXXgtconf i gur e servi ce sdp x shutdown crarr
Where x is the SDP to the remote PE device (R5=5 R6=6 R7=7 R8=8)
i How many OSPF adjacencies are there on your CE device _____
ii Ping the system IP addresses of all other CE devices in the lab
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4052
40
iii Explain the results
_________________________________________________________
_________________________________________________________
f On the P routers observe the impact of step d
XXXgtshow r out er l dp bi ndi ngs act i ve crarr
i
How many labels are there _____________
ii Is there any difference compared to what was seen in previously in
step a ________________
Explain __________________________________________________________________
__________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4152
41
Solutions
Exercise 13 Hardware
Sample Relevant Config--------------------------------------------------
echo Card Configuration--------------------------------------------------
card 1card-type iom-20g
mda 1
mda-type m60-10100eth-tx
ingress
mcast-path-managementshutdown
exit
exit
exit
exit
--------------------------------------------------
Exercise 14 Logs
Sample Relevant Config--------------------------------------------------echo Log Configuration
--------------------------------------------------
log
log-id 21
description Main stream log
from main
to memoryexit
log-id 22
description Security Log File
from security
to memoryexitlog-id 23
description Debug-trace
from debug-trace
to memoryexit
log-id 24
description Change Log
from change
to memoryexit
exit
Exercise 21
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4252
42
Divide up the ISP address space into equal space 512 host addresses
13812016022
13812020022
13812024022
13812028022 - divide into 13812028023 and 13812030023
Take the last 13812030023 and divide that into
13812030027 A1 30 hosts
138120303227 A2 62 hosts
138120306427
138120309627 B1 92 hosts
1381203012826
1381203019226 B2 316 hosts
13812031024
Exercise 22
Divide 140100024 into 827 address spaces
140100027 Reserved Reserved
1401003227 Unused
1401006427 Unused
1401009627 Split 1401009630
14010010030
14010010430
14010010830
14010011230
14010011630
14010012030
14010012430
All interface addresses
14010012827 Aggregate 14010012826 Assigned to Customer
space
14010016027
14010019227 Aggregate 14010019226 Assigned to customer
space
14010022427
Exercise 23
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4352
43
5 Is there a difference between the outputs of the lsquoshow router interfacersquo command
and the lsquoshow router route-tablersquo command What is the difference
Yes there is a difference The route table shows me the networks that are connected to myrouter and the logical interface it is connected to The router interface command shows
me the host address assigned to the port from the network that is used on my router along
with the physical port it is bound to
Relevant Configuration from P1
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
router
interface system
address 140100132
exit
interface t-R2exit
interface to-R2
address 140100530
port 112exit
interface to-R3
address 14010010930
port 113
exitinterface to-R5
address 14010011830
port 111
exit
exit
Exercise 244 How many ARP entries are on each router at this point
There are no ARP entries in my ARP table at this point The routers do not know how to
reach the system addresses of other routers so no ARP responses are received
5 How many ARP entries are on each router at this point
I see entries for each of my directly connected peers The MAC address belongs to the
remote routerrsquos interface ARP entries are populated because all routers know of theirdirectly connected networks and will respond to ARP requests accordingly
Exercise 31
5 View the contents of the routing table and answer the following questions
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4452
44
a How many routes in the table
There are routes for all my connected networks and an additional STATIC routefor each entry I put in
b What is the preference and metric value of each type of routing entry
The LOCAL entries have a Metric and Preference of 0The Static Routes have a Metric of 1 and a Preference of 5
Exercise 323 How many routes are there in the PPE routerrsquos routing table
Even though I entered 4 static routes total on the router only 2 are active in myrouting table The router preferred the static-route with the lowest metric
4 Which devices were reachable
I was able to ping the CE routers
Which devices were not reachable
I was unable to ping the System addresses of routers 2 hops away as they do not have
routes to the remote CE system address in their table The directly attached PE routerhas a staticroute to the local CE system address from a previous step
What is the PATH to the other CE within your local ISP
CE PE PE CE
5
Shut down the link directly between the PE devices
Which Devices are still reachable
I am still able to PING the other CE in my ISP by using the alternate (floating) static-route that replaced the last route Once a interface goes operationally down routers
flush routes from their routing table that use it as their next-hop
Exercise 33
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4552
45
YES While the filter is created it is not applied to any interface yet
11 From the PE ping the attached CErsquos configured host loopback address
SuccessfulYES
12 From the CE ping the attached PErsquos system IP addresses
Successful NO The filter is blocking icmp echo-requests in only one direction therefore ping
works one way but not the other
17 From the PE ping the attached CErsquos loopback host IP address
Successful
YES ICMP echo-requests are not blocked to the Loopback segment ONLY thesystem IP
18 From the CE ping the attached PErsquos system IP address
Successful
NO The filter is now blocking ICMP echo-requests to both CE and PE systemaddresses
Sample PE Relevant Config
--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forwarddescription Block ICMP to System Address
entry 10 create
match protocol icmpdst-ip 1511003032
icmp-type echo-request
exit
action drop
exit
exitexit
--------------------------------------------------
echo Router (Network Side) Configuration
--------------------------------------------------
interface to-R12
address 15110012630 port 112
ingress filter ip 77
exit
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4652
46
Sample CE Relevant Config--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forward
description Block ICMP to System Addy
entry 10 creatematch protocol icmp
dst-ip 1511003132
icmp-type echo-request
exit
action dropexit
exit
exit
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
interface to-R8
address 15110012530
port 112ingress filter ip 77
exit
Exercise 413
c How many routes in the table
There are 5 OSPF routes in my routing table 3 System Addresses and 2 Intefacenetworks that are not directly connected to my local system
d What is the preference and metric value of each OSPF Route
The OSPF routes vary in metric depending how ldquofarrdquo away they are (OSPF usescumulative cost based on bandwidth) but all have a preference of 10
4c How many neighbors do you see on the P devices 2
PE 2
CE 0
d What is the state of their adjacency
The P and PE adjacencies are Established because there is a OSPF speaker on the
other end with the proper parameters configured
There is no OSPF adjacency to the CE router listed as none was configured
e What type of LSAs are in the database
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4752
47
Only Type 1 Router LSA are present due to the interface being configured as point-
to-point
5 Which devices were reachable
All the devices in the local ISP were now reachable
Which devices were not reachable
The devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs Also none of the CE Host Networks were reachable as therouters did not have routes for these networks in their local routing table
6 Which devices were reachable
All networks and devices in the local ISP are now reachable
Which devices were not reachable
Devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs
Sample Relevant Config
--------------------------------------------------
echo OSPFv2 Configuration
--------------------------------------------------
ospf
area 0000interface system
interface-type point-to-point
exit
interface to-R4interface-type point-to-point
exitinterface toLAN
interface-type point-to-point
exitexit
exit
exit
Exercise 515 How many routes are advertised to each neighbor
There are no routes advertised to the neighbors because BGP does not originateroutes until an export policy is created and applied to the BGP instance
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4852
48
8 How many routes are in the routing table of R1-R4
There is 1 BGP route in each of R1-R4s routing tables matching the best path tothe aggregate advertised by the remote ISPs
9 Which devices were reachable
From the PE routers only the P routers in the local ISP were reachable
Which devices were not reachable
All routers in the remote ISP were still unreachable This is due to the local PE router
not participating in the BGP routing protocol and therefore it is not aware of theaggregate route advertised from P to P router
Sample Relevant Router Config
--------------------------------------------------
echo Static Route Configuration
--------------------------------------------------
static-route 140100024 black-hole--------------------------------------------------
echo Policy Configuration
-------------------------------------------------- policy-options
begin
policy-statement Export_Routes
entry 10
from protocol static
exit
action accept
exit
exit
exit
commitexit
--------------------------------------------------
echo BGP Configuration
--------------------------------------------------
bgpgroup eBGP
export Export_Routes
exit
group ebgpneighbor 1601006
peer-as 65002
exit
exitgroup ibgp
neighbor 1401002
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4952
49
peer-as 65001
exit
exit
exit
exit
Exercise 61Part 4 Verification
1 a How many PUSH actions on the P PE and CE devices
There are 7 PUSH operations on each P and PE device There are no PUSHoperations on the CE as it is not running LDP
b How many SWAP actions on the P PE and CE devices
There are 7 SWAP operations on each P and PE device There are no SWAP
operations on the CE as it is not running LDP
c How many POP actions on the P PE and CE devices
There is 1 POP operation on each P and PE device There are no POP operationson the CE device as it is not running LDP
2
a How many OSPF adjacencies are there on your CE device
None
b Ping the other CE devices in the network (ping 1921681x)
Nothing is reachable because there is no layer 2 connectivity from CE to CE
device without creating a service
Exercise 62 3 Were you successful at adding the SAP
No The port must be in access mode before you can create a SAP on it
Part 2 Verification
1
g How many Ingress labels
There are now 3 Ingress labels on the PE devices The P and CE device has no
service labels
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5052
50
h How many SWAP actions
There are now 3 Egress labels on the PE devices The P and CE device has noservice labels
2
a
How many OSPF adjacencies are there on your CE device3
b Are you able to ping the other CE devices in the lab
YES
c Are you able to ping the system IP address of the P device from the CE
device
NO The O and PE devices are private from the service to which the CEdevices are connected on
3
a How many services are there on each device in your POD
1 per PE only
b What is their status
Operationally UP
d On each PE device we can see the MAC database per service using the
following command
iii How many local MAC addresses are in your table
1
iv How many remote MAC addresses are in your table
3
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
i How many OSPF adjacencies are there on your CE device
1
ii Ping the system IP addresses of all other CE devices in the lab
Only the CE device connected to the diagonally connected PE isreachable because it is the only one with an active SDP in both
directionsf
i How many labels are there
Same as before
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5152
51
ii Is there any difference compared to what was seen in previously
in step a
NO The LSPs created with LDP are still active only the SDP usedto bind the LSPs to the service are shut down therefore no labelswill be withdrawn
Sample PE Relevant Configuration
--------------------------------------------------echo LDP Configuration
--------------------------------------------------
ldpinterface-parameters
interface to-R1
exit
interface to-R6
exit
interface to-R5exit
exit
targeted-session
exit
exitexit
--------------------------------------------------
echo Service Configuration
--------------------------------------------------
service
customer 1 createdescription Default customer
exit
sdp 6 mpls createfar-end 1401006
ldp
keep-alive
shutdown
exit
no shutdown
exitsdp 7 mpls create
far-end 1511001
ldp
keep-alive
shutdownexit
no shutdown
exit
sdp 8 mpls create
far-end 15110030
ldpkeep-alive
shutdown
exit
no shutdown
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5252
52
exit
vpls 612 customer 1 create
stp
shutdown
exitsap 112 create
exit
mesh-sdp 6612 create
mesh-sdp 7612 create
mesh-sdp 8612 createexitno shutdown
exit
exit A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 3952
39
b How many Egress Labels on PE ___ P ___ Why
_______________________________________________________________
_______________________________________________________________
b Network Connectivity
a How many OSPF adjacencies are there on your CE device _____
b
Are you able to ping the other CE devices in the lab _____c Are you able to ping the system IP address of the P device from the CE
device ____
d Explain the results
_______________________________________________________________
_______________________________________________________________
c Services Use the following command to determine the health of your services
XXXgt show ser vi ce servi ce- usi ng crarr
a How many services are there on each device in your POD ______
b
What is their status ______c Use the following command to find out more information about your service
XXXgt show ser vi ce i d 1 base crarr
d On each PE device we can see the MAC database per service using the
following command
XXXgt show ser vi ce i d 1 f db det ai l crarr
i How many local MAC addresses are in your table ____
ii How many remote MAC addresses are in your table ____
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
XXXgtconf i gur e servi ce sdp x shutdown crarr
Where x is the SDP to the remote PE device (R5=5 R6=6 R7=7 R8=8)
i How many OSPF adjacencies are there on your CE device _____
ii Ping the system IP addresses of all other CE devices in the lab
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4052
40
iii Explain the results
_________________________________________________________
_________________________________________________________
f On the P routers observe the impact of step d
XXXgtshow r out er l dp bi ndi ngs act i ve crarr
i
How many labels are there _____________
ii Is there any difference compared to what was seen in previously in
step a ________________
Explain __________________________________________________________________
__________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4152
41
Solutions
Exercise 13 Hardware
Sample Relevant Config--------------------------------------------------
echo Card Configuration--------------------------------------------------
card 1card-type iom-20g
mda 1
mda-type m60-10100eth-tx
ingress
mcast-path-managementshutdown
exit
exit
exit
exit
--------------------------------------------------
Exercise 14 Logs
Sample Relevant Config--------------------------------------------------echo Log Configuration
--------------------------------------------------
log
log-id 21
description Main stream log
from main
to memoryexit
log-id 22
description Security Log File
from security
to memoryexitlog-id 23
description Debug-trace
from debug-trace
to memoryexit
log-id 24
description Change Log
from change
to memoryexit
exit
Exercise 21
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4252
42
Divide up the ISP address space into equal space 512 host addresses
13812016022
13812020022
13812024022
13812028022 - divide into 13812028023 and 13812030023
Take the last 13812030023 and divide that into
13812030027 A1 30 hosts
138120303227 A2 62 hosts
138120306427
138120309627 B1 92 hosts
1381203012826
1381203019226 B2 316 hosts
13812031024
Exercise 22
Divide 140100024 into 827 address spaces
140100027 Reserved Reserved
1401003227 Unused
1401006427 Unused
1401009627 Split 1401009630
14010010030
14010010430
14010010830
14010011230
14010011630
14010012030
14010012430
All interface addresses
14010012827 Aggregate 14010012826 Assigned to Customer
space
14010016027
14010019227 Aggregate 14010019226 Assigned to customer
space
14010022427
Exercise 23
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4352
43
5 Is there a difference between the outputs of the lsquoshow router interfacersquo command
and the lsquoshow router route-tablersquo command What is the difference
Yes there is a difference The route table shows me the networks that are connected to myrouter and the logical interface it is connected to The router interface command shows
me the host address assigned to the port from the network that is used on my router along
with the physical port it is bound to
Relevant Configuration from P1
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
router
interface system
address 140100132
exit
interface t-R2exit
interface to-R2
address 140100530
port 112exit
interface to-R3
address 14010010930
port 113
exitinterface to-R5
address 14010011830
port 111
exit
exit
Exercise 244 How many ARP entries are on each router at this point
There are no ARP entries in my ARP table at this point The routers do not know how to
reach the system addresses of other routers so no ARP responses are received
5 How many ARP entries are on each router at this point
I see entries for each of my directly connected peers The MAC address belongs to the
remote routerrsquos interface ARP entries are populated because all routers know of theirdirectly connected networks and will respond to ARP requests accordingly
Exercise 31
5 View the contents of the routing table and answer the following questions
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4452
44
a How many routes in the table
There are routes for all my connected networks and an additional STATIC routefor each entry I put in
b What is the preference and metric value of each type of routing entry
The LOCAL entries have a Metric and Preference of 0The Static Routes have a Metric of 1 and a Preference of 5
Exercise 323 How many routes are there in the PPE routerrsquos routing table
Even though I entered 4 static routes total on the router only 2 are active in myrouting table The router preferred the static-route with the lowest metric
4 Which devices were reachable
I was able to ping the CE routers
Which devices were not reachable
I was unable to ping the System addresses of routers 2 hops away as they do not have
routes to the remote CE system address in their table The directly attached PE routerhas a staticroute to the local CE system address from a previous step
What is the PATH to the other CE within your local ISP
CE PE PE CE
5
Shut down the link directly between the PE devices
Which Devices are still reachable
I am still able to PING the other CE in my ISP by using the alternate (floating) static-route that replaced the last route Once a interface goes operationally down routers
flush routes from their routing table that use it as their next-hop
Exercise 33
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4552
45
YES While the filter is created it is not applied to any interface yet
11 From the PE ping the attached CErsquos configured host loopback address
SuccessfulYES
12 From the CE ping the attached PErsquos system IP addresses
Successful NO The filter is blocking icmp echo-requests in only one direction therefore ping
works one way but not the other
17 From the PE ping the attached CErsquos loopback host IP address
Successful
YES ICMP echo-requests are not blocked to the Loopback segment ONLY thesystem IP
18 From the CE ping the attached PErsquos system IP address
Successful
NO The filter is now blocking ICMP echo-requests to both CE and PE systemaddresses
Sample PE Relevant Config
--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forwarddescription Block ICMP to System Address
entry 10 create
match protocol icmpdst-ip 1511003032
icmp-type echo-request
exit
action drop
exit
exitexit
--------------------------------------------------
echo Router (Network Side) Configuration
--------------------------------------------------
interface to-R12
address 15110012630 port 112
ingress filter ip 77
exit
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4652
46
Sample CE Relevant Config--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forward
description Block ICMP to System Addy
entry 10 creatematch protocol icmp
dst-ip 1511003132
icmp-type echo-request
exit
action dropexit
exit
exit
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
interface to-R8
address 15110012530
port 112ingress filter ip 77
exit
Exercise 413
c How many routes in the table
There are 5 OSPF routes in my routing table 3 System Addresses and 2 Intefacenetworks that are not directly connected to my local system
d What is the preference and metric value of each OSPF Route
The OSPF routes vary in metric depending how ldquofarrdquo away they are (OSPF usescumulative cost based on bandwidth) but all have a preference of 10
4c How many neighbors do you see on the P devices 2
PE 2
CE 0
d What is the state of their adjacency
The P and PE adjacencies are Established because there is a OSPF speaker on the
other end with the proper parameters configured
There is no OSPF adjacency to the CE router listed as none was configured
e What type of LSAs are in the database
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4752
47
Only Type 1 Router LSA are present due to the interface being configured as point-
to-point
5 Which devices were reachable
All the devices in the local ISP were now reachable
Which devices were not reachable
The devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs Also none of the CE Host Networks were reachable as therouters did not have routes for these networks in their local routing table
6 Which devices were reachable
All networks and devices in the local ISP are now reachable
Which devices were not reachable
Devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs
Sample Relevant Config
--------------------------------------------------
echo OSPFv2 Configuration
--------------------------------------------------
ospf
area 0000interface system
interface-type point-to-point
exit
interface to-R4interface-type point-to-point
exitinterface toLAN
interface-type point-to-point
exitexit
exit
exit
Exercise 515 How many routes are advertised to each neighbor
There are no routes advertised to the neighbors because BGP does not originateroutes until an export policy is created and applied to the BGP instance
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4852
48
8 How many routes are in the routing table of R1-R4
There is 1 BGP route in each of R1-R4s routing tables matching the best path tothe aggregate advertised by the remote ISPs
9 Which devices were reachable
From the PE routers only the P routers in the local ISP were reachable
Which devices were not reachable
All routers in the remote ISP were still unreachable This is due to the local PE router
not participating in the BGP routing protocol and therefore it is not aware of theaggregate route advertised from P to P router
Sample Relevant Router Config
--------------------------------------------------
echo Static Route Configuration
--------------------------------------------------
static-route 140100024 black-hole--------------------------------------------------
echo Policy Configuration
-------------------------------------------------- policy-options
begin
policy-statement Export_Routes
entry 10
from protocol static
exit
action accept
exit
exit
exit
commitexit
--------------------------------------------------
echo BGP Configuration
--------------------------------------------------
bgpgroup eBGP
export Export_Routes
exit
group ebgpneighbor 1601006
peer-as 65002
exit
exitgroup ibgp
neighbor 1401002
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4952
49
peer-as 65001
exit
exit
exit
exit
Exercise 61Part 4 Verification
1 a How many PUSH actions on the P PE and CE devices
There are 7 PUSH operations on each P and PE device There are no PUSHoperations on the CE as it is not running LDP
b How many SWAP actions on the P PE and CE devices
There are 7 SWAP operations on each P and PE device There are no SWAP
operations on the CE as it is not running LDP
c How many POP actions on the P PE and CE devices
There is 1 POP operation on each P and PE device There are no POP operationson the CE device as it is not running LDP
2
a How many OSPF adjacencies are there on your CE device
None
b Ping the other CE devices in the network (ping 1921681x)
Nothing is reachable because there is no layer 2 connectivity from CE to CE
device without creating a service
Exercise 62 3 Were you successful at adding the SAP
No The port must be in access mode before you can create a SAP on it
Part 2 Verification
1
g How many Ingress labels
There are now 3 Ingress labels on the PE devices The P and CE device has no
service labels
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5052
50
h How many SWAP actions
There are now 3 Egress labels on the PE devices The P and CE device has noservice labels
2
a
How many OSPF adjacencies are there on your CE device3
b Are you able to ping the other CE devices in the lab
YES
c Are you able to ping the system IP address of the P device from the CE
device
NO The O and PE devices are private from the service to which the CEdevices are connected on
3
a How many services are there on each device in your POD
1 per PE only
b What is their status
Operationally UP
d On each PE device we can see the MAC database per service using the
following command
iii How many local MAC addresses are in your table
1
iv How many remote MAC addresses are in your table
3
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
i How many OSPF adjacencies are there on your CE device
1
ii Ping the system IP addresses of all other CE devices in the lab
Only the CE device connected to the diagonally connected PE isreachable because it is the only one with an active SDP in both
directionsf
i How many labels are there
Same as before
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5152
51
ii Is there any difference compared to what was seen in previously
in step a
NO The LSPs created with LDP are still active only the SDP usedto bind the LSPs to the service are shut down therefore no labelswill be withdrawn
Sample PE Relevant Configuration
--------------------------------------------------echo LDP Configuration
--------------------------------------------------
ldpinterface-parameters
interface to-R1
exit
interface to-R6
exit
interface to-R5exit
exit
targeted-session
exit
exitexit
--------------------------------------------------
echo Service Configuration
--------------------------------------------------
service
customer 1 createdescription Default customer
exit
sdp 6 mpls createfar-end 1401006
ldp
keep-alive
shutdown
exit
no shutdown
exitsdp 7 mpls create
far-end 1511001
ldp
keep-alive
shutdownexit
no shutdown
exit
sdp 8 mpls create
far-end 15110030
ldpkeep-alive
shutdown
exit
no shutdown
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5252
52
exit
vpls 612 customer 1 create
stp
shutdown
exitsap 112 create
exit
mesh-sdp 6612 create
mesh-sdp 7612 create
mesh-sdp 8612 createexitno shutdown
exit
exit A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4052
40
iii Explain the results
_________________________________________________________
_________________________________________________________
f On the P routers observe the impact of step d
XXXgtshow r out er l dp bi ndi ngs act i ve crarr
i
How many labels are there _____________
ii Is there any difference compared to what was seen in previously in
step a ________________
Explain __________________________________________________________________
__________________________________________________________________
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4152
41
Solutions
Exercise 13 Hardware
Sample Relevant Config--------------------------------------------------
echo Card Configuration--------------------------------------------------
card 1card-type iom-20g
mda 1
mda-type m60-10100eth-tx
ingress
mcast-path-managementshutdown
exit
exit
exit
exit
--------------------------------------------------
Exercise 14 Logs
Sample Relevant Config--------------------------------------------------echo Log Configuration
--------------------------------------------------
log
log-id 21
description Main stream log
from main
to memoryexit
log-id 22
description Security Log File
from security
to memoryexitlog-id 23
description Debug-trace
from debug-trace
to memoryexit
log-id 24
description Change Log
from change
to memoryexit
exit
Exercise 21
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4252
42
Divide up the ISP address space into equal space 512 host addresses
13812016022
13812020022
13812024022
13812028022 - divide into 13812028023 and 13812030023
Take the last 13812030023 and divide that into
13812030027 A1 30 hosts
138120303227 A2 62 hosts
138120306427
138120309627 B1 92 hosts
1381203012826
1381203019226 B2 316 hosts
13812031024
Exercise 22
Divide 140100024 into 827 address spaces
140100027 Reserved Reserved
1401003227 Unused
1401006427 Unused
1401009627 Split 1401009630
14010010030
14010010430
14010010830
14010011230
14010011630
14010012030
14010012430
All interface addresses
14010012827 Aggregate 14010012826 Assigned to Customer
space
14010016027
14010019227 Aggregate 14010019226 Assigned to customer
space
14010022427
Exercise 23
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4352
43
5 Is there a difference between the outputs of the lsquoshow router interfacersquo command
and the lsquoshow router route-tablersquo command What is the difference
Yes there is a difference The route table shows me the networks that are connected to myrouter and the logical interface it is connected to The router interface command shows
me the host address assigned to the port from the network that is used on my router along
with the physical port it is bound to
Relevant Configuration from P1
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
router
interface system
address 140100132
exit
interface t-R2exit
interface to-R2
address 140100530
port 112exit
interface to-R3
address 14010010930
port 113
exitinterface to-R5
address 14010011830
port 111
exit
exit
Exercise 244 How many ARP entries are on each router at this point
There are no ARP entries in my ARP table at this point The routers do not know how to
reach the system addresses of other routers so no ARP responses are received
5 How many ARP entries are on each router at this point
I see entries for each of my directly connected peers The MAC address belongs to the
remote routerrsquos interface ARP entries are populated because all routers know of theirdirectly connected networks and will respond to ARP requests accordingly
Exercise 31
5 View the contents of the routing table and answer the following questions
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4452
44
a How many routes in the table
There are routes for all my connected networks and an additional STATIC routefor each entry I put in
b What is the preference and metric value of each type of routing entry
The LOCAL entries have a Metric and Preference of 0The Static Routes have a Metric of 1 and a Preference of 5
Exercise 323 How many routes are there in the PPE routerrsquos routing table
Even though I entered 4 static routes total on the router only 2 are active in myrouting table The router preferred the static-route with the lowest metric
4 Which devices were reachable
I was able to ping the CE routers
Which devices were not reachable
I was unable to ping the System addresses of routers 2 hops away as they do not have
routes to the remote CE system address in their table The directly attached PE routerhas a staticroute to the local CE system address from a previous step
What is the PATH to the other CE within your local ISP
CE PE PE CE
5
Shut down the link directly between the PE devices
Which Devices are still reachable
I am still able to PING the other CE in my ISP by using the alternate (floating) static-route that replaced the last route Once a interface goes operationally down routers
flush routes from their routing table that use it as their next-hop
Exercise 33
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4552
45
YES While the filter is created it is not applied to any interface yet
11 From the PE ping the attached CErsquos configured host loopback address
SuccessfulYES
12 From the CE ping the attached PErsquos system IP addresses
Successful NO The filter is blocking icmp echo-requests in only one direction therefore ping
works one way but not the other
17 From the PE ping the attached CErsquos loopback host IP address
Successful
YES ICMP echo-requests are not blocked to the Loopback segment ONLY thesystem IP
18 From the CE ping the attached PErsquos system IP address
Successful
NO The filter is now blocking ICMP echo-requests to both CE and PE systemaddresses
Sample PE Relevant Config
--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forwarddescription Block ICMP to System Address
entry 10 create
match protocol icmpdst-ip 1511003032
icmp-type echo-request
exit
action drop
exit
exitexit
--------------------------------------------------
echo Router (Network Side) Configuration
--------------------------------------------------
interface to-R12
address 15110012630 port 112
ingress filter ip 77
exit
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4652
46
Sample CE Relevant Config--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forward
description Block ICMP to System Addy
entry 10 creatematch protocol icmp
dst-ip 1511003132
icmp-type echo-request
exit
action dropexit
exit
exit
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
interface to-R8
address 15110012530
port 112ingress filter ip 77
exit
Exercise 413
c How many routes in the table
There are 5 OSPF routes in my routing table 3 System Addresses and 2 Intefacenetworks that are not directly connected to my local system
d What is the preference and metric value of each OSPF Route
The OSPF routes vary in metric depending how ldquofarrdquo away they are (OSPF usescumulative cost based on bandwidth) but all have a preference of 10
4c How many neighbors do you see on the P devices 2
PE 2
CE 0
d What is the state of their adjacency
The P and PE adjacencies are Established because there is a OSPF speaker on the
other end with the proper parameters configured
There is no OSPF adjacency to the CE router listed as none was configured
e What type of LSAs are in the database
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4752
47
Only Type 1 Router LSA are present due to the interface being configured as point-
to-point
5 Which devices were reachable
All the devices in the local ISP were now reachable
Which devices were not reachable
The devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs Also none of the CE Host Networks were reachable as therouters did not have routes for these networks in their local routing table
6 Which devices were reachable
All networks and devices in the local ISP are now reachable
Which devices were not reachable
Devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs
Sample Relevant Config
--------------------------------------------------
echo OSPFv2 Configuration
--------------------------------------------------
ospf
area 0000interface system
interface-type point-to-point
exit
interface to-R4interface-type point-to-point
exitinterface toLAN
interface-type point-to-point
exitexit
exit
exit
Exercise 515 How many routes are advertised to each neighbor
There are no routes advertised to the neighbors because BGP does not originateroutes until an export policy is created and applied to the BGP instance
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4852
48
8 How many routes are in the routing table of R1-R4
There is 1 BGP route in each of R1-R4s routing tables matching the best path tothe aggregate advertised by the remote ISPs
9 Which devices were reachable
From the PE routers only the P routers in the local ISP were reachable
Which devices were not reachable
All routers in the remote ISP were still unreachable This is due to the local PE router
not participating in the BGP routing protocol and therefore it is not aware of theaggregate route advertised from P to P router
Sample Relevant Router Config
--------------------------------------------------
echo Static Route Configuration
--------------------------------------------------
static-route 140100024 black-hole--------------------------------------------------
echo Policy Configuration
-------------------------------------------------- policy-options
begin
policy-statement Export_Routes
entry 10
from protocol static
exit
action accept
exit
exit
exit
commitexit
--------------------------------------------------
echo BGP Configuration
--------------------------------------------------
bgpgroup eBGP
export Export_Routes
exit
group ebgpneighbor 1601006
peer-as 65002
exit
exitgroup ibgp
neighbor 1401002
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4952
49
peer-as 65001
exit
exit
exit
exit
Exercise 61Part 4 Verification
1 a How many PUSH actions on the P PE and CE devices
There are 7 PUSH operations on each P and PE device There are no PUSHoperations on the CE as it is not running LDP
b How many SWAP actions on the P PE and CE devices
There are 7 SWAP operations on each P and PE device There are no SWAP
operations on the CE as it is not running LDP
c How many POP actions on the P PE and CE devices
There is 1 POP operation on each P and PE device There are no POP operationson the CE device as it is not running LDP
2
a How many OSPF adjacencies are there on your CE device
None
b Ping the other CE devices in the network (ping 1921681x)
Nothing is reachable because there is no layer 2 connectivity from CE to CE
device without creating a service
Exercise 62 3 Were you successful at adding the SAP
No The port must be in access mode before you can create a SAP on it
Part 2 Verification
1
g How many Ingress labels
There are now 3 Ingress labels on the PE devices The P and CE device has no
service labels
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5052
50
h How many SWAP actions
There are now 3 Egress labels on the PE devices The P and CE device has noservice labels
2
a
How many OSPF adjacencies are there on your CE device3
b Are you able to ping the other CE devices in the lab
YES
c Are you able to ping the system IP address of the P device from the CE
device
NO The O and PE devices are private from the service to which the CEdevices are connected on
3
a How many services are there on each device in your POD
1 per PE only
b What is their status
Operationally UP
d On each PE device we can see the MAC database per service using the
following command
iii How many local MAC addresses are in your table
1
iv How many remote MAC addresses are in your table
3
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
i How many OSPF adjacencies are there on your CE device
1
ii Ping the system IP addresses of all other CE devices in the lab
Only the CE device connected to the diagonally connected PE isreachable because it is the only one with an active SDP in both
directionsf
i How many labels are there
Same as before
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5152
51
ii Is there any difference compared to what was seen in previously
in step a
NO The LSPs created with LDP are still active only the SDP usedto bind the LSPs to the service are shut down therefore no labelswill be withdrawn
Sample PE Relevant Configuration
--------------------------------------------------echo LDP Configuration
--------------------------------------------------
ldpinterface-parameters
interface to-R1
exit
interface to-R6
exit
interface to-R5exit
exit
targeted-session
exit
exitexit
--------------------------------------------------
echo Service Configuration
--------------------------------------------------
service
customer 1 createdescription Default customer
exit
sdp 6 mpls createfar-end 1401006
ldp
keep-alive
shutdown
exit
no shutdown
exitsdp 7 mpls create
far-end 1511001
ldp
keep-alive
shutdownexit
no shutdown
exit
sdp 8 mpls create
far-end 15110030
ldpkeep-alive
shutdown
exit
no shutdown
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5252
52
exit
vpls 612 customer 1 create
stp
shutdown
exitsap 112 create
exit
mesh-sdp 6612 create
mesh-sdp 7612 create
mesh-sdp 8612 createexitno shutdown
exit
exit A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4152
41
Solutions
Exercise 13 Hardware
Sample Relevant Config--------------------------------------------------
echo Card Configuration--------------------------------------------------
card 1card-type iom-20g
mda 1
mda-type m60-10100eth-tx
ingress
mcast-path-managementshutdown
exit
exit
exit
exit
--------------------------------------------------
Exercise 14 Logs
Sample Relevant Config--------------------------------------------------echo Log Configuration
--------------------------------------------------
log
log-id 21
description Main stream log
from main
to memoryexit
log-id 22
description Security Log File
from security
to memoryexitlog-id 23
description Debug-trace
from debug-trace
to memoryexit
log-id 24
description Change Log
from change
to memoryexit
exit
Exercise 21
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4252
42
Divide up the ISP address space into equal space 512 host addresses
13812016022
13812020022
13812024022
13812028022 - divide into 13812028023 and 13812030023
Take the last 13812030023 and divide that into
13812030027 A1 30 hosts
138120303227 A2 62 hosts
138120306427
138120309627 B1 92 hosts
1381203012826
1381203019226 B2 316 hosts
13812031024
Exercise 22
Divide 140100024 into 827 address spaces
140100027 Reserved Reserved
1401003227 Unused
1401006427 Unused
1401009627 Split 1401009630
14010010030
14010010430
14010010830
14010011230
14010011630
14010012030
14010012430
All interface addresses
14010012827 Aggregate 14010012826 Assigned to Customer
space
14010016027
14010019227 Aggregate 14010019226 Assigned to customer
space
14010022427
Exercise 23
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4352
43
5 Is there a difference between the outputs of the lsquoshow router interfacersquo command
and the lsquoshow router route-tablersquo command What is the difference
Yes there is a difference The route table shows me the networks that are connected to myrouter and the logical interface it is connected to The router interface command shows
me the host address assigned to the port from the network that is used on my router along
with the physical port it is bound to
Relevant Configuration from P1
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
router
interface system
address 140100132
exit
interface t-R2exit
interface to-R2
address 140100530
port 112exit
interface to-R3
address 14010010930
port 113
exitinterface to-R5
address 14010011830
port 111
exit
exit
Exercise 244 How many ARP entries are on each router at this point
There are no ARP entries in my ARP table at this point The routers do not know how to
reach the system addresses of other routers so no ARP responses are received
5 How many ARP entries are on each router at this point
I see entries for each of my directly connected peers The MAC address belongs to the
remote routerrsquos interface ARP entries are populated because all routers know of theirdirectly connected networks and will respond to ARP requests accordingly
Exercise 31
5 View the contents of the routing table and answer the following questions
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4452
44
a How many routes in the table
There are routes for all my connected networks and an additional STATIC routefor each entry I put in
b What is the preference and metric value of each type of routing entry
The LOCAL entries have a Metric and Preference of 0The Static Routes have a Metric of 1 and a Preference of 5
Exercise 323 How many routes are there in the PPE routerrsquos routing table
Even though I entered 4 static routes total on the router only 2 are active in myrouting table The router preferred the static-route with the lowest metric
4 Which devices were reachable
I was able to ping the CE routers
Which devices were not reachable
I was unable to ping the System addresses of routers 2 hops away as they do not have
routes to the remote CE system address in their table The directly attached PE routerhas a staticroute to the local CE system address from a previous step
What is the PATH to the other CE within your local ISP
CE PE PE CE
5
Shut down the link directly between the PE devices
Which Devices are still reachable
I am still able to PING the other CE in my ISP by using the alternate (floating) static-route that replaced the last route Once a interface goes operationally down routers
flush routes from their routing table that use it as their next-hop
Exercise 33
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4552
45
YES While the filter is created it is not applied to any interface yet
11 From the PE ping the attached CErsquos configured host loopback address
SuccessfulYES
12 From the CE ping the attached PErsquos system IP addresses
Successful NO The filter is blocking icmp echo-requests in only one direction therefore ping
works one way but not the other
17 From the PE ping the attached CErsquos loopback host IP address
Successful
YES ICMP echo-requests are not blocked to the Loopback segment ONLY thesystem IP
18 From the CE ping the attached PErsquos system IP address
Successful
NO The filter is now blocking ICMP echo-requests to both CE and PE systemaddresses
Sample PE Relevant Config
--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forwarddescription Block ICMP to System Address
entry 10 create
match protocol icmpdst-ip 1511003032
icmp-type echo-request
exit
action drop
exit
exitexit
--------------------------------------------------
echo Router (Network Side) Configuration
--------------------------------------------------
interface to-R12
address 15110012630 port 112
ingress filter ip 77
exit
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4652
46
Sample CE Relevant Config--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forward
description Block ICMP to System Addy
entry 10 creatematch protocol icmp
dst-ip 1511003132
icmp-type echo-request
exit
action dropexit
exit
exit
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
interface to-R8
address 15110012530
port 112ingress filter ip 77
exit
Exercise 413
c How many routes in the table
There are 5 OSPF routes in my routing table 3 System Addresses and 2 Intefacenetworks that are not directly connected to my local system
d What is the preference and metric value of each OSPF Route
The OSPF routes vary in metric depending how ldquofarrdquo away they are (OSPF usescumulative cost based on bandwidth) but all have a preference of 10
4c How many neighbors do you see on the P devices 2
PE 2
CE 0
d What is the state of their adjacency
The P and PE adjacencies are Established because there is a OSPF speaker on the
other end with the proper parameters configured
There is no OSPF adjacency to the CE router listed as none was configured
e What type of LSAs are in the database
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4752
47
Only Type 1 Router LSA are present due to the interface being configured as point-
to-point
5 Which devices were reachable
All the devices in the local ISP were now reachable
Which devices were not reachable
The devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs Also none of the CE Host Networks were reachable as therouters did not have routes for these networks in their local routing table
6 Which devices were reachable
All networks and devices in the local ISP are now reachable
Which devices were not reachable
Devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs
Sample Relevant Config
--------------------------------------------------
echo OSPFv2 Configuration
--------------------------------------------------
ospf
area 0000interface system
interface-type point-to-point
exit
interface to-R4interface-type point-to-point
exitinterface toLAN
interface-type point-to-point
exitexit
exit
exit
Exercise 515 How many routes are advertised to each neighbor
There are no routes advertised to the neighbors because BGP does not originateroutes until an export policy is created and applied to the BGP instance
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4852
48
8 How many routes are in the routing table of R1-R4
There is 1 BGP route in each of R1-R4s routing tables matching the best path tothe aggregate advertised by the remote ISPs
9 Which devices were reachable
From the PE routers only the P routers in the local ISP were reachable
Which devices were not reachable
All routers in the remote ISP were still unreachable This is due to the local PE router
not participating in the BGP routing protocol and therefore it is not aware of theaggregate route advertised from P to P router
Sample Relevant Router Config
--------------------------------------------------
echo Static Route Configuration
--------------------------------------------------
static-route 140100024 black-hole--------------------------------------------------
echo Policy Configuration
-------------------------------------------------- policy-options
begin
policy-statement Export_Routes
entry 10
from protocol static
exit
action accept
exit
exit
exit
commitexit
--------------------------------------------------
echo BGP Configuration
--------------------------------------------------
bgpgroup eBGP
export Export_Routes
exit
group ebgpneighbor 1601006
peer-as 65002
exit
exitgroup ibgp
neighbor 1401002
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4952
49
peer-as 65001
exit
exit
exit
exit
Exercise 61Part 4 Verification
1 a How many PUSH actions on the P PE and CE devices
There are 7 PUSH operations on each P and PE device There are no PUSHoperations on the CE as it is not running LDP
b How many SWAP actions on the P PE and CE devices
There are 7 SWAP operations on each P and PE device There are no SWAP
operations on the CE as it is not running LDP
c How many POP actions on the P PE and CE devices
There is 1 POP operation on each P and PE device There are no POP operationson the CE device as it is not running LDP
2
a How many OSPF adjacencies are there on your CE device
None
b Ping the other CE devices in the network (ping 1921681x)
Nothing is reachable because there is no layer 2 connectivity from CE to CE
device without creating a service
Exercise 62 3 Were you successful at adding the SAP
No The port must be in access mode before you can create a SAP on it
Part 2 Verification
1
g How many Ingress labels
There are now 3 Ingress labels on the PE devices The P and CE device has no
service labels
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5052
50
h How many SWAP actions
There are now 3 Egress labels on the PE devices The P and CE device has noservice labels
2
a
How many OSPF adjacencies are there on your CE device3
b Are you able to ping the other CE devices in the lab
YES
c Are you able to ping the system IP address of the P device from the CE
device
NO The O and PE devices are private from the service to which the CEdevices are connected on
3
a How many services are there on each device in your POD
1 per PE only
b What is their status
Operationally UP
d On each PE device we can see the MAC database per service using the
following command
iii How many local MAC addresses are in your table
1
iv How many remote MAC addresses are in your table
3
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
i How many OSPF adjacencies are there on your CE device
1
ii Ping the system IP addresses of all other CE devices in the lab
Only the CE device connected to the diagonally connected PE isreachable because it is the only one with an active SDP in both
directionsf
i How many labels are there
Same as before
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5152
51
ii Is there any difference compared to what was seen in previously
in step a
NO The LSPs created with LDP are still active only the SDP usedto bind the LSPs to the service are shut down therefore no labelswill be withdrawn
Sample PE Relevant Configuration
--------------------------------------------------echo LDP Configuration
--------------------------------------------------
ldpinterface-parameters
interface to-R1
exit
interface to-R6
exit
interface to-R5exit
exit
targeted-session
exit
exitexit
--------------------------------------------------
echo Service Configuration
--------------------------------------------------
service
customer 1 createdescription Default customer
exit
sdp 6 mpls createfar-end 1401006
ldp
keep-alive
shutdown
exit
no shutdown
exitsdp 7 mpls create
far-end 1511001
ldp
keep-alive
shutdownexit
no shutdown
exit
sdp 8 mpls create
far-end 15110030
ldpkeep-alive
shutdown
exit
no shutdown
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5252
52
exit
vpls 612 customer 1 create
stp
shutdown
exitsap 112 create
exit
mesh-sdp 6612 create
mesh-sdp 7612 create
mesh-sdp 8612 createexitno shutdown
exit
exit A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4252
42
Divide up the ISP address space into equal space 512 host addresses
13812016022
13812020022
13812024022
13812028022 - divide into 13812028023 and 13812030023
Take the last 13812030023 and divide that into
13812030027 A1 30 hosts
138120303227 A2 62 hosts
138120306427
138120309627 B1 92 hosts
1381203012826
1381203019226 B2 316 hosts
13812031024
Exercise 22
Divide 140100024 into 827 address spaces
140100027 Reserved Reserved
1401003227 Unused
1401006427 Unused
1401009627 Split 1401009630
14010010030
14010010430
14010010830
14010011230
14010011630
14010012030
14010012430
All interface addresses
14010012827 Aggregate 14010012826 Assigned to Customer
space
14010016027
14010019227 Aggregate 14010019226 Assigned to customer
space
14010022427
Exercise 23
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4352
43
5 Is there a difference between the outputs of the lsquoshow router interfacersquo command
and the lsquoshow router route-tablersquo command What is the difference
Yes there is a difference The route table shows me the networks that are connected to myrouter and the logical interface it is connected to The router interface command shows
me the host address assigned to the port from the network that is used on my router along
with the physical port it is bound to
Relevant Configuration from P1
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
router
interface system
address 140100132
exit
interface t-R2exit
interface to-R2
address 140100530
port 112exit
interface to-R3
address 14010010930
port 113
exitinterface to-R5
address 14010011830
port 111
exit
exit
Exercise 244 How many ARP entries are on each router at this point
There are no ARP entries in my ARP table at this point The routers do not know how to
reach the system addresses of other routers so no ARP responses are received
5 How many ARP entries are on each router at this point
I see entries for each of my directly connected peers The MAC address belongs to the
remote routerrsquos interface ARP entries are populated because all routers know of theirdirectly connected networks and will respond to ARP requests accordingly
Exercise 31
5 View the contents of the routing table and answer the following questions
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4452
44
a How many routes in the table
There are routes for all my connected networks and an additional STATIC routefor each entry I put in
b What is the preference and metric value of each type of routing entry
The LOCAL entries have a Metric and Preference of 0The Static Routes have a Metric of 1 and a Preference of 5
Exercise 323 How many routes are there in the PPE routerrsquos routing table
Even though I entered 4 static routes total on the router only 2 are active in myrouting table The router preferred the static-route with the lowest metric
4 Which devices were reachable
I was able to ping the CE routers
Which devices were not reachable
I was unable to ping the System addresses of routers 2 hops away as they do not have
routes to the remote CE system address in their table The directly attached PE routerhas a staticroute to the local CE system address from a previous step
What is the PATH to the other CE within your local ISP
CE PE PE CE
5
Shut down the link directly between the PE devices
Which Devices are still reachable
I am still able to PING the other CE in my ISP by using the alternate (floating) static-route that replaced the last route Once a interface goes operationally down routers
flush routes from their routing table that use it as their next-hop
Exercise 33
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4552
45
YES While the filter is created it is not applied to any interface yet
11 From the PE ping the attached CErsquos configured host loopback address
SuccessfulYES
12 From the CE ping the attached PErsquos system IP addresses
Successful NO The filter is blocking icmp echo-requests in only one direction therefore ping
works one way but not the other
17 From the PE ping the attached CErsquos loopback host IP address
Successful
YES ICMP echo-requests are not blocked to the Loopback segment ONLY thesystem IP
18 From the CE ping the attached PErsquos system IP address
Successful
NO The filter is now blocking ICMP echo-requests to both CE and PE systemaddresses
Sample PE Relevant Config
--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forwarddescription Block ICMP to System Address
entry 10 create
match protocol icmpdst-ip 1511003032
icmp-type echo-request
exit
action drop
exit
exitexit
--------------------------------------------------
echo Router (Network Side) Configuration
--------------------------------------------------
interface to-R12
address 15110012630 port 112
ingress filter ip 77
exit
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4652
46
Sample CE Relevant Config--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forward
description Block ICMP to System Addy
entry 10 creatematch protocol icmp
dst-ip 1511003132
icmp-type echo-request
exit
action dropexit
exit
exit
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
interface to-R8
address 15110012530
port 112ingress filter ip 77
exit
Exercise 413
c How many routes in the table
There are 5 OSPF routes in my routing table 3 System Addresses and 2 Intefacenetworks that are not directly connected to my local system
d What is the preference and metric value of each OSPF Route
The OSPF routes vary in metric depending how ldquofarrdquo away they are (OSPF usescumulative cost based on bandwidth) but all have a preference of 10
4c How many neighbors do you see on the P devices 2
PE 2
CE 0
d What is the state of their adjacency
The P and PE adjacencies are Established because there is a OSPF speaker on the
other end with the proper parameters configured
There is no OSPF adjacency to the CE router listed as none was configured
e What type of LSAs are in the database
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4752
47
Only Type 1 Router LSA are present due to the interface being configured as point-
to-point
5 Which devices were reachable
All the devices in the local ISP were now reachable
Which devices were not reachable
The devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs Also none of the CE Host Networks were reachable as therouters did not have routes for these networks in their local routing table
6 Which devices were reachable
All networks and devices in the local ISP are now reachable
Which devices were not reachable
Devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs
Sample Relevant Config
--------------------------------------------------
echo OSPFv2 Configuration
--------------------------------------------------
ospf
area 0000interface system
interface-type point-to-point
exit
interface to-R4interface-type point-to-point
exitinterface toLAN
interface-type point-to-point
exitexit
exit
exit
Exercise 515 How many routes are advertised to each neighbor
There are no routes advertised to the neighbors because BGP does not originateroutes until an export policy is created and applied to the BGP instance
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4852
48
8 How many routes are in the routing table of R1-R4
There is 1 BGP route in each of R1-R4s routing tables matching the best path tothe aggregate advertised by the remote ISPs
9 Which devices were reachable
From the PE routers only the P routers in the local ISP were reachable
Which devices were not reachable
All routers in the remote ISP were still unreachable This is due to the local PE router
not participating in the BGP routing protocol and therefore it is not aware of theaggregate route advertised from P to P router
Sample Relevant Router Config
--------------------------------------------------
echo Static Route Configuration
--------------------------------------------------
static-route 140100024 black-hole--------------------------------------------------
echo Policy Configuration
-------------------------------------------------- policy-options
begin
policy-statement Export_Routes
entry 10
from protocol static
exit
action accept
exit
exit
exit
commitexit
--------------------------------------------------
echo BGP Configuration
--------------------------------------------------
bgpgroup eBGP
export Export_Routes
exit
group ebgpneighbor 1601006
peer-as 65002
exit
exitgroup ibgp
neighbor 1401002
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4952
49
peer-as 65001
exit
exit
exit
exit
Exercise 61Part 4 Verification
1 a How many PUSH actions on the P PE and CE devices
There are 7 PUSH operations on each P and PE device There are no PUSHoperations on the CE as it is not running LDP
b How many SWAP actions on the P PE and CE devices
There are 7 SWAP operations on each P and PE device There are no SWAP
operations on the CE as it is not running LDP
c How many POP actions on the P PE and CE devices
There is 1 POP operation on each P and PE device There are no POP operationson the CE device as it is not running LDP
2
a How many OSPF adjacencies are there on your CE device
None
b Ping the other CE devices in the network (ping 1921681x)
Nothing is reachable because there is no layer 2 connectivity from CE to CE
device without creating a service
Exercise 62 3 Were you successful at adding the SAP
No The port must be in access mode before you can create a SAP on it
Part 2 Verification
1
g How many Ingress labels
There are now 3 Ingress labels on the PE devices The P and CE device has no
service labels
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5052
50
h How many SWAP actions
There are now 3 Egress labels on the PE devices The P and CE device has noservice labels
2
a
How many OSPF adjacencies are there on your CE device3
b Are you able to ping the other CE devices in the lab
YES
c Are you able to ping the system IP address of the P device from the CE
device
NO The O and PE devices are private from the service to which the CEdevices are connected on
3
a How many services are there on each device in your POD
1 per PE only
b What is their status
Operationally UP
d On each PE device we can see the MAC database per service using the
following command
iii How many local MAC addresses are in your table
1
iv How many remote MAC addresses are in your table
3
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
i How many OSPF adjacencies are there on your CE device
1
ii Ping the system IP addresses of all other CE devices in the lab
Only the CE device connected to the diagonally connected PE isreachable because it is the only one with an active SDP in both
directionsf
i How many labels are there
Same as before
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5152
51
ii Is there any difference compared to what was seen in previously
in step a
NO The LSPs created with LDP are still active only the SDP usedto bind the LSPs to the service are shut down therefore no labelswill be withdrawn
Sample PE Relevant Configuration
--------------------------------------------------echo LDP Configuration
--------------------------------------------------
ldpinterface-parameters
interface to-R1
exit
interface to-R6
exit
interface to-R5exit
exit
targeted-session
exit
exitexit
--------------------------------------------------
echo Service Configuration
--------------------------------------------------
service
customer 1 createdescription Default customer
exit
sdp 6 mpls createfar-end 1401006
ldp
keep-alive
shutdown
exit
no shutdown
exitsdp 7 mpls create
far-end 1511001
ldp
keep-alive
shutdownexit
no shutdown
exit
sdp 8 mpls create
far-end 15110030
ldpkeep-alive
shutdown
exit
no shutdown
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5252
52
exit
vpls 612 customer 1 create
stp
shutdown
exitsap 112 create
exit
mesh-sdp 6612 create
mesh-sdp 7612 create
mesh-sdp 8612 createexitno shutdown
exit
exit A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4352
43
5 Is there a difference between the outputs of the lsquoshow router interfacersquo command
and the lsquoshow router route-tablersquo command What is the difference
Yes there is a difference The route table shows me the networks that are connected to myrouter and the logical interface it is connected to The router interface command shows
me the host address assigned to the port from the network that is used on my router along
with the physical port it is bound to
Relevant Configuration from P1
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
router
interface system
address 140100132
exit
interface t-R2exit
interface to-R2
address 140100530
port 112exit
interface to-R3
address 14010010930
port 113
exitinterface to-R5
address 14010011830
port 111
exit
exit
Exercise 244 How many ARP entries are on each router at this point
There are no ARP entries in my ARP table at this point The routers do not know how to
reach the system addresses of other routers so no ARP responses are received
5 How many ARP entries are on each router at this point
I see entries for each of my directly connected peers The MAC address belongs to the
remote routerrsquos interface ARP entries are populated because all routers know of theirdirectly connected networks and will respond to ARP requests accordingly
Exercise 31
5 View the contents of the routing table and answer the following questions
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4452
44
a How many routes in the table
There are routes for all my connected networks and an additional STATIC routefor each entry I put in
b What is the preference and metric value of each type of routing entry
The LOCAL entries have a Metric and Preference of 0The Static Routes have a Metric of 1 and a Preference of 5
Exercise 323 How many routes are there in the PPE routerrsquos routing table
Even though I entered 4 static routes total on the router only 2 are active in myrouting table The router preferred the static-route with the lowest metric
4 Which devices were reachable
I was able to ping the CE routers
Which devices were not reachable
I was unable to ping the System addresses of routers 2 hops away as they do not have
routes to the remote CE system address in their table The directly attached PE routerhas a staticroute to the local CE system address from a previous step
What is the PATH to the other CE within your local ISP
CE PE PE CE
5
Shut down the link directly between the PE devices
Which Devices are still reachable
I am still able to PING the other CE in my ISP by using the alternate (floating) static-route that replaced the last route Once a interface goes operationally down routers
flush routes from their routing table that use it as their next-hop
Exercise 33
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4552
45
YES While the filter is created it is not applied to any interface yet
11 From the PE ping the attached CErsquos configured host loopback address
SuccessfulYES
12 From the CE ping the attached PErsquos system IP addresses
Successful NO The filter is blocking icmp echo-requests in only one direction therefore ping
works one way but not the other
17 From the PE ping the attached CErsquos loopback host IP address
Successful
YES ICMP echo-requests are not blocked to the Loopback segment ONLY thesystem IP
18 From the CE ping the attached PErsquos system IP address
Successful
NO The filter is now blocking ICMP echo-requests to both CE and PE systemaddresses
Sample PE Relevant Config
--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forwarddescription Block ICMP to System Address
entry 10 create
match protocol icmpdst-ip 1511003032
icmp-type echo-request
exit
action drop
exit
exitexit
--------------------------------------------------
echo Router (Network Side) Configuration
--------------------------------------------------
interface to-R12
address 15110012630 port 112
ingress filter ip 77
exit
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4652
46
Sample CE Relevant Config--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forward
description Block ICMP to System Addy
entry 10 creatematch protocol icmp
dst-ip 1511003132
icmp-type echo-request
exit
action dropexit
exit
exit
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
interface to-R8
address 15110012530
port 112ingress filter ip 77
exit
Exercise 413
c How many routes in the table
There are 5 OSPF routes in my routing table 3 System Addresses and 2 Intefacenetworks that are not directly connected to my local system
d What is the preference and metric value of each OSPF Route
The OSPF routes vary in metric depending how ldquofarrdquo away they are (OSPF usescumulative cost based on bandwidth) but all have a preference of 10
4c How many neighbors do you see on the P devices 2
PE 2
CE 0
d What is the state of their adjacency
The P and PE adjacencies are Established because there is a OSPF speaker on the
other end with the proper parameters configured
There is no OSPF adjacency to the CE router listed as none was configured
e What type of LSAs are in the database
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4752
47
Only Type 1 Router LSA are present due to the interface being configured as point-
to-point
5 Which devices were reachable
All the devices in the local ISP were now reachable
Which devices were not reachable
The devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs Also none of the CE Host Networks were reachable as therouters did not have routes for these networks in their local routing table
6 Which devices were reachable
All networks and devices in the local ISP are now reachable
Which devices were not reachable
Devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs
Sample Relevant Config
--------------------------------------------------
echo OSPFv2 Configuration
--------------------------------------------------
ospf
area 0000interface system
interface-type point-to-point
exit
interface to-R4interface-type point-to-point
exitinterface toLAN
interface-type point-to-point
exitexit
exit
exit
Exercise 515 How many routes are advertised to each neighbor
There are no routes advertised to the neighbors because BGP does not originateroutes until an export policy is created and applied to the BGP instance
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4852
48
8 How many routes are in the routing table of R1-R4
There is 1 BGP route in each of R1-R4s routing tables matching the best path tothe aggregate advertised by the remote ISPs
9 Which devices were reachable
From the PE routers only the P routers in the local ISP were reachable
Which devices were not reachable
All routers in the remote ISP were still unreachable This is due to the local PE router
not participating in the BGP routing protocol and therefore it is not aware of theaggregate route advertised from P to P router
Sample Relevant Router Config
--------------------------------------------------
echo Static Route Configuration
--------------------------------------------------
static-route 140100024 black-hole--------------------------------------------------
echo Policy Configuration
-------------------------------------------------- policy-options
begin
policy-statement Export_Routes
entry 10
from protocol static
exit
action accept
exit
exit
exit
commitexit
--------------------------------------------------
echo BGP Configuration
--------------------------------------------------
bgpgroup eBGP
export Export_Routes
exit
group ebgpneighbor 1601006
peer-as 65002
exit
exitgroup ibgp
neighbor 1401002
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4952
49
peer-as 65001
exit
exit
exit
exit
Exercise 61Part 4 Verification
1 a How many PUSH actions on the P PE and CE devices
There are 7 PUSH operations on each P and PE device There are no PUSHoperations on the CE as it is not running LDP
b How many SWAP actions on the P PE and CE devices
There are 7 SWAP operations on each P and PE device There are no SWAP
operations on the CE as it is not running LDP
c How many POP actions on the P PE and CE devices
There is 1 POP operation on each P and PE device There are no POP operationson the CE device as it is not running LDP
2
a How many OSPF adjacencies are there on your CE device
None
b Ping the other CE devices in the network (ping 1921681x)
Nothing is reachable because there is no layer 2 connectivity from CE to CE
device without creating a service
Exercise 62 3 Were you successful at adding the SAP
No The port must be in access mode before you can create a SAP on it
Part 2 Verification
1
g How many Ingress labels
There are now 3 Ingress labels on the PE devices The P and CE device has no
service labels
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5052
50
h How many SWAP actions
There are now 3 Egress labels on the PE devices The P and CE device has noservice labels
2
a
How many OSPF adjacencies are there on your CE device3
b Are you able to ping the other CE devices in the lab
YES
c Are you able to ping the system IP address of the P device from the CE
device
NO The O and PE devices are private from the service to which the CEdevices are connected on
3
a How many services are there on each device in your POD
1 per PE only
b What is their status
Operationally UP
d On each PE device we can see the MAC database per service using the
following command
iii How many local MAC addresses are in your table
1
iv How many remote MAC addresses are in your table
3
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
i How many OSPF adjacencies are there on your CE device
1
ii Ping the system IP addresses of all other CE devices in the lab
Only the CE device connected to the diagonally connected PE isreachable because it is the only one with an active SDP in both
directionsf
i How many labels are there
Same as before
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5152
51
ii Is there any difference compared to what was seen in previously
in step a
NO The LSPs created with LDP are still active only the SDP usedto bind the LSPs to the service are shut down therefore no labelswill be withdrawn
Sample PE Relevant Configuration
--------------------------------------------------echo LDP Configuration
--------------------------------------------------
ldpinterface-parameters
interface to-R1
exit
interface to-R6
exit
interface to-R5exit
exit
targeted-session
exit
exitexit
--------------------------------------------------
echo Service Configuration
--------------------------------------------------
service
customer 1 createdescription Default customer
exit
sdp 6 mpls createfar-end 1401006
ldp
keep-alive
shutdown
exit
no shutdown
exitsdp 7 mpls create
far-end 1511001
ldp
keep-alive
shutdownexit
no shutdown
exit
sdp 8 mpls create
far-end 15110030
ldpkeep-alive
shutdown
exit
no shutdown
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5252
52
exit
vpls 612 customer 1 create
stp
shutdown
exitsap 112 create
exit
mesh-sdp 6612 create
mesh-sdp 7612 create
mesh-sdp 8612 createexitno shutdown
exit
exit A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4452
44
a How many routes in the table
There are routes for all my connected networks and an additional STATIC routefor each entry I put in
b What is the preference and metric value of each type of routing entry
The LOCAL entries have a Metric and Preference of 0The Static Routes have a Metric of 1 and a Preference of 5
Exercise 323 How many routes are there in the PPE routerrsquos routing table
Even though I entered 4 static routes total on the router only 2 are active in myrouting table The router preferred the static-route with the lowest metric
4 Which devices were reachable
I was able to ping the CE routers
Which devices were not reachable
I was unable to ping the System addresses of routers 2 hops away as they do not have
routes to the remote CE system address in their table The directly attached PE routerhas a staticroute to the local CE system address from a previous step
What is the PATH to the other CE within your local ISP
CE PE PE CE
5
Shut down the link directly between the PE devices
Which Devices are still reachable
I am still able to PING the other CE in my ISP by using the alternate (floating) static-route that replaced the last route Once a interface goes operationally down routers
flush routes from their routing table that use it as their next-hop
Exercise 33
9 From the PE ping the attached CErsquos configured loopback host IP address
Successful
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4552
45
YES While the filter is created it is not applied to any interface yet
11 From the PE ping the attached CErsquos configured host loopback address
SuccessfulYES
12 From the CE ping the attached PErsquos system IP addresses
Successful NO The filter is blocking icmp echo-requests in only one direction therefore ping
works one way but not the other
17 From the PE ping the attached CErsquos loopback host IP address
Successful
YES ICMP echo-requests are not blocked to the Loopback segment ONLY thesystem IP
18 From the CE ping the attached PErsquos system IP address
Successful
NO The filter is now blocking ICMP echo-requests to both CE and PE systemaddresses
Sample PE Relevant Config
--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forwarddescription Block ICMP to System Address
entry 10 create
match protocol icmpdst-ip 1511003032
icmp-type echo-request
exit
action drop
exit
exitexit
--------------------------------------------------
echo Router (Network Side) Configuration
--------------------------------------------------
interface to-R12
address 15110012630 port 112
ingress filter ip 77
exit
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4652
46
Sample CE Relevant Config--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forward
description Block ICMP to System Addy
entry 10 creatematch protocol icmp
dst-ip 1511003132
icmp-type echo-request
exit
action dropexit
exit
exit
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
interface to-R8
address 15110012530
port 112ingress filter ip 77
exit
Exercise 413
c How many routes in the table
There are 5 OSPF routes in my routing table 3 System Addresses and 2 Intefacenetworks that are not directly connected to my local system
d What is the preference and metric value of each OSPF Route
The OSPF routes vary in metric depending how ldquofarrdquo away they are (OSPF usescumulative cost based on bandwidth) but all have a preference of 10
4c How many neighbors do you see on the P devices 2
PE 2
CE 0
d What is the state of their adjacency
The P and PE adjacencies are Established because there is a OSPF speaker on the
other end with the proper parameters configured
There is no OSPF adjacency to the CE router listed as none was configured
e What type of LSAs are in the database
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4752
47
Only Type 1 Router LSA are present due to the interface being configured as point-
to-point
5 Which devices were reachable
All the devices in the local ISP were now reachable
Which devices were not reachable
The devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs Also none of the CE Host Networks were reachable as therouters did not have routes for these networks in their local routing table
6 Which devices were reachable
All networks and devices in the local ISP are now reachable
Which devices were not reachable
Devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs
Sample Relevant Config
--------------------------------------------------
echo OSPFv2 Configuration
--------------------------------------------------
ospf
area 0000interface system
interface-type point-to-point
exit
interface to-R4interface-type point-to-point
exitinterface toLAN
interface-type point-to-point
exitexit
exit
exit
Exercise 515 How many routes are advertised to each neighbor
There are no routes advertised to the neighbors because BGP does not originateroutes until an export policy is created and applied to the BGP instance
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4852
48
8 How many routes are in the routing table of R1-R4
There is 1 BGP route in each of R1-R4s routing tables matching the best path tothe aggregate advertised by the remote ISPs
9 Which devices were reachable
From the PE routers only the P routers in the local ISP were reachable
Which devices were not reachable
All routers in the remote ISP were still unreachable This is due to the local PE router
not participating in the BGP routing protocol and therefore it is not aware of theaggregate route advertised from P to P router
Sample Relevant Router Config
--------------------------------------------------
echo Static Route Configuration
--------------------------------------------------
static-route 140100024 black-hole--------------------------------------------------
echo Policy Configuration
-------------------------------------------------- policy-options
begin
policy-statement Export_Routes
entry 10
from protocol static
exit
action accept
exit
exit
exit
commitexit
--------------------------------------------------
echo BGP Configuration
--------------------------------------------------
bgpgroup eBGP
export Export_Routes
exit
group ebgpneighbor 1601006
peer-as 65002
exit
exitgroup ibgp
neighbor 1401002
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4952
49
peer-as 65001
exit
exit
exit
exit
Exercise 61Part 4 Verification
1 a How many PUSH actions on the P PE and CE devices
There are 7 PUSH operations on each P and PE device There are no PUSHoperations on the CE as it is not running LDP
b How many SWAP actions on the P PE and CE devices
There are 7 SWAP operations on each P and PE device There are no SWAP
operations on the CE as it is not running LDP
c How many POP actions on the P PE and CE devices
There is 1 POP operation on each P and PE device There are no POP operationson the CE device as it is not running LDP
2
a How many OSPF adjacencies are there on your CE device
None
b Ping the other CE devices in the network (ping 1921681x)
Nothing is reachable because there is no layer 2 connectivity from CE to CE
device without creating a service
Exercise 62 3 Were you successful at adding the SAP
No The port must be in access mode before you can create a SAP on it
Part 2 Verification
1
g How many Ingress labels
There are now 3 Ingress labels on the PE devices The P and CE device has no
service labels
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5052
50
h How many SWAP actions
There are now 3 Egress labels on the PE devices The P and CE device has noservice labels
2
a
How many OSPF adjacencies are there on your CE device3
b Are you able to ping the other CE devices in the lab
YES
c Are you able to ping the system IP address of the P device from the CE
device
NO The O and PE devices are private from the service to which the CEdevices are connected on
3
a How many services are there on each device in your POD
1 per PE only
b What is their status
Operationally UP
d On each PE device we can see the MAC database per service using the
following command
iii How many local MAC addresses are in your table
1
iv How many remote MAC addresses are in your table
3
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
i How many OSPF adjacencies are there on your CE device
1
ii Ping the system IP addresses of all other CE devices in the lab
Only the CE device connected to the diagonally connected PE isreachable because it is the only one with an active SDP in both
directionsf
i How many labels are there
Same as before
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5152
51
ii Is there any difference compared to what was seen in previously
in step a
NO The LSPs created with LDP are still active only the SDP usedto bind the LSPs to the service are shut down therefore no labelswill be withdrawn
Sample PE Relevant Configuration
--------------------------------------------------echo LDP Configuration
--------------------------------------------------
ldpinterface-parameters
interface to-R1
exit
interface to-R6
exit
interface to-R5exit
exit
targeted-session
exit
exitexit
--------------------------------------------------
echo Service Configuration
--------------------------------------------------
service
customer 1 createdescription Default customer
exit
sdp 6 mpls createfar-end 1401006
ldp
keep-alive
shutdown
exit
no shutdown
exitsdp 7 mpls create
far-end 1511001
ldp
keep-alive
shutdownexit
no shutdown
exit
sdp 8 mpls create
far-end 15110030
ldpkeep-alive
shutdown
exit
no shutdown
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5252
52
exit
vpls 612 customer 1 create
stp
shutdown
exitsap 112 create
exit
mesh-sdp 6612 create
mesh-sdp 7612 create
mesh-sdp 8612 createexitno shutdown
exit
exit A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4552
45
YES While the filter is created it is not applied to any interface yet
11 From the PE ping the attached CErsquos configured host loopback address
SuccessfulYES
12 From the CE ping the attached PErsquos system IP addresses
Successful NO The filter is blocking icmp echo-requests in only one direction therefore ping
works one way but not the other
17 From the PE ping the attached CErsquos loopback host IP address
Successful
YES ICMP echo-requests are not blocked to the Loopback segment ONLY thesystem IP
18 From the CE ping the attached PErsquos system IP address
Successful
NO The filter is now blocking ICMP echo-requests to both CE and PE systemaddresses
Sample PE Relevant Config
--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forwarddescription Block ICMP to System Address
entry 10 create
match protocol icmpdst-ip 1511003032
icmp-type echo-request
exit
action drop
exit
exitexit
--------------------------------------------------
echo Router (Network Side) Configuration
--------------------------------------------------
interface to-R12
address 15110012630 port 112
ingress filter ip 77
exit
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4652
46
Sample CE Relevant Config--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forward
description Block ICMP to System Addy
entry 10 creatematch protocol icmp
dst-ip 1511003132
icmp-type echo-request
exit
action dropexit
exit
exit
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
interface to-R8
address 15110012530
port 112ingress filter ip 77
exit
Exercise 413
c How many routes in the table
There are 5 OSPF routes in my routing table 3 System Addresses and 2 Intefacenetworks that are not directly connected to my local system
d What is the preference and metric value of each OSPF Route
The OSPF routes vary in metric depending how ldquofarrdquo away they are (OSPF usescumulative cost based on bandwidth) but all have a preference of 10
4c How many neighbors do you see on the P devices 2
PE 2
CE 0
d What is the state of their adjacency
The P and PE adjacencies are Established because there is a OSPF speaker on the
other end with the proper parameters configured
There is no OSPF adjacency to the CE router listed as none was configured
e What type of LSAs are in the database
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4752
47
Only Type 1 Router LSA are present due to the interface being configured as point-
to-point
5 Which devices were reachable
All the devices in the local ISP were now reachable
Which devices were not reachable
The devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs Also none of the CE Host Networks were reachable as therouters did not have routes for these networks in their local routing table
6 Which devices were reachable
All networks and devices in the local ISP are now reachable
Which devices were not reachable
Devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs
Sample Relevant Config
--------------------------------------------------
echo OSPFv2 Configuration
--------------------------------------------------
ospf
area 0000interface system
interface-type point-to-point
exit
interface to-R4interface-type point-to-point
exitinterface toLAN
interface-type point-to-point
exitexit
exit
exit
Exercise 515 How many routes are advertised to each neighbor
There are no routes advertised to the neighbors because BGP does not originateroutes until an export policy is created and applied to the BGP instance
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4852
48
8 How many routes are in the routing table of R1-R4
There is 1 BGP route in each of R1-R4s routing tables matching the best path tothe aggregate advertised by the remote ISPs
9 Which devices were reachable
From the PE routers only the P routers in the local ISP were reachable
Which devices were not reachable
All routers in the remote ISP were still unreachable This is due to the local PE router
not participating in the BGP routing protocol and therefore it is not aware of theaggregate route advertised from P to P router
Sample Relevant Router Config
--------------------------------------------------
echo Static Route Configuration
--------------------------------------------------
static-route 140100024 black-hole--------------------------------------------------
echo Policy Configuration
-------------------------------------------------- policy-options
begin
policy-statement Export_Routes
entry 10
from protocol static
exit
action accept
exit
exit
exit
commitexit
--------------------------------------------------
echo BGP Configuration
--------------------------------------------------
bgpgroup eBGP
export Export_Routes
exit
group ebgpneighbor 1601006
peer-as 65002
exit
exitgroup ibgp
neighbor 1401002
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4952
49
peer-as 65001
exit
exit
exit
exit
Exercise 61Part 4 Verification
1 a How many PUSH actions on the P PE and CE devices
There are 7 PUSH operations on each P and PE device There are no PUSHoperations on the CE as it is not running LDP
b How many SWAP actions on the P PE and CE devices
There are 7 SWAP operations on each P and PE device There are no SWAP
operations on the CE as it is not running LDP
c How many POP actions on the P PE and CE devices
There is 1 POP operation on each P and PE device There are no POP operationson the CE device as it is not running LDP
2
a How many OSPF adjacencies are there on your CE device
None
b Ping the other CE devices in the network (ping 1921681x)
Nothing is reachable because there is no layer 2 connectivity from CE to CE
device without creating a service
Exercise 62 3 Were you successful at adding the SAP
No The port must be in access mode before you can create a SAP on it
Part 2 Verification
1
g How many Ingress labels
There are now 3 Ingress labels on the PE devices The P and CE device has no
service labels
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5052
50
h How many SWAP actions
There are now 3 Egress labels on the PE devices The P and CE device has noservice labels
2
a
How many OSPF adjacencies are there on your CE device3
b Are you able to ping the other CE devices in the lab
YES
c Are you able to ping the system IP address of the P device from the CE
device
NO The O and PE devices are private from the service to which the CEdevices are connected on
3
a How many services are there on each device in your POD
1 per PE only
b What is their status
Operationally UP
d On each PE device we can see the MAC database per service using the
following command
iii How many local MAC addresses are in your table
1
iv How many remote MAC addresses are in your table
3
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
i How many OSPF adjacencies are there on your CE device
1
ii Ping the system IP addresses of all other CE devices in the lab
Only the CE device connected to the diagonally connected PE isreachable because it is the only one with an active SDP in both
directionsf
i How many labels are there
Same as before
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5152
51
ii Is there any difference compared to what was seen in previously
in step a
NO The LSPs created with LDP are still active only the SDP usedto bind the LSPs to the service are shut down therefore no labelswill be withdrawn
Sample PE Relevant Configuration
--------------------------------------------------echo LDP Configuration
--------------------------------------------------
ldpinterface-parameters
interface to-R1
exit
interface to-R6
exit
interface to-R5exit
exit
targeted-session
exit
exitexit
--------------------------------------------------
echo Service Configuration
--------------------------------------------------
service
customer 1 createdescription Default customer
exit
sdp 6 mpls createfar-end 1401006
ldp
keep-alive
shutdown
exit
no shutdown
exitsdp 7 mpls create
far-end 1511001
ldp
keep-alive
shutdownexit
no shutdown
exit
sdp 8 mpls create
far-end 15110030
ldpkeep-alive
shutdown
exit
no shutdown
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5252
52
exit
vpls 612 customer 1 create
stp
shutdown
exitsap 112 create
exit
mesh-sdp 6612 create
mesh-sdp 7612 create
mesh-sdp 8612 createexitno shutdown
exit
exit A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4652
46
Sample CE Relevant Config--------------------------------------------------echo Filter Configuration
--------------------------------------------------
filter
ip-filter 77 create
default-action forward
description Block ICMP to System Addy
entry 10 creatematch protocol icmp
dst-ip 1511003132
icmp-type echo-request
exit
action dropexit
exit
exit
--------------------------------------------------
echo Router (Network Side) Configuration--------------------------------------------------
interface to-R8
address 15110012530
port 112ingress filter ip 77
exit
Exercise 413
c How many routes in the table
There are 5 OSPF routes in my routing table 3 System Addresses and 2 Intefacenetworks that are not directly connected to my local system
d What is the preference and metric value of each OSPF Route
The OSPF routes vary in metric depending how ldquofarrdquo away they are (OSPF usescumulative cost based on bandwidth) but all have a preference of 10
4c How many neighbors do you see on the P devices 2
PE 2
CE 0
d What is the state of their adjacency
The P and PE adjacencies are Established because there is a OSPF speaker on the
other end with the proper parameters configured
There is no OSPF adjacency to the CE router listed as none was configured
e What type of LSAs are in the database
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4752
47
Only Type 1 Router LSA are present due to the interface being configured as point-
to-point
5 Which devices were reachable
All the devices in the local ISP were now reachable
Which devices were not reachable
The devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs Also none of the CE Host Networks were reachable as therouters did not have routes for these networks in their local routing table
6 Which devices were reachable
All networks and devices in the local ISP are now reachable
Which devices were not reachable
Devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs
Sample Relevant Config
--------------------------------------------------
echo OSPFv2 Configuration
--------------------------------------------------
ospf
area 0000interface system
interface-type point-to-point
exit
interface to-R4interface-type point-to-point
exitinterface toLAN
interface-type point-to-point
exitexit
exit
exit
Exercise 515 How many routes are advertised to each neighbor
There are no routes advertised to the neighbors because BGP does not originateroutes until an export policy is created and applied to the BGP instance
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4852
48
8 How many routes are in the routing table of R1-R4
There is 1 BGP route in each of R1-R4s routing tables matching the best path tothe aggregate advertised by the remote ISPs
9 Which devices were reachable
From the PE routers only the P routers in the local ISP were reachable
Which devices were not reachable
All routers in the remote ISP were still unreachable This is due to the local PE router
not participating in the BGP routing protocol and therefore it is not aware of theaggregate route advertised from P to P router
Sample Relevant Router Config
--------------------------------------------------
echo Static Route Configuration
--------------------------------------------------
static-route 140100024 black-hole--------------------------------------------------
echo Policy Configuration
-------------------------------------------------- policy-options
begin
policy-statement Export_Routes
entry 10
from protocol static
exit
action accept
exit
exit
exit
commitexit
--------------------------------------------------
echo BGP Configuration
--------------------------------------------------
bgpgroup eBGP
export Export_Routes
exit
group ebgpneighbor 1601006
peer-as 65002
exit
exitgroup ibgp
neighbor 1401002
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4952
49
peer-as 65001
exit
exit
exit
exit
Exercise 61Part 4 Verification
1 a How many PUSH actions on the P PE and CE devices
There are 7 PUSH operations on each P and PE device There are no PUSHoperations on the CE as it is not running LDP
b How many SWAP actions on the P PE and CE devices
There are 7 SWAP operations on each P and PE device There are no SWAP
operations on the CE as it is not running LDP
c How many POP actions on the P PE and CE devices
There is 1 POP operation on each P and PE device There are no POP operationson the CE device as it is not running LDP
2
a How many OSPF adjacencies are there on your CE device
None
b Ping the other CE devices in the network (ping 1921681x)
Nothing is reachable because there is no layer 2 connectivity from CE to CE
device without creating a service
Exercise 62 3 Were you successful at adding the SAP
No The port must be in access mode before you can create a SAP on it
Part 2 Verification
1
g How many Ingress labels
There are now 3 Ingress labels on the PE devices The P and CE device has no
service labels
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5052
50
h How many SWAP actions
There are now 3 Egress labels on the PE devices The P and CE device has noservice labels
2
a
How many OSPF adjacencies are there on your CE device3
b Are you able to ping the other CE devices in the lab
YES
c Are you able to ping the system IP address of the P device from the CE
device
NO The O and PE devices are private from the service to which the CEdevices are connected on
3
a How many services are there on each device in your POD
1 per PE only
b What is their status
Operationally UP
d On each PE device we can see the MAC database per service using the
following command
iii How many local MAC addresses are in your table
1
iv How many remote MAC addresses are in your table
3
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
i How many OSPF adjacencies are there on your CE device
1
ii Ping the system IP addresses of all other CE devices in the lab
Only the CE device connected to the diagonally connected PE isreachable because it is the only one with an active SDP in both
directionsf
i How many labels are there
Same as before
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5152
51
ii Is there any difference compared to what was seen in previously
in step a
NO The LSPs created with LDP are still active only the SDP usedto bind the LSPs to the service are shut down therefore no labelswill be withdrawn
Sample PE Relevant Configuration
--------------------------------------------------echo LDP Configuration
--------------------------------------------------
ldpinterface-parameters
interface to-R1
exit
interface to-R6
exit
interface to-R5exit
exit
targeted-session
exit
exitexit
--------------------------------------------------
echo Service Configuration
--------------------------------------------------
service
customer 1 createdescription Default customer
exit
sdp 6 mpls createfar-end 1401006
ldp
keep-alive
shutdown
exit
no shutdown
exitsdp 7 mpls create
far-end 1511001
ldp
keep-alive
shutdownexit
no shutdown
exit
sdp 8 mpls create
far-end 15110030
ldpkeep-alive
shutdown
exit
no shutdown
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5252
52
exit
vpls 612 customer 1 create
stp
shutdown
exitsap 112 create
exit
mesh-sdp 6612 create
mesh-sdp 7612 create
mesh-sdp 8612 createexitno shutdown
exit
exit A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4752
47
Only Type 1 Router LSA are present due to the interface being configured as point-
to-point
5 Which devices were reachable
All the devices in the local ISP were now reachable
Which devices were not reachable
The devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs Also none of the CE Host Networks were reachable as therouters did not have routes for these networks in their local routing table
6 Which devices were reachable
All networks and devices in the local ISP are now reachable
Which devices were not reachable
Devices in the remote ISP were not reachable because there is no routing protocol between the 2 ISPs
Sample Relevant Config
--------------------------------------------------
echo OSPFv2 Configuration
--------------------------------------------------
ospf
area 0000interface system
interface-type point-to-point
exit
interface to-R4interface-type point-to-point
exitinterface toLAN
interface-type point-to-point
exitexit
exit
exit
Exercise 515 How many routes are advertised to each neighbor
There are no routes advertised to the neighbors because BGP does not originateroutes until an export policy is created and applied to the BGP instance
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4852
48
8 How many routes are in the routing table of R1-R4
There is 1 BGP route in each of R1-R4s routing tables matching the best path tothe aggregate advertised by the remote ISPs
9 Which devices were reachable
From the PE routers only the P routers in the local ISP were reachable
Which devices were not reachable
All routers in the remote ISP were still unreachable This is due to the local PE router
not participating in the BGP routing protocol and therefore it is not aware of theaggregate route advertised from P to P router
Sample Relevant Router Config
--------------------------------------------------
echo Static Route Configuration
--------------------------------------------------
static-route 140100024 black-hole--------------------------------------------------
echo Policy Configuration
-------------------------------------------------- policy-options
begin
policy-statement Export_Routes
entry 10
from protocol static
exit
action accept
exit
exit
exit
commitexit
--------------------------------------------------
echo BGP Configuration
--------------------------------------------------
bgpgroup eBGP
export Export_Routes
exit
group ebgpneighbor 1601006
peer-as 65002
exit
exitgroup ibgp
neighbor 1401002
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4952
49
peer-as 65001
exit
exit
exit
exit
Exercise 61Part 4 Verification
1 a How many PUSH actions on the P PE and CE devices
There are 7 PUSH operations on each P and PE device There are no PUSHoperations on the CE as it is not running LDP
b How many SWAP actions on the P PE and CE devices
There are 7 SWAP operations on each P and PE device There are no SWAP
operations on the CE as it is not running LDP
c How many POP actions on the P PE and CE devices
There is 1 POP operation on each P and PE device There are no POP operationson the CE device as it is not running LDP
2
a How many OSPF adjacencies are there on your CE device
None
b Ping the other CE devices in the network (ping 1921681x)
Nothing is reachable because there is no layer 2 connectivity from CE to CE
device without creating a service
Exercise 62 3 Were you successful at adding the SAP
No The port must be in access mode before you can create a SAP on it
Part 2 Verification
1
g How many Ingress labels
There are now 3 Ingress labels on the PE devices The P and CE device has no
service labels
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5052
50
h How many SWAP actions
There are now 3 Egress labels on the PE devices The P and CE device has noservice labels
2
a
How many OSPF adjacencies are there on your CE device3
b Are you able to ping the other CE devices in the lab
YES
c Are you able to ping the system IP address of the P device from the CE
device
NO The O and PE devices are private from the service to which the CEdevices are connected on
3
a How many services are there on each device in your POD
1 per PE only
b What is their status
Operationally UP
d On each PE device we can see the MAC database per service using the
following command
iii How many local MAC addresses are in your table
1
iv How many remote MAC addresses are in your table
3
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
i How many OSPF adjacencies are there on your CE device
1
ii Ping the system IP addresses of all other CE devices in the lab
Only the CE device connected to the diagonally connected PE isreachable because it is the only one with an active SDP in both
directionsf
i How many labels are there
Same as before
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5152
51
ii Is there any difference compared to what was seen in previously
in step a
NO The LSPs created with LDP are still active only the SDP usedto bind the LSPs to the service are shut down therefore no labelswill be withdrawn
Sample PE Relevant Configuration
--------------------------------------------------echo LDP Configuration
--------------------------------------------------
ldpinterface-parameters
interface to-R1
exit
interface to-R6
exit
interface to-R5exit
exit
targeted-session
exit
exitexit
--------------------------------------------------
echo Service Configuration
--------------------------------------------------
service
customer 1 createdescription Default customer
exit
sdp 6 mpls createfar-end 1401006
ldp
keep-alive
shutdown
exit
no shutdown
exitsdp 7 mpls create
far-end 1511001
ldp
keep-alive
shutdownexit
no shutdown
exit
sdp 8 mpls create
far-end 15110030
ldpkeep-alive
shutdown
exit
no shutdown
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5252
52
exit
vpls 612 customer 1 create
stp
shutdown
exitsap 112 create
exit
mesh-sdp 6612 create
mesh-sdp 7612 create
mesh-sdp 8612 createexitno shutdown
exit
exit A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4852
48
8 How many routes are in the routing table of R1-R4
There is 1 BGP route in each of R1-R4s routing tables matching the best path tothe aggregate advertised by the remote ISPs
9 Which devices were reachable
From the PE routers only the P routers in the local ISP were reachable
Which devices were not reachable
All routers in the remote ISP were still unreachable This is due to the local PE router
not participating in the BGP routing protocol and therefore it is not aware of theaggregate route advertised from P to P router
Sample Relevant Router Config
--------------------------------------------------
echo Static Route Configuration
--------------------------------------------------
static-route 140100024 black-hole--------------------------------------------------
echo Policy Configuration
-------------------------------------------------- policy-options
begin
policy-statement Export_Routes
entry 10
from protocol static
exit
action accept
exit
exit
exit
commitexit
--------------------------------------------------
echo BGP Configuration
--------------------------------------------------
bgpgroup eBGP
export Export_Routes
exit
group ebgpneighbor 1601006
peer-as 65002
exit
exitgroup ibgp
neighbor 1401002
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4952
49
peer-as 65001
exit
exit
exit
exit
Exercise 61Part 4 Verification
1 a How many PUSH actions on the P PE and CE devices
There are 7 PUSH operations on each P and PE device There are no PUSHoperations on the CE as it is not running LDP
b How many SWAP actions on the P PE and CE devices
There are 7 SWAP operations on each P and PE device There are no SWAP
operations on the CE as it is not running LDP
c How many POP actions on the P PE and CE devices
There is 1 POP operation on each P and PE device There are no POP operationson the CE device as it is not running LDP
2
a How many OSPF adjacencies are there on your CE device
None
b Ping the other CE devices in the network (ping 1921681x)
Nothing is reachable because there is no layer 2 connectivity from CE to CE
device without creating a service
Exercise 62 3 Were you successful at adding the SAP
No The port must be in access mode before you can create a SAP on it
Part 2 Verification
1
g How many Ingress labels
There are now 3 Ingress labels on the PE devices The P and CE device has no
service labels
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5052
50
h How many SWAP actions
There are now 3 Egress labels on the PE devices The P and CE device has noservice labels
2
a
How many OSPF adjacencies are there on your CE device3
b Are you able to ping the other CE devices in the lab
YES
c Are you able to ping the system IP address of the P device from the CE
device
NO The O and PE devices are private from the service to which the CEdevices are connected on
3
a How many services are there on each device in your POD
1 per PE only
b What is their status
Operationally UP
d On each PE device we can see the MAC database per service using the
following command
iii How many local MAC addresses are in your table
1
iv How many remote MAC addresses are in your table
3
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
i How many OSPF adjacencies are there on your CE device
1
ii Ping the system IP addresses of all other CE devices in the lab
Only the CE device connected to the diagonally connected PE isreachable because it is the only one with an active SDP in both
directionsf
i How many labels are there
Same as before
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5152
51
ii Is there any difference compared to what was seen in previously
in step a
NO The LSPs created with LDP are still active only the SDP usedto bind the LSPs to the service are shut down therefore no labelswill be withdrawn
Sample PE Relevant Configuration
--------------------------------------------------echo LDP Configuration
--------------------------------------------------
ldpinterface-parameters
interface to-R1
exit
interface to-R6
exit
interface to-R5exit
exit
targeted-session
exit
exitexit
--------------------------------------------------
echo Service Configuration
--------------------------------------------------
service
customer 1 createdescription Default customer
exit
sdp 6 mpls createfar-end 1401006
ldp
keep-alive
shutdown
exit
no shutdown
exitsdp 7 mpls create
far-end 1511001
ldp
keep-alive
shutdownexit
no shutdown
exit
sdp 8 mpls create
far-end 15110030
ldpkeep-alive
shutdown
exit
no shutdown
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5252
52
exit
vpls 612 customer 1 create
stp
shutdown
exitsap 112 create
exit
mesh-sdp 6612 create
mesh-sdp 7612 create
mesh-sdp 8612 createexitno shutdown
exit
exit A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 4952
49
peer-as 65001
exit
exit
exit
exit
Exercise 61Part 4 Verification
1 a How many PUSH actions on the P PE and CE devices
There are 7 PUSH operations on each P and PE device There are no PUSHoperations on the CE as it is not running LDP
b How many SWAP actions on the P PE and CE devices
There are 7 SWAP operations on each P and PE device There are no SWAP
operations on the CE as it is not running LDP
c How many POP actions on the P PE and CE devices
There is 1 POP operation on each P and PE device There are no POP operationson the CE device as it is not running LDP
2
a How many OSPF adjacencies are there on your CE device
None
b Ping the other CE devices in the network (ping 1921681x)
Nothing is reachable because there is no layer 2 connectivity from CE to CE
device without creating a service
Exercise 62 3 Were you successful at adding the SAP
No The port must be in access mode before you can create a SAP on it
Part 2 Verification
1
g How many Ingress labels
There are now 3 Ingress labels on the PE devices The P and CE device has no
service labels
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5052
50
h How many SWAP actions
There are now 3 Egress labels on the PE devices The P and CE device has noservice labels
2
a
How many OSPF adjacencies are there on your CE device3
b Are you able to ping the other CE devices in the lab
YES
c Are you able to ping the system IP address of the P device from the CE
device
NO The O and PE devices are private from the service to which the CEdevices are connected on
3
a How many services are there on each device in your POD
1 per PE only
b What is their status
Operationally UP
d On each PE device we can see the MAC database per service using the
following command
iii How many local MAC addresses are in your table
1
iv How many remote MAC addresses are in your table
3
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
i How many OSPF adjacencies are there on your CE device
1
ii Ping the system IP addresses of all other CE devices in the lab
Only the CE device connected to the diagonally connected PE isreachable because it is the only one with an active SDP in both
directionsf
i How many labels are there
Same as before
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5152
51
ii Is there any difference compared to what was seen in previously
in step a
NO The LSPs created with LDP are still active only the SDP usedto bind the LSPs to the service are shut down therefore no labelswill be withdrawn
Sample PE Relevant Configuration
--------------------------------------------------echo LDP Configuration
--------------------------------------------------
ldpinterface-parameters
interface to-R1
exit
interface to-R6
exit
interface to-R5exit
exit
targeted-session
exit
exitexit
--------------------------------------------------
echo Service Configuration
--------------------------------------------------
service
customer 1 createdescription Default customer
exit
sdp 6 mpls createfar-end 1401006
ldp
keep-alive
shutdown
exit
no shutdown
exitsdp 7 mpls create
far-end 1511001
ldp
keep-alive
shutdownexit
no shutdown
exit
sdp 8 mpls create
far-end 15110030
ldpkeep-alive
shutdown
exit
no shutdown
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5252
52
exit
vpls 612 customer 1 create
stp
shutdown
exitsap 112 create
exit
mesh-sdp 6612 create
mesh-sdp 7612 create
mesh-sdp 8612 createexitno shutdown
exit
exit A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5052
50
h How many SWAP actions
There are now 3 Egress labels on the PE devices The P and CE device has noservice labels
2
a
How many OSPF adjacencies are there on your CE device3
b Are you able to ping the other CE devices in the lab
YES
c Are you able to ping the system IP address of the P device from the CE
device
NO The O and PE devices are private from the service to which the CEdevices are connected on
3
a How many services are there on each device in your POD
1 per PE only
b What is their status
Operationally UP
d On each PE device we can see the MAC database per service using the
following command
iii How many local MAC addresses are in your table
1
iv How many remote MAC addresses are in your table
3
e On the PE devices (R5-R8) shutdown the SDP to the PE device in the
clockwise direction from you
i How many OSPF adjacencies are there on your CE device
1
ii Ping the system IP addresses of all other CE devices in the lab
Only the CE device connected to the diagonally connected PE isreachable because it is the only one with an active SDP in both
directionsf
i How many labels are there
Same as before
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5152
51
ii Is there any difference compared to what was seen in previously
in step a
NO The LSPs created with LDP are still active only the SDP usedto bind the LSPs to the service are shut down therefore no labelswill be withdrawn
Sample PE Relevant Configuration
--------------------------------------------------echo LDP Configuration
--------------------------------------------------
ldpinterface-parameters
interface to-R1
exit
interface to-R6
exit
interface to-R5exit
exit
targeted-session
exit
exitexit
--------------------------------------------------
echo Service Configuration
--------------------------------------------------
service
customer 1 createdescription Default customer
exit
sdp 6 mpls createfar-end 1401006
ldp
keep-alive
shutdown
exit
no shutdown
exitsdp 7 mpls create
far-end 1511001
ldp
keep-alive
shutdownexit
no shutdown
exit
sdp 8 mpls create
far-end 15110030
ldpkeep-alive
shutdown
exit
no shutdown
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5252
52
exit
vpls 612 customer 1 create
stp
shutdown
exitsap 112 create
exit
mesh-sdp 6612 create
mesh-sdp 7612 create
mesh-sdp 8612 createexitno shutdown
exit
exit A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5152
51
ii Is there any difference compared to what was seen in previously
in step a
NO The LSPs created with LDP are still active only the SDP usedto bind the LSPs to the service are shut down therefore no labelswill be withdrawn
Sample PE Relevant Configuration
--------------------------------------------------echo LDP Configuration
--------------------------------------------------
ldpinterface-parameters
interface to-R1
exit
interface to-R6
exit
interface to-R5exit
exit
targeted-session
exit
exitexit
--------------------------------------------------
echo Service Configuration
--------------------------------------------------
service
customer 1 createdescription Default customer
exit
sdp 6 mpls createfar-end 1401006
ldp
keep-alive
shutdown
exit
no shutdown
exitsdp 7 mpls create
far-end 1511001
ldp
keep-alive
shutdownexit
no shutdown
exit
sdp 8 mpls create
far-end 15110030
ldpkeep-alive
shutdown
exit
no shutdown
A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5252
52
exit
vpls 612 customer 1 create
stp
shutdown
exitsap 112 create
exit
mesh-sdp 6612 create
mesh-sdp 7612 create
mesh-sdp 8612 createexitno shutdown
exit
exit A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e
8102019 Alcatel-Lucent Scalable IP Lab Guide v20_downloadable
httpslidepdfcomreaderfullalcatel-lucent-scalable-ip-lab-guide-v20downloadable 5252
52
exit
vpls 612 customer 1 create
stp
shutdown
exitsap 112 create
exit
mesh-sdp 6612 create
mesh-sdp 7612 create
mesh-sdp 8612 createexitno shutdown
exit
exit A l c a t el -L u c en t C onf i d en t i al f or i n t er n al u s e
onl y --D oN o t Di s t r i b u t e