Jump to content
certDude865c

[CCIE-RS] Actual Facts on 3rd CFG

Recommended Posts

 

 

What specific mpls output requirement in 3.1 are you referring to?

 

On R6 , 10.4.0.0/16 ( 64001 64001 i)

Share this post


Link to post
Share on other sites

ANyone can answer this delimma for me ?

 

Trace from R50 to R40 loopback 0 - going through mpls and direct to R40 - which is violating question 2.8 ( all egress and ingress traffic must be routed primarily thru 41 - but this trace will go directly to R40 , how to solve this ?

 

1. Ping from R14 to 65005

Trace goes through MPLS

R14#traceroute 10.5.0.50 source lo0 num

Type escape sequence to abort.

Tracing the route to 10.5.0.50

VRF info: (vrf in name/id, vrf out name/id)

1 10.1.114.2 1 msec

10.1.214.2 0 msec

10.1.114.2 1 msec

2 10.1.21.1 0 msec

10.1.22.1 0 msec

10.1.23.1 1 msec

3 10.1.10.1 0 msec

10.1.13.1 0 msec 1 msec

4 100.10.0.1 [AS 19999] 1 msec 0 msec 1 msec

5 100.1.3.1 [AS 19999] [MPLS: Labels 16/25 Exp 0] 1 msec 1 msec 1 msec

6 100.50.0.1 [AS 19999] [MPLS: Label 25 Exp 0] 1 msec 1 msec 1 msec

7 100.50.0.2 [AS 19999] 1 msec 2 msec 1 msec

8 10.5.10.2 [AS 65005] 2 msec * 2 msec

R14#

 

 

2. spoke to spoke (through DMVPN)

R60 to 65005

R60#traceroute 10.5.0.50 source lo0 num

Type escape sequence to abort.

Tracing the route to 10.5.0.50

VRF info: (vrf in name/id, vrf out name/id)

1 10.100.0.51 1 msec 0 msec 1 msec

2 10.5.11.2 [AS 65005] 0 msec 1 msec 0 msec

3 10.5.109.1 [AS 65005] 1 msec * 2 msec

R60#

 

SW500 to R60

SW500#traceroute

Protocol [ip]:

Target IP address: 10.6.60.60

Tracing the route to 10.6.60.60

VRF info: (vrf in name/id, vrf out name/id)

1 10.5.109.2 1 msec 0 msec 0 msec

2 10.5.11.1 1 msec 1 msec 0 msec

3 10.100.0.60 [AS 65006] 2 msec 1 msec *

SW500#

 

3. Trace from MO to LO Traffic enters through R41

SW500#traceroute

Protocol [ip]:

Target IP address: 10.4.100.200

Tracing the route to USER4 (10.4.100.200)

VRF info: (vrf in name/id, vrf out name/id)

1 10.5.109.2 0 msec 1 msec 0 msec

2 10.5.11.1 1 msec 0 msec 0 msec

3 10.100.0.1 [AS 65006] 2 msec 2 msec 3 msec

4 10.1.114.2 [AS 65001] 2 msec 2 msec 1 msec

5 10.1.20.1 [AS 65001] 2 msec

10.1.22.1 [AS 65001] 1 msec 2 msec

6 10.1.12.1 [AS 65001] 2 msec 1 msec

10.1.11.1 [AS 65001] 1 msec

7 101.11.0.1 [AS 19999] 1 msec 1 msec 1 msec

8 101.41.0.2 [AS 19999] 1 msec 3 msec 4 msec

9 10.4.11.2 [AS 65004] 4 msec 3 msec 2 msec

10 USER4 (10.4.100.200) [AS 65004] 2 msec * 2 msec

 

4.0 Trace from LO to MO traffic enters through R50

USER4#traceroute 10.5.0.50 numeric

Type escape sequence to abort.

Tracing the route to 10.5.0.50

VRF info: (vrf in name/id, vrf out name/id)

1 10.4.100.252 0 msec 1 msec 0 msec

2 10.4.13.1 1 msec 1 msec 1 msec

3 101.41.0.1 1 msec 1 msec 1 msec

4 101.11.0.2 2 msec 1 msec 1 msec

5 10.1.99.1 1 msec 1 msec 2 msec

6 100.10.0.1 1 msec 1 msec 1 msec

7 100.1.3.1 [MPLS: Labels 16/25 Exp 0] 3 msec 3 msec 2 msec

8 100.50.0.1 [MPLS: Label 25 Exp 0] 2 msec 5 msec 3 msec

9 100.50.0.2 1 msec 4 msec 2 msec

10 10.5.10.2 2 msec * 3 msec

 

 

R60#show ip route nhrp

 

Gateway of last resort is 200.99.60.1 to network 0.0.0.0

 

10.0.0.0/8 is variably subnetted, 13 subnets, 3 masks

H 10.5.0.50/32 [250/1] via 10.100.0.51, 01:27:40, Tunnel0

 

 

R51#show ip route nhrp

 

Gateway of last resort is 10.5.50.50 to network 0.0.0.0

 

10.0.0.0/8 is variably subnetted, 20 subnets, 4 masks

H 10.6.60.60/32 [250/1] via 10.100.0.60, 01:28:26, Tunnel0

 

 

5.0 Also trace from R50 to R40 lo0 is entering via R41

R50#traceroute 10.4.40.40 source lo0 num

Type escape sequence to abort.

Tracing the route to 10.4.40.40

VRF info: (vrf in name/id, vrf out name/id)

1 10.5.10.2 0 msec 1 msec 0 msec

2 10.5.109.2 1 msec 0 msec 1 msec

3 10.5.11.1 1 msec 0 msec 1 msec

4 10.100.0.1 [AS 65006] 2 msec 1 msec 2 msec

5 10.1.114.2 [AS 65001] 1 msec 1 msec 1 msec

6 10.1.20.1 [AS 65001] 1 msec

10.1.22.1 [AS 65001] 2 msec

10.1.20.1 [AS 65001] 3 msec

7 10.1.11.1 [AS 65001] 3 msec

10.1.12.1 [AS 65001] 3 msec

10.1.11.1 [AS 65001] 3 msec

8 101.11.0.1 [AS 19999] 2 msec 2 msec 4 msec

9 101.41.0.2 [AS 19999] 2 msec 3 msec 4 msec

10 10.4.99.1 [AS 65004] 4 msec * 2 msec

 

I did not change any Next-hop at R14. I only used a route-map inbound at R14 and changed weight for 10.5.0.0.

I beleive changing the next hop may break NHRP since routes received from HUB should show HUB as next-hop. This will allow Spokes to contact HUB at initial phase of NHRP phase3 process.

Share this post


Link to post
Share on other sites

I did not change any Next-hop at R14. I only used a route-map inbound at R14 and changed weight for 10.5.0.0.

I beleive changing the next hop may break NHRP since routes received from HUB should show HUB as next-hop. This will allow Spokes to contact HUB at initial phase of NHRP phase3 process.

 

Amen to this.

Share this post


Link to post
Share on other sites

So traffic from 10.5.0.0/16 subnet to subnets 10.1.0.0,10.2.0.0,10.3.0.0,10.4.0.0,10.6.0.0 and 10.7.0.0 should go to DMVPN first?

 

What about the restriction in MPLS section - - Offices must not communicate directly between each other.

 

If DMVPN goes down then traffic from 10.5.0.0 to 10.4.0.0 should go directly between sites in MPLS

Share this post


Link to post
Share on other sites

1. Ping from R14 to 65005

Trace goes through MPLS

R14#traceroute 10.5.0.50 source lo0 num

Type escape sequence to abort.

Tracing the route to 10.5.0.50

VRF info: (vrf in name/id, vrf out name/id)

1 10.1.114.2 1 msec

10.1.214.2 0 msec

10.1.114.2 1 msec

2 10.1.21.1 0 msec

10.1.22.1 0 msec

10.1.23.1 1 msec

3 10.1.10.1 0 msec

10.1.13.1 0 msec 1 msec

4 100.10.0.1 [AS 19999] 1 msec 0 msec 1 msec

5 100.1.3.1 [AS 19999] [MPLS: Labels 16/25 Exp 0] 1 msec 1 msec 1 msec

6 100.50.0.1 [AS 19999] [MPLS: Label 25 Exp 0] 1 msec 1 msec 1 msec

7 100.50.0.2 [AS 19999] 1 msec 2 msec 1 msec

8 10.5.10.2 [AS 65005] 2 msec * 2 msec

R14#

 

 

2. spoke to spoke (through DMVPN)

R60 to 65005

R60#traceroute 10.5.0.50 source lo0 num

Type escape sequence to abort.

Tracing the route to 10.5.0.50

VRF info: (vrf in name/id, vrf out name/id)

1 10.100.0.51 1 msec 0 msec 1 msec

2 10.5.11.2 [AS 65005] 0 msec 1 msec 0 msec

3 10.5.109.1 [AS 65005] 1 msec * 2 msec

R60#

 

SW500 to R60

SW500#traceroute

Protocol [ip]:

Target IP address: 10.6.60.60

Tracing the route to 10.6.60.60

VRF info: (vrf in name/id, vrf out name/id)

1 10.5.109.2 1 msec 0 msec 0 msec

2 10.5.11.1 1 msec 1 msec 0 msec

3 10.100.0.60 [AS 65006] 2 msec 1 msec *

SW500#

 

3. Trace from MO to LO Traffic enters through R41

SW500#traceroute

Protocol [ip]:

Target IP address: 10.4.100.200

Tracing the route to USER4 (10.4.100.200)

VRF info: (vrf in name/id, vrf out name/id)

1 10.5.109.2 0 msec 1 msec 0 msec

2 10.5.11.1 1 msec 0 msec 0 msec

3 10.100.0.1 [AS 65006] 2 msec 2 msec 3 msec

4 10.1.114.2 [AS 65001] 2 msec 2 msec 1 msec

5 10.1.20.1 [AS 65001] 2 msec

10.1.22.1 [AS 65001] 1 msec 2 msec

6 10.1.12.1 [AS 65001] 2 msec 1 msec

10.1.11.1 [AS 65001] 1 msec

7 101.11.0.1 [AS 19999] 1 msec 1 msec 1 msec

8 101.41.0.2 [AS 19999] 1 msec 3 msec 4 msec

9 10.4.11.2 [AS 65004] 4 msec 3 msec 2 msec

10 USER4 (10.4.100.200) [AS 65004] 2 msec * 2 msec

 

4.0 Trace from LO to MO traffic enters through R50

USER4#traceroute 10.5.0.50 numeric

Type escape sequence to abort.

Tracing the route to 10.5.0.50

VRF info: (vrf in name/id, vrf out name/id)

1 10.4.100.252 0 msec 1 msec 0 msec

2 10.4.13.1 1 msec 1 msec 1 msec

3 101.41.0.1 1 msec 1 msec 1 msec

4 101.11.0.2 2 msec 1 msec 1 msec

5 10.1.99.1 1 msec 1 msec 2 msec

6 100.10.0.1 1 msec 1 msec 1 msec

7 100.1.3.1 [MPLS: Labels 16/25 Exp 0] 3 msec 3 msec 2 msec

8 100.50.0.1 [MPLS: Label 25 Exp 0] 2 msec 5 msec 3 msec

9 100.50.0.2 1 msec 4 msec 2 msec

10 10.5.10.2 2 msec * 3 msec

 

 

R60#show ip route nhrp

 

Gateway of last resort is 200.99.60.1 to network 0.0.0.0

 

10.0.0.0/8 is variably subnetted, 13 subnets, 3 masks

H 10.5.0.50/32 [250/1] via 10.100.0.51, 01:27:40, Tunnel0

 

 

R51#show ip route nhrp

 

Gateway of last resort is 10.5.50.50 to network 0.0.0.0

 

10.0.0.0/8 is variably subnetted, 20 subnets, 4 masks

H 10.6.60.60/32 [250/1] via 10.100.0.60, 01:28:26, Tunnel0

 

 

5.0 Also trace from R50 to R40 lo0 is entering via R41

R50#traceroute 10.4.40.40 source lo0 num

Type escape sequence to abort.

Tracing the route to 10.4.40.40

VRF info: (vrf in name/id, vrf out name/id)

1 10.5.10.2 0 msec 1 msec 0 msec

2 10.5.109.2 1 msec 0 msec 1 msec

3 10.5.11.1 1 msec 0 msec 1 msec

4 10.100.0.1 [AS 65006] 2 msec 1 msec 2 msec

5 10.1.114.2 [AS 65001] 1 msec 1 msec 1 msec

6 10.1.20.1 [AS 65001] 1 msec

10.1.22.1 [AS 65001] 2 msec

10.1.20.1 [AS 65001] 3 msec

7 10.1.11.1 [AS 65001] 3 msec

10.1.12.1 [AS 65001] 3 msec

10.1.11.1 [AS 65001] 3 msec

8 101.11.0.1 [AS 19999] 2 msec 2 msec 4 msec

9 101.41.0.2 [AS 19999] 2 msec 3 msec 4 msec

10 10.4.99.1 [AS 65004] 4 msec * 2 msec

 

I did not change any Next-hop at R14. I only used a route-map inbound at R14 and changed weight for 10.5.0.0.

I beleive changing the next hop may break NHRP since routes received from HUB should show HUB as next-hop. This will allow Spokes to contact HUB at initial phase of NHRP phase3 process.

 

 

 

 

Hi kdjulianofr,

 

Can you please share your full bgp configuration on R14/R40/R41/R51 (with prefix-list/route-map commands) regarding task 2.8?

 

thanks.

Share this post


Link to post
Share on other sites

So traffic from 10.5.0.0/16 subnet to subnets 10.1.0.0,10.2.0.0,10.3.0.0,10.4.0.0,10.6.0.0 and 10.7.0.0 should go to DMVPN first?

 

What about the restriction in MPLS section - - Offices must not communicate directly between each other.

 

If DMVPN goes down then traffic from 10.5.0.0 to 10.4.0.0 should go directly between sites in MPLS

 

On R14

ip prefix-list DMVPN seq 5 permit 10.5.0.0/16

route-map DMVPN permit 10

match ip address prefix-list DMVPN

set local-preference 99

route-map DMVPN permit 20

router bgp 65001

neighbor DMVPN(Peer group for Spokes) route-map DMVPN in

 

IMO this is The Solution. what you say?

Edited by zubairburki

Share this post


Link to post
Share on other sites

1. Ping from R14 to 65005

Trace goes through MPLS

R14#traceroute 10.5.0.50 source lo0 num

Type escape sequence to abort.

Tracing the route to 10.5.0.50

VRF info: (vrf in name/id, vrf out name/id)

1 10.1.114.2 1 msec

10.1.214.2 0 msec

10.1.114.2 1 msec

2 10.1.21.1 0 msec

10.1.22.1 0 msec

10.1.23.1 1 msec

3 10.1.10.1 0 msec

10.1.13.1 0 msec 1 msec

4 100.10.0.1 [AS 19999] 1 msec 0 msec 1 msec

5 100.1.3.1 [AS 19999] [MPLS: Labels 16/25 Exp 0] 1 msec 1 msec 1 msec

6 100.50.0.1 [AS 19999] [MPLS: Label 25 Exp 0] 1 msec 1 msec 1 msec

7 100.50.0.2 [AS 19999] 1 msec 2 msec 1 msec

8 10.5.10.2 [AS 65005] 2 msec * 2 msec

R14#

 

 

2. spoke to spoke (through DMVPN)

R60 to 65005

R60#traceroute 10.5.0.50 source lo0 num

Type escape sequence to abort.

Tracing the route to 10.5.0.50

VRF info: (vrf in name/id, vrf out name/id)

1 10.100.0.51 1 msec 0 msec 1 msec

2 10.5.11.2 [AS 65005] 0 msec 1 msec 0 msec

3 10.5.109.1 [AS 65005] 1 msec * 2 msec

R60#

 

SW500 to R60

SW500#traceroute

Protocol [ip]:

Target IP address: 10.6.60.60

Tracing the route to 10.6.60.60

VRF info: (vrf in name/id, vrf out name/id)

1 10.5.109.2 1 msec 0 msec 0 msec

2 10.5.11.1 1 msec 1 msec 0 msec

3 10.100.0.60 [AS 65006] 2 msec 1 msec *

SW500#

 

3. Trace from MO to LO Traffic enters through R41

SW500#traceroute

Protocol [ip]:

Target IP address: 10.4.100.200

Tracing the route to USER4 (10.4.100.200)

VRF info: (vrf in name/id, vrf out name/id)

1 10.5.109.2 0 msec 1 msec 0 msec

2 10.5.11.1 1 msec 0 msec 0 msec

3 10.100.0.1 [AS 65006] 2 msec 2 msec 3 msec

4 10.1.114.2 [AS 65001] 2 msec 2 msec 1 msec

5 10.1.20.1 [AS 65001] 2 msec

10.1.22.1 [AS 65001] 1 msec 2 msec

6 10.1.12.1 [AS 65001] 2 msec 1 msec

10.1.11.1 [AS 65001] 1 msec

7 101.11.0.1 [AS 19999] 1 msec 1 msec 1 msec

8 101.41.0.2 [AS 19999] 1 msec 3 msec 4 msec

9 10.4.11.2 [AS 65004] 4 msec 3 msec 2 msec

10 USER4 (10.4.100.200) [AS 65004] 2 msec * 2 msec

 

4.0 Trace from LO to MO traffic enters through R50

USER4#traceroute 10.5.0.50 numeric

Type escape sequence to abort.

Tracing the route to 10.5.0.50

VRF info: (vrf in name/id, vrf out name/id)

1 10.4.100.252 0 msec 1 msec 0 msec

2 10.4.13.1 1 msec 1 msec 1 msec

3 101.41.0.1 1 msec 1 msec 1 msec

4 101.11.0.2 2 msec 1 msec 1 msec

5 10.1.99.1 1 msec 1 msec 2 msec

6 100.10.0.1 1 msec 1 msec 1 msec

7 100.1.3.1 [MPLS: Labels 16/25 Exp 0] 3 msec 3 msec 2 msec

8 100.50.0.1 [MPLS: Label 25 Exp 0] 2 msec 5 msec 3 msec

9 100.50.0.2 1 msec 4 msec 2 msec

10 10.5.10.2 2 msec * 3 msec

 

 

R60#show ip route nhrp

 

Gateway of last resort is 200.99.60.1 to network 0.0.0.0

 

10.0.0.0/8 is variably subnetted, 13 subnets, 3 masks

H 10.5.0.50/32 [250/1] via 10.100.0.51, 01:27:40, Tunnel0

 

 

R51#show ip route nhrp

 

Gateway of last resort is 10.5.50.50 to network 0.0.0.0

 

10.0.0.0/8 is variably subnetted, 20 subnets, 4 masks

H 10.6.60.60/32 [250/1] via 10.100.0.60, 01:28:26, Tunnel0

 

 

5.0 Also trace from R50 to R40 lo0 is entering via R41

R50#traceroute 10.4.40.40 source lo0 num

Type escape sequence to abort.

Tracing the route to 10.4.40.40

VRF info: (vrf in name/id, vrf out name/id)

1 10.5.10.2 0 msec 1 msec 0 msec

2 10.5.109.2 1 msec 0 msec 1 msec

3 10.5.11.1 1 msec 0 msec 1 msec

4 10.100.0.1 [AS 65006] 2 msec 1 msec 2 msec

5 10.1.114.2 [AS 65001] 1 msec 1 msec 1 msec

6 10.1.20.1 [AS 65001] 1 msec

10.1.22.1 [AS 65001] 2 msec

10.1.20.1 [AS 65001] 3 msec

7 10.1.11.1 [AS 65001] 3 msec

10.1.12.1 [AS 65001] 3 msec

10.1.11.1 [AS 65001] 3 msec

8 101.11.0.1 [AS 19999] 2 msec 2 msec 4 msec

9 101.41.0.2 [AS 19999] 2 msec 3 msec 4 msec

10 10.4.99.1 [AS 65004] 4 msec * 2 msec

 

I did not change any Next-hop at R14. I only used a route-map inbound at R14 and changed weight for 10.5.0.0.

I beleive changing the next hop may break NHRP since routes received from HUB should show HUB as next-hop. This will allow Spokes to contact HUB at initial phase of NHRP phase3 process.

 

Please do a trace from any other Device in DC1 to Medium office and Post the output here.. let's say from R13 or R12 to R51 L0

Share this post


Link to post
Share on other sites

@kdjulianofr

 

3. Trace from MO to LO Traffic enters through R41

breaks the below restriction

"The MPLS path (via R50) must be the preferred path for both ingress and egress

traffic except for traffic between spoke DMVPN sites for which the DMVPN path

(via R51) must be preferred over the mpls path"

 

also using any next-hop manipulation will ensure that SO will never reach MO in case the tunnel on the MO fails, which is against point #2 in the below requirement

 

@Guys

the below requirement can be met at the same time (K3 shares task 2.8)

 

 

#1- The MPLS path (via R50) must be the preferred path for both ingress and egress

traffic except for traffic between spoke DMVPN sites for which the DMVPN path

(via R51) must be preferred over the MPLS path.

#2- Ensure that traffic between 10.5.0.0/16 and 10.6.0.0/16 is routed primary via the

DMVPN cloud. Ensure that DMVPN’s dynamic spoke-to-spoke tunnels are still

functional.

#3- All other traffic (including Internet traffic) must be routed primarily via the MPLS

path (via R50) and must only be routed via the DMVPN path (via R51) if the

primary uplink or its control-plane is down.

 

but if we add to them a trace from R14 to MO AS 65005 being routed through MPLS,,,, then it is not possible...because no matter what we will use, it will break the point #2 above

Share this post


Link to post
Share on other sites

@kdjulianofr

 

3. Trace from MO to LO Traffic enters through R41

breaks the below restriction

"The MPLS path (via R50) must be the preferred path for both ingress and egress

traffic except for traffic between spoke DMVPN sites for which the DMVPN path

(via R51) must be preferred over the mpls path"

 

also using any next-hop manipulation will ensure that SO will never reach MO in case the tunnel on the MO fails, which is against point #2 in the below requirement

 

@Guys

the below requirement can be met at the same time (K3 shares task 2.8)

 

 

#1- The MPLS path (via R50) must be the preferred path for both ingress and egress

traffic except for traffic between spoke DMVPN sites for which the DMVPN path

(via R51) must be preferred over the MPLS path.

#2- Ensure that traffic between 10.5.0.0/16 and 10.6.0.0/16 is routed primary via the

DMVPN cloud. Ensure that DMVPN’s dynamic spoke-to-spoke tunnels are still

functional.

#3- All other traffic (including Internet traffic) must be routed primarily via the MPLS

path (via R50) and must only be routed via the DMVPN path (via R51) if the

primary uplink or its control-plane is down.

 

but if we add to them a trace from R14 to MO AS 65005 being routed through MPLS,,,, then it is not possible...because no matter what we will use, it will break the point #2 above

 

Please try my solution at post #793 and Verify if it's good. because with this my trace from R14 to MO goes through MPLS and Spoke to Spoke direct via DMVPN.

Share this post


Link to post
Share on other sites

On R14

ip prefix-list DMVPN seq 5 permit 10.5.0.0/16

route-map DMVPN permit 10

match ip address prefix-list DMVPN

set local-preference 99

route-map DMVPN permit 20

router bgp 65001

neighbor DMVPN(Peer group for Spokes) route-map DMVPN in

 

IMO this is The Solution. what you say?

 

sadly, this is wrong, this way R14 will prefer the MPLS to MO, and will never do the NHRP redirect, thus SO will follow R14 path through MPLS.

 

@Guys, in simple there are 2 options for DMVPN:

 

1- R14 prefers to route to MO through the tunnel "using Weight or LP", resulting in Spoke-to-Spoke traffic to flow directly and in "DMVPN phase 3", but it will fail the "alleged" trace from R14 to MO through MPLS.

2- R60 receives the MO prefixes with the next-hop of R51 DMVPN tunnel ip address as the next-hop "DMVPN phase 2". in the DMVPN requirement, they are clearly asking for DMVPN phase 3, beside this choice will require next-hop manipulation on R14, which will break 2.8 task "#- Ensure that traffic between 10.5.0.0/16 and 10.6.0.0/16 is routed primary via the

DMVPN cloud. Ensure that DMVPN’s dynamic spoke-to-spoke tunnels are still functional."

Share this post


Link to post
Share on other sites

I think we taking it too much far, I've got feedback from friend who passed the Lab exam with H3 and he took the following action on section 2.8:

 

1) R50 do default LP 101

2) R51 inbound LP from R14 for 10.6/16 to be 102, anything else should be default LP 100

3) R14 outbound LP 99 toward R13 for prefix 10.5/16, anything else should be the default LP 100, this will force all

nodes in DC1 to choose R10 to reach AS65005.

Only R14 in DC1 must reach both AS65005 and AS65006 through the DMVPN tunnel directly, if it is not, then site-

to-site will not work properly, means R60 could reach AS65005 through R14 >> R10 >> MPLS >> AS 65005, and

this is against the requirement

Share this post


Link to post
Share on other sites

I think we taking it too much far, I've got feedback from friend who passed the Lab exam with H3 and he took the following action on section 2.8:

 

1) R50 do default LP 101

2) R51 inbound LP from R14 for 10.6/16 to be 102, anything else should be default LP 100

3) R14 outbound LP 99 toward R13 for prefix 10.5/16, anything else should be the default LP 100, this will force all

nodes in DC1 to choose R10 to reach AS65005.

Only R14 in DC1 must reach both AS65005 and AS65006 through the DMVPN tunnel directly, if it is not, then site-

to-site will not work properly, means R60 could reach AS65005 through R14 >> R10 >> MPLS >> AS 65005, and

this is against the requirement

 

finally, someone denies the "alleged" trace that says R14 should route to MO through MPLS.

 

thanks my friend.

Hidden Content

    Give reaction to this post to see the hidden content.
/uploads/emoticons/default_smile.png">

Share this post


Link to post
Share on other sites

sadly, this is wrong, this way R14 will prefer the MPLS to MO, and will never do the NHRP redirect, thus SO will follow R14 path through MPLS.

 

Absolutely not true...

 

 

R14#trace 10.5.50.50

Type escape sequence to abort.

Tracing the route to 10.5.50.50

VRF info: (vrf in name/id, vrf out name/id)

1 10.100.0.51 [AS 19999] 8 msec 6 msec 7 msec

2 10.5.11.2 [AS 65005] 10 msec 10 msec 9 msec

3 10.5.109.1 [AS 65005] 10 msec 9 msec 10 msec

4 10.5.10.1 [AS 65005] 9 msec * 8 msec

 

 

R11#trace 10.5.50.50

Type escape sequence to abort.

Tracing the route to 10.5.50.50

VRF info: (vrf in name/id, vrf out name/id)

1 10.1.99.1 1 msec 0 msec 0 msec

2 100.10.0.1 [AS 10000] 1 msec 2 msec 2 msec

3 100.1.3.1 [AS 19999] [MPLS: Labels 16/25 Exp 0] 4 msec 2 msec 2 msec

4 100.50.0.1 [AS 10000] [MPLS: Label 25 Exp 0] 1 msec 3 msec 3 msec

5 100.50.0.2 [AS 10000] 4 msec 3 msec *

Share this post


Link to post
Share on other sites

Absolutely not true...

 

 

R14#trace 10.5.50.50

Type escape sequence to abort.

Tracing the route to 10.5.50.50

VRF info: (vrf in name/id, vrf out name/id)

1 10.100.0.51 [AS 19999] 8 msec 6 msec 7 msec

2 10.5.11.2 [AS 65005] 10 msec 10 msec 9 msec

3 10.5.109.1 [AS 65005] 10 msec 9 msec 10 msec

4 10.5.10.1 [AS 65005] 9 msec * 8 msec

 

 

R11#trace 10.5.50.50

Type escape sequence to abort.

Tracing the route to 10.5.50.50

VRF info: (vrf in name/id, vrf out name/id)

1 10.1.99.1 1 msec 0 msec 0 msec

2 100.10.0.1 [AS 10000] 1 msec 2 msec 2 msec

3 100.1.3.1 [AS 19999] [MPLS: Labels 16/25 Exp 0] 4 msec 2 msec 2 msec

4 100.50.0.1 [AS 10000] [MPLS: Label 25 Exp 0] 1 msec 3 msec 3 msec

5 100.50.0.2 [AS 10000] 4 msec 3 msec *

 

if you are labbing this, try to clear the NHRP registers, because simply if you do the below:

 

On R14

ip prefix-list DMVPN seq 5 permit 10.5.0.0/16

route-map DMVPN permit 10

match ip address prefix-list DMVPN

set local-preference 99

route-map DMVPN permit 20

router bgp 65001

neighbor DMVPN(Peer group for Spokes) route-map DMVPN in

 

on R14:

- The route through MPLS received from R10/R11 will have a default LP of 100

- The route received through DMVPN from will have a LP of 99.

 

so R14 will prefer to select the first route and will send it to R60 with itself "R14" as the next-hop, thus R60 will send traffic to R14, R14 will send it to R10/R11....and so on through the MPLS.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...