Jump to content
Firass81

Anyone needs help on H2/H2+, Just relpy here please.

Recommended Posts

Hello,

 

Could anyone please share 2.4 (R15/R16 section) , 2.6 and 2.8 configuration? In my config , when I shutdown backdoor I have short loop and after a while it works fine

Share this post


Link to post
Share on other sites

Good point!

So best solution seems to be configuring redistribution with metric-type 1 on R18, and Ext2 on R15/16

 

Something like this:

R18#sh run | s r o

router ospf 1

redistribute bgp 65002 metric-type 1 subnets

 

R15#sh run | s r b

router bgp 65002

..

redistribute ospf 1 match internal external 2

 

Do you see any drawbacks on this solution?

 

Cheers!

This solution is for H2, not for H2+

Share this post


Link to post
Share on other sites

Hi guys,

 

for SPOTO H2 S2.7, when redistributing OSPF routes to EIGRP on R9/R10, why do we need to match on 'metric 10 +- 11' and why we use two different "set metric X X X X X" ? Not sure I get the solution (config below)

 

route-map METRIC permit 10

match metric +- 11

set metric 10000 100 255 1 1500

route-map METRIC permit 20

set metric 1000 100 255 1 1500

 

route eigrp JACOBS

address-family ipv4 unicast as 1

topo base

red ospf 1 route-map METRIC

 

And on Section 2.8, traffic bet 10.2.100.0/24 <> 172.18.1.0/24 must be routed via BGP backdoor link bet. R18/R57. The SPOTO didnt clearly show the answer for this and just want to verify whether using UNSUPPRESS-MAP on the AGGREGATE is the answer for this to work as per the requirements (However, it mentioned not to configure ANY Route-MAP nor acl to achieve this)?

 

Please help. Thanks

Share this post


Link to post
Share on other sites

This solution is for H2, not for H2+

 

What is the difference? In both labs (H2/H2+) you have the same requirement -> "Ensure that any prefix originated in any of these main sites will not advertise back to same site via a redudant gateway "

So prefix originated in AS65005 (172.0.0.0/8 for example) shouldn't be announced from MPLS cloud to the same office (R55/R56), so R15/16 should not advertise this subnet to eBGP peers.

Am I missing something?

Share this post


Link to post
Share on other sites

Hi guys,

 

for SPOTO H2 S2.7, when redistributing OSPF routes to EIGRP on R9/R10, why do we need to match on 'metric 10 +- 11' and why we use two different "set metric X X X X X" ? Not sure I get the solution (config below)

 

route-map METRIC permit 10

match metric +- 11

set metric 10000 100 255 1 1500

route-map METRIC permit 20

set metric 1000 100 255 1 1500

 

route eigrp JACOBS

address-family ipv4 unicast as 1

topo base

red ospf 1 route-map METRIC

 

And on Section 2.8, traffic bet 10.2.100.0/24 <> 172.18.1.0/24 must be routed via BGP backdoor link bet. R18/R57. The SPOTO didnt clearly show the answer for this and just want to verify whether using UNSUPPRESS-MAP on the AGGREGATE is the answer for this to work as per the requirements (However, it mentioned not to configure ANY Route-MAP nor acl to achieve this)?

 

Please help. Thanks

 

Hi,

 

In H2, you cannot modify any ad distance per requirement. R50 will load balance between R53 and R54 traffic from 65006 to 65001. If you check the paths, you will notice that there is one path with fewer hops, so OSPF will always select this one. Now, if you check the ospf route rable on R9 and R10, will see that the network 10.254.0.24 (that is, between R2 and R8) is different, 30 on R9 and 20 on R10. To solve the problem without changing the cost, you should modify EIGRP metric as follows, if ospf cost is 0-21 then BW 10000, if ospf above 21, BW 1000.

 

This problem will not be on H2+ since you can modify AD, and the easy solution there is to change OSPF AD higher than EIGRP (>170).

 

Regarding 2.8, if you are still asking about H2, you do not have to use unsupress map at all. First of all, you will network the /24 LAN on R18/R57 to allow the preferred backdoor link. Realize that you are not using summary-only on the aggregates (adding summary-only would block this networks address, /24). On R55/56, you have to use the summary only for the aggregate 172.18../16 and this prefix will be adv to R15-16 through the MPLS link from AS65005 -> AS65006 -> AS65001 -> AS65002. This last one will advertise the prefix to SW3/4 via OSPF.

 

So SW3/4 will receive 172.18.0.0/16 from R15-16 and 172.18.1.0/24 from R18, prefering the last one because of the length, being then the main path.

 

Hope I was clear enough on the explanation.

  • Like 1

Share this post


Link to post
Share on other sites

Hi team,

I Have the below doubts on 3.3 (Merge 65001 with 65006 at BGP level).

 

First of all, on h2 and h2+ is there any difference in point 3.3?

 

Second one, as per some feedbacks from chats and colleagues there are 2 options to do 3.3 point:

 

Exam requires just like: convert the AS65006 into AS65001. Do not touch r55 r56 r58 configuration.

 

 

First solution (use local-as 65001 to RR1):

R50/51/52

router bgp 65006

neighbor 10.255.1.1 remote-as 65001

neighbor 10.255.1.1 local-as 65001

!

add vpnv4

10.255.1.1 act

exit

!

--------------------

 

Second solution (use local-as 65006 to CEs):

R50/51/52

 

 

removed router bgp 65006 and configured router bgp 65001 with local-as with CEs on R50,51,52

 

no router bgp 65006

router bgp 65001

neighbor 10.255.1.1 remote-as 65001

neighbor 10.255.1.1 update-source Loopback0 0.

address-family vpnv4

neighbor 10.255.1.1 activate

add ipv4 vrf XXX neigh CE local-as 65006 no-prep replace-as

neigh CE activ

exi

 

 

 

do you know when is required to apply one of them ? or what is the correct solution.

Share this post


Link to post
Share on other sites

Hi,

 

In H2, you cannot modify any ad distance per requirement. R50 will load balance between R53 and R54 traffic from 65006 to 65001. If you check the paths, you will notice that there is one path with fewer hops, so OSPF will always select this one. Now, if you check the ospf route rable on R9 and R10, will see that the network 10.254.0.24 (that is, between R2 and R8) is different, 30 on R9 and 20 on R10. To solve the problem without changing the cost, you should modify EIGRP metric as follows, if ospf cost is 0-21 then BW 10000, if ospf above 21, BW 1000.

 

This problem will not be on H2+ since you can modify AD, and the easy solution there is to change OSPF AD higher than EIGRP (>170).

 

Regarding 2.8, if you are still asking about H2, you do not have to use unsupress map at all. First of all, you will network the /24 LAN on R18/R57 to allow the preferred backdoor link. Realize that you are not using summary-only on the aggregates (adding summary-only would block this networks address, /24). On R55/56, you have to use the summary only for the aggregate 172.18../16 and this prefix will be adv to R15-16 through the MPLS link from AS65005 -> AS65006 -> AS65001 -> AS65002. This last one will advertise the prefix to SW3/4 via OSPF.

 

So SW3/4 will receive 172.18.0.0/16 from R15-16 and 172.18.1.0/24 from R18, prefering the last one because of the length, being then the main path.

 

Hope I was clear enough on the explanation.

 

Thanks man! that makes sense.

  • Like 1

Share this post


Link to post
Share on other sites

Hi team,

I Have the below doubts on 3.3 (Merge 65001 with 65006 at BGP level).

 

First of all, on h2 and h2+ is there any difference in point 3.3?

 

Second one, as per some feedbacks from chats and colleagues there are 2 options to do 3.3 point:

 

Exam requires just like: convert the AS65006 into AS65001. Do not touch r55 r56 r58 configuration.

 

 

First solution (use local-as 65001 to RR1):

R50/51/52

router bgp 65006

neighbor 10.255.1.1 remote-as 65001

neighbor 10.255.1.1 local-as 65001

!

add vpnv4

10.255.1.1 act

exit

!

--------------------

 

Second solution (use local-as 65006 to CEs):

R50/51/52

 

 

removed router bgp 65006 and configured router bgp 65001 with local-as with CEs on R50,51,52

 

no router bgp 65006

router bgp 65001

neighbor 10.255.1.1 remote-as 65001

neighbor 10.255.1.1 update-source Loopback0 0.

address-family vpnv4

neighbor 10.255.1.1 activate

add ipv4 vrf XXX neigh CE local-as 65006 no-prep replace-as

neigh CE activ

exi

 

 

 

do you know when is required to apply one of them ? or what is the correct solution.

 

Hi,

 

There are differences and some of them comes from point 2.5. In H2+ you have the following requests, R50, R51, R52 have IBGP over R1 and R1 must

be the route reflector, Ensure that no any BGP prefix AS-PATH has 65006 and The routes on devics about AS65005 and AS65007 shouldn’t see 65001 in as-path.

 

So in H2+ you will have to delete router bgp 65006 and configurate 65001, activating IPv4 AF against RR R1 (and of course under AF VRF establish eBGP with local as, no prepend, and replace-as)

You will have to activate AF IPv4 on R1 against R50,51,52. Then in 3.3 you have to activate under AF VPNv4.

 

In H2 you do not need to activate AF ipv4 against R1, only VPNv4.

 

So the first solution you have provided is for H2, and the second one is for H2+.

 

In summary, although the requirement on 3.3 is the same (convert the AS65006 into AS65001. Do not touch r55 r56 r58 configuration), the difference on how to configure it comes from 2.5.

Share this post


Link to post
Share on other sites

Hi guys,

 

For H2, Section 2.1, it mentioned:

 

"Do not use the 'network' statement under 'router ospf' configuration ANYWHERE in Core network AS65001"

 

SW3/SW4/R15/R16 have been pre-configured BUT it uses 'network' statements under router ospf process.

 

My question is should we remove these preconfigs and configure OSPF on the interfaces on these routers as well? SPOTO answer seem to just leave them as it is. (But this will not meet the requirement above which is why i believe they shud be removed.)

 

This is kinda similar situation on the EIGRP section where they mentioned the routers must use 64-bit version and we had to delete the configuration to satisfy the requirement.

 

Can anyone please confirm. Thanks

Share this post


Link to post
Share on other sites

Hello,

 

If I am not mistaken, R15.R16,SW3 and SW4 are AS 65002, so no need to remove preconfig.

 

Hi guys,

 

For H2, Section 2.1, it mentioned:

 

"Do not use the 'network' statement under 'router ospf' configuration ANYWHERE in Core network AS65001"

 

SW3/SW4/R15/R16 have been pre-configured BUT it uses 'network' statements under router ospf process.

 

My question is should we remove these preconfigs and configure OSPF on the interfaces on these routers as well? SPOTO answer seem to just leave them as it is. (But this will not meet the requirement above which is why i believe they shud be removed.)

 

This is kinda similar situation on the EIGRP section where they mentioned the routers must use 64-bit version and we had to delete the configuration to satisfy the requirement.

 

Can anyone please confirm. Thanks

Share this post


Link to post
Share on other sites

if someone has v good understanding of Lab H2 /H2+, please answer my below question:

 

in H-2, on PE 50/51/52, we use router bgp 65006, and use local-as 65001 when peering with R1

in H2+, on PE 50/51/52, we use router bgp 65001, and use local-as 65006 when peering with CEs (55/56/58)

 

The question in C4c and Spoto WB is not clear.. can anyone tell me what is the difference in question statement in H2 and H2+, that we are using two different methods in H2 n H2+?

 

 

 

 

Please correct me .. but this is what I think :

 

H2 Question: PE of Jacobs should not see AS65006 in NLRI

in H-2, on PE 50/51/52, we use router bgp 65006, and use local-as 65001 when peering with R1

 

H2+ Question: PE of Jacobs should not see AS65001 in NLRI

in H2+, on PE 50/51/52, we use router bgp 65001, and use local-as 65006 when peering with CEs (55/56/58)

 

Variation Question: PE of Jacobs should not see AS65006 and CE should not see 65001 in NLRI

in H2+, on PE 50/51/52, we use router bgp 65001, and use local-as 65006 +no-prepend + replace-as when peering with CEs (55/56/58)

 

 

Looks good, but SPOTO and C4C suggest opposite:

H2 Question: PE of Jacobs should not see AS65001 in NLRI

So suggested solution is to leave PE 50/51/52 in AS65006

 

H2+ Question: PE of Jacobs should not see AS65006 in NLRI

Suggested solution is to change AS of PE 50/51/52 to AS65001

 

 

You solution should be correct from my point of view. I do not know why they suggest opossite..

If someone may explain would be great.

 

 

Regarding the variation - have someone got this on the exam ?

Share this post


Link to post
Share on other sites

Hi,

H2 point 2.5 - doubt about redistribute EIGRP to BGP and viceversa on AS65005

 

Is it correct to ALLOW whole 172 when redistribute EIGRP to BGP and DENY it when redistribute from BGP to EIGRP as below?

 

R55/56

 

ip prefix-list EIGRP seq 5 permit 172.0.0.0/8 le 32

!

route-map JACOBHQ permit 10

match ip address prefix-list EIGRP

!

route-map JACOBHQ1 deny 10

match ip address prefix-list EIGRP

route-map JACOBHQ1 permit 20

!

router bgp 65005

redistribute eigrp 10 route-map JACOBHQ

!

router eigrp 10

redistribute bgp 65005 metric 1 1 1 1 1 route-map JACOBHQ1

 

Thanks a lot bro four you further answer

Share this post


Link to post
Share on other sites

Hi,

 

There are differences and some of them comes from point 2.5. In H2+ you have the following requests, R50, R51, R52 have IBGP over R1 and R1 must

be the route reflector, Ensure that no any BGP prefix AS-PATH has 65006 and The routes on devics about AS65005 and AS65007 shouldn’t see 65001 in as-path.

 

So in H2+ you will have to delete router bgp 65006 and configurate 65001, activating IPv4 AF against RR R1 (and of course under AF VRF establish eBGP with local as, no prepend, and replace-as)

You will have to activate AF IPv4 on R1 against R50,51,52. Then in 3.3 you have to activate under AF VPNv4.

 

In H2 you do not need to activate AF ipv4 against R1, only VPNv4.

 

So the first solution you have provided is for H2, and the second one is for H2+.

 

In summary, although the requirement on 3.3 is the same (convert the AS65006 into AS65001. Do not touch r55 r56 r58 configuration), the difference on how to configure it comes from 2.5.

 

Can you explain how section 25 is the reference to know if we have to leave AS as it or Replace to 65001 on R50/51/52?

Because i understand that section 2.5 is telling us how to aggregate on R15/16 and if we need to use allowas-in in remote sites and DC OR if we need to use as-override in the Core.

 

Please explain the relation of that section 2.5 with requirement of AS65006 in Jacobs.

Thanks.

Share this post


Link to post
Share on other sites

3.3 asks in clear way to change AS to 65001. 2.5 is mysterious... I don't get what they wanted. But do all the tasks and this will be fulfilled also.

Do 1.1, 1.2, 1.3, 1.4, 2.1, 3.1, 2.2, 2.3, 4.1, 4.2, 5.1, 5.2, 5.3, 5.4, 2.6, 2.7, 2.8, 2.4, 3.2, 2.5 (check 3.3 first) and 3.3, 3.4, 2.9, 2.10, 2.11

Snooping question is crazy. Anyone knows the answer?

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...