Jump to content

sxswpirates

Members
  • Content Count

    14
  • Joined

  • Last visited

Community Reputation

0 Neutral

About sxswpirates

  • Rank
    Member
  1. Can you share vlan configs?
  2. I am seeing a mention of setting the DHCP lease to infinity on some versions. What requirement is this intended to solve?
  3. My issue was the 10.0.0.0 was being seen both from R18 and from R50/51. Vlan 101 facing R50/51 has a bandwidth of 1K. This made the "backdoor" router preferred over the primary. In the lab I put a huge delay on the path to R18, but I believe the correct solution is to use the BGP backdoor feature on R57.
  4. 2nd attempt Have had both Old and New Config. What are people seeing on their 3rd attempt? With only 2 major physical configurations I assume you get one of the 2 with just different restrictions. Same config as Alaberto, Looking back I know I missed the LDP router-ID, was confused by the Jacobs backdoor issue with the 10.0.0.0/8 using the MPLS and not the Backdoor path. I used EIGRP delay, but don't think this is correct. Ran out of time for Multicast and DHCP Snooping. I'll try and add more detail moving forward.
  5. OSPF does not preempt. The DR/BDR election only occurs when the process is initialized, hence the comments about maintaining as long as the interfaces are up. If you clear the process on R2, it's neighbors should become the DR.
  6. Would the solution not be to make the interfaces facing the DR priority 0? This would force them to not participate in the DR election. The only exception would be R2 where a BDR is specifically mentioned.
  7. Alternative version with NVI config int lo123 ip nat enable ! int e0/0 ip nat enable ! int e0/1 ip nat enable ! int e0/2 ip nat enable ! ip nat source list NAT interface Ethernet0/0 overload ip nat source static 201.99.70.2 123.123.123.25 ip nat source static tcp 10.2.201.200 23 201.99.25.2 23 extendable ! The loopback can be up. You don't need the add-route. Quote MultiQuote Edit
  8. *** VERSION with NVI config int lo123 ip nat enable ! int e0/0 ip nat enable ! int e0/1 ip nat enable ! int e0/2 ip nat enable ! ip nat source list NAT interface Ethernet0/0 overload ip nat source static 201.99.70.2 123.123.123.25 ip nat source static tcp 10.2.201.200 23 201.99.25.2 23 extendable ! The loopback can be up. You don't need the add-route.
  9. Nat solution for Q10. I believe this is the best and haven't seen it posted. int lo0 ip nat enable ! int e0/0 ip nat enable ! int s1/0 ip nat enable ! ip nat source list 1 interface Serial1/0 overload ip nat source static 201.1.70.1 10.2.25.25 ip nat source static tcp 10.2.200.1 23 201.1.25.1 23 extendable New NAT with NVI's.
  10. I believe the Question 10 NAT on B12 solution is looking for the new NVI vesion of nat and not the traditional NAT inside outside version. B12 NAT Network Translation Question10 no need for add-route, redistribute connected, change of IP, etc. Int lo0 ip nat enable ! int e0/0 ip nat enable in s1/0 ! ip nat enable ! ip nat source list 1 interface Serial1/0 overload ip nat source static 201.1.70.1 10.2.25.25 ip nat source static tcp 10.2.200.1 23 201.1.25.1 23 extendable Doesn't require any changes in the loopback or the routing table. Let me know if this works for you.
  11. sxswpirates

    H2 gotchas

    Same Question. I don't see the loop condition. I am redistributing external from OSPF into BGP, I still can't create a loop. Do you have an IBGP between R15/16? Are you exporting/importing the same RT from 15/16? I can't seem to reproduce any loop through 15/16.
  12. This conifiguration should resolve connectivity for the variation having R17's E0/1 (To Corp) ,Lo0, and Tunnel in the VRF, but not E0/0 (To ISP). interface Ethernet0/1 vrf forwarding CORP ip address 10.2.0.38 255.255.255.252 ip nat inside ! interface Ethernet0/0 ip address 192.0.2.2 255.255.255.0 ip nat outside ! interface Loopback0 vrf forwarding CORP ip address 10.255.1.17 255.255.255.255 ip nat inside ip virtual-reassembly in ! interface Tunnel0 vrf forwarding CORP ip address 10.100.0.1 255.255.255.0 no ip redirects ip nhrp map multicast dynamic ip nhrp redirect ip ospf network point-to-multipoint ip ospf hello-interval 10 ip ospf 1 area 51 no-summary tunnel source Ethernet0/0 tunnel mode gre multipoint ! ip nat inside source list all interface Ethernet0/0 vrf CORP overload ! ip route vrf CORP 0.0.0.0 0.0.0.0 192.0.2.1 global The ip ospf 1 area 51 no-summary will cause problems if you the Spokes have their WAN and LAN interfaces in the same route table. It will send a default route that conflicts with the IPCP learned default. You can solve this by using a specific route to the NMBA interface 0/0 of R17 instead of learning a default from IPCP, or having the dialer in a separate route table from the Tunnel.
  13. This conifiguration should resolve connectivity for the variation having R17's E0/1 (To Corp) ,Lo0, and Tunnel in the VRF, but not E0/0 (To ISP). interface Ethernet0/1 vrf forwarding CORP ip address 10.2.0.38 255.255.255.252 ip nat inside ! interface Ethernet0/0 ip address 192.0.2.2 255.255.255.0 ip nat outside ! interface Loopback0 vrf forwarding CORP ip address 10.255.1.17 255.255.255.255 ip nat inside ip virtual-reassembly in ! interface Tunnel0 vrf forwarding CORP ip address 10.100.0.1 255.255.255.0 no ip redirects ip nhrp map multicast dynamic ip nhrp redirect ip ospf network point-to-multipoint ip ospf hello-interval 10 ip ospf 1 area 51 no-summary tunnel source Ethernet0/0 tunnel mode gre multipoint ! ip nat inside source list all interface Ethernet0/0 vrf CORP overload ! ip route vrf CORP 0.0.0.0 0.0.0.0 192.0.2.1 global The ip ospf 1 area 51 no-summary will cause problems if you the Spokes have their WAN and LAN interfaces in the same route table. It will send a default route that conflicts with the IPCP learned default. You can solve this by using a specific route to the NMBA interface 0/0 of R17 instead of learning a default from IPCP, or having the dialer in a separate route table from the Tunnel.
  14. Team, is there an H2 config variant workbook floating around at this time? I am looking for the variant that uses the MST with Vlan 34 filtering, DMVPN Vrf on Hub, VRF's named DC, Jacobs etc. Thanks in Advance, AARRRRRR :D
×
×
  • Create New...