I will do this lab in the next couple of days and i will share with you my findings.
Regards, Antonio Soares, CCIE #18473 (R&S) [email protected] _____ From: [email protected] [mailto:[email protected]] On Behalf Of Rin Sent: segunda-feira, 22 de Junho de 2009 10:07 To: [email protected] Subject: [OSL | CCIE_SP] VOL2 - Section 2 Hi all, I've just finished Vol 2 - Lab 2. Here's some of my comments: Task 3.2: The task requires R5 to be the primary exit point for AS100 & R2 should use its own link to R6. The solution applying route-map inbound on interface connected to R6 of R2 & R5. However, by doing this R2 will use R5 as the exit point as well. My solution is applying route-map outbound on frame-relay inteface of R2 & R5. Although local-preference should be normally applied inbound but in this case it works. Here's the config & result: R2: router bgp 100 address-family ipv4 neighbor AS100 route-map SET_LOCAL_PREF out ! route-map SET_LOCAL_PREF permit 10 set local-preference 25 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ R5: router bgp 100 address-family ipv4 neighbor AS100 route-map SET_LOCAL_PREF out ! route-map SET_LOCAL_PREF permit 10 set local-preference 50 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ R2#sho ip bgp BGP table version is 21, local router ID is 100.100.100.2 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path r>i100.100.100.1/32 100.100.100.1 0 100 0 i *> 100.100.100.2/32 0.0.0.0 0 32768 i r>i100.100.100.4/32 100.100.100.4 0 100 0 i r>i100.100.100.5/32 100.100.100.5 0 50 0 i * i200.200.200.0 100.100.100.5 0 50 0 200 i *> 100.200.26.6 0 0 200 i * i200.200.200.6/32 100.100.100.5 0 50 0 200 i *> 100.200.26.6 0 0 200 i * i200.200.200.7/32 100.100.100.5 0 50 0 200 i *> 100.200.26.6 0 200 i * i200.200.200.8/32 100.100.100.5 0 50 0 200 i *> 100.200.26.6 0 200 i +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ R1#sho ip bgp BGP table version is 13, local router ID is 100.100.100.1 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *> 100.100.100.1/32 0.0.0.0 0 32768 i r>i100.100.100.2/32 100.100.100.2 0 25 0 i r>i100.100.100.5/32 100.100.100.5 0 50 0 i * i200.200.200.0 100.100.100.2 0 25 0 200 i *>i 100.100.100.5 0 50 0 200 i * i200.200.200.6/32 100.100.100.2 0 25 0 200 i *>i 100.100.100.5 0 50 0 200 i * i200.200.200.7/32 100.100.100.2 0 25 0 200 i *>i 100.100.100.5 0 50 0 200 i * i200.200.200.8/32 100.100.100.2 0 25 0 200 i *>i 100.100.100.5 0 50 0 200 i Task 3.4: To make R6 prefers that path to R2, I also can change the Weight attribute on R6 or setting MED attribute on R6. Anyone see any problem of these 2 methods? Task 6.7: We have to use Site-of-origin to prevent EIGRP routing loop in VPNC. The solution does not mention. Task 6.8: The solution use send-label command. However, we do not need to configure send-label under BGP. This is Inter-AS VPN Option 2a. Task 8.2: I got a weird behavior with this task: After configuring classifying ICMP traffic on R1 & R4. Ping 5 packets from R9 to R3 but R4 can only match 3 packets & mark with CS3. Anyone has the same problem? Here is the config & output: R1: ip access-list extended ICMP permit icmp any any echo ! class-map match-all ICMP match access-group name ICMP ! policy-map MARK class ICMP set ip dscp cs3 ! interface FastEthernet0/0.149 service-policy input MARK +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ R9#ping 3.3.3.3 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 3.3.3.3, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 184/221/272 ms R9# 01:21:55: ICMP: echo reply rcvd, src 3.3.3.3, dst 14.0.109.9 01:21:55: ICMP: echo reply rcvd, src 3.3.3.3, dst 14.0.109.9 01:21:56: ICMP: echo reply rcvd, src 3.3.3.3, dst 14.0.109.9 01:21:56: ICMP: echo reply rcvd, src 3.3.3.3, dst 14.0.109.9 01:21:56: ICMP: echo reply rcvd, src 3.3.3.3, dst 14.0.109.9 R9# TermServ#1 [Resuming connection 1 to r1 ... ] 01:24:21: MPLS turbo: Se4/0: rx: Len 108 Stack {105 3 252} - ipv4 data 01:24:21: MPLS turbo: Se4/0: rx: Len 108 Stack {105 0 252} - ipv4 data 01:24:22: MPLS turbo: Se4/0: rx: Len 108 Stack {105 3 252} - ipv4 data 01:24:22: MPLS turbo: Se4/0: rx: Len 108 Stack {105 0 252} - ipv4 data 01:24:22: MPLS turbo: Se4/0: rx: Len 108 Stack {105 3 252} - ipv4 data Task 8.4: By appling ACL outbound on R6, we cannot filter traffic with RFC1918 source that was originated from R6. Anyone has other solution? Please give your comments. Thanks. Rin
