It begins.

rakem

regular expressions...... yuck

rakem

Done with BGP for now. Next up, QoS.

Will try to review BGP at least once a week to keep it fresh. Will probably spend a few weeks on QoS.

rakem

Well I know I said I was done with BGP but i felt the need to finish it up properly tonight. printed off the chapter 10 and 11 PDF thing from the CCIE self study book and filled in all the 'key topic' tables. It makes for a pretty good review on the main stuff. Did the BGP practice questions from the Boson thing and got 797 out of 1000... its a fail but the questions i got wrong were because I didn't read it properly, although i still need to work on regular expressions a bit.



Not sure about getting into QoS just yet. I'm pretty good with it already... Might actually get into MPLS since it would tie in nicely with BGP..... decisions decisions...

rakem

Been a busy week at work so not much study done. Got a busy saturday as well. Hopefully should be able to hit the books tomorrow for a few hours, and possibly an hour or so today.

rakem

So started on MPLS this afternoon. Realised that I also need a good review of CEF so i'll have to dig up my good old BCMSN books as i remember them having a good chapter on CEF.

Anyway for now just reading through the first few pages on MPLS in the CCIE exam guide.

rakem

Snuck in about an hour of reading at work today
Then almost two hours at home tonght. Good start to the week!

At work was reading my BCMSN book - the CEF chapter. Good revision since CEF is one of those things that really doesn't need much (if any) configuration. It just works.

Tonight at home, getting into MPLS VPNs. This is all fairly new to me, my only experience with this is the little that was tested during the CCNP. I plan to spend a good few weeks on this stuff as I find it quite interesting and looks i want to do as much practical as possible.

Milestone reached tonight - 50 Hours of study.
Stared 53 days ago.... hmm less than 1 hour per day. Probably should pick it up a bit, but as I said in the first post, I'm in no rush for this cert.

Turgon

rakem wrote: »

Snuck in about an hour of reading at work today
Then almost two hours at home tonght. Good start to the week!

At work was reading my BCMSN book - the CEF chapter. Good revision since CEF is one of those things that really doesn't need much (if any) configuration. It just works.

Tonight at home, getting into MPLS VPNs. This is all fairly new to me, my only experience with this is the little that was tested during the CCNP. I plan to spend a good few weeks on this stuff as I find it quite interesting and looks i want to do as much practical as possible.

Milestone reached tonight - 50 Hours of study.
Stared 53 days ago.... hmm less than 1 hour per day. Probably should pick it up a bit, but as I said in the first post, I'm in no rush for this cert.

Congrats on the 50. Now for 50 on lab time and 100 combined. Dont worry about how long it takes to get there at this time, just stay regular! One hour a day is good going and better than a two week blitz followed by tail drop.

rakem

sick again.... can't concentrate for long periods so not much study for the past few days

burbankmarc

Turgon wrote: »

One hour a day is good going and better than a two week blitz followed by tail drop.

Yeah you don't want your study habits to have a saw tooth effect

gorebrush

EDIT: Actually, that wasn't that funny.

rakem

burbankmarc wrote: »

Yeah you don't want your study habits to have a saw tooth effect

hmmmmm no comment.

Anyone, about an hour or so reading about MPLS VPNs and note taking as normal....

RD - Advertise and distinguish between duplicate IPv4 prefixes
RT - determine into which VRF a PE will place an iBGP learned route

Important stuff!

rakem

Got 2 hours of good study in tonight.

1 hour of reading
1 hour or labs.

Set up the lab on page 852 of CCIE cert guide and went through configuring VRFs and MP-BGP.

Goof stuff.

rakem

About 2 hours of reading / labbing tonight.

Got right into LDP, ran some debugs tried out some different topologies and configs and took some good notes.

rakem

more reading on MPLS today. Will do some labs tonight.

I'm not very impressed with the CCIE Self study book's chapter around MPLS inner and outer labels and how they all work. Found this link on the Juniper site which i think explains it all really really well.

Transporting Packets Across an IP Backbone with MPLS

rakem

2 hours of labs tonight.

I managed to configured up a nice MPLS VPN without looking in the books for help so I'm pretty happy with that.

Something i found very useful is the trace-route vrf command. It shows the inner and outer labels, which is really handy so you can compare this with the other routers LFIB.

PE2#traceroute vrf CustA 10.1.1.1

Type escape sequence to abort.
Tracing the route to 10.1.1.1

  1 192.168.102.1 [MPLS: Labels 503/25 Exp 0] 252 msec 444 msec 216 msec
  2 192.168.101.1 [MPLS: Labels 401/25 Exp 0] 292 msec 236 msec 268 msec
  3 192.168.1.2 [MPLS: Label 25 Exp 0] 264 msec 440 msec 292 msec
  4 192.168.1.1 272 msec *  312 msec

So that shows the inner and outer label the route to 10.1.1.1. The inner label (25) never changes from hop to hop.

The provider routers don't even know about 10.1.1.1, they only care about the next hop. So if you look at the route table for the VRF CustA on PE2

PE2#show ip route vrf CustA

Routing Table: CustA
Gateway of last resort is not set

     10.0.0.0/24 is subnetted, 4 subnets
B       10.1.2.0 [200/156160] via 1.1.1.1, 00:49:07
B       10.1.1.0 [200/156160] via 1.1.1.1, 00:49:07
D       10.21.1.0 [90/156160] via 192.168.3.1, 01:03:23, FastEthernet2/0
D       10.20.1.0 [90/156160] via 192.168.3.1, 01:03:23, FastEthernet2/0
B    192.168.1.0/24 [200/0] via 1.1.1.1, 00:49:07
C    192.168.3.0/24 is directly connected, FastEthernet2/0
PE2#

The next hop to 10.1.1.0 is 1.1.1.1.

So on the next provider router, it looks for the tag for 1.1.1.1 and adds 503:

P2#show mpls forwarding-table
Local  Outgoing    Prefix            Bytes tag  Outgoing   Next Hop
tag    tag or VC   or Tunnel Id      switched   interface
500    Pop tag     2.2.2.2/32        0          Gi1/0      192.168.101.1
501    Pop tag     192.168.100.0/24  0          Gi1/0      192.168.101.1
502    Pop tag     4.4.4.4/32        12890      Gi2/0      192.168.102.2
503    401         1.1.1.1/32        11693      Gi1/0      192.168.101.1

The next provider router, sees 401 and pops the tag

P1#show mpls forwarding-table
Local  Outgoing    Prefix            Bytes tag  Outgoing   Next Hop
tag    tag or VC   or Tunnel Id      switched   interface
400    Pop tag     192.168.102.0/24  0          Gi2/0      192.168.101.2
401    Pop tag     1.1.1.1/32        16768      Gi1/0      192.168.100.1
402    Pop tag     3.3.3.3/32        0          Gi2/0      192.168.101.2
403    502         4.4.4.4/32        18944      Gi2/0      192.168.101.2

the final PE router forwards the unlabelled packet to the host

PE1#show mpls forwarding-table
Local  Outgoing    Prefix            Bytes tag  Outgoing   Next Hop
tag    tag or VC   or Tunnel Id      switched   interface
16     Pop tag     192.168.101.0/24  0          Gi2/0      192.168.100.2
17     400         192.168.102.0/24  0          Gi2/0      192.168.100.2
18     Pop tag     2.2.2.2/32        0          Gi2/0      192.168.100.2
19     402         3.3.3.3/32        0          Gi2/0      192.168.100.2
20     403         4.4.4.4/32        0          Gi2/0      192.168.100.2
21     Untagged    10.10.1.0/24[V]   0          Fa1/1      192.168.2.1
22     Untagged    10.10.2.0/24[V]   0          Fa1/1      192.168.2.1
23     Aggregate   192.168.2.0/24[V] 2212
24     Untagged    10.1.2.0/24[V]    0          Fa1/0      192.168.1.1
25     Untagged    10.1.1.0/24[V]    4296       Fa1/0      192.168.1.1

Notice tag 25 which was the inner tag in the trace-route above.

Love this stuff!!

Turgon

rakem wrote: »

2 hours of labs tonight.

I managed to configured up a nice MPLS VPN without looking in the books for help so I'm pretty happy with that.

Something i found very useful is the trace-route vrf command. It shows the inner and outer labels, which is really handy so you can compare this with the other routers LFIB.

PE2#traceroute vrf CustA 10.1.1.1

Type escape sequence to abort.
Tracing the route to 10.1.1.1

  1 192.168.102.1 [MPLS: Labels 503/25 Exp 0] 252 msec 444 msec 216 msec
  2 192.168.101.1 [MPLS: Labels 401/25 Exp 0] 292 msec 236 msec 268 msec
  3 192.168.1.2 [MPLS: Label 25 Exp 0] 264 msec 440 msec 292 msec
  4 192.168.1.1 272 msec *  312 msec

So that shows the inner and outer label the route to 10.1.1.1. The inner label (25) never changes from hop to hop.

The provider routers don't even know about 10.1.1.1, they only care about the next hop. So if you look at the route table for the VRF CustA on PE2

PE2#show ip route vrf CustA

Routing Table: CustA
Gateway of last resort is not set

     10.0.0.0/24 is subnetted, 4 subnets
B       10.1.2.0 [200/156160] via 1.1.1.1, 00:49:07
B       10.1.1.0 [200/156160] via 1.1.1.1, 00:49:07
D       10.21.1.0 [90/156160] via 192.168.3.1, 01:03:23, FastEthernet2/0
D       10.20.1.0 [90/156160] via 192.168.3.1, 01:03:23, FastEthernet2/0
B    192.168.1.0/24 [200/0] via 1.1.1.1, 00:49:07
C    192.168.3.0/24 is directly connected, FastEthernet2/0
PE2#

The next hop to 10.1.1.0 is 1.1.1.1.

So on the next provider router, it looks for the tag for 1.1.1.1 and adds 503:

P2#show mpls forwarding-table
Local  Outgoing    Prefix            Bytes tag  Outgoing   Next Hop
tag    tag or VC   or Tunnel Id      switched   interface
500    Pop tag     2.2.2.2/32        0          Gi1/0      192.168.101.1
501    Pop tag     192.168.100.0/24  0          Gi1/0      192.168.101.1
502    Pop tag     4.4.4.4/32        12890      Gi2/0      192.168.102.2
503    401         1.1.1.1/32        11693      Gi1/0      192.168.101.1

The next provider router, sees 401 and pops the tag

P1#show mpls forwarding-table
Local  Outgoing    Prefix            Bytes tag  Outgoing   Next Hop
tag    tag or VC   or Tunnel Id      switched   interface
400    Pop tag     192.168.102.0/24  0          Gi2/0      192.168.101.2
401    Pop tag     1.1.1.1/32        16768      Gi1/0      192.168.100.1
402    Pop tag     3.3.3.3/32        0          Gi2/0      192.168.101.2
403    502         4.4.4.4/32        18944      Gi2/0      192.168.101.2

the final PE router forwards the unlabelled packet to the host

PE1#show mpls forwarding-table
Local  Outgoing    Prefix            Bytes tag  Outgoing   Next Hop
tag    tag or VC   or Tunnel Id      switched   interface
16     Pop tag     192.168.101.0/24  0          Gi2/0      192.168.100.2
17     400         192.168.102.0/24  0          Gi2/0      192.168.100.2
18     Pop tag     2.2.2.2/32        0          Gi2/0      192.168.100.2
19     402         3.3.3.3/32        0          Gi2/0      192.168.100.2
20     403         4.4.4.4/32        0          Gi2/0      192.168.100.2
21     Untagged    10.10.1.0/24[V]   0          Fa1/1      192.168.2.1
22     Untagged    10.10.2.0/24[V]   0          Fa1/1      192.168.2.1
23     Aggregate   192.168.2.0/24[V] 2212
24     Untagged    10.1.2.0/24[V]    0          Fa1/0      192.168.1.1
25     Untagged    10.1.1.0/24[V]    4296       Fa1/0      192.168.1.1

Notice tag 25 which was the inner tag in the trace-route above.

Love this stuff!!

Very good. Do you have a link to that exercise as I would like to lab it myself.

Turgon

rakem wrote: »

more reading on MPLS today. Will do some labs tonight.

I'm not very impressed with the CCIE Self study book's chapter around MPLS inner and outer labels and how they all work. Found this link on the Juniper site which i think explains it all really really well.

Transporting Packets Across an IP Backbone with MPLS

I know what you mean. Wendall is a good writer but I think with the MPLS chapter he has tried to cover too much material in too short a space in his book. More config examples are needed too.

rakem

Turgon wrote: »

Very good. Do you have a link to that exercise as I would like to lab it myself.

No link... i just came up with the exercise myself.... I used the example MPLS VPN configuration from the CCIE study guide but change the topology a bit.

Did up a quick diagram of how it looked and attached it below...

So i just ran EIGRP 500 between all the PE and P routers (used loopbacks for routers IDs and advertised them as well) Did not run this instance of EIGRP on the interfaces connecting to the customer routers

I ran a seperate instance of EIGRP on each customer router and EIGRP 600 on the PE routers only, then used the address-family command to bring the eigrp routes from the customers into the VRF on the PE routers EIGRP 600 instance.

Ran MP-BGP between PEs and mutually redistributed between eigrp 600 and MP-BGP.

Thats a very quick run down!

Turgon

rakem wrote: »

No link... i just came up with the exercise myself.... I used the example MPLS VPN configuration from the CCIE study guide but change the topology a bit.

Did up a quick diagram of how it looked and attached it below...

So i just ran EIGRP 500 between all the PE and P routers (used loopbacks for routers IDs and advertised them as well) Did not run this instance of EIGRP on the interfaces connecting to the customer routers

I ran a seperate instance of EIGRP on each customer router and EIGRP 600 on the PE routers only, then used the address-family command to bring the eigrp routes from the customers into the VRF on the PE routers EIGRP 600 instance.

Ran MP-BGP between PEs and mutually redistributed between eigrp 600 and MP-BGP.

Thats a very quick run down!

Very good and timely as Im looking at MPLS myself. I have the book so will lab this myself when I get a chance. No gear so I will have the challenge of cobbling this together on a remote rack. Should be interesting as I dont think you can string four routers together very easily on the racks, so will have to make do with intermediate L3 switches (which presents other difficulties)

rakem

Turgon wrote: »

Very good and timely as Im looking at MPLS myself. I have the book so will lab this myself when I get a chance. No gear so I will have the challenge of cobbling this together on a remote rack. Should be interesting as I dont think you can string four routers together very easily on the racks, so will have to make do with intermediate L3 switches (which presents other difficulties)

All part of the fun!

Moving house this weekend so there shall be no study

rakem

All moved into the new place... Will be on JunOS training all week so not sure if i will be up for study, but will try and get a bit of reading done

rakem

did a quick hour reviewing BGP and MPLS questions from CCIE R&S CD.

rakem

About an hour reviewing MPLS. Will be moving onto the next topic soon... Not sure what to tackle yet but OSPF is in the lead at the moment.

As mentioned, all this week I have been on JunOS training so i'm pretty drained by the end of the day. JunOS certainly has some good features that IOS is lacking, but IOS also has some good features that JunOS is lacking as well, so its been an interesting week.

gorebrush

Good to see you are still making progress - I've nearly caught you up in terms of book hours

rakem

keep it up mate.

This morning I have been playing around with my MPLS VRF lab.

I'm trying to get a default route advertised into the customer routers... The PE and CE routers are using EIGRP. I can't seem to get a default route advertised from the PE to the CE.

I'm trying to redistribute a default static route into the VPNv4 instance of EIGRP but it does not show up in the CE routing table....

I've tried different statics like

ip roue vrf CustA 0.0.0.0 0.0.0.0 192.168.100.1
and
ip route 0.0.0.0 0.0.0.0 192.168.100.1

Then under address-family ipv4 vrf CustA I have put redistribute static metric (eigrp metrics)

but it won't show up in the CE.... any thoughts?

So some research has showed that I need to look into route leaking, since the default route is in the global routing table. Probably getting a bit out of scope for the R&S CCIE but it looks interesting so i'll give it a shot.

Turgon

rakem wrote: »

did a quick hour reviewing BGP and MPLS questions from CCIE R&S CD.

Is that the Odom CD in his book?

Turgon

rakem wrote: »

keep it up mate.

This morning I have been playing around with my MPLS VRF lab.

I'm trying to get a default route advertised into the customer routers... The PE and CE routers are using EIGRP. I can't seem to get a default route advertised from the PE to the CE.

I'm trying to redistribute a default static route into the VPNv4 instance of EIGRP but it does not show up in the CE routing table....

I've tried different statics like

ip roue vrf CustA 0.0.0.0 0.0.0.0 192.168.100.1
and
ip route 0.0.0.0 0.0.0.0 192.168.100.1

Then under address-family ipv4 vrf CustA I have put redistribute static metric (eigrp metrics)

but it won't show up in the CE.... any thoughts?

So some research has showed that I need to look into route leaking, since the default route is in the global routing table. Probably getting a bit out of scope for the R&S CCIE but it looks interesting so i'll give it a shot.

I think you might be right there. In fact default routes and MPLS is a very important topic to work, if not in the exam then certainly in the field.

You and gorebrush are going well. Keep going!

CCIEWANNABE

rakem wrote: »

keep it up mate.

This morning I have been playing around with my MPLS VRF lab.

I'm trying to get a default route advertised into the customer routers... The PE and CE routers are using EIGRP. I can't seem to get a default route advertised from the PE to the CE.

I'm trying to redistribute a default static route into the VPNv4 instance of EIGRP but it does not show up in the CE routing table....

I've tried different statics like

ip roue vrf CustA 0.0.0.0 0.0.0.0 192.168.100.1
and
ip route 0.0.0.0 0.0.0.0 192.168.100.1

Then under address-family ipv4 vrf CustA I have put redistribute static metric (eigrp metrics)

but it won't show up in the CE.... any thoughts?

So some research has showed that I need to look into route leaking, since the default route is in the global routing table. Probably getting a bit out of scope for the R&S CCIE but it looks interesting so i'll give it a shot.

first off, make sure you can see EIGRP routes end-to-end via MPLS VPN on CE routers. Meaning that you can see R1's routes on R2 and R2's routes on R1 (CE routers). if you cannot, make sure you are performing mutual redistribution between bgp and eigrp on both PE routers. once this have been acheived try the following:

try doing an ip summary-address eigrp X 0.0.0.0 0.0.0.0 under VRF interface out to CE, i think that should do it!

rakem

Turgon wrote: »

Is that the Odom CD in his book?

yep thats the one

CCIEWANNABE

any success?