In this lab we will be using BGP to connect groups 1 and 2, groups 3 and 4, groups 5 and 6, and groups 7 and 8. Then we will connect each group to an ISP server.
Do these steps in the order specified or you might get bad data.
First you will configure R2 eth1/2. The R2 routers for the groups are already connected with virtual crossover ethernet cables. group 41 eth1/2 is connected to group 42 eth1/2, group 43 eth1/2 is connected to group 44 eth1/2, etc etc. You will use a /30 to communicate over this point to point link.
You will need to assign the following /30's to these interfaces:
r2.g41.scs (eth1/2) 10.41.3.1/30 r2.g42.scs (eth1/2) 10.41.3.2/30 r2.g43.scs (eth1/2) 10.43.3.1/30 r2.g44.scs (eth1/2) 10.43.3.2/30 r2.g45.scs (eth1/2) 10.45.3.1/30 r2.g46.scs (eth1/2) 10.45.3.2/30 r2.g47.scs (eth1/2) 10.47.3.1/30 r2.g48.scs (eth1/2) 10.47.3.2/30 r2.g49.scs (eth1/2) 10.49.3.1/30 r2.g50.scs (eth1/2) 10.49.3.2/30 r2.g51.scs (eth1/2) 10.51.3.1/30 r2.g52.scs (eth1/2) 10.51.3.2/30 r2.g53.scs (eth1/2) 10.53.3.1/30 r2.g54.scs (eth1/2) 10.53.3.2/30
You will also need to add the /30 to your OSPF world, but only as a passive interface. You want to announce the new /30 to your network via ospf but you do NOT want to establish OSPF adjacencies with your neighbors R2. So you will add these lines to router ospf stanza:
router ospf 1 network 10.XX.3.0 0.0.0.3 area 0 passive-interface eth1/2and also a cost to the eth1/2 interface stanza:
interface eth1/2 ip ospf cost 5000Verify ip connectivity with ping command. IE from your R2 ping your neighbors R2 eth1/2. If you can't ping, you can't establish a BGP session.
Next you will need to bring up EBGP between r2.gXX.scs and r2.gXX+1.scs Use the following AS numbers:
g41 = AS 65441 g42 = AS 65442 g43 = AS 65443 g44 = AS 65444 g45 = AS 65445 g46 = AS 65446 g47 = AS 65447 g48 = AS 65448 g49 = AS 65449 g50 = AS 65450 g51 = AS 65451 g52 = AS 65452 g53 = AS 65453 g54 = AS 65454You will need to add a null route for *your* aggregate network (not your neighbors) so that you have a network to advertise. This is done with a static route
ip route 10.XX.0.0 255.255.0.0 null0
In preparation for later you will also want to set up R2 to insert a default route to ospf. Since this will be a "backup" you will want to use a larger cost than you used fro BR (also metric type 2 so it compares only with the type 2 metric injected by BR)
Since you will soon be receiving a "full" default free routing table from your BR or from you neighbor, you will need to also add a default route to Null0 so there will be a default route for OSPF to inject.
r2#conf t Enter configuration commands, one per line. End with CNTL/Z. r2(config)#ip route 0.0.0.0 0.0.0.0 Null0 r2(config)#router ospf 1 r2(config-router)#default-information originate metric 10000 metric-type 2See notes for class 15 for configuring External BGP with your neighbor group. You use 654XX (XX=your group number) as your AS. You will peer with 654YY (YY=neighbor group number). Don't forget to add a route for your /16 to null0 so it will exist in the table.
*After* bringing up EBGP with your neighbor group you should see a route to the other group via the 10.X.3.X link. Save the output from "show ip bgp summary" and "show ip route" from R2 to turn in. (Report part 1)
Do not proceed to step two until you have correctly established BGP with your neighbor.
You will want to create an aggregate route on the JunOS router so that you have something to advertise (very similar in concept to the null route on the cisco IOS router R2.) You will also change your static default route to reject (since you will have a full default free BGP feed). You still need that default route to inject into ospf. (Again very similar to the null route default on R2)
routing-options {
static {
route 0.0.0.0/0 reject;
}
aggregate {
route 10.XX.0.0/16;
}
}
You will create a policy-options policy-statement which will be used as
an export policy for the internal peering. Call it send-bgp-and-our-net. It
will need terms to allow us to send our AS and any other networks we
learn via bgp.
[edit policy-options policy-statement send-bgp-and-our-net]
juniper@br# show
term ouras { -- this term says we can announce the aggregate
from protocol aggregate; -- aggregate route was defined about in routing options
then { --
next-hop self;
accept;
}
}
term isp-routes { -- this term says we will send routes we
from protocol bgp; -- have learned from other BGP sessions
then {
next-hop self;
accept;
}
}
term reject { -- no other routes
then reject;
}
You will apply this policy under the "protocols bgp group" sections of BR config.
Now we will set up the internal peering with R2 and apply the send-bgp-and-our-net policy as the export policy as per notes from class 14, with the only exception that we will specify the type as internal. Use internal-peers as the group name.
We will go back to R2 and under the router bgp stanza we will configure an internal peering with BR fxp1 (net0) address.
To test, from ws0 in your group ping ws0 in the other group. Then do a traceroute to ws0 in the other group. Save the output of the traceroute to turn in with the lab report. Also do a "show bgp summary" on BR and save to turn in. (Report part 2)
Do not proceed to step 3 until both you and your neighbors group have established Internal BGP peering.
Now you are ready to bring up BGP with the service provider. The Internet Service Provider is at 10.91.0.254, and uses AS 65401.
You will add a new group (call it isp) for the eBGP link with 10.91.0.254. The type will be external. We will use the same policy-statement (send-bgp-and-our-net) for it.
After bringing up BGP with the service provider you should see a number of routes in your table. You are being fed the entire FIU internal routing table. Save the output from "show bgp summary" to turn in (report part 3). Do a traceroute from r1.gXX.scs to ocelot.aul.fiu.edu (131.94.132.8) and one from ocelot.aul.fiu.edu to the r1 workstation and save these two to turn in (report part 4). You will need to use the ip address of your r1 to do this traceroute as the DNS will not work on ocelot.
Once you and you neighbor group have BOTH established BGP connectivity to the ISP it is time to test the backup link.
Now we are going to fail the BR router link to the ISP, and use the other group as a backup. Each group will individually (one group at a time) administratively shutdown their BR fxp0 link.
deactivate interface fxp0from the JunOS top level will shutdown the interface. (after a commit) and likewise activate (and a commit) will re-activate them.
While disconnected the group will do a traceroute from r1.gXX.scs to ocelot.aul.fiu.edu (131.94.132.8) and one from ocelot to r1. Save these two to turn in (report part 5). Then reconnect and have the second group disconnect and then they do a traceroute.
(report part 6). Include in your lab report a version of the router bgp and router ospf stanzas you would use on R3 if R3 had a interface called eth1/4 connected to another service provider. Assume the eth1/4 on R3 is 192.168.8.2/30, and the service provider is at 192.168.8.1/30. Assume service provider is AS 65504. Assume you will receive and propagate a default route via ospf as metric type 2 and cost of 30000.
Also have R3 set up a internal BGP peering with BR. Show both the R3 configuration and the "protocols bgp" stanza on BR. Use the same policy statement you used in for the peering with R2.
No need to include interface statements. Only need to include the router bgp and router ospf stanzas.
Function - 20 points (group grade) Reports part 1-5 - 3 points each (individual grade, but data should be collected as a group) Report part 6 - 15 points (individual grade and work)