Wednesday, 23 January 2019

ISIS LFA FRR - CISCO IOS

!!!!!Must be point to point for ISIS!!!!

router isis PE
 net 49.0001.0000.0000.0121.00
 is-type level-2-only
 authentication mode md5 level-2
 authentication key-chain ISIS
 metric-style wide
 ip route priority high tag 100
 log-adjacency-changes
 fast-reroute per-prefix level-2 route-map FRR-HIGH
 passive-interface Loopback0
 bfd all-interfaces
 mpls traffic-eng router-id Loopback0
 mpls traffic-eng level-2



interface GigabitEthernet2
 ip address 2.2.22.22 255.255.255.0
 ip router isis PE
 negotiation auto
 ipv6 address 2001:DB8::2:2:22:22/122
 no mop enabled
 no mop sysid
 isis network point-to-point
end

interface Loopback0
 ip address 2.0.0.121 255.255.255.255
 ipv6 address 2001:DB9::2:121/128
 isis tag 100
end


ip prefix-list FRR seq 5 permit 2.0.0.121/32
ip prefix-list FRR seq 10 permit 2.0.0.122/32
ip prefix-list FRR seq 15 permit 2.0.0.102/32
ip prefix-list FRR seq 20 permit 2.0.0.101/32
ip prefix-list FRR seq 25 permit 2.0.0.111/32
ip prefix-list FRR seq 30 permit 2.0.0.112/32
ip prefix-list FRR seq 35 permit 2.0.0.131/32
ip prefix-list FRR seq 40 permit 2.0.0.132/32


Sunday, 13 January 2019

ISIS - CISCO IOS XE-XR

IOS-XR:

router isis 1
is-type level-2-only
net 49.0001.0000.0000.0020.00
interface Loopback0
passive
address-family ipv4 unicast
!
!
interface GigabitEthernet0/0/0/0.1920
address-family ipv4 unicast


IOS-XE:

interface GigabitEthernet1.519
ip router isis
!
router isis
net 49.0001.0000.0000.0005.00
is-type level-2-only
passive-interface Loopback0

OSPF FRR LFA - CISCO IOS XE

ISP1_RR2#show ip route repair-paths 1.0.0.101
Routing entry for 1.0.0.101/32
  Known via "ospf 1", distance 110, metric 2, type intra area
  Last update from 1.1.12.1 on GigabitEthernet2, 06:33:04 ago
  Routing Descriptor Blocks:
  * 1.1.12.1, from 1.0.0.101, 06:33:04 ago, via GigabitEthernet2
      Route metric is 2, traffic share count is 1
      Repair Path: 1.2.12.2, via GigabitEthernet3
    [RPR]1.2.12.2, from 1.0.0.101, 06:33:04 ago, via GigabitEthernet3
      Route metric is 3, traffic share count is 1



ISP1_RR2#show ip cef 1.0.0.101
1.0.0.101/32
  nexthop 1.1.12.1 GigabitEthernet2
    repair: attached-nexthop 1.2.12.2 GigabitEthernet3

ISP1_RR2#
router ospf 1
 router-id 1.0.0.112
 prefix-priority high route-map HIGH
 fast-reroute per-prefix enable area 0 prefix-priority high
 area 0 authentication message-digest
 passive-interface Loopback0

ISP1_RR2#show run | sec route-map
 prefix-priority high route-map HIGH
route-map HIGH permit 10
 match ip address prefix-list HIGH

ISP1_RR2#
ip prefix-list HIGH seq 5 permit 1.0.0.133/32
ip prefix-list HIGH seq 10 permit 1.0.0.131/32
ip prefix-list HIGH seq 15 permit 1.0.0.132/32
ip prefix-list HIGH seq 20 permit 1.0.0.101/32
ip prefix-list HIGH seq 25 permit 1.0.0.102/32
ip prefix-list HIGH seq 30 permit 1.0.0.111/32
ip prefix-list HIGH seq 35 permit 1.0.0.112/32
ip prefix-list HIGH seq 40 permit 1.0.0.121/32
ip prefix-list HIGH seq 45 permit 1.0.0.122/32
ISP1_RR2#

Friday, 11 January 2019

MPLS LDP-IGP Synchronization

How MPLS LDP-IGP Synchronization Works
Packet loss can occur because the actions of the IGP and LDP are not synchronized. Packet loss can occur in the following situations:

•When an IGP adjacency is established, the router begins forwarding packets using the new adjacency before the LDP label exchange completes between the peers on that link.

•If an LDP session closes, the router continues to forward traffic using the link associated with the LDP peer rather than an alternate pathway with a fully synchronized LDP session.

The MPLS LDP-IGP Synchronization feature:

•Provides a means to synchronize LDP and IGPs to minimize MPLS packet loss.

•Enables you to globally enable LDP-IGP Synchronization on each interface associated with an IGP Open Shortest Path First (OSPF) or IS-IS process.

•Provides a means to disable LDP-IGP Synchronization on interfaces that you do not want enabled.

•Prevents MPLS packet loss due to synchronization conflicts.

•Works when LDP is enabled on interfaces using either the mpls ip or mpls ldp autoconfig command.

To enable LDP-IGP Synchronization on each interface that belongs to an OSPF or IS-IS process, enter the mpls ldp sync command. If you do not want some of the interfaces to have LDP-IGP Synchronization enabled, issue the no mpls ldp igp sync command on those interfaces.

If the LDP peer is reachable, the IGP waits indefinitely (by default) for synchronization to be achieved. To limit the length of time the IGP session must wait, enter the mpls ldp igp sync holddown command. If the LDP peer is not reachable, the IGP establishes the adjacency to enable the LDP session to be established.

When an IGP adjacency is established on a link but LDP-IGP Synchronization is not yet achieved or is lost, the IGP advertises the max-metric on that link.

MPLS LDP-IGP Synchronization Requires Peer To Be Reachable
When the MPLS LDP-IGP Synchronization feature is enabled on an interface, LDP determines if any peer connected by the interface is reachable by looking up the peer's transport address in routing table. If a routing entry (including longest match and/or default routing entry) for the peer exists, LDP assumes that LDP-IGP Synchronization is required for the interface and notifies the IGP to wait for LDP convergence.

This requires that the routing table be correct and accurate for peer's transport address. If the routing table shows there is a route for the peer's transport address, that route must be able to reach the peer's transport address. However, if the route is a summary route, default route, or a statically configured route, it might not the correct route for the peer. You must verify that the route in the routing table can reach the peer's transport address.

When the routing table has an inaccurate route for peer's transport address, LDP cannot set up a session with the peer, which causes the IGP wait for LDP convergence unnecessarily for the sync holddown time.

MPLS LDP-IGP Synchronization Compatibility with IGP Nonstop Forwarding
The MPLS LDP-IGP Synchronization feature is not supported during the startup period if IGP NSF is configured. The MPLS LDP-IGP Synchronization feature conflicts with IGP NSF when the IGP is performing NSF during startup. After the NSF startup is complete, the MPLS LDP-IGP Synchronization feature is supported.

MPLS LDP-IGP Synchronization Compatibility with LDP Graceful Restart
LDP Graceful Restart protects traffic when an LDP session is lost. If an interface that supports a Graceful Restart-enabled LDP session fails, MPLS LDP-IGP Synchronization is still achieved on the interface while it is protected by Graceful Restart. MPLS LDP-IGP Synchronization is eventually lost under the following circumstances:

•If LDP fails to restart before the LDP Graceful Restart reconnect timer expires.

•If an LDP session restarts through other interfaces, but the LDP session on the protected interface fails to recover when the LDP Graceful Restart recovery timer expires.

https://www.cisco.com/c/en/us/td/docs/ios/12_0s/feature/guide/fsldpsyn.html

MPLS LDP Session Protection

Information About MPLS LDP Session Protection

MPLS LDP Session Protection maintains LDP bindings when a link fails. MPLS LDP sessions are
protected through the use of LDP Hello messages. When you enable MPLS LDP, the label switched
routers (LSRs) send messages to find other LSRs with which they can create LDP sessions.

• If the LSR is one hop from its neighbor, it is directly connected to its neighbor. The LSR sends out
LDP Hello messages as User Datagram Protocol (UDP) packets to all the routers on the subnet. The
hello message is called an LDP Link Hello. A neighboring LSR responds to the hello message and
the two routers begin to establish an LDP session.

• If the LSR is more than one hop from its neighbor, it is not directly connected to its neighbor. The
LSR sends out a directed hello message as a UDP packet, but as a unicast message specifically
addressed to that LSR. The hello message is called an LDP Targeted Hello. The nondirectly
connected LSR responds to the Hello message and the two routers establish an LDP session. (If the
path between two LSRs has been traffic engineered and has LDP enabled, the LDP session between
them is called a targeted session.)

MPLS LDP Session Protection uses LDP Targeted Hellos to protect LDP sessions. Take, for example,
two directly connected routers that have LDP enabled and can reach each other through alternate IP
routes in the network. An LDP session that exists between two routers is called an LDP Link Hello
Adjacency. When MPLS LDP Session Protection is enabled, an LDP Targeted Hello Adjacency is also
established for the LDP session. If the link between the two routers fails, the LDP Link Adjacency also
fails. However, if the LDP peer is still reachable through IP, the LDP session stays up, because the LDP
Targeted Hello Adjacency still exists between the routers. When the directly connected link recovers, the
session does not need to be reestablished, and LDP bindings for prefixes do not need to be relearned


https://www.cisco.com/c/en/us/td/docs/ios/12_0s/feature/guide/fssespro.pdf

Thursday, 10 January 2019

Flexible configuration Cisco IOS XR

group MPLS
 mpls ldp
  igp sync delay on-proc-restart 60
  igp sync delay on-session-up 5
  neighbor
   password encrypted 032772382520
  !
  session protection
 !
end-group

mpls ldp
 apply-group MPLS


group ospf
 router ospf '.*'
  area '0'
   mpls ldp auto-config
   interface 'Gig.*'
    authentication-key encrypted 0802657D2A36
    authentication message-digest
    network point-to-point
   !
   interface 'Loopback0'
    passive enable
   !
  !
 !
end-group


router ospf PE
 apply-group ospf

show run router ospf inheritance

Monday, 7 January 2019

BGP PIC - EDGE - CORE

http://ciskonetwork.blogspot.com/2016/01/bgp-pic-core.html

http://ciskonetwork.blogspot.com/2016/01/bgp-pic-edge.html

http://newnog.net/meetings/nanog40/presentations/ClarenceFilsfils-BGP.pdf

Wednesday, 2 January 2019

CCIE - SP: OSPF & OSPFv3 PE-CPE

PE:

router ospf 21
 vrf CUST2
  redistribute bgp 100
  address-family ipv4
  area 0
   interface GigabitEthernet0/0/0/3
   !
  !
 !
!

router ospfv3 CPE
 vrf CUST2
  redistribute bgp 100
  area 0
   interface GigabitEthernet0/0/0/3
   !
  !
 !
 address-family ipv6
!

CPE:

router ospfv3 1
 !
 address-family ipv6 unicast vrf CUST2
  router-id 6.21.1.1
  capability vrf-lite
 exit-address-family
!
!
router ospf 1 vrf CUST2
 router-id 6.21.1.1
 capability vrf-lite
!
!
interface GigabitEthernet0/1
 vrf forwarding CUST2
 ip address 6.21.1.1 255.255.255.0
 ip ospf 1 area 0
 duplex auto
 speed auto
 media-type rj45
 ipv6 address 2001:DB9::6:21:1:1/122
 ipv6 enable
 ospfv3 1 ipv6 area 0
 no cdp enable
end


CCIE - SP: IOS XR Groups

PE Device:

group ospf
 router ospf '.*'
  router-id 1.0.0.103
  bfd minimum-interval 300
  bfd fast-detect
  bfd multiplier 3
  area '0'
   mpls ldp auto-config
   interface 'Gi.*'
    network point-to-point
    fast-reroute per-prefix
   !
   interface 'Loopback.*'
    passive enable
    fast-reroute per-prefix
   !
  !
 !
end-group


router ospf PE
 apply-group ospf
 area 0
  interface Loopback0
  !
  interface GigabitEthernet0/0/0/0
  !
  interface GigabitEthernet0/0/0/2
  !
 !
!

CCIE - SP: EIGRP PE-CPE

PE:

router eigrp CPE
 vrf CUST1
  address-family ipv4
   autonomous-system 1
   redistribute bgp 100
   interface GigabitEthernet0/0/0/2
   !
  !
  address-family ipv6
   autonomous-system 1
   redistribute bgp 100
   interface GigabitEthernet0/0/0/2

router bgp 100
vrf CUST1
  rd 1.0.0.132:1
  address-family ipv4 unicast
   redistribute connected
   redistribute eigrp 1
  !
  address-family ipv6 unicast
   redistribute connected
   redistribute eigrp 1

CPE:

router eigrp 1
 network 0.0.0.0
 passive-interface Loopback0
!
ipv6 router eigrp 1
 passive-interface Loopback0
!
interface GigabitEthernet0/1
 ip address 5.11.1.1 255.255.255.0
 duplex auto
 speed auto
 media-type rj45
 ipv6 address 2001:DB9::5:11:1:1/122
 ipv6 eigrp 1
 no cdp enable
end



1.1 Switched campus 1.1.a Switch administration 1.1.a i Managing MAC address table Show Commands: Switch#show mac address-table ?   address ...