Uncategorized Archives - Page 4 of 9

18 Jun

MPLS workshop #2 – MP-BGP for L3VPN in the Core

Our core network after first chapter of workshop is able to forward labeled packets. Let’s focus now on deploying some services within this network. First MPLS L3VPN. As for now we have IS-IS as an IGP protocol in the core to forward prefixes of links and loopbacks, and LDP to maintain label exchange. Next step is to introduce mechanism that will allow us to attach label information to prefixes. MP-BGP is an extension of standard BGP protocol that let us carry MPLS VPN routes. It’s flexible and well known protocol. At this step we configure core routers (P and PE) to carry MPLS VPN routes.
Read More →

16 Jun

MPLS workshop #1 – Basic MPLS Core configuration

This is the first post in a series where I’ll be presenting various aspects of MPLS network. Starting from basics and moving forward to more advanced topics. We’ll be using following topology:

As you can see we have two P routers, three PE routers, four CE routers and one of PE routers will also act as BGP route reflector. Different MPLS L3VPN networks are using different CE-PE protocols. Every router have Loopback0 interface configured with address 10.0.0.x/32 where x is the router number. Subnets on links between routers are addressed in scheme known from CCIE workbooks, that third octet shows between what routers link is configured and fourth octet represents router number. So if we are talking about link between R4 and R5 the address on R4 E0/1 interface is 10.0.45.4/24 and on R5 E0/1 interface 10.0.45.5/24.
Read More →

05 Jun

Why summarization is not always good in MPLS VPN networks

There are four cases when summarization shouldn’t be used in MPLS Backbone:

MPLS VPNs
MPLS TEs
MPLS-enabled ATM network
Transit BGP where core routers are not running BGP

So those are the cases where end-to-end LSPs are required. Let’s look why.
Read More →

30 May

SPAN available on ASR903

IOS XE 3.6.1S has just been released. Not many new features were introduced since 3.6.0S release but on useful is already deployed on this platform – Switch Port Analyzer (SPAN), sometimes called also as port mirroring. It’s useful if you want to capture traffic from particular interface and send it to other. It’s well known on other Cisco platforms

ASR903 supports SPAN only on physical ports. It’s not possible to apply session to EFP or VLAN. Up to 16 sessions are supported with one destination which is set as access port. By default it mirrors traffic sent in both ways. Traffic can only be mirrored locally – RSPAN is not supported.

configuration is simple and not differ from one know from other platforms

Router(config)# monitor session 2 source interface gigabitethernet 2/2
Router(config)# monitor session 2 destination interface gigabitethernet 2/1

07 Apr

Carrier Grade NAT on ASR1000

IOS XE 3.6S was released recently introducing Carrier Grade NAT to ASR 1000 platform. CGN translates IPv4 addresses into IPv6 addresses and vice versa and is one of the most critical feature while world is slowly moving into IPv6 addressing. It can also be used for NAT44 (IPv4 private to IPv4 public) translation. What differs CGN from traditional NAT? CGN increases the scalability of the number of NAT translations that can be supported because destination information is not stored and works good with carrier services like broadband access aggregation (ie. PPPoE, DSL)
Read More →

24 Jan

BGP Route Server on ASR1000

BGP Route Server is feature designated mostly for IX (Internet Exchange) deployment. You can find many deployment around the world mostly using open software like Quagga, but it’s also available on Cisco’s ASR1000 routers. Route server is an advanced route reflector which provide customized policy support for each service provider, which means that standard path selection can be overridden by route policies set per particular provider.
Read More →

29 Nov

BGP Origin AS Validation – IOS XE 3.5S

Just yesterday IOS XE 3.5S for ASR1000 platform has been released. One of the new features introduced for ASR1000 platform is Origin AS Validation for BGP protocol. This feature helps prevent operators from inadvertently advertising routes to networks they do not control using RPKI server to authenticate that certain BGP prefixes.
Read More →

14 Nov

EURONOG 1 presentations

EURONOG is an international meeting of experts responsible for the design, maintenance and development of ICT networks. It’s first edition took place in Kraków in September. All presentations from this meeting, including mine, are available on conference page.

05 Oct

End of Cisco 7200 Era

It was expected since the day ASR1000 has been announced. Now it’s a fact – ASR1000 is a grown up platform so Cisco 7200 is going to finish it’s life. If you want it in your network you have less than a year to order it.
Cisco 7200 EoS/EoL

04 Oct

Identyfying PPPoE transient sessions

If PPP negotiations fails (ie. due to problems with authentication or lack of account on RADIUS server) session stays in transient state for some time. You can list those session

bras# show pppoe summary                                             
    PTA  : Locally terminated sessions
    FWDED: Forwarded sessions
    TRANS: All other sessions (in transient state)

                                TOTAL     PTA   FWDED   TRANS
TOTAL                            5678    5673       0       5
GigabitEthernet1/0/0             3863    3862       0       1
GigabitEthernet1/1/0             1815    1811       0       4

It’s possible to identify MAC address for modems that couldn’t establish sessions

bras# sh pppoe ses | i LCP   
   3095  28818  000e.5499.722d  Gi1/0/0.525              1  N/A        LCP  
   3548  28669  001f.a45c.7a4d  Gi1/1/0.527              1  N/A        LCP  
  13370  28817  0013.3319.316d  Gi1/1/0.527              1  N/A        LCP  
   6372  28813  0013.3199.751e  Gi1/1/0.527              1  N/A        LCP  
   6018  28812  0019.c8a3.3d66  Gi1/1/0.1598             3  N/A        LCP

IT Playground Blog

Network Security Automation Cloud IoT

Category Archives: Uncategorized