5-IPv6 Module 05 Upstream EBGP

APNIC IPv6/Routing Workshop Lab
Module 5 eBGP with Upstream for Native and Tunnel Transit
Objective: All the workshop lab routers are configured with required basic, interface, OSPF/ISIS, iBGP and eBGP with CPE router configuration according to the topology diagram below.
Network level reachability testing for all twelve routers loopback interfaces, all twelve point-topoint links, two transport links, eight customer sider point-to-point aggregated, four datacentre
aggregated and eight customer LAN prefixes are successfully done in our previous modules
(Module 1, 2, 3 & 4). Participants on regional core routers will only require to configure eBGP
peering with the upstream service provider routers either IPv4/IPv6 native (R5 & R11) or
through IPv6 in IPv4 tunnel and other related configuration on this module. Workshop
instructor will be presenting upstream eBGP (Both native & tunnel) design goal & specification
for this module. Workshop team has already been build and participants have got access to their
designated routers.
Prerequisites: Intermediate routing concept (OSPF/IS-IS, iBGP, eBGP, 6in4 tunnel etc.), Cisco
router CLI, Telnet/SSH software etc.
The following will be the common topology and IP address plan used for the labs.
Figure 1 ISP Lab Topology

1
APNIC V2.0
Created: 02 June 2010
Updated: 19 August 2013
nurul/documents/traininglab/
Tuesday, June 02, 2015
Lab Notes
This workshop is intended to be run on real cisco routers with the above lab topologies set up. This
module lab is installed in APNIC office in Brisbane. It is a live network connected to the Internet. Lab
routers are using both IPv4 and IPv6 supported Cisco IOS software. Workshop instructor will be
providing required username, password and IP address related information to be able to SSH to the lab
routers. Participants should do their workshop module configuration to achieve following goals.
1. In our previous module (Module 4) exercise we have successfully finished adding customers
using eBGP to the regional POP routers. We have investigated those options on how our
perimeter router learns external prefix (i.e. downstream customer) using eBGP and how those
prefixes are propagated across other part of the network using iBGP protocol.
2. In this module we will connect our region two and region four core routers (i.e R5 & R11) to
AS45192 using IPv6 native transport and region one and region three core routers (i.e. R2 &
R8) to AS 131107 (4 byte) using IPv6 in IPv4 tunnel transit. We will be getting full BGP feed
for IPv6 prefixes and default for IPv4 from both of our upstream ISPs on four core routers.
Regional core routers will forward those prefixes to regional POP routers using iBGP. After
finishing the required configuration in this module we will be able to see all available IPv6
global prefixes into our network. Our prefix (2406:6400::/32) will also be advertised to the
global IPv6 Internet originated from our AS17821. Configuration outcome can be verified
from any publicly available looking glass or route servers. I.e. http://www.route-servers.net or
http://lookingglass.level3.net
3. For the time management purpose upstream routers are already configured with required
interface and BGP configuration. Participants only need to configure their allocated routers and
can be able to verify the configuration outcome.
4. In this particular module each regional team need to configure only one router i.e. their
regional core routers. From the POP routers you only need to verify the configuration outcome.
5. Here are the steps involved on the regional core routers:
a. Upstream WAN interface/Tunnel interface configuration
b. eBGP peering configuration
c. Prefix advertisement using aggregate address command.
d. Change the eBGP next-hop to next-hop self on the border router.
6. DuetotimerestrictioninworkshopeBGPanalysisandexamplewillcoverIPv6prefixesonly.
YoucancheckIPv4prefixesforyourownunderstandingpurpose.
7. As an example here we have outlined IPv6 related configuration only. Since we are building
dual stack routers, please make sure you will finish IPv4 related configuration as well. For
relevant command please visit the reference section of this document.
Lab Exercise Example Region 1

1. Region 1 IPv4 Configuration: Only Router2 will require to configure IPv4 transit with AS45192
in region 1. But the upstream router in AS45192 does not support IPv6 transit yet. So the
workshop group for region 1 need to configure IPv6 transit using IPv6 in IPv4 tunnel. All the steps
are explained below. Command description can be found in Module 1 exercise.
Step one example IPv4 upstream interface config on Router2:
config t
interface e1/2
This interface is connecting to upstream ISP

description Transit with AS45192
no ip redirects
no ip directed-broadcast
no ip unreachables
no cdp enable
ip address 192.168.1.22 255.255.255.252
no shutdown
exit
exit
wr
Step two example interface connectivity verification:

Ping 192.168.1.21 [!!!!!]
Other side of point-to-point link

Step three example eBGP peering config:
config t
router bgp 17821
address-family ipv4
neighbor 192.168.1.21 remote-as 45192
neighbor 192.168.1.21 activate
exit
exit
exit
wr
Stepfourexampleprefixadvertisementconfig:
config t
router bgp 17821
address-family ipv4
aggregate-address 172.16.0.0 255.255.224.0
This command will install a pull up route (null 0) in the IGP table and send a summarized /19
advertisement from BGP.
exit
exit
exit
wr
APNIC V2.0
StepfivechangethenexthoptoselfforeBGPprefixes:
config t
router bgp 17821
address-family ipv4
neighbor IPV4-iBGP-REG2 next-hop-self
neighbor IPV4-iBGP-TRCORE next-hop-self
exit
exit
exit
wr
Step six verify IPv4 upstream transit configuration:

sh
sh
sh
sh
sh
bgp ipv4
bgp ipv4
ip route
bgp ipv4
ip route
ping
ping
ping
ping
2.
unicast summary
[Number of prefixes received from peers]
unicast
[Any new prefix?]
bgp
[Any new prefix?]
unicast neighbors [Upstream ISP Router] received-routes/routes
192.168.1.6
192.168.1.10
192.168.1.26
192.168.1.1
[!!!!!]
[!!!!!]
[!!!!!]
[!!!!!]
Region1IPv6Configuration:UpstreamrouterconnectedtoRouter2doesnotsupportIPv6
nativetransit.SowefoundatunnelbrokerAS131107whoisnotadirectlyconnectedASbut
happytoprovideusIPv6transitservicethrough6in4tunnel.Sincewecanpingtunnelbroker
routeronIPv4(Tunneldestination192.168.1.1)wearereadytosetupthetunnelandthenBGP
peering.Herearethesteps:
Step one example IPv6 tunnel interface config on Router2:
config t
interface Tunnel0
description Tunnel Interface to AS131107
tunnel source 172.16.15.2
Loopback address of Router 2

tunnel destination 192.168.1.1
Egress interface address of tunnel broker router

tunnel mode ipv6ip
Tunnel encapsulation protocol ipv6ip

ipv6 address 2406:6400:E:40::2/64
Virtual P-to-P interface between Router2 and Tunnel broker router belongs to same subnet.
exit
exit
wr
Step two tunnel interface connectivity verification:

ping 2406:6400:E:40::1 [!!!!!]

config t
router bgp 17821
address-family ipv6
neighbor 2406:6400:e:40::1 remote-as 23456
neighbor 2406:6400:e:40::1 activate
Notice the remote AS is 23456 which is a special AS in 2 byte range. Tunnel broker AS is 131107
which is a 4 byte range. Since router2 IOS version does not support 4 byte AS number we need to
use this special AS number to setup the peering. Presentation on 4 byte AS number will cover
more detail on this.
exit
exit
exit
wr
config t
router bgp 17821
address-family ipv6
aggregate-address 2406:6400::/32
This command will install a pull up route (null 0) in the IGP table and send a summarized /32
advertisement from BGP.
exit
exit
exit
wr
config t
router bgp 17821
address-family ipv6
exit
exit
exit
wr

sh
sh
sh
sh
sh
bgp ipv6 unicast summary

bgp ipv6 unicast
[Any new prefix?]
ipv6 route bgp
[Any new prefix?]
bgp ipv6 unicast neighbors [Upstream ISP Router] received-routes/routes
ip route
ping 2406:6400::5
ping 2001:DF0:A:100::1
ping 2001:DF0:A:F00::1
[!!!!!]
[!!!!!]
[!!!!!]
APNIC V2.0
Lab Exercise Example Region 2

3. Region 2 IPv4 Configuration: Only Router5 will require to configure IPv4 transit with AS45192
in region 2. Upstream router in AS45192 does support IPv6 native transit. So the workshop group
for region 2 need to configure native IPv6 transit with AS45192. All the steps are explained below.
Command description can be found in Module 1 and previous exercise.
Step one example IPv4 upstream interface config on Router2:
config t
interface Ethernet1/2
no ip redirects
no ip unreachables
no cdp enable
ip address 192.168.1.6 255.255.255.252
no shutdown
exit
exit
wr
Step two example interface connectivity verification:

Ping 192.168.1.5 [!!!!!]
Other side of point-to-point link

config t
router bgp 17821
address-family ipv4
exit
exit
exit
wr
config t
router bgp 17821
address-family ipv4
exit
exit
exit
wr
config t
router bgp 17821
address-family ipv4
6

exit
exit
exit
wr

sh
sh
sh
sh
sh
bgp ipv4
bgp ipv4
ip route
bgp ipv4
ip route
ping
ping
ping
ping
4.
unicast summary
unicast
[Any new prefix?]
bgp
[Any new prefix?]
unicast neighbors [Upstream ISP Router] received-routes/routes
192.168.1.6
192.168.1.10
192.168.1.26
192.168.1.1
[!!!!!]
[!!!!!]
[!!!!!]
[!!!!!]
Region2IPv6Configuration:UpstreamrouterconnectedtoRouter5doessupportIPv6native
transit.SowecansetupnativeIPv6transitservicewithupstreamAS45192router.Herearethe
steps:
Step one example IPv6 tunnel interface config on Router2:
config t
ipv6 address 2001:DF0:A:F00::2/64
exit
exit
wr
Step two tunnel interface connectivity verification:

ping 2001:DF0:A:F00::1 [!!!!!]

config t
router bgp 17821
address-family ipv6
neighbor 2001:df0:a:f00::1 remote-as 45192
neighbor 2001:df0:a:f00::1 activate
exit
exit
exit
wr
config t
router bgp 17821
address-family ipv6
exit
exit
exit
APNIC V2.0
wr
config t
router bgp 17821
address-family ipv6
exit
exit
exit
wr

sh
sh
sh
sh
sh
bgp ipv6 unicast summary

bgp ipv6 unicast
[Any new prefix?]
ipv6 route bgp
[Any new prefix?]
bgp ipv6 unicast neighbors [Upstream ISP Router] received-routes/routes
ip route
ping 2406:6400::5
ping 2001:DF0:A:100::1
ping 2001:DF0:A:F00::1
[!!!!!]
[!!!!!]
[!!!!!]
END OF MODULE FIVE

Next pages for reference template used on different routers.
Workshop templates for reference purpose only

Upstream Transit Service Conf Region 1:
IPv6 Internet
IPv4 Internet
APNIC NOC
SW1
e1/3
e1/0
e1/1
e1/1
e1/1
33
10 2
AS17821
lo 0
172.16.15.11/32
2406:6400::11/128
e1/1
1 49
fa0/0
1 53
e1/3
11
e1/3
e1/1
172.16.10.76/30
2406:6400:f:31:/64
e1/1
R8
lo 0
172.16.15.8/32
2406:6400::8/128
e1/0
78 2
lo 0
172.16.15.7/32
2406:6400::7/128
lo 0
172.16.15.9/32
2406:6400::9/128
2 58
R9
fa0/0
e1/0
11
2 54
172.16.26.0/23
2406:6400:308::/48
R12
fa0/1
e1/2
77 1
11
fa0/0
1 57
e1/1
fa0/8
44
fa0/0
e1/0
172.16.10.72/30
2406:6400:f:30:/64
e1/1
172.16.10.80/30
2406:6400:f:32:/64
73 1
192.168.1.8/30
2001:DF0:A:F01::/64
2 50
172.16.10.56/30
2406:6400:f:22:/64
11
R7
e1/0
172.16.10.52/30
2406:6400:f:21:/64
82 2
fa0/0
44
fa0/0
fa0/8
11
o0
.15.12/32
00::12/128
R11
11
fa0/5
SW2
33
o0
.15.10/32
00::10/128
lo 0
172.16.15.6/32
2406:6400::6/128
R6
2 30
172.16.10.48/30
2406:6400:f:20:/64
81 1
2 34
e1/0
fa0/11
e0/0
74 2
lo 0
172.16.15.4/32
2406:6400::4/128
172.16.24.0/23
2406:6400:300::/48
R10
11
fa0/0
1 29
e1/0
fa0/2
fa0/11
2406:6400:E:41::/64
fa0/5
e1/0
6 2
fa0/1
11
fa0/0
172.16.10.4/30
2406:6400:f:1:/64
e1/1
62
172.16.12.0/24
2406:6400:d::/48
1 25
fa0/0
e1/22 2
fa0/0
1 33
172.16.22.0/23
2406:6400:208::/48
R3
2406:6400:E:40::/64
R5
fa0/2
10 2
11
172.16.13.0/24
2406:6400:e::/48
fa0/1
2
192.168.1.4/30
2001:DF0:A:F00::/64
11
fa0/0
AS45192
e1/1
e1/3
R2
51
9 1
11
e1/0
172.16.10.8/30
2406:6400:f:2:/64
AS131107
11
172.16.10.28/30
2406:6400:f:11:/64
lo 0
6.15.3/32
400::3/128
NTv
e1/0
2 26
172.16.10.32/30
2406:6400:f:12:/64
lo 0
6.15.1/32
400::1/128
TS
5 1
11
172.16.10.0/30
2406:6400:f::/64
e1/1
91
R4
e1/0
172.16.10.24/30
2406:6400:f:10:/64
22
e1/1
11
fa0/0
AS4608
fa0/1
AS6939
R1
172.16.20.0/23
2406:6400:200::/48
Hurricane
IPv4 upstream conf Router1 & Router3:

No configuration required
Wait for R2, R5, R8 & R11 to finish configuration then perform following verification to analyse network effect.
IPv4 WAN interface conf Router2:

config t
interface e1/2
no ip redirects
no ip unreachables
no cdp enable
ip address 192.168.1.22 255.255.255.252
no shutdown
exit
exit
wr
IPv4 eBGP peering config Router2:

9
APNIC V2.0
config t
router bgp 17821
address-family ipv4
exit
exit
exit
wr
IPv4 prefix advertisement config Router2:

config t
router bgp 17821
address-family ipv4
exit
exit
exit
wr
IPv4 next-hop to self for eBGP prefixes Router2:

config t
router bgp 17821
address-family ipv4
exit
exit
exit
wr

IPv6 Tunnel interface conf Router2:

config t
interface Tunnel0
tunnel mode ipv6ip
ipv6 address 2406:6400:E:40::2/64
exit
exit
wr

config t
router bgp 17821
address-family ipv6
10

exit
exit
exit
wr

config t
router bgp 17821
address-family ipv6
exit
exit
exit
wr

config t
router bgp 17821
address-family ipv6
exit
exit
exit
wr
11
APNIC V2.0


config t
no ip redirects
no ip unreachables
no cdp enable
ip address 192.168.1.6 255.255.255.252
no shutdown
exit
exit
12

wr

config t
router bgp 17821
address-family ipv4
exit
exit
exit
wr

config t
router bgp 17821
address-family ipv4
exit
exit
exit
wr

config t
router bgp 17821
address-family ipv4
exit
exit
exit
wr

IPv6 P-to-P interface conf Router5:

config t
exit
exit
wr

config t
router bgp 17821
address-family ipv6
13
APNIC V2.0

exit
exit
exit
wr

config t
router bgp 17821
address-family ipv6
exit
exit
exit
wr

config t
router bgp 17821
address-family ipv6
exit
exit
exit
wr
14

IPv6 Internet
IPv4 Internet
APNIC NOC
SW1
e1/3
e1/0
e1/1
e1/1
e1/1
R8
33
AS17821
lo 0
172.16.15.11/32
2406:6400::11/128
e1/1
1 49
fa0/0
10 2
1 53
e1/3
11
e1/3
e1/1
172.16.10.76/30
2406:6400:f:31:/64
e1/1
lo 0
172.16.15.8/32
2406:6400::8/128
e1/0
78 2
e1/1
fa0/8
44
fa0/0
e1/0
172.16.10.72/30
2406:6400:f:30:/64
e1/1
172.16.10.80/30
2406:6400:f:32:/64
fa0/1
e1/2
77 1
11
fa0/0
lo 0
172.16.15.7/32
2406:6400::7/128
lo 0
172.16.15.9/32
2406:6400::9/128
2 58
R9
fa0/0
e1/0
2 54
11
172.16.26.0/23
2406:6400:308::/48
11
192.168.1.8/30
2001:DF0:A:F01::/64
fa0/0
1 57
172.16.10.56/30
2406:6400:f:22:/64
73 1
R12
R7
2 50
172.16.10.52/30
2406:6400:f:21:/64
82 2
fa0/0
44
11
e1/0
11
o0
.15.12/32
00::12/128
R11
R6
fa0/8
33
o0
.15.10/32
00::10/128
lo 0
172.16.15.6/32
2406:6400::6/128
fa0/5
SW2
172.16.10.48/30
2406:6400:f:20:/64
81 1
2 34
e1/0
2 30
fa0/11
e0/0
74 2
lo 0
172.16.15.4/32
2406:6400::4/128
172.16.24.0/23
2406:6400:300::/48
R10
11
fa0/0
1 29
e1/0
fa0/2
fa0/11
2406:6400:E:41::/64
fa0/5
e1/0
6 2
fa0/1
11
fa0/0
e1/1
172.16.10.4/30
2406:6400:f:1:/64
e1/1
62
11
172.16.12.0/24
2406:6400:d::/48
1 25
fa0/0
e1/22 2
fa0/0
1 33
172.16.22.0/23
2406:6400:208::/48
R3
2406:6400:E:40::/64
fa0/2
10 2
fa0/0
172.16.13.0/24
2406:6400:e::/48
fa0/1
2
192.168.1.4/30
2001:DF0:A:F00::/64
11
R5
e1/1
e1/3
R2
51
AS45192
11
e1/0
e1/1
AS131107
9 1
11
e1/0
2 26
172.16.10.32/30
2406:6400:f:12:/64
172.16.10.8/30
2406:6400:f:2:/64
5 1
NTv
172.16.10.28/30
2406:6400:f:11:/64
lo 0
6.15.3/32
400::3/128
TS
11
lo 0
6.15.1/32
400::1/128
R4
e1/0
172.16.10.24/30
2406:6400:f:10:/64
22
91
172.16.10.0/30
2406:6400:f::/64
fa0/0
AS4608
fa0/1
AS6939
R1
11
172.16.20.0/23
2406:6400:200::/48
Hurricane

15
APNIC V2.0

config t
interface e1/2
no ip redirects
no ip unreachables
no cdp enable
ip address 192.168.1.26 255.255.255.252
no shutdown
exit
exit
wr

config t
router bgp 17821
address-family ipv4
exit
exit
exit
wr

config t
router bgp 17821
address-family ipv4
exit
exit
exit
wr

config t
router bgp 17821
address-family ipv4
exit
exit
exit
wr

16
IPv6 Tunnel interface conf Router8:

config t
interface Tunnel0
tunnel mode ipv6ip
ipv6 address 2406:6400:E:41::2/64
exit
exit
wr

config t
router bgp 17821
address-family ipv6
exit
exit
exit
wr

config t
router bgp 17821
address-family ipv6
exit
exit
exit
wr

config t
router bgp 17821
address-family ipv6
exit
exit
exit
wr
17
APNIC V2.0
18


config t
no ip redirects
no ip unreachables
no cdp enable
ip address 192.168.1.10 255.255.255.252
no shutdown
exit
exit
wr

config t
router bgp 17821
address-family ipv4
exit
exit
exit
wr

config t
router bgp 17821
address-family ipv4
exit
exit
exit
wr

config t
router bgp 17821
address-family ipv4
exit
exit
exit
wr

19
APNIC V2.0
IPv6 P-to-P interface conf Router11:

config t
exit
exit
wr

config t
router bgp 17821
address-family ipv6
exit
exit
exit
wr

config t
router bgp 17821
address-family ipv6
exit
exit
exit
wr

config t
router bgp 17821
address-family ipv6
exit
exit
exit
wr
20
21
APNIC V2.0

5-IPv6 Module 05 Upstream EBGP

Încărcat de

Informații document

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

5-IPv6 Module 05 Upstream EBGP

Încărcat de

Drepturi de autor:

Formate disponibile

APNIC IPv6/Routing Workshop Lab

Module 5 eBGP with Upstream for Native and Tunnel Transit

Figure 1 ISP Lab Topology

Tuesday, June 02, 2015

APNIC IPv6/Routing Workshop Lab

Lab Exercise Example Region 1

This interface is connecting to upstream ISP

Step two example interface connectivity verification:

Other side of point-to-point link

Tuesday, June 02, 2015

Step six verify IPv4 upstream transit configuration:

Loopback address of Router 2

Egress interface address of tunnel broker router

Tunnel encapsulation protocol ipv6ip

Step two tunnel interface connectivity verification:

APNIC IPv6/Routing Workshop Lab

Step three example eBGP peering config:

Step six verify IPv4 upstream transit configuration:

bgp ipv6 unicast summary

Tuesday, June 02, 2015

Lab Exercise Example Region 2

Step two example interface connectivity verification:

Other side of point-to-point link

APNIC IPv6/Routing Workshop Lab

Step six verify IPv4 upstream transit configuration:

Step two tunnel interface connectivity verification:

Step three example eBGP peering config:

Tuesday, June 02, 2015

Step six verify IPv4 upstream transit configuration:

bgp ipv6 unicast summary

END OF MODULE FIVE

APNIC IPv6/Routing Workshop Lab

Workshop templates for reference purpose only

IPv4 upstream conf Router1 & Router3:

IPv4 WAN interface conf Router2:

IPv4 eBGP peering config Router2:

Tuesday, June 02, 2015

IPv4 prefix advertisement config Router2:

IPv4 next-hop to self for eBGP prefixes Router2:

IPv6 upstream conf Router1 & Router3:

IPv6 Tunnel interface conf Router2:

IPv6 eBGP peering config Router2:

APNIC IPv6/Routing Workshop Lab

IPv6 prefix advertisement config Router2:

IPv6 next-hop to self for eBGP prefixes Router2:

Tuesday, June 02, 2015

Upstream Transit Service Conf Region 2:

IPv4 upstream conf Router4 & Router6:

IPv4 WAN interface conf Router5:

APNIC IPv6/Routing Workshop Lab

IPv4 eBGP peering config Router5:

IPv4 prefix advertisement config Router5:

IPv4 next-hop to self for eBGP prefixes Router5:

IPv6 upstream conf Router4 & Router6:

IPv6 P-to-P interface conf Router5:

IPv6 eBGP peering config Router5:

Tuesday, June 02, 2015

neighbor 2001:df0:a:f00::1 remote-as 45192

IPv6 prefix advertisement config Router5:

IPv6 next-hop to self for eBGP prefixes Router5:

APNIC IPv6/Routing Workshop Lab

Upstream Transit Service Conf Region 3:

IPv4 upstream conf Router7 & Router9:

Tuesday, June 02, 2015