3.2 BGP No-export
Bonehead error, I set the community via route-map on the aggregate adress but forgot the send-community ower the neighbor.
6.2 MPLS Label Filtering
New way (don't forget to disable mpls ldp advertise-labels for the ACL works, else everythin will be authorized):
mpls ldp advertise-labels for ACL_num
no mpls ldp advertise-labels
Old style (defining oldstyle means only what is on acl is authorized)
mpls ldp advertise-labels for ACL_num
mpls ldp advertise-labels oldstyle
6.3 Broken LSP
Loopback 5 of router 5 is /24 but ospf advertised it with a /32 as it's loopback.
The problem is R5 have only the /24 in its routing table and will then advertized a label for the /24. Other network will have a route to the /32 with no mls label toward R5 and do a broken LSP.
this could be verified with show mpls forward :
Local Outgoing Tag Prefix
Tag
20 Untagged 100.23.5.5/32
After loopback is set to point-to-point ospf network type
Local Outgoing Tag Prefix
Tag
20 Pop Tag 100.23.5.0/24
2nd Point,
On a NBMA network, the next-hop of a speak network will be the speak, but there will be no LDP relationship between speaks, so no labels for the speak network. The idea is to force the Hub to reset the next-hop to self in order to match the peer of the advertised label. Or to add a route to speak network to the hub, the best-route next-hop will then match the label advertised by the hub.
7.6 As-override and Site Of Origin
The task was about customer of AS 100 always using AS18 in loop-free manner.
I only configured allow-as 1 on customer side.
Proctor use a Service Provider side solution :
AS-override in order all routes be from AS18 be replaced by the AS 100. As customer are in AS 18 incoming routes from 100 will be accepted creating routing loop.
Using Soo prevent it in cse of multihoming
Incoming route of a site is tagged on the PE
route-map SoO permit 10
set extcomm soo 100:18
neighbor x.x.x.x SoO in
It will automatically prevent the same SoO to re-enter in the same site.
8.4 Identd
Even with doccd didnt found this : it's about telnetting to 113 and know which port my others connection to this router use.
Inscription à :
Publier les commentaires (Atom)
Aucun commentaire:
Enregistrer un commentaire