Troubleshooting
Ticket 4 Vrf leaking
The purpose was to interconnect 2 ospf area0 thrue another router that shoudn't be aware of those routes without GRE.
Solution is VRF. I used one vrf on the middle routers, put the interface interconnecting the domains on the vrf and an ospf process. The routes then appears as intra-area whereas it was asked to be inter-area. The solution for it :
- 1 vrf by domain
- 1 ospf process by domain redistributing bgp
- Vrf leaking between both vrf with import/export route-targer
- Redistributing of bgp<->ospf of each Vrf.
Configuration
Task 2.5
Use of community local-as : use in a confederation, permits to advertise only inside the local-as and not to ebgp peers nor ebgp inside the confederation.
Task 5.1
AAA authentication.
Usually, the list of methods used for authentication is used in order if the first fails it uses the second. Fails means no answer and not an authentication failure due to missing user or wrong password.
It seems that there is an exception with local. If local is put first it will first try local if wrong password the process stop. But if the user doesn't exist on local database it will goes to next :
username ccie password ipexpert
aaa authentication login default local group radius
Will authethenticate ccie locally, and use radius for others users.
Inscription à :
Publier les commentaires (Atom)
Aucun commentaire:
Enregistrer un commentaire