From: ccie2be (ccie2be@nyc.rr.com)
Date: Fri Aug 06 2004 - 12:08:31 GMT-3
Hi James,
This looks like the answer I was looking for.
But, let me make sure I completely understand how to do what you're saying.
R1's config:
int tun 0
ip add y.y.y.y
tun source s0
tun dest y.y.y.z
int s0
ip access-group # <---- blocks bgp traffic
Now, if the neighbor comes up, I know that it's using the tunnel because the
physical int is blocking bgp traffic. Is this correct?
With your other suggestion, debug ip packets, what is the output I should
look for?
Thanks alot for your help.
BTW, have you set a date for your lab?
Tim
----- Original Message -----
From: "James" <james@towardex.com>
To: "ccie2be" <ccie2be@nyc.rr.com>
Cc: "'Brian McGahan'" <bmcgahan@internetworkexpert.com>; "'Group Study'"
<ccielab@groupstudy.com>; <samccie2004@yahoo.co.uk>
Sent: Friday, August 06, 2004 10:14 AM
Subject: Re: Using Tunnels with iBGP
> On Fri, Aug 06, 2004 at 09:57:29AM -0400, ccie2be wrote:
> > Hey Sam,
> >
> > It seems like you understand the issue here, but you didn't mention how
I
> > can verify if packets between the peers are using the tunnel rather than
> > just the IGP.
>
> debug ip packets on the tunnel or:
>
> Put an ACL on the physical interface that tunnel transits through:
> acc 101 den tc an eq 179 an
> acc 101 den tc an an eq 179
> acc 101 per ip an an
>
> Now, wait a bit, up to the maximum hold-down timer configured (Cisco
default
> is 180 seconds). Then...
> If your bgp session is still alive, congratulations, its going over
tunnel! :)
>
> Hope this helps..
> -J
>
> --
> James Jun TowardEX
Technologies, Inc.
> Technical Lead Network Design, Consulting, IT
Outsourcing
> james@towardex.com Boston-based Colocation & Bandwidth
Services
> cell: 1(978)-394-2867 web: http://www.towardex.com , noc:
www.twdx.net
This archive was generated by hypermail 2.1.4 : Fri Sep 03 2004 - 07:02:34 GMT-3