RE: BGP peering using secondary IP addresses ?!...

From: Scott Morris (swm@emanon.com)
Date: Thu Jan 13 2005 - 18:02:01 GMT-3

• Next message: Brant I. Stevens: "Re: IE lab 15 - BGP over isdn"
• Previous message: Joe Chang: "DLSW circuit testing ... without PCs?"
• Maybe in reply to: micsoniu@telus.net: "BGP peering using secondary IP addresses ?!..."
• Next in thread: steve.skinner@uk.pwc.com: "RE: BGP peering using secondary IP addresses ?!..."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Heheheh... Would we do something like that?

:)

When this started, I thought that it was a real-life type question, but it
certainly has moved into that 'not plausible' end!

Remember there is only so much time during the exam though, and there are
much more entertaining things that can be thrown at you to take up your
time. IMHO!

 
Scott Morris, MCSE, CCDP, CCIE4 (R&S/ISP-Dial/Security/Service Provider)
#4713, JNCIP, CCNA-WAN Switching, CCSP, Cable Communications Specialist, IP
Telephony Support Specialist, IP Telephony Design Specialist, CISSP
CCSI #21903
swm@emanon.com
 
 
 

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Alexander Arsenyev (GU/ETL)
Sent: Thursday, January 13, 2005 2:24 PM
To: 'Radu Pavaloiu'; Vazman@aol.com; Group Study
Subject: RE: BGP peering using secondary IP addresses ?!...

One more tweak to be soon included in new workbooks and possibly new version
of R&S exam :-] I'm sure Brians/Scott will take a note as well as proctors
who are secretly visiting this forum.
Cheers
Alex

-----Original Message-----
From: Radu Pavaloiu [mailto:Radu.Pavaloiu@connex.ro]
Sent: 13 January 2005 19:08
To: Alexander Arsenyev (GU/ETL); Vazman@aol.com; Group Study
Subject: RE: BGP peering using secondary IP addresses ?!...

It's works:

R1

interface Loopback1
 ip address 1.1.1.1 255.255.255.255
 ip nat inside
!
interface FastEthernet0/0
 ip address 192.168.1.1 255.255.255.0 secondary ip address 10.0.0.1
255.255.255.0 ip nat outside duplex auto speed auto

router bgp 100
 no synchronization
 bgp log-neighbor-changes
 neighbor 192.168.1.2 remote-as 100
 no auto-summary
!
ip local policy route-map bgp
ip nat inside source static 10.0.0.1 192.168.1.1 extendable ip http server
ip classless !
!
!
access-list 100 permit tcp any any eq bgp !
route-map bgp permit 10
 match ip address 100
 set interface Loopback1

R2

interface FastEthernet0/0
 ip address 192.168.1.2 255.255.255.0 secondary ip address 10.0.0.2
255.255.255.0 duplex auto speed auto

router bgp 100
 no synchronization
 bgp log-neighbor-changes
 neighbor 192.168.1.1 remote-as 100
 no auto-summary

R1#show ip bgp summary
BGP router identifier 10.0.0.1, local AS number 100 BGP table version is 1,
main routing table version 1

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down
State/PfxRcd
192.168.1.2 4 100 19 19 1 0 0 00:03:54
0

R2#show ip bgp summary
BGP router identifier 2.2.2.2, local AS number 100 BGP table version is 1,
main routing table version 1

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down
State/PfxRcd
192.168.1.1 4 100 23 23 1 0 0 00:07:33
0

R1#show ip nat translations
Pro Inside global Inside local Outside local Outside
global
--- 192.168.1.1 10.0.0.1 --- ---
tcp 192.168.1.1:11011 10.0.0.1:11011 192.168.1.2:179
192.168.1.2:179

Regards,

I die. I fracture into thousands of fragments of flushed embarrassment.
My body parts fly, connectionless, over a badly constructed spanning tree
that isn't quite loop free.
I fall screaming into 127.0.0.1.

Radu
#2658

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Alexander Arsenyev (GU/ETL)
Sent: Thursday, January 13, 2005 8:00 PM
To: 'Vazman@aol.com'; Group Study
Subject: RE: BGP peering using secondary IP addresses ?!...

Hello,

My take on it:
1) PBR to loopback - "ip local policy route-map" and route-map should have
match on BGP and "set interface LoXX"
2) "ip nat inside" on that loopback
3) "ip nat inside source static" to translate primary into secondary
4) "ip nat outside" on the outgoing interface

Don't have a rack to test it at the moment :-]

Anyone tell me why it shouldn't work?

HTH,
Cheers
Alex

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]
Sent: 13 January 2005 17:33
To: micsoniu@telus.net; Group Study
Subject: Re: BGP peering using secondary IP addresses ?!...

By default, BGP will use the IP address of the outgoing interface as the
source. The command "update-source" does not apply in this case as the
interface is still the same. The only thing that I can think of is to use
the BGP peering address as the primary address.

Good scenario btw.

• Next message: Brant I. Stevens: "Re: IE lab 15 - BGP over isdn"
• Previous message: Joe Chang: "DLSW circuit testing ... without PCs?"
• Maybe in reply to: micsoniu@telus.net: "BGP peering using secondary IP addresses ?!..."
• Next in thread: steve.skinner@uk.pwc.com: "RE: BGP peering using secondary IP addresses ?!..."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Wed Feb 02 2005 - 22:10:22 GMT-3