Re: Strange VPN reachability issue from Bryan Bartik on 2009-06-05 (Ccielab archives 06/2009)

From: Bryan Bartik <bbartik_at_ipexpert.com>
Date: Fri, 5 Jun 2009 16:13:38 -0600

Splinter, I don't think there is enough info about the topology. Is this a
carrier-supporting-carrier lab? It seems so, since AS1010 appears to be on
either side of AS10.

On Fri, Jun 5, 2009 at 4:25 AM, Splinter <splinter330_at_gmail.com> wrote:

> Guys,
>
> here the configs as requested: Sorry for the long post. I really appreciate
> your help.
>
> R7:
> interface FastEthernet0/0.27
> encapsulation dot1Q 27
> ip address 10.10.27.7 255.255.255.0
> ip router isis
> mpls ip
> mpls traffic-eng tunnels
> isis circuit-type level-1
> isis network point-to-point
> isis csnp-interval 10
> ip rsvp bandwidth 25000
> !
> interface FastEthernet0/0.78
> encapsulation dot1Q 78
> ip address 10.10.78.7 255.255.255.0
> ip router isis
> mpls ip
> mpls traffic-eng tunnels
> isis circuit-type level-1
> isis network point-to-point
> isis csnp-interval 10
> ip rsvp bandwidth 25000
> !
> interface FastEthernet0/0.79
> encapsulation dot1Q 79
> ip address 10.10.79.7 255.255.255.0
> ip router isis
> mpls ip
> isis circuit-type level-1
> isis network point-to-point
> isis csnp-interval 10
>
> router bgp 10
> bgp router-id 172.10.0.7
> no bgp default ipv4-unicast
> bgp log-neighbor-changes
> neighbor 172.10.0.2 remote-as 10
> neighbor 172.10.0.2 update-source Loopback0
> neighbor 172.10.0.9 remote-as 10
> neighbor 172.10.0.9 update-source Loopback0
> !
> address-family ipv4
> neighbor 172.10.0.2 activate
> neighbor 172.10.0.2 send-community
> no auto-summary
> no synchronization
> network 172.10.0.7 mask 255.255.255.255
> exit-address-family
> !
> address-family vpnv4
> neighbor 172.10.0.9 activate
> neighbor 172.10.0.9 send-community extended
> exit-address-family
> !
> address-family ipv4 vrf ABC
> redistribute ospf 100 vrf ABC match internal external 1 external 2
> no synchronization
> exit-address-family
>
>
> R8:
> interface FastEthernet0/0.28
> encapsulation dot1Q 28
> ip address 10.10.28.8 255.255.255.0
> ip router isis
> mpls ip
> isis circuit-type level-1
> isis network point-to-point
> isis csnp-interval 10
> !
> interface FastEthernet0/0.78
> encapsulation dot1Q 78
> ip address 10.10.78.8 255.255.255.0
> ip router isis
> mpls ip
> mpls traffic-eng tunnels
> isis circuit-type level-1
> isis network point-to-point
> isis csnp-interval 10
> ip rsvp bandwidth 25000
>
> router bgp 10
> bgp router-id 172.10.0.8
> no bgp default ipv4-unicast
> bgp log-neighbor-changes
> neighbor 172.10.0.2 remote-as 10
> neighbor 172.10.0.2 update-source Loopback0
> neighbor 172.10.0.9 remote-as 10
> neighbor 172.10.0.9 update-source Loopback0
> !
> address-family ipv4
> neighbor 172.10.0.2 activate
> neighbor 172.10.0.2 send-community
> no auto-summary
> no synchronization
> network 172.10.0.8 mask 255.255.255.255
> exit-address-family
> !
> address-family vpnv4
> neighbor 172.10.0.9 activate
> neighbor 172.10.0.9 send-community extended
> exit-address-family
> !
> address-family ipv4 vrf ABC
> redistribute ospf 100 vrf ABC match internal external 1 external 2
> route-map SET_LOCAL
> no synchronization
> exit-address-family
>
> R2:
> interface FastEthernet0/0.27
> encapsulation dot1Q 27
> ip address 10.10.27.2 255.255.255.0
> ip router isis
> mpls ip
> mpls traffic-eng tunnels
> isis circuit-type level-1
> isis network point-to-point
> isis csnp-interval 10
> ip rsvp bandwidth 25000
> !
> interface FastEthernet0/0.28
> encapsulation dot1Q 28
> ip address 10.10.28.2 255.255.255.0
> ip router isis
> mpls ip
> isis circuit-type level-1
> isis network point-to-point
> isis csnp-interval 10
> !
> interface FastEthernet0/0.29
> encapsulation dot1Q 29
> ip address 10.10.29.2 255.255.255.0
> ip router isis
> mpls ip
> mpls traffic-eng tunnels
> isis circuit-type level-1
> isis network point-to-point
> isis hello-interval minimal
> no isis hello padding
> isis csnp-interval 10
> ip rsvp bandwidth 25000
>
>
> router bgp 10
> bgp router-id 172.10.0.2
> no bgp default ipv4-unicast
> bgp log-neighbor-changes
> neighbor 10.10.24.4 remote-as 1010
> neighbor 172.10.0.7 remote-as 10
> neighbor 172.10.0.7 update-source Loopback0
> neighbor 172.10.0.8 remote-as 10
> neighbor 172.10.0.8 update-source Loopback0
> neighbor 172.10.0.9 remote-as 10
> neighbor 172.10.0.9 update-source Loopback0
> !
> address-family ipv4
> neighbor 10.10.24.4 activate
> neighbor 10.10.24.4 send-community
> neighbor 172.10.0.7 activate
> neighbor 172.10.0.7 send-community
> neighbor 172.10.0.7 route-reflector-client
> neighbor 172.10.0.7 next-hop-self
> neighbor 172.10.0.8 activate
> neighbor 172.10.0.8 send-community
> neighbor 172.10.0.8 route-reflector-client
> neighbor 172.10.0.8 next-hop-self
> neighbor 172.10.0.9 activate
> neighbor 172.10.0.9 send-community
> neighbor 172.10.0.9 route-reflector-client
> neighbor 172.10.0.9 next-hop-self
> no auto-summary
> no synchronization
> network 172.10.0.2 mask 255.255.255.255
> exit-address-family
> !
> address-family vpnv4
> neighbor 10.10.24.4 activate
> neighbor 10.10.24.4 send-community extended
> neighbor 172.10.0.9 activate
> neighbor 172.10.0.9 send-community extended
> neighbor 172.10.0.9 next-hop-self
> exit-address-family
> !
> address-family ipv4 vrf ABC
> redistribute rip
> no synchronization
> exit-address-family
>
>
> R9:
> interface FastEthernet0/0.29
> encapsulation dot1Q 29
> ip address 10.10.29.9 255.255.255.0
> ip router isis
> mpls ip
> mpls traffic-eng tunnels
> isis circuit-type level-1
> isis network point-to-point
> isis hello-interval minimal
> no isis hello padding
> isis csnp-interval 10
> ip rsvp bandwidth 25000
> !
> interface FastEthernet0/0.79
> encapsulation dot1Q 79
> ip address 10.10.79.9 255.255.255.0
> ip router isis
> mpls ip
> isis circuit-type level-1
> isis network point-to-point
> isis csnp-interval 10
>
> router bgp 10
> bgp router-id 172.10.0.9
> no bgp default ipv4-unicast
> bgp log-neighbor-changes
> neighbor 10.10.69.6 remote-as 1010
> neighbor 172.10.0.2 remote-as 10
> neighbor 172.10.0.2 update-source Loopback0
> neighbor 172.10.0.7 remote-as 10
> neighbor 172.10.0.7 update-source Loopback0
> neighbor 172.10.0.8 remote-as 10
> neighbor 172.10.0.8 update-source Loopback0
> !
> address-family ipv4
> neighbor 10.10.69.6 activate
> neighbor 10.10.69.6 send-community
> neighbor 172.10.0.2 activate
> neighbor 172.10.0.2 send-community
> no auto-summary
> no synchronization
> network 172.10.0.9 mask 255.255.255.255
> exit-address-family
> !
> address-family vpnv4
> neighbor 10.10.69.6 activate
> neighbor 10.10.69.6 send-community extended
> neighbor 172.10.0.2 activate
> neighbor 172.10.0.2 send-community extended
> neighbor 172.10.0.2 route-reflector-client
> neighbor 172.10.0.2 next-hop-self
> neighbor 172.10.0.7 activate
> neighbor 172.10.0.7 send-community extended
> neighbor 172.10.0.7 route-reflector-client
> neighbor 172.10.0.7 next-hop-self
> neighbor 172.10.0.8 activate
> neighbor 172.10.0.8 send-community extended
> neighbor 172.10.0.8 route-reflector-client
> neighbor 172.10.0.8 next-hop-self
> exit-address-family
>
>
> R4:
> interface FastEthernet0/0.46
> encapsulation dot1Q 46
> ip address 10.10.46.4 255.255.255.0
> ip router isis
> mpls ip
> isis circuit-type level-2-only
>
> router bgp 1010
> bgp router-id 172.10.0.4
> no bgp default ipv4-unicast
> no bgp default route-target filter
> bgp log-neighbor-changes
> neighbor 10.10.24.2 remote-as 10
> neighbor 150.1.10.254 remote-as 254
> neighbor 150.1.10.254 local-as 10 no-prepend
> neighbor 172.10.0.6 remote-as 1010
> neighbor 172.10.0.6 update-source Loopback0
> !
> address-family ipv4
> neighbor 10.10.24.2 activate
> neighbor 10.10.24.2 send-community
> neighbor 10.10.24.2 route-map SET_METRIC out
> neighbor 150.1.10.254 activate
> neighbor 150.1.10.254 send-community
> neighbor 150.1.10.254 route-map SETCOMM in
> neighbor 172.10.0.6 activate
> neighbor 172.10.0.6 send-community
> neighbor 172.10.0.6 next-hop-self
> no auto-summary
> no synchronization
> network 172.10.0.4 mask 255.255.255.255
> exit-address-family
> !
> address-family vpnv4
> neighbor 10.10.24.2 activate
> neighbor 10.10.24.2 send-community extended
> neighbor 172.10.0.6 activate
> neighbor 172.10.0.6 send-community extended
> neighbor 172.10.0.6 next-hop-self
> exit-address-family
>
>
> R6:
> interface FastEthernet0/0.46
> encapsulation dot1Q 46
> ip address 10.10.46.6 255.255.255.0
> ip router isis
> mpls ip
> isis circuit-type level-2-only
>
> router bgp 1010
> bgp router-id 172.10.0.6
> no bgp default ipv4-unicast
> bgp log-neighbor-changes
> neighbor 10.10.69.9 remote-as 10
> neighbor 172.10.0.4 remote-as 1010
> neighbor 172.10.0.4 update-source Loopback0
> !
> address-family ipv4
> neighbor 10.10.69.9 activate
> neighbor 10.10.69.9 send-community
> neighbor 10.10.69.9 route-map SET_METRIC out
> neighbor 172.10.0.4 activate
> neighbor 172.10.0.4 send-community
> neighbor 172.10.0.4 next-hop-self
> no auto-summary
> no synchronization
> network 172.10.0.6 mask 255.255.255.255
> exit-address-family
> !
> address-family vpnv4
> neighbor 10.10.69.9 activate
> neighbor 10.10.69.9 send-community extended
> neighbor 172.10.0.4 activate
> neighbor 172.10.0.4 send-community extended
> neighbor 172.10.0.4 next-hop-self
> exit-address-family
> !
> address-family ipv4 vrf ABC
> no synchronization
> network 10.10.66.0 mask 255.255.255.0
> exit-address-family
>
>
> Splinter
>
>
>
>

-- 
Bryan Bartik
CCIE #23707 (R&S), CCNP
Sr. Support Engineer - IPexpert, Inc.
URL: http://www.IPexpert.com
Blogs and organic groups at http://www.ccie.net

Received on Fri Jun 05 2009 - 16:13:38 ART

This archive was generated by hypermail 2.2.0 : Wed Jul 01 2009 - 20:02:36 ART