Dear All,
Sorry for delay, Actually my ISP took some time.
Here are configuration of both the routers
I can able to reach my BIL LAN interface from ASCS router, but not vice
versa, Attached both router configs please help me out to resolve this
issue.
Many Thanks
Mateen
On Tue, Aug 12, 2014 at 11:08 PM, Alexei Monastyrnyi <alexeim73_at_gmail.com>
wrote:
> Joe,
> please also specify what your LAN subnets are, in case of 172.16.31.0
> which is on one of your Gig interfaces, the BGP network statement also has
> to reflect its mask. By default 172.16 would be advertised with /16 mask
> which is probably not in your RIB..
>
> Cheers
> A.
>
> On 8/9/2014 8:21 PM, Rakesh M wrote:
>
> router bgp 65455
> bgp log-neighbor-changes
> network 10.10.0.0
> network 10.10.200.0
> network 10.10.201.0
> network 10.10.215.0
> network 172.16.31.0
>
> 10.10.0.0 is this your lan network which not able to reach ? i see there is
> a subnet mask variation vs bgp defined network command in Router-1
>
> -
> Regards
> Rakesh M
>
>
>
> On Sat, Aug 9, 2014 at 11:25 PM, Joe Sanchez <marco207p_at_gmail.com> <marco207p_at_gmail.com> wrote:
>
>
> Mateen,
>
>
> Run the below command on each CPE edge router to see if you are
> advertising the proper networks.
>
> Show ip bgp neighbors 192.168.101.1 advertised-routes
>
> If you are advertising all the propers routes, then I would check my LDP
> neighbors and the most common mistake for scenarios like this is that the
> MPLS backbone LDP LSR9s are not using /32 loopback addresses for their ldp
> router-id9s.
>
> Next: Check that your route-targets are import/export correctly.
>
> Let us know how it goes
>
>
> Best Regards,
> Joe Sanchez
>
>
>
>
>
>
> On 8/8/14, 3:44 PM, "Mateen Taj" <taj.mateen_at_gmail.com> <taj.mateen_at_gmail.com> wrote:
>
>
> Dear Expert,
>
> Please help me out to know on below configuration , I'm able to reach WAN
> interface from both side but not able to reach LAN, is there anything
> missing in my config
>
> Many Thank
> Mateen
>
> Router1#
> no ipv6 cef
> ip source-route
> ip cef
> !
> !
> !
> interface Embedded-Service-Engine0/0
> no ip address
> shutdown
> !
> interface GigabitEthernet0/0
> description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-GE 0/0$
> ip address 172.16.31.2 255.255.255.0
> duplex auto
> speed auto
> !
> interface GigabitEthernet0/1
> description Link-Etisalat
> ip address 192.168.101.150 255.255.255.252
> duplex auto
> speed auto
> !
> router bgp 65455
> bgp log-neighbor-changes
> network 10.10.0.0
> network 10.10.200.0
> network 10.10.201.0
> network 10.10.215.0
> network 172.16.31.0
> network 192.168.101.148 mask 255.255.255.252
> neighbor 192.168.101.1 remote-as 64517
> !
> ip forward-protocol nd
> !
> ip http server
> ip http authentication local
> ip http secure-server
> ip http timeout-policy idle 60 life 86400 requests 10000
> !
> ip route 10.10.0.0 255.255.0.0 172.16.31.1
> ip route 172.16.101.0 255.255.255.0 192.168.101.149
> ip route 172.16.102.0 255.255.255.0 192.168.101.149
> ip route 192.168.168.0 255.255.255.0 192.168.101.149
> !
> !
> !
> !
> control-plane
> !
> !
> banner exec ^C
> % Password expiration warning.
> -----------------------------------------------------------------------
> C
> -----------------------------------------------------------------------
> ^C
>
>
> User Access Verification
> Password:
> Password:
> Router2#
> Current configuration : 1952 bytes
> !
> version 12.4
> service timestamps debug datetime msec
> service timestamps log datetime msec
> !
> !
> interface FastEthernet0/0
> description LAN
> ip address 172.31.0.3 255.255.255.0
> duplex auto
> speed auto
> !
> interface FastEthernet0/1
> description WAN-Link to Etisalat
> ip address 192.168.30.102 255.255.255.252
> duplex auto
> speed auto
> !
> router bgp 65450
> no synchronization
> bgp log-neighbor-changes
> network 172.16.101.0 mask 255.255.255.0
> network 172.16.102.0 mask 255.255.255.0
> network 172.31.0.0 mask 255.255.255.0
> network 192.168.30.100 mask 255.255.255.252
> network 192.168.168.0
> neighbor 192.168.30.101 remote-as 64517
> no auto-summary
> !
> ip forward-protocol nd
> ip route 10.10.200.0 255.255.255.0 192.168.30.101
> ip route 10.10.201.0 255.255.255.0 192.168.30.101
> ip route 10.10.215.0 255.255.255.0 192.168.30.101
> ip route 132.142.0.0 255.255.0.0 192.168.30.101
> ip route 133.120.0.0 255.255.0.0 192.168.30.101
> ip route 134.120.0.0 255.255.0.0 192.168.30.101
> ip route 135.120.0.0 255.255.0.0 192.168.30.101
> ip route 136.120.0.0 255.255.0.0 192.168.30.101
> ip route 136.146.0.0 255.255.0.0 192.168.30.101
> ip route 138.148.0.0 255.255.0.0 192.168.30.101
> ip route 172.16.101.0 255.255.255.0 172.31.0.1
> ip route 172.16.102.0 255.255.255.0 172.31.0.1
> ip route 172.16.102.0 255.255.255.0 192.168.168.13
> ip route 172.16.102.0 255.255.255.0 192.168.168.155
> ip route 192.168.168.0 255.255.255.0 172.31.0.1
> !
> !
> ip http server
> ip http timeout-policy idle 600 life 86400 requests 10000
> !
> !
> !
> control-plane
> !
> !
>
> !
> scheduler allocate 20000 1000
> !
> end
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:http://www.groupstudy.com/list/CCIELab.html
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:http://www.groupstudy.com/list/CCIELab.html
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at: http://www.groupstudy.com/list/CCIELab.html
of 15 using the following command.
username <myuser> privilege 15 secret 0 <mypassword>
Replace <myuser> and <mypassword> with the username and password you want to
use.
-----------------------------------------------------------------------
ASCS-MPLS-RTR#sh run
Building configuration...
Current configuration : 5469 bytes
!
! Last configuration change at 10:18:52 UTC Sun Sep 14 2014
! NVRAM config last updated at 06:54:51 UTC Sun Sep 14 2014
! NVRAM config last updated at 06:54:51 UTC Sun Sep 14 2014
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname ASCS-MPLS-RTR
!
boot-start-marker
boot-end-marker
!
!
logging buffered 51200 warnings
!
no aaa new-model
!
no ipv6 cef
ip source-route
ip cef
!
!
!
interface GigabitEthernet0/0
description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-GE 0/0$
ip address 172.16.31.2 255.255.255.0
duplex auto
speed auto
!
interface GigabitEthernet0/1
description Link-Etisalat
ip address 192.168.101.150 255.255.255.252
duplex auto
speed auto
!
router bgp 65455
bgp log-neighbor-changes
network 10.10.0.0
network 172.16.31.0
network 192.168.101.148 mask 255.255.255.252
neighbor 192.168.101.149 remote-as 64517
!
ip forward-protocol nd
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
ip route 10.10.0.0 255.255.0.0 172.16.31.1
ip route 172.16.101.0 255.255.255.0 192.168.101.149
ip route 172.16.102.0 255.255.255.0 192.168.101.149
ip route 172.31.0.0 255.255.255.0 192.168.101.149
ip route 192.168.168.0 255.255.255.0 192.168.101.149
!
!
!
!
control-plane
!
!
banner exec ^C
% Password expiration warning.
-----------------------------------------------------------------------
^C
!
line con 0
login
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
privilege level 15
login
transport input telnet ssh
!
scheduler allocate 20000 1000
end
ASCS-MPLS-RTR#sh ip route
ASCS-MPLS-RTR#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
10.0.0.0/16 is subnetted, 1 subnets
S 10.10.0.0 [1/0] via 172.16.31.1
B 132.142.0.0/16 [20/0] via 192.168.101.149, 01:30:55
B 133.120.0.0/16 [20/0] via 192.168.101.149, 01:30:55
B 134.120.0.0/16 [20/0] via 192.168.101.149, 01:30:55
B 135.120.0.0/16 [20/0] via 192.168.101.149, 01:30:55
B 135.145.0.0/16 [20/0] via 192.168.101.149, 01:30:55
B 136.120.0.0/16 [20/0] via 192.168.101.149, 01:30:55
B 136.146.0.0/16 [20/0] via 192.168.101.149, 01:30:55
B 138.148.0.0/16 [20/0] via 192.168.101.149, 01:30:55
172.16.0.0/16 is variably subnetted, 6 subnets, 2 masks
C 172.16.31.0/24 is directly connected, GigabitEthernet0/0
L 172.16.31.2/32 is directly connected, GigabitEthernet0/0
C 172.16.33.0/24 is directly connected, Loopback0
L 172.16.33.1/32 is directly connected, Loopback0
S 172.16.101.0/24 [1/0] via 192.168.101.149
S 172.16.102.0/24 [1/0] via 192.168.101.149
172.31.0.0/24 is subnetted, 1 subnets
S 172.31.0.0 [1/0] via 192.168.101.149
192.168.30.0/30 is subnetted, 1 subnets
B 192.168.30.100 [20/0] via 192.168.101.149, 01:30:55
192.168.101.0/24 is variably subnetted, 3 subnets, 2 masks
B 192.168.101.0/30 [20/0] via 192.168.101.149, 00:01:42
C 192.168.101.148/30 is directly connected, GigabitEthernet0/1
L 192.168.101.150/32 is directly connected, GigabitEthernet0/1
S 192.168.168.0/24 [1/0] via 192.168.101.149
ASCS-MPLS-RTR#ping
ASCS-MPLS-RTR#ping 172.31.0.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.31.0.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/5/8 ms
User Access Verification
Password:
BIL-To-Terazo>en
Password:
BIL-To-Terazo#sh run
Building configuration...
Current configuration : 1797 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname BIL-To-Terazo
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$31uk$YdGxHxcxkwGhjbjTqgKBm/
!
no aaa new-model
!
!
ip cef
!
!
multilink bundle-name authenticated
!
!
!
!
!
interface FastEthernet0/0
description LAN
ip address 172.31.0.3 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
description WAN-Link to Etisalat
ip address 192.168.30.102 255.255.255.252
duplex auto
speed auto
!
router bgp 65450
no synchronization
bgp log-neighbor-changes
network 172.16.101.0 mask 255.255.255.0
network 172.16.102.0 mask 255.255.255.0
network 172.31.0.0 mask 255.255.255.0
network 192.168.30.100 mask 255.255.255.252
network 192.168.168.0
neighbor 192.168.30.101 remote-as 64517
no auto-summary
!
ip forward-protocol nd
ip route 10.10.0.0 255.255.255.0 192.168.30.101
ip route 132.142.0.0 255.255.0.0 192.168.30.101
ip route 133.120.0.0 255.255.0.0 192.168.30.101
ip route 134.120.0.0 255.255.0.0 192.168.30.101
ip route 135.120.0.0 255.255.0.0 192.168.30.101
ip route 136.120.0.0 255.255.0.0 192.168.30.101
ip route 136.146.0.0 255.255.0.0 192.168.30.101
ip route 138.148.0.0 255.255.0.0 192.168.30.101
ip route 172.16.31.0 255.255.255.0 192.168.30.101
ip route 172.16.101.0 255.255.255.0 172.31.0.1
ip route 172.16.102.0 255.255.255.0 172.31.0.1
ip route 192.168.168.0 255.255.255.0 172.31.0.1
!
!
ip http server
ip http timeout-policy idle 600 life 86400 requests 10000
!
!
!
control-plane
!
!
li
end
BIL-To-Terazo#sh ip rou
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
S 136.146.0.0/16 [1/0] via 192.168.30.101
S 136.120.0.0/16 [1/0] via 192.168.30.101
S 138.148.0.0/16 [1/0] via 192.168.30.101
192.168.30.0/30 is subnetted, 1 subnets
C 192.168.30.100 is directly connected, FastEthernet0/1
172.16.0.0/24 is subnetted, 3 subnets
S 172.16.31.0 [1/0] via 192.168.30.101
S 172.16.101.0 [1/0] via 172.31.0.1
S 172.16.102.0 [1/0] via 172.31.0.1
172.31.0.0/24 is subnetted, 1 subnets
C 172.31.0.0 is directly connected, FastEthernet0/0
10.0.0.0/24 is subnetted, 1 subnets
S 10.10.0.0 [1/0] via 192.168.30.101
S 132.142.0.0/16 [1/0] via 192.168.30.101
S 133.120.0.0/16 [1/0] via 192.168.30.101
S 134.120.0.0/16 [1/0] via 192.168.30.101
S 192.168.168.0/24 [1/0] via 172.31.0.1
S 135.120.0.0/16 [1/0] via 192.168.30.101
B 135.145.0.0/16 [20/0] via 192.168.30.101, 7w0d
192.168.101.0/30 is subnetted, 2 subnets
B 192.168.101.0 [20/0] via 192.168.30.101, 7w0d
B 192.168.101.148 [20/0] via 192.168.30.101, 4d14h
BIL-To-Terazo#ping 172.16.31.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.31.2, timeout is 2 seconds:
UUUUU
Success rate is 0 percent (0/5)
BIL-To-Terazo#BIL-To-Terazo#ping 192.168.101.150
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.101.150, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms
BIL-To-Terazo#
Blogs and organic groups at http://www.ccie.net
Received on Sun Sep 14 2014 - 17:16:14 ART
This archive was generated by hypermail 2.2.0 : Wed Oct 01 2014 - 06:38:37 ART