MPLS TE

MPLS TE 

interface Tunnel0

 ip unnumbered Loopback0

 tunnel mode mpls traffic-eng

 tunnel destination 10.10.10.5

 tunnel mpls traffic-eng autoroute announce

 tunnel mpls traffic-eng priority 3 3

 tunnel mpls traffic-eng bandwidth 60000

 tunnel mpls traffic-eng path-option 1 dynamic

end

interface Tunnel1

 ip unnumbered Loopback0

 tunnel mode mpls traffic-eng

 tunnel destination 10.10.10.5

 tunnel mpls traffic-eng autoroute announce

 tunnel mpls traffic-eng priority 2 2

 tunnel mpls traffic-eng bandwidth 50000

 tunnel mpls traffic-eng path-option 1 explicit name red1

ip explicit-path name red1 enable

 next-address 10.0.0.14

 next-address 10.0.0.6

 next-address 10.0.0.10

 next-address 10.0.0.18

R4#sh mpls traffic-eng tunnels

P2P TUNNELS/LSPs:

Name: R4_t0                               (Tunnel0) Destination: 10.10.10.5
  Status:
    Admin: up         Oper: down   Path: not valid   Signalling: Down
    path option 1, type dynamic

  Config Parameters:
    Bandwidth: 60000    kbps (Global)  Priority: 3  3   Affinity: 0x0/0xFFFF
    Metric Type: TE (default)
    AutoRoute: enabled  LockDown: disabled Loadshare: 60000 [0] bw-based
    auto-bw: disabled

  History:
    Tunnel:
      Time since created: 4 minutes, 7 seconds
      Time since path change: 4 seconds
      Number of LSP IDs (Tun_Instances) used: 34
    Prior LSP: [ID: 34]
      ID: path option 1 [34]
      Removal Trigger: path error
      Last Error: RSVP:: Path Error from 10.10.10.4: Admission control Failure: Requested bandwidth unav

Name: R4_t1                               (Tunnel1) Destination: 10.10.10.5
  Status:
    Admin: up         Oper: up     Path: valid       Signalling: connected
    path option 1, type explicit red1 (Basis for Setup, path weight 4)

  Config Parameters:
    Bandwidth: 50000    kbps (Global)  Priority: 2  2   Affinity: 0x0/0xFFFF
    Metric Type: TE (default)
    AutoRoute: enabled  LockDown: disabled Loadshare: 50000 [40000] bw-based
    auto-bw: disabled
  Active Path Option Parameters:
    State: explicit path option 1 is active
    BandwidthOverride: disabled  LockDown: disabled  Verbatim: disabled


  InLabel  :  -
  OutLabel : FastEthernet1/0, 16
  Next Hop : 10.0.0.14
  RSVP Signalling Info:
       Src 10.10.10.4, Dst 10.10.10.5, Tun_Id 1, Tun_Instance 9
    RSVP Path Info:
      My Address: 10.0.0.13
      Explicit Route: 10.0.0.14 10.0.0.5 10.0.0.6 10.0.0.9
                      10.0.0.10 10.0.0.17 10.0.0.18 10.10.10.5
      Record   Route:   NONE
      Tspec: ave rate=50000 kbits, burst=1000 bytes, peak rate=50000 kbits
    RSVP Resv Info:
      Record   Route:   NONE
      Fspec: ave rate=50000 kbits, burst=1000 bytes, peak rate=50000 kbits
  History:
    Tunnel:
      Time since created: 4 minutes, 7 seconds
      Time since path change: 3 minutes, 6 seconds
      Number of LSP IDs (Tun_Instances) used: 9
    Current LSP: [ID: 9]
      Uptime: 3 minutes, 6 seconds

P2MP TUNNELS:

P2MP SUB-LSPS:

ANSIBLE Routers Cisco

En este laboratorio vamos a usar ansible para sacar el backup de los routers y guardarlo en una carpeta (/bakups)

1. Instalacion de ansible

sudo apt update

sudo apt install software-properties-common

sudo apt-add-repository --yes --update ppa:ansible/ansible

sudo apt install ansible

2. Crear  el archivo de configuracion de ansible

tutorial@tutorial:~/myproject$ cat ansible.cfg
[defaults]
inventory      = ./hosts.cfg

3. Creacion del archivo de inventario (hosts.cfg)

tutorial@tutorial:~/myproject$ cat hosts.cfg
[all:vars]
ansible user=tutorial
ansible_ssh_pass=tutorial
ansible_network_os=ios
ansible_connection=network_cli

[Routers]
R1 ansible_host=1.1.1.1
R2 ansible_host=2.2.2.2
R3 ansible_host=3.3.3.3

4 Creacion de playbook

tutorial@tutorial:~/myproject$ cat backup.yml
---
- name: Backup
  hosts: Routers
  gather_facts: False
  connection: local
  tasks:
          - name: Show run
            ios_command:
                    commands:
                        - show run
            register: config

          - name: save output
            copy:
                    content: "{{config.stdout[0]}}"
                    dest: "./backups/{{inventory_hostname}}-config.txt"

5. Ejecucion del playbook

tutorial@tutorial:~/myproject$ ansible-playbook backup.yml

PLAY [Backup] ******************************************************************

TASK [Show run] ****************************************************************


TASK [save output] *************************************************************
ok: [R3]
ok: [R2]
ok: [R1]

PLAY RECAP *********************************************************************
R1                         : ok=2    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
R2                         : ok=2    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

R3                         : ok=2    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

6. Mostrar backups de configuraciones


tutorial@tutorial:~/myproject$ ls -al backups/
total 20
drwxrwxr-x 2 tutorial tutorial 4096 Mar 25 03:30 .
drwxrwxr-x 3 tutorial tutorial 4096 Mar 25 03:31 ..
-rw-rw-r-- 1 tutorial tutorial 1351 Mar 25 03:30 R1-config.txt
-rw-rw-r-- 1 tutorial tutorial 1319 Mar 25 03:30 R2-config.txt
-rw-rw-r-- 1 tutorial tutorial 1320 Mar 25 03:30 R3-config.txt

LISP basico

R1#show ip lisp map-cache
LISP IPv4 Mapping Cache for EID-table default (IID 0), 2 entries

0.0.0.0/0, uptime: 00:09:23, expires: never, via static send map-request
  Negative cache entry, action: send-map-request
192.168.12.0/24, uptime: 00:06:40, expires: 23:53:12, via map-reply, complete
  Locator      Uptime    State      Pri/Wgt
  192.168.1.2  00:06:40  up          10/50

R3#sh lisp site

LISP Site Registration Information

Site Name      Last      Up   Who Last             Inst     EID Prefix

               Register       Registered           ID

SITE1          00:00:25  yes  192.168.1.1                   192.168.11.0/24

SITE2          00:00:26  yes  192.168.1.2                   192.168.12.0/24

LISP Encapsulation Map-Request 

LISP Map-Register

LISP Map-Reply

OSPF MULTIAREA DMVPN TRACK

.

1 DMVPN R5:HUB;   

     R1, R2, R3  SPOKEs

2. Configurar OSPF Multiarea
R5 Interfaces lo 10:     192.168.10.1/27
                   lo 11:     192.168.11.1/24
                    lo 12      192.168.12.1/24
                    lo 13:     192.168.13.1/24
Sumarizar

3. IP SLA si lo 0 de R5 este activo el trafico de R7 vaya por R1, en caso contrario que sea R2

OSPF Multiarea

OSPF Multiarea

                                        Area 10 totally stub area
                                        Area 30 totally nssa area

BGP ebgp Multihop , next-hop-self Route-reflector

BGP  ebgp  multi-hop, Route reflector , next-hop-self

R1
router bgp 100
 bgp log-neighbor-changes
 neighbor 192.168.10.1 remote-as 100

router ospf 1

 network 1.1.1.0 0.0.0.255 area 0

 network 192.168.10.0 0.0.0.3 area 0

R2
router bgp 100
 bgp log-neighbor-changes
 neighbor 192.168.10.2 remote-as 100
 neighbor 192.168.10.2 route-reflector-client
 neighbor 192.168.10.5 remote-as 100
 neighbor 192.168.10.5 route-reflector-client
router ospf 1
 network 2.2.2.0 0.0.0.255 area 0
 network 192.168.10.0 0.0.0.3 area 0
 network 192.168.10.4 0.0.0.3 area 0

R3

R3#sh run | sec bgp
router bgp 100
 bgp log-neighbor-changes
 neighbor 192.168.10.6 remote-as 100
 neighbor 192.168.10.6 route-reflector-client
 neighbor 192.168.10.10 remote-as 100
 neighbor 192.168.10.10 route-reflector-client

router ospf 1
 network 3.3.3.0 0.0.0.255 area 0
 network 192.168.10.4 0.0.0.3 area 0
 network 192.168.10.8 0.0.0.3 area 0

R4#sh run | sec bgp
router bgp 100
 bgp log-neighbor-changes
 network 1.1.1.0 mask 255.255.255.0
 network 2.2.2.0 mask 255.255.255.0
 network 3.3.3.0 mask 255.255.255.0
 network 4.4.4.0 mask 255.255.255.0
 network 192.168.10.0 mask 255.255.255.252
 network 192.168.10.4 mask 255.255.255.252
 network 192.168.10.8 mask 255.255.255.252
 neighbor 5.5.5.5 remote-as 200
 neighbor 5.5.5.5 ebgp-multihop 2
 neighbor 5.5.5.5 update-source Loopback0
 neighbor 192.168.10.9 remote-as 100
 neighbor 192.168.10.9 next-hop-self

router ospf 1
 network 4.4.4.0 0.0.0.255 area 0
 network 192.168.10.8 0.0.0.3 area 0

R5
router bgp 200
 bgp log-neighbor-changes
 network 5.5.5.0 mask 255.255.255.0
 network 6.6.6.0 mask 255.255.255.0
 network 172.16.11.0 mask 255.255.255.252
 neighbor 4.4.4.4 remote-as 100
 neighbor 4.4.4.4 ebgp-multihop 2
 neighbor 4.4.4.4 update-source Loopback0
 neighbor 172.16.11.2 remote-as 200
 neighbor 172.16.11.2 next-hop-self

router eigrp 1

 network 5.5.5.0 0.0.0.255

 network 172.16.11.0 0.0.0.3

DMVPN IPSEC

SPOKE1

crypto isakmp policy 10
 encr aes
 authentication pre-share
 group 5
crypto isakmp key cisco123 address 0.0.0.0

crypto ipsec transform-set TSET esp-aes esp-sha-hmac

crypto ipsec profile cisco
 set security-association lifetime seconds 900
 set transform-set TSET
interface Loopback0
 ip address 1.1.1.1 255.255.255.0

interface Tunnel0
 ip address 192.168.0.1 255.255.255.0
 no ip redirects
 ip nhrp map 192.168.0.3 200.0.0.9
 ip nhrp map multicast 200.0.0.9
 ip nhrp network-id 100
 ip nhrp nhs 192.168.0.3
 ip ospf network broadcast
 ip ospf priority 0
 tunnel source Ethernet0/0
 tunnel mode gre multipoint
 tunnel protection ipsec profile cisco

HUB

====

crypto isakmp policy 10

 encr aes

 authentication pre-share

 group 5

crypto isakmp key cisco123 address 0.0.0.0

crypto ipsec transform-set TSET esp-aes esp-sha-hmac

crypto ipsec profile cisco

 set security-association lifetime seconds 900

 set transform-set TSET

interface Loopback0

 ip address 3.3.3.3 255.255.255.0

interface Tunnel0

 ip address 192.168.0.3 255.255.255.0

 no ip redirects

 ip nhrp map multicast dynamic

 ip nhrp map multicast 200.0.0.9

 ip nhrp network-id 100

 ip ospf network broadcast

 ip ospf priority 10

 tunnel source Ethernet0/0

 tunnel mode gre multipoint

 tunnel protection ipsec profile cisco