7. Appendix: complete configurationΒΆ
Listed here is the CLI configuration for the configuration discussed in this use case.
border1 running config# show config nodefault
vrf main
routing
bgp
as 65200
router-id 172.16.200.1
address-family
ipv4-unicast
redistribute connected
..
..
neighbor 172.16.200.3
remote-as 65200
neighbor-description PE1
update-source loopback0
address-family
ipv4-unicast
soft-reconfiguration-inbound true
route-map out route-map-name BGP-REDISTRIBUTE-INTERNAL
..
..
..
neighbor 172.16.200.4
remote-as 65200
neighbor-description PE2
update-source loopback0
address-family
ipv4-unicast
nexthop-self
force true
..
soft-reconfiguration-inbound true
route-map out route-map-name BGP-REDISTRIBUTE-INTERNAL
..
..
..
neighbor 3.3.3.1
remote-as 300
neighbor-description Transit3-IPv4
address-family
ipv4-unicast
prefix-list in prefix-list-name filter-bogons
soft-reconfiguration-inbound true
route-map out route-map-name TRANSIT-3-OUT
..
..
..
neighbor 1.1.1.1
remote-as 100
neighbor-description Transit1-IPv4
address-family
ipv4-unicast
prefix-list in prefix-list-name filter-bogons
soft-reconfiguration-inbound true
route-map out route-map-name TRANSIT-1-OUT
..
..
..
neighbor 2.2.2.1
remote-as 200
neighbor-description Transit2-IPv4
address-family
ipv4-unicast
prefix-list in prefix-list-name filter-bogons
soft-reconfiguration-inbound true
route-map out route-map-name TRANSIT-2-OUT
..
..
..
neighbor 172.16.200.2
remote-as 65200
neighbor-description border2
update-source loopback0
address-family
ipv4-unicast
soft-reconfiguration-inbound true
..
..
..
neighbor 172.16.100.253
remote-as 65200
neighbor-description IRP
address-family
ipv4-unicast
soft-reconfiguration-inbound true
route-reflector-client true
..
ipv4-flowspec
soft-reconfiguration-inbound true
route-reflector-client true
..
..
..
..
ospf
router-id 172.16.200.1
abr-type standard
log-adjacency-changes detail
network 172.16.100.0/24 area 0
passive-interface loopback0
redistribute connected route-map FILTER-OSPF
..
..
interface
physical ntfp1
port pci-b0s4
rx-cp-protection true
tx-cp-protection true
ipv4
address 172.16.100.1/24
..
ethernet
auto-negotiate true
..
..
physical ntfp2
port pci-b0s5
rx-cp-protection true
tx-cp-protection true
ethernet
auto-negotiate true
..
..
physical ntfp3
port pci-b0s6
rx-cp-protection true
tx-cp-protection true
ethernet
auto-negotiate true
..
..
loopback loopback0
ipv4
address 172.16.200.1/32
..
..
vlan vlan1
description Transit_1
ipv4
address 1.1.1.2/24
..
vlan-id 1
link-interface ntfp3
..
vlan vlan3
description Transit_3
ipv4
address 3.3.3.2/24
..
vlan-id 3
link-interface ntfp2
..
vlan vlan2
description Transit_2
ipv4
address 2.2.2.2/24
..
vlan-id 2
link-interface ntfp3
..
vrrp vrrp1
link-interface vlan1
vrid 1
priority 150
preempt-delay 60
track-fast-path true
virtual-address 1.1.1.4/24
..
vrrp vrrp2
link-interface vlan2
vrid 2
priority 150
preempt-delay 60
track-fast-path true
virtual-address 2.2.2.4/24
..
vrrp vrrp3
link-interface vlan3
vrid 3
priority 150
preempt-delay 60
track-fast-path true
virtual-address 3.3.3.4/24
..
vrrp vrrp_internal
link-interface ntfp1
vrid 200
priority 150
preempt-delay 60
track-fast-path true
virtual-address 172.16.100.5/24
..
..
kpi
telegraf
influxdb-output url http://172.16.100.254:8086 database telegraf
..
..
sflow
agent-interface loopback0
sflow-collector 172.16.100.253
sflow-collector 172.16.100.254
sflow-interface vlan1
sflow-interface vlan3
sflow-interface vlan2
sflow-sampling speed 40G
sflow-sampling speed 10G rate 10000
..
snmp
static-info
location paris
contact noc@6wind.com
..
community local
authorization read-only
source 127.0.0.1
..
community ems
authorization read-only
source 172.16.100.254
..
..
vrrp
router-id border1
group vrrp_group
instance vrrp1
instance vrrp2
instance vrrp3
instance vrrp_internal
..
..
..
system
fast-path
port pci-b0s4
port pci-b0s5
port pci-b0s6
..
kpi
..
..
routing
ipv4-prefix-list prefixes-local-originated
seq 10 address 200.200.208.0/20 policy permit le 32
..
ipv4-prefix-list filter-bogons
seq 5 address 0.0.0.0/8 policy deny le 32
seq 10 address 10.0.0.0/8 policy deny le 32
seq 15 address 127.0.0.0/8 policy deny le 32
seq 20 address 169.254.0.0/16 policy deny le 32
seq 25 address 172.16.0.0/12 policy deny le 32
seq 35 address 192.168.0.0/16 policy deny le 32
seq 40 address 224.0.0.0/3 policy deny le 32
seq 45 address 0.0.0.0/0 policy deny ge 25
seq 50 address 0.0.0.0/0 policy permit le 32
..
ipv4-prefix-list BGP-endpoints
seq 1 address 172.16.200.0/24 policy permit le 32
..
route-map TRANSIT-1-OUT
seq 1
policy permit
match
ip
address
prefix-list prefixes-local-originated
..
..
..
set
ip
next-hop 1.1.1.4
..
..
..
..
route-map TRANSIT-2-OUT
seq 1
policy permit
match
ip
address
prefix-list prefixes-local-originated
..
..
..
set
ip
next-hop 2.2.2.4
..
..
..
..
route-map TRANSIT-3-OUT
seq 1
policy permit
match
ip
address
prefix-list prefixes-local-originated
..
..
..
set
ip
next-hop 3.3.3.4
..
..
..
..
route-map FILTER-OSPF
seq 10
policy permit
match
ip
address
prefix-list BGP-endpoints
..
..
..
..
..
route-map BGP-REDISTRIBUTE-INTERNAL
seq 10
policy deny
match
ip
address
prefix-list BGP-endpoints
..
..
..
..
seq 20
policy permit
set
ip
next-hop 172.16.100.5
..
..
..
..
bgp
..
..