Scenario:
The fermentum corporation has hired you to troubleshoot their international network that consists of BGP routers. There are a number of issues. Some BGP routers are unable to establish a neighbor adjacency and others are having issues with prefixes not showing up in the routing tables. You have access to all devices so it’s time to fix this network!
Goal:
- All IP addresses have been preconfigured for you.
- Do not use show run! (this will spoil the fun 🙂 use the appropiate ‘show’ and ‘debug’ commands. This will teach you the skills needed to become a true troubleshooting master.
- The EBGP neighbor adjacency between router Dhaka and Berlin is not working, fix it!
- The EBGP neighbor adjacency between router NewDelhi and Amsterdam is not working, solve this issue!
- Router Berlin is supposed to receive the 11.11.0.0/16 prefix from router Dhaka but you don’t see it in the BGP table, see if you can fix it.
- Router Amsterdam is not receiving any prefixes through BGP from within AS 2, get rid of this problem.
- Router Amsterdam is expecting the 5.5.5.0/24 prefix from router NewDelhi but you don’t see it in it’s BGP table.
- Router Amsterdam should now have 1.1.1.0/24 in its routing table, however if you try to ping it you cannot reach it…fix this.
- Whenever you send traffic from router Dhaka to NewDelhi nothing will arrive, make the required changes to fix this problem.
It took me 1000s of hours reading books and doing labs, making mistakes over and over again until I mastered all the troubleshooting issues for CCNP.
Would you like to be a master of troubleshooting too? In a short time without having to read 900 page books or google the answers to your questions and browsing through forums?
I collected all my knowledge and created a single ebook for you that has everything you need to know to become a master of troubleshooting.
You will learn all the secrets about BGP troubleshooting and more.
Does this sound interesting to you? Take a look here and let me show you how to Master CCNP TSHOOT
IOS:
c3640-jk9s-mz.124-16.bin
Topology:
Configuration Files
You need to register to download the GNS3 topology file. (Registration is free!)Once you are logged in you will find the configuration files right here.
The How to Master series helps you to understand complex topics like spanning-tree, VLANs, trunks, OSPF, EIGRP, BGP and more.
Written by René Molenaar - CCIE #41726
Hi Rene!
This one also sais that I need to register to download the files.
Thanks a lot!
They all do even if you are registered, it’s a static text. I’ll remove it 😉
Rene
Please Upload the Solution of this LAB.
I will try to do so as soon as possible.
I am stuck on the last step—could be that I’m in a hurry. However, I’m wondering if the route-reflector command could play a role here by minimizing the number of networks that have to be advertised.
I think there are a few ways to do things, some that are more elegant, others that are workable, but cumbersome.
Right ? That makes two questions.
Take a good look if the advertised networks are in the BGP and routing table of all routers. And don’t forget that IBGP has the split horizon rule…
Hello,
How to download LAB Video.please guide and suggest.
if it char gable, please share the Price detail and from where i can do payment.
CCNP – LAB
any contact number,please share.
Thanks
Anish Kumar
8800049514
Hello Rene, Thanks for this awsome site..
I am Stuck at this step – outer Amsterdam should now have 1.1.1.0/24 – please help me on this.
Desperation Frustration etc etc
I have tried all combinations for solving the 8th bullet poing "Router Amsterdam should now have 1.1.1.0/24 in its routing table, however if you try to ping it you cannot reach it"… I have re-read the BGP again.. but could not solve this.. Rene, please help solve this.
ok..I have got it.. just needed to confirm, what I did was
1. Create tunnel interface
2. Create route map (as per your iBGP blackhole video)
3. Advertise the tunnel in BGP on [b]Berlin[/b], so the recursive lookup on Dhaka can see the tunnel.
Is the 3rd step correct, I was just weary of advertising the tunnel in BGP. Please confirm
faheem – Tunnels are not required. You just need to use the neighbor x.x.x.x next-hop-self command on Berlin. You’ll use it more than once. Remember, a full mesh is required for iBGP and the fact this exists isn’t clear from the diagram. Take another look at your neighbor relationships 😉
You won’t need any tunnels for this lab. If you want some guidelines here’s what you should do:
1) Ensure all BGP neighborships are working. Think about IBGP and EBGP.
2) See if everything is advertised, if not debug why not…this could be anything. Missing network commands, distribute-lists blocking things or next-hops that are unreachable.
instead you can create the loopback interface & use network command for 3rd objective……!!!
Can anybody tell me how to fix the problem of BLACK HOLE at router paris becz it does not know about the BOTH ASN 1 & 3 route.
static route is a temporary solution, what is permanent..???
Will there be a video solution to this?
Hi Rene
Ok, since there is no video solution for this.. I did make this work, entirely.. in two different ways. (please let me know if correct)
1) Redistribute ebgp routes into IGP, this was done on Berlin and Amsterdam (Note: You may want to add redistribute static as there is a rib failure for 1.1.1.0/24)
OR
2) Get complete mesh of ibgps running.
Along with the above I used next-hop-self command where ever applicable and got rid of PROTECTION distribute-list.. 😀
Kindly suggest/validate my solution.
Hi Andy
Best solution in this case is a complete mesh of iBGP. Configuring an IGP will technically work, but it’s kinda cheating when the lab is all about BGP.
Kerry
Great lab, had lots of fun with it.
Hi Rene,
Please post the solution of this lab.
Thanks.
This was my solution:
Route reflector on "Paris". Berlin and Amsterdam are RR clients. This solution disable the split-horizon.
—-Berlin—-
router bgp 2
no synchronization
bgp router-id 2.2.2.2
bgp log-neighbor-changes
network 2.2.2.0 mask 255.255.255.0
neighbor 192.168.12.1 remote-as 1
neighbor 192.168.23.3 remote-as 2
neighbor 192.168.23.3 next-hop-self
no auto-summary
—-Paris—-
router bgp 2
no synchronization
bgp router-id 3.3.3.3
bgp log-neighbor-changes
network 3.3.3.0 mask 255.255.255.0
neighbor 192.168.23.2 remote-as 2
neighbor 192.168.23.2 route-reflector-client
neighbor 192.168.34.4 remote-as 2
neighbor 192.168.34.4 route-reflector-client
no auto-summary
—-Amsterdam—-
router bgp 2
no synchronization
bgp router-id 4.4.4.4
bgp log-neighbor-changes
network 4.4.4.0 mask 255.255.255.0
neighbor 192.168.34.3 remote-as 2
neighbor 192.168.34.3 next-hop-self
neighbor 192.168.45.5 remote-as 3
no auto-summary
—-Dhaka—-:
router bgp 1
no synchronization
bgp router-id 1.1.1.1
bgp log-neighbor-changes
network 1.1.1.0 mask 255.255.255.0
network 11.11.0.0 mask 255.255.0.0
aggregate-address 11.11.0.0 255.255.0.0 summary-only
neighbor 2.2.2.2 remote-as 2
neighbor 192.168.12.2 remote-as 2
no auto-summary
!
ip http server
no ip http secure-server
ip route 11.11.0.0 255.255.0.0 Null0
—-NewDelhi—-
router bgp 3
no synchronization
bgp router-id 5.5.5.5
bgp log-neighbor-changes
network 5.5.5.0 mask 255.255.255.0
neighbor 192.168.45.4 remote-as 2
no auto-summary
You can ping only between loopbacks. Example on Dhaka: ping 5.5.5.5 source 1.1.1.1. This means that the BGP network is OK.
Sorry for my english.
Hi Rene,
please correct my ouput..
Dhaka#show running-config | sec bgp
router bgp 1
no synchronization
bgp log-neighbor-changes
network 1.1.1.0 mask 255.255.255.0
aggregate-address 11.11.0.0 255.255.0.0
neighbor 2.2.2.2 remote-as 2
neighbor 2.2.2.2 ebgp-multihop 5
neighbor 2.2.2.2 update-source Loopback0
no auto-summary
Berlin#show running-config | sec bgp 2
router bgp 2
no synchronization
bgp log-neighbor-changes
network 2.2.2.0 mask 255.255.255.0
redistribute ospf 1
neighbor 1.1.1.1 remote-as 1
neighbor 1.1.1.1 ebgp-multihop 5
neighbor 1.1.1.1 update-source Loopback0
neighbor 192.168.34.4 remote-as 2
neighbor 192.168.34.4 next-hop-self
no auto-summary
Paris#
ip route 5.5.5.0 255.255.255.0 192.168.34.4
!
Amsterdam#show running-config | sec bgp
router bgp 2
no synchronization
bgp log-neighbor-changes
network 4.4.4.0 mask 255.255.255.0
neighbor 192.168.23.2 remote-as 2
neighbor 192.168.23.2 next-hop-self
neighbor 192.168.45.5 remote-as 3
neighbor 192.168.45.5 ebgp-multihop 5
no auto-summary
NewDelhi#show running-config | sec bgp
router bgp 3
no synchronization
bgp log-neighbor-changes
network 5.5.5.0
network 5.5.5.0 mask 255.255.255.0
neighbor 192.168.45.4 remote-as 2
neighbor 192.168.45.4 ebgp-multihop 5
no auto-summary
i made everything pings with the below configuration
Dhaka
!
router bgp 1
no synchronization
bgp log-neighbor-changes
network 1.1.1.0 mask 255.255.255.0
network 11.11.0.0 mask 255.255.0.0
network 192.168.12.0
aggregate-address 11.11.0.0 255.255.0.0
neighbor 2.2.2.2 remote-as 2
neighbor 2.2.2.2 ebgp-multihop 2
neighbor 2.2.2.2 update-source Loopback0
no auto-summary
!
________________________________
Berlin
router bgp 2
no synchronization
bgp log-neighbor-changes
network 2.2.2.0 mask 255.255.255.0
network 192.168.12.0
network 192.168.23.0
neighbor 1.1.1.1 remote-as 1
neighbor 1.1.1.1 ebgp-multihop 2
neighbor 1.1.1.1 update-source Loopback0
neighbor 192.168.23.3 remote-as 2
neighbor 192.168.23.3 next-hop-self
neighbor 192.168.34.4 remote-as 2
neighbor 192.168.34.4 next-hop-self
no auto-summary
_________________________________
Paris#s | s bgp
router bgp 2
no synchronization
bgp log-neighbor-changes
network 3.3.3.0 mask 255.255.255.0
network 192.168.23.0
network 192.168.34.0
neighbor 192.168.23.2 remote-as 2
neighbor 192.168.23.2 next-hop-self
neighbor 192.168.34.4 remote-as 2
neighbor 192.168.34.4 next-hop-self
no auto-summary
_______________________________
Amsterdam#s | s bgp
router bgp 2
no synchronization
bgp log-neighbor-changes
network 4.4.4.0 mask 255.255.255.0
network 192.168.34.0
network 192.168.45.0
neighbor 192.168.23.2 remote-as 2
neighbor 192.168.23.2 next-hop-self
neighbor 192.168.34.3 remote-as 2
neighbor 192.168.34.3 next-hop-self
neighbor 192.168.45.5 remote-as 3
no auto-summary
__________________________________
NewDelhi#s | s bgp
router bgp 3
no synchronization
bgp log-neighbor-changes
network 5.5.5.0
network 5.5.5.0 mask 255.255.255.0
network 192.168.45.0
neighbor 192.168.45.4 remote-as 2
no auto-summary
_________________________
correct me if i’m wrong plz
neighbor 192.168.23.2 route-reflector-client can be used instead of next-hop-self
not instead next-hop-self, route-reflector can be used instead full-mesh neighborhod. If you will not use next-hop-self, iBGP neighbors(Paris in this case) will not place routes to AS1 and AS3 in RIB.
I am not sure for you, but the communication between NewDelhi and Amsterdan Always fail between these two.
Tried, Static, OsPF and Eigrp.. and adjencie is just no happening.
Please check, there is an access list applied inbound "Inbound access list is PROTECTION "
NewDelhi#sh ip int f0/0
FastEthernet0/0 is up, line protocol is up
Internet address is 192.168.45.5/24
Broadcast address is 255.255.255.255
Address determined by non-volatile memory
MTU is 1500 bytes
Helper address is not set
Directed broadcast forwarding is disabled
Outgoing access list is not set
Inbound access list is PROTECTION
My Solution, Rene correct me if i am wrong
Dhaka
————
router bgp 1
no synchronization
bgp log-neighbor-changes
network 1.1.1.0 mask 255.255.255.0
network 11.11.11.0 mask 255.255.255.0
network 192.168.12.0
aggregate-address 11.11.0.0 255.255.0.0 summary-only
redistribute connected
neighbor 192.168.12.2 remote-as 2
no auto-summary
Berlin#
———-
router ospf 1
log-adjacency-changes
redistribute bgp 2 subnets
network 2.2.2.0 0.0.0.255 area 0
network 192.168.23.0 0.0.0.255 area 0
!
router bgp 2
no synchronization
bgp log-neighbor-changes
network 2.2.2.0 mask 255.255.255.0
network 192.168.12.0
network 192.168.23.0
redistribute connected
redistribute ospf 1 metric 100
neighbor 192.168.12.1 remote-as 1
neighbor 192.168.12.1 next-hop-self
neighbor 192.168.34.4 remote-as 2
neighbor 192.168.34.4 next-hop-self
no auto-summary
Paris
———
router ospf 1
log-adjacency-changes
redistribute bgp 2 subnets
network 3.3.3.0 0.0.0.255 area 0
network 192.168.23.0 0.0.0.255 area 0
network 192.168.34.0 0.0.0.255 area 0
Amsterdam
——————-
router ospf 1
log-adjacency-changes
redistribute bgp 2 subnets
network 4.4.4.0 0.0.0.255 area 0
network 192.168.34.0 0.0.0.255 area 0
!
router bgp 2
no synchronization
bgp log-neighbor-changes
network 4.4.4.0 mask 255.255.255.0
network 192.168.34.0
network 192.168.45.0
redistribute connected
redistribute ospf 1 metric 100
neighbor 192.168.23.2 remote-as 2
neighbor 192.168.45.5 remote-as 3
no auto-summary
NewDelhi
—————–
router bgp 3
no synchronization
bgp log-neighbor-changes
network 5.5.5.0 mask 255.255.255.0
network 192.168.45.0
redistribute connected
neighbor 192.168.45.4 remote-as 2
no auto-summary
Thanks a lot for the labs.
We really appreciate it…
wouha this has been the toughest lab ever.
Only you need to play with redistribution to make reachabilty in last task of this lab.
Hi guys,
New to this site, is there somewhere I can get the correct versions of IOS for each of the labs. ?
Regards
Dave
Excellent lab. BGP syncronization rule cleared.
Btw if ur redistributing bgp into ospf, key is to redistribute static routes as well.
router ospf 1
redistribute static subnets
redistribute bgp 2 subnets
Cheers!!
Great lab. BGP syncronization rule cleared.
Btw if ur redistributing bgp into ospf, key is to redistribute static routes as well.
router ospf 1
redistribute static subnets
redistribute bgp 2 subnets
Cheers!!
Getting an error when attempting to boot. I am using c3725-adventerprisek9-mz.124-12.bin as the image. I have been using this image for other labs and it works. Thoughts?
Launching IOS image at 0x80008000…
Self decompressing the image : ###################################################################################################################################################################################################### [OK]
Smart Init is disabled. IOMEM set to: 5
Using iomem percentage: 5
Figured out my technical problem I used the correct image and all is well.
The labs were pretty good, thanks for taking the time to put these together. I would like to see more labs with troubleshooting communities, route-maps and prefix-lists. Any of those around?
regarding task #4;
I have all the routes in bgp table and they’re showing the next hop from 192.168.34.3 (which is in AS2)
Amsterdam#sh ip bgp
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.0/24 192.168.34.3 20 32768 ?
*> 2.2.2.0/24 192.168.34.3 20 32768 ?
*> 3.3.3.0/24 192.168.34.3 20 32768 ?
*> 4.4.4.0/24 0.0.0.0 0 32768 i
*> 5.5.5.0/24 192.168.45.5 0 0 3 i
*> 11.11.0.0/16 192.168.34.3 1 32768 ?
*> 192.168.12.0 192.168.34.3 20 32768 ?
*> 192.168.23.0 192.168.34.3 2 32768 ?
*> 192.168.34.0 0.0.0.0 0 32768 ?
But number of prefixes in bgp summary still showing 0?
Amsterdam#sh ip bgp summary
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
192.168.23.2 4 2 141 147 87 0 0 00:57:54 0
192.168.45.5 4 3 43 48 83 0 0 00:38:30 1
Can someone please help explaining?