root@TATA# show
## Last changed: 2019-03-28 09:56:16 UTC
version 10.1R1.8;
system {
host-name TATA;
root-authentication {
encrypted-password "$1$K.6Gp.oA$.CvkXlWMxq8GDwxSnr4/D/"; ## SECRET-DATA
}
services {
ftp;
ssh;
telnet;
}
syslog {
user * {
any emergency;
}
file messages {
any notice;
authorization info;
}
file interactive-commands {
interactive-commands any;
}
}
}
interfaces {
em0 {
unit 0 {
description IKF_CORE;
family inet {
address 1.1.1.1/30;
}
}
}
em2 {
unit 0 {
description SIFY;
family inet {
address 1.1.1.9/30;
}
}
}
em7 {
unit 0 {
family inet {
address 1.1.0.2/30;
}
}
}
}
routing-options {
static {
route 0.0.0.0/0 {
next-hop 1.1.0.1;
install;
}
route 1.1.0.0/24 discard;
route 1.1.1.0/24 discard;
route 1.1.2.0/24 discard;
route 1.1.3.0/24 discard;
route 1.1.4.0/24 discard;
route 1.1.5.0/24 discard;
}
}
protocols {
bgp {
traceoptions {
file bgplog size 1000k files 10;
flag all detail;
}
local-as 1100;
group IKF {
import IKF_IN;
export IKF_OUT;
neighbor 1.1.1.2 {
description IKF_CORE;
peer-as 1300;
}
neighbor 1.1.1.6 {
description IKF_MUMBAI;
peer-as 1300;
}
}
group SIFY {
peer-as 1200;
neighbor 1.1.1.10;
}
}
}
policy-options {
prefix-list IKF_IN {
1.3.0.0/24;
1.3.1.0/24;
1.3.2.0/24;
1.3.3.0/24;
}
prefix-list TATA_OUT {
1.1.0.0/24;
1.1.1.0/24;
1.1.2.0/24;
1.1.3.0/24;
1.2.0.0/24;
1.2.1.0/24;
1.2.2.0/24;
1.2.3.0/24;
}
policy-statement IKF_IN {
term 1 {
from {
prefix-list IKF_IN;
}
then accept;
}
term 2 {
from {
route-filter 0.0.0.0/0 orlonger;
}
then reject;
}
}
policy-statement IKF_OUT {
term 2 {
from {
prefix-list TATA_OUT;
}
then accept;
}
term 3 {
from {
route-filter 0.0.0.0/0 orlonger;
}
then reject;
}
}
}
===================
Mikrotik Configuration:
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip hotspot user profile
set [ find default=yes ] idle-timeout=none keepalive-timeout=2m \
mac-cookie-timeout=3d
/port
set 0 name=serial0
/routing bgp instance
set default as=1300 router-id=1.3.0.1
/tool user-manager customer
add backup-allowed=yes disabled=no login=admin password="" \
paypal-accept-pending=no paypal-allowed=no paypal-secure-response=no \
permissions=owner signup-allowed=no time-zone=-00:00
/ip address
add address=1.1.1.2/30 interface=ether1 network=1.1.1.0
add address=192.168.125.1/24 interface=ether8 network=192.168.125.0
/routing bgp network
add network=1.3.0.0/24
add network=1.3.1.0/24
add network=1.3.2.0/24
add network=1.3.3.0/24 synchronize=no
add network=1.3.4.0/24 synchronize=no
/routing bgp peer
add in-filter=TATA_IN name=TATA out-filter=TATA_OU remote-address=1.1.1.1 \
remote-as=1100
/routing filter
add action=accept chain=TATA_OU prefix=1.3.3.0/24 set-bgp-communities=1300:10
add action=accept chain=TATA_OU prefix=1.3.2.0/24 set-bgp-communities=1300:10
/system identity
set name=IKF_CORE
/system lcd
set contrast=0 enabled=no port=parallel type=24x4
/system lcd page
set time disabled=yes display-time=5s
set resources disabled=yes display-time=5s
set uptime disabled=yes display-time=5s
set packets disabled=yes display-time=5s
set bits disabled=yes display-time=5s
set version disabled=yes display-time=5s
set identity disabled=yes display-time=5s
set ether1 disabled=yes display-time=5s
set ether2 disabled=yes display-time=5s
set ether3 disabled=yes display-time=5s
set ether4 disabled=yes display-time=5s
set ether5 disabled=yes display-time=5s
set ether6 disabled=yes display-time=5s
set ether7 disabled=yes display-time=5s
set ether8 disabled=yes display-time=5s
/system logging
add topics=bgp
===================
Cisco Configuration:
root@TATA# run show route receive-protocol bgp 1.1.1.2
inet.0: 13 destinations, 13 routes (12 active, 0 holddown, 1 hidden)
Prefix Nexthop MED Lclpref AS path
* 1.3.3.0/24 1.1.1.2 1300 I
[edit]
root@TATA# run show route advertising-protocol bgp 1.1.1.2
inet.0: 13 destinations, 13 routes (12 active, 0 holddown, 1 hidden)
Prefix Nexthop MED Lclpref AS path
* 1.1.0.0/24 Self I
* 1.1.1.0/24 Self I
* 1.1.2.0/24 Self I
* 1.1.3.0/24 Self I
[edit]
root@TATA#
===================
Cisco Configuration:
SIFY#show run
Building configuration...
Current configuration : 3085 bytes
!
upgrade fpd auto
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname SIFY
!
boot-start-marker
boot-end-marker
!
logging message-counter syslog
!
no aaa new-model
ip source-route
no ip icmp rate-limit unreachable
ip cef
!
!
!
!
no ip domain lookup
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
archive
log config
hidekeys
!
!
!
!
!
ip tcp synwait-time 5
!
!
!
!
interface FastEthernet0/0
description "TATA"
ip address 1.1.1.10 255.255.255.252
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Ethernet1/0
no ip address
shutdown
duplex half
!
interface Ethernet1/1
no ip address
shutdown
duplex half
!
interface Ethernet1/2
no ip address
shutdown
duplex half
!
interface Ethernet1/3
no ip address
shutdown
duplex half
!
interface Ethernet1/4
no ip address
shutdown
duplex half
!
interface Ethernet1/5
no ip address
shutdown
duplex half
!
interface Ethernet1/6
no ip address
shutdown
duplex half
!
interface Ethernet1/7
no ip address
shutdown
duplex half
!
interface GigabitEthernet2/0
no ip address
shutdown
negotiation auto
!
interface GigabitEthernet3/0
no ip address
shutdown
negotiation auto
!
interface GigabitEthernet4/0
no ip address
shutdown
negotiation auto
!
interface GigabitEthernet5/0
no ip address
shutdown
negotiation auto
!
interface Serial6/0
no ip address
shutdown
serial restart-delay 0
!
interface Serial6/1
no ip address
shutdown
serial restart-delay 0
!
interface Serial6/2
no ip address
shutdown
serial restart-delay 0
!
interface Serial6/3
no ip address
shutdown
serial restart-delay 0
!
interface Serial6/4
no ip address
shutdown
serial restart-delay 0
!
interface Serial6/5
no ip address
shutdown
serial restart-delay 0
!
interface Serial6/6
no ip address
shutdown
serial restart-delay 0
!
interface Serial6/7
no ip address
shutdown
serial restart-delay 0
!
router bgp 1200
no synchronization
bgp log-neighbor-changes
network 1.2.0.0 mask 255.255.255.0
network 1.2.1.0 mask 255.255.255.0
network 1.2.2.0 mask 255.255.255.0
network 1.2.3.0 mask 255.255.255.0
neighbor 1.1.1.9 remote-as 1100
neighbor 1.1.1.9 description TATA
neighbor 1.1.1.9 route-map TATA_OUT out
no auto-summary
!
ip forward-protocol nd
ip route 1.2.0.0 255.255.255.0 Null0
ip route 1.2.1.0 255.255.255.0 Null0
ip route 1.2.2.0 255.255.255.0 Null0
ip route 1.2.3.0 255.255.255.0 Null0
no ip http server
no ip http secure-server
!
!
!
!
ip prefix-list TATA_OUT seq 1 permit 1.2.0.0/24
ip prefix-list TATA_OUT seq 2 permit 1.2.1.0/24
no cdp log mismatch duplex
!
!
!
!
route-map TATA_OUT permit 0
match ip address prefix-list TATA_OUT
set as-path prepend 1200 1200 1200 1200 1200 1200
!
!
!
control-plane
!
!
!
!
!
!
!
gatekeeper
shutdown
!
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
stopbits 1
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
stopbits 1
line vty 0 4
login
!
end
SIFY#
===================
SIFY#show ip bgp neighbors 1.1.1.9 advertised-routes
BGP table version is 9, local router ID is 1.1.1.10
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 1.2.0.0/24 0.0.0.0 0 32768 i
*> 1.2.1.0/24 0.0.0.0 0 32768 i
Total number of prefixes 2
No comments:
Post a Comment