root# show
## Last changed: 2019-04-04 20:12:37 UTC
version 12.1R1.9;
system {
root-authentication {
encrypted-password "$1$XrnazupP$IChYvM93l90W6b0GfMxNn/"; ## SECRET-DATA
}
services {
ssh;
telnet;
}
syslog {
user * {
any emergency;
}
file messages {
any notice;
authorization info;
}
file interactive-commands {
interactive-commands any;
}
}
}
interfaces {
em0 {
vlan-tagging;
unit 0 {
vlan-id 10;
family inet {
address 1.1.0.1/30;
}
}
}
em1 {
unit 0 {
description AIRTEL;
family inet {
address 1.2.0.6/30;
}
}
}
em2 {
unit 0 {
description FLIPKART;
family inet {
address 1.1.2.1/30;
}
}
}
}
routing-options {
static {
route 1.1.0.0/24 discard;
route 1.1.1.0/24 discard;
route 1.1.2.0/24 discard;
route 1.1.3.0/24 discard;
route 1.1.1.0/30 next-hop 1.1.0.2;
}
router-id 1.1.0.1;
}
protocols {
bgp {
local-as 1100;
group TATA {
export TATA_OUT;
peer-as 1100;
neighbor 1.1.0.2;
}
group AIRTEL {
export TATA_OUT;
peer-as 1200;
neighbor 1.2.0.5;
}
group FLIPKART {
export TATA_OUT;
peer-as 1500;
neighbor 1.1.2.2;
}
}
}
policy-options {
prefix-list TATA_OUT {
1.1.0.0/24;
1.1.1.0/24;
1.1.3.0/24;
1.1.4.0/24;
}
policy-statement TATA_OUT {
term 1 {
from {
prefix-list TATA_OUT;
}
then accept;
}
term 3 {
from protocol direct;
then accept;
}
term 2 {
from protocol bgp;
then accept;
}
}
}
[edit]
root#
[edit]
root#
[edit]
root# set system host-name TATA_US
[edit]
root# commit
commit complete
[edit]
root@TATA_US# show
## Last changed: 2019-04-04 20:33:34 UTC
version 12.1R1.9;
system {
host-name TATA_US;
root-authentication {
encrypted-password "$1$XrnazupP$IChYvM93l90W6b0GfMxNn/"; ## SECRET-DATA
}
services {
ssh;
telnet;
}
syslog {
user * {
any emergency;
}
file messages {
any notice;
authorization info;
}
file interactive-commands {
interactive-commands any;
}
}
}
interfaces {
em0 {
vlan-tagging;
unit 0 {
vlan-id 10;
family inet {
address 1.1.0.1/30;
}
}
}
em1 {
unit 0 {
description AIRTEL;
family inet {
address 1.2.0.6/30;
}
}
}
em2 {
unit 0 {
description FLIPKART;
family inet {
address 1.1.2.1/30;
}
}
}
}
routing-options {
static {
route 1.1.0.0/24 discard;
route 1.1.1.0/24 discard;
route 1.1.2.0/24 discard;
route 1.1.3.0/24 discard;
route 1.1.1.0/30 next-hop 1.1.0.2;
}
router-id 1.1.0.1;
}
protocols {
bgp {
local-as 1100;
group TATA {
export TATA_OUT;
peer-as 1100;
neighbor 1.1.0.2;
}
group AIRTEL {
export TATA_OUT;
peer-as 1200;
neighbor 1.2.0.5;
}
group FLIPKART {
export TATA_OUT;
peer-as 1500;
neighbor 1.1.2.2;
}
}
}
policy-options {
prefix-list TATA_OUT {
1.1.0.0/24;
1.1.1.0/24;
1.1.3.0/24;
1.1.4.0/24;
}
policy-statement TATA_OUT {
term 1 {
from {
prefix-list TATA_OUT;
}
then accept;
}
term 3 {
from protocol direct;
then accept;
}
term 2 {
from protocol bgp;
then accept;
}
}
}
[edit]
root@TATA_US#
root@TATA_US# run show route
inet.0: 27 destinations, 35 routes (27 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
1.1.0.0/24 *[Static/5] 00:20:48
Discard
1.1.0.0/30 *[Direct/0] 00:00:18
> via em0.0
1.1.0.1/32 *[Local/0] 00:00:18
Local via em0.0
1.1.1.0/24 *[Static/5] 00:20:48
Discard
1.1.1.0/30 *[Static/5] 00:20:46
> to 1.1.0.2 via em0.0
1.1.2.0/24 *[Static/5] 00:20:48
Discard
1.1.2.0/30 *[Direct/0] 00:20:42
> via em2.0
1.1.2.1/32 *[Local/0] 00:20:43
Local via em2.0
1.1.3.0/24 *[Static/5] 00:20:48
Discard
1.2.0.0/24 *[BGP/170] 00:20:39, MED 0, localpref 100
AS path: 1200 I
> to 1.2.0.5 via em1.0
1.2.0.4/30 *[Direct/0] 00:20:43
> via em1.0
1.2.0.6/32 *[Local/0] 00:20:44
Local via em1.0
1.2.1.0/24 *[BGP/170] 00:20:39, MED 0, localpref 100
AS path: 1200 I
> to 1.2.0.5 via em1.0
1.2.2.0/24 *[BGP/170] 00:20:39, MED 0, localpref 100
AS path: 1200 I
> to 1.2.0.5 via em1.0
1.2.3.0/24 *[BGP/170] 00:20:39, MED 0, localpref 100
AS path: 1200 I
> to 1.2.0.5 via em1.0
1.3.0.0/24 *[BGP/170] 00:20:37, localpref 100
AS path: 1300 I
> to 1.1.0.2 via em0.0
[BGP/170] 00:20:39, localpref 100
-------------------------------------
root> configure
Entering configuration mode
[edit]
root# set system host-name TATA_INDIA
[edit]
root# commit
commit complete
[edit]
root@TATA_INDIA# show
## Last changed: 2019-04-04 20:34:43 UTC
version 12.1R1.9;
system {
host-name TATA_INDIA;
root-authentication {
encrypted-password "$1$QyYhErAK$Ovn/xeO20OoDNKpmKi81T."; ## SECRET-DATA
}
syslog {
user * {
any emergency;
}
file messages {
any notice;
authorization info;
}
file interactive-commands {
interactive-commands any;
}
}
}
interfaces {
em0 {
vlan-tagging;
unit 0 {
vlan-id 10;
family inet {
address 1.1.0.2/30;
}
}
}
em1 {
vlan-tagging;
unit 0 {
vlan-id 20;
family inet {
address 1.1.1.1/30;
}
}
}
}
routing-options {
router-id 1.1.1.1;
}
protocols {
bgp {
local-as 1100;
group TATA {
type internal;
peer-as 1100;
neighbor 1.1.0.1;
}
group IKF {
type external;
peer-as 1300;
neighbor 1.2.0.1;
neighbor 1.1.1.2;
}
}
}
[edit]
root@TATA_INDIA# run show route receive-protocol bgp 1.1.0.1
inet.0: 25 destinations, 26 routes (25 active, 0 holddown, 0 hidden)
Prefix Nexthop MED Lclpref AS path
* 1.1.0.0/24 1.1.0.1 100 I
1.1.0.0/30 1.1.0.1 100 I
* 1.1.1.0/24 1.1.0.1 100 I
* 1.1.2.0/30 1.1.0.1 100 I
* 1.1.3.0/24 1.1.0.1 100 I
* 1.2.0.0/24 1.2.0.5 0 100 1200 I
* 1.2.0.4/30 1.1.0.1 100 I
* 1.2.1.0/24 1.2.0.5 0 100 1200 I
* 1.2.2.0/24 1.2.0.5 0 100 1200 I
* 1.2.3.0/24 1.2.0.5 0 100 1200 I
* 1.3.0.0/24 1.2.0.5 100 1200 1300 I
* 1.3.1.0/24 1.2.0.5 100 1200 1300 I
* 1.3.2.0/24 1.2.0.5 100 1200 1300 I
* 1.3.3.0/24 1.2.0.5 100 1200 1300 I
* 1.4.0.0/24 1.2.0.5 100 1200 1300 1400 I
* 1.4.1.0/24 1.2.0.5 100 1200 1300 1400 I
* 1.4.2.0/24 1.2.0.5 100 1200 1300 1400 I
* 1.4.3.0/24 1.2.0.5 100 1200 1300 1400 I
* 1.5.0.0/24 1.1.2.2 100 1500 I
* 1.5.1.0/24 1.1.2.2 100 1500 I
* 1.5.2.0/24 1.1.2.2 100 1500 I
* 1.5.3.0/24 1.1.2.2 100 1500 I
[edit]
root@TATA_INDIA#
root> configure
Entering configuration mode
[edit]
root# set system host-name TATA_INDIA
[edit]
root# commit
commit complete
[edit]
root@TATA_INDIA# show
## Last changed: 2019-04-04 20:34:43 UTC
version 12.1R1.9;
system {
host-name TATA_INDIA;
root-authentication {
encrypted-password "$1$QyYhErAK$Ovn/xeO20OoDNKpmKi81T."; ## SECRET-DATA
}
syslog {
user * {
any emergency;
}
file messages {
any notice;
authorization info;
}
file interactive-commands {
interactive-commands any;
}
}
}
interfaces {
em0 {
vlan-tagging;
unit 0 {
vlan-id 10;
family inet {
address 1.1.0.2/30;
}
}
}
em1 {
vlan-tagging;
unit 0 {
vlan-id 20;
family inet {
address 1.1.1.1/30;
}
}
}
}
routing-options {
router-id 1.1.1.1;
}
protocols {
bgp {
local-as 1100;
group TATA {
type internal;
peer-as 1100;
neighbor 1.1.0.1;
}
group IKF {
type external;
peer-as 1300;
neighbor 1.2.0.1;
neighbor 1.1.1.2;
}
}
}
[edit]
root@TATA_INDIA# run show route receive-protocol bgp 1.1.0.1
inet.0: 25 destinations, 26 routes (25 active, 0 holddown, 0 hidden)
Prefix Nexthop MED Lclpref AS path
* 1.1.0.0/24 1.1.0.1 100 I
1.1.0.0/30 1.1.0.1 100 I
* 1.1.1.0/24 1.1.0.1 100 I
* 1.1.2.0/30 1.1.0.1 100 I
* 1.1.3.0/24 1.1.0.1 100 I
* 1.2.0.0/24 1.2.0.5 0 100 1200 I
* 1.2.0.4/30 1.1.0.1 100 I
* 1.2.1.0/24 1.2.0.5 0 100 1200 I
* 1.2.2.0/24 1.2.0.5 0 100 1200 I
* 1.2.3.0/24 1.2.0.5 0 100 1200 I
* 1.3.0.0/24 1.2.0.5 100 1200 1300 I
* 1.3.1.0/24 1.2.0.5 100 1200 1300 I
* 1.3.2.0/24 1.2.0.5 100 1200 1300 I
* 1.3.3.0/24 1.2.0.5 100 1200 1300 I
* 1.4.0.0/24 1.2.0.5 100 1200 1300 1400 I
* 1.4.1.0/24 1.2.0.5 100 1200 1300 1400 I
* 1.4.2.0/24 1.2.0.5 100 1200 1300 1400 I
* 1.4.3.0/24 1.2.0.5 100 1200 1300 1400 I
* 1.5.0.0/24 1.1.2.2 100 1500 I
* 1.5.1.0/24 1.1.2.2 100 1500 I
* 1.5.2.0/24 1.1.2.2 100 1500 I
* 1.5.3.0/24 1.1.2.2 100 1500 I
[edit]
root@TATA_INDIA#
-------------------------------------
root@FLIPKART# show
## Last changed: 2019-04-04 20:44:18 UTC
version 10.1R1.8;
system {
host-name FLIPKART;
root-authentication {
encrypted-password "$1$VaEmnu16$W15FJXKTptT3u/6ie4iNe1"; ## SECRET-DATA
}
syslog {
user * {
any emergency;
}
file messages {
any notice;
authorization info;
}
file interactive-commands {
interactive-commands any;
}
}
}
interfaces {
em0 {
unit 0 {
description TATA_US;
family inet {
address 1.1.2.2/30;
}
}
}
em2 {
unit 0 {
description FLIPKART_HEADOFFICE;
family inet {
address 1.5.1.1/30;
}
}
}
lo0 {
unit 0 {
family inet {
address 1.5.0.1/32;
}
}
}
}
routing-options {
static {
route 1.5.0.0/24 discard;
route 1.5.1.0/24 discard;
route 1.5.2.0/24 discard;
route 1.5.3.0/24 discard;
}
}
protocols {
bgp {
local-as 1500;
group TATA_US {
export TATA_US_OUT;
peer-as 1100;
neighbor 1.1.2.1;
}
}
}
policy-options {
policy-statement TATA_US_OUT {
term 1 {
from {
route-filter 1.5.0.0/24 exact;
route-filter 1.5.1.0/24 exact;
route-filter 1.5.2.0/24 exact;
route-filter 1.5.3.0/24 exact;
}
then accept;
}
}
}
[edit]
root@FLIPKART#
root@FLIPKART# show
## Last changed: 2019-04-04 20:44:18 UTC
version 10.1R1.8;
system {
host-name FLIPKART;
root-authentication {
encrypted-password "$1$VaEmnu16$W15FJXKTptT3u/6ie4iNe1"; ## SECRET-DATA
}
syslog {
user * {
any emergency;
}
file messages {
any notice;
authorization info;
}
file interactive-commands {
interactive-commands any;
}
}
}
interfaces {
em0 {
unit 0 {
description TATA_US;
family inet {
address 1.1.2.2/30;
}
}
}
em2 {
unit 0 {
description FLIPKART_HEADOFFICE;
family inet {
address 1.5.1.1/30;
}
}
}
lo0 {
unit 0 {
family inet {
address 1.5.0.1/32;
}
}
}
}
routing-options {
static {
route 1.5.0.0/24 discard;
route 1.5.1.0/24 discard;
route 1.5.2.0/24 discard;
route 1.5.3.0/24 discard;
}
}
protocols {
bgp {
local-as 1500;
group TATA_US {
export TATA_US_OUT;
peer-as 1100;
neighbor 1.1.2.1;
}
}
}
policy-options {
policy-statement TATA_US_OUT {
term 1 {
from {
route-filter 1.5.0.0/24 exact;
route-filter 1.5.1.0/24 exact;
route-filter 1.5.2.0/24 exact;
route-filter 1.5.3.0/24 exact;
}
then accept;
}
}
}
[edit]
root@FLIPKART#
-------------------------------------
FLIPKART_HEADOFFICE(config)#do show run
Building configuration...
Current configuration : 1928 bytes
!
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
service compress-config
!
hostname FLIPKART_HEADOFFICE
!
boot-start-marker
boot-end-marker
!
!
logging discriminator EXCESS severity drops 6 msg-body drops EXCESSCOLL
logging buffered 50000
logging console discriminator EXCESS
!
no aaa new-model
no ip icmp rate-limit unreachable
!
ip cef
!
ip dhcp pool 192.168.0.x
network 192.168.0.0 255.255.255.0
default-router 192.168.0.1
dns-server 192.168.0.1
lease 0 23
!
!
no ip domain-lookup
no ipv6 cef
ipv6 multicast rpf use-bgp
spanning-tree mode pvst
spanning-tree extend system-id
!
!
!
!
!
!
vlan internal allocation policy ascending
!
ip tcp synwait-time 5
!
!
!
!
interface Tunnel0
ip address 172.16.1.1 255.255.255.252
ip mtu 1400
ip tcp adjust-mss 1360
tunnel source Ethernet0/0
tunnel destination 1.4.1.2
!
interface Ethernet0/0
description "FLIPCART CORE"
no switchport
ip address 1.5.1.2 255.255.255.252
!
interface Ethernet0/1
no switchport
ip address 192.168.0.1 255.255.255.0
!
interface Ethernet0/2
duplex auto
!
interface Ethernet0/3
duplex auto
!
interface Ethernet1/0
duplex auto
!
interface Ethernet1/1
duplex auto
!
interface Ethernet1/2
duplex auto
!
interface Ethernet1/3
duplex auto
!
interface Ethernet2/0
duplex auto
!
interface Ethernet2/1
duplex auto
!
interface Ethernet2/2
duplex auto
!
interface Ethernet2/3
duplex auto
!
interface Ethernet3/0
duplex auto
!
interface Ethernet3/1
duplex auto
!
interface Ethernet3/2
duplex auto
!
interface Ethernet3/3
duplex auto
!
interface Vlan1
no ip address
shutdown
!
!
!
no ip http server
ip route 0.0.0.0 0.0.0.0 1.5.1.1
ip route 192.168.1.0 255.255.255.0 Tunnel0
!
!
!
!
control-plane
!
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login
!
end
FLIPKART_HEADOFFICE(config)#
FLIPKART_HEADOFFICE(config)#do show ip rou
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is 1.5.1.1 to network 0.0.0.0
S* 0.0.0.0/0 [1/0] via 1.5.1.1
1.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 1.5.1.0/30 is directly connected, Ethernet0/0
L 1.5.1.2/32 is directly connected, Ethernet0/0
172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
C 172.16.1.0/30 is directly connected, Tunnel0
L 172.16.1.1/32 is directly connected, Tunnel0
192.168.0.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.0.0/24 is directly connected, Ethernet0/1
L 192.168.0.1/32 is directly connected, Ethernet0/1
S 192.168.1.0/24 is directly connected, Tunnel0
FLIPKART_HEADOFFICE(config)#
FLIPKART_HEADOFFICE(config)#do show ip dhcp binding
Bindings from all pools not associated with VRF:
IP address Client-ID/ Lease expiration Type
Hardware address/
User name
192.168.0.2 0063.6973.636f.2d61. Apr 05 2019 07:40 PM Automatic
6162.622e.6363.3030.
2e30.3430.302d.4574.
302f.30
FLIPKART_HEADOFFICE(config)#
-------------------------------------
Building configuration...
Current configuration : 1935 bytes
!
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
service compress-config
!
hostname FLIPKART_BRANCH
!
boot-start-marker
boot-end-marker
!
!
logging discriminator EXCESS severity drops 6 msg-body drops EXCESSCOLL
logging buffered 50000
logging console discriminator EXCESS
!
no aaa new-model
no ip icmp rate-limit unreachable
!
ip cef
!
ip dhcp pool 192.168.1.x
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
dns-server 192.168.1.1
lease 0 23
!
!
no ip domain-lookup
no ipv6 cef
ipv6 multicast rpf use-bgp
spanning-tree mode pvst
spanning-tree extend system-id
!
!
!
!
!
!
vlan internal allocation policy ascending
!
ip tcp synwait-time 5
!
!
!
!
interface Tunnel0
ip address 172.16.1.2 255.255.255.252
ip mtu 1400
ip tcp adjust-mss 1360
tunnel source Ethernet0/0
tunnel destination 1.5.1.2
!
interface Ethernet0/0
description "WEFE"
no switchport
ip address 1.4.1.2 255.255.255.252
!
interface Ethernet0/1
description "DHCP"
no switchport
ip address 192.168.1.1 255.255.255.0
!
interface Ethernet0/2
duplex auto
!
interface Ethernet0/3
duplex auto
!
interface Ethernet1/0
duplex auto
!
interface Ethernet1/1
duplex auto
!
interface Ethernet1/2
duplex auto
!
interface Ethernet1/3
duplex auto
!
interface Ethernet2/0
duplex auto
!
interface Ethernet2/1
duplex auto
!
interface Ethernet2/2
duplex auto
!
interface Ethernet2/3
duplex auto
!
interface Ethernet3/0
duplex auto
!
interface Ethernet3/1
duplex auto
!
interface Ethernet3/2
duplex auto
!
interface Ethernet3/3
duplex auto
!
interface Vlan1
no ip address
shutdown
!
!
!
no ip http server
ip route 0.0.0.0 0.0.0.0 1.4.1.1
ip route 192.168.0.0 255.255.255.0 Tunnel0
!
!
!
!
control-plane
!
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login
!
end
-------------------------------------
AIRTEL#show run
Building configuration...
Current configuration : 2943 bytes
!
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
service compress-config
!
hostname AIRTEL
!
boot-start-marker
boot-end-marker
!
!
logging discriminator EXCESS severity drops 6 msg-body drops EXCESSCOLL
logging buffered 50000
logging console discriminator EXCESS
!
no aaa new-model
no ip icmp rate-limit unreachable
!
ip cef
!
!
no ip domain-lookup
no ipv6 cef
ipv6 multicast rpf use-bgp
spanning-tree mode pvst
spanning-tree extend system-id
!
!
!
!
!
!
vlan internal allocation policy ascending
!
ip tcp synwait-time 5
!
!
!
!
interface Ethernet0/0
description "IKF"
no switchport
ip address 1.2.0.1 255.255.255.252
!
interface Ethernet0/1
description "TATA_US"
no switchport
ip address 1.2.0.5 255.255.255.252
!
interface Ethernet0/2
duplex auto
!
interface Ethernet0/3
duplex auto
!
interface Ethernet1/0
duplex auto
!
interface Ethernet1/1
duplex auto
!
interface Ethernet1/2
duplex auto
!
interface Ethernet1/3
duplex auto
!
interface Ethernet2/0
duplex auto
!
interface Ethernet2/1
duplex auto
!
interface Ethernet2/2
duplex auto
!
interface Ethernet2/3
duplex auto
!
interface Ethernet3/0
duplex auto
!
interface Ethernet3/1
duplex auto
!
interface Ethernet3/2
duplex auto
!
interface Ethernet3/3
duplex auto
!
interface Serial4/0
no ip address
shutdown
serial restart-delay 0
!
interface Serial4/1
no ip address
shutdown
serial restart-delay 0
!
interface Serial4/2
no ip address
shutdown
serial restart-delay 0
!
interface Serial4/3
no ip address
shutdown
serial restart-delay 0
!
interface Serial5/0
no ip address
shutdown
serial restart-delay 0
!
interface Serial5/1
no ip address
shutdown
serial restart-delay 0
!
interface Serial5/2
no ip address
shutdown
serial restart-delay 0
!
interface Serial5/3
no ip address
shutdown
serial restart-delay 0
!
interface Vlan1
no ip address
shutdown
!
router bgp 1200
bgp log-neighbor-changes
network 1.2.0.0 mask 255.255.255.0
network 1.2.1.0 mask 255.255.255.0
network 1.2.2.0 mask 255.255.255.0
network 1.2.3.0 mask 255.255.255.0
neighbor 1.2.0.2 remote-as 1300
neighbor 1.2.0.2 description IKF
neighbor 1.2.0.2 route-map IKF_OUT out
neighbor 1.2.0.6 remote-as 1100
neighbor 1.2.0.6 description "TATA_US"
!
!
!
no ip http server
ip route 1.2.0.0 255.255.255.0 Null0
ip route 1.2.1.0 255.255.255.0 Null0
ip route 1.2.2.0 255.255.255.0 Null0
ip route 1.2.3.0 255.255.255.0 Null0
!
!
ip prefix-list TO_IKF seq 1 permit 1.2.0.0/24
ip prefix-list TO_IKF seq 2 permit 1.2.1.0/24
ip prefix-list TO_IKF seq 3 permit 1.2.2.0/24
ip prefix-list TO_IKF seq 4 permit 1.2.3.0/24
!
route-map IKF_OUT permit 0
match ip address prefix-list TO_IKF
set as-path prepend 1200 1200 1200
!
!
!
control-plane
!
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login
!
end
AIRTEL#
AIRTEL#show run
Building configuration...
Current configuration : 2943 bytes
!
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
service compress-config
!
hostname AIRTEL
!
boot-start-marker
boot-end-marker
!
!
logging discriminator EXCESS severity drops 6 msg-body drops EXCESSCOLL
logging buffered 50000
logging console discriminator EXCESS
!
no aaa new-model
no ip icmp rate-limit unreachable
!
ip cef
!
!
no ip domain-lookup
no ipv6 cef
ipv6 multicast rpf use-bgp
spanning-tree mode pvst
spanning-tree extend system-id
!
!
!
!
!
!
vlan internal allocation policy ascending
!
ip tcp synwait-time 5
!
!
!
!
interface Ethernet0/0
description "IKF"
no switchport
ip address 1.2.0.1 255.255.255.252
!
interface Ethernet0/1
description "TATA_US"
no switchport
ip address 1.2.0.5 255.255.255.252
!
interface Ethernet0/2
duplex auto
!
interface Ethernet0/3
duplex auto
!
interface Ethernet1/0
duplex auto
!
interface Ethernet1/1
duplex auto
!
interface Ethernet1/2
duplex auto
!
interface Ethernet1/3
duplex auto
!
interface Ethernet2/0
duplex auto
!
interface Ethernet2/1
duplex auto
!
interface Ethernet2/2
duplex auto
!
interface Ethernet2/3
duplex auto
!
interface Ethernet3/0
duplex auto
!
interface Ethernet3/1
duplex auto
!
interface Ethernet3/2
duplex auto
!
interface Ethernet3/3
duplex auto
!
interface Serial4/0
no ip address
shutdown
serial restart-delay 0
!
interface Serial4/1
no ip address
shutdown
serial restart-delay 0
!
interface Serial4/2
no ip address
shutdown
serial restart-delay 0
!
interface Serial4/3
no ip address
shutdown
serial restart-delay 0
!
interface Serial5/0
no ip address
shutdown
serial restart-delay 0
!
interface Serial5/1
no ip address
shutdown
serial restart-delay 0
!
interface Serial5/2
no ip address
shutdown
serial restart-delay 0
!
interface Serial5/3
no ip address
shutdown
serial restart-delay 0
!
interface Vlan1
no ip address
shutdown
!
router bgp 1200
bgp log-neighbor-changes
network 1.2.0.0 mask 255.255.255.0
network 1.2.1.0 mask 255.255.255.0
network 1.2.2.0 mask 255.255.255.0
network 1.2.3.0 mask 255.255.255.0
neighbor 1.2.0.2 remote-as 1300
neighbor 1.2.0.2 description IKF
neighbor 1.2.0.2 route-map IKF_OUT out
neighbor 1.2.0.6 remote-as 1100
neighbor 1.2.0.6 description "TATA_US"
!
!
!
no ip http server
ip route 1.2.0.0 255.255.255.0 Null0
ip route 1.2.1.0 255.255.255.0 Null0
ip route 1.2.2.0 255.255.255.0 Null0
ip route 1.2.3.0 255.255.255.0 Null0
!
!
ip prefix-list TO_IKF seq 1 permit 1.2.0.0/24
ip prefix-list TO_IKF seq 2 permit 1.2.1.0/24
ip prefix-list TO_IKF seq 3 permit 1.2.2.0/24
ip prefix-list TO_IKF seq 4 permit 1.2.3.0/24
!
route-map IKF_OUT permit 0
match ip address prefix-list TO_IKF
set as-path prepend 1200 1200 1200
!
!
!
control-plane
!
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login
!
end
AIRTEL#
-------------------------------------
[admin@IKF_CORE] > export
# apr/04/2019 20:59:14 by RouterOS 6.44.1
# software id =
#
#
#
/interface vlan
add comment=TATA interface=ether1 name=TATA_INDIA vlan-id=20
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/queue tree
add max-limit=3M name=GLOBAL packet-mark=TATA parent=global
add max-limit=1500k name=TATA_IN packet-mark=TATA_IN parent=GLOBAL
add max-limit=1500k name=TATA_OUT packet-mark=TATA_OUT parent=GLOBAL
/routing bgp instance
set default as=1300 router-id=1.3.0.1
/ip address
add address=192.168.125.1/24 comment=MGMT interface=ether12 network=192.168.125.0
add address=1.1.1.2/30 comment=TATA interface=TATA_INDIA network=1.1.1.0
add address=1.3.1.1/30 comment=WEFE interface=ether2 network=1.3.1.0
add address=1.2.0.2/30 comment=AIRTEL interface=ether3 network=1.2.0.0
/ip dhcp-client
add disabled=no interface=ether1
/ip firewall mangle
add action=mark-packet chain=forward in-interface=TATA_INDIA new-packet-mark=TATA packet-mark=no-mark passthrough=yes
add action=mark-packet chain=forward dst-port=80,443 new-packet-mark=TATA_OUT packet-mark=TATA passthrough=yes protocol=tcp
add action=mark-packet chain=forward dst-port=2000 new-packet-mark=TATA_OUT packet-mark=TATA passthrough=yes protocol=udp
add action=mark-packet chain=forward new-packet-mark=TATA_IN packet-mark=TATA passthrough=yes protocol=tcp src-port=80,443
add action=mark-packet chain=forward new-packet-mark=TATA_IN packet-mark=TATA passthrough=yes protocol=udp src-port=2000
/routing bgp network
add network=1.3.0.0/24 synchronize=no
add network=1.3.1.0/24 synchronize=no
add network=1.3.2.0/24 synchronize=no
add network=1.3.3.0/24 synchronize=no
/routing bgp peer
add in-filter=TATA_IN name=TATA_INDIA out-filter=TATA_OUT remote-address=1.1.1.1 remote-as=1100 ttl=default
add default-originate=always in-filter=WEFE_IN name=WEFE out-filter=WEFE_OUT remote-address=1.3.1.2 remote-as=1400 ttl=default
add in-filter=AIRTEL_IN name=AIRTEL out-filter=AIRTEL_OUT remote-address=1.2.0.1 remote-as=1200 ttl=default
/routing filter
add action=accept chain=TATA_IN
add action=log chain=TATA_IN
add action=accept chain=TATA_OUT prefix=1.3.0.0/24 prefix-length=0-128
add action=accept chain=TATA_OUT prefix=1.3.2.0/24 prefix-length=0-128
add action=accept chain=TATA_OUT prefix=1.3.3.0/24 prefix-length=0-128
add action=accept chain=TATA_OUT prefix=1.3.1.0/24 prefix-length=0-128
add action=accept chain=TATA_OUT comment=WEFE prefix=1.4.1.0/24
add action=accept chain=TATA_OUT comment=WEFE prefix=1.4.2.0/24
add action=accept chain=TATA_OUT comment=WEFE prefix=1.4.3.0/24
add action=accept chain=TATA_OUT comment=WEFE prefix=1.4.0.0/24
add action=discard chain=TATA_OUT
add action=log chain=TATA_OUT
/system identity
set name=IKF_CORE
[admin@IKF_CORE] >
[admin@IKF_CORE] > ip route print
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme, B - blackhole, U - unreachable, P - prohibit
# DST-ADDRESS PREF-SRC GATEWAY DISTANCE
0 ADb 1.1.0.0/24 1.1.1.1 20
1 ADb 1.1.1.0/24 1.1.1.1 20
2 ADC 1.1.1.0/30 1.1.1.2 TATA_INDIA 0
3 ADb 1.1.2.0/30 1.1.1.1 20
4 ADb 1.1.3.0/24 1.1.1.1 20
5 ADb 1.2.0.0/24 1.1.1.1 20
6 Db 1.2.0.0/24 1.2.0.1 20
7 ADC 1.2.0.0/30 1.2.0.2 ether3 0
8 ADb 1.2.0.4/30 1.1.1.1 20
9 ADb 1.2.1.0/24 1.1.1.1 20
10 Db 1.2.1.0/24 1.2.0.1 20
11 ADb 1.2.2.0/24 1.1.1.1 20
12 Db 1.2.2.0/24 1.2.0.1 20
13 ADb 1.2.3.0/24 1.1.1.1 20
14 Db 1.2.3.0/24 1.2.0.1 20
15 ADC 1.3.1.0/30 1.3.1.1 ether2 0
16 ADb 1.4.0.0/24 1.3.1.2 20
17 ADb 1.4.1.0/24 1.3.1.2 20
18 ADb 1.4.2.0/24 1.3.1.2 20
19 ADb 1.4.3.0/24 1.3.1.2 20
20 ADb 1.5.0.0/24 1.1.1.1 20
21 ADb 1.5.1.0/24 1.1.1.1 20
22 ADb 1.5.2.0/24 1.1.1.1 20
23 ADb 1.5.3.0/24 1.1.1.1 20
24 ADC 192.168.125.0/24 192.168.125.1 ether12 0
[admin@IKF_CORE] >
-------------------------------------
[admin@WEFE] > export
# apr/04/2019 21:00:04 by RouterOS 6.44.1
# software id =
#
#
#
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/routing bgp instance
set default as=1400
/ip address
add address=192.168.125.2/24 comment=MGMT interface=ether12 network=192.168.125.0
add address=1.3.1.2/30 comment=IKF interface=ether1 network=1.3.1.0
add address=1.4.1.1/30 comment=FLIPKART_BRANCH interface=ether2 network=1.4.1.0
/ip dhcp-client
add disabled=no interface=ether1
/ip route
add distance=1 gateway=1.3.1.1
/routing bgp network
add network=1.4.0.0/24 synchronize=no
add network=1.4.1.0/24 synchronize=no
add network=1.4.2.0/24 synchronize=no
add network=1.4.3.0/24 synchronize=no
/routing bgp peer
add in-filter=IKF_IN name=IKF out-filter=IKF_OUT remote-address=1.3.1.1 remote-as=1300 ttl=default
/routing filter
add action=accept chain=IKF_IN disabled=yes prefix=0.0.0.0/0
add action=discard chain=IKF_IN disabled=yes
add action=accept chain=IKF_OUT disabled=yes
/system identity
set name=WEFE
[admin@WEFE] >
[admin@WEFE] > ip route print
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme, B - blackhole, U - unreachable, P - prohibit
# DST-ADDRESS PREF-SRC GATEWAY DISTANCE
0 A S 0.0.0.0/0 1.3.1.1 1
1 Db 0.0.0.0/0 1.3.1.1 20
2 ADb 1.1.0.0/24 1.3.1.1 20
3 ADb 1.1.1.0/24 1.3.1.1 20
4 ADb 1.1.2.0/30 1.3.1.1 20
5 ADb 1.1.3.0/24 1.3.1.1 20
6 ADb 1.2.0.0/24 1.3.1.1 20
7 ADb 1.2.0.4/30 1.3.1.1 20
8 ADb 1.2.1.0/24 1.3.1.1 20
9 ADb 1.2.2.0/24 1.3.1.1 20
10 ADb 1.2.3.0/24 1.3.1.1 20
11 ADb 1.3.0.0/24 1.3.1.1 20
12 ADb 1.3.1.0/24 1.3.1.1 20
13 ADC 1.3.1.0/30 1.3.1.2 ether1 0
14 ADb 1.3.2.0/24 1.3.1.1 20
15 ADb 1.3.3.0/24 1.3.1.1 20
16 ADC 1.4.1.0/30 1.4.1.1 ether2 0
17 ADb 1.5.0.0/24 1.3.1.1 20
18 ADb 1.5.1.0/24 1.3.1.1 20
19 ADb 1.5.2.0/24 1.3.1.1 20
20 ADb 1.5.3.0/24 1.3.1.1 20
21 ADC 192.168.125.0/24 192.168.125.2 ether12 0
[admin@WEFE] >
-------------------------------------
FLIPKART_BRANCH(config)#
FLIPKART_BRANCH(config)#do show run
Building configuration...
Current configuration : 1935 bytes
!
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
service compress-config
!
hostname FLIPKART_BRANCH
!
boot-start-marker
boot-end-marker
!
!
logging discriminator EXCESS severity drops 6 msg-body drops EXCESSCOLL
logging buffered 50000
logging console discriminator EXCESS
!
no aaa new-model
no ip icmp rate-limit unreachable
!
ip cef
!
ip dhcp pool 192.168.1.x
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
dns-server 192.168.1.1
lease 0 23
!
!
no ip domain-lookup
no ipv6 cef
ipv6 multicast rpf use-bgp
spanning-tree mode pvst
spanning-tree extend system-id
!
!
!
!
!
!
vlan internal allocation policy ascending
!
ip tcp synwait-time 5
!
!
!
!
interface Tunnel0
ip address 172.16.1.2 255.255.255.252
ip mtu 1400
ip tcp adjust-mss 1360
tunnel source Ethernet0/0
tunnel destination 1.5.1.2
!
interface Ethernet0/0
description "WEFE"
no switchport
ip address 1.4.1.2 255.255.255.252
!
interface Ethernet0/1
description "DHCP"
no switchport
ip address 192.168.1.1 255.255.255.0
!
interface Ethernet0/2
duplex auto
!
interface Ethernet0/3
duplex auto
!
interface Ethernet1/0
duplex auto
!
interface Ethernet1/1
duplex auto
!
interface Ethernet1/2
duplex auto
!
interface Ethernet1/3
duplex auto
!
interface Ethernet2/0
duplex auto
!
interface Ethernet2/1
duplex auto
!
interface Ethernet2/2
duplex auto
!
interface Ethernet2/3
duplex auto
!
interface Ethernet3/0
duplex auto
!
interface Ethernet3/1
duplex auto
!
interface Ethernet3/2
duplex auto
!
interface Ethernet3/3
duplex auto
!
interface Vlan1
no ip address
shutdown
!
!
!
no ip http server
ip route 0.0.0.0 0.0.0.0 1.4.1.1
ip route 192.168.0.0 255.255.255.0 Tunnel0
!
!
!
!
control-plane
!
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login
!
end
FLIPKART_BRANCH(config)#
-------------------------------------
NODE1#
NODE1#show run
Building configuration...
Current configuration : 1581 bytes
!
! Last configuration change at 20:41:14 UTC Thu Apr 4 2019
!
version 15.0
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname NODE1
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
no ip icmp rate-limit unreachable
!
ip cef
no ip domain-lookup
!
no ipv6 cef
!
!
ip tcp synwait-time 5
!
!
!
!
interface Ethernet0/0
ip address dhcp
!
interface Ethernet0/1
no ip address
shutdown
!
interface Ethernet0/2
no ip address
shutdown
!
interface Ethernet0/3
no ip address
shutdown
!
interface Ethernet1/0
no ip address
shutdown
!
interface Ethernet1/1
no ip address
shutdown
!
interface Ethernet1/2
no ip address
shutdown
!
interface Ethernet1/3
no ip address
shutdown
!
interface Serial2/0
no ip address
shutdown
serial restart-delay 0
!
interface Serial2/1
no ip address
shutdown
serial restart-delay 0
!
interface Serial2/2
no ip address
shutdown
serial restart-delay 0
!
interface Serial2/3
no ip address
shutdown
serial restart-delay 0
!
interface Serial3/0
no ip address
shutdown
serial restart-delay 0
!
interface Serial3/1
no ip address
shutdown
serial restart-delay 0
!
interface Serial3/2
no ip address
shutdown
serial restart-delay 0
!
interface Serial3/3
no ip address
shutdown
serial restart-delay 0
!
!
ip forward-protocol nd
no ip http server
!
!
!
!
!
control-plane
!
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login
transport input all
!
end
NODE1#
-------------------------------------
NODE2#
NODE2#show run
Building configuration...
Current configuration : 1581 bytes
!
! Last configuration change at 21:03:09 UTC Thu Apr 4 2019
!
version 15.0
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname NODE2
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
no ip icmp rate-limit unreachable
!
ip cef
no ip domain-lookup
!
no ipv6 cef
!
!
ip tcp synwait-time 5
!
!
!
!
interface Ethernet0/0
ip address dhcp
!
interface Ethernet0/1
no ip address
shutdown
!
interface Ethernet0/2
no ip address
shutdown
!
interface Ethernet0/3
no ip address
shutdown
!
interface Ethernet1/0
no ip address
shutdown
!
interface Ethernet1/1
no ip address
shutdown
!
interface Ethernet1/2
no ip address
shutdown
!
interface Ethernet1/3
no ip address
shutdown
!
interface Serial2/0
no ip address
shutdown
serial restart-delay 0
!
interface Serial2/1
no ip address
shutdown
serial restart-delay 0
!
interface Serial2/2
no ip address
shutdown
serial restart-delay 0
!
interface Serial2/3
no ip address
shutdown
serial restart-delay 0
!
interface Serial3/0
no ip address
shutdown
serial restart-delay 0
!
interface Serial3/1
no ip address
shutdown
serial restart-delay 0
!
interface Serial3/2
no ip address
shutdown
serial restart-delay 0
!
interface Serial3/3
no ip address
shutdown
serial restart-delay 0
!
!
ip forward-protocol nd
no ip http server
!
!
!
!
!
control-plane
!
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login
transport input all
!
end
NODE2#
NODE2#show ip interface brief
Interface IP-Address OK? Method Status Protocol
Ethernet0/0 192.168.1.2 YES DHCP up up
Ethernet0/1 unassigned YES NVRAM administratively down down
Ethernet0/2 unassigned YES NVRAM administratively down down
Ethernet0/3 unassigned YES NVRAM administratively down down
Ethernet1/0 unassigned YES NVRAM administratively down down
Ethernet1/1 unassigned YES NVRAM administratively down down
Ethernet1/2 unassigned YES NVRAM administratively down down
Ethernet1/3 unassigned YES NVRAM administratively down down
Serial2/0 unassigned YES NVRAM administratively down down
Serial2/1 unassigned YES NVRAM administratively down down
Serial2/2 unassigned YES NVRAM administratively down down
Serial2/3 unassigned YES NVRAM administratively down down
Serial3/0 unassigned YES NVRAM administratively down down
Serial3/1 unassigned YES NVRAM administratively down down
Serial3/2 unassigned YES NVRAM administratively down down
Serial3/3 unassigned YES NVRAM administratively down down
NODE2#show ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is 192.168.1.1 to network 0.0.0.0
S* 0.0.0.0/0 [254/0] via 192.168.1.1
192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.1.0/24 is directly connected, Ethernet0/0
L 192.168.1.2/32 is directly connected, Ethernet0/0
NODE2#
-------------------------------------
No comments:
Post a Comment