大家好!
我是达叔。
本次练习分享拓扑如下,大家可自行搭建仿真环境进行研究探讨。
欢迎大家评论进行探讨交流。
大家自行按照拓扑把配置刷进去哦 (设备的预配置将附在结尾部分)
现由于前面负责实施的工程师离职,留下烂尾工程,请按下面截图找出目前配置存在的错误并修复,要求项目部署完毕之后所有检查命令输出要和下面截图一致。
要求R7和R8两个站点通信必须经过R6的全局处理、要求R6的vrf A 和R7、R8能够直接通信
同时要求交一份排除故障的文档,用于对客户进行技术支撑。
要求在文档中指出配置错误的地方,以及产生的影响,解决的方案。
不能使用任何静态路由、不允许修改R4、R5的VRF配置、不允许修改R6的BGP配置
谢谢大家!
我是乾颐堂CCIE导师,CCIE培训金牌讲师达叔。
本博客由乾颐堂达叔独家冠名写出,素材来自乾颐堂日常工作及达叔和他身边的CCIE们的故事。
下面附上排错环境中的设备配置:
hostname R1
!
ip vrf HUB
rd 200:100
!
ip vrf SPOKE
rd 100:200
!
!
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
mpls label range 100 199
!
!
interface Loopback0
ip address 10.1.1.1 255.255.255.255
ip ospf 110 area 0
!
interface Ethernet0/0
ip address 13.1.1.1 255.255.255.0
ip ospf network point-to-point
ip ospf demand-circuit
ip ospf 110 area 0
mpls ip
!
interface Ethernet0/1
no ip address
!
interface Ethernet0/1.1
encapsulation dot1Q 1 native
ip vrf forwarding HUB
ip address 16.1.1.1 255.255.255.0
!
interface Ethernet0/1.2
encapsulation dot1Q 2
ip vrf forwarding SPOKE
ip address 16.1.2.1 255.255.255.0
!
interface Ethernet0/1.3
encapsulation dot1Q 3
ip address 16.1.3.1 255.255.255.0
!
!
router ospf 110
prefix-suppression
!
router bgp 100
bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor 10.1.1.3 remote-as 100
neighbor 10.1.1.3 update-source Loopback0
neighbor 16.1.3.6 remote-as 200
!
address-family ipv4
network 16.1.3.0 mask 255.255.255.0
neighbor 10.1.1.3 activate
neighbor 16.1.3.6 activate
neighbor 16.1.3.6 prefix-list 1 in
exit-address-family
!
address-family ***v4
neighbor 10.1.1.3 activate
neighbor 10.1.1.3 send-community extended
exit-address-family
!
address-family ipv4 vrf HUB
neighbor 16.1.1.6 remote-as 200
neighbor 16.1.1.6 activate
exit-address-family
!
address-family ipv4 vrf SPOKE
neighbor 16.1.2.6 remote-as 200
neighbor 16.1.2.6 activate
exit-address-family
!
!
ip prefix-list 1 seq 5 deny 10.0.0.0/8 le 32
ip prefix-list 1 seq 10 deny 172.16.0.0/12 le 32
ip prefix-list 1 seq 15 deny 192.168.0.0/16 le 32
ip prefix-list 1 seq 20 deny 0.0.0.0/0
ip prefix-list 1 seq 25 permit 0.0.0.0/0 le 32
hostname R2
!
ip vrf A
rd 100:200
!
!
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
mpls label range 200 299
!
!
username R6 password 0 cisco
!
!
interface Loopback0
ip address 10.1.1.2 255.255.255.0
ip ospf 110 area 0
!
interface Loopback1
ip address 10.22.22.22 255.255.255.255
!
!
interface Ethernet0/1
ip address 23.1.1.2 255.255.255.0
ip ospf network point-to-point
ip ospf demand-circuit
ip ospf 110 area 0
mpls ip
!
interface Serial1/1
ip vrf forwarding A
ip address 26.1.1.2 255.255.255.0
encapsulation ppp
ip ospf 1 area 0
ppp authentication chap
serial restart-delay 0
!
!
router ospf 1 vrf A
redistribute bgp 100 subnets
!
router ospf 110
prefix-suppression
!
router bgp 100
bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor 10.1.1.3 remote-as 100
neighbor 10.1.1.3 update-source Loopback0
neighbor 26.1.1.6 remote-as 200
!
address-family ipv4
network 26.1.1.0 mask 255.255.255.0
neighbor 10.1.1.3 activate
neighbor 26.1.1.6 activate
neighbor 26.1.1.6 prefix-list 1 in
exit-address-family
!
address-family ***v4
neighbor 10.1.1.3 activate
neighbor 10.1.1.3 send-community extended
exit-address-family
!
address-family ipv4 vrf A
redistribute ospf 1
exit-address-family
!
!
!
ip prefix-list 1 seq 5 deny 10.0.0.0/8 le 32
ip prefix-list 1 seq 10 deny 172.16.0.0/12 le 32
ip prefix-list 1 seq 15 deny 192.168.0.0/16 le 32
ip prefix-list 1 seq 20 deny 0.0.0.0/0
ip prefix-list 1 seq 25 permit 0.0.0.0/0 le 32
!
!
mpls ldp router-id Loopback1 force
hostname R3
!
!
!
no ip cef
no ipv6 cef
!
multilink bundle-name authenticated
mpls label range 300 399
!
!
!
interface Loopback0
ip address 10.1.1.3 255.255.255.255
ip ospf 110 area 0
!
interface Loopback1
ip address 6.6.6.6 255.255.255.255
!
interface Ethernet0/0
ip address 13.1.1.3 255.255.255.0
ip ospf network point-to-point
ip ospf demand-circuit
ip ospf 110 area 0
mpls ip
!
interface Ethernet0/1
ip address 23.1.1.3 255.255.255.0
ip ospf network point-to-point
ip ospf demand-circuit
ip ospf 110 area 0
mpls ip
!
interface Ethernet0/2
ip address 34.1.1.3 255.255.255.0
ip ospf network point-to-point
ip ospf demand-circuit
ip ospf 110 area 0
mpls ip
!
interface Ethernet0/3
ip address 35.1.1.3 255.255.255.0
ip ospf network point-to-point
ip ospf demand-circuit
ip ospf 110 area 0
mpls ip
!
!
router ospf 110
prefix-suppression
!
router bgp 100
bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor iBGP peer-group
neighbor iBGP remote-as 100
neighbor iBGP update-source Loopback0
neighbor 10.1.1.1 peer-group iBGP
neighbor 10.1.1.2 remote-as 100
neighbor 10.1.1.2 peer-group iBGP
neighbor 10.1.1.4 peer-group iBGP
neighbor 10.1.1.5 peer-group iBGP
!
address-family ipv4
network 6.6.6.6 mask 255.255.255.255
neighbor 10.1.1.1 activate
neighbor 10.1.1.2 activate
exit-address-family
!
address-family ***v4
neighbor iBGP send-community extended
neighbor iBGP route-reflector-client
neighbor 10.1.1.1 activate
neighbor 10.1.1.2 activate
neighbor 10.1.1.4 activate
neighbor 10.1.1.5 activate
exit-address-family
!
hostname R4
!
!
vrf definition A
rd 100:200
!
address-family ipv4
route-target export 47:47
route-target import 16:16
route-target import 26:26
route-target import 58:58
exit-address-family
!
!
!
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
mpls label range 400 499
!
!
!
!
interface Loopback0
ip address 10.1.1.4 255.255.255.255
ip ospf 110 area 0
!
interface Ethernet0/0
vrf forwarding A
ip address 47.1.1.4 255.255.255.0
!
!
interface Ethernet0/2
ip address 34.1.1.4 255.255.255.0
ip ospf network point-to-point
ip ospf demand-circuit
ip ospf 110 area 0
!
router ospf 110
prefix-suppression
!
router bgp 100
bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor 10.1.1.3 remote-as 100
neighbor 10.1.1.3 update-source Loopback0
!
address-family ipv4
exit-address-family
!
address-family ***v4
neighbor 10.1.1.3 activate
neighbor 10.1.1.3 send-community extended
exit-address-family
!
address-family ipv4 vrf A
neighbor 47.1.1.7 remote-as 200
neighbor 47.1.1.7 activate
exit-address-family
!
!
ip extcommunity-list 1 permit soo 78:78
ip extcommunity-list 2 permit soo 78:78
ip extcommunity-list standard q permit soo 78:78
!
no ip http server
no ip http secure-server
!
!
ip prefix-list 1 seq 5 permit 1.1.1.1/32
!
hostname R5
!
!
ip vrf A
rd 100:200
route-target export 58:58
route-target import 16:16
route-target import 26:26
route-target import 47:47
!
!
!
!
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
mpls label range 500 599
mpls label protocol tdp
!
!
!
interface Loopback0
ip address 10.1.1.5 255.255.255.255
ip ospf 110 area 0
!
interface Ethernet0/0
ip vrf forwarding A
ip address 58.1.1.5 255.255.255.0
!
!
interface Ethernet0/3
ip address 35.1.1.5 255.255.255.0
ip ospf network point-to-point
ip ospf demand-circuit
ip ospf 110 area 0
mpls propagate-cos
mpls ip
!
!
!
router ospf 110
prefix-suppression
!
router bgp 100
bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor 10.1.1.3 remote-as 100
neighbor 10.1.1.3 update-source Loopback0
!
address-family ipv4
exit-address-family
!
address-family ***v4
neighbor 10.1.1.3 activate
neighbor 10.1.1.3 send-community extended
exit-address-family
!
address-family ipv4 vrf A
neighbor 58.1.1.8 remote-as 200
neighbor 58.1.1.8 activate
exit-address-family
!
hostname R6
!
!
ip vrf A
rd 100:200
!
!
!
ip cef
no ipv6 cef
ipv6 multicast rpf use-bgp
!
multilink bundle-name authenticated
!
!
!
!
username R2 password 0 cisc0
!
!
!
!
interface Loopback0
ip address 10.6.6.6 255.255.255.255
ip nat inside
ip virtual-reassembly in
!
interface Loopback1
ip vrf forwarding A
ip address 10.66.66.66 255.255.255.255
ip ospf 1 area 0
!
!
interface Ethernet0/1.1
encapsulation dot1Q 1 native
ip address 16.1.1.6 255.255.255.0
!
interface Ethernet0/1.2
encapsulation dot1Q 2
ip address 16.1.2.6 255.255.255.0
ip nat inside
ip virtual-reassembly in
!
interface Ethernet0/1.3
encapsulation dot1Q 3
ip address 16.1.3.6 255.255.255.0
ip nat outside
ip virtual-reassembly in
!
!
!
interface Serial1/1
ip vrf forwarding A
ip address 26.1.1.6 255.255.255.0
encapsulation ppp
ip ospf 1 area 0
ppp chap hostname R6
ppp chap password 0 cisco
serial restart-delay 0
!
!
router ospf 1 vrf A
!
router bgp 200
bgp log-neighbor-changes
network 10.6.6.6 mask 255.255.255.255
neighbor 16.1.1.1 remote-as 100
neighbor 16.1.2.1 remote-as 100
neighbor 16.1.2.1 default-originate
neighbor 16.1.3.1 remote-as 100
!
!
!
ip nat inside source list NAT interface Ethernet0/1.3 overload
!
ip access-list standard NAT
permit 10.0.0.0 0.255.255.255
!
hostname R7
!
!
!
ip cef
no ipv6 cef
!
!
!
interface Loopback0
ip address 10.7.7.7 255.255.255.255
!
interface Ethernet0/0
ip address 47.1.1.7 255.255.255.0
!
interface Ethernet0/1
ip address 78.1.1.7 255.255.255.0
!
!
!
!
router eigrp 90
network 47.1.1.7 0.0.0.0
network 77.0.0.0
!
router bgp 200
bgp log-neighbor-changes
network 10.7.7.7 mask 255.255.255.255
network 77.1.1.1 mask 255.255.255.255
neighbor 47.1.1.4 remote-as 100
!
hostname R8
!
!
!
interface Loopback0
ip address 10.8.8.8 255.255.255.255
!
interface Ethernet0/0
ip address 58.1.1.8 255.255.255.0
!
interface Ethernet0/1
ip address 78.1.1.8 255.255.255.0
!
!
!
router bgp 200
bgp log-neighbor-changes
network 10.8.8.8 mask 255.255.255.255
network 88.1.1.1 mask 255.255.255.255
neighbor 58.1.1.5 remote-as 100
!