Are you over 18 and want to see adult content?
More Annotations
![A complete backup of out-of-the-bag.blogspot.com](https://www.archivebay.com/archive2/874a1087-b59e-4bd8-970a-2e401c64128d.png)
A complete backup of out-of-the-bag.blogspot.com
Are you over 18 and want to see adult content?
![A complete backup of clickon3d.blogspot.com](https://www.archivebay.com/archive2/4eca2c61-069f-436b-ab15-eeaf55529913.png)
A complete backup of clickon3d.blogspot.com
Are you over 18 and want to see adult content?
![A complete backup of freshplantains.tumblr.com](https://www.archivebay.com/archive2/a8b7945a-331a-4ffc-a892-63f7fd1422d0.png)
A complete backup of freshplantains.tumblr.com
Are you over 18 and want to see adult content?
![A complete backup of cooldollhouses.com](https://www.archivebay.com/archive2/0fd9668a-e2d3-4f2e-91f6-2d807c3aec56.png)
A complete backup of cooldollhouses.com
Are you over 18 and want to see adult content?
![A complete backup of amateur-candid-pantyhose.blogspot.com](https://www.archivebay.com/archive2/2dc0b215-5025-40d4-a379-342555ce27a1.png)
A complete backup of amateur-candid-pantyhose.blogspot.com
Are you over 18 and want to see adult content?
![A complete backup of dieter-broers-shop.de](https://www.archivebay.com/archive2/e3a86948-2a64-4342-a04f-3c7675b749b5.png)
A complete backup of dieter-broers-shop.de
Are you over 18 and want to see adult content?
![A complete backup of liveworkgermany.com](https://www.archivebay.com/archive2/f8f366cc-c5dd-4176-ab8b-690f04e0062b.png)
A complete backup of liveworkgermany.com
Are you over 18 and want to see adult content?
Favourite Annotations
![A complete backup of https://donya-e-eqtesad.com](https://www.archivebay.com/archive6/images/bab6a937-aa02-4ef7-bfeb-175619d7c12b.png)
A complete backup of https://donya-e-eqtesad.com
Are you over 18 and want to see adult content?
![A complete backup of https://pretmetled.nl](https://www.archivebay.com/archive6/images/e01dde33-8596-4664-8c12-1be4076a7626.png)
A complete backup of https://pretmetled.nl
Are you over 18 and want to see adult content?
![A complete backup of https://brrehab.com](https://www.archivebay.com/archive6/images/41b19dfa-87b8-43fb-b3e1-65d6ab46e72e.png)
A complete backup of https://brrehab.com
Are you over 18 and want to see adult content?
![A complete backup of https://thebeautraveler.com](https://www.archivebay.com/archive6/images/a156c81c-4d8b-4888-a8f9-2ca8b4473e90.png)
A complete backup of https://thebeautraveler.com
Are you over 18 and want to see adult content?
![A complete backup of https://justiciamexicana.org](https://www.archivebay.com/archive6/images/27cd95fd-1f06-4940-be2f-81da0bbd9542.png)
A complete backup of https://justiciamexicana.org
Are you over 18 and want to see adult content?
![A complete backup of https://iau-aiu.net](https://www.archivebay.com/archive6/images/402ee591-5b85-4c3d-b38b-30cf02a67de6.png)
A complete backup of https://iau-aiu.net
Are you over 18 and want to see adult content?
![A complete backup of https://communityalternatives.org](https://www.archivebay.com/archive6/images/4dd41cff-888d-4fd5-b2cd-40381800d09e.png)
A complete backup of https://communityalternatives.org
Are you over 18 and want to see adult content?
![A complete backup of https://rapiscan-ase.com](https://www.archivebay.com/archive6/images/913d4e90-c4bc-4f5e-a61a-49780ce8074f.png)
A complete backup of https://rapiscan-ase.com
Are you over 18 and want to see adult content?
![A complete backup of https://sentiencepllc.com](https://www.archivebay.com/archive6/images/c66839b8-4974-44c6-ad62-dbb88420416c.png)
A complete backup of https://sentiencepllc.com
Are you over 18 and want to see adult content?
![A complete backup of https://zdwines.com](https://www.archivebay.com/archive6/images/063e1bc6-3b03-4aa8-83fb-a353d1d4927d.png)
A complete backup of https://zdwines.com
Are you over 18 and want to see adult content?
![A complete backup of https://littlelondonmagazine.co.uk](https://www.archivebay.com/archive6/images/539d2669-f9c8-484e-b966-c62ca02c4cdc.png)
A complete backup of https://littlelondonmagazine.co.uk
Are you over 18 and want to see adult content?
Text
(5.5.5.5
GNS3 LAB FILES, SYSTEM AND NETWORKING: VIRTUALIZATION WITH It's difficult to test "Virtualization" if you don't have powerful server. But, you can test "Virtualization" using Sun Virtual Box. It means installation CentOS Linux server guest OS inside CentOS virtual machine using VirtualBox. GNS3 LAB FILES, SYSTEM AND NETWORKING: FEBRUARY 2011 This is the question from CCNP route exam which I got from Digitaltut. I have created as GNS3 file for practicing. There are three OSPF areas including Area 0 and one EIGRP AS 100 networks. GNS3 LAB FILES, SYSTEM AND NETWORKING: 2012 This is very simple GNS3 lab for understanding BGP community. There are only two routers R1 and R2 and R1 will send two prefix 11.11.11.11/32 and 111.111.111.111/32 GNS3 LAB FILES, SYSTEM AND NETWORKING: 2011 State is Active. 5 state changes, last state change 00:00:47. Virtual IP address is 10.2.1.254. Active virtual MAC address is 0000.0c07.ac0a. Local virtual MAC address is 0000.0c07.ac0a (v1 default) Hello time 3 sec, hold time 10 sec. Next hello sent in 0.116 secs. Preemption enabled. Active router is GNS3 LAB FILES, SYSTEM AND NETWORKING: LINUX IPTABLES I am playing ip routing in Linux using CentOS OS with Sun VirtualBox after learning routing with Cisco router. If you are interested in Linux routing using iptables with VirtualBox, please keep reading. GNS3 LAB FILES, SYSTEM AND NETWORKING Here is the lab from MPLS implementation book how to set up MPLS VPN using OSPF between CE and PE routers. Download the GNS3 file to practice from here. Download the completed GNS3 file from here. In Peer 1, configure OSPF to connect to GNS3 LAB FILES, SYSTEM AND NETWORKING: VOIP LAB WITH First, drag all devices in Cisco Packet Tracer and configure router to work as DHCP server to lease IP addresses for IP phones. ip dhcp pool test-vlan. network 192.168.10.0 255.255.255.0. default-router 192.168.10.1. option 150 ip 192.168.10.1. Using option 150 is GNS3 LAB FILES, SYSTEM AND NETWORKING: GLBP WITH GNS3 Let's see the how it works. - R1 and R2 will be running GLBP in interface fa0/0. - R3 will be PC as usual with gateway to virtual IP of 192.168.1.10. - R4 is the destination PC enabled with loopback IP 4.4.4.4. - Goal is to reach the loopback 4.4.4.4 from Router3 (PC). GNS3 LAB FILES, SYSTEM AND NETWORKING: HSRP WITH GNS3 As HSRP is available for load-balancing, I have amended my post with two HSRP groups. OK, below is lab topology diagram. R1 and R2 will be running as HSRP using two VIPs (192.168.1.10 and 192.168.1.20) PC1 will be using R2 (with default gateway 192.168.1.10) to reach 4.4.4.4 (R4's loopback). PC2 will be using R1 (with default gateway 192.168.1 GNS3 LAB FILES, SYSTEM AND NETWORKING: HSRP WITH VLAN Here is brief description of lab topology. R1 and R2 are HSRP active and standby routers for VLAN 100 and VLAN 200. R3 is the layer 2 switch and enabled trunk in fa1/1 and fa1/2 to allow traffic from R4 (VLAN-100 PC) and R6 (VLAN-200 PC) R1, R2 and R5 are in EIGRP 1 network and ip routing is enabling all routes including loopback of R5(5.5.5.5
GNS3 LAB FILES, SYSTEM AND NETWORKING: VIRTUALIZATION WITH It's difficult to test "Virtualization" if you don't have powerful server. But, you can test "Virtualization" using Sun Virtual Box. It means installation CentOS Linux server guest OS inside CentOS virtual machine using VirtualBox. GNS3 LAB FILES, SYSTEM AND NETWORKING: FEBRUARY 2011 This is the question from CCNP route exam which I got from Digitaltut. I have created as GNS3 file for practicing. There are three OSPF areas including Area 0 and one EIGRP AS 100 networks. GNS3 LAB FILES, SYSTEM AND NETWORKING: 2012 This is very simple GNS3 lab for understanding BGP community. There are only two routers R1 and R2 and R1 will send two prefix 11.11.11.11/32 and 111.111.111.111/32 GNS3 LAB FILES, SYSTEM AND NETWORKING: 2011 State is Active. 5 state changes, last state change 00:00:47. Virtual IP address is 10.2.1.254. Active virtual MAC address is 0000.0c07.ac0a. Local virtual MAC address is 0000.0c07.ac0a (v1 default) Hello time 3 sec, hold time 10 sec. Next hello sent in 0.116 secs. Preemption enabled. Active router is GNS3 LAB FILES, SYSTEM AND NETWORKING: LINUX IPTABLES I am playing ip routing in Linux using CentOS OS with Sun VirtualBox after learning routing with Cisco router. If you are interested in Linux routing using iptables with VirtualBox, please keep reading. GNS3 LAB FILES, SYSTEM AND NETWORKING: HSRP WITH GNS3 As HSRP is available for load-balancing, I have amended my post with two HSRP groups. OK, below is lab topology diagram. R1 and R2 will be running as HSRP using two VIPs (192.168.1.10 and 192.168.1.20) PC1 will be using R2 (with default gateway 192.168.1.10) to reach 4.4.4.4 (R4's loopback). PC2 will be using R1 (with default gateway 192.168.1 GNS3 LAB FILES, SYSTEM AND NETWORKING: HSRP WITH VLAN Here is brief description of lab topology. R1 and R2 are HSRP active and standby routers for VLAN 100 and VLAN 200. R3 is the layer 2 switch and enabled trunk in fa1/1 and fa1/2 to allow traffic from R4 (VLAN-100 PC) and R6 (VLAN-200 PC) R1, R2 and R5 are in EIGRP 1 network and ip routing is enabling all routes including loopback of R5(5.5.5.5
GNS3 LAB FILES, SYSTEM AND NETWORKING: VRRP WITH GNS3 GNS3 Lab Files, System and Networking. Looking for practising VRRP with Packet tracer is impossible and I have tried with GNS3 as follow to understand more about VRRP. If you want to know more about VRRP for CCNP switching exam, follow the post. Here is lab diagram. R1 will be master and R2 will act as backup VRRP. GNS3 LAB FILES, SYSTEM AND NETWORKING: EIGRP STUBS Four networks and R3 is for testing stub router. R1 routes: 2.0.0.0/32 is subnetted, 1 subnets D 2.2.2.2 via 10.2.3.2, 00:00:18,Serial1/0
GNS3 LAB FILES, SYSTEM AND NETWORKING: IMPLEMENTING The following labs included the followings to practice all in one. (1) Configure NAT (2) Configure IP Sec VPN (3) Configure GRE tunnel o GNS3 LAB FILES, SYSTEM AND NETWORKING: 2011 State is Active. 5 state changes, last state change 00:00:47. Virtual IP address is 10.2.1.254. Active virtual MAC address is 0000.0c07.ac0a. Local virtual MAC address is 0000.0c07.ac0a (v1 default) Hello time 3 sec, hold time 10 sec. Next hello sent in 0.116 secs. Preemption enabled. Active router is GNS3 LAB FILES, SYSTEM AND NETWORKING: 2012 This is very simple GNS3 lab for understanding BGP community. There are only two routers R1 and R2 and R1 will send two prefix 11.11.11.11/32 and 111.111.111.111/32 GNS3 LAB FILES, SYSTEM AND NETWORKING: VIRTUALIZATION WITH It's difficult to test "Virtualization" if you don't have powerful server. But, you can test "Virtualization" using Sun Virtual Box. It means installation CentOS Linux server GNS3 LAB FILES, SYSTEM AND NETWORKING: EIGRP REDISTRIBUTION This is the question from CCNP route exam which I got from Digitaltut. I have created as GNS3 file for practicing. There are three OSPF areas including Area 0 and one EIGRP AS 100 networks. GNS3 LAB FILES, SYSTEM AND NETWORKING: FEBRUARY 2012 This is very simple GNS3 lab for understanding BGP community. There are only two routers R1 and R2 and R1 will send two prefix 11.11.11.11/32 and 111.111.111.111/32 GNS3 LAB FILES, SYSTEM AND NETWORKING Here is the lab from MPLS implementation book how to set up MPLS VPN using OSPF between CE and PE routers. Download the GNS3 file to practice from here. Download the completed GNS3 file from here. In Peer 1, configure OSPF to connect to GNS3 LAB FILES, SYSTEM AND NETWORKING: VOIP LAB WITH First, drag all devices in Cisco Packet Tracer and configure router to work as DHCP server to lease IP addresses for IP phones. ip dhcp pool test-vlan. network 192.168.10.0 255.255.255.0. default-router 192.168.10.1. option 150 ip 192.168.10.1. Using option 150 is GNS3 LAB FILES, SYSTEM AND NETWORKING: GLBP WITH GNS3 Let's see the how it works. - R1 and R2 will be running GLBP in interface fa0/0. - R3 will be PC as usual with gateway to virtual IP of 192.168.1.10. - R4 is the destination PC enabled with loopback IP 4.4.4.4. - Goal is to reach the loopback 4.4.4.4 from Router3 (PC). GNS3 LAB FILES, SYSTEM AND NETWORKING: HSRP WITH GNS3 As HSRP is available for load-balancing, I have amended my post with two HSRP groups. OK, below is lab topology diagram. R1 and R2 will be running as HSRP using two VIPs (192.168.1.10 and 192.168.1.20) PC1 will be using R2 (with default gateway 192.168.1.10) to reach 4.4.4.4 (R4's loopback). PC2 will be using R1 (with default gateway 192.168.1 GNS3 LAB FILES, SYSTEM AND NETWORKING: HSRP WITH VLAN Here is brief description of lab topology. R1 and R2 are HSRP active and standby routers for VLAN 100 and VLAN 200. R3 is the layer 2 switch and enabled trunk in fa1/1 and fa1/2 to allow traffic from R4 (VLAN-100 PC) and R6 (VLAN-200 PC) R1, R2 and R5 are in EIGRP 1 network and ip routing is enabling all routes including loopback of R5(5.5.5.5
GNS3 LAB FILES, SYSTEM AND NETWORKING: VIRTUALIZATION WITH It's difficult to test "Virtualization" if you don't have powerful server. But, you can test "Virtualization" using Sun Virtual Box. It means installation CentOS Linux server guest OS inside CentOS virtual machine using VirtualBox. GNS3 LAB FILES, SYSTEM AND NETWORKING: FEBRUARY 2011 This is the question from CCNP route exam which I got from Digitaltut. I have created as GNS3 file for practicing. There are three OSPF areas including Area 0 and one EIGRP AS 100 networks. GNS3 LAB FILES, SYSTEM AND NETWORKING: 2012 This is very simple GNS3 lab for understanding BGP community. There are only two routers R1 and R2 and R1 will send two prefix 11.11.11.11/32 and 111.111.111.111/32 GNS3 LAB FILES, SYSTEM AND NETWORKING: APRIL 2011 My collection of GNS3 lab files, system and networking resources GNS3 LAB FILES, SYSTEM AND NETWORKING: 2011 State is Active. 5 state changes, last state change 00:00:47. Virtual IP address is 10.2.1.254. Active virtual MAC address is 0000.0c07.ac0a. Local virtual MAC address is 0000.0c07.ac0a (v1 default) Hello time 3 sec, hold time 10 sec. Next hello sent in 0.116 secs. Preemption enabled. Active router is GNS3 LAB FILES, SYSTEM AND NETWORKING Here is the lab from MPLS implementation book how to set up MPLS VPN using OSPF between CE and PE routers. Download the GNS3 file to practice from here. Download the completed GNS3 file from here. In Peer 1, configure OSPF to connect to GNS3 LAB FILES, SYSTEM AND NETWORKING: VOIP LAB WITH First, drag all devices in Cisco Packet Tracer and configure router to work as DHCP server to lease IP addresses for IP phones. ip dhcp pool test-vlan. network 192.168.10.0 255.255.255.0. default-router 192.168.10.1. option 150 ip 192.168.10.1. Using option 150 is GNS3 LAB FILES, SYSTEM AND NETWORKING: GLBP WITH GNS3 Let's see the how it works. - R1 and R2 will be running GLBP in interface fa0/0. - R3 will be PC as usual with gateway to virtual IP of 192.168.1.10. - R4 is the destination PC enabled with loopback IP 4.4.4.4. - Goal is to reach the loopback 4.4.4.4 from Router3 (PC). GNS3 LAB FILES, SYSTEM AND NETWORKING: HSRP WITH GNS3 As HSRP is available for load-balancing, I have amended my post with two HSRP groups. OK, below is lab topology diagram. R1 and R2 will be running as HSRP using two VIPs (192.168.1.10 and 192.168.1.20) PC1 will be using R2 (with default gateway 192.168.1.10) to reach 4.4.4.4 (R4's loopback). PC2 will be using R1 (with default gateway 192.168.1 GNS3 LAB FILES, SYSTEM AND NETWORKING: HSRP WITH VLAN Here is brief description of lab topology. R1 and R2 are HSRP active and standby routers for VLAN 100 and VLAN 200. R3 is the layer 2 switch and enabled trunk in fa1/1 and fa1/2 to allow traffic from R4 (VLAN-100 PC) and R6 (VLAN-200 PC) R1, R2 and R5 are in EIGRP 1 network and ip routing is enabling all routes including loopback of R5(5.5.5.5
GNS3 LAB FILES, SYSTEM AND NETWORKING: VIRTUALIZATION WITH It's difficult to test "Virtualization" if you don't have powerful server. But, you can test "Virtualization" using Sun Virtual Box. It means installation CentOS Linux server guest OS inside CentOS virtual machine using VirtualBox. GNS3 LAB FILES, SYSTEM AND NETWORKING: FEBRUARY 2011 This is the question from CCNP route exam which I got from Digitaltut. I have created as GNS3 file for practicing. There are three OSPF areas including Area 0 and one EIGRP AS 100 networks. GNS3 LAB FILES, SYSTEM AND NETWORKING: 2012 This is very simple GNS3 lab for understanding BGP community. There are only two routers R1 and R2 and R1 will send two prefix 11.11.11.11/32 and 111.111.111.111/32 GNS3 LAB FILES, SYSTEM AND NETWORKING: APRIL 2011 My collection of GNS3 lab files, system and networking resources GNS3 LAB FILES, SYSTEM AND NETWORKING: 2011 State is Active. 5 state changes, last state change 00:00:47. Virtual IP address is 10.2.1.254. Active virtual MAC address is 0000.0c07.ac0a. Local virtual MAC address is 0000.0c07.ac0a (v1 default) Hello time 3 sec, hold time 10 sec. Next hello sent in 0.116 secs. Preemption enabled. Active router is GNS3 LAB FILES, SYSTEM AND NETWORKING: HSRP WITH VLAN Here is brief description of lab topology. R1 and R2 are HSRP active and standby routers for VLAN 100 and VLAN 200. R3 is the layer 2 switch and enabled trunk in fa1/1 and fa1/2 to allow traffic from R4 (VLAN-100 PC) and R6 (VLAN-200 PC) R1, R2 and R5 are in EIGRP 1 network and ip routing is enabling all routes including loopback of R5(5.5.5.5
GNS3 LAB FILES, SYSTEM AND NETWORKING: HSRP WITH GNS3 As HSRP is available for load-balancing, I have amended my post with two HSRP groups. OK, below is lab topology diagram. R1 and R2 will be running as HSRP using two VIPs (192.168.1.10 and 192.168.1.20) PC1 will be using R2 (with default gateway 192.168.1.10) to reach 4.4.4.4 (R4's loopback). PC2 will be using R1 (with default gateway 192.168.1 GNS3 LAB FILES, SYSTEM AND NETWORKING: VRRP WITH GNS3 GNS3 Lab Files, System and Networking. Looking for practising VRRP with Packet tracer is impossible and I have tried with GNS3 as follow to understand more about VRRP. If you want to know more about VRRP for CCNP switching exam, follow the post. Here is lab diagram. R1 will be master and R2 will act as backup VRRP. GNS3 LAB FILES, SYSTEM AND NETWORKING: IPV6 GNS3 Lab Files, System and Networking: IPv6 - 6to4 Tunnels using IPv4 EIGRP routes. My collection of GNS3 lab files, system and networking resources. In this lab, configure all routers with IPV6 and IPV4 addresses and establish communication between R1 and R3 using IPv6to4 tunnelling. Objectives are as follows; (1) Configure EIGRP for IPV4. GNS3 LAB FILES, SYSTEM AND NETWORKING: EIGRP STUBS Four networks and R3 is for testing stub router. R1 routes: 2.0.0.0/32 is subnetted, 1 subnets D 2.2.2.2 via 10.2.3.2, 00:00:18,Serial1/0
GNS3 LAB FILES, SYSTEM AND NETWORKING: EIGRP & OSPF MUTUAL Myo Gyi About Me? Well,I have been working in IT field in couple of years mostly in networking, in house support and system administration. Currently, I'm working in Singapore and practicing GNS3 labs for my certifications. GNS3 LAB FILES, SYSTEM AND NETWORKING: JANUARY 2012 MPLS VPN with OSPF. Here is the lab from MPLS implementation book how to set up MPLS VPN using OSPF between CE and PE routers. Download the GNS3 file to practice from here. Download the completed GNS3 file from here. In Peer 1, configure OSPF to connect to Atlanta (PE1) router ospf 1. network 192.168.1.1 0.0.0.0 area 1. GNS3 LAB FILES, SYSTEM AND NETWORKING: 2011 State is Active. 5 state changes, last state change 00:00:47. Virtual IP address is 10.2.1.254. Active virtual MAC address is 0000.0c07.ac0a. Local virtual MAC address is 0000.0c07.ac0a (v1 default) Hello time 3 sec, hold time 10 sec. Next hello sent in 0.116 secs. Preemption enabled. Active router is GNS3 LAB FILES, SYSTEM AND NETWORKING: AUGUST 2011 - Network is running EIGRP routing to reach to other networks, 192.168.1.0, 172.16.1.0 and 172.16.2.0. GNS3 LAB FILES, SYSTEM AND NETWORKING: EIGRP REDISTRIBUTION This is the question from CCNP route exam which I got from Digitaltut. I have created as GNS3 file for practicing. There are three OSPF areas including Area 0 and one EIGRP AS 100 networks. GNS3 LAB FILES, SYSTEM AND NETWORKING My collection of GNS3 lab files, system and networking resources SATURDAY, FEBRUARY 4, 2012 SIMPLE BGP COMMUNITY LAB This is very simple GNS3 lab for understanding BGP community. There are only two routers R1 and R2 and R1 will send two prefix 11.11.11.11/32 and 111.111.111.111/32 11.11.11.11/32 will be appear in R2 with community value 100:111 and local pref 10000 while 111.111.111.111/32 will be shown with community value 100:1212 ( default local pref 100) and metric (MED) 150. Here is lab topology. Download lab files from here.
Download completed files from here.
Configure R1 and R2 with following IP address and establish EBGP asbelow.
IN R1,
interface Loopback0
ip address 11.11.11.11 255.255.255.255!
interface Loopback1
ip address 111.111.111.111 255.255.255.255!
interface FastEthernet0/0 ip address 192.168.1.1 255.255.255.0 -------------------------------router bgp 100
no synchronization
bgp router-id 1.1.1.1 neighbor 192.168.1.2 remote-as 200 --------------------------------------------------IN R2,
interface FastEthernet0/0 ip address 192.168.1.2 255.255.255.0-----------------
router bgp 200
bgp router-id 2.2.2.2 bgp log-neighbor-changes neighbor 192.168.1.1 remote-as 100 ------------------------------------------------------ Start configure bgp-community new format to allow in both routers asfollow;
IP BGP-COMMUNITY NEW-FORMAT ------------------------------------ Create the following route-map in R1 to send to R2. It means access list 1 prefix will set community (100:111) and access list 2 will be set 100:1212. Add final route map permit 20 as usual. route-map r2 permit 10match ip address 1
set community 100:111!
route-map r2 permit 15match ip address 2
set community 100:1212!
route-map r2 permit 20 ------------------------------------------ Create IP access list to permit 11.11.11.11/32 and 111.111.111.111/32as follow;
access-list 1 permit 11.11.11.11 access-list 2 permit 111.111.111.111 ------------------------------------------- Final step is to configure in BGP mode to announce these community values to R2 and announce two networks.router bgp 100
no synchronization
bgp router-id 1.1.1.1 bgp log-neighbor-changes network 11.11.11.11 mask 255.255.255.255 network 111.111.111.111 mask 255.255.255.255 neighbor 192.168.1.2 remote-as 200 neighbor 192.168.1.2 send-community neighbor 192.168.1.2 route-map r2 out ------------------------------------------------- Ok, here are the steps in R2 to capture the community values send from R1 and set different BGP attributes. Set ip community list exactly as from R1 in configuration mode. ip community-list 1 permit 100:111 ip community-list 2 permit 100:1212 Create route-map as follow ; route-map fromr1 permit 10match community 1
set local-preference 10000!
route-map fromr1 permit 15match community 2
set metric 150
!
route-map fromr1 permit 20 --------------------------------------------- Finally, apply these route-map to R1 in BGP configuration mode asfollow;
router bgp 200
no synchronization
bgp router-id 2.2.2.2 bgp log-neighbor-changes neighbor 192.168.1.1 remote-as 100 neighbor 192.168.1.1 route-map fromr1 in ---------------------------------------------------------- Clear ip bgp * in one of the router before checking bgp routes. Here is how to check the community value send from R1 in R2 as follow; R2#sh ip bgp 11.11.11.11 BGP routing table entry for 11.11.11.11/32, version 2 Paths: (1 available, best #1, table Default-IP-Routing-Table) Not advertised to any peer100
192.168.1.1 from 192.168.1.1 (1.1.1.1) Origin IGP, metric 0, localpref 10000, valid, external, best Community: 100:111 -------------------------------------- R2#sh ip bgp 111.111.111.111 BGP routing table entry for 111.111.111.111/32, version 3 Paths: (1 available, best #1, table Default-IP-Routing-Table) Not advertised to any peer100
192.168.1.1 from 192.168.1.1 (1.1.1.1) Origin IGP, metric 150, localpref 100, valid, external, best Community: 100:1212 Posted by Myo Gyi at 2:58 PM1 comments
Email This
BlogThis!
Share
to Twitter
Share
to Facebook
Share
to Pinterest
Labels: BGP
SUNDAY, JANUARY 22, 2012MPLS VPN WITH OSPF
Here is the lab from MPLS implementation book how to set up MPLS VPN using OSPF between CE and PE routers. Download the GNS3 file to practice from here.
Download the completed GNS3 file from here.
In Peer 1, configure OSPF to connect to Atlanta (PE1)router ospf 1
network 192.168.1.1 0.0.0.0 area 1 network 192.168.3.5 0.0.0.0 area 0 -------------------------------In Peer 2,
Peer2(config)#router ospf 1 Peer2(config-router)# network 192.168.2.1 0.0.0.0 area 1 Peer2(config-router)# network 192.168.3.10 0.0.0.0 area 0 ---------------------------------Altanta (PE1)
Atlanta(config)#int s0/0 Atlanta(config-if)#mpls ipAtlanta(config-if)#
-----------------------------Core router,
Core(config)#int s0/1 Core(config-if)#mpls ip Core(config-if)#int s0/0 Core(config-if)#mpls ip ------------------------------ Raleigh (PE2) router, Raleigh(config)#int s1/3 Raleigh(config-if)#mpls ip --------------------------------- Configure IGP (RIP - v2) in MPLS network as follow.router rip
version 2
network 204.134.83.0-------------
MPLS LDP neighbours are up as follows in Core router. Core(config-router)# *Mar 1 00:33:43.787: %LDP-5-NBRCHG: LDP Neighbor 204.134.83.1:0 (1)is UP
Core(config-router)# *Mar 1 00:33:53.147: %LDP-5-NBRCHG: LDP Neighbor 204.134.83.3:0 (2)is UP
Core(config-router)# ----------------------------- Checking MPLS neighbour in Atlanta as follow; Atlanta#sh mpls ldp neighbor Peer LDP Ident: 204.134.83.2:0; Local LDP Ident 204.134.83.1:0 TCP connection: 204.134.83.2.55476 - 204.134.83.1.646 State: Oper; Msgs sent/rcvd: 10/9; Downstream Up time: 00:01:05 LDP discovery sources: Serial0/0, Src IP addr: 204.134.83.6 Addresses bound to peer LDP Ident: 204.134.83.9 204.134.83.6 204.134.83.2 ----------------------In Core router,
Core#sh mpls ldp neighbor Peer LDP Ident: 204.134.83.1:0; Local LDP Ident 204.134.83.2:0 TCP connection: 204.134.83.1.646 - 204.134.83.2.55476 State: Oper; Msgs sent/rcvd: 10/11; Downstream Up time: 00:01:50 LDP discovery sources: Serial0/1, Src IP addr: 204.134.83.5 Addresses bound to peer LDP Ident: 204.134.83.5 192.168.3.6 204.134.83.1 Peer LDP Ident: 204.134.83.3:0; Local LDP Ident 204.134.83.2:0 TCP connection: 204.134.83.3.23917 - 204.134.83.2.646 State: Oper; Msgs sent/rcvd: 10/10; Downstream Up time: 00:01:41 LDP discovery sources: Serial0/0, Src IP addr: 204.134.83.10 Addresses bound to peer LDP Ident: 192.168.3.9 204.134.83.10 204.134.83.3 -------------------------------------- MPLS forwarding table in Core router is as follow; Core#sh mpls forwarding-table Local Outgoing Prefix Bytes tag OutgoingNext Hop
tag tag or VC or Tunnel Id switched interface 16 Pop tag 204.134.83.1/32 0 Se0/1point2point
17 Pop tag 204.134.83.3/32 0 Se0/0point2point
--------------------------- Configure IBGP between two PE routers (Atlanta and Raleigh) asfollows;
Atlanta(config)#router bgp 65000 Atlanta(config-router)# no synchronization Atlanta(config-router)# bgp log-neighbor-changes Atlanta(config-router)# neighbor 204.134.83.3 remote-as 65000 Atlanta(config-router)# neighbor 204.134.83.3 update-source Loopback0 Atlanta(config-router)# neighbor 204.134.83.3 next-hop-self Atlanta(config-router)# no auto-summary Atlanta(config-router)# ------------------------------------ Raleigh(config)#router bgp 65000 Raleigh(config-router)# no synchronization Raleigh(config-router)# bgp log-neighbor-changes Raleigh(config-router)# neighbor 204.134.83.1 remote-as 65000 Raleigh(config-router)# neighbor 204.134.83.1 update-source Loopback0 Raleigh(config-router)# neighbor 204.134.83.1 next-hop-self Raleigh(config-router)# no auto-summary------------------
IBGP is up message will see in console as follows; Raleigh(config-router)# *Mar 1 00:39:18.179: %BGP-5-ADJCHANGE: neighbor 204.134.83.1 Up ---------------------- Now, it's time to configure VRF routing. Atlanta(config)#ip vrf peer_vpn Atlanta(config-vrf)#rd 50:1 Atlanta(config-vrf)#route-target both 50:1----------------
Raleigh(config)#ip vrf peer_vpn Raleigh(config-vrf)#rd 50:1 Raleigh(config-vrf)#route-target both 50:1---------------
Try to associate the interface connected to CE1 (Peer1) with vrf peer_vpn as follow; IP address defined in s0/1 will removed due to VRF and need to configure again. Atlanta(config)#int s0/1 Atlanta(config-if)#ip vrf forwarding peer_vpn % Interface Serial0/1 IP address 192.168.3.6 removed due to enablingVRF peer_vpn
Atlanta(config-if)#ip address 192.168.3.6 255.255.255.252------------------
Raleigh(config)#int s0/1 Raleigh(config-if)#ip vrf forwarding peer_vpn % Interface Serial0/1 IP address 192.168.3.9 removed due to enablingVRF peer_vpn
Raleigh(config-if)#ip address 192.168.3.9 255.255.255.252 --------------------------- Activate VPNV4 between PE1 and PE2 as follow inside BGP configuration. Atlanta(config)#router bgp 65000 Atlanta(config-router)# address-family vpnv4 Atlanta(config-router-af)#neighbor 204.134.83.3 activate *Mar 1 00:50:16.979: %BGP-5-ADJCHANGE: neighbor 204.134.83.3 Down Address family activated Atlanta(config-router-af)#neighbor 204.134.83.3 send-community both ----------------------------------------------- Raleigh(config)#router bgp 65000 Raleigh(config-router)# address-family vpnv4 Raleigh(config-router-af)# neighbor 204.134.83.1 activate Raleigh(config-router-af)# neighbor 204.134.83.1 send-community both Raleigh(config-router-af)# *Mar 1 00:51:38.747: %BGP-5-ADJCHANGE: neighbor 204.134.83.1 Down Address family activated Raleigh(config-router-af)# *Mar 1 00:51:40.855: %BGP-5-ADJCHANGE: neighbor 204.134.83.1 Up ------------------------------------ Redistribution between MPLS IBGP (Core) and CE router's OSPF back tocore as follows;
First, let's do restribution from BGP to CE's OSPF network.----
Atlanta(config)#router ospf 1 vrf peer_vpn Atlanta(config-router)#redistribute bgp 65000 subnets Atlanta(config-router)#network 192.168.3.6 0.0.0.0 area 0 Atlanta(config-router)# *Mar 1 00:57:26.567: %OSPF-5-ADJCHG: Process 1, Nbr 192.168.10.1 on Serial0/1 from LOADING to FULL, Loading Done ---------------------------------- Raleigh(config)#router ospf 1 vrf peer_vpn Raleigh(config-router)#redistribute bgp 65000 subnets Raleigh(config-router)#network 192.168.3.9 0.0.0.0 area 0 Raleigh(config-router)# *Mar 1 01:00:01.031: %OSPF-5-ADJCHG: Process 1, Nbr 192.168.2.1 on Serial0/1 from LOADING to FULL, Loading Done ------------------------------------- Finally, redistribute from OSPF to MPLS BGP as follows. Atlanta(config)#router bgp 65000 Atlanta(config-router)#address-family ipv4 vrf peer_vpn Atlanta(config-router-af)#redistribute ospf 1 vrf peer_vpn Atlanta(config-router-af)#no sync Atlanta(config-router-af)#no synchronization ------------------------------- Raleigh(config)#router bgp 65000 Raleigh(config-router)#address-family ipv4 vrf peer_vpn Raleigh(config-router-af)#redistribute ospf 1 vrf peer_vpn Raleigh(config-router-af)#no synchronization --------------------------------- Let's check in CE1 router (Peer1) whether it can reach to other endPeer2.
Peer1#sh ip route
192.168.10.0/32 is subnetted, 1 subnets C 192.168.10.1 is directly connected, Loopback1 C 192.168.1.0/24 is directly connected, Loopback0 192.168.2.0/32 is subnetted, 1 subnets O IA 192.168.2.1 via 192.168.3.6, 00:00:27, Serial0/0 192.168.3.0/30 is subnetted, 2 subnets O IA 192.168.3.8 via 192.168.3.6, 00:00:27, Serial0/0 C 192.168.3.4 is directly connected, Serial0/0 ---------------------------- Ping to 192.168.2.1 from Peer1 can reach to MPLS network as follow; Peer1#ping 192.168.2.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.2.1, timeout is 2 seconds:!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/33/64ms
Peer1#
-------------------------- Checking vrf routeing table in Atlanta (PE1) as follow; Atlanta#sh ip route vrf peer_vpn 192.168.1.0/32 is subnetted, 1 subnets O IA 192.168.1.1 via 192.168.3.5, 00:11:37, Serial0/1 192.168.2.0/32 is subnetted, 1 subnets B 192.168.2.1 via 204.134.83.3, 00:03:30 192.168.3.0/30 is subnetted, 2 subnets B 192.168.3.8 via 204.134.83.3, 00:03:30 C 192.168.3.4 is directly connected, Serial0/1 -------------------------------------- But, in core router, it's only appearing IGP route as follow.CORE#SH IP ROUTE
204.134.83.0/24 is variably subnetted, 5 subnets, 2 masks C 204.134.83.8/30 is directly connected, Serial0/0 R 204.134.83.1/32 via 204.134.83.5, 00:00:04,Serial0/1
R 204.134.83.3/32 via 204.134.83.10, 00:00:03,Serial0/0
C 204.134.83.2/32 is directly connected, Loopback0 C 204.134.83.4/30 is directly connected, Serial0/1 ----------------------------------------- What about in PE2 router (Raleigh), RALEIGH#SH IP ROUTE VRF PEER_VPN 192.168.1.0/32 is subnetted, 1 subnets B 192.168.1.1 via 204.134.83.1, 00:08:29 192.168.2.0/32 is subnetted, 1 subnets O IA 192.168.2.1 via 192.168.3.10, 00:12:21, Serial0/1 192.168.3.0/30 is subnetted, 2 subnets C 192.168.3.8 is directly connected, Serial0/1 B 192.168.3.4 via 204.134.83.1, 00:08:29 -------------------------------------------------------------------------------- Let's traceroute from CE1 to CE2; PEER1#TRACEROUTE 192.168.2.1 Type escape sequence to abort. Tracing the route to 192.168.2.1 1 192.168.3.6 4 msec 16 msec 4 msec 2 204.134.83.6 4 msec 36 msec 4 msec 3 192.168.3.9 24 msec 32 msec 4 msec 4 192.168.3.10 20 msec * 48 msec -------------------------------------------------- Check the ldp in Core network. CORE#SH MPLS FORWARDING-TABLE Local Outgoing Prefix Bytes tag OutgoingNext Hop
tag tag or VC or Tunnel Id switched interface 16 Pop tag 204.134.83.1/32 7587 Se0/1point2point
17 Pop tag 204.134.83.3/32 5020 Se0/0point2point
------------------------------------------------- RALEIGH#SH MPLS FORWARDING-TABLE Local Outgoing Prefix Bytes tag OutgoingNext Hop
tag tag or VC or Tunnel Id switched interface 16 16 204.134.83.1/32 0 Se1/3point2point
17 Pop tag 204.134.83.2/32 0 Se1/3point2point
18 Pop tag 204.134.83.4/30 0 Se1/3point2point
19 Untagged 192.168.2.1/32 1144 Se0/1point2point
20 Aggregate 192.168.3.8/30 0 ------------------------------------------------------ Here is the brief, Core route don't know both 192.168.1.x and 2.x network. It only use label and tag in MPLS network. From Peer2 to Peer1, check as follow. PEER2#TRACEROUTE 192.168.1.1 1 192.168.3.9 4 msec 28 msec 4 msec 2 204.134.83.9 24 msec 24 msec 24 msec 3 192.168.3.6 28 msec 20 msec 4 msec 4 192.168.3.5 24 msec * 40 msec Posted by Myo Gyi at 8:08 PM5
comments
Email This
BlogThis!
Share
to Twitter
Share
to Facebook
Share
to Pinterest
Labels: MPLS
TUESDAY, JANUARY 3, 2012 LINUX IPTABLES ROUTING (SNAT, MASQUERADE, DNAT) USING WITH THREE CENTOS SUN VIRTUAL GUESTS I am playing ip routing in Linux using CentOS OS with Sun VirtualBox after learning routing with Cisco router. If you are interested in Linux routing using iptables with VirtualBox, please keep reading. Check below diagram before start. First download Sun VirtualBOX CentOS 5.7 base image from http://sourceforge.net/projects/virtualboximage/files/CentOS/5.7/CentOS-5.7-i386.7z/download Username is root and password is reverse. Extract 7zip file into folder. Double click the "CentOS 5.7" virtualbox definition file which will load the image file in SunVirtualBox OS.
Before loading the OS, change network adapter type from "NAT" to "Internal" to separate from Host to Guest OSs. Here are the configuration of three network cards from CentOS1 Configure eth0 as Internal Network and it will connect to CentOS2'seth0.
_cat /etc/sysconfig/network-scripts/ifcfg-eth0_DEVICE=eth0
BOOTPROTO=static
HWADDR=08:00:27:AE:36:99ONBOOT=yes
HOSTNAME=centos57
IPADDR=192.168.10.1
NETMASK=255.255.255.0---------------
Configure eth1 as "NAT" as this will be connect to Host OS and then toInternet.
_ cat /etc/sysconfig/network-scripts/ifcfg-eth1_DEVICE=eth1
BOOTPROTO=dhcp
HWADDR=08:00:27:42:79:DFONBOOT=yes
HOSTNAME=centos57
-------------------- Configure eth2 as "Host Only" as this will be connected to Host OS fortesting DNAT.
_cat /etc/sysconfig/network-scripts/ifcfg-eth2_DEVICE=eth2
BOOTPROTO=dhcp
HWADDR=08:00:27:73:EE:17ONBOOT=yes
HOSTNAME=centos57
--------------------------------------------- Routing table of CentOS1 will be as below.# route -n
Kernel IP routing table Destination Gateway Genmask Flags MetricRef Use Iface
192.168.20.0 192.168.10.2 255.255.255.0 UG 00 0 eth0
10.0.3.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 192.168.10.0 0.0.0.0 255.255.255.0 U 00 0 eth0
192.168.56.0 0.0.0.0 255.255.255.0 U 00 0 eth2
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth2 0.0.0.0 10.0.3.2 0.0.0.0 UG 0 0 0 eth1--------------
The default route is 10.0.3.2 which is the NAT (network adaptor)'s default gateway. The IP address of eth1 (to Internet) is getting IP from VirtualBox's DHCP server and it's 10.0.3.15 as below. eth0 Link encap:Ethernet HWaddr 08:00:27:AE:36:99 inet addr:192.168.10.1 Bcast:192.168.10.255Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:519 errors:0 dropped:0 overruns:0 frame:0 TX packets:394 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:61152 (59.7 KiB) TX bytes:58765 (57.3 KiB) eth1 Link encap:Ethernet HWaddr 08:00:27:42:79:DF inet addr:10.0.3.15 Bcast:10.0.3.255Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:178 errors:0 dropped:0 overruns:0 frame:0 TX packets:198 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:46726 (45.6 KiB) TX bytes:15718 (15.3 KiB) eth2 Link encap:Ethernet HWaddr 08:00:27:73:EE:17 inet addr:192.168.56.101 Bcast:192.168.56.255Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:405 errors:0 dropped:0 overruns:0 frame:0 TX packets:291 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:41142 (40.1 KiB) TX bytes:42926 (41.9 KiB) ------------------------------ Create iptables file in /etc/sysconfig directory as follow for NATing*filter
:INPUT ACCEPT
:FORWARD ACCEPT
:OUTPUT ACCEPT
COMMIT
*nat
-A POSTROUTING -s 192.168.20.0/24 -j SNAT -o eth1 --to-source10.0.3.15
-A POSTROUTING -s 192.168.10.0/24 -j SNAT -o eth1 --to-source10.0.3.15
COMMIT
--------------------------- Two tables; filter and nat have created as above. Filtering table allow all from inbound, outbound and forwarding. For NAT table, add two POSTROUTING to do NATing 192.168.10.x and 192.168.20.x using destination address of eth1 (10.0.3.15) ----------------------------- Load next CentOS2 in VirtualBox with the following configuration. cat /etc/sysconfig/network-scripts/ifcfg-eth0 # Intel Corporation 82540EM Gigabit Ethernet ControllerDEVICE=eth0
BOOTPROTO=static
HWADDR=08:00:27:64:2F:C0ONBOOT=yes
HOSTNAME=centos57-min2IPADDR=192.168.20.1
NETMASK=255.255.255.0 GATEWAY=192.168.10.1 -------------------- cat /etc/sysconfig/network-scripts/ifcfg-eth1 # Intel Corporation 82540EM Gigabit Ethernet ControllerDEVICE=eth1
BOOTPROTO=static
HWADDR=08:00:27:37:B1:CFONBOOT=yes
HOSTNAME=centos57-min2IPADDR=192.168.10.2
NETMASK=255.255.255.0 GATEWAY=192.168.10.1 ----------------------- Enable IP forwarding as below. IP forwarding need to able to route packet from CentOS3 to CentOS1 to Internet through CentOS2. Edit /etc/sysctl.conf and change net.ipv4.ip_forward=0 to 1. # Controls IP packet forwarding net.ipv4.ip_forward = 1--------------
Routing table of CentOS2 will be looks like below. Kernel IP routing table Destination Gateway Genmask Flags MetricRef Use Iface
192.168.20.0 0.0.0.0 255.255.255.0 U 00 0 eth0
192.168.10.0 0.0.0.0 255.255.255.0 U 00 0 eth1
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth1 0.0.0.0 192.168.10.1 0.0.0.0 UG 0 0 0 eth1 ------------------------------ Create another CentOS3 as follow. eth0 Link encap:Ethernet HWaddr 08:00:27:88:81:74 inet addr:192.168.20.2 Bcast:192.168.20.255Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:1655 errors:0 dropped:0 overruns:0 frame:0 TX packets:2028 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:194793 (190.2 KiB) TX bytes:217249 (212.1KiB)
eth1 Link encap:Ethernet HWaddr 08:00:27:59:A8:F0 inet addr:192.168.30.1 Bcast:192.168.30.255Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:19 errors:0 dropped:0 overruns:0 frame:0 TX packets:5 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:1140 (1.1 KiB) TX bytes:210 (210.0 b)---------------
cat /etc/sysconfig/network-scripts/ifcfg-eth0 # Intel Corporation 82540EM Gigabit Ethernet ControllerDEVICE=eth0
BOOTPROTO=static
HWADDR=08:00:27:88:81:74ONBOOT=yes
HOSTNAME=centos57-min2IPADDR=192.168.20.2
NETMASK=255.255.255.0 GATEWAY=192.168.20.1 ----------------------------- cat /etc/sysconfig/network-scripts/ifcfg-eth1 # Intel Corporation 82540EM Gigabit Ethernet ControllerDEVICE=eth1
BOOTPROTO=static
HWADDR=08:00:27:59:A8:F0ONBOOT=yes
HOSTNAME=centos57-min2IPADDR=192.168.30.1
NETMASK=255.255.255.0 -------------------------- Routing table will be looks like below. Kernel IP routing table Destination Gateway Genmask Flags MetricRef Use Iface
192.168.20.0 0.0.0.0 255.255.255.0 U 00 0 eth0
192.168.30.0 0.0.0.0 255.255.255.0 U 00 0 eth1
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth1 0.0.0.0 192.168.20.1 0.0.0.0 UG 0 0 0 eth0--------------
Ping to 192.168.10.2 and 192.168.10.1. Ping to 192.168.10.2 will get replies but will failed in 192.168.10.1 as CentOS1 doesn't know about 192.168.20.x network yet. This can be done by adding the permanent routing in CentOS1 as follow. To reach to 192.168.20.x network from CentOS1, create a file called route-eth0 and add the below line. 192.168.20.0/24 via 192.168.10.2 Save and restart the "network" service. Try to ping from CentOS3 to 192.168.10.1. Ping will success and able to reach Internet as well. Tracerouteing to Internet will get through as below. traceroute www.google.com traceroute to www.google.com (74.125.235.48), 30 hops max, 40 bytepackets
1 192.168.20.1 (192.168.20.1) 1.429 ms 1.218 ms 0.922 ms 2 192.168.10.1 (192.168.10.1) 2.296 ms 2.220 ms 2.163 ms-------------------
In CentOS1, try to replace the following two NAT rules (comment out) with the new one as below. -A POSTROUTING -s 192.168.20.0/24 -j SNAT -o eth1 --to-source10.0.3.15
-A POSTROUTING -s 192.168.10.0/24 -j SNAT -o eth1 --to-source10.0.3.15
Replace with;
-A POSTROUTING -o eth1 -j MASQUERADE Save and restart iptables "_service iptables restart_". Check whether CentOS3 still able to ping Internet or not. MASQUERADE will allow all internal private IP address by NATing and get through Internet. But, it's not recommend to use if there are two or more Internet facing interfaces as it will use only first one. For more info, please read in http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch03_:_Linux_Networking --------------------- To test DNAT, we have added third network interface in CentOS1 called eth2 (192.168.56.x). The point is if your PC (host) browse to the IP address (192.168.56.101) which is the IP address of eth2, it will redirect to the IP address of CentOS3 which will be loading as web server. To do this, install http server in CentOS3 as follow.yum install httpd
After all completed, change the configuration as follow. nano -w /etc/httpd/conf/httpd.conf Change the value Listen localhost:80 to Listen 192.168.20.2:80 Restart the httpd service. Add the following rule under NAT table of CentOS1's iptable. -A PREROUTING -d 192.168.56.101 -j DNAT -i eth2 --to-destination192.168.20.2
Restart the iptables in CentOS1. Try to browse http://192.168.56.101 from your PC's browser and you will see the website loaded in CentOS3. Posted by Myo Gyi at 11:30 PM0 comments
Email This
BlogThis!
Share
to Twitter
Share
to Facebook
Share
to Pinterest
Labels: DNAT ,
iptables , SNAT
SATURDAY, OCTOBER 29, 2011 CCNP TSHOOT - TICKET 10 The problem state that DSW1 and DSW2 are configured as HSRP routes and DSW1 should be active router but instead, currently DSW2 is active. Let's check DSW1's HSRP configuration.DSW1#SH STANDBY
Vlan10 - Group 10
State is Standby
4 state changes, last state change 00:02:07 Virtual IP address is 10.2.1.254 Active virtual MAC address is 0000.0c07.ac0a Local virtual MAC address is 0000.0c07.ac0a (v1 default) Hello time 3 sec, hold time 10 sec Next hello sent in 1.772 secsPreemption enabled
Active router is 10.2.1.2, priority 100 (expires in 7.736 sec) Standby router is local Priority 90 (configured 150) Track object 1 state Down decrement 60 IP redundancy name is "hsrp-Vl10-10" (default) Yes, DSW1 is currently standby and not active router. Active router is 10.2.1.2 which is DSW2. Let's check more detail of DSW1's HSRP configuration in VLAN 10. DSW1#SH RUN INT VLAN 10 Building configuration... Current configuration : 191 bytes!
interface Vlan10
ip address 10.2.1.1 255.255.255.0 ip helper-address 10.1.4.5 standby 10 ip 10.2.1.254 standby 10 priority 150standby 10 preempt
standby 10 track 1 decrement 60end
--------------------------------------- Pay attention to "standby 10 track 1 decrement 60" which means it need to check more on "Track 1". Let's check more from running-config. DSW1#SH RUN | BEGIN TRACK track 1 ip route 4.4.4.1 255.255.255.255 metric threshold threshold metric up 1 down 2!
track 10 ip route 4.4.4.4 255.255.255.255 metric threshold threshold metric up 111 down 112 ----------------------- Two track objects are configured; track1 and track 10. Tracking objects are tracking to ip reachable to ip 4.4.4.4 which is theloopback IP of R4.
METRIC THRESHOLD MEANS IF IT'S REACHABLE, DEFAULT "UP" VALUE IS 254 AND "DOWN" VALUE IS 255 So, current DSW1 track object is 1 and it's tracking route to 4.4.4.1 which is unavailable. That's why, current DSW1's priority value will be (150 - 60 = 90) which is lower than the DSW2, which has defaultvalue 100.
It's mentioned in DSW1 's "sh standby" output. Priority 90 (configured 150) Track object 1 state Down decrement 60 IP redundancy name is "hsrp-Vl10-10" (default) ------------------------------------------------------ To fix it, change standby 10 track 1 decrement 60 DSW1's interfacevlan 10 as follow.
DSW1(config)#int vlan 10 DSW1(config-if)#no standby 10 track 1 decrement 60 DSW1(config-if)#standby 10 track 10 decrement 60------------------
Check again in DSW1 whether it's active or notDSW1#SH STANDBY
Vlan10 - Group 10
STATE IS ACTIVE
5 state changes, last state change 00:00:47 Virtual IP address is 10.2.1.254 Active virtual MAC address is 0000.0c07.ac0a Local virtual MAC address is 0000.0c07.ac0a (v1 default) Hello time 3 sec, hold time 10 sec Next hello sent in 0.116 secsPreemption enabled
Active router is local Standby router is 10.2.1.2, priority 100 (expires in 8.184 sec) Priority 150 (configured 150) Track object 10 state Up decrement 60 IP redundancy name is "hsrp-Vl10-10" (default) Posted by Myo Gyi at 11:58 AM12
comments
Email This
BlogThis!
Share
to Twitter
Share
to Facebook
Share
to Pinterest
Labels: Tshoot
CCNP TSHOOT - TICKET 9 The problem state that R4 and DSW1 can't ping to R2's loopback IPV6 address (FEC0::2:2) or (Serial1/0.12's 2026::12:2). Let's check from DSW1 first. Both failed as shown below. DSW1#PING IPV6 2026::12:2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 2026::12:2, timeout is 2 seconds:.....
Success rate is 0 percent (0/5) DSW1#PING IPV6 FEC0::2:2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to FEC0::2:2, timeout is 2 seconds:.....
Success rate is 0 percent (0/5) ------------------------------------------ Check R2's IPV6 address to be sure whether they are up or not. R2#SH IPV6 INT BRIEF FastEthernet0/0 FastEthernet0/1 Serial1/0 Serial1/0.12 FE80::CE00:4FF:FE4C:02026::12:2
Serial1/0.23 FE80::CE00:4FF:FE4C:02026::1:1
Serial1/1 Serial1/2 Serial1/3 Loopback2 FE80::CE00:4FF:FE4C:0FEC0::2:2
---------------------------------------- Check OSPF IPV6 neighbour using "sh ipv6 ospf neighbor". One neighbour found with R1 but not with R3. R2#sh ipv6 ospf neighbor Neighbor ID Pri State Dead Time InterfaceID Interface
1.1.1.1 1 FULL/ - 00:00:37 13 Serial1/0.12 Check the interface configuration connected to R3 which is s1/0.23. No OSPV3 configuration has configured. R2#SH RUN INT S1/0.23 Building configuration... Current configuration : 145 bytes!
interface Serial1/0.23 point-to-point ip address 10.1.1.5 255.255.255.252 ipv6 address 2026::1:1/122 frame-relay interface-dlci 203end
To be sure, double check again in the interface connected with R1. R2#SH RUN INT S1/0.12 Building configuration... Current configuration : 245 bytes!
interface Serial1/0.12 point-to-point ip address 10.1.1.2 255.255.255.252 ip ospf authentication message-digest ip ospf message-digest-key 1 md5 nass ipv6 address 2026::12:2/122IPV6 OSPF 6 AREA 12
frame-relay interface-dlci 201end
------------------------------------------------- Missing configuration is "ipv6 ospf 6 area 0" which is the one needed to configured to be in OSPF V3 area 0. Let's configure in R1 and ping again from DSW1. As soon as correct configuration completed, R2 is formed neighbour with R3 as shownbelow.
R2(config)#interface Serial1/0.23 R2(CONFIG-SUBIF)#IPV6 OSPF 6 AREA 0R2(config-subif)#^Z
R2#
*Mar 1 00:16:48.055: %OSPFv3-5-ADJCHG: Process 6, Nbr 3.3.3.3 on Serial1/0.23 from LOADING to FULL, Loading Done *Mar 1 00:16:49.435: %SYS-5-CONFIG_I: Configured from console byconsole
R2#
Ping to R2 from DSW1 again as follow. DSW1#ping ipv6 FEC0::2:2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to FEC0::2:2, timeout is 2 seconds:!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 72/109/156ms
DSW1#ping ipv6 2026::12:2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 2026::12:2, timeout is 2 seconds:!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 52/83/108ms
DSW1#
Posted by Myo Gyi at 11:03 AM1
comments
Email This
BlogThis!
Share
to Twitter
Share
to Facebook
Share
to Pinterest
Labels: Tshoot
FRIDAY, OCTOBER 28, 2011 CCNP TSHOOT - TICKET 8Check from Client1.
CLIENT1#SH IP INT BRIEF Interface IP-Address OK? Method Status Protocol FastEthernet0/0 10.2.1.3 YES DHCP up up FastEthernet0/1 unassigned YES NVRAM administratively down down IP address 10.2.1.3 has assigned. Next step is start ping to 10.1.1.1 CLIENT1#PING 10.1.1.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.1.1.1, timeout is 2 seconds:U.U.U
Success rate is 0 percent (0/5) Ping failed to reach 10.1.1.1 ----------------------- Try ping to 10.1.4.5 (R4). CLIENT1#PING 10.1.4.5 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.1.4.5, timeout is 2 seconds:!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 32/55/80ms
Ping reach to 10.1.4.5 but failed in R4's exit point 10.1.1.10 HERE ARE THE POSSIBLE CAUSE. - ROUTE REDISTRIBUTION FROM OSPF TO EIGRP - WRONG EIGRP AS NUMBER Let's check in R4 first. Check EIGRP neighbour first. Font two neighbours, DSW1 and DSW2. So, R4's EIGRP is working well. R4#SH IP EIGRP NEIGHBORS IP-EIGRP neighbors for process 10 H Address Interface Hold Uptime SRTT RTO Q Seq (sec) (ms) Cnt Num 1 10.1.4.10 FA0/1 14 00:10:20 72 432 0 22 0 10.1.4.6 FA0/0 11 00:10:26 39 234 0 19 -------------------------- Check OSPF neighbour again and it's also working well with R3. R4#SH IP OSPF NEIGHBOR NEIGHBOR ID PRI STATE DEAD TIME ADDRESSINTERFACE
3.3.3.3 0 FULL/ - 00:00:39 10.1.1.9 SERIAL1/0.34---------------
Check routing table again. Gateway of last resort is 10.1.1.9 to network 0.0.0.0 4.0.0.0/32 is subnetted, 1 subnets C 4.4.4.4 is directly connected, Loopback4 10.0.0.0/8 is variably subnetted, 6 subnets, 2 masks D 10.2.4.12/30 via 10.1.4.10, 00:12:29,FastEthernet0/1
via 10.1.4.6, 00:12:29,FastEthernet0/0
C 10.1.1.8/30 is directly connected, Serial1/0.34 C 10.1.4.8/30 is directly connected, FastEthernet0/1 D 10.2.1.0/24 via 10.1.4.10, 00:12:29,FastEthernet0/1
via 10.1.4.6, 00:12:30,FastEthernet0/0
D 10.2.2.0/24 via 10.1.4.10, 00:12:30,FastEthernet0/1
via 10.1.4.6, 00:12:30,FastEthernet0/0
C 10.1.4.4/30 is directly connected, FastEthernet0/0 O*IA 0.0.0.0/0 via 10.1.1.9, 00:11:25, Serial1/0.34----------------
None of the following networks are appearing in R4 but all can be reach via serial1.0.34 as OSPF is configured with NSSA, only default route is appearing in routing table. 10.1.1.8/30, 10.1.1.4/30 and 10.1.1.0/30 It can conclude that there is problem in redistribution routes. Check how the default route is appearing in routing table. 10.1.1.9 can be reach from 3.3.3.3 but no route-map is appearing in defaultroute 0.0.0.0
R4#SH IP ROUTE 0.0.0.0 Routing entry for 0.0.0.0/0, supernet Known via "ospf 1", distance 110, metric 65, candidate default path, type inter area Redistributing via eigrp 10 Last update from 10.1.1.9 on Serial1/0.34, 00:14:56 ago Routing Descriptor Blocks: * 10.1.1.9, from 3.3.3.3, 00:14:56 ago, via Serial1/0.34 Route metric is 65, traffic share count is 1 ------------------------------- It's time to check running config of R4 for redistribution. Here is R4's EIGRP process. It is redistributed route from OSPF with route mapnamed "EIGRP->OSPF.
router eigrp 10
redistribute ospf 1 route-map EIGRP->OSPF network 10.1.4.4 0.0.0.3 network 10.1.4.8 0.0.0.3no auto-summary
Let's check route map EIGRP->OSPF in details. route-map EIGRP_OSPF permit 10 set metric 102400 1000 128 1 1500set tag 10
---------------
Finally, it's because of wrong route map named "EIGRP_OSPF" Changed to correct route map name and check routing table again. R4(config)#router eigrp 10 R4(config-router)#no redistribute ospf 1 route-map EIGRP->OSPF R4(config-router)#redistribute ospf 1 route-map EIGRP_OSPF R4(config-router)#^Z ------------------------------------ R4#sh ip route 0.0.0.0 Routing entry for 0.0.0.0/0, supernet Known via "ospf 1", distance 110, metric 65, candidate default path, type inter area Redistributing via eigrp 10 Advertised by eigrp 10 route-map EIGRP_OSPF Last update from 10.1.1.9 on Serial1/0.34, 00:20:56 ago Routing Descriptor Blocks: * 10.1.1.9, from 3.3.3.3, 00:20:56 ago, via Serial1/0.34 Route metric is 65, traffic share count is 1-------------
Checking route to 0.0.0.0 (default route) is showing now that it's advertised by route-map EIGRP_OSPF. So, the fault device is R4 in route redistribution and can fix by changing the route-map name. Posted by Myo Gyi at 10:13 PM1
comments
Email This
BlogThis!
Share
to Twitter
Share
to Facebook
Share
to Pinterest
Labels: Tshoot
THURSDAY, OCTOBER 27, 2011 CCNP TSHOOT - TICKET 7 Client1#sh ip int brief Interface IP-Address OK? Method Status Protocol FastEthernet0/0 unassigned YES DHCP up up FastEthernet0/1 unassigned YES NVRAM administratively down down------------------
No IP address has assigned to Client1. Check trunk status in ASW1.ASW1#SH INT TRUNK
Port Mode Encapsulation StatusNative vlan
Po4 on 802.1q trunking 1 Po5 on 802.1q trunking 1 Port Vlans allowed on trunkPo4 1-1005
Po5 1-1005
Port Vlans allowed and active in management domain Po4 1,10,20 Po5 1,10,20 Port Vlans in spanning tree forwarding state and not pruned Po4 1,10,20 Po5 1,10,20 ---------------------- Trunks are properly configured. Check access vlan in ASW1 again for fa1/0 as follow. interface FastEthernet1/0 switchport access vlan 10!
interface FastEthernet1/1 switchport access vlan 10 --------------------- Port fa1/0 has assigned with correct VLAN 10. So, it's working well. So, let's move to DSW1 switch. Check EIGRP neighours relationshipfirst as follow.
DSW1#SH IP EIGRP NEIGHBORS IP-EIGRP neighbors for process 10 H Address Interface Hold Uptime SRTT RTO Q Seq (sec) (ms) Cnt Num 2 10.2.2.1 Vl20 12 00:04:41 65 390 0 14 1 10.2.1.2 Vl10 12 00:04:41 72 432 0 15 0 10.2.4.14 Fa1/13 12 00:05:12 741 4446 0 13---------------
Check carefully, network connected to R2, 10.1.4.X are not appearning in neighbours list. So, let's move to R4 to check it's EIGRPHere is the result.
R4#sh ip eigrp neighbors IP-EIGRP NEIGHBORS FOR PROCESS 1 The whole lab's EIGRP AS is 10 and it's not 1. So, the problem is inR4's EIGRP process.
Change back to EIGRP process from 1 to 10 in R4 will solve theproblem.
The main cause of why Client1 not getting IP is, there is broken connection between DSW1 and R4's EIGRP process. So, the error device is R4, EIGRP process, and can be fixed by changing EIGRP AS from 1 to 10.---------------
Trying to ping from Client 1 to Web server 209.65.200.241 will fail because of missing EIGRP routes in OSPF network. So, only from R4 can reach and none of the devices behind R4 can't reach to OSPF andoutside network.
To fix it, redistribute EIGRP (AS 10) routes to OSPF network in R4 asfollow;
router ospf 1
redistribute eigrp 10 subnets Posted by Myo Gyi at 7:30 PM9
comments
Email This
BlogThis!
Share
to Twitter
Share
to Facebook
Share
to Pinterest
Labels: Tshoot
Older Posts
Home
Subscribe to: Posts (Atom)* Tshoot (10)
* EIGRP (4)
* OSPF (3)
* BGP (2)
* HSRP (2)
* Route Redistribution(2)
* DNAT (1)
* EBGP multi-hop
(1)
* EIGRP Stub
(1)
* Frame Relay
(1)
* GLBP (1)
* Hub Spoke
(1)
* IPSec (1)
* MPLS (1)
* NSSA (1)
* OSPF Stub
(1)
* Redistribution
(1)
* SNAT (1)
* Special Areas
(1)
* Totally Stub Areas(1)
* VLAN (1)
* VOIP (1)
* VPN (1)
* VRRP (1)
* iptables (1)
* ipv6to4 (1)
* next-hop-self
(1)
* tunneling
(1)
BLOG ARCHIVE
* ▼ 2012 (3)
* ▼ February (1) * Simple BGP Community Lab * ► January (2)* ► 2011 (31)
* ► October (11)* ► August (4)
* ► April (5)
* ► February (11)ABOUT ME
* Myo Gyi
About Me? Well,I have been working in IT field in couple of years mostly in networking, in house support and system administration. Currently, I'm working in Singapore and practicing GNS3 labs for mycertifications.
View my complete profile WHY I CREATE THIS BLOG? I have search GNS3 lab files in Internet not only for preparing my certification exams but also for interest in Cisco. But, sometime, it's difficult to get the one you want. Some lab files are very good but using too much routers which can have problem when opening and running. That's why I created simple GNS3 files even though I'm not guru innetworking.
All comments are welcome by sharing knowledge in networking. If there is any error in my lab files, this is my lack of knowledge. Recently, I have changed my mind to post not only GNS3 lab files but also to add other system and networking experiences as well.USEFUL WEBSITES
* Blindhog.net
* CCNP - Routing
* 9tut - CCNA Preparation Site * Graphical Network SimulatorSEARCH
FOLLOWERS
Theme images by gaffera.
Powered by Blogger .Details
Copyright © 2024 ArchiveBay.com. All rights reserved. Terms of Use | Privacy Policy | DMCA | 2021 | Feedback | Advertising | RSS 2.0