13.17 For routes passing through AS 19999, R6 should only have Serial 02/0
as the next-hop interface for even numbered routes and Serial 0/2/1
as the next-hop interface for odd numbered routes. (The second octet is being
reviewed for even or odd)
The DSG states the solution is:
R9
access-list 90 permit 102.0.0.0 8.254.255.0
access-list 91 permit 102.1.0.0 8.254.255.0
router bgp 19999
neighbor 150.100.69.6 distribute-list 90 out
neighbor 150.100.96.6 distribute-list 91 out
I find that this kills task 13.5 (advertise fa0/0, fa0/1, and lo0 on R9 into AS
19999). This makes sense because the ACL is not allowing the FastE and Lo0
addresses through, since they're not in this range.
BEFORE:
R6(config)#do sh ip bgp
BGP table version is 147, local router ID is 200.0.0.6
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
* 100.100.250.0/24 150.100.96.9 0 0 19999 i
*> 150.100.69.9 0 0 19999 i
AFTER:
R6(config)#do sh ip bgp 100.100.250.0
% Network not in table
R6(config)#do sh ip bgp 200.0.0.9
% Network not in table
My solution was the following on R9:
R9
access-list 1 permit 0.0.0.0 255.254.255.255
access-list 2 permit 0.1.0.0 255.254.255.255
ip as-path access-list 500 permit _3561_
route-map Task17 permit 10
match ip address 1
match as-path 500
!
route-map Task17 deny 20
match ip address 2
match as-path 500
!
route-map Task17 permit 30
!
route-map Task17b permit 10
match ip address 2
match as-path 500
!
route-map Task17b deny 20
match ip address 1
match as-path 500
!
route-map Task17b permit 30
router bgp 19999
neighbor 150.100.69.6 route-map Task17 out
neighbor 150.100.96.6 route-map Task17b out
1. Upon implementation, the routes for 100.100.250.0/24, 150.100.91.0/24, and
200.0.0.9 (Task 13.5) remained, with two diverse paths for these (s0/2/0 and
s0/2/1)
2. The other routes each pointed to the correct interface, and only that
interface.
My rationale was that since R9 is only BGP peering with R6 and BB3, all traffic
that will transit 19999 must come from 3561, since R9 will not accept a route
from R6 with 19999 in the as path. Also, I thought that even though BB3 was
only
advertising routes with the first octet between 102-110, this could change and
it could advertise other routes later on, or is this out of bounds for what
they're allowed "to do to you" on the lab? Really, I'm just trying to verify if
the way I'm thinking about the lab is correct? Please advise.
Thanks,
Win
_______________________________________________
For more information regarding industry leading CCIE Lab training, please visit
www.ipexpert.com
