Hi Michael Yes that's right (cause if it cant match anything int BGP table how can it set anything) and yes this is TE, the inject, this is if you also want to advertise the shorter prefix via different path so it is more preferred and the summary is preferred over a different link, this is if you have two links to an ISP, you can do the inject MAP on the router your want the shorter prefixes to come in on, and keep the Summary via the other link.(depending also if the ISP is preferring the routes via the other link)
Regards On Sun, Sep 30, 2012 at 5:42 PM, <[email protected]>wrote: > Send CCIE_RS mailing list submissions to > [email protected] > > To subscribe or unsubscribe via the World Wide Web, visit > http://onlinestudylist.com/mailman/listinfo/ccie_rs > or, via email, send a message with subject or body 'help' to > [email protected] > > You can reach the person managing the list at > [email protected] > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of CCIE_RS digest..." > > > Today's Topics: > > 1. Re: bgp inject-map (Michael Davis - Webquor) > 2. Re: GNS3 breakout switch - /etc/network/interfaces question > (Bob McCouch) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Sun, 30 Sep 2012 11:04:51 +0000 > From: Michael Davis - Webquor <[email protected]> > To: Andre Bosch <[email protected]>, > "[email protected]" <[email protected]> > Subject: Re: [OSL | CCIE_RS] bgp inject-map > Message-ID: > <[email protected]> > Content-Type: text/plain; charset="Windows-1252" > > Yes, the inject map (correct me if I am wrong) is the opposite to a > summary - the summary (shorter prefix match) must be generated first and > installed in the table before the conditional route injection will be made. > With a summary, you need a more specific match in the table, with the > inject map, you need the less specific summary to be there first. My way > of thinking is that this is more of a traffic engineering feature, not > really an alternative way to advertise a route. > I hope I am making sense?, and again, if anyone has a better or more > correct explanation, please chime in. > > On 30/09/12 6:47 PM, "Andre Bosch" <[email protected]> wrote: > > >Hi Doug > > > > > >Try changing youre "ip prefix-list SOURCE seq 5 permit 13.0.0.1/32" to > the > >source of the aggregare your learining: > > > >meaning look under the "sh ip bgp 10.0.0.0 255.255.255.0" see where you > >learned the route from, in your case it would be 10.0.0.2 (Got this from > >your sh ip bgp output). > > > >You are currently matching a summary that didn't generate from that > >source, > >so this route-map will not be MATCH, and if it doesn't MATCH it wont SET. > > > >You do not need to put the destination in, as this will be done by BGP > >under the process to its neighbor's. > > > >You in theory want to match the AGGREGATE/(Your case SUMMARY) that > >originated form one of your peers SOURCE, and then SET the HOST(Host that > >you want allowed). > > > >bgp inject-map (What and where it came from) exist-map (what you want to > >send out) (copy the attributes from the aggregate (This is optional)) > >PS: you have to take the SOURCE from the sh ip bgp 10.0.0.0 255.255.255.0 > >(This is the value next to "from") NOT from the sh ip bgp, as the NEXT-HOP > >is copied from the IGP routing table, you need to get the source from > >where > >the AGGREGATE originated from. > > > > > >On Sun, Sep 30, 2012 at 7:40 AM, > ><[email protected]>wrote: > > > >> Send CCIE_RS mailing list submissions to > >> [email protected] > >> > >> To subscribe or unsubscribe via the World Wide Web, visit > >> http://onlinestudylist.com/mailman/listinfo/ccie_rs > >> or, via email, send a message with subject or body 'help' to > >> [email protected] > >> > >> You can reach the person managing the list at > >> [email protected] > >> > >> When replying, please edit your Subject line so it is more specific > >> than "Re: Contents of CCIE_RS digest..." > >> > >> > >> Today's Topics: > >> > >> 1. bgp inject-map ([email protected]) > >> 2. GNS3 breakout switch - /etc/network/interfaces question > >> (G. Mitchell Peterson) > >> 3. Re: GNS3 breakout switch - /etc/network/interfaces question > >> (Bob McCouch) > >> 4. Re: GNS3 breakout switch - /etc/network/interfaces question > >> (Keller Giacomarro) > >> 5. Re: GNS3 breakout switch - /etc/network/interfaces question > >> (Adeeb.Husseini) > >> 6. Re: GNS3 breakout switch - /etc/network/interfaces question > >> (Keller Giacomarro) > >> > >> > >> ---------------------------------------------------------------------- > >> > >> Message: 1 > >> Date: Sat, 29 Sep 2012 17:34:11 -0700 > >> From: <[email protected]> > >> To: "IPexpert Online Study List" <[email protected]> > >> Subject: [OSL | CCIE_RS] bgp inject-map > >> Message-ID: > >> < > >> > >> > 20120929173411.bcf41bfd7d67e476f5ae5016554e5dd3.a7c833578a....@email18.se > >>cureserver.net > >> > > >> > >> Content-Type: text/plain; charset="utf-8" > >> > >> I need some help with the BGP inject-map command. > >> > >> The topology is simple: > >> > >> R3-----13.0.0.0/24-----R1-----10.0.0.0/24-----R2 > >> > >> R3 is in AS 300, and R1 and R2 are in AS 12. The last octet of each ip > >> address is taken from the router name. > >> > >> For this simplified example, only the two subnets in the diagram exist. > >> I need R1 to advertise two additional routes to R3: 10.0.0.50/32 and > >> 10.0.0.60/32. I do not want these routes advertised to R2. I cannot use > >> the same method to inject both routes. > >> > >> To advertise the 10.0.0.50/32 route, I simply added a static route and > a > >> network statement: > >> > >> ip route 10.0.0.50 255.255.255.255 FastEthernet1/0 > >> routeR bgp 120 > >> network 10.0.0.50 mask 255.255.255.255 > >> > >> This works, and I just used a prefix filter to filter the route on the > >> neighbor statement to R2. I'm trying to use the inject-map to accomplish > >> the task for the second route as follows: > >> > >> ip prefix-list HOSTIP seq 5 permit 10.0.0.60/32 > >> ! > >> ip prefix-list SOURCE seq 5 permit 13.0.0.1/32 > >> ! > >> ip prefix-list SUMMARY seq 5 permit 10.0.0.0/24 > >> ! > >> route-map MATCH_SUM_SOURCE permit 10 > >> match ip address prefix-list SUMMARY > >> match ip route-source SOURCE > >> ! > >> route-map GENERATE_SLASH32 permit 10 > >> set ip address prefix-list HOSTIP > >> > >> router bgp 120 > >> bgp inject-map GENERATE_SLASH32 exist-map MATCH_SUM_SOURCE > >> > >> This works also, and for some reason is not advertised to R2. I don't > >> understand why... Are injected routes only advertised to eBGP neighbors? > >> > >> Also, on R1, the next hop for the injected route is R2's address: > >> > >> R1(config-router)#do sh ip bgp | beg Net > >> Network Next Hop Metric LocPrf Weight Path > >> *> 10.0.0.0/24 0.0.0.0 0 32768 i > >> * i 10.0.0.2 0 100 0 i > >> *> 10.0.0.50/32 0.0.0.0 0 32768 i > >> *>i10.0.0.60/32 10.0.0.2 0 ? > >> *> 13.0.0.0/24 0.0.0.0 0 32768 i > >> * 13.0.0.3 0 0 300 i > >> > >> Why doesn't R1 inject the route with 0.0.0.0 as next hop? > >> > >> Thanks! > >> > >> Doug > >> > >> > >> > >> > >> > >> > >> ------------------------------ > >> > >> Message: 2 > >> Date: Sat, 29 Sep 2012 21:07:46 -0400 > >> From: "G. Mitchell Peterson" <[email protected]> > >> To: [email protected] > >> Subject: [OSL | CCIE_RS] GNS3 breakout switch - > >> /etc/network/interfaces question > >> Message-ID: > >> <CAD2u7iZdDOgj3u2WOGbtA8D_YND0Z6mwotbTi_srQ9hGNBzd= > >> [email protected]> > >> Content-Type: text/plain; charset=ISO-8859-1 > >> > >> I'm working on getting my lab up and running using the breakout switch > >> method on an Ubuntu Server 12.04 x64 server. I can't seem to get the > >>trunk > >> on the server working though. Can someone post a snip-it of their > >> interfaces file? I was hoping that it behaved like a dot1q trunk in > >>Cisco > >> world, but that doesn't seem to be the case. There's no trunk allowed > >>type > >> command from what I can gather. Do I just make a sub for each VLAN > >>going > >> over the trunk like below? I really, really dislike that I have to > >>assign > >> an IP when using the static command so I'm hoping one of you network > >> wizards knows a trick to this. I tried only using auto ethX and setting > >> the MTU but it error'd out. So, apparently either you assign an IP or > >>you > >> assign DHCP but you have to do one or the other. Anyone see an issue > >>with > >> assigning a /32 in the 127.0.0.0/8 network to these since I have to > give > >> it > >> something? > >> > >> #Trunk to breakout > >> auto ethX > >> iface ethX inet static > >> adddress 127.0.0.100 > >> netmask 255.255.255.255 > >> mtu 1536 > >> > >> #VLAN 101 on ethX > >> auto ethX.101 > >> iface ethX.101 inet static > >> adddress 127.0.0.101 > >> netmask 255.255.255.255 > >> > >> #VLAN 102 on ethX > >> auto ethX.102 > >> iface ethX.102 inet static > >> adddress 127.0.0.102 > >> netmask 255.255.255.255 > >> > >> Thanks, > >> Mitch > >> > >> > >> ------------------------------ > >> > >> Message: 3 > >> Date: Sat, 29 Sep 2012 22:28:15 -0400 > >> From: Bob McCouch <[email protected]> > >> To: "G. Mitchell Peterson" <[email protected]> > >> Cc: [email protected] > >> Subject: Re: [OSL | CCIE_RS] GNS3 breakout switch - > >> /etc/network/interfaces question > >> Message-ID: > >> <CAJFuDdbJ14ZpUnYo766yq7Y2=DB_gvxR62_7oAKNSNZ= > >> [email protected]> > >> Content-Type: text/plain; charset=ISO-8859-1 > >> > >> Hi Mitch, > >> > >> This is my /etc/network/interfaces file from my lab server running > >>Ubuntu > >> 12.04 Server. I use two NICs, the built-in Intel gig NIC (eth0) for the > >> breakout (since it will do MTU larger than 1500) and a USB NIC (eth1) > >>for > >> my access to the box from my internal LAN. I found the same as you, that > >> you can't leave an interface without an IP and actually have it come > >>up. I > >> don't remember if I tried IP's in 127/8, but I'm OK burning a few IPs > >>out > >> of 1.1.1.0/24 for my lab box. Note the 'ethtool' bits as annotated > >>below. > >> Apparently newer Linux kernels will try to use VLAN tag offloading > >>(similar > >> to TCP offload, etc) that will strip all incoming VLAN tags (both > >>layers if > >> it's double-tagged) and it was causing major connectivity problems. > >>Frames > >> were getting out from the virtual routers but not back in. Someone in my > >> Twitter network was able to point me to this solution and it's worked > >> perfectly. Was not necessary on the same box in Ubuntu 11.04. > >> > >> This setup works great for me. In my Dynagen .net files (I run text-mode > >> dynagen, no X and thus no GNS) I just tie the virtual router interfaces > >>to > >> a "vlan1XX" interface using the NIO_linux_eth option, as such: > >> > >> [[ROUTER R5]] > >> model = 3745 > >> console = 2005 > >> f0/0 = NIO_linux_eth:vlan109 > >> f0/1 = NIO_linux_eth:vlan110 > >> > >> > >> =============== /etc/network/interfaces ================== > >> > >> # The primary network interface > >> auto eth1 > >> iface eth1 inet static > >> address 10.4.111.250 > >> netmask 255.255.255.0 > >> gateway 10.4.111.1 > >> dns-nameservers 10.4.11.11 > >> dns-search mccouch.private > >> > >> iface eth1 inet6 static > >> address 2001:0470:XXXX:XXXX:0000:0000:0000:0250 > >> netmask 64 > >> > >> > >> # This is the base interface for the VLAN trunk > >> auto eth0 > >> iface eth0 inet static > >> address 1.1.1.255 > >> netmask 255.255.255.255 > >> # Need to bump up MTU to ensure 1500-byte QinQ frames make it OK. > >> mtu 1998 > >> # This is necessary on recent Linux kernels as VLAN tag offloading > >>clobbers > >> the QinQ behavior we need from Dynamips. > >> # I spent 3 days getting this solved after rebuilding my lab box to get > >>it > >> from Ubuntu 11.04 to 12.04. > >> post-up /sbin/ethtool --offload eth0 rxvlan off && /sbin/ethtool > >>--offload > >> eth0 txvlan off > >> > >> auto vlan101 > >> auto vlan102 > >> auto vlan103 > >> auto vlan104 > >> auto vlan105 > >> auto vlan106 > >> auto vlan107 > >> auto vlan108 > >> auto vlan109 > >> auto vlan110 > >> auto vlan111 > >> auto vlan112 > >> auto vlan113 > >> auto vlan114 > >> auto vlan115 > >> auto vlan116 > >> auto vlan117 > >> auto vlan118 > >> auto vlan119 > >> auto vlan120 > >> auto vlan121 > >> auto vlan122 > >> auto vlan123 > >> auto vlan124 > >> > >> > >> > >> # VLAN 101 > >> iface vlan101 inet static > >> address 1.1.1.1 > >> netmask 255.255.255.255 > >> mtu 1500 > >> vlan-raw-device eth0 > >> > >> # VLAN 102 > >> iface vlan102 inet static > >> address 1.1.1.2 > >> netmask 255.255.255.255 > >> mtu 1500 > >> vlan-raw-device eth0 > >> > >> # VLAN 103 > >> iface vlan103 inet static > >> address 1.1.1.3 > >> netmask 255.255.255.255 > >> mtu 1500 > >> vlan-raw-device eth0 > >> > >> # VLAN 104 > >> iface vlan104 inet static > >> address 1.1.1.4 > >> netmask 255.255.255.255 > >> mtu 1500 > >> vlan-raw-device eth0 > >> > >> ...And on and on up through VLAN 124. > >> > >> > >> > >> On Sat, Sep 29, 2012 at 9:07 PM, G. Mitchell Peterson < > >> [email protected]> wrote: > >> > >> > I'm working on getting my lab up and running using the breakout switch > >> > method on an Ubuntu Server 12.04 x64 server. I can't seem to get the > >> trunk > >> > on the server working though. Can someone post a snip-it of their > >> > interfaces file? I was hoping that it behaved like a dot1q trunk in > >>Cisco > >> > world, but that doesn't seem to be the case. There's no trunk allowed > >> type > >> > command from what I can gather. Do I just make a sub for each VLAN > >> going > >> > over the trunk like below? I really, really dislike that I have to > >> assign > >> > an IP when using the static command so I'm hoping one of you network > >> > wizards knows a trick to this. I tried only using auto ethX and > >>setting > >> > the MTU but it error'd out. So, apparently either you assign an IP or > >> you > >> > assign DHCP but you have to do one or the other. Anyone see an issue > >> with > >> > assigning a /32 in the 127.0.0.0/8 network to these since I have to > >>give > >> > it > >> > something? > >> > > >> > #Trunk to breakout > >> > auto ethX > >> > iface ethX inet static > >> > adddress 127.0.0.100 > >> > netmask 255.255.255.255 > >> > mtu 1536 > >> > > >> > #VLAN 101 on ethX > >> > auto ethX.101 > >> > iface ethX.101 inet static > >> > adddress 127.0.0.101 > >> > netmask 255.255.255.255 > >> > > >> > #VLAN 102 on ethX > >> > auto ethX.102 > >> > iface ethX.102 inet static > >> > adddress 127.0.0.102 > >> > netmask 255.255.255.255 > >> > > >> > Thanks, > >> > Mitch > >> > _______________________________________________ > >> > For more information regarding industry leading CCIE Lab training, > >>please > >> > visit www.ipexpert.com > >> > > >> > Are you a CCNP or CCIE and looking for a job? Check out > >> > www.PlatinumPlacement.com > >> > > >> > http://onlinestudylist.com/mailman/listinfo/ccie_rs > >> > > >> > >> > >> ------------------------------ > >> > >> Message: 4 > >> Date: Sun, 30 Sep 2012 00:25:40 -0500 > >> From: Keller Giacomarro <[email protected]> > >> To: Bob McCouch <[email protected]> > >> Cc: [email protected], "G. Mitchell Peterson" > >> <[email protected]> > >> Subject: Re: [OSL | CCIE_RS] GNS3 breakout switch - > >> /etc/network/interfaces question > >> Message-ID: > >> < > >> cacsx_jv3eu6k+btjxxyyorrqbmhnkpe2mnbpwbc9tadjnb7...@mail.gmail.com> > >> Content-Type: text/plain; charset=ISO-8859-1 > >> > >> You don't need to assign IP address to the interfaces. The mode you're > >> looking for is "manual". > >> > >> The config Bob gaves uses old-style VLAN interfaces. Based on my > >>research, > >> there is considerable question regarding whether they'll continue to > >>work > >> in Ubuntu. However, also based on my research, there is very little > >>good > >> and comprehensible documentation on doing it the new way (with the 'ip' > >> command). Hopefully the below helps you! > >> > >> Here's my process... > >> > >> *** /etc/network/interfaces *** > >> # Sets up your physical interface. Only have to do this once. > >> auto eth1 > >> iface eth1 inet manual > >> post-up ifconfig eth1 mtu 7000 > >> > >> *** StartVLANs.sh *** > >> # Bring up the physical interface > >> ifconfig eth1 up > >> > >> # Add VLANs subinterfaces > >> ip link add link eth1 name eth1.901 type vlan id 901 > >> < repeat for all needed VLANs > > >> > >> # Bring up VLAN subints > >> ifconfig eth1.901 up > >> < repeat for all needed VLANs > > >> > >> # Set MTU on all VLAN subints > >> ifconfig eth1.901 mtu 6500 > >> < repeat for all needed VLANs > > >> > >> *** Verification *** > >> All interfaces currently up: # ifconfig -s > >> All interfaces : # ifconfig -s -a > >> Verify VLAN config : # sudo cat /proc/net/vlan/config > >> > >> *** Dynamips File *** > >> I have had issues with NIO_linux_eth. Specifically, my NIC would strip > >>off > >> the VLAN tags on ingress back from my devices. One thing that can cause > >> this is VLAN offloading (covered by Bob above). In my case, I had to > >>use > >> NIO_gen_eth in order for it to work properly. > >> > >> *** My 2c *** > >> I started out studying with GNS3 and real switches, but quickly realized > >> that you just can't beat real hardware. There are quite a few labs that > >> won't work like you expect them to, especially in QoS studies. You can > >>put > >> together a full lab for about $3000 or so. Do it. You'll be glad > >>you're > >> not always second-guessing whether its you, the workbook, or dynamips > >> that's causing the issue you're seeing. > >> > >> Besides, you can sell the same gear for pretty much what you bought it > >>once > >> you get your numbers. Then again, you'll be a gazillionaire CCIE at > >>that > >> point, and the devices do make fine doorstops. Or boat anchors. > >> > >> > >> On a related note, I noticed that I'm starting to write emails in the > >>same > >> style I take my CCIE notes. Doctor, is there hope for me? > >> > >> Keller Giacomarro > >> [email protected] > >> > >> > >> On Sat, Sep 29, 2012 at 9:28 PM, Bob McCouch <[email protected]> wrote: > >> > >> > Hi Mitch, > >> > > >> > This is my /etc/network/interfaces file from my lab server running > >>Ubuntu > >> > 12.04 Server. I use two NICs, the built-in Intel gig NIC (eth0) for > >>the > >> > breakout (since it will do MTU larger than 1500) and a USB NIC (eth1) > >>for > >> > my access to the box from my internal LAN. I found the same as you, > >>that > >> > you can't leave an interface without an IP and actually have it come > >>up. > >> I > >> > don't remember if I tried IP's in 127/8, but I'm OK burning a few IPs > >>out > >> > of 1.1.1.0/24 for my lab box. Note the 'ethtool' bits as annotated > >> below. > >> > Apparently newer Linux kernels will try to use VLAN tag offloading > >> (similar > >> > to TCP offload, etc) that will strip all incoming VLAN tags (both > >>layers > >> if > >> > it's double-tagged) and it was causing major connectivity problems. > >> Frames > >> > were getting out from the virtual routers but not back in. Someone in > >>my > >> > Twitter network was able to point me to this solution and it's worked > >> > perfectly. Was not necessary on the same box in Ubuntu 11.04. > >> > > >> > This setup works great for me. In my Dynagen .net files (I run > >>text-mode > >> > dynagen, no X and thus no GNS) I just tie the virtual router > >>interfaces > >> to > >> > a "vlan1XX" interface using the NIO_linux_eth option, as such: > >> > > >> > [[ROUTER R5]] > >> > model = 3745 > >> > console = 2005 > >> > f0/0 = NIO_linux_eth:vlan109 > >> > f0/1 = NIO_linux_eth:vlan110 > >> > > >> > > >> > =============== /etc/network/interfaces ================== > >> > > >> > # The primary network interface > >> > auto eth1 > >> > iface eth1 inet static > >> > address 10.4.111.250 > >> > netmask 255.255.255.0 > >> > gateway 10.4.111.1 > >> > dns-nameservers 10.4.11.11 > >> > dns-search mccouch.private > >> > > >> > iface eth1 inet6 static > >> > address 2001:0470:XXXX:XXXX:0000:0000:0000:0250 > >> > netmask 64 > >> > > >> > > >> > # This is the base interface for the VLAN trunk > >> > auto eth0 > >> > iface eth0 inet static > >> > address 1.1.1.255 > >> > netmask 255.255.255.255 > >> > # Need to bump up MTU to ensure 1500-byte QinQ frames make it OK. > >> > mtu 1998 > >> > # This is necessary on recent Linux kernels as VLAN tag offloading > >> clobbers > >> > the QinQ behavior we need from Dynamips. > >> > # I spent 3 days getting this solved after rebuilding my lab box to > >>get > >> it > >> > from Ubuntu 11.04 to 12.04. > >> > post-up /sbin/ethtool --offload eth0 rxvlan off && /sbin/ethtool > >> --offload > >> > eth0 txvlan off > >> > > >> > auto vlan101 > >> > auto vlan102 > >> > auto vlan103 > >> > auto vlan104 > >> > auto vlan105 > >> > auto vlan106 > >> > auto vlan107 > >> > auto vlan108 > >> > auto vlan109 > >> > auto vlan110 > >> > auto vlan111 > >> > auto vlan112 > >> > auto vlan113 > >> > auto vlan114 > >> > auto vlan115 > >> > auto vlan116 > >> > auto vlan117 > >> > auto vlan118 > >> > auto vlan119 > >> > auto vlan120 > >> > auto vlan121 > >> > auto vlan122 > >> > auto vlan123 > >> > auto vlan124 > >> > > >> > > >> > > >> > # VLAN 101 > >> > iface vlan101 inet static > >> > address 1.1.1.1 > >> > netmask 255.255.255.255 > >> > mtu 1500 > >> > vlan-raw-device eth0 > >> > > >> > # VLAN 102 > >> > iface vlan102 inet static > >> > address 1.1.1.2 > >> > netmask 255.255.255.255 > >> > mtu 1500 > >> > vlan-raw-device eth0 > >> > > >> > # VLAN 103 > >> > iface vlan103 inet static > >> > address 1.1.1.3 > >> > netmask 255.255.255.255 > >> > mtu 1500 > >> > vlan-raw-device eth0 > >> > > >> > # VLAN 104 > >> > iface vlan104 inet static > >> > address 1.1.1.4 > >> > netmask 255.255.255.255 > >> > mtu 1500 > >> > vlan-raw-device eth0 > >> > > >> > ...And on and on up through VLAN 124. > >> > > >> > > >> > > >> > On Sat, Sep 29, 2012 at 9:07 PM, G. Mitchell Peterson < > >> > [email protected]> wrote: > >> > > >> > > I'm working on getting my lab up and running using the breakout > >>switch > >> > > method on an Ubuntu Server 12.04 x64 server. I can't seem to get > >>the > >> > trunk > >> > > on the server working though. Can someone post a snip-it of their > >> > > interfaces file? I was hoping that it behaved like a dot1q trunk in > >> Cisco > >> > > world, but that doesn't seem to be the case. There's no trunk > >>allowed > >> > type > >> > > command from what I can gather. Do I just make a sub for each VLAN > >> > going > >> > > over the trunk like below? I really, really dislike that I have to > >> > assign > >> > > an IP when using the static command so I'm hoping one of you network > >> > > wizards knows a trick to this. I tried only using auto ethX and > >> setting > >> > > the MTU but it error'd out. So, apparently either you assign an IP > >>or > >> > you > >> > > assign DHCP but you have to do one or the other. Anyone see an > >>issue > >> > with > >> > > assigning a /32 in the 127.0.0.0/8 network to these since I have to > >> give > >> > > it > >> > > something? > >> > > > >> > > #Trunk to breakout > >> > > auto ethX > >> > > iface ethX inet static > >> > > adddress 127.0.0.100 > >> > > netmask 255.255.255.255 > >> > > mtu 1536 > >> > > > >> > > #VLAN 101 on ethX > >> > > auto ethX.101 > >> > > iface ethX.101 inet static > >> > > adddress 127.0.0.101 > >> > > netmask 255.255.255.255 > >> > > > >> > > #VLAN 102 on ethX > >> > > auto ethX.102 > >> > > iface ethX.102 inet static > >> > > adddress 127.0.0.102 > >> > > netmask 255.255.255.255 > >> > > > >> > > Thanks, > >> > > Mitch > >> > > _______________________________________________ > >> > > For more information regarding industry leading CCIE Lab training, > >> please > >> > > visit www.ipexpert.com > >> > > > >> > > Are you a CCNP or CCIE and looking for a job? Check out > >> > > www.PlatinumPlacement.com > >> > > > >> > > http://onlinestudylist.com/mailman/listinfo/ccie_rs > >> > > > >> > _______________________________________________ > >> > For more information regarding industry leading CCIE Lab training, > >>please > >> > visit www.ipexpert.com > >> > > >> > Are you a CCNP or CCIE and looking for a job? Check out > >> > www.PlatinumPlacement.com > >> > > >> > http://onlinestudylist.com/mailman/listinfo/ccie_rs > >> > > >> > >> > >> ------------------------------ > >> > >> Message: 5 > >> Date: Sun, 30 Sep 2012 01:28:15 -0400 > >> From: "Adeeb.Husseini" <[email protected]> > >> To: "G. Mitchell Peterson" <[email protected]> > >> Cc: [email protected] > >> Subject: Re: [OSL | CCIE_RS] GNS3 breakout switch - > >> /etc/network/interfaces question > >> Message-ID: > >> < > >> cap8a3g80fh3vouy9guio9hdh33ryehkxgeswypbxv4gf7iz...@mail.gmail.com> > >> Content-Type: text/plain; charset=ISO-8859-1 > >> > >> I found new version of Ubuntu have problem with vlan tag so I had to > >>switch > >> to version 11.04 > >> > >> Thanks > >> On Sep 29, 2012 9:16 PM, "G. Mitchell Peterson" < > >> [email protected]> > >> wrote: > >> > >> > I'm working on getting my lab up and running using the breakout switch > >> > method on an Ubuntu Server 12.04 x64 server. I can't seem to get the > >> trunk > >> > on the server working though. Can someone post a snip-it of their > >> > interfaces file? I was hoping that it behaved like a dot1q trunk in > >>Cisco > >> > world, but that doesn't seem to be the case. There's no trunk allowed > >> type > >> > command from what I can gather. Do I just make a sub for each VLAN > >> going > >> > over the trunk like below? I really, really dislike that I have to > >> assign > >> > an IP when using the static command so I'm hoping one of you network > >> > wizards knows a trick to this. I tried only using auto ethX and > >>setting > >> > the MTU but it error'd out. So, apparently either you assign an IP or > >> you > >> > assign DHCP but you have to do one or the other. Anyone see an issue > >> with > >> > assigning a /32 in the 127.0.0.0/8 network to these since I have to > >>give > >> > it > >> > something? > >> > > >> > #Trunk to breakout > >> > auto ethX > >> > iface ethX inet static > >> > adddress 127.0.0.100 > >> > netmask 255.255.255.255 > >> > mtu 1536 > >> > > >> > #VLAN 101 on ethX > >> > auto ethX.101 > >> > iface ethX.101 inet static > >> > adddress 127.0.0.101 > >> > netmask 255.255.255.255 > >> > > >> > #VLAN 102 on ethX > >> > auto ethX.102 > >> > iface ethX.102 inet static > >> > adddress 127.0.0.102 > >> > netmask 255.255.255.255 > >> > > >> > Thanks, > >> > Mitch > >> > _______________________________________________ > >> > For more information regarding industry leading CCIE Lab training, > >>please > >> > visit www.ipexpert.com > >> > > >> > Are you a CCNP or CCIE and looking for a job? Check out > >> > www.PlatinumPlacement.com > >> > > >> > http://onlinestudylist.com/mailman/listinfo/ccie_rs > >> > > >> > >> > >> ------------------------------ > >> > >> Message: 6 > >> Date: Sun, 30 Sep 2012 00:40:26 -0500 > >> From: Keller Giacomarro <[email protected]> > >> To: "Adeeb.Husseini" <[email protected]> > >> Cc: [email protected], "G. Mitchell Peterson" > >> <[email protected]> > >> Subject: Re: [OSL | CCIE_RS] GNS3 breakout switch - > >> /etc/network/interfaces question > >> Message-ID: > >> < > >> cacsx_jvvpdd2ctu_ag8wo5afp4ywcuw6bifq-wusahgz5pz...@mail.gmail.com> > >> Content-Type: text/plain; charset=ISO-8859-1 > >> > >> I originally ran into the VLAN stripping issue when I upgraded from > >>11.04 > >> to 12.04. Changing my .net file from NIO_linux_eth to NIO_gen_eth fixed > >> the problem for me. > >> > >> Just my experience. =) > >> > >> Keller Giacomarro > >> [email protected] > >> > >> > >> On Sun, Sep 30, 2012 at 12:28 AM, Adeeb.Husseini <[email protected] > >> >wrote: > >> > >> > I found new version of Ubuntu have problem with vlan tag so I had to > >> switch > >> > to version 11.04 > >> > > >> > Thanks > >> > On Sep 29, 2012 9:16 PM, "G. Mitchell Peterson" < > >> > [email protected]> > >> > wrote: > >> > > >> > > I'm working on getting my lab up and running using the breakout > >>switch > >> > > method on an Ubuntu Server 12.04 x64 server. I can't seem to get > >>the > >> > trunk > >> > > on the server working though. Can someone post a snip-it of their > >> > > interfaces file? I was hoping that it behaved like a dot1q trunk in > >> Cisco > >> > > world, but that doesn't seem to be the case. There's no trunk > >>allowed > >> > type > >> > > command from what I can gather. Do I just make a sub for each VLAN > >> > going > >> > > over the trunk like below? I really, really dislike that I have to > >> > assign > >> > > an IP when using the static command so I'm hoping one of you network > >> > > wizards knows a trick to this. I tried only using auto ethX and > >> setting > >> > > the MTU but it error'd out. So, apparently either you assign an IP > >>or > >> > you > >> > > assign DHCP but you have to do one or the other. Anyone see an > >>issue > >> > with > >> > > assigning a /32 in the 127.0.0.0/8 network to these since I have to > >> give > >> > > it > >> > > something? > >> > > > >> > > #Trunk to breakout > >> > > auto ethX > >> > > iface ethX inet static > >> > > adddress 127.0.0.100 > >> > > netmask 255.255.255.255 > >> > > mtu 1536 > >> > > > >> > > #VLAN 101 on ethX > >> > > auto ethX.101 > >> > > iface ethX.101 inet static > >> > > adddress 127.0.0.101 > >> > > netmask 255.255.255.255 > >> > > > >> > > #VLAN 102 on ethX > >> > > auto ethX.102 > >> > > iface ethX.102 inet static > >> > > adddress 127.0.0.102 > >> > > netmask 255.255.255.255 > >> > > > >> > > Thanks, > >> > > Mitch > >> > > _______________________________________________ > >> > > For more information regarding industry leading CCIE Lab training, > >> please > >> > > visit www.ipexpert.com > >> > > > >> > > Are you a CCNP or CCIE and looking for a job? Check out > >> > > www.PlatinumPlacement.com > >> > > > >> > > http://onlinestudylist.com/mailman/listinfo/ccie_rs > >> > > > >> > _______________________________________________ > >> > For more information regarding industry leading CCIE Lab training, > >>please > >> > visit www.ipexpert.com > >> > > >> > Are you a CCNP or CCIE and looking for a job? Check out > >> > www.PlatinumPlacement.com > >> > > >> > http://onlinestudylist.com/mailman/listinfo/ccie_rs > >> > > >> > >> > >> End of CCIE_RS Digest, Vol 80, Issue 42 > >> *************************************** > >> > >_______________________________________________ > >For more information regarding industry leading CCIE Lab training, please > >visit www.ipexpert.com > > > >Are you a CCNP or CCIE and looking for a job? Check out > >www.PlatinumPlacement.com > > > >http://onlinestudylist.com/mailman/listinfo/ccie_rs > > > > ------------------------------ > > Message: 2 > Date: Sun, 30 Sep 2012 11:42:15 -0400 > From: Bob McCouch <[email protected]> > To: Keller Giacomarro <[email protected]> > Cc: "[email protected]" <[email protected]>, > "G. > Mitchell Peterson" <[email protected]> > Subject: Re: [OSL | CCIE_RS] GNS3 breakout switch - > /etc/network/interfaces question > Message-ID: > < > cajfuddyynepxbfiqfzwvhpj2inarjnglcnu8cw+nza4v8wf...@mail.gmail.com> > Content-Type: text/plain; charset=ISO-8859-1 > > Great info Keller, thanks for sharing all that. > > I did try "manual" on my interfaces early on, as I read the man page to > suggest that would work to bring the intf up without an IP, but when I > tried that I couldn't get any traffic to pass so I gave up and just put the > /32 on each. I must have been doing something else wrong. > > Thanks for clarifying the "new" way to do the VLANs. I've seen some > examples of that method on the web but didn't know if that was a new way, > and old way, or just another way. I went with my method because it all > ended up in the /etc/network/interfaces file and I didn't have to run > another script on startup or lab initialization. > > My lab setup is actually hybrid. I have real switches (3x3560 and 1x3550) > and 3 1841s. In IP Expert's topology, I make these routers R1, R7, and R8 > since those 3 devices only use Ethernet to connect to other devices. R7 and > R8 have a serial between them, but only Eth to other routers. This made it > easy to integrate a few real devices without trying to tunnel serial or > anything goofy like that. > > With a couple real routers I can test things like BFD or other features > that don't do well on Dynamips. Generally speaking I've found Dynamips to > behave pretty well. I used to have trouble with multicast traffic locking > serial interfaces on 3745 virtual routers and also problems with corrupt > OSPF LSAs on 2691 BB routers, but once I switched my IPX topo to use > virtual 7204s (3640s for BBs), everything worked reliably. Turns out the > Dynamips driver for the serial adapter on 2600/3700s is buggy. > > All real gear is nice, but there's a trade-off in my opinion between the > capex to buy it and opex to run it. I like that I can leave some virtual > routers running 24x7 for quick testing, and even at full bore my hybrid lab > only needs about 300-325 watts to run. It also generates relatively little > heat, so I can run my rack in an enclosed utility closet in my basement to > keep it nice and quiet. > > My lab cost about US$2000 to build, but that includes all the bits: 12U > rack, power control, cabling, UPS, small lab server, SFPs where needed, > etc., as well as the switches, routers, console server, serial cards for > the 1841s... > > In the end, whatever works for you is what you should use. It's also > important (and difficult!) to avoid the trap of spending all your time > building your lab, and not using it. I spent several days writing scripts > and menus for my lab back in the spring and while the result is nice, that > was time I wasn't actually studying. Once you have something working, it's > important to leave well enough alone and get to labbing the technologies > and preparing for the lab. > > Good Studying, > Bob > > > On Sunday, September 30, 2012, Keller Giacomarro wrote: > > > You don't need to assign IP address to the interfaces. The mode you're > > looking for is "manual". > > > > The config Bob gaves uses old-style VLAN interfaces. Based on my > > research, there is considerable question regarding whether they'll > continue > > to work in Ubuntu. However, also based on my research, there is very > > little good and comprehensible documentation on doing it the new way > (with > > the 'ip' command). Hopefully the below helps you! > > > > Here's my process... > > > > *** /etc/network/interfaces *** > > # Sets up your physical interface. Only have to do this once. > > auto eth1 > > iface eth1 inet manual > > post-up ifconfig eth1 mtu 7000 > > > > *** StartVLANs.sh *** > > # Bring up the physical interface > > ifconfig eth1 up > > > > # Add VLANs subinterfaces > > ip link add link eth1 name eth1.901 type vlan id 901 > > < repeat for all needed VLANs > > > > > # Bring up VLAN subints > > ifconfig eth1.901 up > > < repeat for all needed VLANs > > > > > # Set MTU on all VLAN subints > > ifconfig eth1.901 mtu 6500 > > < repeat for all needed VLANs > > > > > *** Verification *** > > All interfaces currently up: # ifconfig -s > > All interfaces : # ifconfig -s -a > > Verify VLAN config : # sudo cat /proc/net/vlan/config > > > > *** Dynamips File *** > > I have had issues with NIO_linux_eth. Specifically, my NIC would strip > > off the VLAN tags on ingress back from my devices. One thing that can > > cause this is VLAN offloading (covered by Bob above). In my case, I had > to > > use NIO_gen_eth in order for it to work properly. > > > > *** My 2c *** > > I started out studying with GNS3 and real switches, but quickly realized > > that you just can't beat real hardware. There are quite a few labs that > > won't work like you expect them to, especially in QoS studies. You can > put > > together a full lab for about $3000 or so. Do it. You'll be glad you're > > not always second-guessing whether its you, the workbook, or dynamips > > that's causing the issue you're seeing. > > > > Besides, you can sell the same gear for pretty much what you bought it > > once you get your numbers. Then again, you'll be a gazillionaire CCIE at > > that point, and the devices do make fine doorstops. Or boat anchors. > > > > > > On a related note, I noticed that I'm starting to write emails in the > same > > style I take my CCIE notes. Doctor, is there hope for me? > > > > Keller Giacomarro > > [email protected] <javascript:_e({}, 'cvml', '[email protected]');> > > > > > > On Sat, Sep 29, 2012 at 9:28 PM, Bob McCouch <[email protected]> wrote: > > > > Hi Mitch, > > > > This is my /etc/network/interfaces file from my lab server running Ubuntu > > 12.04 Server. I use two NICs, the built-in Intel gig NIC (eth0) for the > > breakout (since it will do MTU larger than 1500) and a USB NIC (eth1) for > > my access to the box from my internal LAN. I found the same as you, that > > you can't leave an interface without an IP and actually have it come up. > I > > don't remember if I tried IP's in 127/8, but I'm OK burning a few IPs out > > of 1.1.1.0/24 for my lab box. Note the 'ethtool' bits as annotated > below. > > Apparently newer Linux kernels will try to use VLAN tag offloading > (similar > > to TCP offload, etc) that will strip all incoming VLAN tags (both layers > if > > it's double-tagged) and it was causing major connectivity problems. > Frames > > were getting out from the virtual routers but not back in. Someone in my > > Twitter network was able to point me to this solution and it's worked > > perfectly. Was not necessary on the same box in Ubuntu 11.04. > > > > This setup works great for me. In my Dynagen .net files (I run text-mode > > dynagen, no X and thus no GNS) I just tie the virtual router interfaces > to > > a "vlan1XX" interface using the NIO_linux_eth option, as such: > > > > [[ROUTER R5]] > > model = 3745 > > console = 2005 > > f0/0 = NIO_linux_eth:vlan109 > > f0/1 = NIO_linux_eth:vlan110 > > > > > > =============== /etc/network/interfaces ================== > > > > # The primary network interface > > auto eth1 > > iface eth1 inet static > > address 10.4.111.250 > > netmask 255.255.255.0 > > gateway 10.4.111.1 > > dns-nameservers 10.4.11.11 > > dns-search mccouch.private > > > > iface eth1 inet6 static > > address 2001:0470:XXXX:XXXX:0000:0000:0000:0250 > > netmask 64 > > > > > > # This is the base interface for the VLAN trunk > > auto eth0 > > iface eth0 inet static > > address 1.1.1.255 > > netmask 255.255.255.255 > > # Need to bump up MTU to ensure 1500-byte QinQ frames make it OK. > > mtu 1998 > > # This is necessary on recent Linux kernels as VLAN tag offloading > clobbers > > the QinQ behavior we need from Dynamips. > > # I spent 3 days getting this solved after rebuilding my lab box to get > it > > from Ubuntu 11.04 to 12.04. > > post-up /sbin/ethtool --offload eth0 rxvlan off && /sbin/ethtool > --offload > > eth0 txvlan off > > > > auto vlan101 > > auto vlan102 > > auto vlan103 > > auto vlan104 > > auto vlan105 > > auto vlan106 > > auto vlan107 > > auto vlan108 > > auto vlan109 > > auto vlan110 > > auto vlan111 > > auto vlan112 > > auto vlan113 > > auto vlan114 > > auto vlan115 > > auto vlan116 > > auto vlan117 > > auto vlan118 > > auto vlan119 > > auto vlan120 > > auto vlan121 > > auto vlan122 > > auto vlan123 > > auto vlan124 > > > > > > > > # VLAN 101 > > iface vlan101 inet static > > address 1.1.1.1 > > netmask 255.255.255.255 > > mtu 1500 > > vlan-raw-device eth0 > > > > # VLAN 102 > > iface vlan102 inet static > > address 1.1.1.2 > > netmask 255.255.255.255 > > mtu 1500 > > vlan-raw-device eth0 > > > > # VLAN 103 > > iface vlan103 inet static > > address 1.1.1.3 > > netmask 255.255.255.255 > > mtu 1500 > > vlan-raw-device eth0 > > > > # VLAN 104 > > iface vlan104 inet static > > address 1.1.1.4 > > netmask 255.255.255.255 > > mtu 1500 > > vlan-raw-device eth0 > > > > ...And on and on up through VLAN 124. > > > > > > > > On Sat, Sep 29, 2012 at 9:07 PM, G. Mitchell Peterson < > > [email protected]> wrote: > > > > > I'm working on getting my lab up and running using the breakout switch > > > method on an Ubuntu Server 12.04 x64 server. I can't seem to get the > > trunk > > > on the server working though. Can someone post a snip-it of their > > > interfaces file? I was hoping that it behaved like a dot1q trunk in > Cisco > > > world, but that doesn't seem to be the case. There's no trunk allowed > > type > > > command from what I can gather. Do I just make a sub for each VLAN > > going > > > over the trunk like below? I really, really dislike that I have to > > assign > > > an IP when using the static command so I'm hoping one of you network > > > wizards knows a trick to this. I tried only using auto ethX and > setting > > > the MTU but it error'd out. So, apparently either you assign an IP or > > you > > > assign DHCP but you have to do one or the other. Anyone see an issue > > with > > > assigning a /32 in the 127.0.0.0/8 network to these since I have to > give > > > > > > > End of CCIE_RS Digest, Vol 80, Issue 44 > *************************************** > _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com http://onlinestudylist.com/mailman/listinfo/ccie_rs
