The other day I posted some “basic” MPLS information and figured I could use that to build a bit more. In subsequent posts I will post the configs for EIGRP, OSPF, and BGP – but today I will post on RIP.
So, this whole lab/post will build off the previous one – LINK – but will remove all the static routes and replace them with the RIP protocol. I will only post the configs for the CE (R1, R3, R4, R5) and PE (R2 and R5), the core will not change.
Lets start with the Green VRF by removing the static routes on R1, R2, R5, and R4.
R1:
Rack1R1(config)#no ip route 0.0.0.0 0.0.0.0 192.168.21.2
R2:
Rack1R2(config)#no ip route vrf Green 192.168.253.1 255.255.255.255 192.168.21.1
R5:
Rack1R5(config)#no ip route vrf Green 192.168.253.4 255.255.255.255 192.168.54.4
R4:
Rack1R4(config)#no ip route 0.0.0.0 0.0.0.0 192.168.54.5
Lets test a PING, we should see it fail:
Rack1R4#p 192.168.253.1 t 1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.253.1, timeout is 1 seconds:
…..
Success rate is 0 percent (0/5)
Rack1R4#
Ok, static routing has been removed, but what about the BGP static redistribution? We should now remove that to keep the configs clean. Lets do that on R2 and R5 now.
R2:
Rack1R2(config)#router bgp 1
Remember to change to the address family for the VRF
Rack1R2(config-router)# address-family ipv4 vrf Green
Rack1R2(config-router-af)#no redistribute static
R5:
Rack1R5(config)#router bgp 1
Rack1R5(config-router)# address-family ipv4 vrf Green
Rack1R5(config-router-af)#no redistribute static
OK, they have been removed. Lets take a quick look at the VPNv4 routes on R5 in BGP for the Green VRF:
Here we can take a look at what routes are in the Green VPNv4 table on BGP
Rack1R5#sh ip bgp vpnv4 vrf Green
BGP table version is 19, local router ID is 220.61.253.5
Status codes: s suppressed, d damped, h history, * valid, > best, i – internal,
r RIB-failure, S Stale
Origin codes: i – IGP, e – EGP, ? – incomplete
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 1:14 (default for vrf Green)
*>i192.168.21.0 220.61.253.2 0 100 0 ?
*> 192.168.54.0 0.0.0.0 0 32768 ?
Rack1R5#
We are only seeing the connected routes. Good! Now, lets configure RIP between R1 and R2:
R1:
Rack1R1(config)#router rip
Set RIP to Version 2!
Rack1R1(config-router)#ver 2
Disable auto-summary
Rack1R1(config-router)#no au
and add the networks
Rack1R1(config-router)#net 192.168.21.0
Rack1R1(config-router)#net 192.168.253.1
R2:
Rack1R2(config)#router rip
Since this is the PE router, we need to change configure the ipv4 VRF for green under rip via the address family command
Rack1R2(config-router)#address-family ipv4 vrf Green
Rack1R2(config-router-af)#ver 2
Rack1R2(config-router-af)#no au
Rack1R2(config-router-af)#net 192.168.21.0
Now onto R4 and R5:
R4:
Rack1R4(config)#router rip
Rack1R4(config-router)#ver 2
Rack1R4(config-router)#no au
Rack1R4(config-router)#net 192.168.54.0
Rack1R4(config-router)#net 192.168.253.4
R5:
Rack1R5(config)#router rip
Rack1R5(config-router)#address-family ipv4 vrf Green
Rack1R5(config-router-af)#no au
Rack1R5(config-router-af)#ver 2
Rack1R5(config-router-af)#net 192.168.54.0
Lets ping from R4 to R1 on the loopbacks:
The timeout of 1 second is a good trick to remember during the lab. The default is 2 seconds, so basically we saved ourselves 5 seconds of waiting. Might not seem like a lot, but 10 seconds seems like forever in the lab!
Rack1R4#ping 192.168.253.1 so l0 t 1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.253.1, timeout is 1 seconds:
Packet sent with a source address of 192.168.253.4
…..
Success rate is 0 percent (0/5)
Rack1R4#
It fails – hmm. Oh yeah, we never configured the redistribution between BGP and RIP!
Before I do that, lets take a quick look at R5 RIP database for the Green VRF:
Rack1R5#sh ip rip database vrf Green
192.168.54.0/24 auto-summary
192.168.54.0/24 directly connected, Serial0/0/0.1
192.168.253.0/24 auto-summary
192.168.253.4/32
[1] via 192.168.54.4, 00:00:23, Serial0/0/0.1
Rack1R5#
We see that the /32 for R4 loopback is there, so at least we can be sure that RIP is working correctly for the VRF right now.
Now onto the BGP part
Rack1R2(config-router)#router bgp 1
Rack1R2(config-router)#address-family ipv4 vrf Green
Rack1R2(config-router-af)# redistribute rip
And BGP for R5:
Rack1R5(config)#router bgp 1
Rack1R5(config-router)#address-family ipv4 vrf Green
Rack1R5(config-router-af)# redistribute rip
Ok, redistribution is setup for RIP to BGP, lets check the BGP VPNv4 database to see if we see R4 and R2 RIP routes:
Rack1R5#sh ip bgp vpnv4 vrf Green
BGP table version is 23, local router ID is 220.61.253.5
Status codes: s suppressed, d damped, h history, * valid, > best, i – internal,
r RIB-failure, S Stale
Origin codes: i – IGP, e – EGP, ? – incomplete
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 1:14 (default for vrf Green)
*>i192.168.21.0 220.61.253.2 0 100 0 ?
*> 192.168.54.0 0.0.0.0 0 32768 ?
*>i192.168.253.1/32 220.61.253.2 2 100 0 ?
*> 192.168.253.4/32 192.168.54.4 2 32768 ?
Rack1R5#
They are there, cool! Lets see if we can PING R4 to R1 loopback now:
Rack1R4#ping 192.168.253.1 so l0 t 1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.253.1, timeout is 1 seconds:
Packet sent with a source address of 192.168.253.4
…..
Success rate is 0 percent (0/5)
Rack1R4#
Nope, hmm. Oh yeah, we did RIP to BGP but we didn’t do BGP to RIP. Need to remember that this is mutual redistribution between the routing protocols. So, lets get BGP to RIP configured on R2 and R5.
R2:
Rack1R2(config)#router rip
Remember, the PE has an address-family for the Green VRF
Rack1R2(config-router)#address-family ipv4 vrf Green
and when we redistribute we need to set the hop count, here we set it to 2. You can use this metric top filter out this route from down-stream routers by increasing it to a metric that will get filtered out (think more then 16 hops) later on. The tricks of route-filtering on a silly test.
Rack1R2(config-router-af)#redistribute bgp 1 metric 2
R5:
Rack1R5(config)#router rip
Rack1R5(config-router)# address-family ipv4 vrf Green
Rack1R5(config-router-af)#redistribute bgp 1 metric 2
Now we can take a look at the routing table on R4.
Rack1R4#sh ip route
Codes: C – connected, S – static, R – RIP, M – mobile, B – BGP
D – EIGRP, EX – EIGRP external, O – OSPF, IA – OSPF inter area
N1 – OSPF NSSA external type 1, N2 – OSPF NSSA external type 2
E1 – OSPF external type 1, E2 – OSPF external type 2
i – IS-IS, su – IS-IS summary, L1 – IS-IS level-1, L2 – IS-IS level-2
ia – IS-IS inter area, * – candidate default, U – per-user static route
o – ODR, P – periodic downloaded static route
Gateway of last resort is not set
R 192.168.21.0/24 [120/2] via 192.168.54.5, 00:00:13, Serial0/0/0.1
C 192.168.54.0/24 is directly connected, Serial0/0/0.1
192.168.253.0/32 is subnetted, 2 subnets
C 192.168.253.4 is directly connected, Loopback0
R 192.168.253.1 [120/2] via 192.168.54.5, 00:00:13, Serial0/0/0.1
Rack1R4#
Cool, we have routes to R1 loopback. Lets try that PING again:
Rack1R4#ping 192.168.253.1 so l0 t 1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.253.1, timeout is 1 seconds:
Packet sent with a source address of 192.168.253.4
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 112/114/116 ms
Rack1R4#
There we go, got it!
Now lets do all that for the Blue VRF. I will actually show you some of the commands I tend to use when I am working.
R3:
Lets look at the config, but I only want to see the lines with the work route in them.
Rack1R3#sh run | inc route
ip source-route
ip route 0.0.0.0 0.0.0.0 192.168.23.2
Rack1R3#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Now I actually type the command NO and then copy-and-paste the line to be removed
Rack1R3(config)#no ip route 0.0.0.0 0.0.0.0 192.168.23.2
Rack1R3(config)#router rip
I try to use as few letters as necessary when typing commands.
Rack1R3(config-router)#ver 2
Rack1R3(config-router)#no au
Rack1R3(config-router)#net 192.168.23.0
Rack1R3(config-router)#network 192.168.253.3
R2:
Rack1R2#sh run | inc route vrf
ip route vrf Blue 192.168.253.3 255.255.255.255 192.168.23.3
Rack1R2#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Rack1R2(config)#no ip route vrf Blue 192.168.253.3 255.255.255.255 192.168.23.3
Rack1R2(config)#router rip
Rack1R2(config-router)#address-family ipv4 vrf Blue
Rack1R2(config-router-af)#no au
Rack1R2(config-router-af)#ver 2
Rack1R2(config-router-af)#net 192.168.23.0
Rack1R2(config-router-af)#red bgp 1 met 2
Rack1R2(config-router-af)#exit
Rack1R2(config-router)#router bgp 1
Rack1R2(config-router)#address-family ipv4 vrf Blue
Rack1R2(config-router-af)#no red st
Rack1R2(config-router-af)#red rip met 2
R5:
Rack1R5#show run | inc route vrf
ip route vrf Blue 192.168.253.6 255.255.255.255 192.168.56.6
Rack1R5#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Rack1R5(config)#no ip route vrf Blue 192.168.253.6 255.255.255.255 192.168.56.6
Rack1R5(config)#router rip
Rack1R5(config-router)#address-family ipv4 vrf Blue
Rack1R5(config-router-af)#no au
Rack1R5(config-router-af)#ver 2
Rack1R5(config-router-af)#net 192.168.56.0
Rack1R5(config-router-af)#red bgp 1 met 2
Rack1R5(config-router-af)#router bgp 1
Rack1R5(config-router)#address-family ipv4 vrf Blue
Rack1R5(config-router-af)#no red st
Rack1R5(config-router-af)#red rip met 2
R6:
Rack1R6#sh run | inc route
ip source-route
ip route 0.0.0.0 0.0.0.0 192.168.56.5
Rack1R6#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Rack1R6(config)#no ip route 0.0.0.0 0.0.0.0 192.168.56.5
Here I want to check the IP addresses of the interfaces, so I excluded unassigned
Rack1R6(config)#do show ip int br | ex un
Interface IP-Address OK? Method Status Protocol
Serial0/0/0.1 192.168.56.6 YES manual up up
Loopback0 192.168.253.6 YES manual up up
Rack1R6(config)#router rip
Rack1R6(config-router)# ver 2
Rack1R6(config-router)#no au
Rack1R6(config-router)#net 192.168.56.0
Rack1R6(config-router)#net 192.168.253.6
Rack1R6(config-router)#^Z
Rack1R6#
Now if we did everything right we should see R3 loopback in the R6 routing table:
Rack1R6#sh ip route
Codes: C – connected, S – static, R – RIP, M – mobile, B – BGP
D – EIGRP, EX – EIGRP external, O – OSPF, IA – OSPF inter area
N1 – OSPF NSSA external type 1, N2 – OSPF NSSA external type 2
E1 – OSPF external type 1, E2 – OSPF external type 2
i – IS-IS, su – IS-IS summary, L1 – IS-IS level-1, L2 – IS-IS level-2
ia – IS-IS inter area, * – candidate default, U – per-user static route
o – ODR, P – periodic downloaded static route
Gateway of last resort is not set
C 192.168.56.0/24 is directly connected, Serial0/0/0.1
R 192.168.23.0/24 [120/2] via 192.168.56.5, 00:00:15, Serial0/0/0.1
192.168.253.0/32 is subnetted, 2 subnets
C 192.168.253.6 is directly connected, Loopback0
R 192.168.253.3 [120/2] via 192.168.56.5, 00:00:15, Serial0/0/0.1
Look at that, it is there! Lets do the PING test from R6 loopack to R3 loopback.
Rack1R6#ping 192.168.253.3 so l0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.253.3, timeout is 2 seconds:
Packet sent with a source address of 192.168.253.6
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 112/113/116 ms
Rack1R6#
…and that is RIP.