Thursday, February 26, 2009

IE Vol 2 Section 5

5.1 Complete, no issues although it did take me a bit to figure out exactly what they were asking for. I'd definitely get some proctor clarification on this in the lab.

5.2 Complete, although the solutions guide also had an "assumed tasks" that weren't specifically mentioned in the task itself.

Getting the pe-ce ospf and ospf-bgp redistribution running wasn't an issue at all. However my AS100 pe and ce could not reach site 2. It turned out this was because vpnv4 next-hop-self wasn't turned on for the as100 P router. Because of this, the PE saw the AS200 link as the next hop, rather than the P router's loopback. The AS200 link was not in the mpls forwarding table, so the PE router sent this packet out without a label. The P router would then receive an mpls vpn labeled packet with no forwarding label, and have to drop the packet. Adding the vpnv4 next-hop-self instead showed the P router loopback as the next hop, which the PE router did have in its mpls forwarding table, therefore the mpls path was intact.

The solutions guide also had R4 advertise ospf external routes. I see why this was done, since it's necessary so that site 1 can reach site 2's external ospf networks. But the task does not call for this. It should have stated that this reachability is required.

5.3 I ALMOST had this completed. The nat took me awhile but I finally got it running. I was hung up on the static route for leaking routes into the vrf. The issue I couldn't fix was in having R4 use redundant paths for the static route to R3. I was missing the global keyword on the static route. This allows a recursive lookup to the global routing table for the vrf static route. Once that was added, I had to put another next-hop-self on R5->R4 to allow reacability to external prefixes.

5.4 Ok, I was completely lost on this one. I knew I needed to filter routes going to the CE without adding vfr's to the CE routers. I just wasn't sure of the mechanism to do this. So now I know a new trick, which I'm sure will be invaluable on the real lab. ip vrf export maps, which use route-maps to selectively assign route-targets to specific routes. I definitely need to write that to my own memory.

No comments: