Apr
27

Monday May 6th at 11am PDT after the current 10 Day R&S CCIE Bootcamp here in Bellevue has concluded, I'll be holding the second part of the PfR vSeminar. This second part will cover PfR in newer IOS versions. In particular I'll be using the same topology but with a mixture of ISR G2's, ASR1001's and CSR1000v's. The ISR G2's are running 15.3T, the ASR1001's are running 3.9S and the CSR1000v's are also running 3.9S. Additionally I have two of the new 3850's in my topology. They won't be providing anything other than L2 switching for this vSeminar but if there is enough interest I can do 1 or 2 hour short vSeminar covering them. These are really nice switches and we're starting to replace our current switches with them.

I'll be making another post tomorrow in regards to doing another vSeminar the same week (May 6th week) before I head to my 10 Day R&S CCIE Bootcamp and 5 Day R&S CCIE Troubleshooting Bootcamp in San Jose, CA. I'm considering doing the vSeminar on IPv4 multicast, MPLS L3 VPNs or a full scale troubleshooting lab breakdown. If anyone has any ideas or preferences for a topic let me know.

Apr
20

Below is the topology that I will be using for tomorrow's PfR vSeminar. This should work on just about any rack setup as I only used one Ethernet interface on each router. Additionally all of the switches are acting as the hosts (SW1 Host A, SW2 Host B, etc).

PfR Topology

The initial configurations are available in the rack control panel for the R&S rental racks (PfR vSeminar Initial Configs) and available below. R1 and R2 are the "external" routers and they are running BGP with each other as later in the vSeminar they will peer with R4 and R5 via eBGP. R4 and R5 have static default routes and are originating a default into OSPF with R5's default having a lower cost making R5 the primary egress router to reach the external networks. Also at the bottom is basic ping script you can use to test your initial configurations.


R1:

version 12.4
no service pad
no service timestamps debug uptime
no service timestamps log uptime
no service password-encryption
service tcp-small-servers
!
hostname Rack1R1
!
boot-start-marker
boot system flash:
boot-end-marker
!
logging buffered 4444096 debugging
no logging console
enable secret 5 $1$y2DI$z7s4dcWZpwU7NjVv42Nb40
!
no aaa new-model
no network-clock-participate slot 1
no network-clock-participate wic 0
no ip icmp rate-limit unreachable
ip cef
!
no ip domain lookup
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
archive
log config
hidekeys
!
ip tcp synwait-time 5
!
interface Loopback0
ip address 1.1.1.1 255.255.255.255
!
interface Loopback1
ip address 50.0.0.1 255.255.255.255
!
interface FastEthernet0/0
no shutdown
no ip address
duplex auto
speed auto
!
interface FastEthernet0/0.12
encapsulation dot1Q 12
ip address 134.1.1.1 255.255.0.0 secondary
ip address 204.12.1.1 255.255.255.0 secondary
ip address 50.1.0.1 255.255.255.0
!
interface FastEthernet0/0.14
encapsulation dot1Q 14
ip address 192.10.14.1 255.255.255.248
!
interface FastEthernet0/0.15
encapsulation dot1Q 15
ip address 192.10.15.1 255.255.255.248
!
router bgp 100
bgp router-id 1.1.1.1
bgp log-neighbor-changes
neighbor 50.1.0.2 remote-as 200
neighbor 192.10.14.4 remote-as 300
neighbor 192.10.15.5 remote-as 300
!
address-family ipv4
redistribute connected
neighbor 50.1.0.2 activate
neighbor 192.10.14.4 activate
neighbor 192.10.15.5 activate
no auto-summary
no synchronization
exit-address-family
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 192.10.14.4
ip route 0.0.0.0 0.0.0.0 192.10.15.5
!
no ip http server
no ip http secure-server
!
control-plane
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous level 0 limit 20
line aux 0
line vty 0 4
password cisco
login
!
scheduler allocate 20000 1000
!
end

R2:

version 12.4
no service pad
no service timestamps debug uptime
no service timestamps log uptime
no service password-encryption
!
hostname Rack1R2
!
boot-start-marker
boot system flash:
boot-end-marker
!
logging buffered 4444096 debugging
no logging console
enable secret 5 $1$y2DI$z7s4dcWZpwU7NjVv42Nb40
!
no aaa new-model
no network-clock-participate slot 1
no network-clock-participate wic 0
no ip icmp rate-limit unreachable
ip cef
!
no ip domain lookup
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
archive
log config
hidekeys
!
ip tcp synwait-time 5
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
!
interface Loopback2
ip address 50.0.0.2 255.255.255.255
!
interface FastEthernet0/0
no shutdown
no ip address
duplex auto
speed auto
!
interface FastEthernet0/0.12
encapsulation dot1Q 12
ip address 134.1.1.2 255.255.0.0 secondary
ip address 204.12.1.2 255.255.255.0 secondary
ip address 50.1.0.2 255.255.255.0
!
interface FastEthernet0/0.25
encapsulation dot1Q 25
ip address 192.10.25.2 255.255.255.248
!
router bgp 200
bgp router-id 2.2.2.2
bgp log-neighbor-changes
neighbor 50.1.0.1 remote-as 100
neighbor 192.10.25.5 remote-as 300
!
address-family ipv4
redistribute connected
neighbor 50.1.0.1 activate
neighbor 192.10.25.5 activate
no auto-summary
no synchronization
exit-address-family
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 192.10.25.5
!
no ip http server
no ip http secure-server
!
control-plane
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous level 0 limit 20
line aux 0
line vty 0 4
password cisco
login
!
scheduler allocate 20000 1000
!
end

R3:

version 12.4
no service pad
no service timestamps debug uptime
no service timestamps log uptime
no service password-encryption
!
hostname Rack1R3
!
boot-start-marker
boot system flash:
boot-end-marker
!
logging buffered 4444096 debugging
no logging console
enable secret 5 $1$y2DI$z7s4dcWZpwU7NjVv42Nb40
!
no aaa new-model
no ip icmp rate-limit unreachable
ip cef
!
no ip domain lookup
!
archive
log config
hidekeys
!
ip tcp synwait-time 5
!
interface Loopback0
ip address 3.3.3.3 255.255.255.255
ip ospf 1 area 0
!
interface FastEthernet0/0
no shutdown
no ip address
duplex auto
speed auto
!
interface FastEthernet0/0.10
description CONNECTED TO HOST A & B
encapsulation dot1Q 10
ip address 10.1.1.3 255.255.255.0
ip ospf 1 area 0
!
interface FastEthernet0/0.34
encapsulation dot1Q 34
ip address 173.1.34.3 255.255.255.0
ip ospf 1 area 0
!
interface FastEthernet0/0.35
description INTERNAL INTERFACE TO R5
encapsulation dot1Q 35
ip address 173.1.35.3 255.255.255.0
ip ospf 1 area 0
!
interface FastEthernet0/0.36
description INTERNAL INTERFACE TO R6
encapsulation dot1Q 36
ip address 173.1.36.3 255.255.255.0
ip ospf 1 area 0
!
interface FastEthernet0/0.172
description CONNECTED TO HOST C & D
encapsulation dot1Q 172
ip address 172.16.1.3 255.255.255.0
ip ospf 1 area 0
!
router ospf 1
router-id 3.3.3.3
log-adjacency-changes
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
control-plane
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous level 0 limit 20
line aux 0
line vty 0 4
password cisco
login
!
end

R4:

version 12.4
no service pad
no service timestamps debug uptime
no service timestamps log uptime
no service password-encryption
!
hostname Rack1R4
!
boot-start-marker
boot system flash:
boot-end-marker
!
logging message-counter syslog
logging buffered 4444096
no logging console
enable secret 5 $1$y2DI$z7s4dcWZpwU7NjVv42Nb40
!
no aaa new-model
dot11 syslog
ip source-route
no ip icmp rate-limit unreachable
!
ip cef
no ip domain lookup
no ipv6 cef
!
multilink bundle-name authenticated
!
archive
log config
hidekeys
!
ip tcp synwait-time 5
!
policy-map PM_512k
class class-default
shape average 512000
!
interface Loopback0
ip address 4.4.4.4 255.255.255.255
ip ospf 1 area 0
!
interface FastEthernet0/0
no shutdown
no ip address
duplex auto
speed auto
!
interface FastEthernet0/0.14
description EXTERNAL INTERFACE TO R1
encapsulation dot1Q 14
ip address 192.10.14.4 255.255.255.248
ip ospf 1 area 0
service-policy output PM_512k
!
interface FastEthernet0/0.34
description INTERNAL INTERFACE TO R3
encapsulation dot1Q 34
ip address 173.1.34.4 255.255.255.0
ip ospf 1 area 0
!
router ospf 1
router-id 4.4.4.4
log-adjacency-changes
passive-interface FastEthernet0/0.14
default-information originate always
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 192.10.14.1
no ip http server
no ip http secure-server
!
control-plane
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous level 0 limit 20
line aux 0
line vty 0 4
privilege level 15
password cisco
login
length 0
!
scheduler allocate 20000 1000
!
end

R5:

version 12.4
no service pad
no service timestamps debug uptime
no service timestamps log uptime
no service password-encryption
!
hostname Rack1R5
!
boot-start-marker
boot system flash:
warm-reboot
boot-end-marker
!
logging message-counter syslog
logging buffered 4444096
no logging console
enable secret 5 $1$y2DI$z7s4dcWZpwU7NjVv42Nb40
!
no aaa new-model
dot11 syslog
ip source-route
no ip icmp rate-limit unreachable
!
ip cef
no ip domain lookup
no ipv6 cef
!
multilink bundle-name authenticated
!
archive
log config
hidekeys
!
ip tcp synwait-time 5
!
policy-map PM_256k
class class-default
shape average 256000
policy-map PM_512k
class class-default
shape average 512000
!
interface Loopback0
ip address 5.5.5.5 255.255.255.255
ip ospf 1 area 0
!
interface FastEthernet0/0
no shutdown
no ip address
duplex auto
speed auto
!
interface FastEthernet0/0.15
description EXTERNAL INTERFACE TO R1
encapsulation dot1Q 15
ip address 192.10.15.5 255.255.255.248
ip ospf 1 area 0
service-policy output PM_512k
!
interface FastEthernet0/0.25
description EXTERNAL INTERFACE TO R2
encapsulation dot1Q 25
ip address 192.10.25.5 255.255.255.248
ip ospf 1 area 0
service-policy output PM_256k
!
interface FastEthernet0/0.35
description INTERNAL INTERFACE TO R3
encapsulation dot1Q 35
ip address 173.1.35.5 255.255.255.0
ip ospf 1 area 0
!
router ospf 1
router-id 5.5.5.5
log-adjacency-changes
passive-interface FastEthernet0/0.15
passive-interface FastEthernet0/0.25
default-information originate always metric 10
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 192.10.15.1
ip route 0.0.0.0 0.0.0.0 192.10.25.2
no ip http server
no ip http secure-server
!
control-plane
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous level 0 limit 20
line aux 0
line vty 0 4
privilege level 15
password cisco
login
length 0
!
scheduler allocate 20000 1000
!
end

R6:

version 12.4
no service pad
no service timestamps debug uptime
no service timestamps log uptime
no service password-encryption
!
hostname Rack1R6
!
boot-start-marker
boot system flash:
warm-reboot
boot-end-marker
!
logging message-counter syslog
logging buffered 4444096
no logging console
enable secret 5 $1$y2DI$z7s4dcWZpwU7NjVv42Nb40
!
no aaa new-model
dot11 syslog
ip source-route
no ip icmp rate-limit unreachable
!
ip cef
no ip domain lookup
no ipv6 cef
!
multilink bundle-name authenticated
!
archive
log config
hidekeys
!
ip tcp synwait-time 5
!
interface Loopback0
ip address 6.6.6.6 255.255.255.255
ip ospf 1 area 0
!
interface GigabitEthernet0/0
no shutdown
no ip address
duplex auto
speed auto
!
interface GigabitEthernet0/0.36
description INTERNAL INTERFACE TO R3
encapsulation dot1Q 36
ip address 173.1.36.6 255.255.255.0
ip ospf 1 area 0
!
router ospf 1
router-id 6.6.6.6
log-adjacency-changes
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
control-plane
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous level 0 limit 20
line aux 0
line vty 0 4
privilege level 15
password cisco
login
length 0
!
scheduler allocate 20000 1000
!
end

SW1:

vtp mode transparent
!
no vtp password
vlan 10
name VLAN0010
vlan 12
name VLAN0012
vlan 14
name VLAN0014
vlan 15
name VLAN0015
vlan 25
name VLAN0025
vlan 34
name VLAN0034
vlan 35
name VLAN0035
vlan 36
name VLAN0036
vlan 172
name VLAN0172
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname HOST-A
!
boot-start-marker
boot-end-marker
!
no logging console
enable password cisco
!
no aaa new-model
system mtu routing 1500
ip subnet-zero
no ip domain-lookup
!
spanning-tree mode rapid-pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
interface range FastEthernet0/1-24
no shutdown
switchport trunk encapsulation dot1q
switchport mode trunk
!
!
interface Vlan10
ip address 10.1.1.100 255.255.255.0
!
ip default-gateway 10.1.1.3
ip classless
no ip http server
no ip http secure-server
!
control-plane
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous level 0 limit 20
line vty 0 4
password cisco
login
line vty 5 15
password cisco
login
!
end

SW2:

vtp mode transparent
!
no vtp password
vlan 10
name VLAN0010
vlan 12
name VLAN0012
vlan 14
name VLAN0014
vlan 15
name VLAN0015
vlan 25
name VLAN0025
vlan 34
name VLAN0034
vlan 35
name VLAN0035
vlan 36
name VLAN0036
vlan 172
name VLAN0172
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname HOST-B
!
boot-start-marker
boot-end-marker
!
no logging console
enable password cisco
!
no aaa new-model
system mtu routing 1500
ip subnet-zero
no ip domain-lookup
!
spanning-tree mode rapid-pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
interface range FastEthernet0/1-24
no shutdown
switchport trunk encapsulation dot1q
switchport mode trunk
!
!
!
interface Vlan10
ip address 10.1.1.101 255.255.255.0
!
ip default-gateway 10.1.1.3
ip classless
no ip http server
no ip http secure-server
!
control-plane
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous level 0 limit 20
line vty 0 4
password cisco
login
line vty 5 15
password cisco
login
!
end

SW3:

vtp mode transparent
!
no vtp password
vlan 10
name VLAN0010
vlan 12
name VLAN0012
vlan 14
name VLAN0014
vlan 15
name VLAN0015
vlan 25
name VLAN0025
vlan 34
name VLAN0034
vlan 35
name VLAN0035
vlan 36
name VLAN0036
vlan 172
name VLAN0172
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname HOST-C
!
no logging console
enable password cisco
!
no aaa new-model
ip subnet-zero
no ip domain-lookup
!
vtp file vlan.dat
!
spanning-tree mode rapid-pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
interface range FastEthernet0/1-24
no shutdown
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface Vlan172
ip address 172.16.1.100 255.255.255.0
!
ip default-gateway 172.16.1.3
ip classless
no ip http server
no ip http secure-server
!
control-plane
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous level 0 limit 20
line vty 0 4
password cisco
login
line vty 5 15
password cisco
login
!
end

SW4:

vtp mode transparent
!
no vtp password
vlan 10
name VLAN0010
vlan 12
name VLAN0012
vlan 14
name VLAN0014
vlan 15
name VLAN0015
vlan 25
name VLAN0025
vlan 34
name VLAN0034
vlan 35
name VLAN0035
vlan 36
name VLAN0036
vlan 172
name VLAN0172
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname HOST-D
!
no logging console
enable password cisco
!
no aaa new-model
ip subnet-zero
no ip domain-lookup
!
vtp file vlan.dat
!
spanning-tree mode rapid-pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
interface range FastEthernet0/1-24
no shutdown
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface Vlan172
ip address 172.16.1.101 255.255.255.0
!
ip default-gateway 172.16.1.3
ip classless
no ip http server
no ip http secure-server
!
control-plane
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous level 0 limit 20
line vty 0 4
password cisco
login
line vty 5 15
password cisco
login
!
end

Ping Script:

tclsh
foreach i {
1.1.1.1
50.1.0.1
50.0.0.1
134.1.1.1
204.12.1.1
192.10.15.1
192.10.14.1
2.2.2.2
50.0.0.2
50.1.0.2
134.1.1.2
204.12.1.2
192.10.25.2
3.3.3.3
10.1.1.3
173.1.36.3
173.1.35.3
173.1.34.3
172.16.1.3
4.4.4.4
173.1.34.4
192.10.14.4
5.5.5.5
173.1.35.5
192.10.15.5
192.10.25.5
6.6.6.6
173.1.36.6
10.1.1.100
10.1.1.101
172.16.1.100
172.16.1.101
} { puts [exec "ping $i"]}
Apr
17

This Sunday (21st April) I'm going to be doing a free 8 hour vSeminar covering Performance Routing (PfR) starting at 10am PDT. To sign up go here.

I will start off with an introduction to PfR. Then I will cover the basics of PfR. Next I will cover advanced PfR configuration along with troubleshooting. The session will start off using 12.4(15)T to cover the basics and around the second break I will switch the IOS to 15.1T and lastly switch over to IOS XE 3.9 using the CSR1000v. I will cover how PfR is used in production and how PfR can be used in your network today.

A standard topology will be followed throughout the session and all of the scenario configurations, diagrams, etc will be available after the session for you to either do on your own rack or our rental racks. I'll publish the topology on Friday in the event you want to follow along with the live session. I've structured this session differently in that when the recordings are released you'll be able to follow along with the videos which I think is key to learning a technology like this.

The previous session that I did covering PfR will be replaced with this session. The new session will be available for download on the 25th of April. This PfR session will be better than my previous PfR session but the jokes maybe the same.

Lastly this vSeminar is a great chance for everyone to see the style of bootcamps we run here at INE if you are looking for a training solution.

May
23

Here is the link to the PfR/OER videos as promised.

http://www.ine.com/all-access-pass/training/playlist/ccie-rs-pfr-vseminar

This recording was taken during my 10 Day R&S Bootcamp here in our new Bellevue, WA classroom so if you ever wondered what one of my bootcamps were like, now you'll know ;-) I did keep the jokes down since it was streamed live and being recorded. Also here is a picture of the bootcamp from the last day. A couple students had early flights and missed the picture but the gentleman on my right was the Bing employee that I was referring to in a couple of the jokes. Hopefully he'll now be infamous ;-)

If anyone has any other topics they would like to see covered let me know. I want to do a session next week on how to prepare for the R&S CCIE Lab but I could also do an additional technical topic. Let me know what you all would like to see: IOS QoS, Layer 2 QoS, ZFW, Multicast Troubleshooting, MPLS VPN Troubleshooting, etc. I could take a lab from the new R&S CCIE Troubleshooting Bootcamp and walk through it. Here are a couple of the topologies we are using: Link

Subscribe to INE Blog Updates