BGP EVPN FRR AND ASR1001-X: различия между версиями

Материал из noname.com.ua
Перейти к навигацииПерейти к поиску
(Полностью удалено содержимое страницы)
Метка: очистка
Строка 1: Строка 1:
[[Категория:EVPN]]
  
[[Категория:BGP]]
  
[[Категория:Cisco]]
  
[[Категория:FRR]]
  
 
=FRR + ASR1001=
  
Это статья продолжение [[BGP_EVPN_FRR_simple|настройки FRR]] но теперь к этой схеме я попробую добавить железку ASR1001X
  
 
=Базовая настройка роутера=
  
Эта секция описывает абсолютно базовую настройку, но добавлена для того что бы схему было проще воспроизводить
  
 
==Сервисы==
  
 
<PRE>
  
service timestamps debug datetime msec localtime show-timezone year
  
service timestamps log datetime msec localtime show-timezone year
  
service password-encryption
  
service unsupported-transceiver
  
no platform punt-keepalive disable-kernel-core
  
</PRE>
  
 
<PRE>
  
hostname asr-tf
  
</PRE>
  
<PRE>
  
boot-start-marker
  
boot system bootflash:asr1001-universalk9.03.16.10.S.155-3.S10-ext.bin
  
boot-end-marker
  
</PRE>
  
 
<PRE>
  
aaa new-model
  
aaa authentication login LOCAL-AUTH local-case
  
aaa authorization console
  
aaa authorization exec LOCAL-AUTHORIZATION local
  
</PRE>
  
<PRE>
  
ip name-server 192.168.32.1
  
ip domain name lab
  
</PRE>
  
<PRE>
  
license boot level adventerprise
  
</PRE>
  
<PRE>
  
redundancy
  
mode none
  
</PRE>
  
!
  
interface GigabitEthernet0/1/4
  
no ip address
  
shutdown
  
negotiation auto
  
!
  
interface GigabitEthernet0
  
vrf forwarding Mgmt-intf
  
ip address dhcp
  
negotiation auto
  
!
  
router ospf 1
  
router-id 192.168.32.103
  
redistribute connected subnets route-map REDISTRIBUTE-CONNECTED-TO-OSPF
  
passive-interface default
  
no passive-interface GigabitEthernet0/0/0.806
  
network 10.80.6.0 0.0.0.255 area 0
  
!
  
 
no ip http server
  
no ip http secure-server
  
ip tftp source-interface GigabitEthernet0
  
ip ssh version 2
  
ip ssh pubkey-chain
  
username sirmax
  
key-hash ssh-rsa 9F5937F6C8B84AB1F382B9A5CF3D955E
  
!
  
!
  
ip prefix-list REDISTRIBUTE-CONNECTED-TO-OSPF-LOOPBACK-BLOCK seq 10 permit 192.168.32.0/24 ge 32
  
logging host 192.168.22.221
  
!
  
route-map REDISTRIBUTE-CONNECTED-TO-OSPF permit 10
  
match ip address prefix-list REDISTRIBUTE-CONNECTED-TO-OSPF-LOOPBACK-BLOCK
  
!
  
 
<PRE>
  
line vty 0 4
  
exec-timeout 0 0
  
authorization exec LOCAL-AUTHORIZATION
  
transport input telnet ssh
  
line vty 5 97
  
exec-timeout 0 0
  
authorization exec LOCAL-AUTHORIZATION
  
transport input telnet ssh
  
</PRE>
  
<PRE>
  
ntp logging
  
ntp source GigabitEthernet0
  
ntp server vrf Mgmt-intf 192.168.32.2
  
</PRE>
  
 
 
==111==
  
interface Loopback0
  
ip address 192.168.32.103 255.255.255.255
  
!
  
interface GigabitEthernet0/0/0
  
description Cisco 4948e Gi1/47
  
no ip address
  
negotiation auto
  
!
  
interface GigabitEthernet0/0/0.806
  
description TENANT
  
encapsulation dot1Q 806
  
ip address 10.80.6.251 255.255.255.0
  
!
  
 
=Базовая настройка роутера=
  
Эта секция описывает абсолютно базовую настройку, но добавлена для того что бы схему было проще воспроизводить
  
 
==Сервисы==
  
 
<PRE>
  
service timestamps debug datetime msec localtime show-timezone year
  
service timestamps log datetime msec localtime show-timezone year
  
service password-encryption
  
service unsupported-transceiver
  
no platform punt-keepalive disable-kernel-core
  
</PRE>
  
 
<PRE>
  
hostname asr-tf
  
</PRE>
  
<PRE>
  
boot-start-marker
  
boot system bootflash:asr1001-universalk9.03.16.10.S.155-3.S10-ext.bin
  
boot-end-marker
  
</PRE>
  
 
<PRE>
  
aaa new-model
  
aaa authentication login LOCAL-AUTH local-case
  
aaa authorization console
  
aaa authorization exec LOCAL-AUTHORIZATION local
  
</PRE>
  
<PRE>
  
ip name-server 192.168.32.1
  
ip domain name lab
  
</PRE>
  
<PRE>
  
license boot level adventerprise
  
</PRE>
  
<PRE>
  
redundancy
  
mode none
  
</PRE>
  
!
  
interface GigabitEthernet0/1/4
  
no ip address
  
shutdown
  
negotiation auto
  
!
  
interface GigabitEthernet0
  
vrf forwarding Mgmt-intf
  
ip address dhcp
  
negotiation auto
  
!
  
router ospf 1
  
router-id 192.168.32.103
  
redistribute connected subnets route-map REDISTRIBUTE-CONNECTED-TO-OSPF
  
passive-interface default
  
no passive-interface GigabitEthernet0/0/0.806
  
network 10.80.6.0 0.0.0.255 area 0
  
!
  
 
no ip http server
  
no ip http secure-server
  
ip tftp source-interface GigabitEthernet0
  
ip ssh version 2
  
ip ssh pubkey-chain
  
username sirmax
  
key-hash ssh-rsa 9F5937F6C8B84AB1F382B9A5CF3D955E
  
!
  
!
  
ip prefix-list REDISTRIBUTE-CONNECTED-TO-OSPF-LOOPBACK-BLOCK seq 10 permit 192.168.32.0/24 ge 32
  
logging host 192.168.22.221
  
!
  
route-map REDISTRIBUTE-CONNECTED-TO-OSPF permit 10
  
match ip address prefix-list REDISTRIBUTE-CONNECTED-TO-OSPF-LOOPBACK-BLOCK
  
!
  
 
<PRE>
  
line vty 0 4
  
exec-timeout 0 0
  
authorization exec LOCAL-AUTHORIZATION
  
transport input telnet ssh
  
line vty 5 97
  
exec-timeout 0 0
  
authorization exec LOCAL-AUTHORIZATION
  
transport input telnet ssh
  
</PRE>
  
<PRE>
  
ntp logging
  
ntp source GigabitEthernet0
  
ntp server vrf Mgmt-intf 192.168.32.2
  
</PRE>
  
}}
  
 
==111==
  
interface Loopback0
  
ip address 192.168.32.103 255.255.255.255
  
!
  
interface GigabitEthernet0/0/0
  
description Cisco 4948e Gi1/47
  
no ip address
  
negotiation auto
  
!
  
interface GigabitEthernet0/0/0.806
  
description TENANT
  
encapsulation dot1Q 806
  
ip address 10.80.6.251 255.255.255.0
  
!
  
 
=Базовая настройка роутера=
  
Эта секция описывает абсолютно базовую настройку, но добавлена для того что бы схему было проще воспроизводить
  
 
==Сервисы==
  
 
<PRE>
  
service timestamps debug datetime msec localtime show-timezone year
  
service timestamps log datetime msec localtime show-timezone year
  
service password-encryption
  
service unsupported-transceiver
  
no platform punt-keepalive disable-kernel-core
  
</PRE>
  
}}
  
<PRE>
  
hostname asr-tf
  
</PRE>
  
<PRE>
  
boot-start-marker
  
boot system bootflash:asr1001-universalk9.03.16.10.S.155-3.S10-ext.bin
  
boot-end-marker
  
</PRE>
  
 
<PRE>
  
aaa new-model
  
aaa authentication login LOCAL-AUTH local-case
  
aaa authorization console
  
aaa authorization exec LOCAL-AUTHORIZATION local
  
</PRE>
  
<PRE>
  
ip name-server 192.168.32.1
  
ip domain name lab
  
</PRE>
  
<PRE>
  
license boot level adventerprise
  
</PRE>
  
<PRE>
  
redundancy
  
mode none
  
</PRE>
  
!
  
interface GigabitEthernet0/1/4
  
no ip address
  
shutdown
  
negotiation auto
  
!
  
interface GigabitEthernet0
  
vrf forwarding Mgmt-intf
  
ip address dhcp
  
negotiation auto
  
!
  
router ospf 1
  
router-id 192.168.32.103
  
redistribute connected subnets route-map REDISTRIBUTE-CONNECTED-TO-OSPF
  
passive-interface default
  
no passive-interface GigabitEthernet0/0/0.806
  
network 10.80.6.0 0.0.0.255 area 0
  
!
  
 
no ip http server
  
no ip http secure-server
  
ip tftp source-interface GigabitEthernet0
  
ip ssh version 2
  
ip ssh pubkey-chain
  
username sirmax
  
key-hash ssh-rsa 9F5937F6C8B84AB1F382B9A5CF3D955E
  
!
  
!
  
ip prefix-list REDISTRIBUTE-CONNECTED-TO-OSPF-LOOPBACK-BLOCK seq 10 permit 192.168.32.0/24 ge 32
  
logging host 192.168.22.221
  
!
  
route-map REDISTRIBUTE-CONNECTED-TO-OSPF permit 10
  
match ip address prefix-list REDISTRIBUTE-CONNECTED-TO-OSPF-LOOPBACK-BLOCK
  
!
  
 
<PRE>
  
line vty 0 4
  
exec-timeout 0 0
  
authorization exec LOCAL-AUTHORIZATION
  
transport input telnet ssh
  
line vty 5 97
  
exec-timeout 0 0
  
authorization exec LOCAL-AUTHORIZATION
  
transport input telnet ssh
  
</PRE>
  
<PRE>
  
ntp logging
  
ntp source GigabitEthernet0
  
ntp server vrf Mgmt-intf 192.168.32.2
  
</PRE>
  
}}
  
 
==111==
  
interface Loopback0
  
ip address 192.168.32.103 255.255.255.255
  
!
  
interface GigabitEthernet0/0/0
  
description Cisco 4948e Gi1/47
  
no ip address
  
negotiation auto
  
!
  
interface GigabitEthernet0/0/0.806
  
description TENANT
  
encapsulation dot1Q 806
  
ip address 10.80.6.251 255.255.255.0
  
!
  
 
=Базовая настройка роутера=
  
Эта секция описывает абсолютно базовую настройку, но добавлена для того что бы схему было проще воспроизводить
  
 
==Сервисы==
  
{{#spoiler:show= 111111|
  
<PRE>
  
service timestamps debug datetime msec localtime show-timezone year
  
service timestamps log datetime msec localtime show-timezone year
  
service password-encryption
  
service unsupported-transceiver
  
no platform punt-keepalive disable-kernel-core
  
</PRE>
  
}}}
  
<PRE>
  
hostname asr-tf
  
</PRE>
  
<PRE>
  
boot-start-marker
  
boot system bootflash:asr1001-universalk9.03.16.10.S.155-3.S10-ext.bin
  
boot-end-marker
  
</PRE>
  
 
<PRE>
  
aaa new-model
  
aaa authentication login LOCAL-AUTH local-case
  
aaa authorization console
  
aaa authorization exec LOCAL-AUTHORIZATION local
  
</PRE>
  
<PRE>
  
ip name-server 192.168.32.1
  
ip domain name lab
  
</PRE>
  
<PRE>
  
license boot level adventerprise
  
</PRE>
  
<PRE>
  
redundancy
  
mode none
  
</PRE>
  
!
  
interface GigabitEthernet0/1/4
  
no ip address
  
shutdown
  
negotiation auto
  
!
  
interface GigabitEthernet0
  
vrf forwarding Mgmt-intf
  
ip address dhcp
  
negotiation auto
  
!
  
router ospf 1
  
router-id 192.168.32.103
  
redistribute connected subnets route-map REDISTRIBUTE-CONNECTED-TO-OSPF
  
passive-interface default
  
no passive-interface GigabitEthernet0/0/0.806
  
network 10.80.6.0 0.0.0.255 area 0
  
!
  
 
no ip http server
  
no ip http secure-server
  
ip tftp source-interface GigabitEthernet0
  
ip ssh version 2
  
ip ssh pubkey-chain
  
username sirmax
  
key-hash ssh-rsa 9F5937F6C8B84AB1F382B9A5CF3D955E
  
!
  
!
  
ip prefix-list REDISTRIBUTE-CONNECTED-TO-OSPF-LOOPBACK-BLOCK seq 10 permit 192.168.32.0/24 ge 32
  
logging host 192.168.22.221
  
!
  
route-map REDISTRIBUTE-CONNECTED-TO-OSPF permit 10
  
match ip address prefix-list REDISTRIBUTE-CONNECTED-TO-OSPF-LOOPBACK-BLOCK
  
!
  
 
<PRE>
  
line vty 0 4
  
exec-timeout 0 0
  
authorization exec LOCAL-AUTHORIZATION
  
transport input telnet ssh
  
line vty 5 97
  
exec-timeout 0 0
  
authorization exec LOCAL-AUTHORIZATION
  
transport input telnet ssh
  
</PRE>
  
<PRE>
  
ntp logging
  
ntp source GigabitEthernet0
  
ntp server vrf Mgmt-intf 192.168.32.2
  
</PRE>
  
}}
  
 
==111==
  
interface Loopback0
  
ip address 192.168.32.103 255.255.255.255
  
!
  
interface GigabitEthernet0/0/0
  
description Cisco 4948e Gi1/47
  
no ip address
  
negotiation auto
  
!
  
interface GigabitEthernet0/0/0.806
  
description TENANT
  
encapsulation dot1Q 806
  
ip address 10.80.6.251 255.255.255.0
  
!
  
 
=Базовая настройка роутера=
  
Эта секция описывает абсолютно базовую настройку, но добавлена для того что бы схему было проще воспроизводить
  
 
==Сервисы==
  
{{#spoiler:show= 111111|
  
<PRE>
  
service timestamps debug datetime msec localtime show-timezone year
  
service timestamps log datetime msec localtime show-timezone year
  
service password-encryption
  
service unsupported-transceiver
  
no platform punt-keepalive disable-kernel-core
  
</PRE>
  
<PRE>
  
hostname asr-tf
  
</PRE>
  
<PRE>
  
boot-start-marker
  
boot system bootflash:asr1001-universalk9.03.16.10.S.155-3.S10-ext.bin
  
boot-end-marker
  
</PRE>
  
 
<PRE>
  
aaa new-model
  
aaa authentication login LOCAL-AUTH local-case
  
aaa authorization console
  
aaa authorization exec LOCAL-AUTHORIZATION local
  
</PRE>
  
<PRE>
  
ip name-server 192.168.32.1
  
ip domain name lab
  
</PRE>
  
<PRE>
  
license boot level adventerprise
  
</PRE>
  
<PRE>
  
redundancy
  
mode none
  
</PRE>
  
!
  
interface GigabitEthernet0/1/4
  
no ip address
  
shutdown
  
negotiation auto
  
!
  
interface GigabitEthernet0
  
vrf forwarding Mgmt-intf
  
ip address dhcp
  
negotiation auto
  
!
  
router ospf 1
  
router-id 192.168.32.103
  
redistribute connected subnets route-map REDISTRIBUTE-CONNECTED-TO-OSPF
  
passive-interface default
  
no passive-interface GigabitEthernet0/0/0.806
  
network 10.80.6.0 0.0.0.255 area 0
  
!
  
 
no ip http server
  
no ip http secure-server
  
ip tftp source-interface GigabitEthernet0
  
ip ssh version 2
  
ip ssh pubkey-chain
  
username sirmax
  
key-hash ssh-rsa 9F5937F6C8B84AB1F382B9A5CF3D955E
  
!
  
!
  
ip prefix-list REDISTRIBUTE-CONNECTED-TO-OSPF-LOOPBACK-BLOCK seq 10 permit 192.168.32.0/24 ge 32
  
logging host 192.168.22.221
  
!
  
route-map REDISTRIBUTE-CONNECTED-TO-OSPF permit 10
  
match ip address prefix-list REDISTRIBUTE-CONNECTED-TO-OSPF-LOOPBACK-BLOCK
  
!
  
 
<PRE>
  
line vty 0 4
  
exec-timeout 0 0
  
authorization exec LOCAL-AUTHORIZATION
  
transport input telnet ssh
  
line vty 5 97
  
exec-timeout 0 0
  
authorization exec LOCAL-AUTHORIZATION
  
transport input telnet ssh
  
</PRE>
  
<PRE>
  
ntp logging
  
ntp source GigabitEthernet0
  
ntp server vrf Mgmt-intf 192.168.32.2
  
</PRE>
  
}}
  
 
==111==
  
interface Loopback0
  
ip address 192.168.32.103 255.255.255.255
  
!
  
interface GigabitEthernet0/0/0
  
description Cisco 4948e Gi1/47
  
no ip address
  
negotiation auto
  
!
  
interface GigabitEthernet0/0/0.806
  
description TENANT
  
encapsulation dot1Q 806
  
ip address 10.80.6.251 255.255.255.0
  
!
  
 
=Базовая настройка роутера=
  
Эта секция описывает абсолютно базовую настройку, но добавлена для того что бы схему было проще воспроизводить
  
{{#spoiler:show= 111111|
  
==Сервисы==
  
<PRE>
  
service timestamps debug datetime msec localtime show-timezone year
  
service timestamps log datetime msec localtime show-timezone year
  
service password-encryption
  
service unsupported-transceiver
  
no platform punt-keepalive disable-kernel-core
  
</PRE>
  
<PRE>
  
hostname asr-tf
  
</PRE>
  
<PRE>
  
boot-start-marker
  
boot system bootflash:asr1001-universalk9.03.16.10.S.155-3.S10-ext.bin
  
boot-end-marker
  
</PRE>
  
 
<PRE>
  
aaa new-model
  
aaa authentication login LOCAL-AUTH local-case
  
aaa authorization console
  
aaa authorization exec LOCAL-AUTHORIZATION local
  
</PRE>
  
<PRE>
  
ip name-server 192.168.32.1
  
ip domain name lab
  
</PRE>
  
<PRE>
  
license boot level adventerprise
  
</PRE>
  
<PRE>
  
redundancy
  
mode none
  
</PRE>
  
!
  
interface GigabitEthernet0/1/4
  
no ip address
  
shutdown
  
negotiation auto
  
!
  
interface GigabitEthernet0
  
vrf forwarding Mgmt-intf
  
ip address dhcp
  
negotiation auto
  
!
  
router ospf 1
  
router-id 192.168.32.103
  
redistribute connected subnets route-map REDISTRIBUTE-CONNECTED-TO-OSPF
  
passive-interface default
  
no passive-interface GigabitEthernet0/0/0.806
  
network 10.80.6.0 0.0.0.255 area 0
  
!
  
 
no ip http server
  
no ip http secure-server
  
ip tftp source-interface GigabitEthernet0
  
ip ssh version 2
  
ip ssh pubkey-chain
  
username sirmax
  
key-hash ssh-rsa 9F5937F6C8B84AB1F382B9A5CF3D955E
  
!
  
!
  
ip prefix-list REDISTRIBUTE-CONNECTED-TO-OSPF-LOOPBACK-BLOCK seq 10 permit 192.168.32.0/24 ge 32
  
logging host 192.168.22.221
  
!
  
route-map REDISTRIBUTE-CONNECTED-TO-OSPF permit 10
  
match ip address prefix-list REDISTRIBUTE-CONNECTED-TO-OSPF-LOOPBACK-BLOCK
  
!
  
 
<PRE>
  
line vty 0 4
  
exec-timeout 0 0
  
authorization exec LOCAL-AUTHORIZATION
  
transport input telnet ssh
  
line vty 5 97
  
exec-timeout 0 0
  
authorization exec LOCAL-AUTHORIZATION
  
transport input telnet ssh
  
</PRE>
  
<PRE>
  
ntp logging
  
ntp source GigabitEthernet0
  
ntp server vrf Mgmt-intf 192.168.32.2
  
</PRE>
  
}}
  
 
==111==
  
interface Loopback0
  
ip address 192.168.32.103 255.255.255.255
  
!
  
interface GigabitEthernet0/0/0
  
description Cisco 4948e Gi1/47
  
no ip address
  
negotiation auto
  
!
  
interface GigabitEthernet0/0/0.806
  
description TENANT
  
encapsulation dot1Q 806
  
ip address 10.80.6.251 255.255.255.0
  
!
  

Версия 18:12, 22 февраля 2025

Источник — https://noname.com.ua/mediawiki/index.php?title=BGP_EVPN_FRR_AND_ASR1001-X&oldid=14226