CCNP SP ADV Route

IOS XR configurations

- Single-homed customer using static routing

and a single ip address

CE IOS directly connected to PE

int g0/1
ip add 209.165.201.130 255.255.255.252
no shut
!
ip route 0.0.0.0 0.0.0.0 g0/1
!
router ospf 1
default -information oiginate
!
end

PE directly connected to CE

conf t
interface g0/0/0/1
ipv4 add 209.168.201.129/30
no shut
!
route-policy INTO_BGP
if destination in (209.165.201.128/25 eq 30) then
set community (no-export)
endif
end-policy
!
router bgp 123
address ipv4 unicast
redistribute connected route-policy INTO_BGP
!
commit
end

PE edge on the same ISP (exit point)

conf t
router bgp 123
addr ipv4 uni
aggregate-address 209.165.201.0/24 summary-only
!
commit
end

USING regular IOS on customer facing PE

interface g0/1
ip add 209.165.201.129 255.255.255.252
no shut
!
ip prefix-list CUSTOMER_ROUTES permit 209.165.201.128/30 ge 30 le 30
!
route-map INTO_BGP permit 10
match ip add prefix CUSTOMER_ROUTES
set community no-export
!
router bgp 123
redistribute connected route-map INTO_BGP
nei 209.165.201.10 send-community
!
end

__________________________________

Single-homed using static routes and multiple addresses

ON CE directly connected with PE regular IOS

int g0/1
ip add 209.165.201.2 255.255.255.252
no shut
!
ip add 0.0.0.0 0.0.0.0 gi0/1
!
router ospf 1
default-information originate
!
end

PE facing CE IOS XR

int g0/0/0/41
ipv4 add 209.165.201.1/30
no shut
!
router static
address ipv4 uni
209.165.201.128/28 209.165.201.2 tag 1000
!
route-policy INTO_BGP
if tag eq 1000 then
set community (no-export)
endif
end-policy
!
router bgp 123
addr ipv4 uni
redistribute connected route-policy INTO_BGP
!
commit
end

PE edge (exit point)

router bgp 123

addr ipv4 uni
aggregate-add 209.165.201.0/24 summary-only
!
commit
!
end

PE facing CE configuration IOS example

int g0/1
ip add 209.165.201.1 255.255.255.252
no shut
!
ip route 209.165.201.1285 255.255.255.240 209.165.201.2 tag 1000
!
route-map INTO_BGP permit 10
match tag 1000
set community no-export
!
router bgp 123
redistribute static route-map INTO_BGP
!
end

___________________________________________

Dual-attached Customers using routing in a primary

and backup scenario

Config of CE1 facing PE1 IOS

int g0/1
ip add 209.165.201.2 255.255.255.252
no shut
!
ip route 0.0.0.0 0.0.0.0 gi0/1
!
router ospf 1
default-information originate
!
end

Config of CE2 facing PE2 IOS

int g0/1
ip add 209.165.201.6 255.255.255.252
no shut
!
ip route 0.0.0.0 0.0.0.0 gi0/1 250
!
router ospf 1
default-information originate
!
end
Config of CE1 facing PE1 IOS XR

int g0/0/0/1
ipv4 add 209.165.201.1 255.255.255.252
no shut
!
router static
add ipv4 uni
209.165.201.128/28 209.165.201.2 tag 1000
!
route-policy INTO_BGP
if tag eq 1000 then
set community (no-export)
endif
end-policy
!
router bgp 123
add ipv4 uni
redistribute static route-policy INTO_BGP
!
commit
end

Config of CE2 facing PE2 IOS XR

int g0/0/0/1
ipv4 add 209.165.201.5 255.255.255.252
no shut
!
router static
add ipv4 uni
209.165.201.128/28 209.165.201.6 tag 1001 250
!
route-policy INTO_BGP
if tag eq 1001 then
set community (no-export)
set local-preference 50
set weight 0
endif
end-policy
!
router bgp 123
add ipv4 uni
redistribute static route-policy INTO_BGP
!
commit
end

config ON the backup PEs using IOS

int g0/1
ip add 209.165.201.5 255.255.255.252
no shut
!
ip route 209.165.201.128/28 209.165.201.6 tag 1001 250
!
route-map INTO_BGP permit 10
match tag 1001
set community no-export
set local-preference 50
set weight 0
!
router bgp 123
redistribute static route-map INTO_BGP
neigh 209.165.201.10 send-community
!
end

_________________________________________________

Dual attached customers using static Routng in a load-balancing

scenario

Config of CE1 facing PE1 IOS

int g0/1
ip add 209.165.201.2 255.255.255.252
no shut
!
ip route 0.0.0.0 0.0.0.0 gi0/1
!
router ospf 1
default-information originate
!
end

Config of CE2 facing PE2 IOS

int g0/1
ip add 209.165.201.6 255.255.255.252
no shut
!
ip route 0.0.0.0 0.0.0.0 gi0/1 250
!
router ospf 1
default-information originate
!
end

Config on PE1 IOS XR

router static
addr ipv4 uni
209.165.201.128/28 209.165.201.2 tag 1000
209.165.201.128/29 209.165.201.2 tag 1000
!
route-policy INTO_BGP
if tag eq 1000 then
set community (no-export)
endif
end-policy
!
router bgp 123
add ipv4 uni
redistribute static route-policy INTO_BGP
!
commit
end

Config on PE2 IOS XR

router sttatic
addr ipv4 uni
209.165.201.128/28 201.165.201.6 tag 1001
209.165.201.136/29 201.165.201.6 tag 1001
!
route-policy INTO_BGP
if tag eq 1001 then
set community (no-export)
endif
end-policy
!
router bgp 123
add ipv4 uni
redistribute static route-policy INTO_BGP
!
commit
end

Config on PE2 lower using IOS

ip route 209.165.201.128 255.255.255.240 209.165.201.6 tag 1001

ip route 209.165.201.136 255.255.255.248 209.165.201.6 tag 1001
!
route-map INTO_BGP permit 10
match tag 1001
set community no-export
!
router bgp 123
redistribute static route-map INTO_BGP
neigh 209.165.201.10 send-community
!
end

_________________________________________________________

Dual attached customers using BGP config

CE router IOS

ip route 209.165.201.128 255.255.255.240 209.165.201.135

!
router bgp 65001
nei 209.165.201.5 remote 123
nei 209.165.201.129 remote 65001
!
net 209.165.201.125 mask 255.255.255.240
!
router ospf 1
default-information originate
!

Config in the PE IOS XR

route-pplicy DEFAULT
if destination in (0.0.0.0/0) then
pass
endif
end-policy
!

route-policy CUSTOMER
if destination in (209.165.201.128/28) and
as-path in (ios-regex '^65001(_65001)*$')
then
set community (no-export)
endif
end-policy
!
router bgp 123
addr ipv4 uni
neigh 209.165.201.6
remote 65001
add ipv4 uni
default-originate
route-policy DEFAULT
route-policy CUSTOMER
remove-private-as
!
commit
!
end

Config PE using IOS

ip as-path access-list 1 permit ^65001(_65001)$

!
ip prefix-list DEFAULT permit 0.0.0.0/0
ip prefix-list CUSTOMER permit 209.165.201.128/28
!
route-map CUSTOMER_MAP permit 10
match ip add prefix CUSTOMER
set-community no-export
!
router bgp 123
neigh 209.165.201.6 remote 65001
neigh 209.165.201.6 send-community
neigh 209.165.201.6 route-map CUSTOMER_MAP in
neigh 209.165.201.6 prefix DEFAULT oout
neigh 209.165.201.6 filter-list 1 in
!
end
________________________________________________

SP Migration using local AS

CE (As 65001) connect with PE AS 123

Another SP buys AS 123, and migrate to AS 234

PE

conf t
no router bgp 123
!
router bgp 234
nei 209.165.201.6
remote 65001
local-as 123 no-prepend replace-as
!
commit
!
end

____________________________________________

Dual attached Customers using BGP in a prmiary

and backup scenario

IOS CE primary

router bgp 65001

nei 209.165.201.1 rmeote 123
nei 209.165.201.1 route-map HIGH_LP in
nei 209.165.201.130 remote 65001
!
net 209.165.201.128 mask 255.255.255.240
!
!
route-map HIGH_LP permit 10
set local-preference 200
!
end

IOS CE Backup

router bgp 65001

nei 209.165.201.129 remote 65001
nei 209.165.201.5 remote 123
nei 209.165.201.5 route-map HIGH_MED out
!
network 209.165.201.128 mask 255.255.255.240
!
!
route-map HIGH_MED permit 10
set metric 10
!
!
end

_________________________

Dual attached customers using BGP in a Load balancing scenario

IOS XR

router bgp 123

add ipv4 uni
maximum-paths ibgp 2
!
end

IOS

router bgp 123

maximum-paths ibgp 2
!

- Load balancing eBGP multihop

parallel links O====O

IOS CE

int lo0
ip add 209.165.201.2 255.255.255.255
!
router bgp 65001
nei 209.165.201.1 remote 12
nei 209.165.201.1 update lo0
nei 209.165.201.1 ebgp-multihop 2
!
end

IOS XR

router bgp 123

add ipv4 uni
nei 209.165.201.2
remote 65001
update lo0
ebgp-multihop 2
!
commit
end

_________________________

Customer-Implemented BGP Routing policies in a load-balancing

scenario
O=======O
O=======O

IOS CE1

ip as-path access-list 1 permit [02468]$

!
route-map FROM_AS123 permit 10
match as-path 1
set local-preference 200
!
route-map FROM_AS123 permit 20
!
ip prefix-list TO_AS123 permit 209.165.201.128/28
ip prefix-list TO_AS123 permit 209.165.201.128/29
!
!
router bgp 65001
nei 209.165.201.1 remote 123
nei 209.165.201.1 route-map FROM_AS123 in
nei 209.165.201.1 prefix-list TO_AS123 out
!
net 209.165.201.128 mask 255.255.255.240
net 209.165.201.128 mask 255.255.255.248
!
end

CE2

ip as-path access-list 1 permit [13579]$

!
route-map FROM_AS123 permit 10
match as-path 1
set local-preference 200
!
route-map FROM_AS123 permit 20
!
ip prefix-list TO_AS123 permit 209.165.201.128/28
ip prefix-list TO_AS123 permit 209.165.201.136/29
!
router bgp 65001
nei 209.165.201.5 remote 123
nei 209.165.201.5 route-map FROM_AS123 in
nei 209.165.201.5 prefix-list to_as123 out
!
net 209.165.201.128 mask 255.255.255.240
net 209.165.201.136 mask 255.255.255.248
!
end

___________________________
SP aided BGP routing policy in a primary and backup scenario

Using signaling

O=======O========O
O=======O========O
.6 .5

Using IOS XR PE2 (SP backup) facing CE2

!
route-policy CUST_NET_LP
if community matches_any (50) then
set local-preference 50
!
endif
endpolicy
!
router bgp 234
nei 209.165.201.6
remote 345
addr ipv4 uni
route-policy CUST_NET_LP in
!
!

PE exit to another AS (456)

route-policy CUST_NET_PREPEND
if community matches-any (3) then
prepend as-path 234 3
!
endif
end-policy
!
router bgp 234
nei 209.165.201.12
remote 456
add ipv4 uni
route-policy CUST_NET_PREPEND out
!
end

USING IOS PE2 (SP backup) facing CE2

ip community-list 1 permit 50
!
route-map CUST_NET_LP permit 10
match community 1
set local-preference
!
router bgp 234
nei 209.165.201.6 remote 345
nei 209.165.204.6 route-map CUST_NET_LP in
!
end

USING IOS PE exit to another AS (456)

!
ip community-list 1 permit 3
!
route-map CUST_NET_PREPEND permit 10
match community 1
set as-path prepend 243 243 243
!
router bgp 234
nei 209.165.201.12 remote 456
enigh 209.165.201.12 route-map CUST_NET_PREPEND out
!
end

_________________________________________________________________

BGP Policy accounting (sopported only for ipv4)

IOS XR PE facing CE

on PE

conf t
route-policy BGP_ACCOUNTING
if as-path originates-from '234' then
set traffic-index 11
endif
end-policy
!
router bgp 123
add ipv4 uni
table-policy BGP_ACCOUNTING
!
int g0/0/0/1
ipv4 bgp policy accounting input source-accounting
!
end

IOS

ip as-path access-list 1 permit _234$

!
route-map BGP_ACCOUNTING permit 10
match as-pat 1
set traffic-index 11
!
router bgp 123
table-map BGP_ACCOUNTING
!
int g0/1
bgp-policy accouting input source
!

sh cef 209.165.201.128/28 detail

sh cef interface g0/0/0/1 bgp-policy-statistics

________________________

BGP RR

IOS XR

conf t
router bgp 123
bgp cluster-id 17
neigh 10.0.0.3
remote 123
add ipv4 uni
route-reflector-client
!
nei 10.0.0.1
remote 123
add ipv4 uni
!
commit
end

sh bgp nei 10.0.0.3

sh bgp 209.165.201.128

_____________________
BGP Route limit

IOS

router bgp 123

nei 209.165.201.130 remote 234
nei 209.165.201.130 maximum-prefix 10 70 restart 5
!
nei 2001:db8:128::130 remote 234
add ipv6 uni
nei 2001:db8:128::130 activate
nei 2001:db8:128::130 maximum-prefix 10 70 retart 5
!
end

IOS XR

conf t
router bgp 123
nei 209.165.201.134
remote 345
add ipv4 uni
maximum=prefix 100000 80 restart 5
!
nei 2001:db8:132::134
remote 345
add ipv6 uni
maximum-prefix 10000 80 restart 5
!
commit
end

sh bgp nei 209.165.201.134

_______________________

CoPP Control Plane Policing in BGP

IOS

conf t
router bgp 123
nei 209.165.201.129 pass Cisc()
nei 209.165.201.129 ttl-security hops 1
!
!
ip access-list ext BGP
permit tcp host 209.165.201.129 host 209.165.201.130 eq bgp
permit tcp host 209.165.201.129 eq bgp host 209.165.201.130
deny ip any any
!
class-map BGP_CLASS
match access-group name BGP
!
policy-map COPP_POL
match BGP_CLASS
police rate 200 pps conform-action transmit exceed-action drop
!
!
control-plane
service-policy input COPP_POL
!
end

IOS XR LPTS Local Packet Transport Services

conf t
router bgp 123
nei 209.165.201.130
pass Cisc()
ttl-security
!
!
lpts pifib hardware police
flow bgp configured rate 200
flow bgp default rate 200
flow bgp known rate 200
!
!
commit
end

On IOS XR only (authentication)

conf t
key chain BGP_KEY
key 1
cryptographic-algorithm HMAC-SHA1-12
key-string C!sc()
!
router bgp 123
nei 209.156.201.130
keychain BGP_KEY
!
!
end

__________________________________

Remote-Triggered Black-Hole (RTBH filtering)

Destination_based RTBH

O P1
PE | PE2
O------------O----------O-----------O-----------O
Customer P2 Attacker
209.165.201.128/28 209.165.201.144/28

P1,PE IOS XR

conf t
router static
add ipv4 uni
192.0.2.0/24 null0
!
end

P2 IOS XR Signaling router

conf t
router static
add ipv4 uni
192.0.2.0/24 null0
!
!
route-policy RTBH
if tag is 666 then
set next-hop 192.0.2.1
set community (no-export)
set local-preference 1000
endif
end-policy
!
router bgp 123
add ipv4 uni
redistribute static route-policy RTBH
!
commit
end

P2 IOS XR Signaling router

When attack has been detected !!!

conf t
router static
add ipv4 uni
209.165.201.128/28 null0 tag 666
!
!
commit
end

sh bgp
LP = 1000 next hop = 192.0.2.1

ping 209.165.201.129
uuuuu

___________________

Source RTBH

Source_based RTBH

O P1
PE | PE2
O------------O----------O-----------O-----------O
Customer P2 Attacker
209.165.201.128/28 209.165.201.144/28

IOS XR PE2

conf t
router static
addr ipv4 uni
192.0.2.0/24 null0
!
int g0/0/0/0 (facing attacker)
ipv4 verify unicast source
reachable-via rx
!
!
end

P2 Signaling IOS XR
conf t
router static
add ipv4 uni
192.0.2.0/24 null0
!
!
route-policy RTBH
if tag is 666 then
set next-hop 192.0.2.1
set community (no-export)
endif
end-policy
!
router bgp 123
add ipv4 uni
redis static route-policy RTBH
!
end

P2 Signaling IOS XR
When attack has been detected!!!

router static
add ipv4 uni
209.165.201.144/28 null0 tag 666
!
commit
!
end

_________________________

BGP NSF and NSR

IOS XR

conf t
router bgp 123
nsr
!
bgp graceful-restart (NSF)
!

IOS

conf t
router bgp 123
bgp graceful-restart

IOS NSR

conf t
router bgp 123
bgp graceful-restart
nei 209.165.201.130 ha=mode sso
!
!
end

Restarting BGP process IOS XR

1- Enter admin mode

2- process restart command
3- followed by the job ID of the BGP process

to determined the job ID of the BGP process

sh processes bgp

_____________

BGP Route dampening

IOS

router bgp 123

bgp dampening 10 1000 3000 40
HL reuse suppress max-suppress-time

IOS XR

conf t
route-policy BGP_DAMP
if destination in (209.165.201.144/28) then
set dampening halflife 10 suppress 3000 reuse 1000 max-suppress 40
endif
end-policy
!
router bgp 123
add ipv4 uni
bgp dampening route-policy BGP_DAMP
!
end

IOS XR

sh bgp 209.165.201.144/28
sh bgp dampened-paths

debug addr ipv4 dampening

sh add ipv4 bgp flap-statistics
clear bgp add ipv4 dampening 1.1.1.1/28
clear bgp add ipv4 flap-statistics 1.1.1.1/32

_________________________
BGP CPU process utilization
IOS

sh processes cpu | i BGP

IOS XR

sh processes bgp

____________________________

PMTU Discovery ,HOLD queue , Distributed BGP config

IOS

conf t
ip tcp path-mtu-discovery (enables PMTU discovery)
!
int g0/0
hold-queue 1000 in (increase in out queue)
!

sh ip bgp nei | i Datagrams

sh int g0/0/0
input queue: 0/1000/0/0 (size/max/drops/flushes):Total output drops: 0

IOS XR

conf t
tcp path-mtu-discovery

IOS XR

conf t
router bgp 123
distributed speaker 1 (enables distributed speaker)
distributed speaker 2 process
nei 10.0.101.1
speaker-id 1
nei 10.0.102.1 allocates a speaker process to
speaker-id 2 a neigh
!
end

sh bgp process

____________________________

BGP PIC Prefix Independent Convergence

IOS
router bgp 234
add ipv4 uni
bgp additional-paths install
!
add ipv6 uni
bgp additional-paths install
!
end

IOS XR

conf t
route-policy ALL
pass
end-policy
!
router bgp 234
add ipv4 uni
additional-paths selection route-policy ALL
!
add ipv6 uni
additional-paths selecton route-policy ALL
!
end

______________________
BGP BFD

IOS

int g0/0
bfd interval 100 min_rx 100 multplier 3
!
router bgp 123
nei 10.1.1.6 fall-over bfd
!
end

router bgp 123

bfd minimal-interval 100
bfd multiplier 3
!
nei 10.1.1.5
bfd fast-detect
!
commit
end

____________________
BGP Scan time , adver interval, keep alive hold time

IOS
conf t
router bgp 123
bgp scan-time 30
nei 10.10.20.1 advertiment-interval 10
nei 10.10.20.1 timers 30 90
!
end

IOS XR

conf t
router bgp 123
bgp scan-time 30
nei 10.10.10.1
advertiment-interval 10
timers 30 90
!
end

sh bgp process

sh bgp nei 10.0.1.1 | i advertisement

_____________________________

BGP Scalabiity peer-groups

IOS

conf t
router bgp 123
nei CUST peer
nei CUST route-map TEST in
nei CUST route-map TEST2 out
nei CUST pass Cisc()
nei CUST maximum-prefix 10
!
nei 10.1.1.1 remote 234
nei 10.1.1.1 peer CUST
!
end

BGP config templates IOS XR

conf t
router bgp 123
af-group IPV4 add ipv4 uni
route-policy CUST_IN in
route-policy CUST_OUT out
maximum-prefix 10
!
neighbor-group EBGP (session-group can also be use here)
pass C!sc()
ttl-security
update lo0
add ipv4 uni
use af-group IPV4
!
nei 209.165.201.130
remote 234
use neighbor-group EBGP
!
end

sh bgp af-group IPV$ config

sh bgp af-group IPV$ users

sh bgp neighbor-group EBGP config

sh bgp neighbor-group EBGP users

sh bgp nei 209.165.201.130 config

____

IOS BGP peer session templates

IOS

conf t
router bgp 123
template peer-policy EBGP_POLICY
route-map CUST_IN in
route-map CUST_OUT out
maximum-prefix 10
!
template peer-session EBGP_SESSION
pass C!sc()
ttl-security hops 2
update lo0
!
nei 201.165.201.10 remote 111
nei 209.165.201.10 inherit peer-session EBGP_SESSION
!
add ipv4 uni
nei 209.165.201.130 inherit peer-policy EBGP_POLICY
!

sh ip bgp template peer-session

sh ip bgp template peer-policy

sh ip bgp nei 209.165.201.130 policy

_____________________________

Multicast
MCast NSF

IOS XR

conf t
multicast-routing
nsf
!
end

____________________________

IGMP configuration
topology page 86

R1 facing HOST1
conf t
ip multicast-routing
!
int g0/1 (connected to host1)
ip pim sparse-mode
ip igmp version 3
ip igmp query-interval 60
!
end

IOS XR facing HOST2

conf t
multicast-routing
add ipv4
interf all enable
!
!
router pim
int g0/0/0/0 (connected to host 2)
enable
!
router igmp
versiopn 3
query-interval 60
interface g0/0/0/0
version 3
query-interval 60
!
!
end

Note : CISCO IOS,IOS XE IGMP is enable by default

IOS XR

sh igmp int g0/0/0/0

sh igmp groups
______

IGMP Join-group and static group

same topology as previous example

IOS

conf t
int g0/1
ip igmp join-group 224.1.5.10
ip igmp static-group 224.1.1.11
!
end

IOS XR

conf t
router igmp
int g0/0/0/0
join-group 224.1.5.10
static-group 224.1.5.11
!
end

____________________
configuring IGMPv3 Host stack
topology page 88

IOS XR

conf t
int g0/0/0/0
joing-group 232.2.2.2 1.1.1.1
!

IOS

conf t
int g0/0
ip igmp join-group 232.2.2.2 source 1.1.1.1
!
end

_______________
Configuring IGMP Snooping

Configuration is needed only on switches, transparent to routers and mcast hosts

ip igmp snooping vlan 10

!

sh ip igmp snooping vlan 10 statistics

sh ip igmp snooping groups vlan 10

sh ip igmp snooping mrouter vlan 10

___
IGMP fast-leave

ip igmp snooping vlan 10 immediate-leave

_____________
PIM Snooping

IOS SW

ip pim snooping (Globally)

!
int vlan 10
ip pim snooping

_______________________

MP-BGP Multicast config

Topology page 94

IOS

conf t
ip multicast-routing
!
router bgp 123
nei 209.165.201.1 remote 234
nei 209.165.201.5 remote 234
add ipv uni
nei 209.165.201.1 activate
no neig 209.165.1.5 acitvate
!
add ipv4 multicast
neigh 209.165.201.5 activate
!
end

IOS XR

conf t
router bgp 234
add ipv4 uni
add ipv4 multicast
!
nei 209.165.201.2
remote 123
add ipv4 uni
!
nei 209.165.201.6
remote 123
add ipv4 multicast
!
end

IOS XR

sh bgp ipv4 all summ

sh bgp ipv4 multicast

________________________________

Configuring PIM-SM

IOS

conf t
access-list 1 permit host 10.1.1.1
!
ip multicast-routing
ip pim neighbor-filter 1
!
int g0/0
ip pim sparse-mode
!
end

IOS XR

conf t
ipv4 access-list PIM_FILTER
permit host 10.1.1.2
!
multicast-routing
add ipv4
int g0/0/0/0
enable
!
router pim
neighbor-filter PIM_FILTER
int g0/0/0/0
enable
!
end

____

Configuring Static RP

IOS
conf t
ip pim spt-threshold infinity
!
ip pim rp-address 10.1.1.1
!
end

IOS XR

conf t
router pim
add ipv4
spt-threshold infinity
rp-add 10.1.1.1
!
end

__________

Verification

IOS

sh ip pim int
sh ip pim nei
mrinfo 10.10.1.1 (queries which neigh mcast routers are peering with the local
router)

sh ip pim rp
sh ip rpf
sh ip mroute

IOS XR

sh pim interface
sh pim nei
mrinfo 10.1.1.1

sh pim rpf
sh mrib route

______________

Configuring SSM

IOS

ip pim accept-register list <acl>

ip pim ssm default
!

sh ip igmp ssm-mapping
sh ip igmp groups
IOS XR

conf t
router pim
accept-register <acl>
!
multicast-routing
ssm (allow-override | disable | range)
!
end

sh igmp ssm map

sh igmp group

__________________

Configuring BIDIR - PIM

IOS

ip pim bidir-enable
ip pim rp-address 1.1.1.1 bidir
!
ip pim send-rp-announce e0/0 bidir
ip pim rp-candidate e0/0 bidir

IOS XR

Enable by default

router pim
rp-address 1.1.1.1 bidir
auto-rp candidate-rp g0/0 bidir
!

not-supported (ip pim rp-candidate e0/0 bidir IOS)

____________________________

MSDP configuration

IOS

conf t
ip access-list ext MSDP_ACL
deny ip any host 224.0.1.39
deny ip any host 224.0.1.40
!
ip msdp peer 10.2.1.1 connect-source lo0
ip msdp originator-id lo0
ip msdp ttl-threshold 10.2.1.1 64
ip msdp sa-filter in 10.2.1.1 list MSDP_ACL
ip msdp sa-filter out 10.2.1.1 list MSDP_ACL
ip msdp pass peer 10.2.1.1 Cisc()
!
end

IOS XR

conf t
ipv4 access-list MSDP_ACL
deny ip any host 224.0.1.39
deny ip any host 224.0.1.40
!
router msdp
originator-id lo0
peer 10.1.1.1
connect-source lo0
ttl-threshold 64
pass Cisc()
sa-filter in list MSDP_ACL
sa-filter out list MSDP_ACL
!
end

IOS XR

sh msdp summary

sh msdp sa-cache

heed

________________________
AUTO RP Configuration

IOS

conf t
ip pim send-rp-announce lo0
!
ip pim send-rp-discovery lo0
!
ip pim rp-announce-filter rp-list ACL group-list ACL

IOS XR (Filter not supported)

conf t
router pim
auto-rp candidate-rp lo0
auto-rp mapping-agent lo0
!
end

IOS

sh ip pim rp mapping

______________________
Securing AUTO-RP
IOS XR

conf t
multicast-routing
add ipv4
int g0/0/0/0
boundary AUTO_RP_ACL
!
ipv4 access-list AUTO_RP_ACL
deny host 224.0.1.39
deny host 224.0.1.40
!
end

IOS

int g0/0
ip multicast boundary 1
!
access-list 1 deny 224.0.1.39
access-list 1 deny 224.0.1.40
!
end

__
Filter-autorp

int g0/0
ip multicast boundary 10 filter-autorp
!
access-list 10 permit 224.1.1.1
!
end

____

BSR Configuration

IOS

conf t
ip pim rp-candidate
!

ip pim bsr-candidate lo0

!
end

IOS XR

conf t
router pim
bsr candidate-rp 10.1.1.1
!
bsr candidate-bsr 10.1.1.2
!
end

IOS XR

sh pim bsr election

sh pim bsr rp-cache

________
Constraining BSR messages

IOS XR

conf t
int g0/0/0/0
bsr-border
!
end

IOS

conf t
int g0/0
ip pim bsr-border
!
end

_______________
Anycast RP configuration

IOS

RP1

conf t
host RP1
!
itn lo0
ip add 10.0.0.1 255.255.255.255
!
int lo1
ip add 10.1.1.1 255.255.255.255
!
ip msdp peer 10.0.0.2 connect-source lo0
ip msdp originator-id lo0
ip msdp rp-address 10.1.1.1
!
end

IOS XR

conf t
host RP2
!
int lo0
ipv4 add 10.0.0.2/32
!
int lo1
ipv4 add 10.1.1.1/32
!
router msdp
peer 10.0.0.1 connect-source lo0
originator-id lo0
!
router pim
rp-address 10.1.1.1
!
end

R1

conf t
!
host R1
!
ip pim rp-address 10.1.1.1
!
end

__________________
MLD Configuration

IOS

conf t
ipv6 multicast-routing
!
int g0/0
ipv6 mld query-interval 60
!
end

IOS XR

conf t
multicast-routing
add ipv6
interface all enable
!
router mld
int g0/0/0/0
router enable
query-interval 60
version 2
!

sh mld int g0/0/0/0

sh mld groups

______________

MLD join-group and static-group

IOS

conf t
int g0/1
ipv6 mld join-group <group-address>
ipv6 mld static-group <group-address>
!
end

IOS XR

router mld
int g0/0/0/0
join-group <group-add>
static-group <group-add>
!
end

_______________________________________

DHCP v6 Server configuration

IOS

conf t
ipv6 dhcp pool POOL1
address prefix 2001:db8:a1::/64
dns-server 2001:db8:c1::53
dns-server 2001:db8:c2::53
domain-name example.org
!
int g0/1
ipv6 dhcp server POOL1
ipv6 add 2001:db8:a1::1/64
ipv6 nd managed-config-flags
ipv6 nd other-config-flags
!
end

________________________

Configuring DHCPv6 Prefix Delegation

PE IOS XR

conf t
dhcp ipv6
int g0/0/0/0 server
pd 2001:db8:1::/64
!
int g0/0/0/0
ipv6 add 2001:db8:a::1/64
!
end

PE IOS

conf t
ipv6 uni
!
ipv6 dhcp pool CUSTOMERS
prefix-delegation pool C_PREFIX
!
int g0/0
ipv6 add 2001:db8:a::1/64
ipv6 dhcp server Customers
!
ipv6 local pool C_PREFIX 2001:db8:c::/40 48
!
end

CE IOS

conf t
int g0/0
ipv6 add 2001:db8:a::2/64
ipv6 dhcp client pd PREFIX
!
int g0/1
ipv6 add PREFIX ::1/64
!
end

sh dhcp ipv6 pool

sh dhcp ipv6 binding
sh dhcp ipv6 int
debug dhcp ipv6 det

________________________________

IPV Qos Configuration

IOS XR

conf t
Class-map VOIP
match dscp ipv6 ef
!
policy-map QOS
class VOIP
priority
police rate 10 mbps
conform-action transmit
exceed-action drop
!
class class-default
police rate 100 mbps
conform-action transmit
exceed-action drop
!
int g0/0/0/0
service-policy out QOS
!
end

IOS

conf t
class-map VOIP
match dscp ef
!
policy-map QOS
class VOIP
priority
police rate 10000
conform-action transmit
exceed-action drop
!
class class-default
police rate 100000
conform-actoin transmit
exceed-action drop
!
int g0/0
service-policy out QOS
!
end

________________________________________

Cisco IOS IPv6 Telnet and SSH server support

IOS XR

conf t
telnet ipv6 server max-servers
!
domain name cisco.com
!
crypto key generate rsa general-keys modulus 1024
!
ssh server
!
end
IOS

conf t
ip domain-name cisco.com
!
crypto key generate rsa general-keys modulus 1024
!
line vty 0 4
transport input telnet ssh
!
end

IOS XR

telnet 2001:db8:1:1001:f

ssh 2001:db8:1:1001::f username student

sh cdp neigh details

IOS

conf t
ipv6 cef
!
end

-----
IP SLAs are not available for IPv6 in IOS XR

IOS

conf t
ip sla 99
icmp-echo 3002:100::2 source-interface lo0
flow-label 100
frequency 30
!
ip sla schedule 99 life forever start-time now
!
ip sla 101
tcp-connect 2001:100::2 10001
traffic-class 146
flow-label 101
!
ip sla schedule 101 life forever start-time now
!
end

___________________________________________

Stateful NAT 64 Configuration

ASR1000 (Topology Page 221)

conf t
int g0/0/0
ipv6 add 2001:db8::1/64
nat64 enable
no shut
!
int g0/0/1
ip add 192.0.2.1 255.255.255.0
nat64 enable
no shut
!
ipv6 access-list LIST (Acl that specifies which ipv6 hosts can translate)
permit ipv6 2001:db8::/64 any
!
nat64 prefix stateful 2001:db8::/96 (NAT64 prefix)
nat64 v4 pool POOL 192.0.2.2 192.0.2.254 (Specify ipv4 pool)
nat64 v6v4 list LIST pool POOL overload (Enable NAT64 with PAT)
!
end

________________________

Static Stateful NAT64

(Topology page 223)

ASR 1000

conf t
int g0/0/0
ipv6 add 2001:db8::1/64
nat64 enable
no shut
!
int g0/0/1
ip add 192.0.2.1 255.255.255.0
nat64
no shut
!
ipv6 access-list LIST
permit ipv6 2001:db8::/64 any
!
nat64 prefix stateful 2001:db8::/96
nat64 v4 pool POOL 192.0.2.2 192.0.2.254
nat64 v4v6 static 198.51.100.2 2001:db8::100.2 (Enable static NAT64)
nat64 v6v4 list LIST pool POOL overload
!
end

sh nat64 translation

_______________________________________

6in4 Tunnel configuration Manual config

(Supported only on Cisco ISR series routers and ASR 1000)

(Topology page 2269)
R1

conf t
int t0
ipv6 add 2001:db8:3::1/64
tunnel source g0/0
tunnel dest 209.165.201.6
tunnel mode ipv6ip
no shut
!
ipv6 route 2001:db8:2::/64 tunnel0 2001:db8:3::2
!
end

R2

conf t
int t0
ipv6 add 2001:db8:3::2/64
tunnel source g00
tunnel destin 209.165.201.1
tunnel mode ipv6ip
no shut
!
ipv6 route 2001:db8:1::/64 tunnel0 2001:db8:3::1
!
end

GRE encapsulation configuration

int t0
ipv6 add 2001:db8:3::1/64
tunnel sourc g0/0
tunnel dest 2009.165.201.6
tunnel mode gre ip
no shut
!
end

__________________________________

6to4 automatic tunnels (Obsolete)

(Supported only on Cisco ISR, ASR 1000)

Topology page 229

R1 CE1

conf t
int g0/0
ip add 209.165.201.1 255.255.255.252
no shut
!
int g0/1
ipv add 2002:d1a5:c901::1/64
no shut
!
int t0
ipv6 enable
tunnel source g0/0
tunnel mode ipv6ip 6to4
no shut
!
ipv6 route ::/0 tunnel0
!
end

R2 CE2

conf t
int g0/1
ipv6 add 2002:d1a5:c906::1/64
no shut
!
int t0
ipv6 enable
tunnel sourc g0/0
tunnel mode ipv6ip 6to4
no shut
!
ipv6 route ::/0 tu0
!
end

R3 6to4 RELAY

conf t
int lo0
ip add 192.88.99.1 255.255.255.0
!
int t0
ipv6 enable
tuinnel source lo0
tunnel mode ipv6ip pto4
no shut
!
ipv6 route 2002:d1::/24 tunnel0
!
end

_____________________________________

6RD configuration

(Topology page 233)

(Cisco ASr 1000, ISR routers)
CE1

conf t
int g0/0
ip add 209.165.201.1 255.255.255.252
no shut
!
int g0/1
ipv add 2001:db8:d1a5:c901::1/64
!
int t0
ipv6 enable
tunnel source g0/0
tunnel mode ipv6ip 6rd
tunnel 6rd ipv4 prefix-len 16 (set the common prefix)
tunnel 6rd prefix 2001:db8::/32
tunnel 6rd br 209.165.201.10
!
ipv6 route 2001:db8::/32 tunnel0
ipv6 route ::/0 2001:db8:c90a::
!
end

6RD BR

conf t
itn g0/0
ip add 209.165.201.10 255.255.255.252
no shut
!
int t0
ipv enable
tunnel source g0/0
tunnel mode ipv6ip 6rd
tunnel 6rd ipv4 prefix-len 16
tunnel 6rd prefix 2001:db8::/32 (set the 6RD prefix)
no shut
!
ipv6 route 2001:db8::/32 tun0
!
end