Re: IEWB - VOL 1 , LAB 1 , Q 12.8

From: Petr Lapukhov (petrsoft@gmail.com)
Date: Wed Apr 05 2006 - 06:17:20 GMT-3

• Next message: Alexei Monastyrnyi: "Re: VTP!!"
• Previous message: Spoerr, Mathias: "AW: DEFAULT-NEWORK , DEFAULT-GATEWAY - STATIC ROUTES"
• Maybe in reply to: Mohammed Shameen Abdul Jabbar: "IEWB - VOL 1 , LAB 1 , Q 12.8"
• Next in thread: Arun Arumuganainar: "Re: IEWB - VOL 1 , LAB 1 , Q 12.8"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

You probably still advertise your network space to BB3,
that's it can see your addresses.

You need to conceal you internal networks, so that BB3
could only see connections originated from directly connected
IP (on the link b/w R3 and BB3).

look at

R3#sh ip bgp neigh <BB3_IP> advertised-routes

filter your updates with prefix-list/distribute-list/route-maps
if necessary.

HTH
Petr

2006/4/5, Mohammed Shameen Abdul Jabbar <ccie.xpert@gmail.com>:
>
> Thanx Petr for your reply. It was a problem with an extra access-list.
> The problem of BGP neighbor formation is solved.
>
> I have a diffrent issue now.
> As per the lab requirements, " BB3 and its customers should not have
> specific reachability information about your network.Instead, BB3
> should only have reachability to the network behind R3, if a
> connection is initiated from inside R3 network"
>
> This is not happening. I am able to ping the IPs behind R3 even if a
> connection is not initiated from the network behind R3.
>
> The routing table of BB3 is as follows:
> BB3#sh ip route
> Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
> D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
> N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
> E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
> i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter
> area
> * - candidate default, U - per-user static route, o - ODR
> P - periodic downloaded static route
>
> Gateway of last resort is not set
>
> C 204.12.1.0/24 is directly connected, Ethernet0
> 2.0.0.0/24 is subnetted, 1 subnets
> B 2.2.2.0 [20/0] via 204.12.1.3, 00:21:07
> 3.0.0.0/24 is subnetted, 1 subnets
> C 3.3.3.0 is directly connected, Loopback0
> 54.0.0.0/24 is subnetted, 1 subnets
> B 54.1.1.0 [20/0] via 204.12.1.3, 00:21:07
> 172.21.0.0/32 is subnetted, 1 subnets
> B 172.21.1.1 [20/0] via 204.12.1.3, 00:21:07
> 10.0.0.0/24 is subnetted, 1 subnets
> C 10.10.10.0 is directly connected, Loopback10
> 183.1.0.0/24 is subnetted, 6 subnets
> B 183.1.58.0 [20/0] via 204.12.1.3, 00:21:08
> B 183.1.46.0 [20/0] via 204.12.1.3, 00:21:09
> B 183.1.17.0 [20/0] via 204.12.1.3, 00:21:09
> B 183.1.2.0 [20/0] via 204.12.1.3, 00:21:09
> B 183.1.0.0 [20/0] via 204.12.1.3, 00:21:09
> B 183.1.123.0 [20/0] via 204.12.1.3, 00:21:09
> B 192.10.1.0/24 [20/0] via 204.12.1.3, 00:21:09
> 150.1.0.0/24 is subnetted, 8 subnets
> B 150.1.7.0 [20/0] via 204.12.1.3, 00:21:09
> B 150.1.6.0 [20/0] via 204.12.1.3, 00:21:09
> B 150.1.5.0 [20/0] via 204.12.1.3, 00:21:09
> B 150.1.4.0 [20/0] via 204.12.1.3, 00:21:09
> B 150.1.3.0 [20/0] via 204.12.1.3, 00:21:09
> B 150.1.2.0 [20/0] via 204.12.1.3, 00:21:09
> B 150.1.1.0 [20/0] via 204.12.1.3, 00:21:09
> B 150.1.11.0 [20/0] via 204.12.1.3, 00:21:09
>
> The nat config on R3 is below:
>
> ip nat inside source list 2 interface Ethernet0/0 overload
> access-list 2 permit 183.1.0.0 0.0.255.255
>
> I am not sure whether i am meeting the requirments of the question here.
>
> On 4/5/06, Petr Lapukhov <petrsoft@gmail.com> wrote:
> > Hello,
> >
> > Provide your configuration snapshot, please.
> >
> > You probably forget to use "overload" keyword,
> > or something :)
> >
> > Petr
> >
> > 2006/4/5, Mohammed Shameen Abdul Jabbar <ccie.xpert@gmail.com>:
> > >
> > > Hi everyone,
> > >
> > > I am doin my IE labs.
> > >
> > > Host network -------- R3 ---EBGP--- BB3
> > >
> > > In the scenario I am in , it requires me to configure a NAT on R3 so
> > > that any IP behind R3 can communicate with BB3 but BB3 can only
> > > communicate with the IP's behind R3 only if a communication was
> > > initiated by hosts behind R3.
> > >
> > > If NAT is not configured everything works perfectly. The bgp session
> > > is established , the networks are advertised as required. But as soon
> > > as NAT is configured , the BGP session drops. And i loose all my
> > > NLRI's
> > >
> > > I know there's something wrong i am doing. I will just go through
> > > examples of BGP on www.cisco.com and will try to find out. Any inputs
> > > will be highly appreciated.
> > >
> > > regards
> > > shamin
> > >
> > >
> _______________________________________________________________________
> > > Subscription information may be found at:
> > > http://www.groupstudy.com/list/CCIELab.html

• Next message: Alexei Monastyrnyi: "Re: VTP!!"
• Previous message: Spoerr, Mathias: "AW: DEFAULT-NEWORK , DEFAULT-GATEWAY - STATIC ROUTES"
• Maybe in reply to: Mohammed Shameen Abdul Jabbar: "IEWB - VOL 1 , LAB 1 , Q 12.8"
• Next in thread: Arun Arumuganainar: "Re: IEWB - VOL 1 , LAB 1 , Q 12.8"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Mon May 01 2006 - 11:41:56 GMT-3