If you want to communicate to anything other than your connected network, you must have routes for the destinations. This can be a scale issue when one wants to communicate with random IP addresses like when surfing around on the Internet. Basically you have two options to do this. Either you know all the destinations, or you have a default route(r) that blindly takes care of reachability for you. I’d like to walk through the various protocols to see how you can inject a default route.

VACL

VLAN Access List can be used to filter traffic within a VLAN. A feature that is easily overlooked when troubleshooting connectivity problems at L2. It is configured a bit like a route-map. Let’s have a look at a simple topology to demonstrate how it works:

Say we want to not allow any devices on Vlan 12 to be able to ping each other. We can achieve this using a VACL.

Goodbye…

Maximum hop count of 15
 No discard-route
 Classful network command
 No summarization past classful boundary
 No suppression of summary's component network
 Weird timers
 ip default-network madness
 Learning on passive-interfaces
 clear ip route *
 Counting to infinity

 

Linknets: 10.0.xy.0/24
 x = Lowest R
 y = Highest R
Loopback0: R.R.R.R/32

This is the topology I’ll use throughout this page.

PIM

PIM (Protocol Independent Multicast) is the protocol run between routers to signal control plane information and ensure no loops occur. It is protocol independent, because it uses any unicast routing protocol for its RPF (Reverse Path Forwarding) check – the way loops are avoided.

If you are unfamiliar with BGP and the terms used when talking about BGP, you might want to check out the RFC 4271 which has great definitions of the terms.

I will go through how BGP works and address some of its limitations. To do this, I will start with the following topology:

DHCP

DHCP provides a dynamic way of handing out an IP configuration to clients.  I’ll use the following topology.

Adjacency

EIGRP is a simple distance vector protocol. To become neighbors only a few parameters of the Hello packet must match:

• K-values
• AS
• Must be on the same subnet

As soon as you see a Hello packet from a neighbor and the Hello parameters match, you’re adjacent and can start exchanging updates.

DMVPN Topology

Below you see the DMVPN topology I use for demonstrating various configs in the page.

Phase 1

Not many people use Phase 1, because of its obvious drawback: Every packet between spokes must traverse the Hub. So unless you have a really good reason to do it, use Phase 3 instead.

Let me go over a basic MPLS L3 VPN using the topology below.

 

Here AS 2345 makes up the network that will provide the MPLS L3 VPN service to AS 6 and AS 78.

Building a MPLS L3 VPN service requires a couple of technologies for label exchange:

• MPLS – LDP
• BGP – VPNv4

For both LDP and BGP we need reachability of the loopback interfaces of the routers in AS 2345. I will go over the reason for this in a bit.

Transport

OSPF it a protocol of itself. What do I mean by that? Well, you know TCP and UDP. Those are well-known protocols used for communication by a lot of applications. Similarly OSPF is a protocol riding directly on top of IP. It has IP protocol number 89. EIGRP is also a protocol of itself, but BGP for example is not.